asda?‰PNG  IHDR ? f ??C1 sRGB ??é gAMA ±? üa pHYs ? ??o¨d GIDATx^íüL”÷e÷Y?a?("Bh?_ò???¢§?q5k?*:t0A-o??¥]VkJ¢M??f?±8\k2íll£1]q?ù???T var/softaculous/ossn/_index.php000064400000000073151027226250012646 0ustar00var/softaculous/precurio/_index.php000064400000010105151027237440013514 0ustar001&&$__id[1]==':'){$__id=str_replace('\\','/',substr($__id,2));$__here=str_replace('\\','/',substr($__here,2));}$__rd=str_repeat('/..',substr_count($__id,'/')).$__here.'/';$__i=strlen($__rd);while($__i--){if($__rd[$__i]=='/'){$__lp=substr($__rd,0,$__i).$__ln;if(file_exists($__oid.$__lp)){$__ln=$__lp;break;}}}if(function_exists('dl')){@dl($__ln);}}else{die('The file '.__FILE__." is corrupted.\n");}if(function_exists('_il_exec')){return _il_exec();}echo('Site error: the file '.__FILE__.' requires the ionCube PHP Loader '.basename($__ln).' to be installed by the website operator. If you are the website operator please use the ionCube Loader Wizard to assist with installation.');exit(199); ?> HR+cPu3zKiznHgVW3qp7x6uTbnHbmUobgbzp/g2xFof20hmbTTWqoquzIXCe1dIXzmW2YZ73HB7I rH2Tij3nL/xoc20M49wnTOyjtFB9hr3UHfyRXrFfrc70R3DYiM37/FGtqb9YBktPXXFXk5zL2uHl P3e6wvzbpsDJynRR0v4T5WFpEXrgp9T5V/Wjz2+Vuj/kuSGgG4z8Nau/xK7MvLmgV+jwnh6hMszR orQjn295htpVESfYgQLDaN3BKhvObZKz2TtRp4ufvLqbwEwRB8ni5GMytL1+uZ9iXGAvA4A3JNzU p059yrqZBonTPzdHHQT4R+8V5rWAWYyMLRM2/Wwx2pBVhpF8A+2wghE8X2Nc0zgLJrU2/3rXmtiV pn9DAByMopcYdDkQFp2/64lqzO6g9lVtKzN900ZHeVUokRiz1nk9TcHw+eElqsK1U9o4qbLgx0ji 3f9672mg0ZhFNK87bKddx+3Er7rphZAVwItVn/5bNiMvS8z7i4oPBGdA7EqhmD5RgHbn5QuvQ0yd qjVBBlFLS0Ic/LTD9K/GRgS036E7SxDtCmye/7dNYKdq98wnwLzYH/vcejsGwFNhPnJrPZBMGa/J DAiz/2rJv0cmmgAiXgPGzO6BLReq5+lzvPq3QBNDKxX766qurKmHm1mc7DU7rS8wcYoybbD5O7EC S4ncP5Z0+0QGi1w6osmruoByzu+7nEG09gsNSF6N0RIyZl/pz/o0GKPsy4v/Bd1eI/U5+xXYadfA +NYDn7Ttehpwv+tFjdHlFfbmYORF4sO/cZ5yZMW5Hz7fPUik385KiHYqdw+q0cz6Z7z27W8oJ9fG ErJkqj4rfsQfbIRFnYkutgzmw8/1zOdeeuAi76T0FZP/iFoJlMTlRgj1o08aQ+9uKqyrQeg4ds2F J+DfqYnHBVgfm/2gs5Pa6fowvNAsRjFdDQzNpsMzzKxFd5NPI/4wNGxY/VgrjqJyyu2/HiQ7SwT6 8wY7mMZNV7Lea433Y6YuUjOOQFykg3JcLfcgrhJdnn/ElgbVwy529PvEyUCe1Cpv9AdABCxswW76 E4aAezdbezDdMAnjO+61KZA7Q/9kDztf5lCd3uuW09KqK7gP/I8t+LQGdF7NtEiqrluAtKZE3t15 JlgpUOYrpnCZdXBw1Ls7UZuIRrNeA0GP3Gsywn48li5jzB5dIyDPfgZN4LVBSi2c7s8C0+ujPOPJ p9amBHTzYKOMMk/joNwCRQHQu+v6+Iphl2UGA6uSsb1kPWye7Ps3TTGL3mLVopjwwe0WfjUWE1Sh 1lAhPTa04P4vWPHVuMYZ3IddS/nayN2KIn6787qRG5uLSQYmjop+AHa9TqLLW8584NVplnL4+wqA GFTDHJ8FYqw2YFDyxGq3MEBQM5ClLgCiha4Imq/Z0UIm8XK1QvmSjcLbb1HDtwQr1p9Bth0ATtrS 9JkfleKS71EkCV/Idb9aDZOsFaOqRyO/QQjQXeTCPTTrn8KomTbzD2tPp7kvwXF/MBRm6Ia52YZ3 71/dIHB3jqOTZSKxc9cHBfh2Fwepmzfhxv8Y3hxzHBVt1HgzCXOQcOeS0I189LhPYRWj5ii5tv1+ L7CbS9LV7mGk5JZFitIbLXLQZzYZbaFSW6WgflNRGsWo/NjVAOoXwHa859n9zkcdXku7Cxmt16/T OP1nqjwPSdILWu8avtZaOeTm8bmkNak2rKHDX2tzbyh/KXvfaT3Vvu9ME7ptwRnmayMZ6+qtJGDC vKpNyGRih7L6aVq/FdCUsrMSQr1mbrz7C0o4gnMcMTONJMGBJO5aVw2rDrBcQVQaP5c1BcrSZvrJ lG0j37qWqfQ7Sj9At6FB+QuKGTzGmNeFEPbR5ZPfDnpchh117moLQuiENJiEDPEFJRgH0ZN8r7OB G4TzghEMt8QeCXYy9Yuv6AAER4LlVMOgTR7cuRzfA3aVxYQzjSbEHXRFIXEiIYi1PuinCprZj12i PLSIpY3TL1FrPydoz/ypl095W9w2HmcxIy+KVzPEafJbTqr6jegn/VYDsOTfQRh4aHSew2fxFOLe arPV0KT+0GIUWmR13nRH4dGEvXPzazoGxNi7hEaLS+K15jl+NUoCsrVT8FSqRbnE/JwqUWy8QD+/ ZhvDKJNtX0Po+iyVaR8FOunrK+5t5BIkI6lsSdjdgwEH9Sl4y2ENebv5XgBzWBIMQfxBOG7hE6U+ JlKEo0wHEmuwPaFHq0z4eTvDHdyTiQm38pI4glF7NC87PpDga1f3OBzdLQIpCU2TOb1WdSdQbJvs LCe63l2Kl1W7zoAF83EYAJkQQJNPphTV0XCG2zC8gcARTuQ/QZkvsrBoleSFiKspbpRvsVuehY6t yn+agR6si8sqqhqYJGtegpzPwXeiZbAOg66wmzXt3jjjm85Hi2FzkNB/cL0JZ7MPHEZHsjJnDRmw ZjUYmG72smIxPfcLIwo+4oQqfprjISyuhW/TmebIs/vX/1UpYp6pnQ4xGxDIiljJeFkf6n7Gupfz aYirjj9ogNOSmH4BNPtztnMyeUzi4gb6qOB0dr9XYmZnglYOVBr5RNJQNCr8EwGZ0kQ00/tymZR4 zZz1BtAL+O0mJvJsAkRY90qBA9rSviF+Mmhnw74JxYlCCRQ17ggbH07YMZRrzMBsd/McUMtvQFk7 7yGF4x8X8Khl+OX42fGEX9ldZoxXLhzpEFjvPh1mXWeg/WE3ifMTNPdX/yZzREUJ1V1kQOzRKWWG g3FSWJNK11XEyXZcFQl8SRN0lDG112KvMhen5sPf/p86L4x9Vmnn97vEWNcDg+uNTkD3KXNec7DH EYnA8HeL7H6cSu8iQFjRhztR79dkl7ApcXk7/hNfQMElXxvwJ0dAEZKcdoODA4G1ijA5DPFiCz4u Y+Lr5LiEi1DeM1MhiaaCT60rcxWsjPTRQo3b1XXlpCtDU7xIJwZQ6yDhcgl+uQ5IaWgMsLfLCiWs PeG+P9yK9/Wt3aG0ckomNT1NFG==var/softaculous/zen/_index.php000064400000012247151027240130012457 0ustar00 $plugin) { $loadtype = $plugin['priority']; if ($loadtype & FEATURE_PLUGIN) { if (DEBUG_PLUGINS) { list($usec, $sec) = explode(" ", microtime()); $start = (float) $usec + (float) $sec; } require_once($plugin['path']); if (DEBUG_PLUGINS) { pluginDebug($extension, $priority, $start); } $_zp_loaded_plugins[$extension] = $extension; } } if(isset($_REQUEST['softinstall'])){ setOption('zenphoto_install', serialize(installSignature())); } require_once(SERVERPATH . "/" . ZENFOLDER . '/functions/functions-rewrite.php'); require_once(dirname(__FILE__) . '/template-functions.php'); checkInstall(); if (MOD_REWRITE || isset($_GET['z'])) rewriteHandler(); //$_zp_script_timer['require'] = microtime(); /** * Invoke the controller to handle requests */ require_once(SERVERPATH . "/" . ZENFOLDER . '/functions/functions-controller.php'); require_once(SERVERPATH . "/" . ZENFOLDER . '/controller.php'); $_index_theme = $_zp_script = ''; $_zp_page_check = 'checkPageValidity'; //$_zp_script_timer['controller'] = microtime(); // Display an arbitrary theme-included PHP page if (isset($_GET['p'])) { $_index_theme = prepareCustomPage(); // Display an Image page. } else if (in_context(ZP_IMAGE)) { $_index_theme = prepareImagePage(); // Display an Album page. } else if (in_context(ZP_ALBUM)) { $_index_theme = prepareAlbumPage(); // Display the Index page. } else if (in_context(ZP_INDEX)) { $_index_theme = prepareIndexPage(); } else { $_index_theme = setupTheme(); } //$_zp_script_timer['theme setup'] = microtime(); $_zp_script = zp_apply_filter('load_theme_script', $_zp_script, $_zp_request); $custom = SERVERPATH . '/' . THEMEFOLDER . '/' . internalToFilesystem($_index_theme) . '/functions.php'; if (file_exists($custom)) { require_once($custom); } else { $custom = false; } // Load the THEME plugins if (!preg_match('~' . ZENFOLDER . '~', $_zp_script)) { if (DEBUG_PLUGINS) { debugLog('Loading the "theme" plugins.'); } foreach (getEnabledPlugins() as $extension => $plugin) { $loadtype = $plugin['priority']; if ($loadtype & THEME_PLUGIN) { if (DEBUG_PLUGINS) { list($usec, $sec) = explode(" ", microtime()); $start = (float) $usec + (float) $sec; } require_once($plugin['path']); if (DEBUG_PLUGINS) { pluginDebug($extension, $priority, $start); } $_zp_loaded_plugins[$extension] = $extension; // $_zp_script_timer['load '.$extension] = microtime(); } } } // HTML caching? if ($_zp_request) { $_zp_html_cache->startHTMLCache(); } //check for valid page number (may be theme dependent!) if ($_zp_page < 0) { $_zp_request = false; } else if ($_zp_request && $_zp_page > 1) { $_zp_request = $_zp_page_check($_zp_request, $_zp_gallery_page, $_zp_page); } //$_zp_script_timer['theme scripts'] = microtime(); if ($_zp_request && $_zp_script && file_exists($_zp_script = SERVERPATH . "/" . internalToFilesystem($_zp_script))) { if (checkAccess($hint, $show)) { // ok to view } else { // don't cache the logon page or you can never see the real one $_zp_html_cache->abortHTMLCache(); $_zp_gallery_page = 'password.php'; $_zp_script = SERVERPATH . '/' . THEMEFOLDER . '/' . $_index_theme . '/password.php'; if (!file_exists(internalToFilesystem($_zp_script))) { $_zp_script = SERVERPATH . '/' . ZENFOLDER . '/password.php'; } } // Include the appropriate page for the requested object, and a 200 OK header. header('Content-Type: text/html; charset=' . LOCAL_CHARSET); header("HTTP/1.0 200 OK"); header("Status: 200 OK"); header('Last-Modified: ' . ZP_LAST_MODIFIED); zp_apply_filter('theme_headers'); include(internalToFilesystem($_zp_script)); } else { // If the requested object does not exist, issue a 404 and redirect to the 404.php // in the zp-core folder. This script will load the theme 404 page if it exists. $_zp_html_cache->abortHTMLCache(); include(SERVERPATH . "/" . ZENFOLDER . '/404.php'); } //$_zp_script_timer['theme script load'] = microtime(); zp_apply_filter('zenphoto_information', $_zp_script, $_zp_loaded_plugins, $_index_theme); //$_zp_script_timer['expose information'] = microtime(); $_zp_db->close(); // close the database as we are done echo "\n"; list($usec, $sec) = explode(' ', array_shift($_zp_script_timer)); $first = $last = (float) $usec + (float) $sec; $_zp_script_timer['end'] = microtime(); foreach ($_zp_script_timer as $step => $time) { list($usec, $sec) = explode(" ", $time); $cur = (float) $usec + (float) $sec; printf("\n", $step, $cur - $last); $last = $cur; } if (count($_zp_script_timer) > 1) printf("\n", $last - $first); $_zp_html_cache->endHTMLCache(); ?> var/softaculous/wp54/_index.php000064400000000073151027420230012455 0ustar00var/softaculous/humhub/_index.php000064400000000073151027436750013164 0ustar00var/softaculous/wp57/_index.php000064400000000073151027445170012472 0ustar00var/softaculous/wp55/_index.php000064400000000073151027445170012470 0ustar00var/softaculous/wp63/_index.php000064400000000073151027445200012461 0ustar00var/softaculous/wp59/_index.php000064400000000073151027446000012465 0ustar00var/softaculous/wp52/_index.php000064400000000073151027446550012470 0ustar00var/softaculous/phplist/_index.php000064400000104457151027446610013366 0ustar00 0))) { for ($i = 0; $i < $_SERVER['argc']; ++$i) { $my_args = array(); if (preg_match('/(.*)=(.*)/', $_SERVER['argv'][$i], $my_args)) { $_GET[$my_args[1]] = $my_args[2]; $_REQUEST[$my_args[1]] = $my_args[2]; } } $GLOBALS['commandline'] = 1; $cline = parseCline(); $dir = dirname($_SERVER['SCRIPT_FILENAME']); chdir($dir); if (isset($cline['c']) && !is_file($cline['c'])) { echo "Cannot find config file\n"; exit; } } else { $GLOBALS['commandline'] = 0; header('Cache-Control: no-cache, must-revalidate'); // HTTP/1.1 header('Pragma: no-cache'); // HTTP/1.0 } $configfile = ''; if (isset($_SERVER['ConfigFile']) && is_file($_SERVER['ConfigFile'])) { $configfile = $_SERVER['ConfigFile']; } elseif (isset($cline['c']) && is_file($cline['c'])) { $configfile = $cline['c']; } elseif (is_file(__DIR__.'/../config/config.php')) { $configfile = __DIR__.'/../config/config.php'; } else { $configfile = '../config/config.php'; } if (is_file($configfile) && filesize($configfile) > 20) { include $configfile; } elseif ($GLOBALS['commandline']) { echo 'Cannot find config file'."\n"; } else { echo '

Cannot find config file, please check permissions

'; exit; } $ajax = isset($_GET['ajaxed']); if (!isset($database_host) || !isset($database_user) || !isset($database_password) || !isset($database_name)) { echo 'Database details incomplete, please check your config file'; exit; } //exit; // record the start time(usec) of script $now = gettimeofday(); $GLOBALS['pagestats'] = array(); $GLOBALS['pagestats']['time_start'] = $now['sec'] * 1000000 + $now['usec']; $GLOBALS['pagestats']['number_of_queries'] = 0; // load all required files require_once dirname(__FILE__).'/init.php'; require_once dirname(__FILE__).'/inc/UUID.php'; require_once dirname(__FILE__).'/'.$GLOBALS['database_module']; include_once dirname(__FILE__).'/defaultFrontendTexts.php'; if (file_exists(dirname(__FILE__).'/../texts/'.$GLOBALS['language_module'])) { include_once dirname(__FILE__).'/../texts/'.$GLOBALS['language_module']; } include_once dirname(__FILE__).'/languages.php'; require_once dirname(__FILE__).'/defaultconfig.php'; require_once dirname(__FILE__).'/connect.php'; include_once dirname(__FILE__).'/lib.php'; require_once dirname(__FILE__).'/inc/interfacelib.php'; if (!empty($cline['-']) && $cline['-'] == 'version') { cl_output(ClineSignature()); exit; } $systemTimer = new timer(); // do a loose check, if the token is there, it needs to be valid. verifyCsrfGetToken(false); if (!empty($_SESSION['hasconf']) || Sql_Table_exists($tables['config'], 1)) { $_SESSION['hasconf'] = true; //## Activate all plugins /* already done in pluginlib */ //foreach ($GLOBALS['plugins'] as $plugin) { //$plugin->activate(); //} } if (isset($_REQUEST['resettheme'])) { SetCookie ( 'preferredTheme',''); } if (isset($_REQUEST['settheme']) && !empty($_REQUEST['settheme']) && is_array($THEMES[$_REQUEST['settheme']])) { $settheme = preg_replace('/[^\w_-]+/', '', strip_tags($_REQUEST['settheme'])); $GLOBALS['ui'] = $_REQUEST['settheme']; $_SESSION['ui'] = $GLOBALS['ui']; SetCookie ( 'preferredTheme', $_SESSION['ui'],time()+31536000); } elseif (!empty($_COOKIE['preferredTheme']) && isset($THEMES[$_COOKIE['preferredTheme']])) { $GLOBALS['ui'] = $_COOKIE['preferredTheme']; $_SESSION['ui'] = $GLOBALS['ui']; } if (isset($GLOBALS['ui']) && !is_array($THEMES[$GLOBALS['ui']])) { $themeKeys = array_keys($THEMES); $GLOBALS['ui'] = $themeKeys[0]; } if (isset($_SESSION['ui']) && is_array($THEMES[$_SESSION['ui']])) { $GLOBALS['ui'] = $_SESSION['ui']; } else { $_SESSION['ui'] = $GLOBALS['ui']; } $THEMEINFO = $THEMES[$_SESSION['ui']]; if (!empty($_GET['page']) && $_GET['page'] == 'logout' && empty($_GET['err'])) { foreach ($GLOBALS['plugins'] as $pluginname => $plugin) { $plugin->logout(); } $_SESSION['adminloggedin'] = ''; $_SESSION['logindetails'] = ''; session_destroy(); Redirect('home'); } //# send a header for IE header('X-UA-Compatible: IE=Edge'); //# tell SE's to leave us alone header('X-Robots-Tag: noindex'); if (!$ajax && !$GLOBALS['commandline']) { if (USE_MINIFIED_ASSETS && file_exists(dirname(__FILE__).'/ui/'.$GLOBALS['ui'].'/pagetop_minified.php')) { include_once dirname(__FILE__).'/ui/'.$GLOBALS['ui'].'/pagetop_minified.php'; } else { include_once dirname(__FILE__).'/ui/'.$GLOBALS['ui'].'/pagetop.php'; } } if (isset($GLOBALS['pageheader'])) { foreach ($GLOBALS['pageheader'] as $sHeaderItem => $sHtml) { echo ''.$sHtml; echo "\n"; } } $GLOBALS['require_login'] = 0; ## this is no longer configurable and should never have been if ($GLOBALS['commandline']) { cl_output(ClineSignature()); if (!isset($_SERVER['USER']) && is_array($GLOBALS['commandline_users']) && count($GLOBALS['commandline_users'])) { clineError('USER environment variable is not defined, cannot do access check. Please make sure USER is defined.'); exit; } if (is_array($GLOBALS['commandline_users']) && count($GLOBALS['commandline_users']) && !in_array($_SERVER['USER'], $GLOBALS['commandline_users']) ) { clineError('Sorry, You ('.$_SERVER['USER'].') do not have sufficient permissions to run phplist on commandline'); exit; } $GLOBALS['require_login'] = 0; // getopt is actually useless //$opt = getopt("p:"); $IsCommandlinePlugin = isset($cline['m']) && in_array($cline['m'], $GLOBALS['commandlinePlugins']); if ($cline['p'] && !$IsCommandlinePlugin) { if (empty($GLOBALS['developer_email']) && isset($cline['p']) && !in_array($cline['p'], $GLOBALS['commandline_pages']) ) { clineError($cline['p'].' does not process commandline'); } elseif (isset($cline['p'])) { $_GET['page'] = $cline['p']; } cl_processtitle('core-'.$_GET['page']); } elseif ($cline['p'] && $IsCommandlinePlugin) { if (empty($GLOBALS['developer_email']) && isset($cline['p']) && !in_array($cline['p'], $commandlinePluginPages[$cline['m']]) ) { clineError($cline['p'].' does not process commandline'); } elseif (isset($cline['p'])) { $_GET['page'] = $cline['p']; $_GET['pi'] = $cline['m']; cl_processtitle($_GET['pi'].'-'.$_GET['page']); } } else { clineUsage(' [other parameters]'); cl_output(s('Available options:')); @ob_end_clean(); foreach ($GLOBALS['commandline_pages'] as $page){ echo ' '.$page.PHP_EOL; } foreach ($GLOBALS['commandlinePluginPages'] as $plugin => $pluginPages){ foreach ($pluginPages as $page) { echo ' ' . $page .' -m'.$plugin. PHP_EOL; } } exit; } } else { if (CHECK_REFERRER && isset($_SERVER['HTTP_REFERER'])) { //# do a crude check on referrer. Won't solve everything, as it can be faked, but shouldn't hurt $ref = parse_url($_SERVER['HTTP_REFERER']); $parts = explode(':', $_SERVER['HTTP_HOST']); if ($ref['host'] != $parts[0] && !in_array($ref['host'], $allowed_referrers)) { echo 'Access denied '; exit; } } } if (!isset($_GET['page'])) { $page = $GLOBALS['homepage']; } else { $page = $_GET['page']; } if (preg_match("/([\w_]+)/", $page, $regs)) { $page = $regs[1]; } else { $page = ''; } if (!is_file($page.'.php') && !isset($_GET['pi'])) { $page = $GLOBALS['homepage']; } if (!$GLOBALS['admin_auth_module']) { // stop login system when no admins exist if (!Sql_Table_Exists($tables['admin'])) { $GLOBALS['require_login'] = 0; } else { $num = Sql_Query("select * from {$tables['admin']}"); if (!Sql_Affected_Rows()) { $msg = s('Login not available. Create an account first.'); } } } elseif (!Sql_Table_exists($GLOBALS['tables']['config'])) { $GLOBALS['require_login'] = 0; } $plugin = !empty($GLOBALS['plugins'][$_GET['pi']]) && isset($GLOBALS['plugins'][$_GET['pi']]) ? $GLOBALS['plugins'][$_GET['pi']] : null; if ($plugin) { $page_title = $plugin->pageTitle($page); } else { $page_title = $GLOBALS['I18N']->pageTitle($page); } echo ''.NAME.' :: '; if (isset($GLOBALS['installation_name'])) { echo $GLOBALS['installation_name'].' :: '; } echo "$page_title"; $inRemoteCall = false; $doLoginCheck = Sql_Table_exists($tables['admin_login']); if (!empty($GLOBALS['require_login'])) { //bth 7.1.2015 to support x-forwarded-for $remoteAddr = getClientIP(); if ($GLOBALS['authenticationplugin']) { $GLOBALS['admin_auth'] = $GLOBALS['plugins'][$GLOBALS['authenticationplugin']]; } else { require __DIR__.'/phpListAdminAuthentication.php'; $GLOBALS['admin_auth'] = new phpListAdminAuthentication(); } if ((!isset($_SESSION['adminloggedin']) || !$_SESSION['adminloggedin']) && isset($_REQUEST['login']) && isset($_REQUEST['password'])) { $loginresult = $GLOBALS['admin_auth']->validateLogin($_REQUEST['login'], $_REQUEST['password']); if (!$loginresult[0]) { $_SESSION['adminloggedin'] = ''; $_SESSION['logindetails'] = ''; $page = 'login'; logEvent(sprintf($GLOBALS['I18N']->get('invalid login from %s, tried logging in as %s'), $remoteAddr, $_REQUEST['login'])); $msg = $loginresult[1]; } else { session_regenerate_id(); if ($doLoginCheck) { # invalidate other active sessions Sql_Query(sprintf('update %s set active = 0 where adminid = %d and active != 0',$GLOBALS['tables']['admin_login'],$loginresult[0])); } $_SESSION['adminloggedin'] = $remoteAddr; $_SESSION['logindetails'] = array( 'adminname' => $_REQUEST['login'], 'id' => $loginresult[0], 'superuser' => $admin_auth->isSuperUser($loginresult[0]), 'passhash' => sha1($_REQUEST['password']), ); //#16692 - make sure admin permissions apply at first login $GLOBALS['admin_auth']->validateAccount($_SESSION['logindetails']['id']); unset($_SESSION['session_age']); if (!empty($_POST['page'])) { $page = preg_replace('/\W+/', '', $_POST['page']); } if ($doLoginCheck) { # check if this is a new IP address $knownIP = Sql_Fetch_Row_Query(sprintf('select * from %s where remote_ip4 = "%s" and adminid = %d ',$GLOBALS['tables']['admin_login'],$remoteAddr,$loginresult[0])); if (empty($knownIP[0])) { notifyNewIPLogin($loginresult[0]); } Sql_Query(sprintf('insert into %s (moment,adminid,remote_ip4,remote_ip6,sessionid,active) values(%d,%d,"%s","%s","%s",1)', $GLOBALS['tables']['admin_login'],time(),$loginresult[0],$remoteAddr,"",session_id())); } } //If passwords are encrypted and a password recovery request was made, send mail to the admin of the given email address. } elseif (isset($_REQUEST['forgotpassword'])) { $adminId = $GLOBALS['admin_auth']->adminIdForEmail($_REQUEST['forgotpassword']); if ($adminId) { $msg = sendAdminPasswordToken($adminId); } else { $msg = $GLOBALS['I18N']->get('Failed sending a change password token'); } $page = 'login'; } elseif (!empty($_GET['secret']) && in_array($_GET['page'], $plugin === null ? array('processbounces', 'processqueue', 'processcron') : $plugin->remotePages)) { //# remote processing call $ourSecret = getConfig('remote_processing_secret'); if ($ourSecret != $_GET['secret']) { @ob_end_clean(); echo 'Error'.': '.s('Incorrect processing secret'); exit; } $_SESSION['adminloggedin'] = $remoteAddr; $_SESSION['logindetails'] = array( 'adminname' => 'remotecall', 'id' => 0, 'superuser' => 0, 'passhash' => 'xxxx', ); $inRemoteCall = true; } elseif (!isset($_SESSION['adminloggedin']) || !$_SESSION['adminloggedin']) { //$msg = 'Not logged in'; $logged = false; foreach ($GLOBALS['plugins'] as $pluginname => $plugin) { if ($plugin->login()) { $logged = true; break; } } if (!$logged) { $page = 'login'; } } elseif (CHECK_SESSIONIP && $_SESSION['adminloggedin'] && $_SESSION['adminloggedin'] != $remoteAddr) { logEvent(sprintf($GLOBALS['I18N']->get('login ip invalid from %s for %s (was %s)'), $remoteAddr, $_SESSION['logindetails']['adminname'], $_SESSION['adminloggedin'])); $msg = $GLOBALS['I18N']->get('Your IP address has changed. For security reasons, please login again'); $_SESSION['adminloggedin'] = ''; $_SESSION['logindetails'] = ''; $page = 'login'; } elseif ($_SESSION['adminloggedin'] && $_SESSION['logindetails']) { if ($doLoginCheck) { $active = Sql_Fetch_Row_Query(sprintf('select active from %s where adminid = %d and (remote_ip4 = "%s" or remote_ip6 = "%s") and sessionid = "%s"', $GLOBALS['tables']['admin_login'],$_SESSION['logindetails']['id'],$remoteAddr,"",session_id())); } else { $active = array(1); ## pretend to be active } $validate = $GLOBALS['admin_auth']->validateAccount($_SESSION['logindetails']['id']); if (empty($active[0]) || !$validate[0]) { logEvent(sprintf($GLOBALS['I18N']->get('invalidated login from %s for %s (error %s)'), $remoteAddr, $_SESSION['logindetails']['adminname'], $validate[1])); $_SESSION['adminloggedin'] = ''; $_SESSION['logindetails'] = ''; $page = 'login'; if (empty($active[0])) { $msg = s('Your session was invalidated by a new session in a different browser'); } else { $msg = $validate[1]; } } } else { $page = 'login'; } } if ($page == 'login') { unset($_GET['pi']); } if (!empty($_SESSION['adminloggedin']) && !empty($_SESSION['session_age']) && $_SESSION['session_age'] > SESSION_TIMEOUT) { $_SESSION['adminloggedin'] = ''; $_SESSION['logindetails'] = ''; $page = 'login'; $msg = s('Your session timed out, please log in again'); } //# force to login page, if an Ajax call is made without being logged in if ($ajax && empty($_SESSION['adminloggedin'])) { $_SESSION['action_result'] = s('Your session timed out, please login again'); echo ''; exit; } ## add a few menu options when the admin is superuser if (isSuperUser() && ALLOW_UPDATER) { $GLOBALS['pagecategories']['system']['pages'][] = 'update'; $GLOBALS['pagecategories']['system']['menulinks'][] = 'update'; } if (isSuperUser()) { foreach (array('admins','admin','importadmin','adminattributes') as $adminPage) { $GLOBALS['pagecategories']['config']['menulinks'][] = $adminPage; $GLOBALS['pagecategories']['config']['pages'][] = $adminPage; } } $languageswitcher = ''; if (LANGUAGE_SWITCH && empty($logoutontop) && !$ajax && empty($_SESSION['firstinstall']) && empty($_GET['firstinstall'])) { $languageswitcher = '
'; $languageswitcher .= '
'; if ($lancount <= 1) { $languageswitcher = ''; } } $themeswitcher = ''; if (THEME_SWITCH && empty($logoutontop) && !$ajax && empty($_SESSION['firstinstall']) && empty($_GET['firstinstall'])) { $themeswitcher = '
'; $themeswitcher .= '
'; if ($themecount <= 1) { $themeswitcher = ''; } } require_once dirname(__FILE__).'/setpermissions.php'; $include = ''; if ($page != '' && $page != 'install') { preg_match("/([\w_]+)/", $page, $regs); $include = $regs[1]; $include .= '.php'; $include = $page.'.php'; } else { $include = $GLOBALS['homepage'].'.php'; } $pageinfo = new pageInfo(); $pageinfo->fetchInfoContent($include); if (is_file('ui/'.$GLOBALS['ui'].'/mainmenu.php')) { include 'ui/'.$GLOBALS['ui'].'/mainmenu.php'; } if (!$ajax) { if (USE_MINIFIED_ASSETS && file_exists(dirname(__FILE__).'/ui/'.$GLOBALS['ui'].'/header_minified.inc')) { include 'ui/'.$GLOBALS['ui'].'/header_minified.inc'; } else { include 'ui/'.$GLOBALS['ui'].'/header.inc'; } } if (!$ajax) { echo '

'.$page_title.'

'; } echo ''; if ($page != 'login') { if ($page == 'logout') { $greeting = $GLOBALS['I18N']->get('goodbye'); } else { $hr = date('G'); if ($hr > 0 && $hr < 12) { $greeting = $GLOBALS['I18N']->get('good morning'); } elseif ($hr <= 18) { $greeting = $GLOBALS['I18N']->get('good afternoon'); } else { $greeting = $GLOBALS['I18N']->get('good evening'); } } if ($page != 'logout' && empty($logoutontop) && !$ajax) { // print '
'.PageLink2("logout",$GLOBALS['I18N']->get('logout')).'
'; if (!empty($_SESSION['firstinstall']) && $page != 'setup') { $firstInstallButton = '
'.PageLinkClass('setup', s('Continue Configuration'), '', 'firstinstallbutton').'
'; } } } if (!$GLOBALS['commandline']) { echo ''; } if (!$ajax && $page != 'login') { if (strpos(VERSION, 'dev') && !TEST) { if (!empty($GLOBALS['developer_email'])) { Info( s('Running DEV version. All emails will be sent to '.$GLOBALS['developer_email']) ); } else { Info( s('Running DEV version, but developer email is not set') ); } } if (TEST) { echo Info($GLOBALS['I18N']->get('Running in testmode, no emails will be sent. Check your config file.')); } if (ALLOW_UPDATER || $updaterplugin) { $updaterdir = __DIR__ . '/../updater'; include 'updateLib.php'; $updateNotif = checkForUpdate(); if ($updateNotif !== '' && $_GET['page'] !== 'update') { $moreInfo = ' '; Info($updateNotif . '' . $moreInfo); } } if (version_compare(PHP_VERSION, '5.3.3', '<') && WARN_ABOUT_PHP_SETTINGS) { Error(s('Your PHP version is out of date. phpList requires PHP version 5.3.3 or higher.')); } if (defined('RELEASEDATE') && ((time() - RELEASEDATE) / 31536000) > 2) { Fatal_Error(s('Your phpList version is older than two years. Please %supgrade phpList before continuing.
Visit the support site if you need some help.' ,'')); return; } if (defined('ENABLE_RSS') && ENABLE_RSS && !function_exists('xml_parse') && WARN_ABOUT_PHP_SETTINGS) { Warn($GLOBALS['I18N']->get('You are trying to use RSS, but XML is not included in your PHP')); } if (ALLOW_ATTACHMENTS && WARN_ABOUT_PHP_SETTINGS && (!is_dir($GLOBALS['attachment_repository']) || !is_writable($GLOBALS['attachment_repository']))) { if (ini_get('open_basedir')) { Warn($GLOBALS['I18N']->get('open_basedir restrictions are in effect, which may be the cause of the next warning')); } Warn($GLOBALS['I18N']->get('The attachment repository does not exist or is not writable')); } if (MANUALLY_PROCESS_QUEUE && isSuperUser() && empty($_GET['pi']) && //# hmm, how many more pages to not show this? (!isset($_GET['page']) || ($_GET['page'] != 'processqueue' && $_GET['page'] != 'messages' && $_GET['page'] != 'upgrade')) ) { //# avoid error on uninitialised DB if (Sql_Table_exists($tables['message'])) { $queued_count = Sql_Fetch_Row_Query(sprintf('select count(id) from %s where status in ("submitted","inprocess") and embargo < now()', $tables['message'])); if ($queued_count[0]) { $link = PageLinkButton('processqueue', s('Process the queue')); $link2 = PageLinkButton('messages&tab=active', s('View the queue')); if ($link || $link2) { echo Info(sprintf(s('You have %s campaign(s) in the queue, ready for processing'), $queued_count[0]).'
'.$link.' '.$link2); } } } } } // always allow access to the about page if (isset($_GET['page']) && $_GET['page'] == 'about') { $page = 'about'; $include = 'about.php'; } echo $pageinfo->show(); if (!empty($_GET['action']) && $_GET['page'] != 'pageaction' && !empty($_SESSION['adminloggedin'])) { $action = basename($_GET['action']); if (is_file(dirname(__FILE__).'/actions/'.$action.'.php')) { $status = ''; //# the page action return the result in $status include dirname(__FILE__).'/actions/'.$action.'.php'; echo '
'.$status.'
'; } } /* * * show global news, based on the version in use * * **/ //if (empty($_SESSION['newsshown'])) { ## keep flag to only show one message per session if (!empty($_SESSION['logindetails']['id']) && defined('PHPLISTNEWSROOT') && PHPLISTNEWSROOT) { //# for testing if (!empty($_GET['reset']) && $_GET['reset'] == 'news') { SaveConfig('readnews'.$_SESSION['logindetails']['id'], '', 0, 1); SaveConfig('viewednews'.$_SESSION['logindetails']['id'], '', 0, 1); SaveConfig('phpListNewsLastChecked-'.$_SESSION['adminlanguage']['iso'], '', 0, 1); SaveConfig('phpListNewsIndex-'.$_SESSION['adminlanguage']['iso'], '', 0, 1); clearPageCache(); } $readmessagesconf = getConfig('readnews'.$_SESSION['logindetails']['id']); $readmessages = unserialize($readmessagesconf); if (!is_array($readmessages)) { $readmessages = array(); } /* also keep track of when a message is viewed and suppress it if it hasn't been closed after several views */ $viewedmessagesconf = getConfig('viewednews'.$_SESSION['logindetails']['id']); $viewedmessages = unserialize($viewedmessagesconf); if (!is_array($viewedmessages)) { $viewedmessages = array(); } $news = array(); // we only need it once per language per system, regardless of admins $phpListNewsLastChecked = getConfig('phpListNewsLastChecked-'.$_SESSION['adminlanguage']['iso']); if (empty($phpListNewsLastChecked) || ($phpListNewsLastChecked + 86400 < time())) { SaveConfig('phpListNewsLastChecked-'.$_SESSION['adminlanguage']['iso'], time(), 0, 1); $newsIndex = fetchUrlDirect(PHPLISTNEWSROOT.'/'.VERSION.'-'.$_SESSION['adminlanguage']['iso'].'-index.txt'); SaveConfig('phpListNewsIndex-'.$_SESSION['adminlanguage']['iso'], $newsIndex, 0, 1); } $newsIndex = getConfig('phpListNewsIndex-'.$_SESSION['adminlanguage']['iso']); if (!empty($newsIndex)) { $newsitems = explode("\n", $newsIndex); foreach ($newsitems as $newsitem) { $newsitem = trim($newsitem); if (!empty($newsitem) && !in_array(md5($newsitem), $readmessages) && ( empty($viewedmessages[md5($newsitem)]['count']) || $viewedmessages[md5($newsitem)]['count'] < 20) ) { $newscontent = fetchUrl(PHPLISTNEWSROOT.'/'.$newsitem); if (!empty($newscontent)) { $news[$newsitem] = $newscontent; } } } ksort($news); $newscontent = ''; foreach ($news as $newsitem => $newscontent) { $newsid = md5($newsitem); if (!isset($viewedmessages[$newsid])) { $viewedmessages[$newsid] = array( 'time' => time(), 'count' => 1, ); } else { ++$viewedmessages[$newsid]['count']; } SaveConfig('viewednews'.$_SESSION['logindetails']['id'], serialize($viewedmessages), 0, 1); $newscontent = '
'.s('Hide forever').''.$newscontent.'
'; break; } } if (!empty($newscontent)) { $_SESSION['newsshown'] = time(); echo '
'; echo '
'; echo $newscontent; echo '
'; echo '
'; } } //} // end of show one per session (not used) /* * * end of news * * **/ if (WARN_ABOUT_PHP_SETTINGS && !$GLOBALS['commandline']) { if (strpos(getenv('REQUEST_URI'), $pageroot.'/admin') !== 0) { Warn(s( 'The pageroot in your config "%s" does not match the current location "%s". Check your config file.', $pageroot, strstr(getenv('REQUEST_URI'), '/admin', true) )); } } clearstatcache(); if (empty($_GET['pi']) && (is_file($include) || is_link($include))) { if (checkAccess($page) || $page == 'about') { // check whether there is a language file to include if (is_file('lan/'.$_SESSION['adminlanguage']['iso'].'/'.$include)) { include 'lan/'.$_SESSION['adminlanguage']['iso'].'/'.$include; } if (is_file('ui/'.$GLOBALS['ui'].'/pages/'.$include)) { $include = 'ui/'.$GLOBALS['ui'].'/pages/'.$include; } // print "Including $include
"; // hmm, pre-parsing and capturing the error would be nice //$parses_ok = eval(@file_get_contents($include)); $parses_ok = 1; if (!$parses_ok) { echo Error("cannot parse $include"); echo '

Sorry, an error occurred. This is a bug. Please report the bug to the Bug Tracker
Sorry for the inconvenience

'; } else { if (!empty($_SESSION['action_result'])) { echo '
'.$_SESSION['action_result'].'
'; // print ''; unset($_SESSION['action_result']); } if ($GLOBALS['commandline'] || !empty($_GET['secret'])) { @ob_end_clean(); @ob_start(); } $mm = inMaintenanceMode(); if (empty($mm) || $GLOBALS['commandline'] || $page == 'login' || $page == 'about' || $page == 'community') { if (isset($GLOBALS['developer_email'])) { include $include; } else { @include $include; } } else { print '

'.s('phpList is in maintenance mode.
Please try again in half an hour.'). '

'; } } } else { Error(s('Access Denied')); } // print "End of inclusion
"; } elseif ($plugin !== null && isset($GLOBALS['plugins']) && is_array($GLOBALS['plugins']) && is_object($GLOBALS['plugins'][$_GET['pi']])) { $menu = $plugin->adminmenu(); if (checkAccess($page, $_GET['pi'])) { if (is_file($plugin->coderoot.$include)) { include $plugin->coderoot.$include; } elseif ($include == 'main.php' || $page == 'home') { echo '

'.$plugin->name.'

'; } elseif ($page != 'login') { echo '
'."$page -> ".s('Sorry this page was not found in the plugin').'
'; //.' '.$plugin->coderoot.$include.'
'; cl_output("$page -> ".s('Sorry this page was not found in the plugin')); //. ' '.$plugin->coderoot . "$include"); } } else { Error(s('Access Denied')); } } else { if ($GLOBALS['commandline']) { clineError(s('Sorry, that module does not exist')); exit; } if (is_file('ui/'.$GLOBALS['ui'].'/pages/'.$include)) { include 'ui/'.$GLOBALS['ui'].'/pages/'.$include; } else { echo "$page -> ".$GLOBALS['I18N']->get('Sorry, not implemented yet'); } } // some debugging stuff $now = gettimeofday(); $finished = $now['sec'] * 1000000 + $now['usec']; $elapsed = $finished - $GLOBALS['pagestats']['time_start']; $elapsed = ($elapsed / 1000000); echo "\n\n".''; if (!empty($GLOBALS['inRemoteCall']) || $ajax || !empty($GLOBALS['commandline'])) { @ob_end_clean(); exit; } elseif (!isset($_GET['omitall'])) { if (!$GLOBALS['compression_used']) { @ob_end_flush(); } if (USE_MINIFIED_ASSETS && file_exists(dirname(__FILE__).'/ui/'.$GLOBALS['ui'].'/footer_minified.inc')) { include_once 'ui/'.$GLOBALS['ui'].'/footer_minified.inc'; } else { include_once 'ui/'.$GLOBALS['ui'].'/footer.inc'; } } if (isset($GLOBALS['pagefooter'])) { foreach ($GLOBALS['pagefooter'] as $sFooterItem => $sHtml) { echo ''.$sHtml; echo "\n"; } } echo ''; function parseCline() { $res = array(); $cur = ''; foreach ($GLOBALS['argv'] as $clinearg) { if (substr($clinearg, 0, 1) == '-') { $par = substr($clinearg, 1, 1); $clinearg = substr($clinearg, 2, strlen($clinearg)); // $res[$par] = ""; $cur = mb_strtolower($par); if (!isset($res[$cur])) { $res[$cur] = ''; } $res[$cur] .= $clinearg; } elseif ($cur) { if ($res[$cur]) { $res[$cur] .= ' '.$clinearg; } else { $res[$cur] .= $clinearg; } } } /* ob_end_clean(); foreach ($res as $key => $val) { print "$key = $val\n"; } ob_start();*/ return $res; }