Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

1159 lines
37 KiB

  1. <?php
  2. /**
  3. * Friendica admin
  4. */
  5. require_once("include/remoteupdate.php");
  6. /**
  7. * @param App $a
  8. */
  9. function admin_post(&$a){
  10. if(!is_site_admin()) {
  11. return;
  12. }
  13. // do not allow a page manager to access the admin panel at all.
  14. if(x($_SESSION,'submanage') && intval($_SESSION['submanage']))
  15. return;
  16. // urls
  17. if ($a->argc > 1){
  18. switch ($a->argv[1]){
  19. case 'site':
  20. admin_page_site_post($a);
  21. break;
  22. case 'users':
  23. admin_page_users_post($a);
  24. break;
  25. case 'plugins':
  26. if ($a->argc > 2 &&
  27. is_file("addon/".$a->argv[2]."/".$a->argv[2].".php")){
  28. @include_once("addon/".$a->argv[2]."/".$a->argv[2].".php");
  29. if(function_exists($a->argv[2].'_plugin_admin_post')) {
  30. $func = $a->argv[2].'_plugin_admin_post';
  31. $func($a);
  32. }
  33. }
  34. goaway($a->get_baseurl(true) . '/admin/plugins/' . $a->argv[2] );
  35. return; // NOTREACHED
  36. break;
  37. case 'themes':
  38. $theme = $a->argv[2];
  39. if (is_file("view/theme/$theme/config.php")){
  40. require_once("view/theme/$theme/config.php");
  41. if (function_exists("theme_admin_post")){
  42. theme_admin_post($a);
  43. }
  44. }
  45. info(t('Theme settings updated.'));
  46. if(is_ajax()) return;
  47. goaway($a->get_baseurl(true) . '/admin/themes/' . $theme );
  48. return;
  49. break;
  50. case 'logs':
  51. admin_page_logs_post($a);
  52. break;
  53. case 'dbsync':
  54. admin_page_dbsync_post($a);
  55. break;
  56. case 'update':
  57. admin_page_remoteupdate_post($a);
  58. break;
  59. }
  60. }
  61. goaway($a->get_baseurl(true) . '/admin' );
  62. return; // NOTREACHED
  63. }
  64. /**
  65. * @param App $a
  66. * @return string
  67. */
  68. function admin_content(&$a) {
  69. if(!is_site_admin()) {
  70. return login(false);
  71. }
  72. if(x($_SESSION,'submanage') && intval($_SESSION['submanage']))
  73. return "";
  74. /**
  75. * Side bar links
  76. */
  77. // array( url, name, extra css classes )
  78. $aside = Array(
  79. 'site' => Array($a->get_baseurl(true)."/admin/site/", t("Site") , "site"),
  80. 'users' => Array($a->get_baseurl(true)."/admin/users/", t("Users") , "users"),
  81. 'plugins'=> Array($a->get_baseurl(true)."/admin/plugins/", t("Plugins") , "plugins"),
  82. 'themes' => Array($a->get_baseurl(true)."/admin/themes/", t("Themes") , "themes"),
  83. 'dbsync' => Array($a->get_baseurl(true)."/admin/dbsync/", t('DB updates'), "dbsync"),
  84. //'update' => Array($a->get_baseurl(true)."/admin/update/", t("Software Update") , "update")
  85. );
  86. /* get plugins admin page */
  87. $r = q("SELECT * FROM `addon` WHERE `plugin_admin`=1");
  88. $aside['plugins_admin']=Array();
  89. foreach ($r as $h){
  90. $plugin =$h['name'];
  91. $aside['plugins_admin'][] = Array($a->get_baseurl(true)."/admin/plugins/".$plugin, $plugin, "plugin");
  92. // temp plugins with admin
  93. $a->plugins_admin[] = $plugin;
  94. }
  95. $aside['logs'] = Array($a->get_baseurl(true)."/admin/logs/", t("Logs"), "logs");
  96. $t = get_markup_template("admin_aside.tpl");
  97. $a->page['aside'] .= replace_macros( $t, array(
  98. '$admin' => $aside,
  99. '$admtxt' => t('Admin'),
  100. '$plugadmtxt' => t('Plugin Features'),
  101. '$logtxt' => t('Logs'),
  102. '$h_pending' => t('User registrations waiting for confirmation'),
  103. '$admurl'=> $a->get_baseurl(true)."/admin/"
  104. ));
  105. /**
  106. * Page content
  107. */
  108. $o = '';
  109. // urls
  110. if ($a->argc > 1){
  111. switch ($a->argv[1]){
  112. case 'site':
  113. $o = admin_page_site($a);
  114. break;
  115. case 'users':
  116. $o = admin_page_users($a);
  117. break;
  118. case 'plugins':
  119. $o = admin_page_plugins($a);
  120. break;
  121. case 'themes':
  122. $o = admin_page_themes($a);
  123. break;
  124. case 'logs':
  125. $o = admin_page_logs($a);
  126. break;
  127. case 'dbsync':
  128. $o = admin_page_dbsync($a);
  129. break;
  130. case 'update':
  131. $o = admin_page_remoteupdate($a);
  132. break;
  133. default:
  134. notice( t("Item not found.") );
  135. }
  136. } else {
  137. $o = admin_page_summary($a);
  138. }
  139. if(is_ajax()) {
  140. echo $o;
  141. killme();
  142. return '';
  143. } else {
  144. return $o;
  145. }
  146. }
  147. /**
  148. * Admin Summary Page
  149. * @param App $a
  150. * @return string
  151. */
  152. function admin_page_summary(&$a) {
  153. $r = q("SELECT `page-flags`, COUNT(uid) as `count` FROM `user` GROUP BY `page-flags`");
  154. $accounts = Array(
  155. Array( t('Normal Account'), 0),
  156. Array( t('Soapbox Account'), 0),
  157. Array( t('Community/Celebrity Account'), 0),
  158. Array( t('Automatic Friend Account'), 0),
  159. Array( t('Blog Account'), 0),
  160. Array( t('Private Forum'), 0)
  161. );
  162. $users=0;
  163. foreach ($r as $u){ $accounts[$u['page-flags']][1] = $u['count']; $users+= $u['count']; }
  164. logger('accounts: ' . print_r($accounts,true),LOGGER_DATA);
  165. $r = q("SELECT COUNT(id) as `count` FROM `register`");
  166. $pending = $r[0]['count'];
  167. $r = q("select count(*) as total from deliverq where 1");
  168. $deliverq = (($r) ? $r[0]['total'] : 0);
  169. $r = q("select count(*) as total from queue where 1");
  170. $queue = (($r) ? $r[0]['total'] : 0);
  171. // We can do better, but this is a quick queue status
  172. $queues = array( 'label' => t('Message queues'), 'deliverq' => $deliverq, 'queue' => $queue );
  173. $t = get_markup_template("admin_summary.tpl");
  174. return replace_macros($t, array(
  175. '$title' => t('Administration'),
  176. '$page' => t('Summary'),
  177. '$queues' => $queues,
  178. '$users' => Array( t('Registered users'), $users),
  179. '$accounts' => $accounts,
  180. '$pending' => Array( t('Pending registrations'), $pending),
  181. '$version' => Array( t('Version'), FRIENDICA_VERSION),
  182. '$build' => get_config('system','build'),
  183. '$plugins' => Array( t('Active plugins'), $a->plugins )
  184. ));
  185. }
  186. /**
  187. * Admin Site Page
  188. * @param App $a
  189. */
  190. function admin_page_site_post(&$a){
  191. if (!x($_POST,"page_site")){
  192. return;
  193. }
  194. check_form_security_token_redirectOnErr('/admin/site', 'admin_site');
  195. $sitename = ((x($_POST,'sitename')) ? notags(trim($_POST['sitename'])) : '');
  196. $banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false);
  197. $language = ((x($_POST,'language')) ? notags(trim($_POST['language'])) : '');
  198. $theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : '');
  199. $maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0);
  200. $register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0);
  201. $abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0);
  202. $register_text = ((x($_POST,'register_text')) ? notags(trim($_POST['register_text'])) : '');
  203. $allowed_sites = ((x($_POST,'allowed_sites')) ? notags(trim($_POST['allowed_sites'])) : '');
  204. $allowed_email = ((x($_POST,'allowed_email')) ? notags(trim($_POST['allowed_email'])) : '');
  205. $block_public = ((x($_POST,'block_public')) ? True : False);
  206. $force_publish = ((x($_POST,'publish_all')) ? True : False);
  207. $global_directory = ((x($_POST,'directory_submit_url')) ? notags(trim($_POST['directory_submit_url'])) : '');
  208. $thread_allow = ((x($_POST,'thread_allow')) ? True : False);
  209. $no_multi_reg = ((x($_POST,'no_multi_reg')) ? True : False);
  210. $no_openid = !((x($_POST,'no_openid')) ? True : False);
  211. $no_regfullname = !((x($_POST,'no_regfullname')) ? True : False);
  212. $no_utf = !((x($_POST,'no_utf')) ? True : False);
  213. $no_community_page = !((x($_POST,'no_community_page')) ? True : False);
  214. $verifyssl = ((x($_POST,'verifyssl')) ? True : False);
  215. $proxyuser = ((x($_POST,'proxyuser')) ? notags(trim($_POST['proxyuser'])) : '');
  216. $proxy = ((x($_POST,'proxy')) ? notags(trim($_POST['proxy'])) : '');
  217. $timeout = ((x($_POST,'timeout')) ? intval(trim($_POST['timeout'])) : 60);
  218. $delivery_interval = ((x($_POST,'delivery_interval'))? intval(trim($_POST['delivery_interval'])) : 0);
  219. $poll_interval = ((x($_POST,'poll_interval'))? intval(trim($_POST['poll_interval'])) : 0);
  220. $maxloadavg = ((x($_POST,'maxloadavg')) ? intval(trim($_POST['maxloadavg'])) : 50);
  221. $dfrn_only = ((x($_POST,'dfrn_only')) ? True : False);
  222. $ostatus_disabled = !((x($_POST,'ostatus_disabled')) ? True : False);
  223. $diaspora_enabled = ((x($_POST,'diaspora_enabled')) ? True : False);
  224. $ssl_policy = ((x($_POST,'ssl_policy')) ? intval($_POST['ssl_policy']) : 0);
  225. if($ssl_policy != intval(get_config('system','ssl_policy'))) {
  226. if($ssl_policy == SSL_POLICY_FULL) {
  227. q("update `contact` set
  228. `url` = replace(`url` , 'http:' , 'https:'),
  229. `photo` = replace(`photo` , 'http:' , 'https:'),
  230. `thumb` = replace(`thumb` , 'http:' , 'https:'),
  231. `micro` = replace(`micro` , 'http:' , 'https:'),
  232. `request` = replace(`request`, 'http:' , 'https:'),
  233. `notify` = replace(`notify` , 'http:' , 'https:'),
  234. `poll` = replace(`poll` , 'http:' , 'https:'),
  235. `confirm` = replace(`confirm`, 'http:' , 'https:'),
  236. `poco` = replace(`poco` , 'http:' , 'https:')
  237. where `self` = 1"
  238. );
  239. q("update `profile` set
  240. `photo` = replace(`photo` , 'http:' , 'https:'),
  241. `thumb` = replace(`thumb` , 'http:' , 'https:')
  242. where 1 "
  243. );
  244. }
  245. elseif($ssl_policy == SSL_POLICY_SELFSIGN) {
  246. q("update `contact` set
  247. `url` = replace(`url` , 'https:' , 'http:'),
  248. `photo` = replace(`photo` , 'https:' , 'http:'),
  249. `thumb` = replace(`thumb` , 'https:' , 'http:'),
  250. `micro` = replace(`micro` , 'https:' , 'http:'),
  251. `request` = replace(`request`, 'https:' , 'http:'),
  252. `notify` = replace(`notify` , 'https:' , 'http:'),
  253. `poll` = replace(`poll` , 'https:' , 'http:'),
  254. `confirm` = replace(`confirm`, 'https:' , 'http:'),
  255. `poco` = replace(`poco` , 'https:' , 'http:')
  256. where `self` = 1"
  257. );
  258. q("update `profile` set
  259. `photo` = replace(`photo` , 'https:' , 'http:'),
  260. `thumb` = replace(`thumb` , 'https:' , 'http:')
  261. where 1 "
  262. );
  263. }
  264. }
  265. set_config('system','ssl_policy',$ssl_policy);
  266. set_config('system','delivery_interval',$delivery_interval);
  267. set_config('system','poll_interval',$poll_interval);
  268. set_config('system','maxloadavg',$maxloadavg);
  269. set_config('config','sitename',$sitename);
  270. if ($banner==""){
  271. // don't know why, but del_config doesn't work...
  272. q("DELETE FROM `config` WHERE `cat` = '%s' AND `k` = '%s' LIMIT 1",
  273. dbesc("system"),
  274. dbesc("banner")
  275. );
  276. } else {
  277. set_config('system','banner', $banner);
  278. }
  279. set_config('system','language', $language);
  280. set_config('system','theme', $theme);
  281. set_config('system','maximagesize', $maximagesize);
  282. set_config('config','register_policy', $register_policy);
  283. set_config('system','account_abandon_days', $abandon_days);
  284. set_config('config','register_text', $register_text);
  285. set_config('system','allowed_sites', $allowed_sites);
  286. set_config('system','allowed_email', $allowed_email);
  287. set_config('system','block_public', $block_public);
  288. set_config('system','publish_all', $force_publish);
  289. if ($global_directory==""){
  290. // don't know why, but del_config doesn't work...
  291. q("DELETE FROM `config` WHERE `cat` = '%s' AND `k` = '%s' LIMIT 1",
  292. dbesc("system"),
  293. dbesc("directory_submit_url")
  294. );
  295. } else {
  296. set_config('system','directory_submit_url', $global_directory);
  297. }
  298. set_config('system','thread_allow', $thread_allow);
  299. set_config('system','block_extended_register', $no_multi_reg);
  300. set_config('system','no_openid', $no_openid);
  301. set_config('system','no_regfullname', $no_regfullname);
  302. set_config('system','no_community_page', $no_community_page);
  303. set_config('system','no_utf', $no_utf);
  304. set_config('system','verifyssl', $verifyssl);
  305. set_config('system','proxyuser', $proxyuser);
  306. set_config('system','proxy', $proxy);
  307. set_config('system','curl_timeout', $timeout);
  308. set_config('system','dfrn_only', $dfrn_only);
  309. set_config('system','ostatus_disabled', $ostatus_disabled);
  310. set_config('system','diaspora_enabled', $diaspora_enabled);
  311. info( t('Site settings updated.') . EOL);
  312. goaway($a->get_baseurl(true) . '/admin/site' );
  313. return; // NOTREACHED
  314. }
  315. /**
  316. * @param App $a
  317. * @return string
  318. */
  319. function admin_page_site(&$a) {
  320. /* Installed langs */
  321. $lang_choices = array();
  322. $langs = glob('view/*/strings.php');
  323. if(is_array($langs) && count($langs)) {
  324. if(! in_array('view/en/strings.php',$langs))
  325. $langs[] = 'view/en/';
  326. asort($langs);
  327. foreach($langs as $l) {
  328. $t = explode("/",$l);
  329. $lang_choices[$t[1]] = $t[1];
  330. }
  331. }
  332. /* Installed themes */
  333. $theme_choices = array();
  334. $files = glob('view/theme/*');
  335. if($files) {
  336. foreach($files as $file) {
  337. $f = basename($file);
  338. $theme_name = ((file_exists($file . '/experimental')) ? sprintf("%s - \x28Experimental\x29", $f) : $f);
  339. $theme_choices[$f] = $theme_name;
  340. }
  341. }
  342. /* Banner */
  343. $banner = get_config('system','banner');
  344. if($banner == false)
  345. $banner = '<a href="http://friendica.com"><img id="logo-img" src="images/friendica-32.png" alt="logo" /></a><span id="logo-text"><a href="http://friendica.com">Friendica</a></span>';
  346. $banner = htmlspecialchars($banner);
  347. //echo "<pre>"; var_dump($lang_choices); die("</pre>");
  348. /* Register policy */
  349. $register_choices = Array(
  350. REGISTER_CLOSED => t("Closed"),
  351. REGISTER_APPROVE => t("Requires approval"),
  352. REGISTER_OPEN => t("Open")
  353. );
  354. $ssl_choices = array(
  355. SSL_POLICY_NONE => t("No SSL policy, links will track page SSL state"),
  356. SSL_POLICY_FULL => t("Force all links to use SSL"),
  357. SSL_POLICY_SELFSIGN => t("Self-signed certificate, use SSL for local links only (discouraged)")
  358. );
  359. $t = get_markup_template("admin_site.tpl");
  360. return replace_macros($t, array(
  361. '$title' => t('Administration'),
  362. '$page' => t('Site'),
  363. '$submit' => t('Submit'),
  364. '$registration' => t('Registration'),
  365. '$upload' => t('File upload'),
  366. '$corporate' => t('Policies'),
  367. '$advanced' => t('Advanced'),
  368. '$baseurl' => $a->get_baseurl(true),
  369. // name, label, value, help string, extra data...
  370. '$sitename' => array('sitename', t("Site name"), htmlentities($a->config['sitename'], ENT_QUOTES), ""),
  371. '$banner' => array('banner', t("Banner/Logo"), $banner, ""),
  372. '$language' => array('language', t("System language"), get_config('system','language'), "", $lang_choices),
  373. '$theme' => array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices),
  374. '$ssl_policy' => array('ssl_policy', t("SSL link policy"), (string) intval(get_config('system','ssl_policy')), t("Determines whether generated links should be forced to use SSL"), $ssl_choices),
  375. '$maximagesize' => array('maximagesize', t("Maximum image size"), get_config('system','maximagesize'), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
  376. '$register_policy' => array('register_policy', t("Register policy"), $a->config['register_policy'], "", $register_choices),
  377. '$register_text' => array('register_text', t("Register text"), htmlentities($a->config['register_text'], ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")),
  378. '$abandon_days' => array('abandon_days', t('Accounts abandoned after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')),
  379. '$allowed_sites' => array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")),
  380. '$allowed_email' => array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")),
  381. '$block_public' => array('block_public', t("Block public"), get_config('system','block_public'), t("Check to block public access to all otherwise public personal pages on this site unless you are currently logged in.")),
  382. '$force_publish' => array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory.")),
  383. '$global_directory' => array('directory_submit_url', t("Global directory update URL"), get_config('system','directory_submit_url'), t("URL to update the global directory. If this is not set, the global directory is completely unavailable to the application.")),
  384. '$thread_allow' => array('thread_allow', t("Allow threaded items"), get_config('system','thread_allow'), t("Allow infinite level threading for items on this site.")),
  385. '$no_multi_reg' => array('no_multi_reg', t("Block multiple registrations"), get_config('system','block_extended_register'), t("Disallow users to register additional accounts for use as pages.")),
  386. '$no_openid' => array('no_openid', t("OpenID support"), !get_config('system','no_openid'), t("OpenID support for registration and logins.")),
  387. '$no_regfullname' => array('no_regfullname', t("Fullname check"), !get_config('system','no_regfullname'), t("Force users to register with a space between firstname and lastname in Full name, as an antispam measure")),
  388. '$no_utf' => array('no_utf', t("UTF-8 Regular expressions"), !get_config('system','no_utf'), t("Use PHP UTF8 regular expressions")),
  389. '$no_community_page' => array('no_community_page', t("Show Community Page"), !get_config('system','no_community_page'), t("Display a Community page showing all recent public postings on this site.")),
  390. '$ostatus_disabled' => array('ostatus_disabled', t("Enable OStatus support"), !get_config('system','ostatus_disable'), t("Provide built-in OStatus \x28identi.ca, status.net, etc.\x29 compatibility. All communications in OStatus are public, so privacy warnings will be occasionally displayed.")),
  391. '$diaspora_enabled' => array('diaspora_enabled', t("Enable Diaspora support"), get_config('system','diaspora_enabled'), t("Provide built-in Diaspora network compatibility.")),
  392. '$dfrn_only' => array('dfrn_only', t('Only allow Friendica contacts'), get_config('system','dfrn_only'), t("All contacts must use Friendica protocols. All other built-in communication protocols disabled.")),
  393. '$verifyssl' => array('verifyssl', t("Verify SSL"), get_config('system','verifyssl'), t("If you wish, you can turn on strict certificate checking. This will mean you cannot connect (at all) to self-signed SSL sites.")),
  394. '$proxyuser' => array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""),
  395. '$proxy' => array('proxy', t("Proxy URL"), get_config('system','proxy'), ""),
  396. '$timeout' => array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")),
  397. '$delivery_interval' => array('delivery_interval', t("Delivery interval"), (x(get_config('system','delivery_interval'))?get_config('system','delivery_interval'):2), t("Delay background delivery processes by this many seconds to reduce system load. Recommend: 4-5 for shared hosts, 2-3 for virtual private servers. 0-1 for large dedicated servers.")),
  398. '$poll_interval' => array('poll_interval', t("Poll interval"), (x(get_config('system','poll_interval'))?get_config('system','poll_interval'):2), t("Delay background polling processes by this many seconds to reduce system load. If 0, use delivery interval.")),
  399. '$maxloadavg' => array('maxloadavg', t("Maximum Load Average"), ((intval(get_config('system','maxloadavg')) > 0)?get_config('system','maxloadavg'):50), t("Maximum system load before delivery and poll processes are deferred - default 50.")),
  400. '$form_security_token' => get_form_security_token("admin_site"),
  401. ));
  402. }
  403. function admin_page_dbsync(&$a) {
  404. $o = '';
  405. if($a->argc > 3 && intval($a->argv[3]) && $a->argv[2] === 'mark') {
  406. set_config('database', 'update_' . intval($a->argv[3]), 'success');
  407. $curr = get_config('system','build');
  408. if(intval($curr) == intval($a->argv[3]))
  409. set_config('system','build',intval($curr) + 1);
  410. info( t('Update has been marked successful') . EOL);
  411. goaway($a->get_baseurl(true) . '/admin/dbsync');
  412. }
  413. if($a->argc > 2 && intval($a->argv[2])) {
  414. require_once('update.php');
  415. $func = 'update_' . intval($a->argv[2]);
  416. if(function_exists($func)) {
  417. $retval = $func();
  418. if($retval === UPDATE_FAILED) {
  419. $o .= sprintf( t('Executing %s failed. Check system logs.'), $func);
  420. }
  421. elseif($retval === UPDATE_SUCCESS) {
  422. $o .= sprintf( t('Update %s was successfully applied.', $func));
  423. set_config('database',$func, 'success');
  424. }
  425. else
  426. $o .= sprintf( t('Update %s did not return a status. Unknown if it succeeded.'), $func);
  427. }
  428. else
  429. $o .= sprintf( t('Update function %s could not be found.'), $func);
  430. return $o;
  431. }
  432. $failed = array();
  433. $r = q("select * from config where `cat` = 'database' ");
  434. if(count($r)) {
  435. foreach($r as $rr) {
  436. $upd = intval(substr($rr['k'],7));
  437. if($upd < 1139 || $rr['v'] === 'success')
  438. continue;
  439. $failed[] = $upd;
  440. }
  441. }
  442. if(! count($failed))
  443. return '<h3>' . t('No failed updates.') . '</h3>';
  444. $o = replace_macros(get_markup_template('failed_updates.tpl'),array(
  445. '$base' => $a->get_baseurl(true),
  446. '$banner' => t('Failed Updates'),
  447. '$desc' => t('This does not include updates prior to 1139, which did not return a status.'),
  448. '$mark' => t('Mark success (if update was manually applied)'),
  449. '$apply' => t('Attempt to execute this update step automatically'),
  450. '$failed' => $failed
  451. ));
  452. return $o;
  453. }
  454. /**
  455. * Users admin page
  456. *
  457. * @param App $a
  458. */
  459. function admin_page_users_post(&$a){
  460. $pending = ( x($_POST, 'pending') ? $_POST['pending'] : Array() );
  461. $users = ( x($_POST, 'user') ? $_POST['user'] : Array() );
  462. check_form_security_token_redirectOnErr('/admin/users', 'admin_users');
  463. if (x($_POST,'page_users_block')){
  464. foreach($users as $uid){
  465. q("UPDATE `user` SET `blocked`=1-`blocked` WHERE `uid`=%s",
  466. intval( $uid )
  467. );
  468. }
  469. notice( sprintf( tt("%s user blocked/unblocked", "%s users blocked/unblocked", count($users)), count($users)) );
  470. }
  471. if (x($_POST,'page_users_delete')){
  472. require_once("include/Contact.php");
  473. foreach($users as $uid){
  474. user_remove($uid);
  475. }
  476. notice( sprintf( tt("%s user deleted", "%s users deleted", count($users)), count($users)) );
  477. }
  478. if (x($_POST,'page_users_approve')){
  479. require_once("mod/regmod.php");
  480. foreach($pending as $hash){
  481. user_allow($hash);
  482. }
  483. }
  484. if (x($_POST,'page_users_deny')){
  485. require_once("mod/regmod.php");
  486. foreach($pending as $hash){
  487. user_deny($hash);
  488. }
  489. }
  490. goaway($a->get_baseurl(true) . '/admin/users' );
  491. return; // NOTREACHED
  492. }
  493. /**
  494. * @param App $a
  495. * @return string
  496. */
  497. function admin_page_users(&$a){
  498. if ($a->argc>2) {
  499. $uid = $a->argv[3];
  500. $user = q("SELECT * FROM `user` WHERE `uid`=%d", intval($uid));
  501. if (count($user)==0){
  502. notice( 'User not found' . EOL);
  503. goaway($a->get_baseurl(true) . '/admin/users' );
  504. return ''; // NOTREACHED
  505. }
  506. switch($a->argv[2]){
  507. case "delete":{
  508. check_form_security_token_redirectOnErr('/admin/users', 'admin_users', 't');
  509. // delete user
  510. require_once("include/Contact.php");
  511. user_remove($uid);
  512. notice( sprintf(t("User '%s' deleted"), $user[0]['username']) . EOL);
  513. }; break;
  514. case "block":{
  515. check_form_security_token_redirectOnErr('/admin/users', 'admin_users', 't');
  516. q("UPDATE `user` SET `blocked`=%d WHERE `uid`=%s",
  517. intval( 1-$user[0]['blocked'] ),
  518. intval( $uid )
  519. );
  520. notice( sprintf( ($user[0]['blocked']?t("User '%s' unblocked"):t("User '%s' blocked")) , $user[0]['username']) . EOL);
  521. }; break;
  522. }
  523. goaway($a->get_baseurl(true) . '/admin/users' );
  524. return ''; // NOTREACHED
  525. }
  526. /* get pending */
  527. $pending = q("SELECT `register`.*, `contact`.`name`, `user`.`email`
  528. FROM `register`
  529. LEFT JOIN `contact` ON `register`.`uid` = `contact`.`uid`
  530. LEFT JOIN `user` ON `register`.`uid` = `user`.`uid`;");
  531. /* get users */
  532. $total = q("SELECT count(*) as total FROM `user` where 1");
  533. if(count($total)) {
  534. $a->set_pager_total($total[0]['total']);
  535. $a->set_pager_itemspage(100);
  536. }
  537. $users = q("SELECT `user` . * , `contact`.`name` , `contact`.`url` , `contact`.`micro`, `lastitem`.`lastitem_date`
  538. FROM
  539. (SELECT MAX(`item`.`changed`) as `lastitem_date`, `item`.`uid`
  540. FROM `item`
  541. WHERE `item`.`type` = 'wall'
  542. GROUP BY `item`.`uid`) AS `lastitem`
  543. RIGHT OUTER JOIN `user` ON `user`.`uid` = `lastitem`.`uid`,
  544. `contact`
  545. WHERE
  546. `user`.`uid` = `contact`.`uid`
  547. AND `user`.`verified` =1
  548. AND `contact`.`self` =1
  549. ORDER BY `contact`.`name` LIMIT %d, %d
  550. ",
  551. intval($a->pager['start']),
  552. intval($a->pager['itemspage'])
  553. );
  554. function _setup_users($e){
  555. $accounts = Array(
  556. t('Normal Account'),
  557. t('Soapbox Account'),
  558. t('Community/Celebrity Account'),
  559. t('Automatic Friend Account')
  560. );
  561. $e['page-flags'] = $accounts[$e['page-flags']];
  562. $e['register_date'] = relative_date($e['register_date']);
  563. $e['login_date'] = relative_date($e['login_date']);
  564. $e['lastitem_date'] = relative_date($e['lastitem_date']);
  565. return $e;
  566. }
  567. $users = array_map("_setup_users", $users);
  568. $t = get_markup_template("admin_users.tpl");
  569. $o = replace_macros($t, array(
  570. // strings //
  571. '$title' => t('Administration'),
  572. '$page' => t('Users'),
  573. '$submit' => t('Submit'),
  574. '$select_all' => t('select all'),
  575. '$h_pending' => t('User registrations waiting for confirm'),
  576. '$th_pending' => array( t('Request date'), t('Name'), t('Email') ),
  577. '$no_pending' => t('No registrations.'),
  578. '$approve' => t('Approve'),
  579. '$deny' => t('Deny'),
  580. '$delete' => t('Delete'),
  581. '$block' => t('Block'),
  582. '$unblock' => t('Unblock'),
  583. '$h_users' => t('Users'),
  584. '$th_users' => array( t('Name'), t('Email'), t('Register date'), t('Last login'), t('Last item'), t('Account') ),
  585. '$confirm_delete_multi' => t('Selected users will be deleted!\n\nEverything these users had posted on this site will be permanently deleted!\n\nAre you sure?'),
  586. '$confirm_delete' => t('The user {0} will be deleted!\n\nEverything this user has posted on this site will be permanently deleted!\n\nAre you sure?'),
  587. '$form_security_token' => get_form_security_token("admin_users"),
  588. // values //
  589. '$baseurl' => $a->get_baseurl(true),
  590. '$pending' => $pending,
  591. '$users' => $users,
  592. ));
  593. $o .= paginate($a);
  594. return $o;
  595. }
  596. /**
  597. * Plugins admin page
  598. *
  599. * @param App $a
  600. * @return string
  601. */
  602. function admin_page_plugins(&$a){
  603. /**
  604. * Single plugin
  605. */
  606. if ($a->argc == 3){
  607. $plugin = $a->argv[2];
  608. if (!is_file("addon/$plugin/$plugin.php")){
  609. notice( t("Item not found.") );
  610. return '';
  611. }
  612. if (x($_GET,"a") && $_GET['a']=="t"){
  613. check_form_security_token_redirectOnErr('/admin/plugins', 'admin_themes', 't');
  614. // Toggle plugin status
  615. $idx = array_search($plugin, $a->plugins);
  616. if ($idx !== false){
  617. unset($a->plugins[$idx]);
  618. uninstall_plugin($plugin);
  619. info( sprintf( t("Plugin %s disabled."), $plugin ) );
  620. } else {
  621. $a->plugins[] = $plugin;
  622. install_plugin($plugin);
  623. info( sprintf( t("Plugin %s enabled."), $plugin ) );
  624. }
  625. set_config("system","addon", implode(", ",$a->plugins));
  626. goaway($a->get_baseurl(true) . '/admin/plugins' );
  627. return ''; // NOTREACHED
  628. }
  629. // display plugin details
  630. require_once('library/markdown.php');
  631. if (in_array($plugin, $a->plugins)){
  632. $status="on"; $action= t("Disable");
  633. } else {
  634. $status="off"; $action= t("Enable");
  635. }
  636. $readme=Null;
  637. if (is_file("addon/$plugin/README.md")){
  638. $readme = file_get_contents("addon/$plugin/README.md");
  639. $readme = Markdown($readme);
  640. } else if (is_file("addon/$plugin/README")){
  641. $readme = "<pre>". file_get_contents("addon/$plugin/README") ."</pre>";
  642. }
  643. $admin_form="";
  644. if (is_array($a->plugins_admin) && in_array($plugin, $a->plugins_admin)){
  645. @require_once("addon/$plugin/$plugin.php");
  646. $func = $plugin.'_plugin_admin';
  647. $func($a, $admin_form);
  648. }
  649. $t = get_markup_template("admin_plugins_details.tpl");
  650. return replace_macros($t, array(
  651. '$title' => t('Administration'),
  652. '$page' => t('Plugins'),
  653. '$toggle' => t('Toggle'),
  654. '$settings' => t('Settings'),
  655. '$baseurl' => $a->get_baseurl(true),
  656. '$plugin' => $plugin,
  657. '$status' => $status,
  658. '$action' => $action,
  659. '$info' => get_plugin_info($plugin),
  660. '$str_author' => t('Author: '),
  661. '$str_maintainer' => t('Maintainer: '),
  662. '$admin_form' => $admin_form,
  663. '$function' => 'plugins',
  664. '$screenshot' => '',
  665. '$readme' => $readme,
  666. '$form_security_token' => get_form_security_token("admin_themes"),
  667. ));
  668. }
  669. /**
  670. * List plugins
  671. */
  672. $plugins = array();
  673. $files = glob("addon/*/");
  674. if($files) {
  675. foreach($files as $file) {
  676. if (is_dir($file)){
  677. list($tmp, $id)=array_map("trim", explode("/",$file));
  678. $info = get_plugin_info($id);
  679. $plugins[] = array( $id, (in_array($id, $a->plugins)?"on":"off") , $info);
  680. }
  681. }
  682. }
  683. $t = get_markup_template("admin_plugins.tpl");
  684. return replace_macros($t, array(
  685. '$title' => t('Administration'),
  686. '$page' => t('Plugins'),
  687. '$submit' => t('Submit'),
  688. '$baseurl' => $a->get_baseurl(true),
  689. '$function' => 'plugins',
  690. '$plugins' => $plugins,
  691. '$form_security_token' => get_form_security_token("admin_themes"),
  692. ));
  693. }
  694. /**
  695. * @param array $themes
  696. * @param string $th
  697. * @param int $result
  698. */
  699. function toggle_theme(&$themes,$th,&$result) {
  700. for($x = 0; $x < count($themes); $x ++) {
  701. if($themes[$x]['name'] === $th) {
  702. if($themes[$x]['allowed']) {
  703. $themes[$x]['allowed'] = 0;
  704. $result = 0;
  705. }
  706. else {
  707. $themes[$x]['allowed'] = 1;
  708. $result = 1;
  709. }
  710. }
  711. }
  712. }
  713. /**
  714. * @param array $themes
  715. * @param string $th
  716. * @return int
  717. */
  718. function theme_status($themes,$th) {
  719. for($x = 0; $x < count($themes); $x ++) {
  720. if($themes[$x]['name'] === $th) {
  721. if($themes[$x]['allowed']) {
  722. return 1;
  723. }
  724. else {
  725. return 0;
  726. }
  727. }
  728. }
  729. return 0;
  730. }
  731. /**
  732. * @param array $themes
  733. * @return string
  734. */
  735. function rebuild_theme_table($themes) {
  736. $o = '';
  737. if(count($themes)) {
  738. foreach($themes as $th) {
  739. if($th['allowed']) {
  740. if(strlen($o))
  741. $o .= ',';
  742. $o .= $th['name'];
  743. }
  744. }
  745. }
  746. return $o;
  747. }
  748. /**
  749. * Themes admin page
  750. *
  751. * @param App $a
  752. * @return string
  753. */
  754. function admin_page_themes(&$a){
  755. $allowed_themes_str = get_config('system','allowed_themes');
  756. $allowed_themes_raw = explode(',',$allowed_themes_str);
  757. $allowed_themes = array();
  758. if(count($allowed_themes_raw))
  759. foreach($allowed_themes_raw as $x)
  760. if(strlen(trim($x)))
  761. $allowed_themes[] = trim($x);
  762. $themes = array();
  763. $files = glob('view/theme/*');
  764. if($files) {
  765. foreach($files as $file) {
  766. $f = basename($file);
  767. $is_experimental = intval(file_exists($file . '/experimental'));
  768. $is_supported = 1-(intval(file_exists($file . '/unsupported'))); // Is not used yet
  769. $is_allowed = intval(in_array($f,$allowed_themes));
  770. $themes[] = array('name' => $f, 'experimental' => $is_experimental, 'supported' => $is_supported, 'allowed' => $is_allowed);
  771. }
  772. }
  773. if(! count($themes)) {
  774. notice( t('No themes found.'));
  775. return '';
  776. }
  777. /**
  778. * Single theme
  779. */
  780. if ($a->argc == 3){
  781. $theme = $a->argv[2];
  782. if(! is_dir("view/theme/$theme")){
  783. notice( t("Item not found.") );
  784. return '';
  785. }
  786. if (x($_GET,"a") && $_GET['a']=="t"){
  787. check_form_security_token_redirectOnErr('/admin/themes', 'admin_themes', 't');
  788. // Toggle theme status
  789. toggle_theme($themes,$theme,$result);
  790. $s = rebuild_theme_table($themes);
  791. if($result)
  792. info( sprintf('Theme %s enabled.',$theme));
  793. else
  794. info( sprintf('Theme %s disabled.',$theme));
  795. set_config('system','allowed_themes',$s);
  796. goaway($a->get_baseurl(true) . '/admin/themes' );
  797. return ''; // NOTREACHED
  798. }
  799. // display theme details
  800. require_once('library/markdown.php');
  801. if (theme_status($themes,$theme)) {
  802. $status="on"; $action= t("Disable");
  803. } else {
  804. $status="off"; $action= t("Enable");
  805. }
  806. $readme=Null;
  807. if (is_file("view/theme/$theme/README.md")){
  808. $readme = file_get_contents("view/theme/$theme/README.md");
  809. $readme = Markdown($readme);
  810. } else if (is_file("view/theme/$theme/README")){
  811. $readme = "<pre>". file_get_contents("view/theme/$theme/README") ."</pre>";
  812. }
  813. $admin_form="";
  814. if (is_file("view/theme/$theme/config.php")){
  815. require_once("view/theme/$theme/config.php");
  816. if(function_exists("theme_admin")){
  817. $admin_form = theme_admin($a);
  818. }
  819. }
  820. $screenshot = array( get_theme_screenshot($theme), t('Screenshot'));
  821. if(! stristr($screenshot[0],$theme))
  822. $screenshot = null;
  823. $t = get_markup_template("admin_plugins_details.tpl");
  824. return replace_macros($t, array(
  825. '$title' => t('Administration'),
  826. '$page' => t('Themes'),
  827. '$toggle' => t('Toggle'),
  828. '$settings' => t('Settings'),
  829. '$baseurl' => $a->get_baseurl(true),
  830. '$plugin' => $theme,
  831. '$status' => $status,
  832. '$action' => $action,
  833. '$info' => get_theme_info($theme),
  834. '$function' => 'themes',
  835. '$admin_form' => $admin_form,
  836. '$str_author' => t('Author: '),
  837. '$str_maintainer' => t('Maintainer: '),
  838. '$screenshot' => $screenshot,
  839. '$readme' => $readme,
  840. '$form_security_token' => get_form_security_token("admin_themes"),
  841. ));
  842. }
  843. /**
  844. * List themes
  845. */
  846. $xthemes = array();
  847. if($themes) {
  848. foreach($themes as $th) {
  849. $xthemes[] = array($th['name'],(($th['allowed']) ? "on" : "off"), get_theme_info($th['name']));
  850. }
  851. }
  852. $t = get_markup_template("admin_plugins.tpl");
  853. return replace_macros($t, array(
  854. '$title' => t('Administration'),
  855. '$page' => t('Themes'),
  856. '$submit' => t('Submit'),
  857. '$baseurl' => $a->get_baseurl(true),
  858. '$function' => 'themes',
  859. '$plugins' => $xthemes,
  860. '$experimental' => t('[Experimental]'),
  861. '$unsupported' => t('[Unsupported]'),
  862. '$form_security_token' => get_form_security_token("admin_themes"),
  863. ));
  864. }
  865. /**
  866. * Logs admin page
  867. *
  868. * @param App $a
  869. */
  870. function admin_page_logs_post(&$a) {
  871. if (x($_POST,"page_logs")) {
  872. check_form_security_token_redirectOnErr('/admin/logs', 'admin_logs');
  873. $logfile = ((x($_POST,'logfile')) ? notags(trim($_POST['logfile'])) : '');
  874. $debugging = ((x($_POST,'debugging')) ? true : false);
  875. $loglevel = ((x($_POST,'loglevel')) ? intval(trim($_POST['loglevel'])) : 0);
  876. set_config('system','logfile', $logfile);
  877. set_config('system','debugging', $debugging);
  878. set_config('system','loglevel', $loglevel);
  879. }
  880. info( t("Log settings updated.") );
  881. goaway($a->get_baseurl(true) . '/admin/logs' );
  882. return; // NOTREACHED
  883. }
  884. /**
  885. * @param App $a
  886. * @return string
  887. */
  888. function admin_page_logs(&$a){
  889. $log_choices = Array(
  890. LOGGER_NORMAL => 'Normal',
  891. LOGGER_TRACE => 'Trace',
  892. LOGGER_DEBUG => 'Debug',
  893. LOGGER_DATA => 'Data',
  894. LOGGER_ALL => 'All'
  895. );
  896. $t = get_markup_template("admin_logs.tpl");
  897. $f = get_config('system','logfile');
  898. $data = '';
  899. if(!file_exists($f)) {
  900. $data = t("Error trying to open <strong>$f</strong> log file.\r\n<br/>Check to see if file $f exist and is
  901. readable.");
  902. }
  903. else {
  904. $fp = fopen($f, 'r');
  905. if(!$fp) {
  906. $data = t("Couldn't open <strong>$f</strong> log file.\r\n<br/>Check to see if file $f is readable.");
  907. }
  908. else {
  909. $fstat = fstat($fp);
  910. $size = $fstat['size'];
  911. if($size != 0)
  912. {
  913. if($size > 5000000 || $size < 0)
  914. $size = 5000000;
  915. $seek = fseek($fp,0-$size,SEEK_END);
  916. if($seek === 0) {
  917. $data = escape_tags(fread($fp,$size));
  918. while(! feof($fp))
  919. $data .= escape_tags(fread($fp,4096));
  920. }
  921. }
  922. fclose($fp);
  923. }
  924. }
  925. return replace_macros($t, array(
  926. '$title' => t('Administration'),
  927. '$page' => t('Logs'),
  928. '$submit' => t('Submit'),
  929. '$clear' => t('Clear'),
  930. '$data' => $data,
  931. '$baseurl' => $a->get_baseurl(true),
  932. '$logname' => get_config('system','logfile'),
  933. // name, label, value, help string, extra data...
  934. '$debugging' => array('debugging', t("Debugging"),get_config('system','debugging'), ""),
  935. '$logfile' => array('logfile', t("Log file"), get_config('system','logfile'), t("Must be writable by web server. Relative to your Friendica top-level directory.")),
  936. '$loglevel' => array('loglevel', t("Log level"), get_config('system','loglevel'), "", $log_choices),
  937. '$form_security_token' => get_form_security_token("admin_logs"),
  938. ));
  939. }
  940. /**
  941. * @param App $a
  942. */
  943. function admin_page_remoteupdate_post(&$a) {
  944. // this function should be called via ajax post
  945. if(!is_site_admin()) {
  946. return;
  947. }
  948. if (x($_POST,'remotefile') && $_POST['remotefile']!=""){
  949. $remotefile = $_POST['remotefile'];
  950. $ftpdata = (x($_POST['ftphost'])?$_POST:false);
  951. doUpdate($remotefile, $ftpdata);
  952. } else {
  953. echo "No remote file to download. Abort!";
  954. }
  955. killme();
  956. }
  957. /**
  958. * @param App $a
  959. * @return string
  960. */
  961. function admin_page_remoteupdate(&$a) {
  962. if(!is_site_admin()) {
  963. return login(false);
  964. }
  965. $canwrite = canWeWrite();
  966. $canftp = function_exists('ftp_connect');
  967. $needupdate = true;
  968. $u = checkUpdate();
  969. if (!is_array($u)){
  970. $needupdate = false;
  971. $u = array('','','');
  972. }
  973. $tpl = get_markup_template("admin_remoteupdate.tpl");
  974. return replace_macros($tpl, array(
  975. '$baseurl' => $a->get_baseurl(true),
  976. '$submit' => t("Update now"),
  977. '$close' => t("Close"),
  978. '$localversion' => FRIENDICA_VERSION,
  979. '$remoteversion' => $u[1],
  980. '$needupdate' => $needupdate,
  981. '$canwrite' => $canwrite,
  982. '$canftp' => $canftp,
  983. '$ftphost' => array('ftphost', t("FTP Host"), '',''),
  984. '$ftppath' => array('ftppath', t("FTP Path"), '/',''),
  985. '$ftpuser' => array('ftpuser', t("FTP User"), '',''),
  986. '$ftppwd' => array('ftppwd', t("FTP Password"), '',''),
  987. '$remotefile'=>array('remotefile','', $u['2'],'')
  988. ));
  989. }