get('adminpref', 0); // If not Main Admin and "Apply dashboard preferences to all administrators" // is checked in admin theme settings. if(!getperms("1") && $adminPref == 1) { e107::redirect('admin'); exit; } } include_once(e107::coreTemplatePath('admin_icons')); // Needs to be loaded before infopanel AND in boot.php if(vartrue($_GET['iframe']) == 1) { define('e_IFRAME', true); } $e_sub_cat = 'main'; if (varset($pref['adminstyle'])=='cascade' || varset($pref['adminstyle'])=='beginner') // Deprecated Admin-include. { $pref['adminstyle'] = 'infopanel'; } if(in_array($pref['adminstyle'], array('infopanel', 'flexpanel'))) { require_once(e_ADMIN . 'includes/' . $pref['adminstyle'] . '.php'); $_class = 'adminstyle_' . $pref['adminstyle']; if(class_exists($_class, false)) { $adp = new $_class; } else { $adp = new adminstyle_infopanel; } } define('e_ADMIN_HOME', true); // used by some admin shortcodes. require_once(e_ADMIN.'boot.php'); require_once(e_HANDLER.'upload_handler.php'); new admin_start; require_once(e_ADMIN.'auth.php'); e107::getDb()->db_Mark_Time('(Start Admin Checks)'); e107::getDb()->db_Mark_Time('(After Admin Checks)'); $mes = e107::getMessage(); if (!isset($pref['adminstyle'])) $pref['adminstyle'] = 'infopanel'; // Shouldn't be needed - but just in case class admin_start { private $incompat = array( 'banhelper' => 1.7, 'slir_admin' => 1.0, 'facebook_like' => 0.7, 'unanswered' => 1.4, 'lightwindow' => '1.0b', 'aa_jquery' => 1.2, 'aa_jquery' => 1.4, 'who' => 1.0, 'ratings' => 4.2, 'lightbox' => 1.5, 'e107slider' => 0.1, 'forumthanks' => 0.5, 'eclassifieds' => 1.11 ); private $allowed_types = null; private $refresh = false; private $exit = false; private $deprecated = array(); function __construct() { if(e_AJAX_REQUEST || !getperms('0') || varset($_GET['mode']) === 'customize') // don't display this tuff to regular admins only main admin. { return null; } // Files that can cause comflicts and problems. $this->deprecated = array( e_ADMIN."ad_links.php", e_PLUGIN."tinymce4/e_meta.php", e_THEME."bootstrap3/css/bootstrap_dark.css", e_PLUGIN."search_menu/languages/English.php", e_LANGUAGEDIR."English/lan_parser_functions.php", e_HANDLER."np_class.php", e_CORE."shortcodes/single/user_extended.sc", e_ADMIN."download.php", e_PLUGIN."banner/config.php", e_PLUGIN."forum/newforumposts_menu_config.php", e_PLUGIN."forum/e_latest.php", e_PLUGIN."forum/e_status.php", e_PLUGIN."forum/forum_post_shortcodes.php", e_PLUGIN."forum/forum_shortcodes.php", e_PLUGIN."forum/forum_update_check.php", e_PLUGIN."online_extended_menu/online_extended_menu.php", e_PLUGIN."online_extended_menu/images/user.png", e_PLUGIN."online_extended_menu/languages/English.php", e_PLUGIN."pm/sendpm.sc", e_PLUGIN."pm/shortcodes/", e_PLUGIN."social/e_header.php", // e_PLUGIN."download/url/url.php", // e_PLUGIN."download/url/sef_url.php", ); $this->checkCoreVersion(); if(!empty($_POST['delete-deprecated'])) { $this->deleteDeprecated(); } unset($_SESSION['lancheck']); e107::getDb()->db_Mark_Time('Check Paths'); $this->checkPaths(); e107::getDb()->db_Mark_Time('Check Timezone'); $this->checkTimezone(); e107::getDb()->db_Mark_Time('Check Writable'); $this->checkWritable(); e107::getDb()->db_Mark_Time('Check Incompatible Plugins'); $this->checkIncompatiblePlugins(); e107::getDb()->db_Mark_Time('Check Filetypes'); $this->checkFileTypes(); e107::getDb()->db_Mark_Time('Check Suspect Files'); $this->checkSuspiciousFiles(); e107::getDb()->db_Mark_Time('Check Deprecated'); $this->checkDeprecated(); e107::getDb()->db_Mark_Time('Check HTMLArea'); $this->checkHtmlarea(); e107::getDb()->db_Mark_Time('Check Htaccess'); $this->checkHtaccess(); e107::getDb()->db_Mark_Time('Check Core Update'); $this->checkCoreUpdate(); if($this->exit === true) { return null; } e107::getDb()->db_Mark_Time('Check New Install'); $this->checkNewInstall(); /* e107::getDb()->db_Mark_Time('Check Plugin Update'); $this->checkPluginUpdate(); e107::getDb()->db_Mark_Time('Check Theme Update'); $this->checkThemeUpdate(); */ e107::getDb()->db_Mark_Time('Check Password Encryption'); $this->checkPasswordEncryption(); if($this->refresh == true) { e107::getRedirect()->go(e_REQUEST_SELF); } } private function checkPaths() { $create_dir = array(e_MEDIA,e_SYSTEM,e_CACHE,e_CACHE_CONTENT,e_CACHE_IMAGE, e_CACHE_DB, e_LOG, e_BACKUP, e_CACHE_URL, e_TEMP, e_IMPORT); $mes = e107::getMessage(); foreach($create_dir as $dr) { if(!is_dir($dr)) { if(mkdir($dr, 0755)) { $this->refresh = true; } else { $mes->addWarning("Unable to create ".$dr.". Please check your folder permissions."); } } } } private function checkTimezone() { $mes = e107::getMessage(); $timezone = e107::pref('core','timezone'); if(e107::getDate()->isValidTimezone($timezone) == false) { $mes->addWarning("Your timezone setting (".$timezone.") is invalid. It has been reset to UTC. To Modify, please go to Admin -> Preferences -> Date Display Options.", 'default', true); e107::getConfig()->set('timezone','UTC')->save(false,true,false); $this->refresh = true; } } private function checkCoreVersion() { $e107info = array(); require(e_ADMIN."ver.php"); if(!empty($e107info['e107_version']) && (e_VERSION !== $e107info['e107_version'])) { e107::getConfig()->set('version', $e107info['e107_version'])->save(false,true,false); // When version has changed, clear plugin/theme version cache. e107::getPlug()->clearCache(); e107::getTheme()->clearCache(); e107::getDebug()->log("Updating core version pref"); } } private function checkCoreUpdate() { // auto db update if ('0' != ADMINPERMS) { return null; } $checked = e107::getSession()->get('core-update-checked'); if(!deftrue('e_DEBUG') && $checked === true && !deftrue('e_DEVELOPER')) { e107::getMessage()->addDebug("Skipping core update"); return null; } //$sc = e107::getScBatch('admin'); //echo $tp->parseTemplate('{ADMIN_COREUPDATE=alert}',true, $sc); global $dont_check_update, $e107info; global $dbupdate, $dbupdatep, $e107cache; require_once(e_ADMIN.'update_routines.php'); e107::getSession()->set('core-update-checked',true); e107::getMessage()->addDebug("Checking for core updates"); if(update_check() === true) { $JS = <<exit = true; } } } /* * // Moved to admin_shortcodes.php private function checkPluginUpdate() { require_once(e_HANDLER.'e_marketplace.php'); $mp = new e_marketplace(); // autodetect the best method $versions = $mp->getVersionList('plugin'); $plugins = e107::getPref('plug_installed'); if(empty($plugins)) { return null; } $tp = e107::getParser(); foreach($plugins as $folder=>$version) { if(!empty($versions[$folder]['version']) && version_compare( $version, $versions[$folder]['version'], '<')) { $link = "".$versions[$folder]['name'].""; $dl = $mp->getDownloadModal('plugin', $versions[$folder]); $caption = LAN_DOWNLOAD.": ".$versions[$folder]['name']." ".$versions[$folder]['version']; $lans = array('x'=>$link, 'y'=>LAN_PLUGIN); $message = $tp->lanVars(LAN_NEWER_VERSION_OF_X, $lans); $message .= " ".$tp->toGlyph('fa-arrow-circle-o-down').""; e107::getMessage()->addInfo($message); } } }*/ /* * Moved to admin_shortcodes.php private function checkThemeUpdate() { require_once(e_HANDLER.'e_marketplace.php'); $mp = new e_marketplace(); // autodetect the best method $versions = $mp->getVersionList('theme'); $themes = scandir(e_THEME); if(empty($themes)) { return null; } $tp = e107::getParser(); $list = e107::getTheme()->getThemeList(); foreach($list as $data) { $folder = $data['path']; $version = $data['version']; if(!empty($versions[$folder]['version']) && version_compare( $version, $versions[$folder]['version'], '<')) { $link = "".$versions[$folder]['name'].""; $lans = array('x'=>$link, 'y'=>LAN_THEME); $dl = $mp->getDownloadModal('theme', $versions[$folder]); $caption = LAN_DOWNLOAD.": ".$versions[$folder]['name']." ".$versions[$folder]['version']; $message = $tp->lanVars(LAN_NEWER_VERSION_OF_X, $lans); $message .= " ".$tp->toGlyph('fa-arrow-circle-o-down').""; e107::getMessage()->addInfo($message); e107::getMessage()->addDebug("Local version: ".$version." Remote version: ".$versions[$folder]['version']); } } }*/ /** * */ private function checkNewInstall() { $upgradeAlertFlag = e_CACHE.'dismiss.upgrade.alert.txt'; if(!empty($_GET['dismiss']) && $_GET['dismiss'] == 'upgrade') { file_put_contents($upgradeAlertFlag,'true'); } $pref = e107::getPref('install_date'); $v2ReleaseDate = strtotime('August 27, 2015'); $numDays = (abs($pref - time())/60/60/24); if($numDays < 3) // installed in the past 3 days. { echo e107::getMessage()->setTitle('Need Help?',E_MESSAGE_INFO)->addInfo("

Connect with our community for free support with any e107 issues you may encounter.

")->render(); } elseif($pref < $v2ReleaseDate && !file_exists($upgradeAlertFlag)) // installed prior to v2 release. { $message = "Connect with our community for free support with any upgrading issues you may encounter."; $message .= "
Don't show again
"; //todo do it with class=e-ajax and data-dismiss='alert' echo e107::getMessage()->setTitle('Upgrading?',E_MESSAGE_INFO)->addInfo($message)->render(); } e107::getMessage()->setTitle(null,E_MESSAGE_INFO); } private function checkWritable() { $mes = e107::getMessage(); if(deftrue('e_MEDIA') && is_dir(e_MEDIA) && !is_writable(e_MEDIA)) { $mes->addWarning("The folder ".e_MEDIA." is not writable. Please correct before proceeding."); } if(deftrue('e_SYSTEM') && is_dir(e_SYSTEM) && !is_writable(e_SYSTEM)) { $mes->addWarning("The folder ".e_SYSTEM." is not writable. Please correct before proceeding."); } $files = e107::getFile()->scandir(e_IMAGE."avatars",'jpg,gif,png,jpeg'); if(is_dir(e_IMAGE."avatars") && !is_writable(e_IMAGE."avatars") && !empty($files)) { $mes->addWarning("Legacy avatars folder detected. Please make sure ".e_IMAGE."avatars/ is writable. Please correct before proceeding."); } } private function checkHtmlarea() { $mes = e107::getMessage(); if (is_dir(e_ADMIN.'htmlarea') || is_dir(e_HANDLER.'htmlarea')) { $mes->addWarning(e_HANDLER_ABS."htmlarea/
".e_ADMIN_ABS."htmlarea/"); } } private function checkIncompatiblePlugins() { $mes = e107::getMessage(); $installedPlugs = e107::getPref('plug_installed'); $inCompatText = ""; $incompatFolders = array_keys($this->incompat); foreach($this->incompat as $folder => $version) { if(vartrue($installedPlugs[$folder]) && $version == $installedPlugs[$folder]) { $inCompatText .= "
  • ".$folder." v".$installedPlugs[$folder]."
    • "; } } if($inCompatText) { $text = ""; $mes->addWarning("The following plugins are not compatible with this version of e107 and should be uninstalled: ".$text."uninstall"); } } private function checkPasswordEncryption() { $us = e107::getUserSession(); $mes = e107::getMessage(); if($us->passwordAPIExists() === true && $us->getDefaultHashType() !== PASSWORD_E107_PHP && e107::pref('core','password_CHAP')==0) { $message = LAN_PASSWORD_WARNING; $srch = array('[',']'); $repl = array("",""); $mes->addWarning(str_replace($srch,$repl,$message)); } } private function checkDependencies() { } private function checkDeprecated() { $found = array(); foreach($this->deprecated as $path) { if(file_exists($path)) { $found[] = $path; } } if(!empty($found)) { $frm = e107::getForm(); $text = $frm->open('deprecatedFiles', 'post'); $text .= ADLAN_186; $text .= ""; $text .= $frm->button('delete-deprecated',LAN_DELETE,'delete'); $text .= $frm->close(); e107::getMessage()->addWarning($text); } } private function deleteDeprecated() { $mes = e107::getMessage(); foreach($this->deprecated as $file) { if(!file_exists($file)) { continue; } if(@unlink($file)) { $message = e107::getParser()->lanVars(LAN_UI_FILE_DELETED, array('x'=>$file)); $mes->addSuccess($message); } else { $message = e107::getParser()->lanVars(LAN_UI_FILE_DELETED_FAILED, array('x'=>$file)); $mes->addError($message); } } } private function checkHtaccess() // upgrade scenario { if(!file_exists(e_BASE.".htaccess") && file_exists(e_BASE."e107.htaccess")) { if(rename(e_BASE."e107.htaccess", e_BASE.".htaccess")===false) { e107::getMessage()->addWarning("Please rename your e107.htaccess file to .htaccess"); } } } private function checkFileTypes() { $mes = e107::getMessage(); $this->allowed_types = get_filetypes(); // Get allowed types according to filetypes.xml or filetypes.php if (count($this->allowed_types) == 0) { $this->allowed_types = array('zip' => 1, 'gz' => 1, 'jpg' => 1, 'png' => 1, 'gif' => 1, 'pdf'=>1); $mes->addDebug("Setting default filetypes: ".implode(', ',array_keys($this->allowed_types))); } } private function checkSuspiciousFiles() { $mes = e107::getMessage(); $public = array(e_UPLOAD, e_AVATAR_UPLOAD); $tp = e107::getParser(); $exceptions = array(".","..","/","CVS","avatars","Thumbs.db",".ftpquota",".htaccess","php.ini",".cvsignore",'e107.htaccess'); //TODO use $file-class to grab list and perform this check. foreach ($public as $dir) { if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if (is_dir($dir."/".$file) == FALSE && !in_array($file,$exceptions)) { $fext = substr(strrchr($file, "."), 1); if (!array_key_exists(strtolower($fext),$this->allowed_types) ) { if ($file == 'index.html' || $file == "null.txt") { if (filesize($dir.'/'.$file)) { $potential[] = str_replace('../', '', $dir).'/'.$file; } } else { $potential[] = str_replace('../', '', $dir).'/'.$file; } } } } closedir($dh); } } } if (isset($potential)) { //$text = ADLAN_ERR_3."

    "; $mes->addWarning($tp->toHtml(ADLAN_ERR_3, true)); $text = '