/**
* Activate a named plugin.
*
* Parses the plugins directory to look for a pluginname.yaml
* file and adds the plugin to the plugins database, setting
* the inst_version field to the version specified in the yaml file.
*
* @param string $name Name of plugin to be activated.
* @return bool Returns true if plugin directory was found.
* @see deactivate_plugin
*/
function activate_plugin($name)
{
$plugins_dir = dirname(__FILE__) . '/../plugins/';
$plugin_dir = $plugins_dir . $name;
if (file_exists($plugin_dir)) {
$plugin_yaml = get_plugin_yaml("{$plugin_dir}/{$name}.yaml", false);
# If no yaml, or yaml file but no description present, attempt to read an 'about.txt' file
if ($plugin_yaml['desc'] == '') {
$about = $plugins_dir . $name . '/about.txt';
if (file_exists($about)) {
$plugin_yaml['desc'] = substr(file_get_contents($about), 0, 95) . '...';
}
}
# escape the plugin information
$plugin_yaml_esc = array();
foreach (array_keys($plugin_yaml) as $thekey) {
$plugin_yaml_esc[$thekey] = escape_check($plugin_yaml[$thekey]);
}
# Add/Update plugin information.
# Check if the plugin is already in the table.
$c = sql_value("SELECT name as value FROM plugins WHERE name='{$name}'", '');
if ($c == '') {
sql_query("INSERT INTO plugins(name) VALUE ('{$name}')");
}
sql_query("UPDATE plugins SET config_url='{$plugin_yaml_esc['config_url']}', " . "descrip='{$plugin_yaml_esc['desc']}', author='{$plugin_yaml_esc['author']}', " . "inst_version='{$plugin_yaml_esc['version']}', " . "priority='{$plugin_yaml_esc['default_priority']}', " . "update_url='{$plugin_yaml_esc['update_url']}', info_url='{$plugin_yaml_esc['info_url']}' " . "WHERE name='{$plugin_yaml_esc['name']}'");
return true;
} else {
return false;
}
}
function HookDiscount_codePurchase_callbackPayment_complete()
{
# Find out the discount code applied to this collection.
$code = sql_value("select discount_code value from collection_resource where collection='" . getvalescaped("custom", "") . "' limit 1", "");
# Find out the purchasing user
# As this is a callback script being called by PayPal, there is no login/authentication and we can't therefore simply use $userref.
$user = sql_value("select ref value from user where current_collection='" . getvalescaped("custom", "") . "'", 0);
# Insert used discount code row
sql_query("insert into discount_code_used (code,user) values ('" . escape_check($code) . "','{$user}')");
}
/**
* Returns the size record from the database specified by its ID.
*/
function getImageFormat($size)
{
if (empty($size)) {
return array('width' => 0, 'height' => 0);
}
$results = sql_query("select * from preview_size where id='" . escape_check($size) . "'");
if (empty($results)) {
die('Unknown size: "' . $size . '"');
}
return $results[0];
}
function getThemeList($parents = array())
{
if (count($parents) == 0) {
// just retrieve all the top level themes
$sql = "select distinct theme as value from collection where theme is not null and theme <> '' order by theme";
} else {
// we were passed an array of parents, so we need to narrow our search
for ($i = 1; $i < count($parents) + 1; $i++) {
if ($i == 1) {
$searchfield = 'theme';
} else {
$searchfield = "theme{$i}";
}
$whereclause = "{$searchfield} = '" . escape_check($parents[$i - 1]) . "' ";
}
$sql = "select distinct theme{$i} as value from collection where {$whereclause} and theme{$i} is not null and theme{$i} <> '' order by theme{$i}";
//echo $sql;
}
$result = sql_array($sql);
return $result;
}
function HookUser_preferencesuser_preferencesSaveadditionaluserpreferences()
{
global $user_preferences_change_username, $user_preferences_change_email, $user_preferences_change_name, $userref, $useremail, $username, $userfullname, $lang;
$newUsername = trim(safe_file_name(getvalescaped('username', $username)));
$newEmail = getvalescaped('email', $userfullname);
$newFullname = getvalescaped('fullname', $userfullname);
# Check if a user with that username already exists
if ($user_preferences_change_username && $username != $newUsername) {
$existing = sql_query('select ref from user where username=\'' . escape_check($newUsername) . '\'');
if (!empty($existing)) {
$GLOBALS['errorUsername'] = $lang['useralreadyexists'];
return false;
}
}
# Check if a user with that email already exists
if ($user_preferences_change_email && $useremail != $newEmail) {
$existing = sql_query('select ref from user where email=\'' . escape_check($newEmail) . '\'');
if (!empty($existing)) {
$GLOBALS['errorEmail'] = $lang['useremailalreadyexists'];
return false;
}
}
# Store changed values in DB, and update the global variables as header.php is included next
if ($user_preferences_change_username && $username != $newUsername) {
sql_query("update user set username='" . escape_check($newUsername) . "' where ref='" . $userref . "'");
$username = $newUsername;
}
if ($user_preferences_change_email && $useremail != $newEmail) {
sql_query("update user set email='" . escape_check($newEmail) . "' where ref='" . $userref . "'");
$useremail = $newEmail;
}
if ($user_preferences_change_name && $userfullname != $newFullname) {
sql_query("update user set fullname='" . escape_check($newFullname) . "' where ref='" . $userref . "'");
$userfullname = $newFullname;
}
return getvalescaped('currentpassword', '') == '' || getvalescaped('password', '') == '' && getvalescaped('password2', '') == '';
}
$aref = add_alternative_file($alternative, $plfilename);
# Work out the extension
$extension = explode(".", $plfilepath);
$extension = trim(strtolower($extension[count($extension) - 1]));
# Find the path for this resource.
$path = get_resource_path($alternative, true, "", true, $extension, -1, 1, false, "", $aref);
# Move the sent file to the alternative file location
# PLUpload - file was sent chunked and reassembled - use the reassembled file location
$result = rename($plfilepath, $path);
if ($result === false) {
exit("ERROR: File upload error. Please check the size of the file you are trying to upload.");
}
chmod($path, 0777);
$file_size = @filesize_unlimited($path);
# Save alternative file data.
sql_query("update resource_alt_files set file_name='" . escape_check($plfilename) . "',file_extension='" . escape_check($extension) . "',file_size='" . $file_size . "',creation_date=now() where resource='{$alternative}' and ref='{$aref}'");
if ($alternative_file_previews_batch) {
create_previews($alternative, false, $extension, false, false, $aref);
}
echo "SUCCESS";
exit;
}
if ($replace == "" && $replace_resource == "") {
# Standard upload of a new resource
$ref = copy_resource(0 - $userref);
# Copy from user template
# Add to collection?
if ($collection_add != "") {
add_resource_to_collection($ref, $collection_add);
}
# Log this
<?php
/***
* plugin.php - Maps requests to plugin pages to requested plugin.
*
* @package ResourceSpace
* @subpackage Plugins
*
***/
# Define this page as an acceptable entry point.
define('RESOURCESPACE', true);
include '../include/db.php';
include '../include/general.php';
$query = explode('&', $_SERVER['QUERY_STRING']);
$plugin_query = explode('/', $query[0]);
if (!is_plugin_activated(escape_check($plugin_query[0]))) {
die('Plugin does not exist or is not enabled');
}
if (isset($plugin_query[1])) {
if (preg_match('/[\\/]/', $plugin_query[1])) {
die('Invalid plugin page.');
}
$page_path = $baseurl_short . "plugins/{$plugin_query[0]}/pages/{$plugin_query[1]}.php";
if (file_exists($page_path)) {
include $page_path;
} else {
die('Plugin page not found.');
}
} else {
if (file_exists("../plugins/{$plugin_query[0]}/pages/index.php")) {
include "../plugins/{$plugin_query[0]}/pages/index.php";
<?php
include "../../../include/db.php";
include "../../../include/general.php";
if (array_key_exists("user", $_COOKIE)) {
# Check to see if this user is logged in.
$session_hash = $_COOKIE["user"];
$loggedin = sql_value("select count(*) value from user where session='" . escape_check($session_hash) . "' and approved=1 and timestampdiff(second,last_active,now())<(30*60)", 0);
if ($loggedin > 0 || $session_hash == "|") {
# User is logged in. Proceed to full authentication.
include "../../../include/authenticate.php";
}
}
if (!isset($userref)) {
# User is not logged in. Fetch username from posted form value.
$username = getval("username", "");
$usergroupname = "(Not logged in)";
$userfullname = "";
$anonymous_login = $username;
$pagename = "terms";
$plugins = array();
}
$error = "";
$errorfields = array();
$sent = false;
if (getval("send", "") != "") {
$csvheaders = "\"date\"";
$csvline = "\"" . date("Y-m-d") . "\"";
$message = "Date: " . date("Y-m-d") . "\n";
for ($n = 1; $n <= count($feedback_questions); $n++) {
$type = $feedback_questions[$n]["type"];
$accepted = sql_value("select accepted_terms value from user where username='{$username}' and (password='{$password}' or password='" . $result['password_hash'] . "')", 0);
if ($accepted == 0 && $terms_login && !checkperm("p")) {
redirect("pages/terms.php?noredir=true&url=" . urlencode("pages/user/user_change_password.php"));
} else {
redirect($url);
}
} else {
sleep($password_brute_force_delay);
$error = $result['error'];
hook("dispcreateacct");
}
}
}
if (getval("logout", "") != "" && array_key_exists("user", $_COOKIE)) {
#fetch username and update logged in status
$session = escape_check($_COOKIE["user"]);
sql_query("update user set logged_in=0,session='' where session='{$session}'");
hook("removeuseridcookie");
#blank cookie
rs_setcookie("user", "", time() - 3600);
# Also blank search related cookies
setcookie("search", "", 0, '', '', false, true);
setcookie("saved_offset", "", 0, '', '', false, true);
setcookie("saved_archive", "", 0, '', '', false, true);
unset($username);
hook("postlogout");
if (isset($anonymous_login)) {
# If the system is set up with anonymous access, redirect to the home page after logging out.
redirect("pages/" . $default_home_page);
}
}
客服电话
APP下载
官方微信
请发表评论