<?php /** * Settings * * Displays and changes website settings * * @package GetSimple * @subpackage Settings */ # setup inclusions $load['plugin'] = true; include('inc/common.php'); # variable settings login_cookie_check(); $fullpath = suggest_site_path(); $file = _id($USR) .'.xml'; $wfile = 'website.xml'; $data = getXML(GSUSERSPATH . $file); $USR = stripslashes($data->USR); $PASSWD = $data->PWD; $EMAIL = $data->EMAIL; $NAME = $data->NAME; $lang_array = getFiles(GSLANGPATH); # initialize these all as null $pwd1 = $error = $success = $pwd2 = $editorchck = $prettychck = null; # if the flush cache command was invoked if (isset($_GET['flushcache'])) { delete_cache(); $update = 'flushcache-success'; } # if the undo command was invoked if (isset($_GET['undo'])) { # first check for csrf if (!defined('GSNOCSRF') || (GSNOCSRF == FALSE) ) { $nonce = $_GET['nonce']; if(!check_nonce($nonce, "undo")) { die("CSRF detected!"); } } # perform undo undo($file, GSUSERSPATH, GSBACKUSERSPATH); undo($wfile, GSDATAOTHERPATH, GSBACKUPSPATH.'other/'); generate_sitemap(); # redirect back to yourself to show the new restored data redirect('settings.php?restored=true'); } # was this page restored? if (isset($_GET['restored'])) { $restored = 'true'; } else { $restored = 'false'; } # was the form submitted? if(isset($_POST['submitted'])) { # first check for csrf if (!defined('GSNOCSRF') || (GSNOCSRF == FALSE) ) { $nonce = $_POST['nonce']; if(!check_nonce($nonce, "save_settings")) { die("CSRF detected!"); } } # website-specific fields if(isset($_POST['sitename'])) { $SITENAME = htmlentities($_POST['sitename'], ENT_QUOTES, 'UTF-8'); } if(isset($_POST['siteurl'])) { $SITEURL = tsl($_POST['siteurl']); } if(isset($_POST['permalink'])) { $PERMALINK = $_POST['permalink']; } if(isset($_POST['template'])) { $TEMPLATE = $_POST['template']; } if(isset($_POST['prettyurls'])) { $PRETTYURLS = $_POST['prettyurls']; } else { $PRETTYURLS = ''; } # user-specific fields if(isset($_POST['user'])) { $USR = strtolower($_POST['user']); } if(isset($_POST['name'])) { $NAME = $_POST['name']; } if(isset($_POST['email'])) { $EMAIL = $_POST['email']; } if(isset($_POST['timezone'])) { $TIMEZONE = $_POST['timezone']; } if(isset($_POST['lang'])) { $LANG = $_POST['lang']; } if(isset($_POST['show_htmleditor'])) { $HTMLEDITOR = $_POST['show_htmleditor']; } else { $HTMLEDITOR = ''; } # check to see if passwords are changing if(isset($_POST['sitepwd'])) { $pwd1 = $_POST['sitepwd']; } if(isset($_POST['sitepwd_confirm'])) { $pwd2 = $_POST['sitepwd_confirm']; } if ($pwd1 != $pwd2) { #passwords do not match $error = i18n_r('PASSWORD_NO_MATCH'); } else { # password cannot be null if ( $pwd1 != '' ) { $PASSWD = passhash($pwd1); } // check valid lang files if(!in_array($LANG.'.php', $lang_array) and !in_array($LANG.'.PHP', $lang_array)) die(); # create user xml file createBak($file, GSUSERSPATH, GSBACKUSERSPATH); if (file_exists(GSUSERSPATH . _id($USR).'.xml.reset')) { unlink(GSUSERSPATH . _id($USR).'.xml.reset'); } $xml = new SimpleXMLElement('<item></item>'); $xml->addChild('USR', $USR); $xml->addChild('NAME', $NAME); $xml->addChild('PWD', $PASSWD); $xml->addChild('EMAIL', $EMAIL); $xml->addChild('HTMLEDITOR', $HTMLEDITOR); $xml->addChild('TIMEZONE', $TIMEZONE); $xml->addChild('LANG', $LANG); exec_action('settings-user'); if (! XMLsave($xml, GSUSERSPATH . $file) ) { $error = i18n_r('CHMOD_ERROR'); } # create website xml file createBak($wfile, GSDATAOTHERPATH, GSBACKUPSPATH.'other/'); $xmls = new SimpleXMLExtended('<item></item>'); $note = $xmls->addChild('SITENAME'); $note->addCData($SITENAME); $note = $xmls->addChild('SITEURL'); $note->addCData($SITEURL); $note = $xmls->addChild('TEMPLATE'); $note->addCData($TEMPLATE); $xmls->addChild('PRETTYURLS', $PRETTYURLS); $xmls->addChild('PERMALINK', $PERMALINK); exec_action('settings-website'); if (! XMLsave($xmls, GSDATAOTHERPATH . $wfile) ) { $error = i18n_r('CHMOD_ERROR'); } # see new language file immediately include(GSLANGPATH.$LANG.'.php'); if (!$error) { $success = i18n_r('ER_SETTINGS_UPD').'. <a href="settings.php?undo&nonce='.get_nonce("undo").'">'.i18n_r('UNDO').'</a>'; generate_sitemap(); } } } # are any of the control panel checkboxes checked? if ($HTMLEDITOR != '' ) { $editorchck = 'checked'; } if ($PRETTYURLS != '' ) { $prettychck = 'checked'; } # get all available language files if ($LANG == ''){ $LANG = 'en_US'; } if (count($lang_array) != 0) { sort($lang_array); $sel = ''; $langs = ''; foreach ($lang_array as $lfile){ $lfile = basename($lfile,".php"); if ($LANG == $lfile) { $sel="selected"; } $langs .= '<option '.$sel.' value="'.$lfile.'" >'.$lfile.'</option>'; $sel = ''; } } else { $langs = '<option value="" selected="selected" >-- '.i18n_r('NONE').' --</option>'; } get_template('header', cl($SITENAME).' » '.i18n_r('GENERAL_SETTINGS')); ?> <?php include('template/include-nav.php'); ?> <div class="bodycontent clearfix"> <div id="maincontent"> <form class="largeform" action="<?php myself(); ?>" method="post" accept-charset="utf-8" > <input id="nonce" name="nonce" type="hidden" value="<?php echo get_nonce("save_settings"); ?>" /> <div class="main"> <h3><?php i18n('WEBSITE_SETTINGS');?></h3> <div class="leftsec"> <p><label for="sitename" ><?php i18n('LABEL_WEBSITE');?>:</label><input class="text" id="sitename" name="sitename" type="text" value="<?php if(isset($SITENAME1)) { echo stripslashes($SITENAME1); } else { echo stripslashes($SITENAME); } ?>" /></p> </div> <div class="rightsec"> <p><label for="siteurl" ><?php i18n('LABEL_BASEURL');?>:</label><input class="text" id="siteurl" name="siteurl" type="url" value="<?php if(isset($SITEURL1)) { echo $SITEURL1; } else { echo $SITEURL; } ?>" /></p> <?php if ( $fullpath != $SITEURL ) { echo '<p style="margin:-15px 0 20px 0;color:#D94136;font-size:11px;" >'.i18n_r('LABEL_SUGGESTION').': <code>'.$fullpath.'</code></p>'; } ?> </div> <div class="clear"></div> <p class="inline" ><input name="prettyurls" id="prettyurls" type="checkbox" value="1" <?php echo $prettychck; ?> /> <label for="prettyurls" ><?php i18n('USE_FANCY_URLS');?></label></p> <div class="leftsec"> <p><label for="permalink" class="clearfix"><?php i18n('PERMALINK');?>: <span class="right"><a href="http://get-simple.info/wiki/pretty_urls" target="_blank" ><?php i18n('MORE');?></a></span></label><input class="text" name="permalink" id="permalink" type="text" value="<?php if(isset($PERMALINK)) { echo $PERMALINK; } ?>" /></p> <a href="?flushcache"><?php i18n('FLUSHCACHE'); ?></a> </div> <div class="clear"></div> <?php exec_action('settings-website-extras'); ?> <div id="profile" class="section" > <h3><?php i18n('SIDE_USER_PROFILE');?></h3> <div class="leftsec"> <p><label for="user" ><?php i18n('LABEL_USERNAME');?>:</label><input class="text" id="user" name="user" type="text" readonly value="<?php if(isset($USR1)) { echo $USR1; } else { echo $USR; } ?>" /></p> </div> <div class="rightsec"> <p><label for="email" ><?php i18n('LABEL_EMAIL');?>:</label><input class="text" id="email" name="email" type="email" value="<?php if(isset($EMAIL1)) { echo $EMAIL1; } else { echo $EMAIL; } ?>" /></p> <?php if (! check_email_address($EMAIL)) { echo '<p style="margin:-15px 0 20px 0;color:#D94136;font-size:11px;" >'.i18n_r('WARN_EMAILINVALID').'</p>'; }?> </div> <div class="clear"></div> <div class="leftsec"> <p><label for="name" ><?php i18n('LABEL_DISPNAME');?>:</label> <span style="margin:0px 0 5px 0;font-size:12px;color:#999;" ><?php i18n('DISPLAY_NAME');?></span> <input class="text" id="name" name="name" type="text" value="<?php if(isset($NAME1)) { echo $NAME1; } else { echo $NAME; } ?>" /></p> </div> <div class="clear"></div> <div class="leftsec"> <p><label for="timezone" ><?php i18n('LOCAL_TIMEZONE');?>:</label> <?php if( (isset($_POST['timezone'])) ) { $TIMEZONE = $_POST['timezone']; } ?> <select class="text" id="timezone" name="timezone"> <?php if ($TIMEZONE == '') { echo '<option value="" selected="selected" >-- '.i18n_r('NONE').' --</option>'; } else { echo '<option selected="selected" value="'. $TIMEZONE .'">'. $TIMEZONE .'</option>'; } ?> <?php include('inc/timezone_options.txt'); ?> </select> </p> </div> <div class="rightsec"> <p><label for="lang" ><?php i18n('LANGUAGE');?>: <span class="right"><a href="http://get-simple.info/wiki/languages" target="_blank" ><?php i18n('MORE');?></a></span></label> <select name="lang" id="lang" class="text"> <?php echo $langs; ?> </select> </p> </div> <div class="clear"></div> <p class="inline" ><input name="show_htmleditor" id="show_htmleditor" type="checkbox" value="1" <?php echo $editorchck; ?> /> <label for="show_htmleditor" ><?php i18n('ENABLE_HTML_ED');?></label></p> <?php exec_action('settings-user-extras'); ?> <p style="margin:0px 0 5px 0;font-size:12px;color:#999;" ><?php i18n('ONLY_NEW_PASSWORD');?>:</p> <div class="leftsec"> <p><label for="sitepwd" ><?php i18n('NEW_PASSWORD');?>:</label><input autocomplete="off" class="text" id="sitepwd" name="sitepwd" type="password" value="" /></p> </div> <div class="rightsec"> <p><label for="sitepwd_confirm" ><?php i18n('CONFIRM_PASSWORD');?>:</label><input autocomplete="off" class="text" id="sitepwd_confirm" name="sitepwd_confirm" type="password" value="" /></p> </div> <div class="clear"></div> <p id="submit_line" > <span><input class="submit" type="submit" name="submitted" value="<?php i18n('BTN_SAVESETTINGS');?>" /></span> <?php i18n('OR'); ?> <a class="cancel" href="settings.php?cancel"><?php i18n('CANCEL'); ?></a> </p> </div><!-- /section --> </div><!-- /main --> </form> </div> <div id="sidebar" > <?php include('template/sidebar-settings.php'); ?> </div> </div> <?php get_template('footer'); ?>