Subs-Admin.php 16 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481
  1. <?php
  2. /**
  3. * This file contains functions that are specifically done by administrators.
  4. *
  5. * Simple Machines Forum (SMF)
  6. *
  7. * @package SMF
  8. * @author Simple Machines http://www.simplemachines.org
  9. * @copyright 2011 Simple Machines
  10. * @license http://www.simplemachines.org/about/smf/license.php BSD
  11. *
  12. * @version 2.0
  13. */
  14. if (!defined('SMF'))
  15. die('Hacking attempt...');
  16. /**
  17. * Get a list of versions that are currently installed on the server.
  18. * @param array $checkFor
  19. */
  20. function getServerVersions($checkFor)
  21. {
  22. global $txt, $db_connection, $_PHPA, $smcFunc, $memcached, $modSettings;
  23. loadLanguage('Admin');
  24. $versions = array();
  25. // Is GD available? If it is, we should show version information for it too.
  26. if (in_array('gd', $checkFor) && function_exists('gd_info'))
  27. {
  28. $temp = gd_info();
  29. $versions['gd'] = array('title' => $txt['support_versions_gd'], 'version' => $temp['GD Version']);
  30. }
  31. // Now lets check for the Database.
  32. if (in_array('db_server', $checkFor))
  33. {
  34. db_extend();
  35. if (!isset($db_connection) || $db_connection === false)
  36. trigger_error('getServerVersions(): you need to be connected to the database in order to get its server version', E_USER_NOTICE);
  37. else
  38. {
  39. $versions['db_server'] = array('title' => sprintf($txt['support_versions_db'], $smcFunc['db_title']), 'version' => '');
  40. $versions['db_server']['version'] = $smcFunc['db_get_version']();
  41. }
  42. }
  43. // If we're using memcache we need the server info.
  44. if (empty($memcached) && function_exists('memcache_get') && isset($modSettings['cache_memcached']) && trim($modSettings['cache_memcached']) != '')
  45. get_memcached_server();
  46. // Check to see if we have any accelerators installed...
  47. if (in_array('mmcache', $checkFor) && defined('MMCACHE_VERSION'))
  48. $versions['mmcache'] = array('title' => 'Turck MMCache', 'version' => MMCACHE_VERSION);
  49. if (in_array('eaccelerator', $checkFor) && defined('EACCELERATOR_VERSION'))
  50. $versions['eaccelerator'] = array('title' => 'eAccelerator', 'version' => EACCELERATOR_VERSION);
  51. if (in_array('phpa', $checkFor) && isset($_PHPA))
  52. $versions['phpa'] = array('title' => 'ionCube PHP-Accelerator', 'version' => $_PHPA['VERSION']);
  53. if (in_array('apc', $checkFor) && extension_loaded('apc'))
  54. $versions['apc'] = array('title' => 'Alternative PHP Cache', 'version' => phpversion('apc'));
  55. if (in_array('memcache', $checkFor) && function_exists('memcache_set'))
  56. $versions['memcache'] = array('title' => 'Memcached', 'version' => empty($memcached) ? '???' : memcache_get_version($memcached));
  57. if (in_array('xcache', $checkFor) && function_exists('xcache_set'))
  58. $versions['xcache'] = array('title' => 'XCache', 'version' => XCACHE_VERSION);
  59. if (in_array('php', $checkFor))
  60. $versions['php'] = array('title' => 'PHP', 'version' => PHP_VERSION);
  61. if (in_array('server', $checkFor))
  62. $versions['server'] = array('title' => $txt['support_versions_server'], 'version' => $_SERVER['SERVER_SOFTWARE']);
  63. return $versions;
  64. }
  65. /**
  66. * Search through source, theme and language files to determine their version.
  67. * Get detailed version information about the physical SMF files on the
  68. * server.
  69. * the input parameter allows to set whether to include SSI.php and
  70. * whether the results should be sorted.
  71. * returns an array containing information on source files, templates
  72. * and language files found in the default theme directory (grouped by
  73. * language).
  74. * @param array &$versionOptions
  75. */
  76. function getFileVersions(&$versionOptions)
  77. {
  78. global $boarddir, $sourcedir, $settings;
  79. // Default place to find the languages would be the default theme dir.
  80. $lang_dir = $settings['default_theme_dir'] . '/languages';
  81. $version_info = array(
  82. 'file_versions' => array(),
  83. 'default_template_versions' => array(),
  84. 'template_versions' => array(),
  85. 'default_language_versions' => array(),
  86. );
  87. // Find the version in SSI.php's file header.
  88. if (!empty($versionOptions['include_ssi']) && file_exists($boarddir . '/SSI.php'))
  89. {
  90. $fp = fopen($boarddir . '/SSI.php', 'rb');
  91. $header = fread($fp, 4096);
  92. fclose($fp);
  93. // The comment looks rougly like... that.
  94. if (preg_match('~\*\s@version\s+(.+)[\s]{2}~i', $header, $match) == 1)
  95. $version_info['file_versions']['SSI.php'] = $match[1];
  96. // Not found! This is bad.
  97. else
  98. $version_info['file_versions']['SSI.php'] = '??';
  99. }
  100. // Do the paid subscriptions handler?
  101. if (!empty($versionOptions['include_subscriptions']) && file_exists($boarddir . '/subscriptions.php'))
  102. {
  103. $fp = fopen($boarddir . '/subscriptions.php', 'rb');
  104. $header = fread($fp, 4096);
  105. fclose($fp);
  106. // Found it?
  107. if (preg_match('~\*\s@version\s+(.+)[\s]{2}~i', $header, $match) == 1)
  108. $version_info['file_versions']['subscriptions.php'] = $match[1];
  109. // If we haven't how do we all get paid?
  110. else
  111. $version_info['file_versions']['subscriptions.php'] = '??';
  112. }
  113. // Load all the files in the Sources directory, except this file and the redirect.
  114. $sources_dir = dir($sourcedir);
  115. while ($entry = $sources_dir->read())
  116. {
  117. if (substr($entry, -4) === '.php' && !is_dir($sourcedir . '/' . $entry) && $entry !== 'index.php')
  118. {
  119. // Read the first 4k from the file.... enough for the header.
  120. $fp = fopen($sourcedir . '/' . $entry, 'rb');
  121. $header = fread($fp, 4096);
  122. fclose($fp);
  123. // Look for the version comment in the file header.
  124. if (preg_match('~\*\s@version\s+(.+)[\s]{2}~i', $header, $match) == 1)
  125. $version_info['file_versions'][$entry] = $match[1];
  126. // It wasn't found, but the file was... show a '??'.
  127. else
  128. $version_info['file_versions'][$entry] = '??';
  129. }
  130. }
  131. $sources_dir->close();
  132. // Load all the files in the default template directory - and the current theme if applicable.
  133. $directories = array('default_template_versions' => $settings['default_theme_dir']);
  134. if ($settings['theme_id'] != 1)
  135. $directories += array('template_versions' => $settings['theme_dir']);
  136. foreach ($directories as $type => $dirname)
  137. {
  138. $this_dir = dir($dirname);
  139. while ($entry = $this_dir->read())
  140. {
  141. if (substr($entry, -12) == 'template.php' && !is_dir($dirname . '/' . $entry))
  142. {
  143. // Read the first 768 bytes from the file.... enough for the header.
  144. $fp = fopen($dirname . '/' . $entry, 'rb');
  145. $header = fread($fp, 768);
  146. fclose($fp);
  147. // Look for the version comment in the file header.
  148. if (preg_match('~\*\s@version\s+(.+)[\s]{2}~i', $header, $match) == 1)
  149. $version_info[$type][$entry] = $match[1];
  150. // It wasn't found, but the file was... show a '??'.
  151. else
  152. $version_info[$type][$entry] = '??';
  153. }
  154. }
  155. $this_dir->close();
  156. }
  157. // Load up all the files in the default language directory and sort by language.
  158. $this_dir = dir($lang_dir);
  159. while ($entry = $this_dir->read())
  160. {
  161. if (substr($entry, -4) == '.php' && $entry != 'index.php' && !is_dir($lang_dir . '/' . $entry))
  162. {
  163. // Read the first 768 bytes from the file.... enough for the header.
  164. $fp = fopen($lang_dir . '/' . $entry, 'rb');
  165. $header = fread($fp, 768);
  166. fclose($fp);
  167. // Split the file name off into useful bits.
  168. list ($name, $language) = explode('.', $entry);
  169. // Look for the version comment in the file header.
  170. if (preg_match('~(?://|/\*)\s*Version:\s+(.+?);\s*' . preg_quote($name, '~') . '(?:[\s]{2}|\*/)~i', $header, $match) == 1)
  171. $version_info['default_language_versions'][$language][$name] = $match[1];
  172. // It wasn't found, but the file was... show a '??'.
  173. else
  174. $version_info['default_language_versions'][$language][$name] = '??';
  175. }
  176. }
  177. $this_dir->close();
  178. // Sort the file versions by filename.
  179. if (!empty($versionOptions['sort_results']))
  180. {
  181. ksort($version_info['file_versions']);
  182. ksort($version_info['default_template_versions']);
  183. ksort($version_info['template_versions']);
  184. ksort($version_info['default_language_versions']);
  185. // For languages sort each language too.
  186. foreach ($version_info['default_language_versions'] as $language => $dummy)
  187. ksort($version_info['default_language_versions'][$language]);
  188. }
  189. return $version_info;
  190. }
  191. /**
  192. * Update the Settings.php file.
  193. *
  194. * The most important function in this file for mod makers happens to be the
  195. * updateSettingsFile() function, but it shouldn't be used often anyway.
  196. * updates the Settings.php file with the changes in config_vars.
  197. * expects config_vars to be an associative array, with the keys as the
  198. * variable names in Settings.php, and the values the varaible values.
  199. * does not escape or quote values.
  200. * preserves case, formatting, and additional options in file.
  201. * writes nothing if the resulting file would be less than 10 lines
  202. * in length (sanity check for read lock.)
  203. *
  204. * @param array $config_vars
  205. */
  206. function updateSettingsFile($config_vars)
  207. {
  208. global $boarddir, $cachedir;
  209. // When is Settings.php last changed?
  210. $last_settings_change = filemtime($boarddir . '/Settings.php');
  211. // Load the file. Break it up based on \r or \n, and then clean out extra characters.
  212. $settingsArray = trim(file_get_contents($boarddir . '/Settings.php'));
  213. if (strpos($settingsArray, "\n") !== false)
  214. $settingsArray = explode("\n", $settingsArray);
  215. elseif (strpos($settingsArray, "\r") !== false)
  216. $settingsArray = explode("\r", $settingsArray);
  217. else
  218. return;
  219. // Make sure we got a good file.
  220. if (count($config_vars) == 1 && isset($config_vars['db_last_error']))
  221. {
  222. $temp = trim(implode("\n", $settingsArray));
  223. if (substr($temp, 0, 5) != '<?php' || substr($temp, -2) != '?' . '>')
  224. return;
  225. if (strpos($temp, 'sourcedir') === false || strpos($temp, 'boarddir') === false)
  226. return;
  227. }
  228. // Presumably, the file has to have stuff in it for this function to be called :P.
  229. if (count($settingsArray) < 10)
  230. return;
  231. foreach ($settingsArray as $k => $dummy)
  232. $settingsArray[$k] = strtr($dummy, array("\r" => '')) . "\n";
  233. for ($i = 0, $n = count($settingsArray); $i < $n; $i++)
  234. {
  235. // Don't trim or bother with it if it's not a variable.
  236. if (substr($settingsArray[$i], 0, 1) != '$')
  237. continue;
  238. $settingsArray[$i] = trim($settingsArray[$i]) . "\n";
  239. // Look through the variables to set....
  240. foreach ($config_vars as $var => $val)
  241. {
  242. if (strncasecmp($settingsArray[$i], '$' . $var, 1 + strlen($var)) == 0)
  243. {
  244. $comment = strstr(substr($settingsArray[$i], strpos($settingsArray[$i], ';')), '#');
  245. $settingsArray[$i] = '$' . $var . ' = ' . $val . ';' . ($comment == '' ? '' : "\t\t" . rtrim($comment)) . "\n";
  246. // This one's been 'used', so to speak.
  247. unset($config_vars[$var]);
  248. }
  249. }
  250. if (substr(trim($settingsArray[$i]), 0, 2) == '?' . '>')
  251. $end = $i;
  252. }
  253. // This should never happen, but apparently it is happening.
  254. if (empty($end) || $end < 10)
  255. $end = count($settingsArray) - 1;
  256. // Still more? Add them at the end.
  257. if (!empty($config_vars))
  258. {
  259. if (trim($settingsArray[$end]) == '?' . '>')
  260. $settingsArray[$end++] = '';
  261. else
  262. $end++;
  263. foreach ($config_vars as $var => $val)
  264. $settingsArray[$end++] = '$' . $var . ' = ' . $val . ';' . "\n";
  265. $settingsArray[$end] = '?' . '>';
  266. }
  267. else
  268. $settingsArray[$end] = trim($settingsArray[$end]);
  269. // Sanity error checking: the file needs to be at least 12 lines.
  270. if (count($settingsArray) < 12)
  271. return;
  272. // Try to avoid a few pitfalls:
  273. // like a possible race condition,
  274. // or a failure to write at low diskspace
  275. // Check before you act: if cache is enabled, we can do a simple test
  276. // Can we even write things on this filesystem?
  277. if ((empty($cachedir) || !file_exists($cachedir)) && file_exists($boarddir . '/cache'))
  278. $cachedir = $boarddir . '/cache';
  279. $test_fp = @fopen($cachedir . '/settings_update.tmp', "w+");
  280. if ($test_fp)
  281. {
  282. fclose($test_fp);
  283. $test_fp = @fopen($cachedir . '/settings_update.tmp', 'r+');
  284. $written_bytes = fwrite($test_fp, "test");
  285. fclose($test_fp);
  286. @unlink($cachedir . '/settings_update.tmp');
  287. if ($written_bytes !== strlen("test"))
  288. {
  289. // Oops. Low disk space, perhaps. Don't mess with Settings.php then.
  290. // No means no. :P
  291. return;
  292. }
  293. }
  294. // Protect me from what I want! :P
  295. clearstatcache();
  296. if (filemtime($boarddir . '/Settings.php') === $last_settings_change)
  297. {
  298. // You asked for it...
  299. // Blank out the file - done to fix a oddity with some servers.
  300. $fp = @fopen($boarddir . '/Settings.php', 'w');
  301. // Is it even writable, though?
  302. if ($fp)
  303. {
  304. fclose($fp);
  305. $fp = fopen($boarddir . '/Settings.php', 'r+');
  306. foreach ($settingsArray as $line)
  307. fwrite($fp, strtr($line, "\r", ''));
  308. fclose($fp);
  309. }
  310. }
  311. }
  312. /**
  313. * Saves the admins current preferences to the database.
  314. */
  315. function updateAdminPreferences()
  316. {
  317. global $options, $context, $smcFunc, $settings, $user_info;
  318. // This must exist!
  319. if (!isset($context['admin_preferences']))
  320. return false;
  321. // This is what we'll be saving.
  322. $options['admin_preferences'] = serialize($context['admin_preferences']);
  323. // Just check we haven't ended up with something theme exclusive somehow.
  324. $smcFunc['db_query']('', '
  325. DELETE FROM {db_prefix}themes
  326. WHERE id_theme != {int:default_theme}
  327. AND variable = {string:admin_preferences}',
  328. array(
  329. 'default_theme' => 1,
  330. 'admin_preferences' => 'admin_preferences',
  331. )
  332. );
  333. // Update the themes table.
  334. $smcFunc['db_insert']('replace',
  335. '{db_prefix}themes',
  336. array('id_member' => 'int', 'id_theme' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  337. array($user_info['id'], 1, 'admin_preferences', $options['admin_preferences']),
  338. array('id_member', 'id_theme', 'variable')
  339. );
  340. // Make sure we invalidate any cache.
  341. cache_put_data('theme_settings-' . $settings['theme_id'] . ':' . $user_info['id'], null, 0);
  342. }
  343. /**
  344. * Send all the administrators a lovely email.
  345. * loads all users who are admins or have the admin forum permission.
  346. * uses the email template and replacements passed in the parameters.
  347. * sends them an email.
  348. */
  349. function emailAdmins($template, $replacements = array(), $additional_recipients = array())
  350. {
  351. global $smcFunc, $sourcedir, $language, $modSettings;
  352. // We certainly want this.
  353. require_once($sourcedir . '/Subs-Post.php');
  354. // Load all groups which are effectively admins.
  355. $request = $smcFunc['db_query']('', '
  356. SELECT id_group
  357. FROM {db_prefix}permissions
  358. WHERE permission = {string:admin_forum}
  359. AND add_deny = {int:add_deny}
  360. AND id_group != {int:id_group}',
  361. array(
  362. 'add_deny' => 1,
  363. 'id_group' => 0,
  364. 'admin_forum' => 'admin_forum',
  365. )
  366. );
  367. $groups = array(1);
  368. while ($row = $smcFunc['db_fetch_assoc']($request))
  369. $groups[] = $row['id_group'];
  370. $smcFunc['db_free_result']($request);
  371. $request = $smcFunc['db_query']('', '
  372. SELECT id_member, member_name, real_name, lngfile, email_address
  373. FROM {db_prefix}members
  374. WHERE (id_group IN ({array_int:group_list}) OR FIND_IN_SET({raw:group_array_implode}, additional_groups) != 0)
  375. AND notify_types != {int:notify_types}
  376. ORDER BY lngfile',
  377. array(
  378. 'group_list' => $groups,
  379. 'notify_types' => 4,
  380. 'group_array_implode' => implode(', additional_groups) != 0 OR FIND_IN_SET(', $groups),
  381. )
  382. );
  383. $emails_sent = array();
  384. while ($row = $smcFunc['db_fetch_assoc']($request))
  385. {
  386. // Stick their particulars in the replacement data.
  387. $replacements['IDMEMBER'] = $row['id_member'];
  388. $replacements['REALNAME'] = $row['member_name'];
  389. $replacements['USERNAME'] = $row['real_name'];
  390. // Load the data from the template.
  391. $emaildata = loadEmailTemplate($template, $replacements, empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile']);
  392. // Then send the actual email.
  393. sendmail($row['email_address'], $emaildata['subject'], $emaildata['body'], null, null, false, 1);
  394. // Track who we emailed so we don't do it twice.
  395. $emails_sent[] = $row['email_address'];
  396. }
  397. $smcFunc['db_free_result']($request);
  398. // Any additional users we must email this to?
  399. if (!empty($additional_recipients))
  400. foreach ($additional_recipients as $recipient)
  401. {
  402. if (in_array($recipient['email'], $emails_sent))
  403. continue;
  404. $replacements['IDMEMBER'] = $recipient['id'];
  405. $replacements['REALNAME'] = $recipient['name'];
  406. $replacements['USERNAME'] = $recipient['name'];
  407. // Load the template again.
  408. $emaildata = loadEmailTemplate($template, $replacements, empty($recipient['lang']) || empty($modSettings['userLanguage']) ? $language : $recipient['lang']);
  409. // Send off the email.
  410. sendmail($recipient['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 1);
  411. }
  412. }
  413. ?>