Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

1148 lines
36 KiB

  1. <?php
  2. /**
  3. * Friendica admin
  4. */
  5. require_once("include/remoteupdate.php");
  6. /**
  7. * @param App $a
  8. */
  9. function admin_post(&$a){
  10. if(!is_site_admin()) {
  11. return;
  12. }
  13. // do not allow a page manager to access the admin panel at all.
  14. if(x($_SESSION,'submanage') && intval($_SESSION['submanage']))
  15. return;
  16. // urls
  17. if ($a->argc > 1){
  18. switch ($a->argv[1]){
  19. case 'site':
  20. admin_page_site_post($a);
  21. break;
  22. case 'users':
  23. admin_page_users_post($a);
  24. break;
  25. case 'plugins':
  26. if ($a->argc > 2 &&
  27. is_file("addon/".$a->argv[2]."/".$a->argv[2].".php")){
  28. @include_once("addon/".$a->argv[2]."/".$a->argv[2].".php");
  29. if(function_exists($a->argv[2].'_plugin_admin_post')) {
  30. $func = $a->argv[2].'_plugin_admin_post';
  31. $func($a);
  32. }
  33. }
  34. goaway($a->get_baseurl(true) . '/admin/plugins/' . $a->argv[2] );
  35. return; // NOTREACHED
  36. break;
  37. case 'themes':
  38. $theme = $a->argv[2];
  39. if (is_file("view/theme/$theme/config.php")){
  40. require_once("view/theme/$theme/config.php");
  41. if (function_exists("theme_admin_post")){
  42. theme_admin_post($a);
  43. }
  44. }
  45. info(t('Theme settings updated.'));
  46. if(is_ajax()) return;
  47. goaway($a->get_baseurl(true) . '/admin/themes/' . $theme );
  48. return;
  49. break;
  50. case 'logs':
  51. admin_page_logs_post($a);
  52. break;
  53. case 'dbsync':
  54. admin_page_dbsync_post($a);
  55. break;
  56. case 'update':
  57. admin_page_remoteupdate_post($a);
  58. break;
  59. }
  60. }
  61. goaway($a->get_baseurl(true) . '/admin' );
  62. return; // NOTREACHED
  63. }
  64. /**
  65. * @param App $a
  66. * @return string
  67. */
  68. function admin_content(&$a) {
  69. if(!is_site_admin()) {
  70. return login(false);
  71. }
  72. if(x($_SESSION,'submanage') && intval($_SESSION['submanage']))
  73. return "";
  74. /**
  75. * Side bar links
  76. */
  77. // array( url, name, extra css classes )
  78. $aside = Array(
  79. 'site' => Array($a->get_baseurl(true)."/admin/site/", t("Site") , "site"),
  80. 'users' => Array($a->get_baseurl(true)."/admin/users/", t("Users") , "users"),
  81. 'plugins'=> Array($a->get_baseurl(true)."/admin/plugins/", t("Plugins") , "plugins"),
  82. 'themes' => Array($a->get_baseurl(true)."/admin/themes/", t("Themes") , "themes"),
  83. 'dbsync' => Array($a->get_baseurl(true)."/admin/dbsync/", t('DB updates'), "dbsync"),
  84. 'update' => Array($a->get_baseurl(true)."/admin/update/", t("Software Update") , "update")
  85. );
  86. /* get plugins admin page */
  87. $r = q("SELECT * FROM `addon` WHERE `plugin_admin`=1");
  88. $aside['plugins_admin']=Array();
  89. foreach ($r as $h){
  90. $plugin =$h['name'];
  91. $aside['plugins_admin'][] = Array($a->get_baseurl(true)."/admin/plugins/".$plugin, $plugin, "plugin");
  92. // temp plugins with admin
  93. $a->plugins_admin[] = $plugin;
  94. }
  95. $aside['logs'] = Array($a->get_baseurl(true)."/admin/logs/", t("Logs"), "logs");
  96. $t = get_markup_template("admin_aside.tpl");
  97. $a->page['aside'] .= replace_macros( $t, array(
  98. '$admin' => $aside,
  99. '$h_pending' => t('User registrations waiting for confirmation'),
  100. '$admurl'=> $a->get_baseurl(true)."/admin/"
  101. ));
  102. /**
  103. * Page content
  104. */
  105. $o = '';
  106. // urls
  107. if ($a->argc > 1){
  108. switch ($a->argv[1]){
  109. case 'site':
  110. $o = admin_page_site($a);
  111. break;
  112. case 'users':
  113. $o = admin_page_users($a);
  114. break;
  115. case 'plugins':
  116. $o = admin_page_plugins($a);
  117. break;
  118. case 'themes':
  119. $o = admin_page_themes($a);
  120. break;
  121. case 'logs':
  122. $o = admin_page_logs($a);
  123. break;
  124. case 'dbsync':
  125. $o = admin_page_dbsync($a);
  126. break;
  127. case 'update':
  128. $o = admin_page_remoteupdate($a);
  129. break;
  130. default:
  131. notice( t("Item not found.") );
  132. }
  133. } else {
  134. $o = admin_page_summary($a);
  135. }
  136. if(is_ajax()) {
  137. echo $o;
  138. killme();
  139. return '';
  140. } else {
  141. return $o;
  142. }
  143. }
  144. /**
  145. * Admin Summary Page
  146. * @param App $a
  147. * @return string
  148. */
  149. function admin_page_summary(&$a) {
  150. $r = q("SELECT `page-flags`, COUNT(uid) as `count` FROM `user` GROUP BY `page-flags`");
  151. $accounts = Array(
  152. Array( t('Normal Account'), 0),
  153. Array( t('Soapbox Account'), 0),
  154. Array( t('Community/Celebrity Account'), 0),
  155. Array( t('Automatic Friend Account'), 0)
  156. );
  157. $users=0;
  158. foreach ($r as $u){ $accounts[$u['page-flags']][1] = $u['count']; $users+= $u['count']; }
  159. logger('accounts: ' . print_r($accounts,true));
  160. $r = q("SELECT COUNT(id) as `count` FROM `register`");
  161. $pending = $r[0]['count'];
  162. $r = q("select count(*) as total from deliverq where 1");
  163. $deliverq = (($r) ? $r[0]['total'] : 0);
  164. $r = q("select count(*) as total from queue where 1");
  165. $queue = (($r) ? $r[0]['total'] : 0);
  166. // We can do better, but this is a quick queue status
  167. $queues = array( 'label' => t('Message queues'), 'deliverq' => $deliverq, 'queue' => $queue );
  168. $t = get_markup_template("admin_summary.tpl");
  169. return replace_macros($t, array(
  170. '$title' => t('Administration'),
  171. '$page' => t('Summary'),
  172. '$queues' => $queues,
  173. '$users' => Array( t('Registered users'), $users),
  174. '$accounts' => $accounts,
  175. '$pending' => Array( t('Pending registrations'), $pending),
  176. '$version' => Array( t('Version'), FRIENDICA_VERSION),
  177. '$build' => get_config('system','build'),
  178. '$plugins' => Array( t('Active plugins'), $a->plugins )
  179. ));
  180. }
  181. /**
  182. * Admin Site Page
  183. * @param App $a
  184. */
  185. function admin_page_site_post(&$a){
  186. if (!x($_POST,"page_site")){
  187. return;
  188. }
  189. check_form_security_token_redirectOnErr('/admin/site', 'admin_site');
  190. $sitename = ((x($_POST,'sitename')) ? notags(trim($_POST['sitename'])) : '');
  191. $banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false);
  192. $language = ((x($_POST,'language')) ? notags(trim($_POST['language'])) : '');
  193. $theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : '');
  194. $maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0);
  195. $register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0);
  196. $abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0);
  197. $register_text = ((x($_POST,'register_text')) ? notags(trim($_POST['register_text'])) : '');
  198. $allowed_sites = ((x($_POST,'allowed_sites')) ? notags(trim($_POST['allowed_sites'])) : '');
  199. $allowed_email = ((x($_POST,'allowed_email')) ? notags(trim($_POST['allowed_email'])) : '');
  200. $block_public = ((x($_POST,'block_public')) ? True : False);
  201. $force_publish = ((x($_POST,'publish_all')) ? True : False);
  202. $global_directory = ((x($_POST,'directory_submit_url')) ? notags(trim($_POST['directory_submit_url'])) : '');
  203. $no_multi_reg = ((x($_POST,'no_multi_reg')) ? True : False);
  204. $no_openid = !((x($_POST,'no_openid')) ? True : False);
  205. $no_regfullname = !((x($_POST,'no_regfullname')) ? True : False);
  206. $no_utf = !((x($_POST,'no_utf')) ? True : False);
  207. $no_community_page = !((x($_POST,'no_community_page')) ? True : False);
  208. $verifyssl = ((x($_POST,'verifyssl')) ? True : False);
  209. $proxyuser = ((x($_POST,'proxyuser')) ? notags(trim($_POST['proxyuser'])) : '');
  210. $proxy = ((x($_POST,'proxy')) ? notags(trim($_POST['proxy'])) : '');
  211. $timeout = ((x($_POST,'timeout')) ? intval(trim($_POST['timeout'])) : 60);
  212. $delivery_interval = ((x($_POST,'delivery_interval'))? intval(trim($_POST['delivery_interval'])) : 0);
  213. $poll_interval = ((x($_POST,'poll_interval'))? intval(trim($_POST['poll_interval'])) : 0);
  214. $maxloadavg = ((x($_POST,'maxloadavg')) ? intval(trim($_POST['maxloadavg'])) : 50);
  215. $dfrn_only = ((x($_POST,'dfrn_only')) ? True : False);
  216. $ostatus_disabled = !((x($_POST,'ostatus_disabled')) ? True : False);
  217. $diaspora_enabled = ((x($_POST,'diaspora_enabled')) ? True : False);
  218. $ssl_policy = ((x($_POST,'ssl_policy')) ? intval($_POST['ssl_policy']) : 0);
  219. if($ssl_policy != intval(get_config('system','ssl_policy'))) {
  220. if($ssl_policy == SSL_POLICY_FULL) {
  221. q("update `contact` set
  222. `url` = replace(`url` , 'http:' , 'https:'),
  223. `photo` = replace(`photo` , 'http:' , 'https:'),
  224. `thumb` = replace(`thumb` , 'http:' , 'https:'),
  225. `micro` = replace(`micro` , 'http:' , 'https:'),
  226. `request` = replace(`request`, 'http:' , 'https:'),
  227. `notify` = replace(`notify` , 'http:' , 'https:'),
  228. `poll` = replace(`poll` , 'http:' , 'https:'),
  229. `confirm` = replace(`confirm`, 'http:' , 'https:'),
  230. `poco` = replace(`poco` , 'http:' , 'https:')
  231. where `self` = 1"
  232. );
  233. q("update `profile` set
  234. `photo` = replace(`photo` , 'http:' , 'https:'),
  235. `thumb` = replace(`thumb` , 'http:' , 'https:')
  236. where 1 "
  237. );
  238. }
  239. elseif($ssl_policy == SSL_POLICY_SELFSIGN) {
  240. q("update `contact` set
  241. `url` = replace(`url` , 'https:' , 'http:'),
  242. `photo` = replace(`photo` , 'https:' , 'http:'),
  243. `thumb` = replace(`thumb` , 'https:' , 'http:'),
  244. `micro` = replace(`micro` , 'https:' , 'http:'),
  245. `request` = replace(`request`, 'https:' , 'http:'),
  246. `notify` = replace(`notify` , 'https:' , 'http:'),
  247. `poll` = replace(`poll` , 'https:' , 'http:'),
  248. `confirm` = replace(`confirm`, 'https:' , 'http:'),
  249. `poco` = replace(`poco` , 'https:' , 'http:')
  250. where `self` = 1"
  251. );
  252. q("update `profile` set
  253. `photo` = replace(`photo` , 'https:' , 'http:'),
  254. `thumb` = replace(`thumb` , 'https:' , 'http:')
  255. where 1 "
  256. );
  257. }
  258. }
  259. set_config('system','ssl_policy',$ssl_policy);
  260. set_config('system','delivery_interval',$delivery_interval);
  261. set_config('system','poll_interval',$poll_interval);
  262. set_config('system','maxloadavg',$maxloadavg);
  263. set_config('config','sitename',$sitename);
  264. if ($banner==""){
  265. // don't know why, but del_config doesn't work...
  266. q("DELETE FROM `config` WHERE `cat` = '%s' AND `k` = '%s' LIMIT 1",
  267. dbesc("system"),
  268. dbesc("banner")
  269. );
  270. } else {
  271. set_config('system','banner', $banner);
  272. }
  273. set_config('system','language', $language);
  274. set_config('system','theme', $theme);
  275. set_config('system','maximagesize', $maximagesize);
  276. set_config('config','register_policy', $register_policy);
  277. set_config('system','account_abandon_days', $abandon_days);
  278. set_config('config','register_text', $register_text);
  279. set_config('system','allowed_sites', $allowed_sites);
  280. set_config('system','allowed_email', $allowed_email);
  281. set_config('system','block_public', $block_public);
  282. set_config('system','publish_all', $force_publish);
  283. if ($global_directory==""){
  284. // don't know why, but del_config doesn't work...
  285. q("DELETE FROM `config` WHERE `cat` = '%s' AND `k` = '%s' LIMIT 1",
  286. dbesc("system"),
  287. dbesc("directory_submit_url")
  288. );
  289. } else {
  290. set_config('system','directory_submit_url', $global_directory);
  291. }
  292. set_config('system','block_extended_register', $no_multi_reg);
  293. set_config('system','no_openid', $no_openid);
  294. set_config('system','no_regfullname', $no_regfullname);
  295. set_config('system','no_community_page', $no_community_page);
  296. set_config('system','no_utf', $no_utf);
  297. set_config('system','verifyssl', $verifyssl);
  298. set_config('system','proxyuser', $proxyuser);
  299. set_config('system','proxy', $proxy);
  300. set_config('system','curl_timeout', $timeout);
  301. set_config('system','dfrn_only', $dfrn_only);
  302. set_config('system','ostatus_disabled', $ostatus_disabled);
  303. set_config('system','diaspora_enabled', $diaspora_enabled);
  304. info( t('Site settings updated.') . EOL);
  305. goaway($a->get_baseurl(true) . '/admin/site' );
  306. return; // NOTREACHED
  307. }
  308. /**
  309. * @param App $a
  310. * @return string
  311. */
  312. function admin_page_site(&$a) {
  313. /* Installed langs */
  314. $lang_choices = array();
  315. $langs = glob('view/*/strings.php');
  316. if(is_array($langs) && count($langs)) {
  317. if(! in_array('view/en/strings.php',$langs))
  318. $langs[] = 'view/en/';
  319. asort($langs);
  320. foreach($langs as $l) {
  321. $t = explode("/",$l);
  322. $lang_choices[$t[1]] = $t[1];
  323. }
  324. }
  325. /* Installed themes */
  326. $theme_choices = array();
  327. $files = glob('view/theme/*');
  328. if($files) {
  329. foreach($files as $file) {
  330. $f = basename($file);
  331. $theme_name = ((file_exists($file . '/experimental')) ? sprintf("%s - \x28Experimental\x29", $f) : $f);
  332. $theme_choices[$f] = $theme_name;
  333. }
  334. }
  335. /* Banner */
  336. $banner = get_config('system','banner');
  337. if($banner == false)
  338. $banner = '<a href="http://friendica.com"><img id="logo-img" src="images/friendica-32.png" alt="logo" /></a><span id="logo-text"><a href="http://friendica.com">Friendica</a></span>';
  339. $banner = htmlspecialchars($banner);
  340. //echo "<pre>"; var_dump($lang_choices); die("</pre>");
  341. /* Register policy */
  342. $register_choices = Array(
  343. REGISTER_CLOSED => t("Closed"),
  344. REGISTER_APPROVE => t("Requires approval"),
  345. REGISTER_OPEN => t("Open")
  346. );
  347. $ssl_choices = array(
  348. SSL_POLICY_NONE => t("No SSL policy, links will track page SSL state"),
  349. SSL_POLICY_FULL => t("Force all links to use SSL"),
  350. SSL_POLICY_SELFSIGN => t("Self-signed certificate, use SSL for local links only (discouraged)")
  351. );
  352. $t = get_markup_template("admin_site.tpl");
  353. return replace_macros($t, array(
  354. '$title' => t('Administration'),
  355. '$page' => t('Site'),
  356. '$submit' => t('Submit'),
  357. '$registration' => t('Registration'),
  358. '$upload' => t('File upload'),
  359. '$corporate' => t('Policies'),
  360. '$advanced' => t('Advanced'),
  361. '$baseurl' => $a->get_baseurl(true),
  362. // name, label, value, help string, extra data...
  363. '$sitename' => array('sitename', t("Site name"), htmlentities($a->config['sitename'], ENT_QUOTES), ""),
  364. '$banner' => array('banner', t("Banner/Logo"), $banner, ""),
  365. '$language' => array('language', t("System language"), get_config('system','language'), "", $lang_choices),
  366. '$theme' => array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices),
  367. '$ssl_policy' => array('ssl_policy', t("SSL link policy"), (string) intval(get_config('system','ssl_policy')), t("Determines whether generated links should be forced to use SSL"), $ssl_choices),
  368. '$maximagesize' => array('maximagesize', t("Maximum image size"), get_config('system','maximagesize'), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
  369. '$register_policy' => array('register_policy', t("Register policy"), $a->config['register_policy'], "", $register_choices),
  370. '$register_text' => array('register_text', t("Register text"), htmlentities($a->config['register_text'], ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")),
  371. '$abandon_days' => array('abandon_days', t('Accounts abandoned after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')),
  372. '$allowed_sites' => array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")),
  373. '$allowed_email' => array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")),
  374. '$block_public' => array('block_public', t("Block public"), get_config('system','block_public'), t("Check to block public access to all otherwise public personal pages on this site unless you are currently logged in.")),
  375. '$force_publish' => array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory.")),
  376. '$global_directory' => array('directory_submit_url', t("Global directory update URL"), get_config('system','directory_submit_url'), t("URL to update the global directory. If this is not set, the global directory is completely unavailable to the application.")),
  377. '$no_multi_reg' => array('no_multi_reg', t("Block multiple registrations"), get_config('system','block_extended_register'), t("Disallow users to register additional accounts for use as pages.")),
  378. '$no_openid' => array('no_openid', t("OpenID support"), !get_config('system','no_openid'), t("OpenID support for registration and logins.")),
  379. '$no_regfullname' => array('no_regfullname', t("Fullname check"), !get_config('system','no_regfullname'), t("Force users to register with a space between firstname and lastname in Full name, as an antispam measure")),
  380. '$no_utf' => array('no_utf', t("UTF-8 Regular expressions"), !get_config('system','no_utf'), t("Use PHP UTF8 regular expressions")),
  381. '$no_community_page' => array('no_community_page', t("Show Community Page"), !get_config('system','no_community_page'), t("Display a Community page showing all recent public postings on this site.")),
  382. '$ostatus_disabled' => array('ostatus_disabled', t("Enable OStatus support"), !get_config('system','ostatus_disable'), t("Provide built-in OStatus \x28identi.ca, status.net, etc.\x29 compatibility. All communications in OStatus are public, so privacy warnings will be occasionally displayed.")),
  383. '$diaspora_enabled' => array('diaspora_enabled', t("Enable Diaspora support"), get_config('system','diaspora_enabled'), t("Provide built-in Diaspora network compatibility.")),
  384. '$dfrn_only' => array('dfrn_only', t('Only allow Friendica contacts'), get_config('system','dfrn_only'), t("All contacts must use Friendica protocols. All other built-in communication protocols disabled.")),
  385. '$verifyssl' => array('verifyssl', t("Verify SSL"), get_config('system','verifyssl'), t("If you wish, you can turn on strict certificate checking. This will mean you cannot connect (at all) to self-signed SSL sites.")),
  386. '$proxyuser' => array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""),
  387. '$proxy' => array('proxy', t("Proxy URL"), get_config('system','proxy'), ""),
  388. '$timeout' => array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")),
  389. '$delivery_interval' => array('delivery_interval', t("Delivery interval"), (x(get_config('system','delivery_interval'))?get_config('system','delivery_interval'):2), t("Delay background delivery processes by this many seconds to reduce system load. Recommend: 4-5 for shared hosts, 2-3 for virtual private servers. 0-1 for large dedicated servers.")),
  390. '$poll_interval' => array('poll_interval', t("Poll interval"), (x(get_config('system','poll_interval'))?get_config('system','poll_interval'):2), t("Delay background polling processes by this many seconds to reduce system load. If 0, use delivery interval.")),
  391. '$maxloadavg' => array('maxloadavg', t("Maximum Load Average"), ((intval(get_config('system','maxloadavg')) > 0)?get_config('system','maxloadavg'):50), t("Maximum system load before delivery and poll processes are deferred - default 50.")),
  392. '$form_security_token' => get_form_security_token("admin_site"),
  393. ));
  394. }
  395. function admin_page_dbsync(&$a) {
  396. $o = '';
  397. if($a->argc > 3 && intval($a->argv[3]) && $a->argv[2] === 'mark') {
  398. set_config('database', 'update_' . intval($a->argv[3]), 'success');
  399. info( t('Update has been marked successful') . EOL);
  400. goaway($a->get_baseurl(true) . '/admin/dbsync');
  401. }
  402. if($a->argc > 2 && intval($a->argv[2])) {
  403. require_once('update.php');
  404. $func = 'update_' . intval($a->argv[2]);
  405. if(function_exists($func)) {
  406. $retval = $func();
  407. if($retval === UPDATE_FAILED) {
  408. $o .= sprintf( t('Executing %s failed. Check system logs.'), $func);
  409. }
  410. elseif($retval === UPDATE_SUCCESS) {
  411. $o .= sprintf( t('Update %s was successfully applied.', $func));
  412. set_config('database',$func, 'success');
  413. }
  414. else
  415. $o .= sprintf( t('Update %s did not return a status. Unknown if it succeeded.'), $func);
  416. }
  417. else
  418. $o .= sprintf( t('Update function %s could not be found.'), $func);
  419. return $o;
  420. }
  421. $failed = array();
  422. $r = q("select * from config where `cat` = 'database' ");
  423. if(count($r)) {
  424. foreach($r as $rr) {
  425. $upd = intval(substr($rr['k'],7));
  426. if($upd < 1139 || $rr['v'] === 'success')
  427. continue;
  428. $failed[] = $upd;
  429. }
  430. }
  431. if(! count($failed))
  432. return '<h3>' . t('No failed updates.') . '</h3>';
  433. $o = replace_macros(get_markup_template('failed_updates.tpl'),array(
  434. '$base' => $a->get_baseurl(true),
  435. '$banner' => t('Failed Updates'),
  436. '$desc' => t('This does not include updates prior to 1139, which did not return a status.'),
  437. '$mark' => t('Mark success (if update was manually applied)'),
  438. '$apply' => t('Attempt to execute this update step automatically'),
  439. '$failed' => $failed
  440. ));
  441. return $o;
  442. }
  443. /**
  444. * Users admin page
  445. *
  446. * @param App $a
  447. */
  448. function admin_page_users_post(&$a){
  449. $pending = ( x($_POST, 'pending') ? $_POST['pending'] : Array() );
  450. $users = ( x($_POST, 'user') ? $_POST['user'] : Array() );
  451. check_form_security_token_redirectOnErr('/admin/users', 'admin_users');
  452. if (x($_POST,'page_users_block')){
  453. foreach($users as $uid){
  454. q("UPDATE `user` SET `blocked`=1-`blocked` WHERE `uid`=%s",
  455. intval( $uid )
  456. );
  457. }
  458. notice( sprintf( tt("%s user blocked/unblocked", "%s users blocked/unblocked", count($users)), count($users)) );
  459. }
  460. if (x($_POST,'page_users_delete')){
  461. require_once("include/Contact.php");
  462. foreach($users as $uid){
  463. user_remove($uid);
  464. }
  465. notice( sprintf( tt("%s user deleted", "%s users deleted", count($users)), count($users)) );
  466. }
  467. if (x($_POST,'page_users_approve')){
  468. require_once("mod/regmod.php");
  469. foreach($pending as $hash){
  470. user_allow($hash);
  471. }
  472. }
  473. if (x($_POST,'page_users_deny')){
  474. require_once("mod/regmod.php");
  475. foreach($pending as $hash){
  476. user_deny($hash);
  477. }
  478. }
  479. goaway($a->get_baseurl(true) . '/admin/users' );
  480. return; // NOTREACHED
  481. }
  482. /**
  483. * @param App $a
  484. * @return string
  485. */
  486. function admin_page_users(&$a){
  487. if ($a->argc>2) {
  488. $uid = $a->argv[3];
  489. $user = q("SELECT * FROM `user` WHERE `uid`=%d", intval($uid));
  490. if (count($user)==0){
  491. notice( 'User not found' . EOL);
  492. goaway($a->get_baseurl(true) . '/admin/users' );
  493. return ''; // NOTREACHED
  494. }
  495. switch($a->argv[2]){
  496. case "delete":{
  497. check_form_security_token_redirectOnErr('/admin/users', 'admin_users', 't');
  498. // delete user
  499. require_once("include/Contact.php");
  500. user_remove($uid);
  501. notice( sprintf(t("User '%s' deleted"), $user[0]['username']) . EOL);
  502. }; break;
  503. case "block":{
  504. check_form_security_token_redirectOnErr('/admin/users', 'admin_users', 't');
  505. q("UPDATE `user` SET `blocked`=%d WHERE `uid`=%s",
  506. intval( 1-$user[0]['blocked'] ),
  507. intval( $uid )
  508. );
  509. notice( sprintf( ($user[0]['blocked']?t("User '%s' unblocked"):t("User '%s' blocked")) , $user[0]['username']) . EOL);
  510. }; break;
  511. }
  512. goaway($a->get_baseurl(true) . '/admin/users' );
  513. return ''; // NOTREACHED
  514. }
  515. /* get pending */
  516. $pending = q("SELECT `register`.*, `contact`.`name`, `user`.`email`
  517. FROM `register`
  518. LEFT JOIN `contact` ON `register`.`uid` = `contact`.`uid`
  519. LEFT JOIN `user` ON `register`.`uid` = `user`.`uid`;");
  520. /* get users */
  521. $total = q("SELECT count(*) as total FROM `user` where 1");
  522. if(count($total)) {
  523. $a->set_pager_total($total[0]['total']);
  524. $a->set_pager_itemspage(100);
  525. }
  526. $users = q("SELECT `user` . * , `contact`.`name` , `contact`.`url` , `contact`.`micro`, `lastitem`.`lastitem_date`
  527. FROM
  528. (SELECT MAX(`item`.`changed`) as `lastitem_date`, `item`.`uid`
  529. FROM `item`
  530. WHERE `item`.`type` = 'wall'
  531. GROUP BY `item`.`uid`) AS `lastitem`
  532. RIGHT OUTER JOIN `user` ON `user`.`uid` = `lastitem`.`uid`,
  533. `contact`
  534. WHERE
  535. `user`.`uid` = `contact`.`uid`
  536. AND `user`.`verified` =1
  537. AND `contact`.`self` =1
  538. ORDER BY `contact`.`name` LIMIT %d, %d
  539. ",
  540. intval($a->pager['start']),
  541. intval($a->pager['itemspage'])
  542. );
  543. function _setup_users($e){
  544. $accounts = Array(
  545. t('Normal Account'),
  546. t('Soapbox Account'),
  547. t('Community/Celebrity Account'),
  548. t('Automatic Friend Account')
  549. );
  550. $e['page-flags'] = $accounts[$e['page-flags']];
  551. $e['register_date'] = relative_date($e['register_date']);
  552. $e['login_date'] = relative_date($e['login_date']);
  553. $e['lastitem_date'] = relative_date($e['lastitem_date']);
  554. return $e;
  555. }
  556. $users = array_map("_setup_users", $users);
  557. $t = get_markup_template("admin_users.tpl");
  558. $o = replace_macros($t, array(
  559. // strings //
  560. '$title' => t('Administration'),
  561. '$page' => t('Users'),
  562. '$submit' => t('Submit'),
  563. '$select_all' => t('select all'),
  564. '$h_pending' => t('User registrations waiting for confirm'),
  565. '$th_pending' => array( t('Request date'), t('Name'), t('Email') ),
  566. '$no_pending' => t('No registrations.'),
  567. '$approve' => t('Approve'),
  568. '$deny' => t('Deny'),
  569. '$delete' => t('Delete'),
  570. '$block' => t('Block'),
  571. '$unblock' => t('Unblock'),
  572. '$h_users' => t('Users'),
  573. '$th_users' => array( t('Name'), t('Email'), t('Register date'), t('Last login'), t('Last item'), t('Account') ),
  574. '$confirm_delete_multi' => t('Selected users will be deleted!\n\nEverything these users had posted on this site will be permanently deleted!\n\nAre you sure?'),
  575. '$confirm_delete' => t('The user {0} will be deleted!\n\nEverything this user has posted on this site will be permanently deleted!\n\nAre you sure?'),
  576. '$form_security_token' => get_form_security_token("admin_users"),
  577. // values //
  578. '$baseurl' => $a->get_baseurl(true),
  579. '$pending' => $pending,
  580. '$users' => $users,
  581. ));
  582. $o .= paginate($a);
  583. return $o;
  584. }
  585. /**
  586. * Plugins admin page
  587. *
  588. * @param App $a
  589. * @return string
  590. */
  591. function admin_page_plugins(&$a){
  592. /**
  593. * Single plugin
  594. */
  595. if ($a->argc == 3){
  596. $plugin = $a->argv[2];
  597. if (!is_file("addon/$plugin/$plugin.php")){
  598. notice( t("Item not found.") );
  599. return '';
  600. }
  601. if (x($_GET,"a") && $_GET['a']=="t"){
  602. check_form_security_token_redirectOnErr('/admin/plugins', 'admin_themes', 't');
  603. // Toggle plugin status
  604. $idx = array_search($plugin, $a->plugins);
  605. if ($idx !== false){
  606. unset($a->plugins[$idx]);
  607. uninstall_plugin($plugin);
  608. info( sprintf( t("Plugin %s disabled."), $plugin ) );
  609. } else {
  610. $a->plugins[] = $plugin;
  611. install_plugin($plugin);
  612. info( sprintf( t("Plugin %s enabled."), $plugin ) );
  613. }
  614. set_config("system","addon", implode(", ",$a->plugins));
  615. goaway($a->get_baseurl(true) . '/admin/plugins' );
  616. return ''; // NOTREACHED
  617. }
  618. // display plugin details
  619. require_once('library/markdown.php');
  620. if (in_array($plugin, $a->plugins)){
  621. $status="on"; $action= t("Disable");
  622. } else {
  623. $status="off"; $action= t("Enable");
  624. }
  625. $readme=Null;
  626. if (is_file("addon/$plugin/README.md")){
  627. $readme = file_get_contents("addon/$plugin/README.md");
  628. $readme = Markdown($readme);
  629. } else if (is_file("addon/$plugin/README")){
  630. $readme = "<pre>". file_get_contents("addon/$plugin/README") ."</pre>";
  631. }
  632. $admin_form="";
  633. if (is_array($a->plugins_admin) && in_array($plugin, $a->plugins_admin)){
  634. @require_once("addon/$plugin/$plugin.php");
  635. $func = $plugin.'_plugin_admin';
  636. $func($a, $admin_form);
  637. }
  638. $t = get_markup_template("admin_plugins_details.tpl");
  639. return replace_macros($t, array(
  640. '$title' => t('Administration'),
  641. '$page' => t('Plugins'),
  642. '$toggle' => t('Toggle'),
  643. '$settings' => t('Settings'),
  644. '$baseurl' => $a->get_baseurl(true),
  645. '$plugin' => $plugin,
  646. '$status' => $status,
  647. '$action' => $action,
  648. '$info' => get_plugin_info($plugin),
  649. '$str_author' => t('Author: '),
  650. '$str_maintainer' => t('Maintainer: '),
  651. '$admin_form' => $admin_form,
  652. '$function' => 'plugins',
  653. '$screenshot' => '',
  654. '$readme' => $readme,
  655. '$form_security_token' => get_form_security_token("admin_themes"),
  656. ));
  657. }
  658. /**
  659. * List plugins
  660. */
  661. $plugins = array();
  662. $files = glob("addon/*/");
  663. if($files) {
  664. foreach($files as $file) {
  665. if (is_dir($file)){
  666. list($tmp, $id)=array_map("trim", explode("/",$file));
  667. $info = get_plugin_info($id);
  668. $plugins[] = array( $id, (in_array($id, $a->plugins)?"on":"off") , $info);
  669. }
  670. }
  671. }
  672. $t = get_markup_template("admin_plugins.tpl");
  673. return replace_macros($t, array(
  674. '$title' => t('Administration'),
  675. '$page' => t('Plugins'),
  676. '$submit' => t('Submit'),
  677. '$baseurl' => $a->get_baseurl(true),
  678. '$function' => 'plugins',
  679. '$plugins' => $plugins,
  680. '$form_security_token' => get_form_security_token("admin_themes"),
  681. ));
  682. }
  683. /**
  684. * @param array $themes
  685. * @param string $th
  686. * @param int $result
  687. */
  688. function toggle_theme(&$themes,$th,&$result) {
  689. for($x = 0; $x < count($themes); $x ++) {
  690. if($themes[$x]['name'] === $th) {
  691. if($themes[$x]['allowed']) {
  692. $themes[$x]['allowed'] = 0;
  693. $result = 0;
  694. }
  695. else {
  696. $themes[$x]['allowed'] = 1;
  697. $result = 1;
  698. }
  699. }
  700. }
  701. }
  702. /**
  703. * @param array $themes
  704. * @param string $th
  705. * @return int
  706. */
  707. function theme_status($themes,$th) {
  708. for($x = 0; $x < count($themes); $x ++) {
  709. if($themes[$x]['name'] === $th) {
  710. if($themes[$x]['allowed']) {
  711. return 1;
  712. }
  713. else {
  714. return 0;
  715. }
  716. }
  717. }
  718. return 0;
  719. }
  720. /**
  721. * @param array $themes
  722. * @return string
  723. */
  724. function rebuild_theme_table($themes) {
  725. $o = '';
  726. if(count($themes)) {
  727. foreach($themes as $th) {
  728. if($th['allowed']) {
  729. if(strlen($o))
  730. $o .= ',';
  731. $o .= $th['name'];
  732. }
  733. }
  734. }
  735. return $o;
  736. }
  737. /**
  738. * Themes admin page
  739. *
  740. * @param App $a
  741. * @return string
  742. */
  743. function admin_page_themes(&$a){
  744. $allowed_themes_str = get_config('system','allowed_themes');
  745. $allowed_themes_raw = explode(',',$allowed_themes_str);
  746. $allowed_themes = array();
  747. if(count($allowed_themes_raw))
  748. foreach($allowed_themes_raw as $x)
  749. if(strlen(trim($x)))
  750. $allowed_themes[] = trim($x);
  751. $themes = array();
  752. $files = glob('view/theme/*');
  753. if($files) {
  754. foreach($files as $file) {
  755. $f = basename($file);
  756. $is_experimental = intval(file_exists($file . '/experimental'));
  757. $is_supported = 1-(intval(file_exists($file . '/unsupported'))); // Is not used yet
  758. $is_allowed = intval(in_array($f,$allowed_themes));
  759. $themes[] = array('name' => $f, 'experimental' => $is_experimental, 'supported' => $is_supported, 'allowed' => $is_allowed);
  760. }
  761. }
  762. if(! count($themes)) {
  763. notice( t('No themes found.'));
  764. return '';
  765. }
  766. /**
  767. * Single theme
  768. */
  769. if ($a->argc == 3){
  770. $theme = $a->argv[2];
  771. if(! is_dir("view/theme/$theme")){
  772. notice( t("Item not found.") );
  773. return '';
  774. }
  775. if (x($_GET,"a") && $_GET['a']=="t"){
  776. check_form_security_token_redirectOnErr('/admin/themes', 'admin_themes', 't');
  777. // Toggle theme status
  778. toggle_theme($themes,$theme,$result);
  779. $s = rebuild_theme_table($themes);
  780. if($result)
  781. info( sprintf('Theme %s enabled.',$theme));
  782. else
  783. info( sprintf('Theme %s disabled.',$theme));
  784. set_config('system','allowed_themes',$s);
  785. goaway($a->get_baseurl(true) . '/admin/themes' );
  786. return ''; // NOTREACHED
  787. }
  788. // display theme details
  789. require_once('library/markdown.php');
  790. if (theme_status($themes,$theme)) {
  791. $status="on"; $action= t("Disable");
  792. } else {
  793. $status="off"; $action= t("Enable");
  794. }
  795. $readme=Null;
  796. if (is_file("view/theme/$theme/README.md")){
  797. $readme = file_get_contents("view/theme/$theme/README.md");
  798. $readme = Markdown($readme);
  799. } else if (is_file("view/theme/$theme/README")){
  800. $readme = "<pre>". file_get_contents("view/theme/$theme/README") ."</pre>";
  801. }
  802. $admin_form="";
  803. if (is_file("view/theme/$theme/config.php")){
  804. require_once("view/theme/$theme/config.php");
  805. if(function_exists("theme_admin")){
  806. $admin_form = theme_admin($a);
  807. }
  808. }
  809. $screenshot = array( get_theme_screenshot($theme), t('Screenshot'));
  810. if(! stristr($screenshot[0],$theme))
  811. $screenshot = null;
  812. $t = get_markup_template("admin_plugins_details.tpl");
  813. return replace_macros($t, array(
  814. '$title' => t('Administration'),
  815. '$page' => t('Themes'),
  816. '$toggle' => t('Toggle'),
  817. '$settings' => t('Settings'),
  818. '$baseurl' => $a->get_baseurl(true),
  819. '$plugin' => $theme,
  820. '$status' => $status,
  821. '$action' => $action,
  822. '$info' => get_theme_info($theme),
  823. '$function' => 'themes',
  824. '$admin_form' => $admin_form,
  825. '$str_author' => t('Author: '),
  826. '$str_maintainer' => t('Maintainer: '),
  827. '$screenshot' => $screenshot,
  828. '$readme' => $readme,
  829. '$form_security_token' => get_form_security_token("admin_themes"),
  830. ));
  831. }
  832. /**
  833. * List themes
  834. */
  835. $xthemes = array();
  836. if($themes) {
  837. foreach($themes as $th) {
  838. $xthemes[] = array($th['name'],(($th['allowed']) ? "on" : "off"), get_theme_info($th['name']));
  839. }
  840. }
  841. $t = get_markup_template("admin_plugins.tpl");
  842. return replace_macros($t, array(
  843. '$title' => t('Administration'),
  844. '$page' => t('Themes'),
  845. '$submit' => t('Submit'),
  846. '$baseurl' => $a->get_baseurl(true),
  847. '$function' => 'themes',
  848. '$plugins' => $xthemes,
  849. '$experimental' => t('[Experimental]'),
  850. '$unsupported' => t('[Unsupported]'),
  851. '$form_security_token' => get_form_security_token("admin_themes"),
  852. ));
  853. }
  854. /**
  855. * Logs admin page
  856. *
  857. * @param App $a
  858. */
  859. function admin_page_logs_post(&$a) {
  860. if (x($_POST,"page_logs")) {
  861. check_form_security_token_redirectOnErr('/admin/logs', 'admin_logs');
  862. $logfile = ((x($_POST,'logfile')) ? notags(trim($_POST['logfile'])) : '');
  863. $debugging = ((x($_POST,'debugging')) ? true : false);
  864. $loglevel = ((x($_POST,'loglevel')) ? intval(trim($_POST['loglevel'])) : 0);
  865. set_config('system','logfile', $logfile);
  866. set_config('system','debugging', $debugging);
  867. set_config('system','loglevel', $loglevel);
  868. }
  869. info( t("Log settings updated.") );
  870. goaway($a->get_baseurl(true) . '/admin/logs' );
  871. return; // NOTREACHED
  872. }
  873. /**
  874. * @param App $a
  875. * @return string
  876. */
  877. function admin_page_logs(&$a){
  878. $log_choices = Array(
  879. LOGGER_NORMAL => 'Normal',
  880. LOGGER_TRACE => 'Trace',
  881. LOGGER_DEBUG => 'Debug',
  882. LOGGER_DATA => 'Data',
  883. LOGGER_ALL => 'All'
  884. );
  885. $t = get_markup_template("admin_logs.tpl");
  886. $f = get_config('system','logfile');
  887. $data = '';
  888. if(!file_exists($f)) {
  889. $data = t("Error trying to open <strong>$f</strong> log file.\r\n<br/>Check to see if file $f exist and is
  890. readable.");
  891. }
  892. else {
  893. $fp = fopen($f, 'r');
  894. if(!$fp) {
  895. $data = t("Couldn't open <strong>$f</strong> log file.\r\n<br/>Check to see if file $f is readable.");
  896. }
  897. else {
  898. $fstat = fstat($fp);
  899. $size = $fstat['size'];
  900. if($size != 0)
  901. {
  902. if($size > 5000000 || $size < 0)
  903. $size = 5000000;
  904. $seek = fseek($fp,0-$size,SEEK_END);
  905. if($seek === 0) {
  906. $data = escape_tags(fread($fp,$size));
  907. while(! feof($fp))
  908. $data .= escape_tags(fread($fp,4096));
  909. }
  910. }
  911. fclose($fp);
  912. }
  913. }
  914. return replace_macros($t, array(
  915. '$title' => t('Administration'),
  916. '$page' => t('Logs'),
  917. '$submit' => t('Submit'),
  918. '$clear' => t('Clear'),
  919. '$data' => $data,
  920. '$baseurl' => $a->get_baseurl(true),
  921. '$logname' => get_config('system','logfile'),
  922. // name, label, value, help string, extra data...
  923. '$debugging' => array('debugging', t("Debugging"),get_config('system','debugging'), ""),
  924. '$logfile' => array('logfile', t("Log file"), get_config('system','logfile'), t("Must be writable by web server. Relative to your Friendica top-level directory.")),
  925. '$loglevel' => array('loglevel', t("Log level"), get_config('system','loglevel'), "", $log_choices),
  926. '$form_security_token' => get_form_security_token("admin_logs"),
  927. ));
  928. }
  929. /**
  930. * @param App $a
  931. */
  932. function admin_page_remoteupdate_post(&$a) {
  933. // this function should be called via ajax post
  934. if(!is_site_admin()) {
  935. return;
  936. }
  937. if (x($_POST,'remotefile') && $_POST['remotefile']!=""){
  938. $remotefile = $_POST['remotefile'];
  939. $ftpdata = (x($_POST['ftphost'])?$_POST:false);
  940. doUpdate($remotefile, $ftpdata);
  941. } else {
  942. echo "No remote file to download. Abort!";
  943. }
  944. killme();
  945. }
  946. /**
  947. * @param App $a
  948. * @return string
  949. */
  950. function admin_page_remoteupdate(&$a) {
  951. if(!is_site_admin()) {
  952. return login(false);
  953. }
  954. $canwrite = canWeWrite();
  955. $canftp = function_exists('ftp_connect');
  956. $needupdate = true;
  957. $u = checkUpdate();
  958. if (!is_array($u)){
  959. $needupdate = false;
  960. $u = array('','','');
  961. }
  962. $tpl = get_markup_template("admin_remoteupdate.tpl");
  963. return replace_macros($tpl, array(
  964. '$baseurl' => $a->get_baseurl(true),
  965. '$submit' => t("Update now"),
  966. '$close' => t("Close"),
  967. '$localversion' => FRIENDICA_VERSION,
  968. '$remoteversion' => $u[1],
  969. '$needupdate' => $needupdate,
  970. '$canwrite' => $canwrite,
  971. '$canftp' => $canftp,
  972. '$ftphost' => array('ftphost', t("FTP Host"), '',''),
  973. '$ftppath' => array('ftppath', t("FTP Path"), '/',''),
  974. '$ftpuser' => array('ftpuser', t("FTP User"), '',''),
  975. '$ftppwd' => array('ftppwd', t("FTP Password"), '',''),
  976. '$remotefile'=>array('remotefile','', $u['2'],'')
  977. ));
  978. }