aboutsummaryrefslogtreecommitdiffstats
path: root/mod/admin.php
diff options
context:
space:
mode:
Diffstat (limited to 'mod/admin.php')
-rw-r--r--[-rwxr-xr-x]mod/admin.php215
1 files changed, 176 insertions, 39 deletions
diff --git a/mod/admin.php b/mod/admin.php
index 53b5ee354..cdc45c8e3 100755..100644
--- a/mod/admin.php
+++ b/mod/admin.php
@@ -4,7 +4,11 @@
* Friendica admin
*/
require_once("include/remoteupdate.php");
-
+
+
+/**
+ * @param App $a
+ */
function admin_post(&$a){
@@ -40,6 +44,20 @@ function admin_post(&$a){
goaway($a->get_baseurl(true) . '/admin/plugins/' . $a->argv[2] );
return; // NOTREACHED
break;
+ case 'themes':
+ $theme = $a->argv[2];
+ if (is_file("view/theme/$theme/config.php")){
+ require_once("view/theme/$theme/config.php");
+ if (function_exists("theme_admin_post")){
+ theme_admin_post($a);
+ }
+ }
+ info(t('Theme settings updated.'));
+ if(is_ajax()) return;
+
+ goaway($a->get_baseurl(true) . '/admin/themes/' . $theme );
+ return;
+ break;
case 'logs':
admin_page_logs_post($a);
break;
@@ -53,6 +71,10 @@ function admin_post(&$a){
return; // NOTREACHED
}
+/**
+ * @param App $a
+ * @return string
+ */
function admin_content(&$a) {
if(!is_site_admin()) {
@@ -60,7 +82,7 @@ function admin_content(&$a) {
}
if(x($_SESSION,'submanage') && intval($_SESSION['submanage']))
- return;
+ return "";
/**
* Side bar links
@@ -129,12 +151,21 @@ function admin_content(&$a) {
} else {
$o = admin_page_summary($a);
}
- return $o;
+
+ if(is_ajax()) {
+ echo $o;
+ killme();
+ return '';
+ } else {
+ return $o;
+ }
}
/**
* Admin Summary Page
+ * @param App $a
+ * @return string
*/
function admin_page_summary(&$a) {
$r = q("SELECT `page-flags`, COUNT(uid) as `count` FROM `user` GROUP BY `page-flags`");
@@ -168,13 +199,15 @@ function admin_page_summary(&$a) {
/**
* Admin Site Page
+ * @param App $a
*/
function admin_page_site_post(&$a){
if (!x($_POST,"page_site")){
return;
}
-
+ check_form_security_token_redirectOnErr('/admin/site', 'admin_site');
+
$sitename = ((x($_POST,'sitename')) ? notags(trim($_POST['sitename'])) : '');
$banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false);
$language = ((x($_POST,'language')) ? notags(trim($_POST['language'])) : '');
@@ -194,7 +227,6 @@ function admin_page_site_post(&$a){
$global_directory = ((x($_POST,'directory_submit_url')) ? notags(trim($_POST['directory_submit_url'])) : '');
$no_multi_reg = ((x($_POST,'no_multi_reg')) ? True : False);
$no_openid = !((x($_POST,'no_openid')) ? True : False);
- $no_gravatar = !((x($_POST,'no_gravatar')) ? True : False);
$no_regfullname = !((x($_POST,'no_regfullname')) ? True : False);
$no_utf = !((x($_POST,'no_utf')) ? True : False);
$no_community_page = !((x($_POST,'no_community_page')) ? True : False);
@@ -204,10 +236,52 @@ function admin_page_site_post(&$a){
$proxy = ((x($_POST,'proxy')) ? notags(trim($_POST['proxy'])) : '');
$timeout = ((x($_POST,'timeout')) ? intval(trim($_POST['timeout'])) : 60);
$dfrn_only = ((x($_POST,'dfrn_only')) ? True : False);
- $ostatus_disabled = !((x($_POST,'ostatus_disabled')) ? True : False);
+ $ostatus_disabled = !((x($_POST,'ostatus_disabled')) ? True : False);
$diaspora_enabled = ((x($_POST,'diaspora_enabled')) ? True : False);
$ssl_policy = ((x($_POST,'ssl_policy')) ? intval($_POST['ssl_policy']) : 0);
+ if($ssl_policy != intval(get_config('system','ssl_policy'))) {
+ if($ssl_policy == SSL_POLICY_FULL) {
+ q("update `contact` set
+ `url` = replace(`url` , 'http:' , 'https:'),
+ `photo` = replace(`photo` , 'http:' , 'https:'),
+ `thumb` = replace(`thumb` , 'http:' , 'https:'),
+ `micro` = replace(`micro` , 'http:' , 'https:'),
+ `request` = replace(`request`, 'http:' , 'https:'),
+ `notify` = replace(`notify` , 'http:' , 'https:'),
+ `poll` = replace(`poll` , 'http:' , 'https:'),
+ `confirm` = replace(`confirm`, 'http:' , 'https:'),
+ `poco` = replace(`poco` , 'http:' , 'https:')
+ where `self` = 1"
+ );
+ q("update `profile` set
+ `photo` = replace(`photo` , 'http:' , 'https:'),
+ `thumb` = replace(`thumb` , 'http:' , 'https:')
+ where 1 "
+ );
+ }
+ elseif($ssl_policy == SSL_POLICY_SELFSIGN) {
+ q("update `contact` set
+ `url` = replace(`url` , 'https:' , 'http:'),
+ `photo` = replace(`photo` , 'https:' , 'http:'),
+ `thumb` = replace(`thumb` , 'https:' , 'http:'),
+ `micro` = replace(`micro` , 'https:' , 'http:'),
+ `request` = replace(`request`, 'https:' , 'http:'),
+ `notify` = replace(`notify` , 'https:' , 'http:'),
+ `poll` = replace(`poll` , 'https:' , 'http:'),
+ `confirm` = replace(`confirm`, 'https:' , 'http:'),
+ `poco` = replace(`poco` , 'https:' , 'http:')
+ where `self` = 1"
+ );
+ q("update `profile` set
+ `photo` = replace(`photo` , 'https:' , 'http:'),
+ `thumb` = replace(`thumb` , 'https:' , 'http:')
+ where 1 "
+ );
+ }
+ }
+ set_config('system','ssl_policy',$ssl_policy);
+
set_config('config','sitename',$sitename);
if ($banner==""){
// don't know why, but del_config doesn't work...
@@ -218,7 +292,6 @@ function admin_page_site_post(&$a){
} else {
set_config('system','banner', $banner);
}
- set_config('system','ssl_policy',$ssl_policy);
set_config('system','language', $language);
set_config('system','theme', $theme);
set_config('system','maximagesize', $maximagesize);
@@ -239,10 +312,9 @@ function admin_page_site_post(&$a){
} else {
set_config('system','directory_submit_url', $global_directory);
}
- set_config('system','directory_search_url', $global_search_url);
+
set_config('system','block_extended_register', $no_multi_reg);
set_config('system','no_openid', $no_openid);
- set_config('system','no_gravatar', $no_gravatar);
set_config('system','no_regfullname', $no_regfullname);
set_config('system','no_community_page', $no_community_page);
set_config('system','no_utf', $no_utf);
@@ -259,7 +331,11 @@ function admin_page_site_post(&$a){
return; // NOTREACHED
}
-
+
+/**
+ * @param App $a
+ * @return string
+ */
function admin_page_site(&$a) {
/* Installed langs */
@@ -324,7 +400,7 @@ function admin_page_site(&$a) {
'$sitename' => array('sitename', t("Site name"), htmlentities($a->config['sitename'], ENT_QUOTES), ""),
'$banner' => array('banner', t("Banner/Logo"), $banner, ""),
'$language' => array('language', t("System language"), get_config('system','language'), "", $lang_choices),
- '$theme' => array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles"), $theme_choices),
+ '$theme' => array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices),
'$ssl_policy' => array('ssl_policy', t("SSL link policy"), (string) intval(get_config('system','ssl_policy')), t("Determines whether generated links should be forced to use SSL"), $ssl_choices),
'$maximagesize' => array('maximagesize', t("Maximum image size"), get_config('system','maximagesize'), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
@@ -339,7 +415,6 @@ function admin_page_site(&$a) {
'$no_multi_reg' => array('no_multi_reg', t("Block multiple registrations"), get_config('system','block_extended_register'), t("Disallow users to register additional accounts for use as pages.")),
'$no_openid' => array('no_openid', t("OpenID support"), !get_config('system','no_openid'), t("OpenID support for registration and logins.")),
- '$no_gravatar' => array('no_gravatar', t("Gravatar support"), !get_config('system','no_gravatar'), t("Search new user's photo on Gravatar.")),
'$no_regfullname' => array('no_regfullname', t("Fullname check"), !get_config('system','no_regfullname'), t("Force users to register with a space between firstname and lastname in Full name, as an antispam measure")),
'$no_utf' => array('no_utf', t("UTF-8 Regular expressions"), !get_config('system','no_utf'), t("Use PHP UTF8 regular expressions")),
'$no_community_page' => array('no_community_page', t("Show Community Page"), !get_config('system','no_community_page'), t("Display a Community page showing all recent public postings on this site.")),
@@ -351,6 +426,7 @@ function admin_page_site(&$a) {
'$proxy' => array('proxy', t("Proxy URL"), get_config('system','proxy'), ""),
'$timeout' => array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")),
+ '$form_security_token' => get_form_security_token("admin_site"),
));
@@ -359,11 +435,15 @@ function admin_page_site(&$a) {
/**
* Users admin page
+ *
+ * @param App $a
*/
function admin_page_users_post(&$a){
$pending = ( x($_POST, 'pending') ? $_POST['pending'] : Array() );
$users = ( x($_POST, 'user') ? $_POST['user'] : Array() );
-
+
+ check_form_security_token_redirectOnErr('/admin/users', 'admin_users');
+
if (x($_POST,'page_users_block')){
foreach($users as $uid){
q("UPDATE `user` SET `blocked`=1-`blocked` WHERE `uid`=%s",
@@ -395,7 +475,11 @@ function admin_page_users_post(&$a){
goaway($a->get_baseurl(true) . '/admin/users' );
return; // NOTREACHED
}
-
+
+/**
+ * @param App $a
+ * @return string
+ */
function admin_page_users(&$a){
if ($a->argc>2) {
$uid = $a->argv[3];
@@ -403,10 +487,11 @@ function admin_page_users(&$a){
if (count($user)==0){
notice( 'User not found' . EOL);
goaway($a->get_baseurl(true) . '/admin/users' );
- return; // NOTREACHED
+ return ''; // NOTREACHED
}
switch($a->argv[2]){
case "delete":{
+ check_form_security_token_redirectOnErr('/admin/users', 'admin_users', 't');
// delete user
require_once("include/Contact.php");
user_remove($uid);
@@ -414,6 +499,7 @@ function admin_page_users(&$a){
notice( sprintf(t("User '%s' deleted"), $user[0]['username']) . EOL);
}; break;
case "block":{
+ check_form_security_token_redirectOnErr('/admin/users', 'admin_users', 't');
q("UPDATE `user` SET `blocked`=%d WHERE `uid`=%s",
intval( 1-$user[0]['blocked'] ),
intval( $uid )
@@ -422,7 +508,7 @@ function admin_page_users(&$a){
}; break;
}
goaway($a->get_baseurl(true) . '/admin/users' );
- return; // NOTREACHED
+ return ''; // NOTREACHED
}
@@ -498,6 +584,7 @@ function admin_page_users(&$a){
'$confirm_delete_multi' => t('Selected users will be deleted!\n\nEverything these users had posted on this site will be permanently deleted!\n\nAre you sure?'),
'$confirm_delete' => t('The user {0} will be deleted!\n\nEverything this user has posted on this site will be permanently deleted!\n\nAre you sure?'),
+ '$form_security_token' => get_form_security_token("admin_users"),
// values //
'$baseurl' => $a->get_baseurl(true),
@@ -510,10 +597,12 @@ function admin_page_users(&$a){
}
-/*
+/**
* Plugins admin page
+ *
+ * @param App $a
+ * @return string
*/
-
function admin_page_plugins(&$a){
/**
@@ -523,10 +612,12 @@ function admin_page_plugins(&$a){
$plugin = $a->argv[2];
if (!is_file("addon/$plugin/$plugin.php")){
notice( t("Item not found.") );
- return;
+ return '';
}
if (x($_GET,"a") && $_GET['a']=="t"){
+ check_form_security_token_redirectOnErr('/admin/plugins', 'admin_themes', 't');
+
// Toggle plugin status
$idx = array_search($plugin, $a->plugins);
if ($idx !== false){
@@ -540,7 +631,7 @@ function admin_page_plugins(&$a){
}
set_config("system","addon", implode(", ",$a->plugins));
goaway($a->get_baseurl(true) . '/admin/plugins' );
- return; // NOTREACHED
+ return ''; // NOTREACHED
}
// display plugin details
require_once('library/markdown.php');
@@ -584,7 +675,9 @@ function admin_page_plugins(&$a){
'$admin_form' => $admin_form,
'$function' => 'plugins',
'$screenshot' => '',
- '$readme' => $readme
+ '$readme' => $readme,
+
+ '$form_security_token' => get_form_security_token("admin_themes"),
));
}
@@ -613,10 +706,16 @@ function admin_page_plugins(&$a){
'$submit' => t('Submit'),
'$baseurl' => $a->get_baseurl(true),
'$function' => 'plugins',
- '$plugins' => $plugins
+ '$plugins' => $plugins,
+ '$form_security_token' => get_form_security_token("admin_themes"),
));
}
+/**
+ * @param array $themes
+ * @param string $th
+ * @param int $result
+ */
function toggle_theme(&$themes,$th,&$result) {
for($x = 0; $x < count($themes); $x ++) {
if($themes[$x]['name'] === $th) {
@@ -632,6 +731,11 @@ function toggle_theme(&$themes,$th,&$result) {
}
}
+/**
+ * @param array $themes
+ * @param string $th
+ * @return int
+ */
function theme_status($themes,$th) {
for($x = 0; $x < count($themes); $x ++) {
if($themes[$x]['name'] === $th) {
@@ -645,9 +749,12 @@ function theme_status($themes,$th) {
}
return 0;
}
-
+/**
+ * @param array $themes
+ * @return string
+ */
function rebuild_theme_table($themes) {
$o = '';
if(count($themes)) {
@@ -663,10 +770,12 @@ function rebuild_theme_table($themes) {
}
-/*
+/**
* Themes admin page
+ *
+ * @param App $a
+ * @return string
*/
-
function admin_page_themes(&$a){
$allowed_themes_str = get_config('system','allowed_themes');
@@ -683,7 +792,7 @@ function admin_page_themes(&$a){
foreach($files as $file) {
$f = basename($file);
$is_experimental = intval(file_exists($file . '/experimental'));
- $is_unsupported = 1-(intval(file_exists($file . '/unsupported')));
+ $is_supported = 1-(intval(file_exists($file . '/unsupported'))); // Is not used yet
$is_allowed = intval(in_array($f,$allowed_themes));
$themes[] = array('name' => $f, 'experimental' => $is_experimental, 'supported' => $is_supported, 'allowed' => $is_allowed);
}
@@ -691,7 +800,7 @@ function admin_page_themes(&$a){
if(! count($themes)) {
notice( t('No themes found.'));
- return;
+ return '';
}
/**
@@ -702,10 +811,11 @@ function admin_page_themes(&$a){
$theme = $a->argv[2];
if(! is_dir("view/theme/$theme")){
notice( t("Item not found.") );
- return;
+ return '';
}
if (x($_GET,"a") && $_GET['a']=="t"){
+ check_form_security_token_redirectOnErr('/admin/themes', 'admin_themes', 't');
// Toggle theme status
@@ -718,7 +828,7 @@ function admin_page_themes(&$a){
set_config('system','allowed_themes',$s);
goaway($a->get_baseurl(true) . '/admin/themes' );
- return; // NOTREACHED
+ return ''; // NOTREACHED
}
// display theme details
@@ -731,14 +841,22 @@ function admin_page_themes(&$a){
}
$readme=Null;
- if (is_file("view/$theme/README.md")){
- $readme = file_get_contents("view/$theme/README.md");
+ if (is_file("view/theme/$theme/README.md")){
+ $readme = file_get_contents("view/theme/$theme/README.md");
$readme = Markdown($readme);
- } else if (is_file("view/$theme/README")){
- $readme = "<pre>". file_get_contents("view/$theme/README") ."</pre>";
+ } else if (is_file("view/theme/$theme/README")){
+ $readme = "<pre>". file_get_contents("view/theme/$theme/README") ."</pre>";
}
$admin_form="";
+ if (is_file("view/theme/$theme/config.php")){
+ require_once("view/theme/$theme/config.php");
+ if(function_exists("theme_admin")){
+ $admin_form = theme_admin($a);
+ }
+
+ }
+
$screenshot = array( get_theme_screenshot($theme), t('Screenshot'));
if(! stristr($screenshot[0],$theme))
@@ -756,19 +874,21 @@ function admin_page_themes(&$a){
'$status' => $status,
'$action' => $action,
'$info' => get_theme_info($theme),
- '$function' => 'themes',
+ '$function' => 'themes',
'$admin_form' => $admin_form,
'$str_author' => t('Author: '),
- '$str_maintainer' => t('Maintainer: '),
+ '$str_maintainer' => t('Maintainer: '),
'$screenshot' => $screenshot,
- '$readme' => $readme
+ '$readme' => $readme,
+
+ '$form_security_token' => get_form_security_token("admin_themes"),
));
}
/**
- * List plugins
+ * List themes
*/
$xthemes = array();
@@ -787,17 +907,21 @@ function admin_page_themes(&$a){
'$function' => 'themes',
'$plugins' => $xthemes,
'$experimental' => t('[Experimental]'),
- '$unsupported' => t('[Unsupported]')
+ '$unsupported' => t('[Unsupported]'),
+ '$form_security_token' => get_form_security_token("admin_themes"),
));
}
/**
* Logs admin page
+ *
+ * @param App $a
*/
function admin_page_logs_post(&$a) {
if (x($_POST,"page_logs")) {
+ check_form_security_token_redirectOnErr('/admin/logs', 'admin_logs');
$logfile = ((x($_POST,'logfile')) ? notags(trim($_POST['logfile'])) : '');
$debugging = ((x($_POST,'debugging')) ? true : false);
@@ -814,7 +938,11 @@ function admin_page_logs_post(&$a) {
goaway($a->get_baseurl(true) . '/admin/logs' );
return; // NOTREACHED
}
-
+
+/**
+ * @param App $a
+ * @return string
+ */
function admin_page_logs(&$a){
$log_choices = Array(
@@ -872,9 +1000,14 @@ readable.");
'$debugging' => array('debugging', t("Debugging"),get_config('system','debugging'), ""),
'$logfile' => array('logfile', t("Log file"), get_config('system','logfile'), t("Must be writable by web server. Relative to your Friendica top-level directory.")),
'$loglevel' => array('loglevel', t("Log level"), get_config('system','loglevel'), "", $log_choices),
+
+ '$form_security_token' => get_form_security_token("admin_logs"),
));
}
+/**
+ * @param App $a
+ */
function admin_page_remoteupdate_post(&$a) {
// this function should be called via ajax post
if(!is_site_admin()) {
@@ -893,6 +1026,10 @@ function admin_page_remoteupdate_post(&$a) {
killme();
}
+/**
+ * @param App $a
+ * @return string
+ */
function admin_page_remoteupdate(&$a) {
if(!is_site_admin()) {
return login(false);
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-12 12:28:59 +0000