search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
restored fixes and tweaks on blog mod
[elgg.git] / _elggadmin / lib.php
blobe0239bdd5d55106c8be7db1007d428f360449e5a
1 <?php
2
3 /*
4
5 Elgg admin panel
6 Main library
7
8 */
9
10 // We want to load the config file whenever we can
11 require_once("config.php");
12
13 // Initialisation
14 function elggadmin_init() {
15 global $CFG, $ADMINCFG, $messages;
16
17 elggadmin_session_start();
18
19 if (file_exists($ADMINCFG->admin->elggdir . $ADMINCFG->admin->configfile)) {
20
21 // Activities to perform if Elgg's config file exists
22
23 // Load Elgg configuration
24 global $CFG;
25 require_once($ADMINCFG->admin->elggdir . $ADMINCFG->admin->configfile);
26
27 elggadmin_config_check_values();
28
29 // Check logins etc
30 elggadmin_actions();
31
32 // If we're not logged in, force the log in panel
33 if (!elggadmin_isloggedin()) {
34
35 elggadmin_header();
36 elggadmin_begin_content();
37 elggadmin_loginbox();
38 elggadmin_end_content();
39 elggadmin_footer();
40 exit;
41
42 }
43
44 } else {
45
46 // Activities to perform if Elgg's config file doesn't exist
47 // Load Elgg configuration
48 global $CFG, $messages;
49 require_once($ADMINCFG->admin->elggdir . "config-dist.php");
50
51 elggadmin_config_check_values();
52
53 // Check logins etc
54 elggadmin_actions();
55
56 $messages[] = <<< END
57
58 <h2>Welcome to the Elgg installer!</h2>
59 <p>Fill in the details below, click 'Save' at the bottom, and your Elgg installation will be ready to go.
60 Don't worry if you don't know all the details: the really important settings (the ones Elgg won't work without)
61 are highlighted in red for you, and you can come back at any time by visiting {$CFG->wwwroot}_elggadmin.</p>
62 <p>It's possible this installer hasn't been given permission to save files to your Elgg installation directory
63 by the server. If that's the case, we'll give you a copy of the config.php file, and you'll need to upload it
64 to your installation directory by hand.</p>
65 <p>Of course, if you like to get your hands dirty, you can also set these values by copying config-dist.php to config.php
66 in your Elgg installation folder and editing it by hand in your text editor of choice.</p>
67
68 END;
69
70 }
71 }
72
73 function elggadmin_actions() {
74
75 global $CFG, $ADMINCFG, $messages;
76
77 if (isset($_REQUEST['action'])) {
78 $action = $_REQUEST['action'];
79 }
80
81 switch($action) {
82
83 case "admin:login":
84 elggadmin_checklogins();
85 break;
86 case "config:save":
87 elggadmin_config_save();
88 break;
89 case "theme:save":
90 elggadmin_save_template();
91 break;
92 case "frontpage:save":
93 elggadmin_save_frontpage();
94 break;
95 case "theme:backup:save":
96 elggadmin_make_backup();
97 $_SESSION['messages'] = $messages;
98 header("Location: theme.php");
99 exit;
100 break;
101 case "theme:backup:restore":
102 elggadmin_restore_backup();
103 $_SESSION['messages'] = $messages;
104 header("Location: theme.php");
105 exit;
106 break;
107
108 }
109
110 }
111
112 function elggadmin_checklogins() {
113
114 global $CFG, $ADMINCFG, $messages;
115
116 $username = "";
117 $password = "";
118
119 if (isset($_REQUEST['adminuser'])) {
120 $username = $_REQUEST['adminuser'];
121 }
122 if (isset($_REQUEST['adminpassword'])) {
123 $password = $_REQUEST['adminpassword'];
124 }
125
126 if (!empty($username) && !empty($password)
127 && !empty($CFG->adminuser) && !empty($CFG->adminpassword) ) {
128
129 if ($username == $CFG->adminuser
130 && $password == $CFG->adminpassword) {
131
132 $_SESSION['adminid'] = 1;
133 $_SESSION['admincode'] = md5($CFG->adminuser . $CFG->adminpassword);
134 $messages[] = ("You logged in.");
135
136 elggadmin_header_redirect('index.php');
137
138 } else {
139 $messages[] = ("The username and password you specified did not match the admin details for this system.");
140 }
141
142 }
143
144 }
145
146
147 // Initialisation for config editing
148 function elggadmin_config_init() {
149
150 global $CFG, $PARSEDCFG, $ADMINCFG, $DEFCFG, $messages;
151
152 if (!isset($PARSEDCFG)) {
153
154 $PARSEDCFG = new stdClass();
155
156 foreach(get_object_vars($CFG) as $key => $value) {
157 $PARSEDCFG->$key = addslashes($value);
158 }
159
160 }
161
162 include("configdef.php");
163 $ADMINCFG->config = $DEFCFG->config;
164
165
166 }
167
168 // Display the form to set configuration options
169 function elggadmin_config_main() {
170
171 global $CFG, $PARSEDCFG, $ADMINCFG, $messages, $DEFCFG;
172
173 require_once("configdef.php");
174
175 echo "<form action=\"\" method=\"post\">";
176 foreach(($DEFCFG->config) as $name => $value) {
177 if (!in_array($name,$ADMINCFG->admin->noedit)) {
178
179 //require_once("configdef.php");
180
181 if (isset($DEFCFG->config[$name]->important) && $DEFCFG->config[$name]->important == true) {
182 echo "<div class=\"important\">";
183 }
184
185 echo "<p>";
186 if (isset($ADMINCFG->config[$name]->name)) {
187 echo "<b>" . $ADMINCFG->config[$name]->name . "</b>";
188 }
189 if (isset($ADMINCFG->config[$name]->description)) {
190 echo "<br /><i>" . $ADMINCFG->config[$name]->description . "</i>";
191 }
192 echo "</p>\n";
193 echo "<p>";
194
195 if (isset($ADMINCFG->config[$name]->type)) {
196 switch($ADMINCFG->config[$name]->type) {
197
198 case "requiredstring":
199 case "integer": echo "<input type=\"text\" name=\"$name\" value=\"" . (string) htmlspecialchars($CFG->$name) . "\" />";
200 break;
201 case "access":
202 $selected = array();
203 $selected[$CFG->$name] = "selected=\"selected\"";
204 echo "<select name=\"$name\">";
205 echo "<option value=\"PUBLIC\" {$selected['PUBLIC']}>" . ("Public") . "</option>";
206 echo "<option value=\"LOGGED_IN\" {$selected['LOGGED_IN']} >" . ("Logged in users only") . "</option>";
207 echo "<option value=\"PRIVATE\" {$selected['PRIVATE']} >" . ("Private") . "</option>";
208 echo "</select>";
209 break;
210 case "boolean":
211 $value = (int) $CFG->$name;
212 $selected = array();
213 if ($value == "1") {
214 $selected['yes'] = "selected=\"selected\"";
215 } else {
216 $selected['no'] = "selected=\"selected\"";
217 }
218 echo "<select name=\"$name\">";
219 echo "<option value=\"0\" {$selected['no']}>" . ("No") . "</option>";
220 echo "<option value=\"1\" {$selected['yes']} >" . ("Yes") . "</option>";
221 echo "</select>";
222 break;
223
224 }
225 } else {
226 echo "<input type=\"text\" name=\"$name\" value=\"" . htmlspecialchars($CFG->$name) . "\" />";
227 }
228
229 echo "</p>\n";
230
231 if (isset($DEFCFG->config[$name]->important) && $DEFCFG->config[$name]->important == true) {
232 echo "</div>";
233 }
234 }
235
236 }
237
238 echo "<p>&nbsp;</p><p><i>" . ("Click below to save your settings.") . "</i></p>";
239 echo "<p><input type=\"hidden\" value=\"config:save\" name=\"action\" /><input type=\"submit\" value=\"" . ("Save") . "\" /></p>";
240 echo "</form>";
241 }
242
243 // Save configuration settings to Elgg's config.php
244 function elggadmin_config_save() {
245
246 global $CFG, $ADMINCFG, $PARSEDCFG, $DEFCFG, $messages;
247
248 $oktosave = 1;
249 require_once("configdef.php");
250
251 foreach($DEFCFG->config as $name => $value) {
252
253 if (!in_array($name,$ADMINCFG->admin->noedit)) {
254 if (isset($_REQUEST[$name])) {
255
256 $CFG->$name = substr($_REQUEST[$name],0,128);
257 if(ini_get("magic_quotes_gpc")) {
258 $CFG->$name = stripslashes($CFG->$name);
259 }
260
261 }
262 }
263 if (isset($DEFCFG->config[$name]->type)) {
264
265 switch ($DEFCFG->config[$name]->type) {
266
267 case "int":
268 if (empty($CFG->$name)) {
269 $CFG->$name = "0";
270 }
271 $CFG->$name = (int) $CFG->$name;
272 break;
273 case "boolean":
274 if (!isset($CFG->$name)) {
275 $CFG->$name = "0";
276 }
277 $CFG->$name = (int) $CFG->$name;
278 if ($CFG->$name > 1) {
279 $CFG->$name = "1";
280 }
281
282 break;
283 case "requiredstring":
284 if (empty($CFG->$name)) {
285 $oktosave = 0;
286 $messages[] = sprintf(("You cannot leave '%s' blank!"),$DEFCFG->config[$name]->name);
287 }
288 break;
289 case "access":
290 if (!in_array($CFG->$name, array("PUBLIC","LOGGED_IN","PRIVATE"))) {
291 $CFG->$name = "PRIVATE";
292 }
293 break;
294
295 }
296 }
297
298 $PARSEDCFG->$name = addslashes($CFG->$name);
299
300 }
301
302 if ($oktosave) {
303
304 $newconfigfile = elggadmin_configstring();
305 if (!@file_put_contents($ADMINCFG->admin->elggdir . $ADMINCFG->admin->configfile, $newconfigfile)) {
306 $messages[] = sprintf(("We couldn't write your new configuration to your configuration file at %s. Therefore, please copy everything from the textbox below and paste it into a new file called %s in the root of your Elgg installation."),$ADMINCFG->admin->elggdir . $ADMINCFG->admin->configfile,$ADMINCFG->admin->configfile) . "<br />" . "<textarea cols=\"40\" rows=\"6\">" . $newconfigfile . "</textarea>";
307 } else {
308 $messages[] = ("Your new configuration was saved.");
309 }
310
311 }
312
313 elggadmin_header_redirect('index.php');
314
315 }
316
317 /**
318 * Starts session
319 *
320 */
321 function elggadmin_session_start() {
322 global $messages;
323
324 // Begin Elgg admin session
325 session_name("elggadmin");
326 session_start();
327
328 if (isset($_SESSION['messages'])) {
329 $messages = $_SESSION['messages'];
330 $_SESSION['messages'] = "";
331 }
332 }
333
334 /**
335 * Redirect to url using header function()
336 * @param string $url url to redirect to
337 * @param string $message optional message to attach global messages
338 */
339 function elggadmin_header_redirect($url, $message='') {
340 global $messages;
341
342 if (!empty($message)) {
343 $messages[] = $message;
344 }
345
346 // save messages
347 $_SESSION['messages'] = $messages;
348
349 // redirect
350 header('Location: ' . $url);
351 exit();
352 }
353
354 // Run if Elgg's config.php doesn't exist.
355 function elggadmin_config_create() {
356 }
357
358 /**
359 * Check for deafult values
360 *
361 */
362 function elggadmin_config_check_values() {
363 global $CFG;
364
365 // TODO: support for https?
366 if (empty($CFG->wwwroot) || $CFG->wwwroot == "http://") {
367 $CFG->wwwroot = "http://" . str_replace("index.php","",str_replace("_elggadmin/","",$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']));
368 }
369
370 // Set the dirroot
371 if (empty($CFG->dirroot)) {
372 $CFG->dirroot = str_replace("//","/",str_replace("_elggadmin","",str_replace("\\","/",dirname(__FILE__))));
373 }
374
375 // Set the templates root and profile location if they don't exist
376 if (!isset($CFG->templatesroot)) {
377 $CFG->templatesroot = $CFG->dirroot . "mod/template/templates/";
378 }
379
380 if (!isset($CFG->profilelocation)) {
381 $CFG->profilelocation = $CFG->dirroot . "mod/profile/";
382 }
383
384 }
385
386 // Generates a string containing all the configuration options
387 // (Essentially a filled-in version of config-dist.php)
388 function elggadmin_configstring() {
389
390 global $CFG, $PARSEDCFG;
391
392 include("config-template.php");
393
394 $config = str_replace("\\\"","\"",$config);
395
396 return $config;
397
398 }
399
400 // Initialises theme-related functions
401 function elggadmin_theme_init() {
402
403 global $CFG, $messages;
404
405 // Determine whether or not we can write the theme back to disk
406 if (!is_writable($CFG->templatesroot . "Default_Template/pageshell")
407 || !is_writable($CFG->templatesroot . "Default_Template/css")) {
408 $messages[] = sprintf(("The administration panel can't write to the theme. You will need to edit your theme files directly or specify that %s is world-writable."),$CFG->templatesroot . "Default_Template/");
409 }
410
411 if (file_exists($CFG->dataroot) &&
412 (!file_exists($CFG->dataroot . "backuppageshell") || !file_exists($CFG->dataroot . "backupcss"))
413 ) {
414 elggadmin_make_backup();
415 }
416
417 }
418
419 // Initialises theme-related functions
420 function elggadmin_frontpage_init() {
421
422 global $CFG, $messages;
423
424 // Determine whether or not we can write the theme back to disk
425 if (!is_writable($CFG->templatesroot . "Default_Template/frontpage_loggedin")
426 || !is_writable($CFG->templatesroot . "Default_Template/frontpage_loggedout")) {
427 $messages[] = sprintf(("The administration panel can't write to the front page template. You will need to edit your front page files directly or specify that %s is world-writable."),$CFG->templatesroot . "Default_Template/");
428 }
429
430 }
431
432 // Takes a backup
433 function elggadmin_make_backup() {
434
435 global $CFG, $messages;
436
437 if (!@copy($CFG->templatesroot . "Default_Template/pageshell", $CFG->dataroot . "backuppageshell")) {
438 $messages[] = ("Could not backup pageshell.");
439 }
440 if (!@copy($CFG->templatesroot . "Default_Template/css", $CFG->dataroot . "backupcss")) {
441 $messages[] = ("Could not backup css.");
442 }
443
444 }
445
446 // Restores from a backup
447 function elggadmin_restore_backup() {
448
449 global $CFG, $messages;
450
451 if (!@copy($CFG->dataroot . "backuppageshell", $CFG->templatesroot . "Default_Template/pageshell")) {
452 $messages[] = ("Could not restore pageshell backup.");
453 }
454 if (!@copy($CFG->dataroot . "backupcss", $CFG->templatesroot . "Default_Template/css")) {
455 $messages[] = ("Could not restore css backup.");
456 }
457
458 }
459
460 // Save template
461 function elggadmin_save_template() {
462
463 global $CFG, $ADMINCFG, $messages;
464 if (isset($_REQUEST['pageshell']) && isset($_REQUEST['css'])) {
465
466 if (is_writable($CFG->templatesroot . "Default_Template/pageshell")
467 && is_writable($CFG->templatesroot . "Default_Template/css")) {
468
469 $pageshell = trim($_REQUEST['pageshell']);
470 $css = trim($_REQUEST['css']);
471
472 if(ini_get("magic_quotes_gpc")) {
473 $pageshell = stripslashes($pageshell);
474 $css = stripslashes($css);
475 }
476
477 if (!@file_put_contents($CFG->templatesroot . "Default_Template/pageshell",$pageshell)) {
478 $messages[] = ("Could not save pageshell.");
479 } else {
480 $messages[] = ("Pageshell saved.");
481 }
482 if (!@file_put_contents($CFG->templatesroot . "Default_Template/css",$css)) {
483 $messages[] = ("Could not save CSS.");
484 } else {
485 $messages[] = ("CSS saved.");
486 }
487
488 } else {
489
490 $messages[] = sprintf(("The admin panel doesn't have the right to save to pageshell and css at %s. You may wish to speak to your system administrator about granting write access to those files."),$CFG->templatesroot . "Default_Template/");
491
492 }
493
494 elggadmin_header_redirect('theme.php');
495
496 }
497
498 }
499
500 // Save frontpage
501 function elggadmin_save_frontpage() {
502
503 global $CFG, $ADMINCFG, $messages;
504 if (isset($_REQUEST['frontpage_loggedout']) && isset($_REQUEST['frontpage_loggedin'])) {
505
506 if (is_writable($CFG->templatesroot . "Default_Template/frontpage_loggedout")
507 && is_writable($CFG->templatesroot . "Default_Template/frontpage_loggedin")) {
508
509 $frontpage_loggedout = trim($_REQUEST['frontpage_loggedout']);
510 $frontpage_loggedin = trim($_REQUEST['frontpage_loggedin']);
511
512 if(ini_get("magic_quotes_gpc")) {
513 $frontpage_loggedout = stripslashes($frontpage_loggedout);
514 $frontpage_loggedin = stripslashes($frontpage_loggedin);
515 }
516
517 if (!@file_put_contents($CFG->templatesroot . "Default_Template/frontpage_loggedout",$frontpage_loggedout)) {
518 $messages[] = ("Could not save frontpage_loggedout.");
519 } else {
520 $messages[] = ("frontpage_loggedout saved.");
521 }
522 if (!@file_put_contents($CFG->templatesroot . "Default_Template/frontpage_loggedin",$frontpage_loggedin)) {
523 $messages[] = ("Could not save frontpage_loggedin.");
524 } else {
525 $messages[] = ("frontpage_loggedin saved.");
526 }
527
528 } else {
529
530 $messages[] = sprintf(("The admin panel doesn't have the right to save to frontpage_loggedout and frontpage_loggedin at %s. You may wish to speak to your system administrator about granting write access to those files."),$CFG->templatesroot . "Default_Template/");
531
532 }
533
534 elggadmin_header_redirect('frontpage.php');
535
536 }
537
538 }
539
540 // Displays the main form to edit themes
541 function elggadmin_theme_main() {
542
543 global $CFG, $messages;
544
545 echo "<form action=\"\" method=\"post\">";
546
547 echo "<p><b>" . ("Main pageshell") . "</b></p>";
548
549 echo "<textarea name=\"pageshell\" >";
550 readfile($CFG->templatesroot . "Default_Template/pageshell");
551 echo "</textarea>";
552
553 echo "<p><b>" . ("CSS styles") . "</b></p>";
554
555 echo "<textarea name=\"css\" >";
556 readfile($CFG->templatesroot . "Default_Template/css");
557 echo "</textarea>";
558
559 echo "<p>&nbsp;</p><p><i>" . ("Click below to save your settings.") . "</i></p>";
560 echo "<p><input type=\"hidden\" value=\"theme:save\" name=\"action\" /><input type=\"submit\" value=\"" . ("Save") . "\" /></p>";
561 echo "</form>";
562
563 echo "<form action=\"\" method=\"post\">";
564 echo "<p><i>" . ("Only press the button below if you're sure this theme works!") . "</i></p>";
565 echo "<p><input type=\"hidden\" value=\"theme:backup:save\" name=\"action\" /><input type=\"submit\" value=\"" . ("Save a backup") . "\" /></p>";
566 echo "</form>";
567
568 if (file_exists($CFG->dataroot . "backuppageshell") && file_exists($CFG->dataroot . "backupcss")) {
569
570 echo "<form action=\"\" method=\"post\">";
571 echo "<p><i>" . ("Click to restore your last saved backup:") . "</i></p>";
572 echo "<p><input type=\"hidden\" value=\"theme:backup:restore\" name=\"action\" /><input type=\"submit\" value=\"" . ("Restore from backup") . "\" /></p>";
573 echo "</form>";
574
575 }
576
577 }
578
579 // Displays the main form to edit front pages
580 function elggadmin_frontpage_main() {
581
582 global $CFG, $messages;
583
584 echo "<form action=\"\" method=\"post\">";
585
586 echo "<p><b>" . ("Front page (when logged out)") . "</b></p>";
587
588 echo "<textarea name=\"frontpage_loggedout\" >";
589 readfile($CFG->templatesroot . "Default_Template/frontpage_loggedout");
590 echo "</textarea>";
591
592 echo "<p><b>" . ("Front page (when logged in)") . "</b></p>";
593
594 echo "<textarea name=\"frontpage_loggedin\" >";
595 readfile($CFG->templatesroot . "Default_Template/frontpage_loggedin");
596 echo "</textarea>";
597
598 echo "<p>&nbsp;</p><p><i>" . ("Click below to save your settings.") . "</i></p>";
599 echo "<p><input type=\"hidden\" value=\"frontpage:save\" name=\"action\" /><input type=\"submit\" value=\"" . ("Save") . "\" /></p>";
600 echo "</form>";
601
602
603 }
604
605 // Checks to see if we're logged into the admin panel or not.
606 function elggadmin_isloggedin() {
607
608 global $CFG;
609 if ($_SESSION['adminid'] != -1
610 && $_SESSION['admincode'] == md5($CFG->adminuser . $CFG->adminpassword)
611 && !empty($CFG->adminuser) && !empty($CFG->adminpassword)
612 && !empty($_SESSION['adminid'])) {
613
614 return true;
615
616 }
617
618 return false;
619
620 }
621
622 // Displays navigation
623 function elggadmin_navigation($current_page) {
624
625 global $ADMINCFG;
626
627 $current[$current_page] = "class=\"active\"";
628
629 if (file_exists($ADMINCFG->admin->elggdir . $ADMINCFG->admin->configfile)) {
630
631 echo <<< END
632 <div id="navigation"><!-- start navigation -->
633 <ul>
634 <li><a href="index.php" {$current['config']}>Site configuration</a></li>
635 <li><a href="theme.php" {$current['theme']}>Site theme</a></li>
636 <li><a href="frontpage.php" {$current['frontpage']}>Front page</a></li>
637 <!-- <li><a href="profile.php" {$current['profile']}>Profile fields</a></li>
638 <li><a href="plugins.php" {$current['plugins']}>Plugins</a></li> -->
639 </ul>
640 </div>
641 END;
642
643 }
644
645 }
646
647 function elggadmin_begin_content() {
648 echo "<div id=\"content\">\n";
649 }
650 function elggadmin_end_content() {
651 echo "</div>\n";
652 }
653
654 // Displays a login box, if admin logins have been defined in Elgg's config.php.
655 // (Assumes, at this stage, that Elgg's config.php actually exists.)
656 function elggadmin_loginbox() {
657
658 global $CFG;
659
660 if (!empty($CFG->adminuser) && !empty($CFG->adminpassword)) {
661
662 echo "<h1>" . ("Please log in") . "</h1>";
663 echo "<p>" . ("Log in with your admin username and password below.") . "</p>";
664 echo "<form action=\"\" method=\"post\">\n";
665 echo "<table border=\"0\">\n";
666 echo "<tr><td><p>" . ("Username:") . "</p></td><td><p><input type=\"text\" name=\"adminuser\" value=\"\" /></p></td></tr>\n";
667 echo "<tr><td><p>" . ("Password:") . "</p></td><td><p><input type=\"password\" name=\"adminpassword\" value=\"\" /></p></td></tr>\n";
668 echo "<tr><td colspan=\"2\"><p><input type=\"hidden\" name=\"action\" value=\"admin:login\" /><input type=\"submit\" value=\"" . ("Log in") . "\" /></p></td></tr>\n";
669 echo "</table>\n";
670
671 } else {
672
673 echo "<h1>" . ("Admin login not defined") . "</h1>";
674 echo "<p>" . ("Before you use the admin panel, you will need to add the following code to Elgg's config.php:") . "</p>";
675 echo "<textarea rows=\"4\" cols=\"40\">\n\n\$CFG->adminuser = '';\n\$CFG->adminpassword = '';</textarea>";
676 echo "<p>" . ("The values for \$CFG->adminuser and \$CFG->adminpassword cannot be left blank.") . "</p>";
677
678 }
679
680 }
681
682 // Displays a header for the admin panel
683 function elggadmin_header() {
684
685 global $messages;
686 echo file_get_contents("HEADER");
687 if (!empty($messages) && is_array($messages)) {
688 echo "<div id=\"messages\"><ul>\n";
689 foreach($messages as $message) {
690 echo "<li>" . $message . "</li>\n";
691 }
692 echo "</ul></div>\n";
693 }
694
695 }
696
697 // Displays a footer for the admin panel
698 function elggadmin_footer() {
699
700 echo file_get_contents("FOOTER");
701
702 }
703
704 ?>
Elgg Social Networking Platform