';
$output=$f_br.'';
return $output;
}
function build_editprofile_form($username,$data='',$msg='')
{
global $ca_pref_dir,$ca_lang_l,$ca_l_amp,$f_br,$f_ct,$f_fmt_hidden,$f_fmt_star,$ca_lang;
$input=' $val) $news_for[]=$val['page'].'%'.$val['cat']; }
$news_line='';
foreach($calendar_categories as $k=>$v)
{
$ckbox_value=$v['pageid'].'%'.$v['catid'];
$news_line.=" ".$v['pagename'].' - '.$v['catname']." ".$f_br;
}
}
$table_data[]='('.$f_fmt_star.') '.$ca_lang_l['required fields'].' ';
$end=ca_getformbuttons('save',false).$f_br;
$output="';
return $output;
}
# ------------ self-registration
function process_register($float)
{
global $sr_enable,$ca_pref,$ca_db_file,$ca_l,$ca_settings,$f_lf,$ca_template_file,$sr_notif_enabled,$f_br,$ca_site_url,$f_frmvalidation,
$template_in_root,$f_lang_f,$f_lang_reg,$ca_ulang_id,$ca_lang_l,$f_uni,$ca_lang,$f_charset_lang_map,$f_cap_id,$f_captchajs,$ca_action_id,
$f_frmvalidation2,$ca_allunamechars;
if(!$sr_enable)
{
print GT($f_br.'Self-registration is not enabled for this site. ');
exit;
}
$lang_f=$f_lang_f[$ca_ulang_id];
$lang_r=$f_lang_reg[$ca_ulang_id];
$terms_settings=f_GFS($ca_settings,'',' ');
$terms_settings=f_GFS($terms_settings,'',' ');
$errors=array();
$norm_reg=($ca_action_id=='register');
$output_is_from=false;
if(isset($_POST['save'])) // send registration email
{
f_int_start_session();
if($norm_reg && !f_session_isset($f_cap_id) && !f_is_recaptcha_posted()) {echo "This is illegal operation. You are not allowed to register.";exit;}
else
{
foreach($_POST as $k=>$v) {if(!is_array($v)) $_POST[$k]=trim($v);}
$ccheck=isset($_POST['cc']) && $_POST['cc']=='1';
$useic=(!$f_uni && $f_charset_lang_map[$ca_lang]!='iso-8859-1' && function_exists("iconv"));
$post_user=f_strip_tags($_POST['username']);
if(empty($_POST['username'])) $errors[]=($ccheck?'username'.'|':'').$lang_f['Required Field'];
elseif(!preg_match($ca_allunamechars,$post_user)) $errors[]=($ccheck?'username'.'|':'').$lang_r['can contain only'];
elseif(duplicated_user($post_user)) $errors[]=($ccheck?'username'.'|':'').$lang_r['username exists'];
if(empty($_POST['name'])) $errors[]=($ccheck?'name'.'|':'').$lang_f['Required Field'];
if(empty($_POST['sirname'])) $errors[]=($ccheck?'sirname'.'|':'').$lang_f['Required Field'];
if(empty($_POST['email'])) $errors[]=($ccheck?'email'.'|':'').$lang_f['Required Field'];
elseif(!empty($_POST['email']) && !f_validate_email(f_strip_tags($_POST['email'])))
$errors[]=($ccheck?'email'.'|':'').$lang_f['Email not valid'];
if(empty($_POST['password'])) $errors[]=($ccheck?'password'.'|':'').$lang_f['Required Field'];
elseif(strlen(trim($_POST['password']))<5) $errors[]=($ccheck?'password'.'|':'').$lang_r['your password should be'];
elseif(empty($_POST['repeatedpassword'])) $errors[]=($ccheck?'repeatedpassword'.'|':'').$lang_r['repeat password'];
elseif($_POST['password']!=$_POST['repeatedpassword'])
$errors[]=($ccheck?'repeatedpassword'.'|':'').$lang_r['password and repeated password'];
elseif(strtolower($post_user)==strtolower($_POST['password']))
$errors[]=($ccheck?'username'.'|':'').$lang_r['username equal password'];
if($norm_reg && !f_captcha_valid())
$errors[]=($ccheck?'captchacode'.'|':'').$lang_f['Captcha Message'];
if(!isset($_POST['agree']) && !empty($terms_settings)) $errors[]=($ccheck?'agree'.'|':'').$lang_r['you must agree with terms'];
if(!empty($errors)) $errors[]=($ccheck?'error|':'').$lang_f['validation failed'];
if($ccheck)
{
$errors_output=implode('|',$errors);
if($useic) $errors_output=iconv($f_charset_lang_map[$ca_lang],"utf-8",$errors_output);
if(count($errors)>0)
{
print '0'.$errors_output;
exit;
}
else if($norm_reg)
{
print '1';
exit;
}
}
if(count($errors)>0)
{
$output=implode($f_br,$errors).build_register_form($float);
$output_is_from=true;
}
else
{
$settings=f_GFS($ca_settings,'',' ');
$require_approval=f_GFS($settings,'',' '); if($require_approval=='') $require_approval='0';
$access=array();
$access_str=(strpos($settings,'')!==false)? f_GFS($settings,'',' '): '';
if($access_str!='') $temp_access=explode('|',$access_str);
if(isset($temp_access))
{
foreach($temp_access as $k=>$v)
{
$t=explode('%%',$v);
$page_level_str=f_GFS($v,'(',')');
if(!empty($page_level_str)) $t[1]=str_replace('('.$page_level_str.')','',$t[1]);
if($t[1]=='2')
{
$page_level_arr=explode(';',$page_level_str);
foreach($page_level_arr as $kk=>$vv)
{
$value=explode('%',$vv);
$page_access_arr []=array('page'=>$value[0], 'type'=>$value[1]);
}
$access[]=array('section'=>$t[0],'type'=>$t[1],'page_access'=>$page_access_arr);
}
else $access[]=array('section'=>$t[0],'type'=>$t[1]);
}
}
$uniqueid=md5(uniqid(mt_rand(),true));
$link=f_build_self_url('centraladmin.php').'?id='.$uniqueid.'&process=register'.$ca_l;
$content=str_replace("##",' ',$ca_lang_l['sr_email_msg']);
$content=str_replace(array("%CONFIRMLINK%",'%%site%%'), array(''.$link.' ',$ca_site_url), $content);
$content=str_replace(array("%CONFIRMLINK%",'%%site%%'), array(''.$link.' ',$ca_site_url), $content);
$content=str_replace(array('%%username%%','%%USERNAME%%'), array($post_user,$post_user),$content);
$content_text=str_replace(array("##","%CONFIRMLINK%"), array($f_lf,$link), $ca_lang_l['sr_email_msg']);
$content_text=str_replace("%%site%%", $ca_site_url, $content_text);
$content_text=str_replace(array('%%username%%','%%USERNAME%%'), array($post_user,$post_user),$content_text);
$subject=str_replace('%%site%%',$ca_site_url,$ca_lang_l['sr_email_subject']);
if((strpos(f_strtolower($content),'mime-version')!==false) || (strpos(f_strtolower($content),'content-type')!==false))
{$log_msg=" Registration email CAN NOT be sent - possible dangerous content"; $output=$log_msg; }
$send_to_email=f_strip_tags($_POST["email"]);
$sections='';
$news='';
if(empty($access)) {$sections.=' ';}
else
{
foreach($access as $k=>$v)
{
$sections.='';
if($v['type']=='2')
{
foreach($v['page_access'] as $key=>$val) $sections.='';
}
$sections.='
';
}
}
if(isset($_POST["news_for"])) //event manager
{
foreach($_POST["news_for"] as $k=>$v)
{
if(strpos($v,'%')!==false) { list($p,$c)=explode('%',$v); }
else { $p=$v; $c=''; }
$news.=' ';
}
}
$details=' ';
$log_msg='success';
$result=f_send_mail_ca($content,$content_text,$subject,$send_to_email);
if($result=="1")
{
db_write_user('selfreg',$uniqueid,$post_user,crypt($_POST['password']),$sections,$details,$news); //event manager
$log_msg.=", email SENT";
$output = $f_br.''.($norm_reg?"
":'').$lang_r['registration was successful'].($norm_reg?" ":'').'';
}
else
{
$log_msg='fail'; //user is not actually stored into db
$log_msg.=', email FAILED ('.f_strip_tags($result).')';
$output=$f_br.'Email FAILED. Try again.';
}
write_log('reg','USER:'.$post_user,$log_msg);
}
}
}
elseif(isset($_GET['id'])) // confirm registration
{
$file_contents=' */ ?>';
if(!$fp=fopen($ca_db_file,'r+')) {print f_fmt_in_template($ca_template_file,f_fmt_error_msg('DBFILE_NEEDCHMOD',$ca_db_file)); exit;}
flock($fp,LOCK_EX);
$fsize=filesize($ca_db_file);
if($fsize>0) $file_contents=fread( $fp,$fsize);
$users=f_GFS($file_contents,'',' ');
$get_id=f_strip_tags($_GET['id']);
if(strpos($file_contents,'');
$username=f_GFS($_user,'username="','"');
$new_user=str_replace($get_id,$new_id,$_user);
$new_user=str_replace('',$new_user.'',$file_contents);
$file_contents=str_replace($_user,'',$file_contents);
ftruncate($fp,0);fseek($fp,0);
if(fwrite($fp,$file_contents) === FALSE) {print "Cannot write to file"; exit;}
flock($fp,LOCK_UN);fclose($fp);
$confirm_message=f_GFS($ca_settings,'',' ');
$output=$f_br."".$lang_r['registration was completed'].' '.$f_br.$confirm_message;
$log_msg='success';
if($sr_notif_enabled)
{
$users=f_GFS($file_contents,'',' ');
$users_arr=f_format_users($users);
if(!empty($users_arr)) { foreach($users_arr as $k=>$v) if($username==$v['username']) {$user_data=$v; break;} }
$content='register_id= '.f_strip_tags($_GET['id']).' '.'username= '.$user_data['username'].' ';
$content.='name= '.un_esc($user_data['first_name']).' '.'surname= '.un_esc($user_data['surname']).' ';
$content.='email= '.$user_data['email'].' '.'date= '.date('Y-m-d G:i', f_tzone_date(time())).' ';
$content.='IP= '.(isset($_SERVER['REMOTE_ADDR'])?$_SERVER['REMOTE_ADDR']:"").' ';
$content.='HOST= '.(isset($_SERVER['REMOTE_HOST'])?$_SERVER['REMOTE_HOST']:"").' ';
$content.='OS= '.(isset($_SERVER['HTTP_USER_AGENT'])?f_define_os($_SERVER['HTTP_USER_AGENT']):"").' ';
$subject=str_replace('%%site%%',$ca_site_url,$ca_lang_l['sr_notif_subject']);
$result=f_send_mail_ca($content,str_replace(' ',$f_lf,$content),$subject);
if($result=="1") $log_msg.=', notification SENT';
else $log_msg.=', notification FAILED ('.f_strip_tags($result).')';
}
if(!isset($_GET['flag'])) write_log('conf','USER:'.$username,$log_msg);
else
{
write_log('confadmin','USER:'.$username,$log_msg);
check_pending_users($output);
exit;
}
}
else $output=$f_br."".$lang_r['registration was completed']." ";
}
else
{
$output=build_register_form($float);
$output_is_from=true;
}
if($norm_reg)
{
$output=GT($output,false,$lang_r['registration'],true);
if($output_is_from) $output=f_include_script(str_replace('%ID%','selfreg',$f_frmvalidation),$output);
$rel_path=($template_in_root?'':'../');
$output=f_include_jquery_moo_js($output,$rel_path);
if(strpos($output,'class="captcha')!=false) $output=f_include_script(str_replace('%PATH%',$rel_path,$f_captchajs), $output);
}
else $output=str_replace('%ID%','selfreg',$f_frmvalidation2).$f_lf.$output;
print $output;
}
function process_forgotpass()
{
global $f_lang_f,$ca_lang_l,$f_lang_reg,$ca_ulang_id,$ca_pref,$f_lf,$ca_db_file,$ca_page_charset,$f_br,$f_fmt_span8em,$ca_template_file,$ca_lang,
$ca_db_settings_file,$ca_settings,$ca_site_url,$f_frmvalidation,$template_in_root,$f_uni,$f_charset_lang_map,$ca_action_id,$f_frmvalidation2;
$lang_f=$f_lang_f[$ca_ulang_id];
$lang_r=$f_lang_reg[$ca_ulang_id];
$norm_reg=($ca_action_id=='forgotpass');
$msg=''; $errors=array();
$ca_full_script_path=f_build_self_url('centraladmin.php');
if(isset($_POST['save']))
{
$ccheck=isset($_POST['cc']) && $_POST['cc']=='1';
$useic=(!$f_uni && $f_charset_lang_map[$ca_lang]!='iso-8859-1' && function_exists("iconv"));
if(!empty($_POST["username"])) { $usr=f_strip_tags(trim($_POST["username"])); $user_data=f_get_user($usr,$ca_pref); }
if(!empty($_POST["email"])) { $email=f_strip_tags(trim($_POST["email"])); $user_data=f_get_user('',$ca_pref,$email); }
if(!isset($usr) && !isset($email)) $errors[]=($ccheck?'username'.'|':'').$lang_r['you have to fill'];
elseif(isset($usr) && empty($user_data)) $errors[]=($ccheck?'username'.'|':'').$lang_r['unexisting'];
elseif(isset($email) && !f_validate_email($email)) $errors[]=($ccheck?'username'.'|':'').$lang_f['Email not valid'];
elseif(isset($email) || isset($usr))
{
if(!isset($user_data['email']) || $user_data['email']=='')
$errors[]=($ccheck?'username'.'|':'').$lang_r[isset($email)?'email not found':'no email for user'];
}
if($ccheck)
{
$errors_output=implode('|',$errors);
if($useic) $errors_output=iconv($f_charset_lang_map[$ca_lang],"utf-8",$errors_output);
if(count($errors)>0)
{
print '0'.$errors_output;
exit;
}
else if($norm_reg)
{
print '1';
exit;
}
}
if(count($errors)>0) $output=implode($f_br,$errors).build_forgotpass_form();
else
{
$uniqueid=md5(uniqid(mt_rand(),true)); $send_to_email=$user_data['email'];
$confirm_url=$ca_full_script_path.'?process=forgotpass&confirm='.$uniqueid;$confirm_link=''.$confirm_url.' ';
f_write_tagged_data('fp_'.$uniqueid,$user_data['username'],$ca_db_settings_file,$ca_template_file);
$content=str_replace(array('##','%%confirmlink%%','%%confirmurl%%','%%site%%','%%username%%','%%USERNAME%%'), array(' ',$confirm_link,$confirm_url,$ca_site_url,$user_data['username'],$user_data['username']),$ca_lang_l['sr_forgotpass_msg0']);
$content_text=str_replace("##",$f_lf,$content);
$subject=str_replace('%%site%%',$ca_site_url,$ca_lang_l['sr_forgotpass_subject0']);
$result=f_send_mail_ca($content,$content_text,$subject,$send_to_email);
$output=$f_br.($norm_reg?"":'').$ca_lang_l['check email for instructions'].($norm_reg?" ":'');
}
}
elseif(isset($_GET["confirm"]))
{
$uniqueid=trim(f_strip_tags($_GET["confirm"])); $new_pass=mt_rand();
$username=f_GFS($ca_settings,'',' ');
if(!empty($username))
{
$user_data=f_get_user($username,$ca_pref);
$send_to_email=$user_data['email'];
$content=str_replace(array("##","%%newpassword%%",'%%site%%'),array(' ',$new_pass,$ca_site_url),$ca_lang_l['sr_forgotpass_msg']);
$content=str_replace(array('%%username%%','%%USERNAME%%'),array($username,$username),$content);
$content_text=str_replace("##",$f_lf,$content);
$subject=str_replace('%%site%%',$ca_site_url,$ca_lang_l['sr_forgotpass_subject']);
$result=f_send_mail_ca($content,$content_text,$subject,$send_to_email);
if($result=="1")
{
if(!$fp=fopen($ca_db_file,'r+')) {print f_fmt_in_template($ca_template_file,f_fmt_error_msg('DBFILE_NEEDCHMOD',$ca_db_file)); exit;}
flock($fp, LOCK_EX);
$file_contents=fread($fp,filesize($ca_db_file));
$users=f_GFS($file_contents,'',' ');
$old_data=f_GFSAbi($users,'');
$new_data=str_replace(f_GFSAbi($old_data,'password="','">'),'password="'.crypt($new_pass).'">',$old_data);
$file_contents=str_replace($old_data,$new_data,$file_contents);
ftruncate($fp,0);fseek($fp,0);
if(fwrite($fp,$file_contents) === FALSE) {print "Cannot write to file"; exit; }
flock($fp,LOCK_UN);fclose($fp);
$log_msg="success, email SENT"; $output=$f_br.''.$lang_r['check email for new password'].' ';
f_write_tagged_data('fp_'.$uniqueid,'',$ca_db_settings_file,$ca_template_file,true);
}
else {$log_msg='success, email FAILED ('.f_strip_tags($result).')'; $output='Email FAILED. Try again.';}
write_log('forgotpass','USER:'.$username,$log_msg);
}
else $output=$f_br.''.$lang_r['check email for new password'].' '.f_ucfirst($ca_lang_l['forgotten password']).' ';
}
else $output=build_forgotpass_form();
if($norm_reg)
{
$output=GT($output,false,$lang_r['forgotten password'],true);
$output=f_include_script(str_replace('%ID%','forgotpass',$f_frmvalidation),$output);
$output=f_include_jquery_moo_js($output,($template_in_root?'':'../'));
}
else $output=str_replace('%ID%','forgotpass',$f_frmvalidation2).$f_lf.$output;
print $output;
}
function process_changepass()
{
global $ca_pref,$ca_lang_l,$ca_db_file,$ca_page_charset,$template_in_root,$f_br,$f_fmt_span8em,$ca_template_file;
$user=(f_adminCookie())?f_sth(f_strip_tags($_REQUEST['username'])): f_getUserCookie();
$user_data=f_get_user($user,$ca_pref);
$msg=array();
if(isset($_POST['save']))
{
if(empty($_POST['oldpassword'])) $msg['oldpassword']=f_ucfirst($ca_lang_l['fill in']).' '.$ca_lang_l['old password'];
elseif($user_data['password']!=crypt($_POST['oldpassword'],$user_data['password'])) $msg['oldpassword']=f_ucfirst($ca_lang_l['wrong old']);
if(empty($_POST['newpassword'])) $msg['newpassword']=f_ucfirst($ca_lang_l['fill in']).' '.$ca_lang_l['new password'];
elseif(strlen(trim($_POST['newpassword']))<5) $msg['newpassword']=f_ucfirst($ca_lang_l['your password should be']);
elseif(empty($_POST['repeatedpassword'])) $msg['repeatedpassword']=f_ucfirst($ca_lang_l['repeat password']);
elseif($_POST['newpassword']!=$_POST['repeatedpassword']) $msg['repeatedpassword']=f_ucfirst($ca_lang_l['password and repeated password']);
if(!empty($msg)) $output=build_changepass_form($user,$msg);
else
{
if(isset($user_data['username']) && $user_data['username']==$user)
{
if(!$fp=fopen($ca_db_file,'r+')) {print f_fmt_in_template($ca_template_file,f_fmt_error_msg('DBFILE_NEEDCHMOD',$ca_db_file)); exit;}
flock($fp,LOCK_EX);
$file_contents=fread($fp,filesize($ca_db_file));
$users=f_GFS($file_contents,'',' ');
$old_data=f_GFSAbi($users,'');
$new_data=str_replace(f_GFSAbi($old_data,'password="','">'),'password="'.crypt($_POST['newpassword']).'">',$old_data);
$file_contents=str_replace($old_data,$new_data,$file_contents);
ftruncate($fp,0);fseek($fp,0);
if(fwrite($fp,$file_contents)==FALSE) {print "Cannot write to file";exit;}
flock($fp,LOCK_UN);fclose($fp);
$show_msg=''.f_ucfirst($ca_lang_l['changes saved']).' ';
if(isset($_GET['ref_url']))
{
$u=$_GET['ref_url'];
if(strpos($_GET['ref_url'],'/')===false && $template_in_root==false) $u='../'.$u;
}
write_log('changepass','USER:'.$user,'success');
$table_data=array();
$table_data[]=array('',$show_msg);
$output=f_addentrytable($ca_lang_l['change password'],$table_data);
}
}
}
else $output=build_changepass_form($user,$msg);
$output=f_fmt_admin_screen($output,build_myprofile_menu());
$output=GT($output,false,'',true);
print $output; exit;
}
function build_changepass_form($username,$msg)
{
global $ca_pref_dir,$ca_lang_l,$ca_l_amp,$f_br,$f_ct,$f_fmt_star;
$hint=$f_br.'%s ';
$table_data=array();
$table_data[]=array($ca_lang_l['old password'].$f_fmt_star,' ('.$f_fmt_star.') '.$ca_lang_l['required fields'].'';
$end=ca_getformbuttons('save',false).$f_br;
$output='';
return $output;
}
function process_editprofile()
{
global $ca_pref,$ca_lang_l,$ca_db_file,$ca_page_charset,$f_br,$f_fmt_span8em,$ca_template_file;
$msg='';
if(f_adminCookie()) $user=f_sth(f_strip_tags($_REQUEST['username']));
else $user=f_getUserCookie();
$user_data=f_get_user($user,$ca_pref);
if(isset($_POST['save']))
{
if(empty($_POST['name'])) $msg.=$f_br.f_ucfirst($ca_lang_l['fill in']).' '.f_strtoupper($ca_lang_l['name']);
if(empty($_POST['sirname']))$msg.=$f_br.f_ucfirst($ca_lang_l['fill in']).' '.f_strtoupper($ca_lang_l['surname']);
if(empty($_POST['email'])) $msg.=$f_br.f_ucfirst($ca_lang_l['fill in']).' '.f_strtoupper($ca_lang_l['email']);
if($msg!='') $output=build_editprofile_form($user,'',$f_br.sprintf($f_fmt_span8em,$msg));
else
{
if(isset($user_data['username']) && $user_data['username']==$user)
{
if(!$fp=fopen($ca_db_file,'r+')) {print f_fmt_in_template($ca_template_file,f_fmt_error_msg('DBFILE_NEEDCHMOD',$ca_db_file)); exit;}
flock($fp,LOCK_EX);
$file_contents=fread($fp,filesize($ca_db_file));
$users=f_GFS($file_contents,'',' ');
$old_data=f_GFSAbi($users,'');
$new_details=' ';
$new_data=str_replace(f_GFSAbi($old_data,''),$new_details,$old_data);
$news='';
if(isset($_POST["news_for"])) //event manager
{
foreach($_POST["news_for"] as $k=>$v)
{
if(strpos($v,'%')!==false) list($p,$c)=explode('%',$v);
else {$p=$v;$c='';}
$news.=' ';
}
}
if(!empty($news))
{
if(strpos($new_data,'')===false) //event manager
$new_data=str_replace(' ',' '.$news.' ',$new_data);
else
$new_data=str_replace(f_GFSAbi($old_data,'',' '),''.$news.' ',$new_data);
}
$file_contents=str_replace($old_data,$new_data,$file_contents);
ftruncate($fp,0);fseek($fp,0);
if(fwrite($fp,$file_contents)==FALSE) {print "Cannot write to file"; exit;}
flock($fp,LOCK_UN); fclose($fp);
$show_msg=''.f_ucfirst($ca_lang_l['changes saved']).' ';
if(isset($_GET['ref_url']))
{
$u=$_GET['ref_url'];
$u=str_replace('../','',$u); //m
}
write_log('editprofile','USER:'.$user,'success');
if(isset($_POST['lang'])) setcookie($user.'_lang',strtoupper(f_strip_tags($_POST['lang'])), mktime(23,59,59,1,1,2037),'/');
$table_data=array();
$table_data[]=array('',$show_msg);
$output=f_addentrytable($ca_lang_l['profile'],$table_data);
}
}
}
else $output=build_editprofile_form($user,$user_data);
$output=f_fmt_admin_screen($output,build_myprofile_menu());
$output=GT($output,false,'',true);
print $output; exit;
}
function get_calendar_categories($lang='')
{
global $f_db_folder;
$categories=array();
$calendar_pages=get_pages_list('136',$lang);
foreach($calendar_pages as $k=>$v)
{
$file_contents='';
if(strpos($v['url'],'../')===false) $v['url']='../'.$v['url'];
$fp=@fopen($v['url'],'r');
if($fp) {$file_contents=fread($fp,4096); fclose($fp);}
if(!empty($file_contents))
{
if(strpos($file_contents,'$em_enabled=TRUE;')!==false || strpos($file_contents,'$em_enabled=true;')!==false)
{
$cat_ids_arr=array(); $cat_names_arr=array(); $cat_visib_arr=array();
$cal_settings=f_read_file('../'.$f_db_folder.$v['pageid'].'_settings.ezg.php');
while(strpos($cal_settings,''); settype($cat_id,'integer');
$category_info=f_GFS($cal_settings,'',' ');
list($name,$color,$vis,$mark,$mark_color)=explode('%%', $category_info);
if($cat_id>0) {$cat_ids_arr[]=$cat_id; $cat_names_arr[]=$name; $cat_visib_arr[]=($vis=='1'?true:false);}
$cal_settings=str_replace(''.$category_info.' ','',$cal_settings);
}
if(empty($cat_ids_arr)) { $cat_ids_arr[]=1; $cat_names_arr[]="General"; $cat_visib_arr[]='yes'; }
foreach($cat_names_arr as $kk=>$vv)
{
if(isset($cat_visib_arr[$kk]) && $cat_visib_arr[$kk]=='true' || $cat_visib_arr[$kk]==true)
$categories[]= array('pageid'=>$v['pageid'],'pagename'=>$v['name'],'catid'=>$cat_ids_arr[$kk],'catname'=>str_replace('"','',$vv));
}
}
}
}
return $categories;
}
# ---------- DB
function write_log($change,$data,$message="")
{
global $ca_db_activity_log,$f_db_first_line,$f_db_last_line,$f_lf;
$message=str_replace($f_lf,'',$message); //remove new lines if such
$time=time();
$ip='';
if(isset($_SERVER['REMOTE_ADDR'])) $ip=trim($_SERVER['REMOTE_ADDR']);
elseif(isset($_SERVER['HTTP_PC_REMOTE_ADDR'])) $ip=trim($_SERVER['HTTP_PC_REMOTE_ADDR']);
$typechange=array("reg"=>"Register", "conf"=>"Confirmation", "confadmin"=>"Confirmation (Admin)", "forgotpass"=>"Forgotten pass", "changepass"=>"Change pass", "editprofile"=>"Edit profile", "resend"=>"Confirmation email resend", "login"=>"Login", "logout"=>"Logout");
$currchange=$typechange[$change];
$record_line="$time => $currchange -> $data => Result: $message => $ip";
clearstatcache();
if(!file_exists($ca_db_activity_log)) $handle=@fopen($ca_db_activity_log,'w');
else $handle=@fopen($ca_db_activity_log,'a');
if(!$handle) return;
else
{
flock($handle,LOCK_EX);
if(filesize($ca_db_activity_log)==0) {$buf=$f_db_first_line.$f_lf.$record_line.$f_lf;}
else {$buf=$record_line.$f_lf;}
fwrite($handle,$buf); flock($handle,LOCK_UN); fclose($handle);
}
}
function db_get_users($tag='users')
{
global $ca_db_file;
$filename=$ca_db_file;
if(!file_exists($filename)) $filename=str_replace('../','',$filename);
$src=f_read_file($filename);
$users=f_GFS($src,'<'.$tag.'>',''.$tag.'>');
return $users;
}
function db_remove_user($usr,$flag='users')
{
global $ca_db_file, $ca_template_file;
$result=false;
$updated_users='';
$users=db_get_users($flag);
if($flag=='users') {if($users!='') $users_arr=f_format_users($users);}
else {if($users!='') $users_arr=$users;}
if(isset($users_arr) && !empty($users_arr))
{
$counter=0;
if(!$fp=fopen($ca_db_file,'r+')) {print f_fmt_in_template($ca_template_file,f_fmt_error_msg('DBFILE_NEEDCHMOD',$ca_db_file)); exit;}
flock($fp, LOCK_EX);
$fsize=filesize($ca_db_file);
if($fsize>0) $file_contents=fread($fp,$fsize);
$updated_users=str_replace(f_GFSAbi($users,''),'',$users);
$file_contents=str_replace($users, $updated_users,$file_contents);
ftruncate($fp, 0);
fseek($fp, 0);
if(fwrite($fp,$file_contents) === FALSE) {print "Cannot write to file"; exit; }
flock($fp, LOCK_UN);
fclose( $fp );
$result=true;
}
return $result;
}
function db_write_user($flag,$uniqueid,$username='',$pwd='',$sections='',$details='',$news='')
{
$users_arr=array();
$specific_user=array();
if($flag=='selfreg') {db_add_user($uniqueid,$username,$pwd,$sections,$details,$news,true);}
else
{
$users=db_get_users();
if($users!='') $users_arr=f_format_users($users);
if(!empty($users_arr))
{
foreach($users_arr as $k=>$v) { if($uniqueid==$v['id']) {$id=$v['id']; break;} }
}
if($flag!='add' && isset($id)) db_edit_user($flag,$id,$username,$pwd,$sections,$details,$news);
else { $last=array_pop($users_arr); db_add_user($last['id']+1,$username,$pwd,$sections,$details,$news); }
}
}
function db_add_user($id,$username,$pwd,$sections,$details,$news,$self_reg=false)
{
global $ca_db_file, $ca_template_file;
$result=false;
$file_contents=' */ ?>';
$new_user=''.$sections.' '. ($news!=''?''.$news.' ':'').$details.' '; //event manager
if(!file_exists($ca_db_file)) { print f_fmt_in_template($ca_template_file,f_fmt_error_msg('MISSING_DBFILE',$ca_db_file)); exit; }
else if(!$fp=fopen($ca_db_file,'r+')) {print f_fmt_in_template($ca_template_file,f_fmt_error_msg('DBFILE_NEEDCHMOD',$ca_db_file)); exit;}
flock($fp, LOCK_EX);
$fsize=filesize($ca_db_file);
if($fsize>0) $file_contents=fread($fp,$fsize);
if($self_reg==false) {$file_contents=str_replace('',$new_user.'',$file_contents);}
else
{
if(strpos($file_contents,'')===false)
{$file_contents=str_replace('',''.$new_user.' ',$file_contents);}
else {$file_contents=str_replace(' ',$new_user.'',$file_contents);}
}
if(strpos($file_contents,'/*')===FALSE)
{
$file_contents=str_replace('','/*',$file_contents);
$file_contents=str_replace(' ',' */',$file_contents);
}
ftruncate($fp,0);fseek($fp,0);
if(fwrite($fp,$file_contents) === FALSE) {print "Cannot write to file";exit;}
flock($fp,LOCK_UN);fclose($fp);
$result=true;
}
function db_edit_user($flag,$id,$username,$pwd='',$sections='',$details='',$news='') //edit user's password or access
{
global $ca_db_file, $ca_template_file;
$users=''; $file_contents=''; $fixed='';
$users=db_get_users();
if(!$fp=fopen($ca_db_file,'r+')) {print f_fmt_in_template($ca_template_file,f_fmt_error_msg('DBFILE_NEEDCHMOD',$ca_db_file)); exit;}
flock($fp,LOCK_EX);
$fsize=filesize($ca_db_file);
if($fsize>0) $file_contents=fread($fp,$fsize);
$user_to_update='').' ';
if(strpos($user_to_update,'')===false || strpos($user_to_update,'')!==false) {$fixed=str_replace(' ',' ',$user_to_update);}
else
{
if(strpos($user_to_update,' 0) $file_contents=fread($fp,$fsize);
}
if($flag=='editpass') $updated_user=str_replace(f_GFS($user_to_update,'password="','"'),$pwd,$user_to_update);
elseif($flag=='editaccess') $updated_user=str_replace(f_GFS($user_to_update,'',' '),$sections,$user_to_update);
elseif($flag=='editdetails')
{
$updated_user=str_replace(f_GFSAbi($user_to_update,' '),$details,$user_to_update);
if(strpos($user_to_update,'')===false) //event manager
$updated_user=str_replace('',''.$news.' ',$updated_user);
else
$updated_user=str_replace(f_GFSAbi($user_to_update,'',' '),''.$news.' ',$updated_user);
if(isset($_POST['old_username']))
{
$old_user_name=f_GFSAbi($updated_user,'username="','"');
$updated_user=str_replace($old_user_name,'username="'.$_POST['username'].'"',$updated_user);
}
}
elseif($flag=='activate' || $flag=='block')
{
$details_orig=f_GFSAbi($user_to_update,'');
if(strpos($details_orig,'status="')!==false)
{$details_new=str_replace(f_GFSAbi($details_orig,'status="','"'), 'status="'.($flag=='activate'?'1':'0').'"',$details_orig);}
else {$details_new=str_replace('>', ' status="'.($flag=='activate'?'1':'0').'">',$details_orig);}
$updated_user=str_replace($details_orig, $details_new, $user_to_update);
}
else $updated_user=$user_to_update;
$file_contents=str_replace($user_to_update,$updated_user,$file_contents);
ftruncate($fp,0);fseek($fp,0);
if(fwrite($fp,$file_contents)===FALSE) {print "Cannot write to file";exit;}
flock($fp,LOCK_UN);fclose($fp);
return true;
}
# ----------- login/logout
function login_admin() // process login admin
{
global $ca_admin_username,$ca_admin_pwd,$ca_lang_l,$ca_account_msg;
$output='';
if(isset($_POST['login']))
{
if(isset($_POST['password'])) $pass_filled=md5($_POST['password']);
if(empty($_POST['username']) || empty($_POST['password']))
{
$output.=build_login_form_ca("".f_ucfirst($ca_lang_l['fill in']).' '.f_ucfirst($ca_lang_l['username']).' & '.f_ucfirst($ca_lang_l['password'])." ");
}
elseif(f_strip_tags($_POST['username'])!=$ca_admin_username || $pass_filled!=$ca_admin_pwd)
{
set_delay();
$output.=build_login_form_ca("".f_ucfirst($ca_lang_l['incorrect username/password'])." ");
}
else
{
f_regenerate_session_id();
f_setAdminCookie($ca_admin_username); //ADMIN
if(isset($_SERVER['HTTP_USER_AGENT'])) f_set_session_var( 'HTTP_USER_AGENT',md5($_SERVER['HTTP_USER_AGENT']));
set_admin_cookie(); // for counter - to ignore hits from site admin
index(); exit;
}
}
else
{
if(strtolower($ca_admin_username)=='admin' && ($ca_admin_pwd==md5('admin') || $ca_admin_pwd==md5('Admin') || $ca_admin_pwd==md5('ADMIN')))
{print GT($ca_account_msg); exit;}
$output.=build_login_form_ca($ca_lang_l['administration panel']);
}
$output=GT($output,false,'',true);
print $output;
}
function set_admin_cookie()
{
if(!isset($_COOKIE['visit_from_admin'])) // counter needed to ignore hits from site admin
{
$ts=time();
$expire_ts=mktime(23, 59, 59, date ('n',$ts), date ('j',$ts), 2037);
setcookie('visit_from_admin',md5(uniqid(mt_rand(),true)),$expire_ts);
}
}
function set_delay()
{
global $ca_db_delay_file;
$max_exec=intval(ini_get('max_execution_time'));
$delay=($max_exec>=25)?20:$max_exec-2;
$ts=time();
$last_wrong_ts=$ts;
if(file_exists($ca_db_delay_file) && is_writable($ca_db_delay_file))
{
$fsize=filesize($ca_db_delay_file);
if($fsize>0)
{
$fp=fopen($ca_db_delay_file,'r');
$last_wrong_ts=intval(fread($fp,$fsize));
fclose($fp);
}
if($ts-$last_wrong_ts<=30) sleep($delay); else sleep(1);
$fp=fopen($ca_db_delay_file,'w');
flock($fp, LOCK_EX); fwrite($fp,$ts);
flock($fp, LOCK_UN); fclose($fp);
}
elseif($ts-$last_wrong_ts<=30) sleep($delay);
}
function logout_user()
{
global $ca_settings,$f_home_page,$ca_action_id;
if($ca_action_id=='logoutadmin') write_log('logout','USER:Administrator','success');
if($ca_action_id=='logout' && f_adminCookie()) write_log('logout','USER:Administrator','success');
elseif(f_userCookie()) { $user=f_getUserCookie(); write_log('logout','USER:'.$user,'success'); }
f_unset_session();
$logout_redirect_url=f_GFS($ca_settings,'',' ');
if(!empty($logout_redirect_url)) { $redirect_page_name=(strpos($logout_redirect_url,'http')===false? 'http://': '').$logout_redirect_url; }
elseif(isset($_GET['ref_url'])) { $redirect_page_name=f_strip_tags($_GET['ref_url']); }
elseif(isset($_GET['pageid']) && intval($_GET['pageid'])>0)
{
$prot_page_info=get_page_info($_GET['pageid']); $prot_page_name=$prot_page_info[1];
$redirect_page_name=(strpos($prot_page_name,'../')===false? '../': '').$prot_page_name;
}
else
{
$pos=strpos($f_home_page,'http://');
$redirect_page_name=($pos!==false)? substr($f_home_page,$pos): '../'.$f_home_page;
}
f_url_redirect($redirect_page_name,false);
}
function user_navigation($only_username=false,$return_flag=false)
{
global $thispage_id,$ca_l_amp,$ca_pref,$f_sp_pages_ids;
$labels=f_get_myprofile_labels($thispage_id,$ca_pref);
$logged_as_label=(isset($_GET['logged_l'])? f_sth(f_strip_tags($_GET['logged_l'])): 'logged as');
$pageid_info=f_get_page_params($thispage_id,$ca_pref);
$thispage_dir=(isset($pageid_info[1]) && strpos($pageid_info[1],'../')===false)?'documents/':'../documents/';
$is_admin=f_adminCookie();
$is_user=f_userCookie();
if($is_admin) $user_val=f_getAdminCookie();
elseif($is_user) $user_val=f_getUserCookie();
$heading='';
if(strtolower($logged_as_label)=='username' || $only_username) {$heading=$user_val;}
elseif($is_admin || $is_user)
{
$ca_url=$thispage_dir.'centraladmin.php?process=';
$ref_url=(isset($pageid_info[1])?$pageid_info[1]:'');
$heading.=''.$labels['welcome'].' ['.$user_val.'] ';
$sp_page=isset($pageid_info[4]) && in_array($pageid_info[4],$f_sp_pages_ids);
if($is_admin)
{
if($sp_page) $heading.='| '.$labels['edit'].' ';
$heading.='| '.$labels['administration panel'].' '
.'| '.$labels['logout'].' ';
}
else
{
if($sp_page && f_has_write_access($user_val,$pageid_info,$ca_pref))
$heading.='| '.$labels['edit'].' ';
$ca_detailed_url=$thispage_dir.'centraladmin.php?pageid='.$thispage_id.'&ref_url='.urlencode($ref_url).'&username='.$user_val.$ca_l_amp.'&process=';
$heading.='| '.$labels['profile'].' '
.'| '.$labels['logout'].' ';
}
}
if($return_flag) return $heading;
else print $heading;
}
function user_navigation_float($return_flag=false)
{
global $thispage_id,$ca_l_amp,$ca_pref,$f_sp_pages_ids;
$vert=isset($_REQUEST['vert']);
$glu=$vert?'':' | ';
$labels=f_get_myprofile_labels($thispage_id,$ca_pref);
$logged_as_label=(isset($_GET['logged_l'])? f_sth(f_strip_tags($_GET['logged_l'])): 'logged as');
$pageid_info=f_get_page_params($thispage_id,$ca_pref);
$thispage_dir=(isset($pageid_info[1]) && strpos($pageid_info[1],'../')===false)?'documents/':'../documents/';
$is_admin=f_adminCookie();
$is_user=f_userCookie();
if($is_admin) $user_val=f_getAdminCookie();
elseif($is_user) $user_val=f_getUserCookie();
if(strtolower($logged_as_label)=='username') $heading=$user_val;
elseif($is_admin || $is_user)
{
$ca_url=$thispage_dir.'centraladmin.php?process=';
$ref_url=(isset($pageid_info[1])?$pageid_info[1]:'');
$heading=''.$labels['welcome'].' ['.$user_val.'] ';
if($is_admin)
{
if(isset($pageid_info[4]) && in_array($pageid_info[4],$f_sp_pages_ids))
$heading.=''.$glu.''.$labels['edit'].' ';
$heading.=''.$glu.''.$labels['administration panel'].' ';
$heading.=''.$glu.''.$labels['logout'].' ';
}
else
{
$heading='';
if(isset($pageid_info[4]) && in_array($pageid_info[4],$f_sp_pages_ids) && f_has_write_access($user_val,$pageid_info,$ca_pref))
$heading.=''.$glu.''.$labels['edit'].' ';
$ca_detailed_url=$thispage_dir.'centraladmin.php?pageid='.$thispage_id.'&ref_url='.urlencode($ref_url).'&username='.$user_val.$ca_l_amp.'&process=';
$heading.=''.$glu.''.$labels['profile'].' ';
$heading.=''.$glu.''.$labels['logout'].' ';
}
}
else $heading=''.$labels['welcome guest'].' ';
if($return_flag) return $heading;
else print $heading;
}
function get_userpages()
{
global $db,$f_sp_pages_ids,$ca_pref;
$result='';
f_int_start_session("private");
if(f_adminCookie()) $result='all';
elseif(f_userCookie())
{
$user_account=f_get_user(f_getUserCookie(),$ca_pref);
if($user_account['access'][0]['section']=='ALL') $result='all';
else
{
$controlled_pages=get_prot_pages_list('');
$protected_pages=array();
$protected_pages_per_section=array();
$special_ids=array();
foreach($controlled_pages as $k=>$v)
{
if($v['protected']=='TRUE') $protected_pages[]=$v['id'];
if(in_array($v['typeid'],$f_sp_pages_ids)) $special_ids[]=$v['id'];
}
foreach($user_account['access'][0]['page_access'] as $k=>$v)
{
$pid=intval($v['page']);
if(in_array($pid,$protected_pages))
{
$at=intval($v['type']);
if(in_array($pid,$special_ids)) $access=($at==1)||($at==3)||($at==0);
else $access=$at==0;
if($access) $result.=$pid.'|';
}
elseif($v['section']!='ALL' && $pid==0) //protection sections
{
$vs=$v['section'];
if(!isset($protected_pages_per_section[$vs]))
$protected_pages_per_section[$vs]=get_prot_pages_list($vs);
$protected_insection=$protected_pages_per_section[$vs];
$pp_section=array();$sp_section=array();
foreach($protected_insection as $k2=>$v2)
{
if($v2['protected']=='TRUE') $pp_section[]=$v2['id'];
if(in_array($v2['typeid'],$f_sp_pages_ids)) $sp_section[]=$v2['id'];
}
$at=intval($v['access_type']);
if($at==0) foreach($pp_section as $k2=>$v2) $result.=$v2.'|';
foreach($special_ids as $k2=>$v2)
if($at==1 || $at==3 || $at==0) $result.=$v2.'|';
}
}
}
}
if($result=='')$result='none';
return $result;
}
function process_admin()
{
global $ca_admin_username,$ca_pref,$ca_admin_pwd,$thispage_id,$version,$f_version,$f_sp_pages_ids,$ca_account_msg,$ca_db_settings_file, $ca_settings,$ca_db_file,
$counter_ds_db_fname,$sr_enable,$ca_db_activity_log,$ca_template_file,$f_names_lang_sets,$ca_pref_dir,$ca_lang_l,$f_br,$f_ct,$rss_call_in_prot_page,
$counter_ts_db_fname,$ca_l_amp,$f_db_first_line,$f_lf,$f_fmt_caption,$ca_span8,$f_max_rec_on_admin,$f_db_folder,$ca_lang_set_fname,$f_br,$f_ct,$template_in_root,$ca_action_id,
$f_charset_lang_map,$ca_lang, $ca_reg_lang_settings_keys,$ca_reg_lang_settings_labels,$ca_loggedcheck,$ca_areaarray,$ca_logged_access,$f_navtop,$f_navend,$ca_l, $ca_myprofile_actions,
$ca_site_url,$f_use_prot_areas,$f_subminiforms,$ca_other_actions,$ca_admin_actions,$ca_lang_template,$ca_user_actions,$f_uni,$f_login_cookiebased,$f_login_cookie_expire;
$access_flag=false;
$ca_action_id=(empty($_GET) && empty($thispage_id))?'index':'';
$ca_action_id=(isset($_REQUEST['process'])?f_strip_tags($_REQUEST['process']):$ca_action_id);
if($ca_action_id=='up')
{
echo get_userpages();
exit;
}
if(($ca_action_id!='') && !in_array($ca_action_id,$ca_other_actions) && !in_array($ca_action_id,$ca_admin_actions)) $ca_action_id='index';
ca_update_language_set();
$ca_lang_template=f_define_source_page($ca_pref,$ca_lang, (in_array($ca_action_id,$ca_user_actions) || in_array($ca_action_id,$ca_myprofile_actions)?true:'')); // needed here in order to define $f_mobile_detected
if((in_array($ca_action_id,$ca_user_actions) || in_array($ca_action_id,$ca_myprofile_actions)) && strpos($ca_lang_template,'/')!==false)
$ca_pref_dir='../documents/';
if(in_array($ca_action_id,$ca_myprofile_actions) && f_getUserCookie()=='') $ca_action_id='index';
else f_int_start_session('private');
if(isset($ca_loggedcheck) && ($ca_loggedcheck==true))
{
if(f_adminCookie()) $ca_logged_access=array_keys($ca_areaarray);
elseif(f_userCookie())
{
$user_account=f_get_user(f_getUserCookie(),$ca_pref);
if($user_account['access'][0]['section']=='ALL') { $ca_logged_access=array_keys($ca_areaarray); }
else { foreach($user_account['access'] as $k=>$v) $ca_logged_access[]=$v['section']; }
}
else $ca_logged_access=array();
}
elseif($ca_action_id=='logout' || $ca_action_id=="logoutadmin") {logout_user();}
elseif($ca_action_id=="version") {echo $version.' '.$f_version;}
elseif($ca_action_id=="next" || $ca_action_id=="prev")
{
$all_pages=get_pages_list(); $new_page='';
foreach($all_pages as $k=>$v)
{
if(isset($v['pageid']) && $v['pageid']==$_REQUEST['id'])
{
$c_lang=$v['lang']; $orig_page=$v['url'];
$new_i=($ca_action_id=="next"?$k+1:$k-1);
if(isset($all_pages[$new_i]['pageid']))
{
if($all_pages[$new_i]['hidden']=='FALSE' && $all_pages[$new_i]['lang']==$c_lang) $new_page=$all_pages[$new_i]['url'];
elseif($all_pages[$new_i]['lang']==$c_lang)
{
while(!isset($all_pages[$new_i]['hidden']) || $all_pages[$new_i]['hidden']=='TRUE')
{
if($ca_action_id=="next") $new_i++;
else $new_i--;
}
if($all_pages[$new_i]['hidden']=='FALSE' && $all_pages[$new_i]['lang']==$c_lang) {$new_page=$all_pages[$new_i]['url'];}
}
}
}
}
if(empty($new_page)) $new_page=$orig_page;
$new_page=(strpos($new_page,'../')===false?'../':'').$new_page;
f_url_redirect($new_page,false); exit;
}
elseif($ca_action_id=="register" || $ca_action_id=="register2") process_register($ca_action_id=="register2");
elseif($ca_action_id=="loggedinfo" || $ca_action_id=="loggeduser" || $ca_action_id=="logged")
{
if(!isset($_SERVER['HTTP_REFERER'])) {f_url_redirect("centraladmin.php?process=index",false);exit;}
else
{
if($ca_action_id=="loggedinfo") $logged_info=user_navigation(false,true);
elseif($ca_action_id=="logged") $logged_info=user_navigation_float(true);
else $logged_info=user_navigation(true,true);
$out=isset($_REQUEST['nodw'])?$logged_info:"\ndocument.write(' $logged_info ');\n";
echo $out;
}
}
elseif($ca_action_id=="forgotpass" || $ca_action_id=="forgotpass2") process_forgotpass();
elseif($ca_action_id=='sitemap')
{
$fc=(isset($_GET['pwd']) && crypt($_GET['pwd'],'admin')=='adPTFL0iJCHec')?f_read_file($ca_pref.'sitemap.php'):'';
print str_replace(array(''),array('',''),$fc);exit;
}
elseif(in_array($ca_action_id,$ca_admin_actions))
{
$table_data=array();$end='';$menu_title='';$output='';
if(f_is_ezg_admin_notlogged())
{
if(strpos($ca_lang_template,'/')!==false) $ca_pref_dir='../documents/';
login_admin(); exit;
}
if($ca_action_id=="index") index();
elseif($ca_action_id=="manageusers") manage_users();
elseif($ca_action_id=="processuser") process_users();
elseif($ca_action_id=="pendingreg") check_pending_users();
elseif($ca_action_id=="confcounter") conf_counter();
elseif($ca_action_id=="resetcounter")
{
if(isset($_GET['confirmreset']) && file_exists($counter_ts_db_fname) && (filesize($counter_ts_db_fname)!==0))
{
$files=array($counter_ts_db_fname,$counter_ds_db_fname);
foreach($files as $k=>$v) {$fp=fopen($v,'r+');flock($fp,LOCK_EX);ftruncate($fp,0);fseek($fp,0);flock($fp,LOCK_UN);fclose($fp);}
f_write_tagged_data("counter_cookie_suffix",time(),$ca_db_settings_file,$ca_template_file);
clearstatcache();
$table_data[]=array('', ''.f_ucfirst($ca_lang_l['reset done']).' ');
$flag=true;
}
else
{
$table_data[]=array('', ''.f_ucfirst($ca_lang_l['reset MSG1']).' ');
$end=' $v)
{
if($v=='repeat password' || $v=='want to receive notification') $setting_value=$_POST[str_replace(' ','_',$v)];
else $setting_value=(isset($_POST[$v]))? str_replace($f_lf,'##',f_esc(trim($_POST[$v]))): '';
$record_line.='<'.$v.'>'.$setting_value.''.$v.'>';
}
if(!empty($record_line)) f_write_tagged_data("sr_language_".$post_lang, $record_line, $ca_db_settings_file, $ca_template_file);
$table_data[]=array('', ''.f_ucfirst($ca_lang_l['settings saved']).' ');
$ca_settings=f_read_file($ca_db_settings_file);
ca_update_language_set();
}
else
{
$lang_set_sr=f_read_lang_set($ca_lang_set_fname,$cur_lang,'ca');
$sr_lang_l=(isset($lang_set_sr['lang_l']))? $lang_set_sr['lang_l']: $ca_lang_l;
$reg_lang_set_raw=f_GFS($ca_settings,'',' ');
if($reg_lang_set_raw!='')
{
foreach($ca_reg_lang_settings_keys as $k=>$v)
{
if(strpos($reg_lang_set_raw,'<'.$v.'>')!==false) $sr_lang_l[$v]=f_un_esc(f_GFS($reg_lang_set_raw,'<'.$v.'>',''.$v.'>'));
}
}
$input=' %s';
$jstring='onchange="document.location=\''.($template_in_root?$abs_url:'centraladmin.php').'?process=confreglang&sr_lang=\' + this.options[this.selectedIndex].value;"';
$table_data[]=array($ca_lang_l['edit_language'],f_build_select("language",$f_names_lang_sets,$cur_lang,'','key',$jstring));
foreach($ca_reg_lang_settings_keys as $k=>$v)
{
if(array_key_exists($v,$sr_lang_l))
{
$label=$ca_reg_lang_settings_labels[$k];
$setting_value=str_replace('##',$f_lf,f_sth($sr_lang_l[$v]));
if($v=='sr_email_msg' || $v=='sr_forgotpass_msg' || $v=='sr_forgotpass_msg0' || $v=='sr_activated_msg' || $v=='sr_blocked_msg')
{ $table_data[]=array($label, sprintf($area,$v,$setting_value)); }
else { $table_data[]=array($label, sprintf($input,$v,$setting_value)); }
}
}
$end=ca_getformbuttons('submit').$f_br;
}
$output=$f_navtop.' ';
$output=f_fmt_admin_screen($output, build_menu(' - '.f_ucfirst($ca_lang_l['language'])));
$output=GT($output);
if(!isset($_POST['submit']))
{
$charset=f_GFS($output,'charset=','"');
$new_charset=(strpos(f_strtolower($charset),'utf')!==false)? 'UTF-8': $f_charset_lang_map[$cur_lang];
if($charset!='') $output=str_replace('charset='.$charset.'"', 'charset='.$new_charset.'"', $output);
}
print $output;
}
elseif($ca_action_id=="conflang")
{
$logout_redirect_url=f_GFS($ca_settings,'',' ');
$tzone_offset=f_GFS($ca_settings,'',' ');
$lang_set=f_GFS($ca_settings,'',' ');
if(isset($_POST['submit']))
{
setcookie('ca_lang',strtoupper(f_strip_tags($_POST['lang'])), mktime(23,59,59, 1,1,2037),str_replace('http://'.$_SERVER['HTTP_HOST'],'',$ca_site_url));
f_write_tagged_data(array('language','logout_redirect_url','tzoneoffset'), array($_POST['lang'],$_POST['logout_redirect_url'],$_POST['tzone_offset']), $ca_db_settings_file, $ca_template_file);
$table_data[]=array('', ''.f_ucfirst($ca_lang_l['settings saved']).' ');
$ca_settings=f_read_file($ca_db_settings_file);
ca_update_language_set(strtoupper(f_strip_tags($_POST['lang'])));
}
else
{
$table_data[]=array($ca_lang_l['language'], f_build_select('lang',$f_names_lang_sets,strtoupper($lang_set)));
$table_data[]=array($ca_lang_l['set tzone'], " Disabled!');
if(!function_exists('imagecreatetruecolor'))
$table_data[]=array('GD Library',$f_br.'Disabled! ');
if(!function_exists("iconv"))
$table_data[]=array('Iconv Library',$f_br.'Disabled! ');
$output='";
$output=f_fmt_admin_screen($output, build_menu());
print GT($output);
}
elseif($ca_action_id=="log")
{
$logcontent=array();
clearstatcache();
if(file_exists($ca_db_activity_log))
{
$handle=fopen($ca_db_activity_log,'r');
while($data=fgetcsv($handle, 8192,'^'))
{
if($data[0]!=$f_db_first_line)
{
$ip='';
if(substr_count($data[0],'=>')>2) list($dt,$temp,$result,$ip)=explode('=>',$data[0]);
else list($dt,$temp,$result)=explode('=>',$data[0]);
list($activity,$user)=explode('->',$temp);
if(strpos($user,'EMAIL:')!==false) $user=f_GFS($user,'USER:','EMAIL:');
elseif(strpos($user,'ID:')!==false) $user=f_GFS($user,'USER:','ID:');
else $user=str_replace('USER:','',$user);
$logcontent[]=array('date'=>trim($dt),'activity'=>trim($activity),'user'=>str_replace($f_lf,$f_br,urldecode($user)).' '.($ip!=''?f_ip_locator($ip):''),'result'=>str_replace('Result:','',$result));
}
}
fclose($handle);
}
$output='';
if(!empty($logcontent))
{
$logcontent=array_reverse($logcontent);
$records_count=count($logcontent);
$screen=(isset($_GET['page'])?$_GET['page']:1);
$offset=($screen==1)?0:($screen-1)*$f_max_rec_on_admin;
$limit_rec_to=($screen*$f_max_rec_on_admin>$records_count)?$f_max_rec_on_admin-($screen*$f_max_rec_on_admin-$records_count):$f_max_rec_on_admin;
$show_records=array_slice($logcontent,$offset,$limit_rec_to);
$url_part=$ca_pref_dir."centraladmin.php?process=log";
$nav=f_page_nav_ca($records_count,$url_part,$f_max_rec_on_admin,$screen);
$cap_arrays=array($ca_lang_l['date'],$ca_lang_l['activity'],$ca_lang_l['user'],$ca_lang_l['result']);
$table_data=array();
foreach($show_records as $key=>$value)
{
if(!empty($value))
{
if(strpos($value['date'],':')) $date_value=$value['date'];
else $date_value=date('d M Y h:i:s',f_tzone_date($value['date']));
$row_data=array($ca_span8.$date_value."",$ca_span8." :: ".$value['activity']."", $ca_span8.$value['user']."",$ca_span8." :: ".$value['result']."");
$table_data[]=$row_data;
}
}
$append='