Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

1066 lines
33 KiB

  1. <?php
  2. /**
  3. * Friendica admin
  4. */
  5. require_once("include/remoteupdate.php");
  6. /**
  7. * @param App $a
  8. */
  9. function admin_post(&$a){
  10. if(!is_site_admin()) {
  11. return;
  12. }
  13. // do not allow a page manager to access the admin panel at all.
  14. if(x($_SESSION,'submanage') && intval($_SESSION['submanage']))
  15. return;
  16. // urls
  17. if ($a->argc > 1){
  18. switch ($a->argv[1]){
  19. case 'site':
  20. admin_page_site_post($a);
  21. break;
  22. case 'users':
  23. admin_page_users_post($a);
  24. break;
  25. case 'plugins':
  26. if ($a->argc > 2 &&
  27. is_file("addon/".$a->argv[2]."/".$a->argv[2].".php")){
  28. @include_once("addon/".$a->argv[2]."/".$a->argv[2].".php");
  29. if(function_exists($a->argv[2].'_plugin_admin_post')) {
  30. $func = $a->argv[2].'_plugin_admin_post';
  31. $func($a);
  32. }
  33. }
  34. goaway($a->get_baseurl(true) . '/admin/plugins/' . $a->argv[2] );
  35. return; // NOTREACHED
  36. break;
  37. case 'themes':
  38. $theme = $a->argv[2];
  39. if (is_file("view/theme/$theme/config.php")){
  40. require_once("view/theme/$theme/config.php");
  41. if (function_exists("theme_admin_post")){
  42. theme_admin_post($a);
  43. }
  44. }
  45. info(t('Theme settings updated.'));
  46. if(is_ajax()) return;
  47. goaway($a->get_baseurl(true) . '/admin/themes/' . $theme );
  48. return;
  49. break;
  50. case 'logs':
  51. admin_page_logs_post($a);
  52. break;
  53. case 'update':
  54. admin_page_remoteupdate_post($a);
  55. break;
  56. }
  57. }
  58. goaway($a->get_baseurl(true) . '/admin' );
  59. return; // NOTREACHED
  60. }
  61. /**
  62. * @param App $a
  63. * @return string
  64. */
  65. function admin_content(&$a) {
  66. if(!is_site_admin()) {
  67. return login(false);
  68. }
  69. if(x($_SESSION,'submanage') && intval($_SESSION['submanage']))
  70. return "";
  71. /**
  72. * Side bar links
  73. */
  74. // array( url, name, extra css classes )
  75. $aside = Array(
  76. 'site' => Array($a->get_baseurl(true)."/admin/site/", t("Site") , "site"),
  77. 'users' => Array($a->get_baseurl(true)."/admin/users/", t("Users") , "users"),
  78. 'plugins'=> Array($a->get_baseurl(true)."/admin/plugins/", t("Plugins") , "plugins"),
  79. 'themes' => Array($a->get_baseurl(true)."/admin/themes/", t("Themes") , "themes"),
  80. 'update' => Array($a->get_baseurl(true)."/admin/update/", t("Update") , "update")
  81. );
  82. /* get plugins admin page */
  83. $r = q("SELECT * FROM `addon` WHERE `plugin_admin`=1");
  84. $aside['plugins_admin']=Array();
  85. foreach ($r as $h){
  86. $plugin =$h['name'];
  87. $aside['plugins_admin'][] = Array($a->get_baseurl(true)."/admin/plugins/".$plugin, $plugin, "plugin");
  88. // temp plugins with admin
  89. $a->plugins_admin[] = $plugin;
  90. }
  91. $aside['logs'] = Array($a->get_baseurl(true)."/admin/logs/", t("Logs"), "logs");
  92. $t = get_markup_template("admin_aside.tpl");
  93. $a->page['aside'] = replace_macros( $t, array(
  94. '$admin' => $aside,
  95. '$h_pending' => t('User registrations waiting for confirmation'),
  96. '$admurl'=> $a->get_baseurl(true)."/admin/"
  97. ));
  98. /**
  99. * Page content
  100. */
  101. $o = '';
  102. // urls
  103. if ($a->argc > 1){
  104. switch ($a->argv[1]){
  105. case 'site':
  106. $o = admin_page_site($a);
  107. break;
  108. case 'users':
  109. $o = admin_page_users($a);
  110. break;
  111. case 'plugins':
  112. $o = admin_page_plugins($a);
  113. break;
  114. case 'themes':
  115. $o = admin_page_themes($a);
  116. break;
  117. case 'logs':
  118. $o = admin_page_logs($a);
  119. break;
  120. case 'update':
  121. $o = admin_page_remoteupdate($a);
  122. break;
  123. default:
  124. notice( t("Item not found.") );
  125. }
  126. } else {
  127. $o = admin_page_summary($a);
  128. }
  129. if(is_ajax()) {
  130. echo $o;
  131. killme();
  132. return '';
  133. } else {
  134. return $o;
  135. }
  136. }
  137. /**
  138. * Admin Summary Page
  139. * @param App $a
  140. * @return string
  141. */
  142. function admin_page_summary(&$a) {
  143. $r = q("SELECT `page-flags`, COUNT(uid) as `count` FROM `user` GROUP BY `page-flags`");
  144. $accounts = Array(
  145. Array( t('Normal Account'), 0),
  146. Array( t('Soapbox Account'), 0),
  147. Array( t('Community/Celebrity Account'), 0),
  148. Array( t('Automatic Friend Account'), 0)
  149. );
  150. $users=0;
  151. foreach ($r as $u){ $accounts[$u['page-flags']][1] = $u['count']; $users+= $u['count']; }
  152. logger('accounts: ' . print_r($accounts,true));
  153. $r = q("SELECT COUNT(id) as `count` FROM `register`");
  154. $pending = $r[0]['count'];
  155. $t = get_markup_template("admin_summary.tpl");
  156. return replace_macros($t, array(
  157. '$title' => t('Administration'),
  158. '$page' => t('Summary'),
  159. '$users' => Array( t('Registered users'), $users),
  160. '$accounts' => $accounts,
  161. '$pending' => Array( t('Pending registrations'), $pending),
  162. '$version' => Array( t('Version'), FRIENDICA_VERSION),
  163. '$build' => get_config('system','build'),
  164. '$plugins' => Array( t('Active plugins'), $a->plugins )
  165. ));
  166. }
  167. /**
  168. * Admin Site Page
  169. * @param App $a
  170. */
  171. function admin_page_site_post(&$a){
  172. if (!x($_POST,"page_site")){
  173. return;
  174. }
  175. check_form_security_token_redirectOnErr('/admin/site', 'admin_site');
  176. $sitename = ((x($_POST,'sitename')) ? notags(trim($_POST['sitename'])) : '');
  177. $banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false);
  178. $language = ((x($_POST,'language')) ? notags(trim($_POST['language'])) : '');
  179. $theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : '');
  180. $maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0);
  181. $register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0);
  182. $abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0);
  183. $register_text = ((x($_POST,'register_text')) ? notags(trim($_POST['register_text'])) : '');
  184. $allowed_sites = ((x($_POST,'allowed_sites')) ? notags(trim($_POST['allowed_sites'])) : '');
  185. $allowed_email = ((x($_POST,'allowed_email')) ? notags(trim($_POST['allowed_email'])) : '');
  186. $block_public = ((x($_POST,'block_public')) ? True : False);
  187. $force_publish = ((x($_POST,'publish_all')) ? True : False);
  188. $global_directory = ((x($_POST,'directory_submit_url')) ? notags(trim($_POST['directory_submit_url'])) : '');
  189. $no_multi_reg = ((x($_POST,'no_multi_reg')) ? True : False);
  190. $no_openid = !((x($_POST,'no_openid')) ? True : False);
  191. $no_regfullname = !((x($_POST,'no_regfullname')) ? True : False);
  192. $no_utf = !((x($_POST,'no_utf')) ? True : False);
  193. $no_community_page = !((x($_POST,'no_community_page')) ? True : False);
  194. $verifyssl = ((x($_POST,'verifyssl')) ? True : False);
  195. $proxyuser = ((x($_POST,'proxyuser')) ? notags(trim($_POST['proxyuser'])) : '');
  196. $proxy = ((x($_POST,'proxy')) ? notags(trim($_POST['proxy'])) : '');
  197. $timeout = ((x($_POST,'timeout')) ? intval(trim($_POST['timeout'])) : 60);
  198. $dfrn_only = ((x($_POST,'dfrn_only')) ? True : False);
  199. $ostatus_disabled = !((x($_POST,'ostatus_disabled')) ? True : False);
  200. $diaspora_enabled = ((x($_POST,'diaspora_enabled')) ? True : False);
  201. $ssl_policy = ((x($_POST,'ssl_policy')) ? intval($_POST['ssl_policy']) : 0);
  202. if($ssl_policy != intval(get_config('system','ssl_policy'))) {
  203. if($ssl_policy == SSL_POLICY_FULL) {
  204. q("update `contact` set
  205. `url` = replace(`url` , 'http:' , 'https:'),
  206. `photo` = replace(`photo` , 'http:' , 'https:'),
  207. `thumb` = replace(`thumb` , 'http:' , 'https:'),
  208. `micro` = replace(`micro` , 'http:' , 'https:'),
  209. `request` = replace(`request`, 'http:' , 'https:'),
  210. `notify` = replace(`notify` , 'http:' , 'https:'),
  211. `poll` = replace(`poll` , 'http:' , 'https:'),
  212. `confirm` = replace(`confirm`, 'http:' , 'https:'),
  213. `poco` = replace(`poco` , 'http:' , 'https:')
  214. where `self` = 1"
  215. );
  216. q("update `profile` set
  217. `photo` = replace(`photo` , 'http:' , 'https:'),
  218. `thumb` = replace(`thumb` , 'http:' , 'https:')
  219. where 1 "
  220. );
  221. }
  222. elseif($ssl_policy == SSL_POLICY_SELFSIGN) {
  223. q("update `contact` set
  224. `url` = replace(`url` , 'https:' , 'http:'),
  225. `photo` = replace(`photo` , 'https:' , 'http:'),
  226. `thumb` = replace(`thumb` , 'https:' , 'http:'),
  227. `micro` = replace(`micro` , 'https:' , 'http:'),
  228. `request` = replace(`request`, 'https:' , 'http:'),
  229. `notify` = replace(`notify` , 'https:' , 'http:'),
  230. `poll` = replace(`poll` , 'https:' , 'http:'),
  231. `confirm` = replace(`confirm`, 'https:' , 'http:'),
  232. `poco` = replace(`poco` , 'https:' , 'http:')
  233. where `self` = 1"
  234. );
  235. q("update `profile` set
  236. `photo` = replace(`photo` , 'https:' , 'http:'),
  237. `thumb` = replace(`thumb` , 'https:' , 'http:')
  238. where 1 "
  239. );
  240. }
  241. }
  242. set_config('system','ssl_policy',$ssl_policy);
  243. set_config('config','sitename',$sitename);
  244. if ($banner==""){
  245. // don't know why, but del_config doesn't work...
  246. q("DELETE FROM `config` WHERE `cat` = '%s' AND `k` = '%s' LIMIT 1",
  247. dbesc("system"),
  248. dbesc("banner")
  249. );
  250. } else {
  251. set_config('system','banner', $banner);
  252. }
  253. set_config('system','language', $language);
  254. set_config('system','theme', $theme);
  255. set_config('system','maximagesize', $maximagesize);
  256. set_config('config','register_policy', $register_policy);
  257. set_config('system','account_abandon_days', $abandon_days);
  258. set_config('config','register_text', $register_text);
  259. set_config('system','allowed_sites', $allowed_sites);
  260. set_config('system','allowed_email', $allowed_email);
  261. set_config('system','block_public', $block_public);
  262. set_config('system','publish_all', $force_publish);
  263. if ($global_directory==""){
  264. // don't know why, but del_config doesn't work...
  265. q("DELETE FROM `config` WHERE `cat` = '%s' AND `k` = '%s' LIMIT 1",
  266. dbesc("system"),
  267. dbesc("directory_submit_url")
  268. );
  269. } else {
  270. set_config('system','directory_submit_url', $global_directory);
  271. }
  272. set_config('system','block_extended_register', $no_multi_reg);
  273. set_config('system','no_openid', $no_openid);
  274. set_config('system','no_regfullname', $no_regfullname);
  275. set_config('system','no_community_page', $no_community_page);
  276. set_config('system','no_utf', $no_utf);
  277. set_config('system','verifyssl', $verifyssl);
  278. set_config('system','proxyuser', $proxyuser);
  279. set_config('system','proxy', $proxy);
  280. set_config('system','curl_timeout', $timeout);
  281. set_config('system','dfrn_only', $dfrn_only);
  282. set_config('system','ostatus_disabled', $ostatus_disabled);
  283. set_config('system','diaspora_enabled', $diaspora_enabled);
  284. info( t('Site settings updated.') . EOL);
  285. goaway($a->get_baseurl(true) . '/admin/site' );
  286. return; // NOTREACHED
  287. }
  288. /**
  289. * @param App $a
  290. * @return string
  291. */
  292. function admin_page_site(&$a) {
  293. /* Installed langs */
  294. $lang_choices = array();
  295. $langs = glob('view/*/strings.php');
  296. if(is_array($langs) && count($langs)) {
  297. if(! in_array('view/en/strings.php',$langs))
  298. $langs[] = 'view/en/';
  299. asort($langs);
  300. foreach($langs as $l) {
  301. $t = explode("/",$l);
  302. $lang_choices[$t[1]] = $t[1];
  303. }
  304. }
  305. /* Installed themes */
  306. $theme_choices = array();
  307. $files = glob('view/theme/*');
  308. if($files) {
  309. foreach($files as $file) {
  310. $f = basename($file);
  311. $theme_name = ((file_exists($file . '/experimental')) ? sprintf("%s - \x28Experimental\x29", $f) : $f);
  312. $theme_choices[$f] = $theme_name;
  313. }
  314. }
  315. /* Banner */
  316. $banner = get_config('system','banner');
  317. if($banner == false)
  318. $banner = '<a href="http://friendica.com"><img id="logo-img" src="images/friendica-32.png" alt="logo" /></a><span id="logo-text"><a href="http://friendica.com">Friendica</a></span>';
  319. $banner = htmlspecialchars($banner);
  320. //echo "<pre>"; var_dump($lang_choices); die("</pre>");
  321. /* Register policy */
  322. $register_choices = Array(
  323. REGISTER_CLOSED => t("Closed"),
  324. REGISTER_APPROVE => t("Requires approval"),
  325. REGISTER_OPEN => t("Open")
  326. );
  327. $ssl_choices = array(
  328. SSL_POLICY_NONE => t("No SSL policy, links will track page SSL state"),
  329. SSL_POLICY_FULL => t("Force all links to use SSL"),
  330. SSL_POLICY_SELFSIGN => t("Self-signed certificate, use SSL for local links only (discouraged)")
  331. );
  332. $t = get_markup_template("admin_site.tpl");
  333. return replace_macros($t, array(
  334. '$title' => t('Administration'),
  335. '$page' => t('Site'),
  336. '$submit' => t('Submit'),
  337. '$registration' => t('Registration'),
  338. '$upload' => t('File upload'),
  339. '$corporate' => t('Policies'),
  340. '$advanced' => t('Advanced'),
  341. '$baseurl' => $a->get_baseurl(true),
  342. // name, label, value, help string, extra data...
  343. '$sitename' => array('sitename', t("Site name"), htmlentities($a->config['sitename'], ENT_QUOTES), ""),
  344. '$banner' => array('banner', t("Banner/Logo"), $banner, ""),
  345. '$language' => array('language', t("System language"), get_config('system','language'), "", $lang_choices),
  346. '$theme' => array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices),
  347. '$ssl_policy' => array('ssl_policy', t("SSL link policy"), (string) intval(get_config('system','ssl_policy')), t("Determines whether generated links should be forced to use SSL"), $ssl_choices),
  348. '$maximagesize' => array('maximagesize', t("Maximum image size"), get_config('system','maximagesize'), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
  349. '$register_policy' => array('register_policy', t("Register policy"), $a->config['register_policy'], "", $register_choices),
  350. '$register_text' => array('register_text', t("Register text"), htmlentities($a->config['register_text'], ENT_QUOTES), t("Will be displayed prominently on the registration page.")),
  351. '$abandon_days' => array('abandon_days', t('Accounts abandoned after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')),
  352. '$allowed_sites' => array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")),
  353. '$allowed_email' => array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")),
  354. '$block_public' => array('block_public', t("Block public"), get_config('system','block_public'), t("Check to block public access to all otherwise public personal pages on this site unless you are currently logged in.")),
  355. '$force_publish' => array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory.")),
  356. '$global_directory' => array('directory_submit_url', t("Global directory update URL"), get_config('system','directory_submit_url'), t("URL to update the global directory. If this is not set, the global directory is completely unavailable to the application.")),
  357. '$no_multi_reg' => array('no_multi_reg', t("Block multiple registrations"), get_config('system','block_extended_register'), t("Disallow users to register additional accounts for use as pages.")),
  358. '$no_openid' => array('no_openid', t("OpenID support"), !get_config('system','no_openid'), t("OpenID support for registration and logins.")),
  359. '$no_regfullname' => array('no_regfullname', t("Fullname check"), !get_config('system','no_regfullname'), t("Force users to register with a space between firstname and lastname in Full name, as an antispam measure")),
  360. '$no_utf' => array('no_utf', t("UTF-8 Regular expressions"), !get_config('system','no_utf'), t("Use PHP UTF8 regular expressions")),
  361. '$no_community_page' => array('no_community_page', t("Show Community Page"), !get_config('system','no_community_page'), t("Display a Community page showing all recent public postings on this site.")),
  362. '$ostatus_disabled' => array('ostatus_disabled', t("Enable OStatus support"), !get_config('system','ostatus_disable'), t("Provide built-in OStatus \x28identi.ca, status.net, etc.\x29 compatibility. All communications in OStatus are public, so privacy warnings will be occasionally displayed.")),
  363. '$diaspora_enabled' => array('diaspora_enabled', t("Enable Diaspora support"), get_config('system','diaspora_enabled'), t("Provide built-in Diaspora network compatibility.")),
  364. '$dfrn_only' => array('dfrn_only', t('Only allow Friendica contacts'), get_config('system','dfrn_only'), t("All contacts must use Friendica protocols. All other built-in communication protocols disabled.")),
  365. '$verifyssl' => array('verifyssl', t("Verify SSL"), get_config('system','verifyssl'), t("If you wish, you can turn on strict certificate checking. This will mean you cannot connect (at all) to self-signed SSL sites.")),
  366. '$proxyuser' => array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""),
  367. '$proxy' => array('proxy', t("Proxy URL"), get_config('system','proxy'), ""),
  368. '$timeout' => array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")),
  369. '$form_security_token' => get_form_security_token("admin_site"),
  370. ));
  371. }
  372. /**
  373. * Users admin page
  374. *
  375. * @param App $a
  376. */
  377. function admin_page_users_post(&$a){
  378. $pending = ( x($_POST, 'pending') ? $_POST['pending'] : Array() );
  379. $users = ( x($_POST, 'user') ? $_POST['user'] : Array() );
  380. check_form_security_token_redirectOnErr('/admin/users', 'admin_users');
  381. if (x($_POST,'page_users_block')){
  382. foreach($users as $uid){
  383. q("UPDATE `user` SET `blocked`=1-`blocked` WHERE `uid`=%s",
  384. intval( $uid )
  385. );
  386. }
  387. notice( sprintf( tt("%s user blocked/unblocked", "%s users blocked/unblocked", count($users)), count($users)) );
  388. }
  389. if (x($_POST,'page_users_delete')){
  390. require_once("include/Contact.php");
  391. foreach($users as $uid){
  392. user_remove($uid);
  393. }
  394. notice( sprintf( tt("%s user deleted", "%s users deleted", count($users)), count($users)) );
  395. }
  396. if (x($_POST,'page_users_approve')){
  397. require_once("mod/regmod.php");
  398. foreach($pending as $hash){
  399. user_allow($hash);
  400. }
  401. }
  402. if (x($_POST,'page_users_deny')){
  403. require_once("mod/regmod.php");
  404. foreach($pending as $hash){
  405. user_deny($hash);
  406. }
  407. }
  408. goaway($a->get_baseurl(true) . '/admin/users' );
  409. return; // NOTREACHED
  410. }
  411. /**
  412. * @param App $a
  413. * @return string
  414. */
  415. function admin_page_users(&$a){
  416. if ($a->argc>2) {
  417. $uid = $a->argv[3];
  418. $user = q("SELECT * FROM `user` WHERE `uid`=%d", intval($uid));
  419. if (count($user)==0){
  420. notice( 'User not found' . EOL);
  421. goaway($a->get_baseurl(true) . '/admin/users' );
  422. return ''; // NOTREACHED
  423. }
  424. switch($a->argv[2]){
  425. case "delete":{
  426. check_form_security_token_redirectOnErr('/admin/users', 'admin_users', 't');
  427. // delete user
  428. require_once("include/Contact.php");
  429. user_remove($uid);
  430. notice( sprintf(t("User '%s' deleted"), $user[0]['username']) . EOL);
  431. }; break;
  432. case "block":{
  433. check_form_security_token_redirectOnErr('/admin/users', 'admin_users', 't');
  434. q("UPDATE `user` SET `blocked`=%d WHERE `uid`=%s",
  435. intval( 1-$user[0]['blocked'] ),
  436. intval( $uid )
  437. );
  438. notice( sprintf( ($user[0]['blocked']?t("User '%s' unblocked"):t("User '%s' blocked")) , $user[0]['username']) . EOL);
  439. }; break;
  440. }
  441. goaway($a->get_baseurl(true) . '/admin/users' );
  442. return ''; // NOTREACHED
  443. }
  444. /* get pending */
  445. $pending = q("SELECT `register`.*, `contact`.`name`, `user`.`email`
  446. FROM `register`
  447. LEFT JOIN `contact` ON `register`.`uid` = `contact`.`uid`
  448. LEFT JOIN `user` ON `register`.`uid` = `user`.`uid`;");
  449. /* get users */
  450. $total = q("SELECT count(*) as total FROM `user` where 1");
  451. if(count($total)) {
  452. $a->set_pager_total($total[0]['total']);
  453. $a->set_pager_itemspage(100);
  454. }
  455. $users = q("SELECT `user` . * , `contact`.`name` , `contact`.`url` , `contact`.`micro`, `lastitem`.`lastitem_date`
  456. FROM
  457. (SELECT MAX(`item`.`changed`) as `lastitem_date`, `item`.`uid`
  458. FROM `item`
  459. WHERE `item`.`type` = 'wall'
  460. GROUP BY `item`.`uid`) AS `lastitem`
  461. RIGHT OUTER JOIN `user` ON `user`.`uid` = `lastitem`.`uid`,
  462. `contact`
  463. WHERE
  464. `user`.`uid` = `contact`.`uid`
  465. AND `user`.`verified` =1
  466. AND `contact`.`self` =1
  467. ORDER BY `contact`.`name` LIMIT %d, %d
  468. ",
  469. intval($a->pager['start']),
  470. intval($a->pager['itemspage'])
  471. );
  472. function _setup_users($e){
  473. $accounts = Array(
  474. t('Normal Account'),
  475. t('Soapbox Account'),
  476. t('Community/Celebrity Account'),
  477. t('Automatic Friend Account')
  478. );
  479. $e['page-flags'] = $accounts[$e['page-flags']];
  480. $e['register_date'] = relative_date($e['register_date']);
  481. $e['login_date'] = relative_date($e['login_date']);
  482. $e['lastitem_date'] = relative_date($e['lastitem_date']);
  483. return $e;
  484. }
  485. $users = array_map("_setup_users", $users);
  486. $t = get_markup_template("admin_users.tpl");
  487. $o = replace_macros($t, array(
  488. // strings //
  489. '$title' => t('Administration'),
  490. '$page' => t('Users'),
  491. '$submit' => t('Submit'),
  492. '$select_all' => t('select all'),
  493. '$h_pending' => t('User registrations waiting for confirm'),
  494. '$th_pending' => array( t('Request date'), t('Name'), t('Email') ),
  495. '$no_pending' => t('No registrations.'),
  496. '$approve' => t('Approve'),
  497. '$deny' => t('Deny'),
  498. '$delete' => t('Delete'),
  499. '$block' => t('Block'),
  500. '$unblock' => t('Unblock'),
  501. '$h_users' => t('Users'),
  502. '$th_users' => array( t('Name'), t('Email'), t('Register date'), t('Last login'), t('Last item'), t('Account') ),
  503. '$confirm_delete_multi' => t('Selected users will be deleted!\n\nEverything these users had posted on this site will be permanently deleted!\n\nAre you sure?'),
  504. '$confirm_delete' => t('The user {0} will be deleted!\n\nEverything this user has posted on this site will be permanently deleted!\n\nAre you sure?'),
  505. '$form_security_token' => get_form_security_token("admin_users"),
  506. // values //
  507. '$baseurl' => $a->get_baseurl(true),
  508. '$pending' => $pending,
  509. '$users' => $users,
  510. ));
  511. $o .= paginate($a);
  512. return $o;
  513. }
  514. /**
  515. * Plugins admin page
  516. *
  517. * @param App $a
  518. * @return string
  519. */
  520. function admin_page_plugins(&$a){
  521. /**
  522. * Single plugin
  523. */
  524. if ($a->argc == 3){
  525. $plugin = $a->argv[2];
  526. if (!is_file("addon/$plugin/$plugin.php")){
  527. notice( t("Item not found.") );
  528. return '';
  529. }
  530. if (x($_GET,"a") && $_GET['a']=="t"){
  531. check_form_security_token_redirectOnErr('/admin/plugins', 'admin_themes', 't');
  532. // Toggle plugin status
  533. $idx = array_search($plugin, $a->plugins);
  534. if ($idx !== false){
  535. unset($a->plugins[$idx]);
  536. uninstall_plugin($plugin);
  537. info( sprintf( t("Plugin %s disabled."), $plugin ) );
  538. } else {
  539. $a->plugins[] = $plugin;
  540. install_plugin($plugin);
  541. info( sprintf( t("Plugin %s enabled."), $plugin ) );
  542. }
  543. set_config("system","addon", implode(", ",$a->plugins));
  544. goaway($a->get_baseurl(true) . '/admin/plugins' );
  545. return ''; // NOTREACHED
  546. }
  547. // display plugin details
  548. require_once('library/markdown.php');
  549. if (in_array($plugin, $a->plugins)){
  550. $status="on"; $action= t("Disable");
  551. } else {
  552. $status="off"; $action= t("Enable");
  553. }
  554. $readme=Null;
  555. if (is_file("addon/$plugin/README.md")){
  556. $readme = file_get_contents("addon/$plugin/README.md");
  557. $readme = Markdown($readme);
  558. } else if (is_file("addon/$plugin/README")){
  559. $readme = "<pre>". file_get_contents("addon/$plugin/README") ."</pre>";
  560. }
  561. $admin_form="";
  562. if (is_array($a->plugins_admin) && in_array($plugin, $a->plugins_admin)){
  563. @require_once("addon/$plugin/$plugin.php");
  564. $func = $plugin.'_plugin_admin';
  565. $func($a, $admin_form);
  566. }
  567. $t = get_markup_template("admin_plugins_details.tpl");
  568. return replace_macros($t, array(
  569. '$title' => t('Administration'),
  570. '$page' => t('Plugins'),
  571. '$toggle' => t('Toggle'),
  572. '$settings' => t('Settings'),
  573. '$baseurl' => $a->get_baseurl(true),
  574. '$plugin' => $plugin,
  575. '$status' => $status,
  576. '$action' => $action,
  577. '$info' => get_plugin_info($plugin),
  578. '$str_author' => t('Author: '),
  579. '$str_maintainer' => t('Maintainer: '),
  580. '$admin_form' => $admin_form,
  581. '$function' => 'plugins',
  582. '$screenshot' => '',
  583. '$readme' => $readme,
  584. '$form_security_token' => get_form_security_token("admin_themes"),
  585. ));
  586. }
  587. /**
  588. * List plugins
  589. */
  590. $plugins = array();
  591. $files = glob("addon/*/");
  592. if($files) {
  593. foreach($files as $file) {
  594. if (is_dir($file)){
  595. list($tmp, $id)=array_map("trim", explode("/",$file));
  596. $info = get_plugin_info($id);
  597. $plugins[] = array( $id, (in_array($id, $a->plugins)?"on":"off") , $info);
  598. }
  599. }
  600. }
  601. $t = get_markup_template("admin_plugins.tpl");
  602. return replace_macros($t, array(
  603. '$title' => t('Administration'),
  604. '$page' => t('Plugins'),
  605. '$submit' => t('Submit'),
  606. '$baseurl' => $a->get_baseurl(true),
  607. '$function' => 'plugins',
  608. '$plugins' => $plugins,
  609. '$form_security_token' => get_form_security_token("admin_themes"),
  610. ));
  611. }
  612. /**
  613. * @param array $themes
  614. * @param string $th
  615. * @param int $result
  616. */
  617. function toggle_theme(&$themes,$th,&$result) {
  618. for($x = 0; $x < count($themes); $x ++) {
  619. if($themes[$x]['name'] === $th) {
  620. if($themes[$x]['allowed']) {
  621. $themes[$x]['allowed'] = 0;
  622. $result = 0;
  623. }
  624. else {
  625. $themes[$x]['allowed'] = 1;
  626. $result = 1;
  627. }
  628. }
  629. }
  630. }
  631. /**
  632. * @param array $themes
  633. * @param string $th
  634. * @return int
  635. */
  636. function theme_status($themes,$th) {
  637. for($x = 0; $x < count($themes); $x ++) {
  638. if($themes[$x]['name'] === $th) {
  639. if($themes[$x]['allowed']) {
  640. return 1;
  641. }
  642. else {
  643. return 0;
  644. }
  645. }
  646. }
  647. return 0;
  648. }
  649. /**
  650. * @param array $themes
  651. * @return string
  652. */
  653. function rebuild_theme_table($themes) {
  654. $o = '';
  655. if(count($themes)) {
  656. foreach($themes as $th) {
  657. if($th['allowed']) {
  658. if(strlen($o))
  659. $o .= ',';
  660. $o .= $th['name'];
  661. }
  662. }
  663. }
  664. return $o;
  665. }
  666. /**
  667. * Themes admin page
  668. *
  669. * @param App $a
  670. * @return string
  671. */
  672. function admin_page_themes(&$a){
  673. $allowed_themes_str = get_config('system','allowed_themes');
  674. $allowed_themes_raw = explode(',',$allowed_themes_str);
  675. $allowed_themes = array();
  676. if(count($allowed_themes_raw))
  677. foreach($allowed_themes_raw as $x)
  678. if(strlen(trim($x)))
  679. $allowed_themes[] = trim($x);
  680. $themes = array();
  681. $files = glob('view/theme/*');
  682. if($files) {
  683. foreach($files as $file) {
  684. $f = basename($file);
  685. $is_experimental = intval(file_exists($file . '/experimental'));
  686. $is_supported = 1-(intval(file_exists($file . '/unsupported'))); // Is not used yet
  687. $is_allowed = intval(in_array($f,$allowed_themes));
  688. $themes[] = array('name' => $f, 'experimental' => $is_experimental, 'supported' => $is_supported, 'allowed' => $is_allowed);
  689. }
  690. }
  691. if(! count($themes)) {
  692. notice( t('No themes found.'));
  693. return '';
  694. }
  695. /**
  696. * Single theme
  697. */
  698. if ($a->argc == 3){
  699. $theme = $a->argv[2];
  700. if(! is_dir("view/theme/$theme")){
  701. notice( t("Item not found.") );
  702. return '';
  703. }
  704. if (x($_GET,"a") && $_GET['a']=="t"){
  705. check_form_security_token_redirectOnErr('/admin/themes', 'admin_themes', 't');
  706. // Toggle theme status
  707. toggle_theme($themes,$theme,$result);
  708. $s = rebuild_theme_table($themes);
  709. if($result)
  710. info( sprintf('Theme %s enabled.',$theme));
  711. else
  712. info( sprintf('Theme %s disabled.',$theme));
  713. set_config('system','allowed_themes',$s);
  714. goaway($a->get_baseurl(true) . '/admin/themes' );
  715. return ''; // NOTREACHED
  716. }
  717. // display theme details
  718. require_once('library/markdown.php');
  719. if (theme_status($themes,$theme)) {
  720. $status="on"; $action= t("Disable");
  721. } else {
  722. $status="off"; $action= t("Enable");
  723. }
  724. $readme=Null;
  725. if (is_file("view/theme/$theme/README.md")){
  726. $readme = file_get_contents("view/theme/$theme/README.md");
  727. $readme = Markdown($readme);
  728. } else if (is_file("view/theme/$theme/README")){
  729. $readme = "<pre>". file_get_contents("view/theme/$theme/README") ."</pre>";
  730. }
  731. $admin_form="";
  732. if (is_file("view/theme/$theme/config.php")){
  733. require_once("view/theme/$theme/config.php");
  734. if(function_exists("theme_admin")){
  735. $admin_form = theme_admin($a);
  736. }
  737. }
  738. $screenshot = array( get_theme_screenshot($theme), t('Screenshot'));
  739. if(! stristr($screenshot[0],$theme))
  740. $screenshot = null;
  741. $t = get_markup_template("admin_plugins_details.tpl");
  742. return replace_macros($t, array(
  743. '$title' => t('Administration'),
  744. '$page' => t('Themes'),
  745. '$toggle' => t('Toggle'),
  746. '$settings' => t('Settings'),
  747. '$baseurl' => $a->get_baseurl(true),
  748. '$plugin' => $theme,
  749. '$status' => $status,
  750. '$action' => $action,
  751. '$info' => get_theme_info($theme),
  752. '$function' => 'themes',
  753. '$admin_form' => $admin_form,
  754. '$str_author' => t('Author: '),
  755. '$str_maintainer' => t('Maintainer: '),
  756. '$screenshot' => $screenshot,
  757. '$readme' => $readme,
  758. '$form_security_token' => get_form_security_token("admin_themes"),
  759. ));
  760. }
  761. /**
  762. * List themes
  763. */
  764. $xthemes = array();
  765. if($themes) {
  766. foreach($themes as $th) {
  767. $xthemes[] = array($th['name'],(($th['allowed']) ? "on" : "off"), get_theme_info($th['name']));
  768. }
  769. }
  770. $t = get_markup_template("admin_plugins.tpl");
  771. return replace_macros($t, array(
  772. '$title' => t('Administration'),
  773. '$page' => t('Themes'),
  774. '$submit' => t('Submit'),
  775. '$baseurl' => $a->get_baseurl(true),
  776. '$function' => 'themes',
  777. '$plugins' => $xthemes,
  778. '$experimental' => t('[Experimental]'),
  779. '$unsupported' => t('[Unsupported]'),
  780. '$form_security_token' => get_form_security_token("admin_themes"),
  781. ));
  782. }
  783. /**
  784. * Logs admin page
  785. *
  786. * @param App $a
  787. */
  788. function admin_page_logs_post(&$a) {
  789. if (x($_POST,"page_logs")) {
  790. check_form_security_token_redirectOnErr('/admin/logs', 'admin_logs');
  791. $logfile = ((x($_POST,'logfile')) ? notags(trim($_POST['logfile'])) : '');
  792. $debugging = ((x($_POST,'debugging')) ? true : false);
  793. $loglevel = ((x($_POST,'loglevel')) ? intval(trim($_POST['loglevel'])) : 0);
  794. set_config('system','logfile', $logfile);
  795. set_config('system','debugging', $debugging);
  796. set_config('system','loglevel', $loglevel);
  797. }
  798. info( t("Log settings updated.") );
  799. goaway($a->get_baseurl(true) . '/admin/logs' );
  800. return; // NOTREACHED
  801. }
  802. /**
  803. * @param App $a
  804. * @return string
  805. */
  806. function admin_page_logs(&$a){
  807. $log_choices = Array(
  808. LOGGER_NORMAL => 'Normal',
  809. LOGGER_TRACE => 'Trace',
  810. LOGGER_DEBUG => 'Debug',
  811. LOGGER_DATA => 'Data',
  812. LOGGER_ALL => 'All'
  813. );
  814. $t = get_markup_template("admin_logs.tpl");
  815. $f = get_config('system','logfile');
  816. $data = '';
  817. if(!file_exists($f)) {
  818. $data = t("Error trying to open <strong>$f</strong> log file.\r\n<br/>Check to see if file $f exist and is
  819. readable.");
  820. }
  821. else {
  822. $fp = fopen($f, 'r');
  823. if(!$fp) {
  824. $data = t("Couldn't open <strong>$f</strong> log file.\r\n<br/>Check to see if file $f is readable.");
  825. }
  826. else {
  827. $fstat = fstat($fp);
  828. $size = $fstat['size'];
  829. if($size != 0)
  830. {
  831. if($size > 5000000 || $size < 0)
  832. $size = 5000000;
  833. $seek = fseek($fp,0-$size,SEEK_END);
  834. if($seek === 0) {
  835. fgets($fp); // throw away the first partial line
  836. $data = escape_tags(fread($fp,$size));
  837. while(! feof($fp))
  838. $data .= escape_tags(fread($fp,4096));
  839. }
  840. }
  841. fclose($fp);
  842. }
  843. }
  844. return replace_macros($t, array(
  845. '$title' => t('Administration'),
  846. '$page' => t('Logs'),
  847. '$submit' => t('Submit'),
  848. '$clear' => t('Clear'),
  849. '$data' => $data,
  850. '$baseurl' => $a->get_baseurl(true),
  851. '$logname' => get_config('system','logfile'),
  852. // name, label, value, help string, extra data...
  853. '$debugging' => array('debugging', t("Debugging"),get_config('system','debugging'), ""),
  854. '$logfile' => array('logfile', t("Log file"), get_config('system','logfile'), t("Must be writable by web server. Relative to your Friendica top-level directory.")),
  855. '$loglevel' => array('loglevel', t("Log level"), get_config('system','loglevel'), "", $log_choices),
  856. '$form_security_token' => get_form_security_token("admin_logs"),
  857. ));
  858. }
  859. /**
  860. * @param App $a
  861. */
  862. function admin_page_remoteupdate_post(&$a) {
  863. // this function should be called via ajax post
  864. if(!is_site_admin()) {
  865. return;
  866. }
  867. if (x($_POST,'remotefile') && $_POST['remotefile']!=""){
  868. $remotefile = $_POST['remotefile'];
  869. $ftpdata = (x($_POST['ftphost'])?$_POST:false);
  870. doUpdate($remotefile, $ftpdata);
  871. } else {
  872. echo "No remote file to download. Abort!";
  873. }
  874. killme();
  875. }
  876. /**
  877. * @param App $a
  878. * @return string
  879. */
  880. function admin_page_remoteupdate(&$a) {
  881. if(!is_site_admin()) {
  882. return login(false);
  883. }
  884. $canwrite = canWeWrite();
  885. $canftp = function_exists('ftp_connect');
  886. $needupdate = true;
  887. $u = checkUpdate();
  888. if (!is_array($u)){
  889. $needupdate = false;
  890. $u = array('','','');
  891. }
  892. $tpl = get_markup_template("admin_remoteupdate.tpl");
  893. return replace_macros($tpl, array(
  894. '$baseurl' => $a->get_baseurl(true),
  895. '$submit' => t("Update now"),
  896. '$close' => t("Close"),
  897. '$localversion' => FRIENDICA_VERSION,
  898. '$remoteversion' => $u[1],
  899. '$needupdate' => $needupdate,
  900. '$canwrite' => $canwrite,
  901. '$canftp' => $canftp,
  902. '$ftphost' => array('ftphost', t("FTP Host"), '',''),
  903. '$ftppath' => array('ftppath', t("FTP Path"), '/',''),
  904. '$ftpuser' => array('ftpuser', t("FTP User"), '',''),
  905. '$ftppwd' => array('ftppwd', t("FTP Password"), '',''),
  906. '$remotefile'=>array('remotefile','', $u['2'],'')
  907. ));
  908. }