Nephthys - /nephthys.class.php - Annotate - oss.netshadow.at

root / nephthys.class.php

View | Annotate | Download (84 KB)

1	dae2f932	Andreas	<?php
2	dae2f932	Andreas
3	dae2f932	Andreas	/***************************************************************************
4	dae2f932	Andreas	*
5	9a37d81c	Andreas	* Nephthys - file sharing management
6	dae2f932	Andreas	* Copyright (c) by Andreas Unterkircher, unki@netshadow.at
7	dae2f932	Andreas	*
8	9a37d81c	Andreas	* This file is part of Nephthys.
9	9a37d81c	Andreas	*
10	9a37d81c	Andreas	* Nephthys is free software: you can redistribute it and/or modify
11	dae2f932	Andreas	* it under the terms of the GNU General Public License as published by
12	9a37d81c	Andreas	* the Free Software Foundation, either version 3 of the License, or
13	9a37d81c	Andreas	* (at your option) any later version.
14	dae2f932	Andreas	*
15	9a37d81c	Andreas	* Nephthys is distributed in the hope that it will be useful,
16	dae2f932	Andreas	* but WITHOUT ANY WARRANTY; without even the implied warranty of
17	dae2f932	Andreas	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18	dae2f932	Andreas	* GNU General Public License for more details.
19	dae2f932	Andreas	*
20	dae2f932	Andreas	* You should have received a copy of the GNU General Public License
21	9a37d81c	Andreas	* along with Nephthys. If not, see <http://www.gnu.org/licenses/>.
22	dae2f932	Andreas	*
23	dae2f932	Andreas	***************************************************************************/
24	dae2f932	Andreas
25	dae2f932	Andreas	require_once "nephthys_db.php";
26	f49348b2	Andreas	require_once "nephthys_buckets.php";
27	d08c99b8	Andreas	require_once "nephthys_addressbook.php";
28	123b4741	Andreas	require_once "nephthys_users.php";
29	d8166861	Andreas	require_once "nephthys_profile.php";
30	27af6e13	Andreas	require_once "nephthys_upload.php";
31	dae2f932	Andreas
32	dae2f932	Andreas	class NEPHTHYS {
33	dae2f932	Andreas
34	e5080fd1	Andreas	public $cfg;
35	e5080fd1	Andreas	public $db;
36	e5080fd1	Andreas	public $tmpl;
37	e5080fd1	Andreas	public $current_user;
38	c90d2898	Andreas	public $browser_info;
39	fbaee801	Andreas	public $sort_order;
40	dae2f932	Andreas
41	dae2f932	Andreas	private $runtime_error = false;
42	c70b4618	Andreas	private $_translationTable; // currently loaded translation table
43	c70b4618	Andreas	private $_loadedTranslationTables; // array of all loaded translation tables
44	dae2f932	Andreas
45	dae2f932	Andreas	/**
46	dae2f932	Andreas	* class constructor
47	dae2f932	Andreas	*
48	dae2f932	Andreas	* this function will be called on class construct
49	dae2f932	Andreas	* and will check requirements, loads configuration,
50	dae2f932	Andreas	* open databases and start the user session
51	dae2f932	Andreas	*/
52	dae2f932	Andreas	public function __construct()
53	dae2f932	Andreas	{
54	123b4741	Andreas	$GLOBALS['nephthys'] =& $this;
55	123b4741	Andreas
56	108c5139	Andreas	/* load config, exit if it fails */
57	108c5139	Andreas	if(!$this->load_config()) {
58	17ed2c1e	Andreas	$this->_error("Error during load_config()");
59	dae2f932	Andreas	exit(1);
60	dae2f932	Andreas	}
61	dae2f932	Andreas
62	46b8ea5e	Andreas	// if servername has not been set in the configuration
63	fff2a093	Andreas	// get it from the webserver. Only necessary if not
64	fff2a093	Andreas	// called from command line.
65	fff2a093	Andreas	if(!isset($this->cfg->servername) && !$this->is_cmdline()) {
66	46b8ea5e	Andreas	if(!isset($_SERVER['SERVER_NAME']))
67	46b8ea5e	Andreas	die("Can't get server name out of \$_SERVER['SERVER_NAME']");
68	8569ba82	Andreas	$this->cfg->servername = $_SERVER['SERVER_NAME'];
69	8569ba82	Andreas	}
70	8569ba82	Andreas
71	dae2f932	Andreas	/* Check necessary requirements */
72	dae2f932	Andreas	if(!$this->checkRequirements()) {
73	dae2f932	Andreas	exit(1);
74	dae2f932	Andreas	}
75	dae2f932	Andreas
76	8f3c5e0d	Andreas	$this->browser_info = new Net_UserAgent_Detect();
77	8f3c5e0d	Andreas
78	27af6e13	Andreas	/* verify if browser supports javascript
79	27af6e13	Andreas	... if not called from command line
80	27af6e13	Andreas	... if not called via RPC handler
81	27af6e13	Andreas	... and ignore Javascript check is not set
82	27af6e13	Andreas	*/
83	27af6e13	Andreas	if(!$this->is_cmdline() && !defined('RPC_CALL') && (!isset($this->cfg->ignore_js) \|\| empty($this->cfg->ignore_js))) {
84	c90d2898	Andreas
85	fff2a093	Andreas	if(!$this->browser_info->hasFeature('javascript')) {
86	b340940a	Andreas	$this->_error("It seems your browser is not capable of supporting JavaScript or it has been disabled.");
87	eef6b66a	Andreas	$this->_error("Nephthys will not work without JavaScript!");
88	fff2a093	Andreas	exit;
89	fff2a093	Andreas	}
90	27af6e13	Andreas	}
91	c90d2898	Andreas
92	cc1b5b35	Andreas	/* if database type is set to sqlite, database exists
93	cc1b5b35	Andreas	but is not readable ...
94	cc1b5b35	Andreas	*/
95	cc1b5b35	Andreas	if($this->cfg->db_type == "sqlite" &&
96	cc1b5b35	Andreas	file_exists($this->cfg->sqlite_path) &&
97	cc1b5b35	Andreas	!is_readable($this->cfg->sqlite_path)) {
98	b340940a	Andreas	$this->_error("[". $this->cfg->sqlite_path ."] SQLite database is not readable for user ". $this->getuid());
99	cc1b5b35	Andreas	exit(1);
100	cc1b5b35	Andreas	}
101	cc1b5b35	Andreas
102	cc1b5b35	Andreas	/* if database type is set to sqlite, database exists
103	cc1b5b35	Andreas	but is not writeable ...
104	cc1b5b35	Andreas	*/
105	cc1b5b35	Andreas	if($this->cfg->db_type == "sqlite" &&
106	cc1b5b35	Andreas	file_exists($this->cfg->sqlite_path) &&
107	cc1b5b35	Andreas	!is_writable($this->cfg->sqlite_path)) {
108	b340940a	Andreas	$this->_error("[". $this->cfg->sqlite_path ."] SQLite database is not writeable for user ". $this->getuid());
109	cc1b5b35	Andreas	exit(1);
110	cc1b5b35	Andreas	}
111	cc1b5b35	Andreas
112	cc1b5b35	Andreas	/* if database type is set to sqlite, database does not exist
113	cc1b5b35	Andreas	yet and directory to store database is not writeable...
114	cc1b5b35	Andreas	*/
115	cc1b5b35	Andreas	if($this->cfg->db_type == "sqlite" &&
116	cc1b5b35	Andreas	!file_exists($this->cfg->sqlite_path) &&
117	cc1b5b35	Andreas	!is_writable(dirname($this->cfg->sqlite_path))) {
118	b340940a	Andreas	$this->_error("[". $this->cfg->sqlite_path ."] SQLite database can not be created in directory by user ". $this->getuid());
119	cc1b5b35	Andreas	exit(1);
120	cc1b5b35	Andreas	}
121	cc1b5b35	Andreas
122	9507541c	Andreas	$this->db = new NEPHTHYS_DB();
123	dae2f932	Andreas
124	cc1b5b35	Andreas	$this->check_db_tables();
125	cc1b5b35	Andreas
126	e0eec83a	Andreas	if(!is_writable($this->cfg->tmpl_path ."/templates_c")) {
127	e0eec83a	Andreas	$this->_error("[". $this->cfg->tmpl_path ."/templates_c] directory is not writeable for user ". $this->getuid());
128	dae2f932	Andreas	exit(1);
129	dae2f932	Andreas	}
130	dae2f932	Andreas
131	83d688ef	Andreas	/* check if the bucket root directory ($data_path) exists */
132	83d688ef	Andreas	if(!file_exists($this->cfg->data_path)) {
133	b340940a	Andreas	$this->_error("[". $this->cfg->data_path ."] directory does not exist");
134	83d688ef	Andreas	exit(1);
135	83d688ef	Andreas	}
136	83d688ef	Andreas	/* check if the webservers user is allowed to modify the bucket
137	83d688ef	Andreas	root directory ($data_path). This is necessary to create &
138	83d688ef	Andreas	delete bucket directories.
139	83d688ef	Andreas	*/
140	83d688ef	Andreas	if(!is_writeable($this->cfg->data_path)) {
141	b340940a	Andreas	$this->_error("[". $this->cfg->data_path ."] directory is not writeable for user ". $this->getuid());
142	83d688ef	Andreas	exit(1);
143	83d688ef	Andreas	}
144	83d688ef	Andreas
145	dae2f932	Andreas	/* if session is not yet started, do it now */
146	dae2f932	Andreas	if(session_id() == "")
147	dae2f932	Andreas	session_start();
148	dae2f932	Andreas
149	bb96e5ca	Andreas	/*if(!isset($_SERVER['REMOTE_USER']) \|\| empty($_SERVER['REMOTE_USER'])) {
150	b340940a	Andreas	$this->parent->_error("It seems you are not authenticated through the server");
151	57ce528e	Andreas	exit(1);
152	57ce528e	Andreas	}
153	bb96e5ca	Andreas	*/
154	57ce528e	Andreas
155	ee3e8da9	Andreas	if(!$this->is_cmdline() &&
156	ee3e8da9	Andreas	isset($this->cfg->allow_server_auth) && $this->cfg->allow_server_auth == true
157	ee3e8da9	Andreas	&& (!isset($_SERVER['REMOTE_USER']) \|\| empty($_SERVER['REMOTE_USER']))) {
158	b340940a	Andreas	$this->_error("Server authentication is enabled in Nephthys config but server does not "
159	b340940a	Andreas	."provide details in REMOTE_USER variable.");
160	ee3e8da9	Andreas
161	ee3e8da9	Andreas	exit(1);
162	ee3e8da9	Andreas	}
163	ee3e8da9	Andreas
164	a1eea52e	Andreas	/* if server-authentication is allowed... */
165	dfa353f7	Andreas	if(isset($this->cfg->allow_server_auth) &&
166	dfa353f7	Andreas	$this->cfg->allow_server_auth == true) {
167	dfa353f7	Andreas
168	a1eea52e	Andreas	/* if the user exists in Nephthys user table ... */
169	70c9514a	Andreas	if(isset($_SERVER['REMOTE_USER']) && $user = $this->get_user_details_by_name($_SERVER['REMOTE_USER'])) {
170	dfa353f7	Andreas	/* if user is active, register informations to session */
171	dfa353f7	Andreas	if($user->user_active == 'Y') {
172	dfa353f7	Andreas	$_SESSION['login_name'] = $user->user_name;
173	dfa353f7	Andreas	$_SESSION['login_idx'] = $user->user_idx;
174	9ea98166	Andreas	/* update the last login time of this user */
175	9ea98166	Andreas	$this->update_last_login($user->user_idx);
176	dfa353f7	Andreas	}
177	e2c6f5d5	Andreas	}
178	a1eea52e	Andreas	/* otherwise, if auto-creation is enabled, create it... */
179	a1eea52e	Andreas	else {
180	a1eea52e	Andreas
181	a1eea52e	Andreas	/* is user-auto-creation enabled? */
182	dfa353f7	Andreas	if(isset($this->cfg->user_auto_create) &&
183	dfa353f7	Andreas	$this->cfg->user_auto_create == true) {
184	a1eea52e	Andreas
185	8490a5f8	Andreas	if(isset($_SERVER['REMOTE_USER']) &&
186	8490a5f8	Andreas	$idx = $this->create_user($_SERVER['REMOTE_USER'])) {
187	e0b9dfb7	Andreas	if($user = $this->get_user_details_by_idx($idx)) {
188	a1eea52e	Andreas	$_SESSION['login_name'] = $user->user_name;
189	a1eea52e	Andreas	$_SESSION['login_idx'] = $user->user_idx;
190	9ea98166	Andreas	/* update the last login time of this user */
191	9ea98166	Andreas	$this->update_last_login($user->user_idx);
192	a1eea52e	Andreas	}
193	a1eea52e	Andreas	}
194	a1eea52e	Andreas	}
195	a1eea52e	Andreas	}
196	5453eb2a	Andreas	}
197	cc60d2c7	Andreas	else {
198	69f0963f	Andreas	/* local authentication, if login data is already available */
199	69f0963f	Andreas	if(isset($_SESSION['login_idx']) && is_numeric($_SESSION['login_idx']))
200	69f0963f	Andreas	$user = $this->get_user_details_by_idx($_SESSION['login_idx']);
201	cc60d2c7	Andreas	}
202	57ce528e	Andreas
203	20d75384	Andreas	/* if the user-object was found in database (or has been auto-created)
204	20d75384	Andreas	and the user has selected its own prefered language...
205	20d75384	Andreas	*/
206	c70b4618	Andreas	if(isset($user) &&
207	c70b4618	Andreas	isset($user->user_language) &&
208	c70b4618	Andreas	!empty($user->user_language) &&
209	c70b4618	Andreas	in_array($user->user_language, array_keys($this->cfg->avail_langs))) {
210	c70b4618	Andreas
211	c70b4618	Andreas	$this->cfg->language = $user->user_language;
212	c70b4618	Andreas
213	c70b4618	Andreas	}
214	c70b4618	Andreas
215	c70b4618	Andreas	/* load translation table for the current language */
216	c70b4618	Andreas	$this->load_translation_table();
217	c70b4618	Andreas
218	e5080fd1	Andreas	/* overload Smarty class if our own template handler */
219	e5080fd1	Andreas	require_once "nephthys_tmpl.php";
220	28a2b576	Andreas	$this->tmpl = new NEPHTHYS_TMPL();
221	e5080fd1	Andreas
222	72411b76	Andreas	if(isset($user->user_email) && !empty($user->user_email))
223	71ef2598	Andreas	$this->tmpl->assign('login_email', $user->user_email);
224	72411b76	Andreas
225	ef6e9663	Andreas	/* if browser is type Internet Explorer set a template variable to
226	ef6e9663	Andreas	inidicate to templates that browser is IE.
227	ef6e9663	Andreas	*/
228	ef6e9663	Andreas	if(isset($this->browser_info) && $this->browser_info->isIE())
229	ef6e9663	Andreas	$this->tmpl->assign('is_ie', true);
230	ef6e9663	Andreas
231	eef6b66a	Andreas	if($this->browser_info->getOS(array("vista", "win7"))) {
232	eef6b66a	Andreas	$this->tmpl->assign('is_vista', true);
233	eef6b66a	Andreas	}
234	eef6b66a	Andreas
235	025d1320	Andreas	$this->tmpl->assign('hide_logout', $this->cfg->hide_logout);
236	1ae4ed13	Andreas	$this->tmpl->assign('disk_used', $this->get_unit($this->get_used_diskspace()));
237	1ae4ed13	Andreas	$this->tmpl->assign('disk_free', $this->get_unit($this->get_free_diskspace()));
238	025d1320	Andreas
239	fbaee801	Andreas	/* pre-define default sort order, if not set yet */
240	fbaee801	Andreas	if(!isset($_SESSION['sort_order']) \|\| !is_array($_SESSION['sort_order'])) {
241	fbaee801	Andreas
242	fbaee801	Andreas	$_SESSION['sort_order'] = Array(
243	fbaee801	Andreas	'buckets' => Array(
244	fbaee801	Andreas	'column' => 'bucket_name',
245	fbaee801	Andreas	'order' => 'asc'),
246	fbaee801	Andreas	'addressbook' => Array(
247	fbaee801	Andreas	'column' => 'contact_name',
248	fbaee801	Andreas	'order' => 'asc'),
249	fbaee801	Andreas	'users' => Array(
250	fbaee801	Andreas	'column' => 'user_name',
251	fbaee801	Andreas	'order' => 'asc'),
252	fbaee801	Andreas	);
253	fbaee801	Andreas
254	fbaee801	Andreas	}
255	fbaee801	Andreas
256	dae2f932	Andreas	} // __construct()
257	dae2f932	Andreas
258	dae2f932	Andreas	public function __destruct()
259	dae2f932	Andreas	{
260	dae2f932	Andreas
261	dae2f932	Andreas	} // __destruct()
262	dae2f932	Andreas
263	dae2f932	Andreas	/**
264	c8a1fee6	Andreas	* init - generate html output
265	dae2f932	Andreas	*
266	bc003de0	Andreas	* this function can be called after the constructor has prepared
267	bc003de0	Andreas	* everyhing. it will load the index.tpl Smarty template and exit
268	bc003de0	Andreas	* successfully.
269	dae2f932	Andreas	*/
270	5453eb2a	Andreas	public function init()
271	dae2f932	Andreas	{
272	bc003de0	Andreas	print $this->tmpl->fetch("index.tpl");
273	bc003de0	Andreas	exit(0);
274	dae2f932	Andreas
275	123b4741	Andreas	} // init()
276	da8cd0c3	Andreas
277	c8a1fee6	Andreas	/**
278	c8a1fee6	Andreas	* outputs the main content template
279	c8a1fee6	Andreas	*/
280	123b4741	Andreas	public function show()
281	123b4741	Andreas	{
282	bc003de0	Andreas	return $this->tmpl->fetch("main.tpl");
283	5453eb2a	Andreas
284	dae2f932	Andreas	} // show()
285	dae2f932	Andreas
286	dae2f932	Andreas	/**
287	c8a1fee6	Andreas	* outputs the menu template()
288	c8a1fee6	Andreas	*/
289	c8a1fee6	Andreas	public function get_menu()
290	c8a1fee6	Andreas	{
291	bc003de0	Andreas	return $this->tmpl->fetch("menu.tpl");
292	c8a1fee6	Andreas
293	c8a1fee6	Andreas	} // get_menu()
294	c8a1fee6	Andreas
295	c8a1fee6	Andreas	/**
296	123b4741	Andreas	* return main content
297	123b4741	Andreas	*/
298	123b4741	Andreas	public function get_content()
299	123b4741	Andreas	{
300	20d75384	Andreas	/* if no user-login yet, show the login box */
301	123b4741	Andreas	if(!$this->is_logged_in()) {
302	bc003de0	Andreas	return $this->tmpl->fetch("login_box.tpl");
303	123b4741	Andreas	}
304	20d75384	Andreas	else {
305	20d75384	Andreas	/* if the user has been auto-created, but its email address has not
306	20d75384	Andreas	been set yet - and the nephthys config option
307	20d75384	Andreas	$force_profile_update
308	20d75384	Andreas	is set to true, forward the user to the profile page instead of
309	20d75384	Andreas	everything else.
310	20d75384	Andreas	*/
311	20d75384	Andreas	if(isset($this->cfg->force_profile_update) &&
312	20d75384	Andreas	!empty($this->cfg->force_profile_update) &&
313	20d75384	Andreas	$this->is_auto_created($_SESSION['login_idx']) &&
314	385f188a	Andreas	!$this->get_user_email($_SESSION['login_idx'])) {
315	20d75384	Andreas
316	20d75384	Andreas	$request = "profile";
317	20d75384	Andreas
318	20d75384	Andreas	}
319	20d75384	Andreas	}
320	123b4741	Andreas
321	20d75384	Andreas	/* if the requests has not been overruled yet */
322	20d75384	Andreas	if(!isset($request)) {
323	20d75384	Andreas	/* page-id via HTTP GET */
324	20d75384	Andreas	if(isset($_GET['id']) && is_string($_GET['id']))
325	20d75384	Andreas	$request = $_GET['id'];
326	20d75384	Andreas	/* page-id via HTTP POST */
327	20d75384	Andreas	if(isset($_POST['id']) && is_string($_POST['id']))
328	20d75384	Andreas	$request = $_POST['id'];
329	20d75384	Andreas	}
330	123b4741	Andreas
331	123b4741	Andreas	switch($request) {
332	123b4741	Andreas	case 'main':
333	123b4741	Andreas	$obj = $this;
334	123b4741	Andreas	break;
335	123b4741	Andreas	case 'users':
336	d8166861	Andreas	$obj = new NEPHTHYS_USERS();
337	123b4741	Andreas	break;
338	5941d462	Andreas	case 'buckets':
339	d8166861	Andreas	$obj = new NEPHTHYS_BUCKETS();
340	d8166861	Andreas	break;
341	d8166861	Andreas	case 'profile':
342	d8166861	Andreas	$obj = new NEPHTHYS_PROFILE();
343	5941d462	Andreas	break;
344	d08c99b8	Andreas	case 'addressbook':
345	d08c99b8	Andreas	$obj = new NEPHTHYS_ADDRESSBOOK();
346	d08c99b8	Andreas	break;
347	88e8c926	Andreas	case 'about':
348	bc003de0	Andreas	return $this->tmpl->fetch("about.tpl");
349	2a1416b5	Andreas	break;
350	bf680ae7	Andreas	case 'help':
351	bc003de0	Andreas	return $this->tmpl->fetch("help.tpl");
352	bf680ae7	Andreas	break;
353	b190d01b	Andreas	case 'savedbucket':
354	b190d01b	Andreas	$obj = new NEPHTHYS_BUCKETS();
355	b190d01b	Andreas	return $obj->showBucket();
356	b190d01b	Andreas	break;
357	123b4741	Andreas	}
358	123b4741	Andreas
359	123b4741	Andreas	if(isset($obj))
360	123b4741	Andreas	return $obj->show();
361	123b4741	Andreas
362	123b4741	Andreas	} // get_content()
363	123b4741	Andreas
364	123b4741	Andreas	public function store()
365	123b4741	Andreas	{
366	123b4741	Andreas	if(!$this->is_logged_in()) {
367	8ad5a624	Andreas	return "login first";
368	123b4741	Andreas	}
369	123b4741	Andreas
370	123b4741	Andreas	if(isset($_POST['module'])) {
371	123b4741	Andreas	switch($_POST['module']) {
372	123b4741	Andreas	case 'users':
373	d8166861	Andreas	$obj = new NEPHTHYS_USERS;
374	123b4741	Andreas	break;
375	f49348b2	Andreas	case 'buckets':
376	f49348b2	Andreas	$obj = new NEPHTHYS_BUCKETS;
377	f49348b2	Andreas	break;
378	d8166861	Andreas	case 'profile':
379	d8166861	Andreas	$obj = new NEPHTHYS_PROFILE;
380	d8166861	Andreas	break;
381	d08c99b8	Andreas	case 'addressbook':
382	d08c99b8	Andreas	$obj = new NEPHTHYS_ADDRESSBOOK;
383	d08c99b8	Andreas	break;
384	d08c99b8	Andreas	default:
385	d08c99b8	Andreas	return "unkown module";
386	d08c99b8	Andreas	break;
387	123b4741	Andreas	}
388	123b4741	Andreas
389	123b4741	Andreas	if(isset($obj)) {
390	81d72baa	Andreas	switch($_POST['mode']) {
391	123b4741	Andreas	case 'modify': return $obj->store(); break;
392	123b4741	Andreas	case 'delete': return $obj->delete(); break;
393	123b4741	Andreas	case 'toggle': return $obj->toggleStatus(); break;
394	123b4741	Andreas	}
395	123b4741	Andreas	}
396	123b4741	Andreas	}
397	123b4741	Andreas
398	123b4741	Andreas	} // store()
399	123b4741	Andreas
400	123b4741	Andreas	/**
401	dae2f932	Andreas	* check if all requirements are met
402	dae2f932	Andreas	*/
403	dae2f932	Andreas	private function checkRequirements()
404	dae2f932	Andreas	{
405	dae2f932	Andreas	/* Check for HTML_AJAX PEAR package, lent from Horde project */
406	dae2f932	Andreas	ini_set('track_errors', 1);
407	dae2f932	Andreas	@include_once 'HTML/AJAX/Server.php';
408	dae2f932	Andreas	if(isset($php_errormsg) && preg_match('/Failed opening.*for inclusion/i', $php_errormsg)) {
409	b340940a	Andreas	$this->_error("PEAR HTML_AJAX package is missing");
410	dae2f932	Andreas	$missing = true;
411	dae2f932	Andreas	}
412	dae2f932	Andreas	@include_once 'MDB2.php';
413	dae2f932	Andreas	if(isset($php_errormsg) && preg_match('/Failed opening.*for inclusion/i', $php_errormsg)) {
414	b340940a	Andreas	$this->_error("PEAR MDB2 package is missing");
415	dae2f932	Andreas	$missing = true;
416	59184a33	Andreas	unset($php_errormsg);
417	dae2f932	Andreas	}
418	cc1b5b35	Andreas	// If database type is set to MySQL
419	cc1b5b35	Andreas	if($this->cfg->db_type == "mysql") {
420	de253b48	Andreas	@include_once 'MDB2/Driver/mysqli.php';
421	cc1b5b35	Andreas	if(isset($php_errormsg) && preg_match('/Failed opening.*for inclusion/i', $php_errormsg)) {
422	de253b48	Andreas	$this->_error("PEAR MDB2-mysqli package is missing");
423	cc1b5b35	Andreas	$missing = true;
424	cc1b5b35	Andreas	unset($php_errormsg);
425	cc1b5b35	Andreas	}
426	cc1b5b35	Andreas	}
427	cc1b5b35	Andreas	// If database type is set to SQLite
428	cc1b5b35	Andreas	if($this->cfg->db_type == "sqlite") {
429	cc1b5b35	Andreas	@include_once 'MDB2/Driver/sqlite.php';
430	cc1b5b35	Andreas	if(isset($php_errormsg) && preg_match('/Failed opening.*for inclusion/i', $php_errormsg)) {
431	b340940a	Andreas	$this->_error("PEAR MDB2-sqlite package is missing");
432	cc1b5b35	Andreas	$missing = true;
433	cc1b5b35	Andreas	unset($php_errormsg);
434	cc1b5b35	Andreas	}
435	dae2f932	Andreas	}
436	dde393b3	Andreas	@include_once 'Mail.php';
437	dde393b3	Andreas	if(isset($php_errormsg) && preg_match('/Failed opening.*for inclusion/i', $php_errormsg)) {
438	b340940a	Andreas	$this->_error("PEAR Mail package is missing");
439	c90d2898	Andreas	$missing = true;
440	59184a33	Andreas	unset($php_errormsg);
441	c90d2898	Andreas	}
442	c90d2898	Andreas	@include_once 'Net/UserAgent/Detect.php';
443	c90d2898	Andreas	if(isset($php_errormsg) && preg_match('/Failed opening.*for inclusion/i', $php_errormsg)) {
444	b340940a	Andreas	$this->_error("PEAR Net_UserAgent_Detect package is missing");
445	dde393b3	Andreas	$missing = true;
446	59184a33	Andreas	unset($php_errormsg);
447	dde393b3	Andreas	}
448	ac5b6e1f	Andreas	@include_once 'Console/Getopt.php';
449	ac5b6e1f	Andreas	if(isset($php_errormsg) && preg_match('/Failed opening.*for inclusion/i', $php_errormsg)) {
450	b340940a	Andreas	$this->_error("PEAR Console_Getopt package is missing");
451	ac5b6e1f	Andreas	$missing = true;
452	ac5b6e1f	Andreas	unset($php_errormsg);
453	ac5b6e1f	Andreas	}
454	db4b67a6	Andreas	@include_once $this->cfg->smarty_path .'/libs/Smarty.class.php';
455	db4b67a6	Andreas	if(isset($php_errormsg) && preg_match('/Failed opening.*for inclusion/i', $php_errormsg)) {
456	b340940a	Andreas	$this->_error("Smarty template engine can not be found in ". $this->cfg->smarty_path ."/libs/Smarty.class.php");
457	db4b67a6	Andreas	$missing = true;
458	59184a33	Andreas	unset($php_errormsg);
459	db4b67a6	Andreas	}
460	dae2f932	Andreas	ini_restore('track_errors');
461	dae2f932	Andreas
462	dae2f932	Andreas	if(isset($missing))
463	dae2f932	Andreas	return false;
464	dae2f932	Andreas
465	dae2f932	Andreas	return true;
466	dae2f932	Andreas
467	dae2f932	Andreas	} // checkRequirements()
468	dae2f932	Andreas
469	dae2f932	Andreas	/**
470	fee9ce9e	Andreas	* return the type of protocol used
471	fee9ce9e	Andreas	*
472	fee9ce9e	Andreas	* this function returns wether HTTP or HTTPS
473	fee9ce9e	Andreas	* is used for the client connection.
474	fee9ce9e	Andreas	*
475	fee9ce9e	Andreas	* @return string
476	dae2f932	Andreas	*/
477	dae2f932	Andreas	private function get_web_protocol()
478	dae2f932	Andreas	{
479	dae2f932	Andreas	if(!isset($_SERVER['HTTPS']))
480	dae2f932	Andreas	return "http";
481	dae2f932	Andreas	else
482	dae2f932	Andreas	return "https";
483	fee9ce9e	Andreas
484	dae2f932	Andreas	} // get_web_protocol()
485	dae2f932	Andreas
486	dae2f932	Andreas	/**
487	dae2f932	Andreas	* return url to this installation
488	fee9ce9e	Andreas	*
489	fee9ce9e	Andreas	* @return string
490	dae2f932	Andreas	*/
491	dae2f932	Andreas	private function get_nephthys_url()
492	dae2f932	Andreas	{
493	dae2f932	Andreas	return $this->get_web_protocol() ."://". $this->get_server_name() . $this->cfg->web_path;
494	72c89ff1	Andreas
495	dae2f932	Andreas	} // get_nephthys_url()
496	dae2f932	Andreas
497	dae2f932	Andreas	/**
498	dae2f932	Andreas	* check file exists and is readable
499	dae2f932	Andreas	*
500	dae2f932	Andreas	* returns true, if everything is ok, otherwise false
501	dae2f932	Andreas	* if $silent is not set, this function will output and
502	dae2f932	Andreas	* error message
503	dae2f932	Andreas	*/
504	dae2f932	Andreas	private function check_readable($file, $silent = null)
505	dae2f932	Andreas	{
506	dae2f932	Andreas	if(!file_exists($file)) {
507	dae2f932	Andreas	if(!isset($silent))
508	dae2f932	Andreas	print "File \"". $file ."\" does not exist.\n";
509	dae2f932	Andreas	return false;
510	dae2f932	Andreas	}
511	dae2f932	Andreas
512	dae2f932	Andreas	if(!is_readable($file)) {
513	dae2f932	Andreas	if(!isset($silent))
514	dae2f932	Andreas	print "File \"". $file ."\" is not reachable for user ". $this->getuid() ."\n";
515	dae2f932	Andreas	return false;
516	dae2f932	Andreas	}
517	dae2f932	Andreas
518	dae2f932	Andreas	return true;
519	dae2f932	Andreas
520	dae2f932	Andreas	} // check_readable()
521	dae2f932	Andreas
522	dae2f932	Andreas	/**
523	dae2f932	Andreas	* validate config options
524	dae2f932	Andreas	*
525	dae2f932	Andreas	* this function checks if all necessary configuration options are
526	dae2f932	Andreas	* specified and set.
527	dae2f932	Andreas	*/
528	dae2f932	Andreas	private function check_config_options()
529	dae2f932	Andreas	{
530	dae2f932	Andreas	if(!isset($this->cfg->page_title) \|\| $this->cfg->page_title == "")
531	dae2f932	Andreas	$this->_error("Please set \$page_title in nephthys_cfg");
532	dae2f932	Andreas
533	dae2f932	Andreas	if(!isset($this->cfg->base_path) \|\| $this->cfg->base_path == "")
534	dae2f932	Andreas	$this->_error("Please set \$base_path in nephthys_cfg");
535	dae2f932	Andreas
536	dae2f932	Andreas	if(!isset($this->cfg->web_path) \|\| $this->cfg->web_path == "")
537	dae2f932	Andreas	$this->_error("Please set \$web_path in nephthys_cfg");
538	dae2f932	Andreas
539	dae2f932	Andreas	if(!isset($this->cfg->smarty_path) \|\| $this->cfg->smarty_path == "")
540	dae2f932	Andreas	$this->_error("Please set \$smarty_path in nephthys_cfg");
541	dae2f932	Andreas
542	dae2f932	Andreas	if(!isset($this->cfg->theme_name))
543	dae2f932	Andreas	$this->_error("Please set \$theme_name in nephthys_cfg");
544	dae2f932	Andreas
545	dae2f932	Andreas	if(!isset($this->cfg->mysql_host))
546	dae2f932	Andreas	$this->_error("Please set \$mysql_host in nephthys_cfg");
547	dae2f932	Andreas
548	dae2f932	Andreas	if(!isset($this->cfg->mysql_db))
549	dae2f932	Andreas	$this->_error("Please set \$mysql_db in nephthys_cfg");
550	dae2f932	Andreas
551	dae2f932	Andreas	if(!isset($this->cfg->mysql_user))
552	dae2f932	Andreas	$this->_error("Please set \$mysql_user in nephthys_cfg");
553	dae2f932	Andreas
554	dae2f932	Andreas	if(!isset($this->cfg->mysql_pass))
555	dae2f932	Andreas	$this->_error("Please set \$mysql_pas in nephthys_cfg");
556	dae2f932	Andreas
557	dae2f932	Andreas	if(!isset($this->cfg->logging))
558	dae2f932	Andreas	$this->_error("Please set \$logging in nephthys_cfg");
559	dae2f932	Andreas
560	dae2f932	Andreas	if(isset($this->cfg->logging) && $this->cfg->logging == 'logfile') {
561	dae2f932	Andreas
562	dae2f932	Andreas	if(!isset($this->cfg->log_file))
563	dae2f932	Andreas	$this->_error("Please set \$log_file because you set logging = log_file in nephthys_cfg");
564	dae2f932	Andreas
565	cc1b5b35	Andreas	if(!is_writable($this->cfg->log_file))
566	dae2f932	Andreas	$this->_error("The specified \$log_file ". $log_file ." is not writeable!");
567	dae2f932	Andreas
568	dae2f932	Andreas	}
569	dae2f932	Andreas
570	dae2f932	Andreas	/* check for pending slash on web_path */
571	dae2f932	Andreas	if(!preg_match("/\/$/", $this->cfg->web_path))
572	dae2f932	Andreas	$this->cfg->web_path.= "/";
573	dae2f932	Andreas
574	dae2f932	Andreas	return $this->runtime_error;
575	dae2f932	Andreas
576	dae2f932	Andreas	} // check_config_options()
577	dae2f932	Andreas
578	dae2f932	Andreas	/**
579	dae2f932	Andreas	* return the current process-user
580	dae2f932	Andreas	*/
581	dae2f932	Andreas	private function getuid()
582	dae2f932	Andreas	{
583	dae2f932	Andreas	if($uid = posix_getuid()) {
584	dae2f932	Andreas	if($user = posix_getpwuid($uid)) {
585	dae2f932	Andreas	return $user['name'];
586	dae2f932	Andreas	}
587	dae2f932	Andreas	}
588	dae2f932	Andreas
589	dae2f932	Andreas	return 'n/a';
590	dae2f932	Andreas
591	dae2f932	Andreas	} // getuid()
592	dae2f932	Andreas
593	57ce528e	Andreas	/**
594	385f188a	Andreas	* returns the email address of the provided user id
595	385f188a	Andreas	* @param int $user_idx
596	385f188a	Andreas	* @return string
597	385f188a	Andreas	*/
598	385f188a	Andreas	public function get_user_email($user_idx)
599	385f188a	Andreas	{
600	385f188a	Andreas	$row = $this->db->db_fetchSingleRow("
601	385f188a	Andreas	SELECT
602	385f188a	Andreas	user_email
603	385f188a	Andreas	FROM
604	385f188a	Andreas	nephthys_users
605	385f188a	Andreas	WHERE
606	385f188a	Andreas	user_idx='". $user_idx ."'
607	385f188a	Andreas	");
608	385f188a	Andreas
609	385f188a	Andreas	if(isset($row->user_email)) {
610	385f188a	Andreas	return $row->user_email;
611	385f188a	Andreas	}
612	385f188a	Andreas
613	385f188a	Andreas	return NULL;
614	385f188a	Andreas
615	385f188a	Andreas	} // get_user_email()
616	385f188a	Andreas
617	385f188a	Andreas	/**
618	385f188a	Andreas	* return current users email address
619	385f188a	Andreas	*
620	385f188a	Andreas	* this function returns the email address of the
621	385f188a	Andreas	* currently logged in user.
622	385f188a	Andreas	* @return string
623	57ce528e	Andreas	*/
624	385f188a	Andreas	public function get_my_email()
625	57ce528e	Andreas	{
626	69f0963f	Andreas	/* if no user is logged in yet, return */
627	69f0963f	Andreas	if(!isset($_SESSION['login_name']))
628	69f0963f	Andreas	return NULL;
629	69f0963f	Andreas
630	57ce528e	Andreas	$row = $this->db->db_fetchSingleRow("
631	57ce528e	Andreas	SELECT user_email
632	57ce528e	Andreas	FROM nephthys_users
633	b77ba60d	Andreas	WHERE user_name LIKE '". $_SESSION['login_name'] ."'
634	57ce528e	Andreas	");
635	57ce528e	Andreas
636	57ce528e	Andreas	if(isset($row->user_email)) {
637	57ce528e	Andreas	return $row->user_email;
638	57ce528e	Andreas	}
639	57ce528e	Andreas
640	c8a1fee6	Andreas	return NULL;
641	57ce528e	Andreas
642	385f188a	Andreas	} // get_my_email()
643	57ce528e	Andreas
644	da8cd0c3	Andreas	/**
645	5453eb2a	Andreas	* return all user details for the provided user_name
646	5453eb2a	Andreas	*/
647	28a2b576	Andreas	private function get_user_details_by_name($user_name)
648	5453eb2a	Andreas	{
649	5453eb2a	Andreas	if($user = $this->db->db_fetchSingleRow("
650	5453eb2a	Andreas	SELECT *
651	5453eb2a	Andreas	FROM nephthys_users
652	5453eb2a	Andreas	WHERE
653	dfa353f7	Andreas	user_name LIKE '". $user_name ."'")) {
654	5453eb2a	Andreas
655	5453eb2a	Andreas	return $user;
656	5453eb2a	Andreas	}
657	5453eb2a	Andreas
658	5453eb2a	Andreas	return NULL;
659	5453eb2a	Andreas
660	28a2b576	Andreas	} // get_user_detail_by_name()
661	28a2b576	Andreas
662	28a2b576	Andreas	/**
663	28a2b576	Andreas	* return all user details for the provided user_idx
664	28a2b576	Andreas	*/
665	28a2b576	Andreas	private function get_user_details_by_idx($user_idx)
666	28a2b576	Andreas	{
667	28a2b576	Andreas	if($user = $this->db->db_fetchSingleRow("
668	28a2b576	Andreas	SELECT *
669	28a2b576	Andreas	FROM nephthys_users
670	28a2b576	Andreas	WHERE
671	dfa353f7	Andreas	user_idx LIKE '". $user_idx ."'")) {
672	28a2b576	Andreas
673	28a2b576	Andreas	return $user;
674	28a2b576	Andreas	}
675	28a2b576	Andreas
676	28a2b576	Andreas	return NULL;
677	28a2b576	Andreas
678	5453eb2a	Andreas	} // get_user_details()
679	5453eb2a	Andreas
680	5453eb2a	Andreas	/**
681	28a2b576	Andreas	* returns user name
682	72c89ff1	Andreas	*
683	72c89ff1	Andreas	* @return string
684	28a2b576	Andreas	*/
685	28a2b576	Andreas	public function get_user_name($user_idx)
686	28a2b576	Andreas	{
687	28a2b576	Andreas	if($user = $this->get_user_details_by_idx($user_idx)) {
688	28a2b576	Andreas	return $user->user_name;
689	28a2b576	Andreas	}
690	28a2b576	Andreas
691	c8a1fee6	Andreas	return NULL;
692	3fe16550	Andreas
693	3fe16550	Andreas	} // get_user_name()
694	28a2b576	Andreas
695	28a2b576	Andreas	/**
696	72c89ff1	Andreas	* return the specified users full name
697	72c89ff1	Andreas	*
698	72c89ff1	Andreas	* @return string
699	72c89ff1	Andreas	*/
700	72c89ff1	Andreas	public function get_user_fullname($user_idx)
701	72c89ff1	Andreas	{
702	72c89ff1	Andreas	if($user = $this->get_user_details_by_idx($user_idx)) {
703	72c89ff1	Andreas	return $user->user_full_name;
704	72c89ff1	Andreas	}
705	72c89ff1	Andreas
706	72c89ff1	Andreas	return NULL;
707	72c89ff1	Andreas
708	72c89ff1	Andreas	} // get_user_fullname()
709	72c89ff1	Andreas
710	72c89ff1	Andreas	/**
711	28a2b576	Andreas	* returns user privilege
712	28a2b576	Andreas	*/
713	28a2b576	Andreas	public function get_user_priv($user_idx)
714	28a2b576	Andreas	{
715	28a2b576	Andreas	if($user = $this->get_user_details_by_idx($user_idx)) {
716	28a2b576	Andreas	return $user->user_priv;
717	28a2b576	Andreas	}
718	28a2b576	Andreas
719	28a2b576	Andreas	return NULL;
720	3fe16550	Andreas
721	3fe16550	Andreas	} // get_user_priv()
722	28a2b576	Andreas
723	28a2b576	Andreas	/**
724	017c4db4	Andreas	* returns users default expiration time
725	017c4db4	Andreas	*/
726	017c4db4	Andreas	public function get_user_expire($user_idx)
727	017c4db4	Andreas	{
728	017c4db4	Andreas	if($user = $this->get_user_details_by_idx($user_idx)) {
729	017c4db4	Andreas	return $user->user_default_expire;
730	017c4db4	Andreas	}
731	385f188a	Andreas
732	017c4db4	Andreas	return NULL;
733	017c4db4	Andreas
734	017c4db4	Andreas	} // get_user_expire()
735	017c4db4	Andreas
736	017c4db4	Andreas	/**
737	da8cd0c3	Andreas	* returns true if a user is logged in, otherwise false
738	da8cd0c3	Andreas	*/
739	123b4741	Andreas	public function is_logged_in()
740	da8cd0c3	Andreas	{
741	b77ba60d	Andreas	if(isset($_SESSION['login_name']) && !empty($_SESSION['login_name']) &&
742	b77ba60d	Andreas	$this->is_valid_user($_SESSION['login_name'])) {
743	5453eb2a	Andreas
744	da8cd0c3	Andreas	return true;
745	da8cd0c3	Andreas
746	5453eb2a	Andreas	}
747	5453eb2a	Andreas
748	da8cd0c3	Andreas	return false;
749	da8cd0c3	Andreas
750	da8cd0c3	Andreas	} // is_logged_in()
751	da8cd0c3	Andreas
752	5453eb2a	Andreas	/**
753	5453eb2a	Andreas	* return true if the user exists
754	5453eb2a	Andreas	*/
755	5453eb2a	Andreas	private function is_valid_user($user_name)
756	5453eb2a	Andreas	{
757	5453eb2a	Andreas	if($this->db->db_fetchSingleRow("
758	5453eb2a	Andreas	SELECT user_idx
759	5453eb2a	Andreas	FROM nephthys_users
760	5453eb2a	Andreas	WHERE user_name LIKE '". $user_name ."'
761	5453eb2a	Andreas	")) {
762	5453eb2a	Andreas
763	5453eb2a	Andreas	return true;
764	5453eb2a	Andreas
765	5453eb2a	Andreas	}
766	5453eb2a	Andreas
767	5453eb2a	Andreas	return false;
768	5453eb2a	Andreas
769	5453eb2a	Andreas	} // is_valid_user()
770	5453eb2a	Andreas
771	da8cd0c3	Andreas	/***
772	8f9d867a	Andreas	* validates all provided email addresses.
773	8f9d867a	Andreas	* multiple email addresses are seperated by comma
774	8f9d867a	Andreas	*
775	8f9d867a	Andreas	* @param string $email
776	8f9d867a	Andreas	* @return boolean
777	8f9d867a	Andreas	*/
778	8f9d867a	Andreas	public function is_valid_email($email)
779	8f9d867a	Andreas	{
780	8f9d867a	Andreas	/* only one email address? */
781	8f9d867a	Andreas	if(strstr($email, ',') === false)
782	8f9d867a	Andreas	return $this->validate_email($email);
783	8f9d867a	Andreas
784	8f9d867a	Andreas	/* multiple email addresses */
785	7831391e	Andreas	$emails = preg_split("/,/", $email);
786	7831391e	Andreas
787	7831391e	Andreas	if(!is_array($emails) \|\| empty($emails))
788	7831391e	Andreas	return false;
789	7831391e	Andreas
790	8f9d867a	Andreas	foreach($emails as $email_addr) {
791	a17e2908	Andreas
792	a17e2908	Andreas	$email_addr = trim($email_addr);
793	8f9d867a	Andreas	/* return as soon as an invalid address has been found */
794	8f9d867a	Andreas	if(!$this->validate_email($email_addr))
795	8f9d867a	Andreas	return false;
796	8f9d867a	Andreas	}
797	8f9d867a	Andreas	return true;
798	8f9d867a	Andreas
799	8f9d867a	Andreas	} // is_valid_email()
800	8f9d867a	Andreas
801	8f9d867a	Andreas	/***
802	da8cd0c3	Andreas	* verify email address
803	da8cd0c3	Andreas	*
804	da8cd0c3	Andreas	* found on: http://www.ilovejackdaniels.com/php/email-address-validation/
805	da8cd0c3	Andreas	*/
806	fda203d7	Andreas	public function validate_email($email)
807	da8cd0c3	Andreas	{
808	f7b0ea3d	Andreas	/* if email has been entered in the format
809	f7b0ea3d	Andreas	fullname <email-address>
810	f7b0ea3d	Andreas	then we need to extract the address first
811	f7b0ea3d	Andreas	*/
812	f7b0ea3d	Andreas	if(preg_match('/^(.+)\s\<(.+)\>/', $email, $matches)) {
813	f7b0ea3d	Andreas	$email = $matches[2];
814	f7b0ea3d	Andreas	}
815	f7b0ea3d	Andreas
816	da8cd0c3	Andreas	//if php version < 5.2
817	da8cd0c3	Andreas	if ( version_compare( phpversion(), "5.2","<" ) ) {
818	da8cd0c3	Andreas	// First, we check that there's one @ symbol, and that the lengths are right
819	7831391e	Andreas	if (!preg_match("/^[^@]{1,64}@[^@]{1,255}$/", $email)) {
820	da8cd0c3	Andreas	// Email invalid because wrong number of characters in one section, or wrong number of @ symbols.
821	da8cd0c3	Andreas	return false;
822	da8cd0c3	Andreas	}
823	da8cd0c3	Andreas	// Split it into sections to make life easier
824	da8cd0c3	Andreas	$email_array = explode("@", $email);
825	da8cd0c3	Andreas	$local_array = explode(".", $email_array[0]);
826	da8cd0c3	Andreas	for ($i = 0; $i < sizeof($local_array); $i++) {
827	7831391e	Andreas	if (!preg_match("/^(([A-Za-z0-9!#$%&'+/=?^_`{\|}~-][A-Za-z0-9!#$%&'+/=?^_`{\|}~\.-]{0,63})\|(\"[^(\\\|\")]{0,62}\"))$/", $local_array[$i])) {
828	da8cd0c3	Andreas	return false;
829	da8cd0c3	Andreas	}
830	da8cd0c3	Andreas	}
831	7831391e	Andreas	if (!preg_match("/^\[?[0-9\.]+\]?$/", $email_array[1])) { // Check if domain is IP. If not, it should be valid domain name
832	da8cd0c3	Andreas	$domain_array = explode(".", trim($email_array[1]));
833	da8cd0c3	Andreas	if (sizeof($domain_array) < 2) {
834	da8cd0c3	Andreas	return false; // Not enough parts to domain
835	da8cd0c3	Andreas	}
836	da8cd0c3	Andreas	for ($i = 0; $i < sizeof($domain_array); $i++) {
837	7831391e	Andreas	if (!preg_match("/^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])\|([A-Za-z0-9]+))$/", $domain_array[$i])) {
838	da8cd0c3	Andreas	return false;
839	da8cd0c3	Andreas	}
840	da8cd0c3	Andreas	}
841	da8cd0c3	Andreas	} else {
842	da8cd0c3	Andreas	//regular expression verifies that each component is a number from 1 to 3 characters in length
843	7831391e	Andreas	if (!preg_match("/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/", $email_array[1])){
844	da8cd0c3	Andreas	return false;
845	da8cd0c3	Andreas	}
846	da8cd0c3	Andreas	}
847	da8cd0c3	Andreas	} else if ( filter_var( $email, FILTER_VALIDATE_EMAIL ) === false ){
848	da8cd0c3	Andreas	return false;
849	da8cd0c3	Andreas	}
850	da8cd0c3	Andreas	return true;
851	da8cd0c3	Andreas
852	fda203d7	Andreas	} // validate_email()
853	da8cd0c3	Andreas
854	da8cd0c3	Andreas	/**
855	da8cd0c3	Andreas	* generates a SHA-1 hash from the provided parameters
856	da8cd0c3	Andreas	* and some random stuff
857	da8cd0c3	Andreas	*/
858	f49348b2	Andreas	public function get_sha_hash($sender, $receiver = false)
859	da8cd0c3	Andreas	{
860	a41f9d49	Andreas	if(!$receiver)
861	a41f9d49	Andreas	$receiver = mktime();
862	a41f9d49	Andreas
863	da8cd0c3	Andreas	return sha1($sender . $receiver . rand(0, 32768));
864	da8cd0c3	Andreas
865	a41f9d49	Andreas	} // get_sha_hash()
866	da8cd0c3	Andreas
867	848b4dbd	Andreas	public function notifybucket()
868	dde393b3	Andreas	{
869	8569ba82	Andreas	if(isset($_POST['id']) && is_numeric($_POST['id'])) {
870	8569ba82	Andreas	$bucket = new NEPHTHYS_BUCKETS($_POST['id']);
871	07133b9a	Andreas	return $bucket->notify();
872	8569ba82	Andreas	}
873	dde393b3	Andreas
874	07133b9a	Andreas	return "unkown bucket";
875	07133b9a	Andreas
876	848b4dbd	Andreas	} // notifybucket()
877	dde393b3	Andreas
878	a41f9d49	Andreas	/**
879	108c5139	Andreas	* load Nephthys configuration file
880	108c5139	Andreas	*/
881	108c5139	Andreas	private function load_config()
882	108c5139	Andreas	{
883	108c5139	Andreas	ini_set('track_errors', 1);
884	108c5139	Andreas	@include_once "nephthys_cfg.php";
885	108c5139	Andreas	if(isset($php_errormsg) && preg_match('/Failed opening.*for inclusion/i', $php_errormsg)) {
886	b340940a	Andreas	$this->_error("Can't read nephthys_cfg.php or have no permission to do it. Follow the documentation");
887	b340940a	Andreas	$this->_error("create nephthys_cfg.php from nephthys_cfg.php.dist");
888	108c5139	Andreas	return false;
889	108c5139	Andreas	}
890	108c5139	Andreas	ini_restore('track_errors');
891	108c5139	Andreas
892	108c5139	Andreas	$this->cfg = new NEPHTHYS_CFG;
893	108c5139	Andreas
894	108c5139	Andreas	/* verify config settings */
895	108c5139	Andreas	if($this->check_config_options()) {
896	108c5139	Andreas	return false;
897	108c5139	Andreas	}
898	108c5139	Andreas
899	108c5139	Andreas	/* set application name and version information */
900	108c5139	Andreas	$this->cfg->product = "Nephthys";
901	e91f7854	Andreas	$this->cfg->version = "1.6";
902	385f188a	Andreas	$this->cfg->db_version = 7;
903	108c5139	Andreas
904	108c5139	Andreas	return true;
905	108c5139	Andreas
906	108c5139	Andreas	} // load_config()
907	108c5139	Andreas
908	5453eb2a	Andreas	/**
909	5453eb2a	Andreas	* check login
910	9ea98166	Andreas	*
911	9ea98166	Andreas	* this function gets called via RPC to verify users entered
912	9ea98166	Andreas	* credential informations and permit or deny finally login.
913	9ea98166	Andreas	* @return string
914	5453eb2a	Andreas	*/
915	c8a1fee6	Andreas	public function login()
916	5453eb2a	Andreas	{
917	b77ba60d	Andreas	if(isset($_POST['login_name']) && !empty($_POST['login_name']) &&
918	b77ba60d	Andreas	isset($_POST['login_pass']) && !empty($_POST['login_pass'])) {
919	5453eb2a	Andreas
920	dfa353f7	Andreas	/* get user details */
921	b77ba60d	Andreas	if($user = $this->get_user_details_by_name($_POST['login_name'])) {
922	dfa353f7	Andreas
923	dfa353f7	Andreas	/* reject inactive users */
924	dfa353f7	Andreas	if($user->user_active != 'Y')
925	c70b4618	Andreas	return $this->_("##FAILURE_USER_LOGON##");
926	dfa353f7	Andreas
927	dfa353f7	Andreas	/* do not allow auto-created users to login (they have no password set...) */
928	69f0963f	Andreas	if($user->user_auto_created != 'Y' &&
929	a1eea52e	Andreas	$user->user_pass == sha1($_POST['login_pass'])) {
930	dfa353f7	Andreas
931	b77ba60d	Andreas	$_SESSION['login_name'] = $_POST['login_name'];
932	b77ba60d	Andreas	$_SESSION['login_idx'] = $user->user_idx;
933	5453eb2a	Andreas
934	9ea98166	Andreas	/* update the last login time of this user */
935	9ea98166	Andreas	$this->update_last_login($user->user_idx);
936	9ea98166	Andreas
937	c70b4618	Andreas	return "ok";
938	5453eb2a	Andreas	}
939	5453eb2a	Andreas	else {
940	c70b4618	Andreas	return $this->_("##FAILURE_PASSWORD##");
941	5453eb2a	Andreas	}
942	5453eb2a	Andreas	}
943	5453eb2a	Andreas	else {
944	c70b4618	Andreas	return $this->_("##FAILURE_USER_LOGON##");
945	5453eb2a	Andreas	}
946	5453eb2a	Andreas	}
947	5453eb2a	Andreas	else {
948	c70b4618	Andreas	return $this->_("##FAILURE_USER_PASS##");
949	5453eb2a	Andreas	}
950	5453eb2a	Andreas
951	5453eb2a	Andreas	} // check_login()
952	5453eb2a	Andreas
953	5453eb2a	Andreas	/**
954	5453eb2a	Andreas	* destroy the current user session to force logout
955	5453eb2a	Andreas	*/
956	c8a1fee6	Andreas	public function logout()
957	5453eb2a	Andreas	{
958	5453eb2a	Andreas	foreach($_SESSION as $k => $v) {
959	5453eb2a	Andreas	unset($_SESSION[$k]);
960	5453eb2a	Andreas	}
961	5453eb2a	Andreas
962	5453eb2a	Andreas	session_destroy();
963	5453eb2a	Andreas
964	c8a1fee6	Andreas	return "ok";
965	c8a1fee6	Andreas
966	5453eb2a	Andreas	} // destroySession()
967	5453eb2a	Andreas
968	6ca17b5b	Andreas	/**
969	0a410f73	Andreas	* returns true if the requests user privilege is matching
970	0a410f73	Andreas	* with the actually user privileges
971	0a410f73	Andreas	*/
972	0a410f73	Andreas	public function check_privileges($priv)
973	0a410f73	Andreas	{
974	70c9514a	Andreas	if(!isset($_SESSION['login_idx']))
975	70c9514a	Andreas	return false;
976	70c9514a	Andreas
977	b77ba60d	Andreas	if($user = $this->get_user_details_by_idx($_SESSION['login_idx'])) {
978	0a410f73	Andreas	if($user->user_priv == $priv)
979	0a410f73	Andreas	return true;
980	0a410f73	Andreas	}
981	0a410f73	Andreas	return false;
982	0a410f73	Andreas
983	0a410f73	Andreas	} // check_privileges()
984	0a410f73	Andreas
985	0a410f73	Andreas	/**
986	2bf77cf3	Andreas	* user has permission for long-time buckets
987	2bf77cf3	Andreas	*
988	2bf77cf3	Andreas	* this function returns true, if the user is allowed to
989	2bf77cf3	Andreas	* create long-time buckets while he has only "user" privileges.
990	2bf77cf3	Andreas	*/
991	2bf77cf3	Andreas	public function has_bucket_privileges()
992	2bf77cf3	Andreas	{
993	2bf77cf3	Andreas	if($user = $this->get_user_details_by_idx($_SESSION['login_idx'])) {
994	2bf77cf3	Andreas	if($user->user_priv_expire == 'Y')
995	2bf77cf3	Andreas	return true;
996	2bf77cf3	Andreas	}
997	2bf77cf3	Andreas
998	2bf77cf3	Andreas	return false;
999	2bf77cf3	Andreas
1000	2bf77cf3	Andreas	} // has_bucket_privileges()
1001	2bf77cf3	Andreas
1002	2bf77cf3	Andreas	/**
1003	d0f1d464	Andreas	* returns true, if user is owner of the supplied bucket
1004	d0f1d464	Andreas	*/
1005	d0f1d464	Andreas	public function is_bucket_owner($bucket_idx)
1006	d0f1d464	Andreas	{
1007	38942587	Andreas	if($this->get_user_priv($_SESSION['login_idx']) == "admin")
1008	38942587	Andreas	return true;
1009	38942587	Andreas
1010	6dbb8bdb	Andreas	if($this->get_user_priv($_SESSION['login_idx']) == "manager")
1011	6dbb8bdb	Andreas	return true;
1012	6dbb8bdb	Andreas
1013	d0f1d464	Andreas	if($bucket = $this->db->db_fetchSingleRow("
1014	d0f1d464	Andreas	SELECT *
1015	d0f1d464	Andreas	FROM nephthys_buckets
1016	d0f1d464	Andreas	WHERE bucket_idx LIKE '". $bucket_idx ."'
1017	d0f1d464	Andreas	")) {
1018	d0f1d464	Andreas
1019	b77ba60d	Andreas	if($bucket->bucket_owner == $_SESSION['login_idx'])
1020	d0f1d464	Andreas	return true;
1021	d0f1d464	Andreas	}
1022	d0f1d464	Andreas
1023	d0f1d464	Andreas	return false;
1024	d0f1d464	Andreas
1025	d0f1d464	Andreas	} // is_bucket_owner()
1026	d0f1d464	Andreas
1027	d8166861	Andreas	/**
1028	2e1a2b6f	Andreas	* check if current user is owner of contact
1029	2e1a2b6f	Andreas	*
1030	2e1a2b6f	Andreas	* this function returns true, if the current user is owner
1031	2e1a2b6f	Andreas	* of the supplied address-book contact. Otherwise it will
1032	2e1a2b6f	Andreas	* return false
1033	2e1a2b6f	Andreas	*
1034	2e1a2b6f	Andreas	* @param int $bucket_idx
1035	2e1a2b6f	Andreas	* @return bool
1036	2e1a2b6f	Andreas	*/
1037	2e1a2b6f	Andreas	public function is_contact_owner($contact_idx)
1038	2e1a2b6f	Andreas	{
1039	2e1a2b6f	Andreas	if($contact = $this->db->db_fetchSingleRow("
1040	2e1a2b6f	Andreas	SELECT *
1041	2e1a2b6f	Andreas	FROM nephthys_addressbook
1042	2e1a2b6f	Andreas	WHERE contact_idx LIKE '". $contact_idx ."'
1043	2e1a2b6f	Andreas	")) {
1044	2e1a2b6f	Andreas
1045	2e1a2b6f	Andreas	if($contact->contact_owner == $_SESSION['login_idx'])
1046	2e1a2b6f	Andreas	return true;
1047	2e1a2b6f	Andreas	}
1048	2e1a2b6f	Andreas
1049	2e1a2b6f	Andreas	return false;
1050	2e1a2b6f	Andreas
1051	2e1a2b6f	Andreas	} // is_contact_owner()
1052	2e1a2b6f	Andreas
1053	2e1a2b6f	Andreas	/**
1054	d8166861	Andreas	* returns true if the requested user exists
1055	d8166861	Andreas	*/
1056	d8166861	Andreas	public function check_user_exists($user_name)
1057	d8166861	Andreas	{
1058	cc1b5b35	Andreas	switch($this->cfg->db_type) {
1059	cc1b5b35	Andreas	default:
1060	cc1b5b35	Andreas	case 'mysql':
1061	cc1b5b35	Andreas	/* MySQL does case-censetive search by adding BINARY... */
1062	cc1b5b35	Andreas	if($this->db->db_fetchSingleRow("
1063	cc1b5b35	Andreas	SELECT user_idx
1064	cc1b5b35	Andreas	FROM nephthys_users
1065	cc1b5b35	Andreas	WHERE
1066	cc1b5b35	Andreas	user_name LIKE BINARY '". $user_name ."'
1067	cc1b5b35	Andreas	")) {
1068	cc1b5b35	Andreas	return true;
1069	cc1b5b35	Andreas	}
1070	cc1b5b35	Andreas	break;
1071	cc1b5b35	Andreas	case 'sqlite':
1072	cc1b5b35	Andreas	if($this->db->db_fetchSingleRow("
1073	cc1b5b35	Andreas	SELECT user_idx
1074	cc1b5b35	Andreas	FROM nephthys_users
1075	cc1b5b35	Andreas	WHERE
1076	cc1b5b35	Andreas	user_name LIKE '". $user_name ."'
1077	cc1b5b35	Andreas	")) {
1078	cc1b5b35	Andreas	return true;
1079	cc1b5b35	Andreas	}
1080	cc1b5b35	Andreas	break;
1081	d8166861	Andreas	}
1082	d8166861	Andreas
1083	d8166861	Andreas	return false;
1084	d8166861	Andreas
1085	d8166861	Andreas	} // check_user_exists()
1086	d8166861	Andreas
1087	179e92c0	Andreas	public function _error($text)
1088	179e92c0	Andreas	{
1089	179e92c0	Andreas	switch($this->cfg->logging) {
1090	179e92c0	Andreas	default:
1091	179e92c0	Andreas	case 'display':
1092	17ed2c1e	Andreas	print $text;
1093	17ed2c1e	Andreas	if(!$this->is_cmdline())
1094	17ed2c1e	Andreas	print "<br />";
1095	17ed2c1e	Andreas	print "\n";
1096	179e92c0	Andreas	break;
1097	179e92c0	Andreas	case 'errorlog':
1098	179e92c0	Andreas	error_log($text);
1099	179e92c0	Andreas	break;
1100	179e92c0	Andreas	case 'logfile':
1101	179e92c0	Andreas	error_log($text, 3, $his->cfg->log_file);
1102	179e92c0	Andreas	break;
1103	179e92c0	Andreas	}
1104	179e92c0	Andreas
1105	179e92c0	Andreas	$this->runtime_error = true;
1106	179e92c0	Andreas
1107	179e92c0	Andreas	} // _error()
1108	d8166861	Andreas
1109	092b8a0f	Andreas	/**
1110	c1c2fe26	Andreas	* generate complete bucket URL
1111	c1c2fe26	Andreas	*
1112	c1c2fe26	Andreas	* This function generates a complete URL to a specified
1113	c1c2fe26	Andreas	* bucket provided via its hash value. It will either
1114	c1c2fe26	Andreas	* return a WebDAV or FTP URL (specified by type).
1115	c1c2fe26	Andreas	*
1116	c1c2fe26	Andreas	* @param string $type
1117	c1c2fe26	Andreas	* @param string $hash
1118	c1c2fe26	Andreas	* @return string
1119	092b8a0f	Andreas	*/
1120	092b8a0f	Andreas	public function get_url($type, $hash)
1121	092b8a0f	Andreas	{
1122	092b8a0f	Andreas	switch($type) {
1123	092b8a0f	Andreas	case 'ftp':
1124	eef6b66a	Andreas	$url = "ftp://". $this->cfg->servername;
1125	092b8a0f	Andreas	break;
1126	092b8a0f	Andreas	case 'dav':
1127	c1c2fe26	Andreas	/* should a HTTPS URL be generated? */
1128	c1c2fe26	Andreas	if(isset($this->cfg->use_https) && !empty($this->cfg->use_https))
1129	c1c2fe26	Andreas	$url = "https://";
1130	c1c2fe26	Andreas	else
1131	c1c2fe26	Andreas	$url = "http://";
1132	eef6b66a	Andreas	$url.= $this->cfg->servername;
1133	eef6b66a	Andreas	break;
1134	eef6b66a	Andreas	case 'dav_vista':
1135	eef6b66a	Andreas	/* should a HTTPS URL be generated? */
1136	eef6b66a	Andreas	if(isset($this->cfg->use_https) && !empty($this->cfg->use_https))
1137	eef6b66a	Andreas	$url = "\\\\". $this->cfg->servername ."@SSL\DavWWWRoot";
1138	eef6b66a	Andreas	else
1139	eef6b66a	Andreas	$url = "\\\\". $this->cfg->servername ."\DavWWWRoot";
1140	092b8a0f	Andreas	break;
1141	092b8a0f	Andreas	}
1142	092b8a0f	Andreas
1143	092b8a0f	Andreas	switch($type) {
1144	092b8a0f	Andreas	case 'ftp':
1145	eef6b66a	Andreas	$url.= $this->cfg->ftp_path ."/". $hash ."/";
1146	092b8a0f	Andreas	break;
1147	092b8a0f	Andreas	case 'dav':
1148	eef6b66a	Andreas	$url.= $this->cfg->dav_path ."/". $hash ."/";
1149	eef6b66a	Andreas	break;
1150	eef6b66a	Andreas	case 'dav_vista';
1151	eef6b66a	Andreas	$url = str_replace("/", "\\", $url);
1152	eef6b66a	Andreas	$url.= "\\". $hash ."\\";
1153	092b8a0f	Andreas	break;
1154	092b8a0f	Andreas	}
1155	092b8a0f	Andreas
1156	092b8a0f	Andreas	return $url;
1157	092b8a0f	Andreas
1158	092b8a0f	Andreas	} // get_url()
1159	092b8a0f	Andreas
1160	a1eea52e	Andreas	/**
1161	a1eea52e	Andreas	* create user
1162	a1eea52e	Andreas	* @param string $username
1163	a1eea52e	Andreas	* @return object
1164	a1eea52e	Andreas	*/
1165	a1eea52e	Andreas	private function create_user($username)
1166	a1eea52e	Andreas	{
1167	b1fa0a38	Andreas	$sth = $this->db->db_prepare("
1168	a1eea52e	Andreas	INSERT INTO nephthys_users (
1169	cc1b5b35	Andreas	user_idx, user_name, user_priv,
1170	ec4319a4	Andreas	user_active, user_auto_created,
1171	ec4319a4	Andreas	user_deny_chpwd
1172	a1eea52e	Andreas	) VALUES (
1173	ec4319a4	Andreas	NULL, ?, 'user', 'Y', 'Y', 'Y'
1174	a1eea52e	Andreas	)
1175	a1eea52e	Andreas	");
1176	a1eea52e	Andreas
1177	b1fa0a38	Andreas	$this->db->db_execute($sth, array($username));
1178	b1fa0a38	Andreas
1179	e0b9dfb7	Andreas	return $this->db->db_getid();
1180	e0b9dfb7	Andreas
1181	a1eea52e	Andreas	} // create_user()
1182	092b8a0f	Andreas
1183	a7e2fd8c	Andreas	/**
1184	a7e2fd8c	Andreas	* return true if user is auto-created
1185	a7e2fd8c	Andreas	* @param integer $idx
1186	a7e2fd8c	Andreas	* @return boolean
1187	a7e2fd8c	Andreas	*/
1188	a7e2fd8c	Andreas	public function is_auto_created($user_idx)
1189	a7e2fd8c	Andreas	{
1190	a7e2fd8c	Andreas	if($user = $this->db->db_fetchSingleRow("
1191	a7e2fd8c	Andreas	SELECT user_auto_created
1192	a7e2fd8c	Andreas	FROM nephthys_users
1193	a7e2fd8c	Andreas	WHERE
1194	a7e2fd8c	Andreas	user_idx LIKE '". $user_idx ."'
1195	a7e2fd8c	Andreas	")) {
1196	a7e2fd8c	Andreas
1197	a7e2fd8c	Andreas	if(isset($user->user_auto_created) && $user->user_auto_created == 'Y')
1198	a7e2fd8c	Andreas	return true;
1199	a7e2fd8c	Andreas
1200	a7e2fd8c	Andreas	}
1201	a7e2fd8c	Andreas
1202	f579c2b0	Andreas	return false;
1203	a7e2fd8c	Andreas
1204	a7e2fd8c	Andreas	} // is_auto_created()
1205	a7e2fd8c	Andreas
1206	fff2a093	Andreas	/**
1207	ec4319a4	Andreas	* return true if user is _not_ allowed to change its password
1208	ec4319a4	Andreas	* @param integer $idx
1209	ec4319a4	Andreas	* @return boolean
1210	ec4319a4	Andreas	*/
1211	ec4319a4	Andreas	public function is_deny_chpwd($user_idx)
1212	ec4319a4	Andreas	{
1213	ec4319a4	Andreas	if($user = $this->db->db_fetchSingleRow("
1214	ec4319a4	Andreas	SELECT user_deny_chpwd
1215	ec4319a4	Andreas	FROM nephthys_users
1216	ec4319a4	Andreas	WHERE
1217	ec4319a4	Andreas	user_idx LIKE '". $user_idx ."'
1218	ec4319a4	Andreas	")) {
1219	ec4319a4	Andreas
1220	ec4319a4	Andreas	if(isset($user->user_deny_chpwd) && $user->user_deny_chpwd == 'Y')
1221	ec4319a4	Andreas	return true;
1222	ec4319a4	Andreas
1223	ec4319a4	Andreas	}
1224	ec4319a4	Andreas
1225	ec4319a4	Andreas	return false;
1226	ec4319a4	Andreas
1227	ec4319a4	Andreas	} // is_deny_chpwd()
1228	ec4319a4	Andreas
1229	ec4319a4	Andreas	/**
1230	fff2a093	Andreas	* check if called from command line
1231	fff2a093	Andreas	*
1232	fff2a093	Andreas	* this function will return true, if called from command line
1233	fff2a093	Andreas	* otherwise false.
1234	fff2a093	Andreas	* @return boolean
1235	fff2a093	Andreas	*/
1236	fff2a093	Andreas	private function is_cmdline()
1237	fff2a093	Andreas	{
1238	47e5d746	Andreas	if(isset($_ENV['SHELL']) && !empty($_ENV['SHELL']))
1239	fff2a093	Andreas	return true;
1240	fff2a093	Andreas
1241	fff2a093	Andreas	return false;
1242	fff2a093	Andreas
1243	fff2a093	Andreas	} // is_cmdline()
1244	fff2a093	Andreas
1245	2bf77cf3	Andreas	/**
1246	2bf77cf3	Andreas	* check Nephthys database
1247	2bf77cf3	Andreas	*
1248	2bf77cf3	Andreas	* this function checks the Nephthys database, if all
1249	2bf77cf3	Andreas	* tables are in place or if an database upgrade has
1250	2bf77cf3	Andreas	* to be done.
1251	2bf77cf3	Andreas	*/
1252	cc1b5b35	Andreas	private function check_db_tables()
1253	cc1b5b35	Andreas	{
1254	2bf77cf3	Andreas	/* The following section checks if the necessary tables exist
1255	2bf77cf3	Andreas	in the database. If not (usually on the first Nephthys run),
1256	2bf77cf3	Andreas	they will be created and filled automatically.
1257	2bf77cf3	Andreas	*/
1258	2bf77cf3	Andreas
1259	cc1b5b35	Andreas	if(!$this->db->db_check_table_exists("nephthys_buckets")) {
1260	cc1b5b35	Andreas	switch($this->cfg->db_type) {
1261	cc1b5b35	Andreas	default:
1262	cc1b5b35	Andreas	case 'mysql':
1263	cc1b5b35	Andreas	$db_create = "CREATE TABLE `nephthys_buckets` (
1264	cc1b5b35	Andreas	`bucket_idx` int(11) NOT NULL auto_increment,
1265	cc1b5b35	Andreas	`bucket_name` varchar(255) default NULL,
1266	cc1b5b35	Andreas	`bucket_sender` varchar(255) default NULL,
1267	cc1b5b35	Andreas	`bucket_receiver` varchar(255) default NULL,
1268	cc1b5b35	Andreas	`bucket_hash` varchar(64) default NULL,
1269	cc1b5b35	Andreas	`bucket_created` int(11) default NULL,
1270	cc1b5b35	Andreas	`bucket_expire` int(11) default NULL,
1271	cc1b5b35	Andreas	`bucket_note` text,
1272	cc1b5b35	Andreas	`bucket_owner` int(11) default NULL,
1273	cc1b5b35	Andreas	`bucket_active` varchar(1) default NULL,
1274	cc1b5b35	Andreas	`bucket_notified` varchar(1) default NULL,
1275	385f188a	Andreas	`bucket_notify_on_expire` varchar(1) default NULL,
1276	cc1b5b35	Andreas	PRIMARY KEY (`bucket_idx`)
1277	cc1b5b35	Andreas	) ENGINE=MyISAM AUTO_INCREMENT=0 DEFAULT CHARSET=utf8;
1278	cc1b5b35	Andreas	";
1279	cc1b5b35	Andreas	break;
1280	cc1b5b35	Andreas	case 'sqlite':
1281	cc1b5b35	Andreas	$db_create = "CREATE TABLE nephthys_buckets (
1282	cc1b5b35	Andreas	bucket_idx INTEGER PRIMARY KEY,
1283	cc1b5b35	Andreas	bucket_name varchar(255),
1284	cc1b5b35	Andreas	bucket_sender varchar(255),
1285	cc1b5b35	Andreas	bucket_receiver varchar(255),
1286	cc1b5b35	Andreas	bucket_hash varchar(64),
1287	cc1b5b35	Andreas	bucket_created int,
1288	cc1b5b35	Andreas	bucket_expire int,
1289	cc1b5b35	Andreas	bucket_note text,
1290	cc1b5b35	Andreas	bucket_owner int,
1291	cc1b5b35	Andreas	bucket_active varchar(1),
1292	385f188a	Andreas	bucket_notified varchar(1),
1293	385f188a	Andreas	bucket_notify_on_expire varchar(1)
1294	cc1b5b35	Andreas	)";
1295	cc1b5b35	Andreas	break;
1296	cc1b5b35	Andreas	}
1297	cc1b5b35	Andreas
1298	cc1b5b35	Andreas	if(!$this->db->db_exec($db_create)) {
1299	cc1b5b35	Andreas	die("Can't create table nephthys_buckets");
1300	cc1b5b35	Andreas	}
1301	cc1b5b35	Andreas	}
1302	cc1b5b35	Andreas
1303	cc1b5b35	Andreas	if(!$this->db->db_check_table_exists("nephthys_users")) {
1304	cc1b5b35	Andreas	switch($this->cfg->db_type) {
1305	cc1b5b35	Andreas	default:
1306	cc1b5b35	Andreas	case 'mysql':
1307	cc1b5b35	Andreas	$db_create = "CREATE TABLE `nephthys_users` (
1308	cc1b5b35	Andreas	`user_idx` int(11) NOT NULL auto_increment,
1309	cc1b5b35	Andreas	`user_name` varchar(255) default NULL,
1310	cc1b5b35	Andreas	`user_full_name` varchar(255) default NULL,
1311	cc1b5b35	Andreas	`user_pass` varchar(255) default NULL,
1312	cc1b5b35	Andreas	`user_email` varchar(255) default NULL,
1313	cc1b5b35	Andreas	`user_priv` varchar(16) default NULL,
1314	cc1b5b35	Andreas	`user_active` varchar(1) default NULL,
1315	cc1b5b35	Andreas	`user_last_login` int(11) default NULL,
1316	cc1b5b35	Andreas	`user_default_expire` int(11) default NULL,
1317	2bf77cf3	Andreas	`user_priv_expire` varchar(1) default NULL,
1318	cc1b5b35	Andreas	`user_auto_created` varchar(1) default NULL,
1319	ec4319a4	Andreas	`user_deny_chpwd` varchar(1) default NULL,
1320	d237bd2f	Andreas	`user_language` varchar(6) default NULL,
1321	cc1b5b35	Andreas	PRIMARY KEY (`user_idx`)
1322	cc1b5b35	Andreas	) ENGINE=MyISAM AUTO_INCREMENT=0 DEFAULT CHARSET=utf8;
1323	cc1b5b35	Andreas	";
1324	cc1b5b35	Andreas	break;
1325	cc1b5b35	Andreas	case 'sqlite':
1326	cc1b5b35	Andreas	$db_create = "CREATE TABLE nephthys_users (
1327	cc1b5b35	Andreas	user_idx INTEGER PRIMARY KEY,
1328	cc1b5b35	Andreas	user_name varchar(255),
1329	cc1b5b35	Andreas	user_full_name varchar(255),
1330	cc1b5b35	Andreas	user_pass varchar(255),
1331	cc1b5b35	Andreas	user_email varchar(255),
1332	cc1b5b35	Andreas	user_priv varchar(16),
1333	cc1b5b35	Andreas	user_active varchar(1),
1334	cc1b5b35	Andreas	user_last_login int,
1335	cc1b5b35	Andreas	user_default_expire int,
1336	2bf77cf3	Andreas	user_priv_expire varchar(1),
1337	d237bd2f	Andreas	user_auto_created varchar(1),
1338	ec4319a4	Andreas	user_deny_chpwd varchar(1),
1339	d237bd2f	Andreas	user_language varchar(6)
1340	cc1b5b35	Andreas	)
1341	cc1b5b35	Andreas	";
1342	cc1b5b35	Andreas	break;
1343	cc1b5b35	Andreas	}
1344	cc1b5b35	Andreas
1345	cc1b5b35	Andreas	if(!$this->db->db_exec($db_create)) {
1346	cc1b5b35	Andreas	die("Can't create table nephthys_users");
1347	cc1b5b35	Andreas	}
1348	cc1b5b35	Andreas
1349	cc1b5b35	Andreas	$this->db->db_exec("
1350	cc1b5b35	Andreas	INSERT INTO nephthys_users
1351	cc1b5b35	Andreas	VALUES (
1352	cc1b5b35	Andreas	NULL,
1353	cc1b5b35	Andreas	'admin',
1354	cc1b5b35	Andreas	'',
1355	cc1b5b35	Andreas	'd033e22ae348aeb5660fc2140aec35850c4da997',
1356	cc1b5b35	Andreas	'',
1357	cc1b5b35	Andreas	'admin',
1358	cc1b5b35	Andreas	'Y',
1359	cc1b5b35	Andreas	NULL,
1360	cc1b5b35	Andreas	7,
1361	5958cad6	Andreas	'N',
1362	5958cad6	Andreas	'N',
1363	5958cad6	Andreas	'N',
1364	fa22c05e	Andreas	'en')
1365	cc1b5b35	Andreas	");
1366	cc1b5b35	Andreas
1367	cc1b5b35	Andreas	}
1368	cc1b5b35	Andreas
1369	c170abeb	Andreas	if(!$this->db->db_check_table_exists("nephthys_meta")) {
1370	c170abeb	Andreas	switch($this->cfg->db_type) {
1371	c170abeb	Andreas	default:
1372	c170abeb	Andreas	case 'mysql':
1373	c170abeb	Andreas	$db_create = "CREATE TABLE `nephthys_meta` (
1374	c170abeb	Andreas	`meta_idx` int(11) NOT NULL auto_increment,
1375	c170abeb	Andreas	`meta_key` varchar(255) default NULL,
1376	c170abeb	Andreas	`meta_value` varchar(255) default NULL,
1377	c170abeb	Andreas	PRIMARY KEY (`meta_idx`)
1378	c170abeb	Andreas	) ENGINE=MyISAM AUTO_INCREMENT=0 DEFAULT CHARSET=utf8;
1379	c170abeb	Andreas	";
1380	c170abeb	Andreas	break;
1381	c170abeb	Andreas	case 'sqlite':
1382	c170abeb	Andreas	$db_create = "CREATE TABLE nephthys_meta (
1383	c170abeb	Andreas	meta_idx INTEGER PRIMARY KEY,
1384	c170abeb	Andreas	meta_key varchar(255),
1385	c170abeb	Andreas	meta_value varchar(255)
1386	c170abeb	Andreas	)";
1387	c170abeb	Andreas	break;
1388	c170abeb	Andreas	}
1389	c170abeb	Andreas
1390	c170abeb	Andreas	if(!$this->db->db_exec($db_create)) {
1391	c170abeb	Andreas	die("Can't create table nephthys_meta");
1392	c170abeb	Andreas	}
1393	c170abeb	Andreas
1394	c170abeb	Andreas	$this->db->db_exec("
1395	c170abeb	Andreas	INSERT INTO nephthys_meta
1396	c170abeb	Andreas	VALUES (
1397	c170abeb	Andreas	NULL,
1398	c170abeb	Andreas	'Nephthys Database Version',
1399	c170abeb	Andreas	'". $this->cfg->db_version ."'
1400	c170abeb	Andreas	)
1401	c170abeb	Andreas	");
1402	c170abeb	Andreas	}
1403	c170abeb	Andreas
1404	d08c99b8	Andreas	if(!$this->db->db_check_table_exists("nephthys_addressbook")) {
1405	d08c99b8	Andreas	switch($this->cfg->db_type) {
1406	d08c99b8	Andreas	default:
1407	d08c99b8	Andreas	case 'mysql':
1408	d08c99b8	Andreas	$db_create = "CREATE TABLE `nephthys_addressbook` (
1409	d08c99b8	Andreas	`contact_idx` int(11) NOT NULL auto_increment,
1410	e5ea37f1	Andreas	`contact_name` varchar(255) default NULL,
1411	d08c99b8	Andreas	`contact_email` varchar(255) default NULL,
1412	d08c99b8	Andreas	`contact_owner` int(11) default NULL,
1413	d08c99b8	Andreas	PRIMARY KEY (`contact_idx`)
1414	d08c99b8	Andreas	) ENGINE=MyISAM AUTO_INCREMENT=0 DEFAULT CHARSET=utf8;
1415	d08c99b8	Andreas	";
1416	d08c99b8	Andreas	break;
1417	d08c99b8	Andreas	case 'sqlite':
1418	d08c99b8	Andreas	$db_create = "CREATE TABLE nephthys_addressbook (
1419	d08c99b8	Andreas	contact_idx INTEGER PRIMARY KEY,
1420	e5ea37f1	Andreas	contact_name varchar(255),
1421	d08c99b8	Andreas	contact_email varchar(255),
1422	d08c99b8	Andreas	contact_owner INTEGER
1423	d08c99b8	Andreas	)";
1424	d08c99b8	Andreas	break;
1425	d08c99b8	Andreas	}
1426	d08c99b8	Andreas
1427	d08c99b8	Andreas	if(!$this->db->db_exec($db_create)) {
1428	d08c99b8	Andreas	die("Can't create table nephthys_meta");
1429	d08c99b8	Andreas	}
1430	d08c99b8	Andreas	}
1431	d08c99b8	Andreas
1432	2bf77cf3	Andreas
1433	2bf77cf3	Andreas	/* The following section keeps track of database upgrades. Nephthys
1434	2bf77cf3	Andreas	notes the database revision in a own table called nephthys_meta.
1435	2bf77cf3	Andreas	*/
1436	2bf77cf3	Andreas
1437	2bf77cf3	Andreas	/* db version 3 */
1438	2bf77cf3	Andreas	if($this->get_db_version() < 3) {
1439	2bf77cf3	Andreas
1440	2bf77cf3	Andreas	/* add bucket-never-expire column to nephthys_users */
1441	36ef2b80	Andreas	switch($this->cfg->db_type) {
1442	36ef2b80	Andreas	default:
1443	36ef2b80	Andreas	case 'mysql':
1444	37f6e2e6	Andreas	$this->db->db_alter_table(
1445	37f6e2e6	Andreas	"nephthys_users",
1446	37f6e2e6	Andreas	"add",
1447	37f6e2e6	Andreas	"user_priv_expire",
1448	600054ed	Andreas	"varchar(1)
1449	600054ed	Andreas	AFTER
1450	600054ed	Andreas	user_default_expire"
1451	37f6e2e6	Andreas	);
1452	36ef2b80	Andreas	break;
1453	600054ed	Andreas	case 'sqlite':
1454	600054ed	Andreas
1455	600054ed	Andreas	/* SQlite v2 does not support ALTER TABLE, so we need
1456	600054ed	Andreas	to take the help of a temporary table.
1457	600054ed	Andreas	*/
1458	600054ed	Andreas	if(!$this->db->db_start_transaction())
1459	600054ed	Andreas	die("Can not start database transaction");
1460	600054ed	Andreas
1461	600054ed	Andreas	$result = $this->db->db_exec("
1462	600054ed	Andreas	CREATE TEMPORARY TABLE nephthys_users_tmp (
1463	600054ed	Andreas	user_idx INTEGER PRIMARY KEY,
1464	600054ed	Andreas	user_name varchar(255),
1465	600054ed	Andreas	user_full_name varchar(255),
1466	600054ed	Andreas	user_pass varchar(255),
1467	600054ed	Andreas	user_email varchar(255),
1468	600054ed	Andreas	user_priv varchar(16),
1469	600054ed	Andreas	user_active varchar(1),
1470	600054ed	Andreas	user_last_login int,
1471	600054ed	Andreas	user_default_expire int,
1472	600054ed	Andreas	user_priv_expire varchar(1),
1473	600054ed	Andreas	user_auto_created varchar(1)
1474	600054ed	Andreas	);
1475	600054ed	Andreas	");
1476	600054ed	Andreas
1477	600054ed	Andreas	if(!$result) {
1478	600054ed	Andreas	$this->db->db_rollback_transaction();
1479	600054ed	Andreas	die("Upgrade failover - tranaction rollback");
1480	600054ed	Andreas	}
1481	600054ed	Andreas
1482	600054ed	Andreas	$result = $this->db->db_exec("
1483	600054ed	Andreas	INSERT INTO nephthys_users_tmp
1484	600054ed	Andreas	SELECT
1485	600054ed	Andreas	user_idx,
1486	600054ed	Andreas	user_name,
1487	600054ed	Andreas	user_full_name,
1488	600054ed	Andreas	user_pass,
1489	600054ed	Andreas	user_email,
1490	600054ed	Andreas	user_priv,
1491	600054ed	Andreas	user_active,
1492	600054ed	Andreas	user_last_login,
1493	600054ed	Andreas	user_default_expire,
1494	600054ed	Andreas	NULL,
1495	600054ed	Andreas	user_auto_created
1496	600054ed	Andreas	FROM nephthys_users;
1497	600054ed	Andreas	");
1498	600054ed	Andreas
1499	600054ed	Andreas	if(!$result) {
1500	600054ed	Andreas	$this->db->db_rollback_transaction();
1501	600054ed	Andreas	die("Upgrade failover - tranaction rollback");
1502	600054ed	Andreas	}
1503	600054ed	Andreas
1504	600054ed	Andreas	$result = $this->db->db_exec("
1505	600054ed	Andreas	DROP TABLE nephthys_users;
1506	600054ed	Andreas	");
1507	600054ed	Andreas
1508	600054ed	Andreas	if(!$result) {
1509	600054ed	Andreas	$this->db->db_rollback_transaction();
1510	600054ed	Andreas	die("Upgrade failover - tranaction rollback");
1511	600054ed	Andreas	}
1512	600054ed	Andreas
1513	600054ed	Andreas	$result = $this->db->db_exec("
1514	600054ed	Andreas	CREATE TABLE nephthys_users (
1515	600054ed	Andreas	user_idx INTEGER PRIMARY KEY,
1516	600054ed	Andreas	user_name varchar(255),
1517	600054ed	Andreas	user_full_name varchar(255),
1518	600054ed	Andreas	user_pass varchar(255),
1519	600054ed	Andreas	user_email varchar(255),
1520	600054ed	Andreas	user_priv varchar(16),
1521	600054ed	Andreas	user_active varchar(1),
1522	600054ed	Andreas	user_last_login int,
1523	600054ed	Andreas	user_default_expire int,
1524	600054ed	Andreas	user_priv_expire varchar(1),
1525	2fabfb38	Andreas	user_auto_created varchar(1)
1526	600054ed	Andreas	);
1527	600054ed	Andreas	");
1528	600054ed	Andreas
1529	600054ed	Andreas	if(!$result) {
1530	600054ed	Andreas	$this->db->db_rollback_transaction();
1531	600054ed	Andreas	die("Upgrade failover - tranaction rollback");
1532	600054ed	Andreas	}
1533	600054ed	Andreas
1534	600054ed	Andreas	$result = $this->db->db_exec("
1535	600054ed	Andreas	INSERT INTO nephthys_users
1536	600054ed	Andreas	SELECT *
1537	600054ed	Andreas	FROM nephthys_users_tmp;
1538	600054ed	Andreas	");
1539	600054ed	Andreas
1540	600054ed	Andreas	if(!$result) {
1541	600054ed	Andreas	$this->db->db_rollback_transaction();
1542	600054ed	Andreas	die("Upgrade failover - tranaction rollback");
1543	600054ed	Andreas	}
1544	600054ed	Andreas
1545	600054ed	Andreas	$result = $this->db->db_exec("
1546	600054ed	Andreas	DROP TABLE nephthys_users_tmp;
1547	600054ed	Andreas	");
1548	600054ed	Andreas
1549	600054ed	Andreas	if(!$result) {
1550	600054ed	Andreas	$this->db->db_rollback_transaction();
1551	600054ed	Andreas	die("Upgrade failover - tranaction rollback");
1552	600054ed	Andreas	}
1553	600054ed	Andreas
1554	600054ed	Andreas	if(!$this->db->db_commit_transaction())
1555	600054ed	Andreas	die("Can not commit database transaction");
1556	600054ed	Andreas
1557	600054ed	Andreas	break;
1558	36ef2b80	Andreas	}
1559	2bf77cf3	Andreas
1560	2bf77cf3	Andreas	$this->set_db_version(3);
1561	2bf77cf3	Andreas
1562	e5ea37f1	Andreas	} /* // db version 3 */
1563	2bf77cf3	Andreas
1564	c70b4618	Andreas	/* db version 4 */
1565	c70b4618	Andreas	if($this->get_db_version() < 4) {
1566	c70b4618	Andreas
1567	c70b4618	Andreas	/* add column user_language to nephthys_users */
1568	c70b4618	Andreas
1569	c70b4618	Andreas	switch($this->cfg->db_type) {
1570	c70b4618	Andreas	default:
1571	c70b4618	Andreas	case 'mysql':
1572	c70b4618	Andreas	$this->db->db_alter_table(
1573	c70b4618	Andreas	"nephthys_users",
1574	c70b4618	Andreas	"add",
1575	c70b4618	Andreas	"user_language",
1576	c70b4618	Andreas	"varchar(6)"
1577	c70b4618	Andreas	);
1578	c70b4618	Andreas	break;
1579	c70b4618	Andreas
1580	c70b4618	Andreas	case 'sqlite':
1581	c70b4618	Andreas
1582	c70b4618	Andreas	/* SQlite v2 does not support ALTER TABLE, so we need
1583	c70b4618	Andreas	to take the help of a temporary table.
1584	c70b4618	Andreas	*/
1585	c70b4618	Andreas	if(!$this->db->db_start_transaction())
1586	c70b4618	Andreas	die("Can not start database transaction");
1587	c70b4618	Andreas
1588	c70b4618	Andreas	$result = $this->db->db_exec("
1589	c70b4618	Andreas	CREATE TEMPORARY TABLE nephthys_users_tmp (
1590	c70b4618	Andreas	user_idx INTEGER PRIMARY KEY,
1591	c70b4618	Andreas	user_name varchar(255),
1592	c70b4618	Andreas	user_full_name varchar(255),
1593	c70b4618	Andreas	user_pass varchar(255),
1594	c70b4618	Andreas	user_email varchar(255),
1595	c70b4618	Andreas	user_priv varchar(16),
1596	c70b4618	Andreas	user_active varchar(1),
1597	c70b4618	Andreas	user_last_login int,
1598	c70b4618	Andreas	user_default_expire int,
1599	c70b4618	Andreas	user_priv_expire varchar(1),
1600	c70b4618	Andreas	user_auto_created varchar(1),
1601	c70b4618	Andreas	user_language varchar(6)
1602	c70b4618	Andreas	);
1603	c70b4618	Andreas	");
1604	c70b4618	Andreas
1605	c70b4618	Andreas	if(!$result) {
1606	c70b4618	Andreas	$this->db->db_rollback_transaction();
1607	c70b4618	Andreas	die("Upgrade failover - tranaction rollback");
1608	c70b4618	Andreas	}
1609	c70b4618	Andreas
1610	c70b4618	Andreas	$result = $this->db->db_exec("
1611	c70b4618	Andreas	INSERT INTO nephthys_users_tmp
1612	c70b4618	Andreas	SELECT
1613	c70b4618	Andreas	user_idx,
1614	c70b4618	Andreas	user_name,
1615	c70b4618	Andreas	user_full_name,
1616	c70b4618	Andreas	user_pass,
1617	c70b4618	Andreas	user_email,
1618	c70b4618	Andreas	user_priv,
1619	c70b4618	Andreas	user_active,
1620	c70b4618	Andreas	user_last_login,
1621	c70b4618	Andreas	user_default_expire,
1622	c70b4618	Andreas	user_priv_expire,
1623	c70b4618	Andreas	user_auto_created,
1624	c70b4618	Andreas	NULL
1625	c70b4618	Andreas	FROM nephthys_users;
1626	c70b4618	Andreas	");
1627	c70b4618	Andreas
1628	c70b4618	Andreas	if(!$result) {
1629	c70b4618	Andreas	$this->db->db_rollback_transaction();
1630	c70b4618	Andreas	die("Upgrade failover - tranaction rollback");
1631	c70b4618	Andreas	}
1632	c70b4618	Andreas
1633	c70b4618	Andreas	$result = $this->db->db_exec("
1634	c70b4618	Andreas	DROP TABLE nephthys_users;
1635	c70b4618	Andreas	");
1636	c70b4618	Andreas
1637	c70b4618	Andreas	if(!$result) {
1638	c70b4618	Andreas	$this->db->db_rollback_transaction();
1639	c70b4618	Andreas	die("Upgrade failover - tranaction rollback");
1640	c70b4618	Andreas	}
1641	c70b4618	Andreas
1642	c70b4618	Andreas	$result = $this->db->db_exec("
1643	c70b4618	Andreas	CREATE TABLE nephthys_users (
1644	c70b4618	Andreas	user_idx INTEGER PRIMARY KEY,
1645	c70b4618	Andreas	user_name varchar(255),
1646	c70b4618	Andreas	user_full_name varchar(255),
1647	c70b4618	Andreas	user_pass varchar(255),
1648	c70b4618	Andreas	user_email varchar(255),
1649	c70b4618	Andreas	user_priv varchar(16),
1650	c70b4618	Andreas	user_active varchar(1),
1651	c70b4618	Andreas	user_last_login int,
1652	c70b4618	Andreas	user_default_expire int,
1653	c70b4618	Andreas	user_priv_expire varchar(1),
1654	c70b4618	Andreas	user_auto_created varchar(1),
1655	c70b4618	Andreas	user_language varchar(6)
1656	c70b4618	Andreas	);
1657	c70b4618	Andreas	");
1658	c70b4618	Andreas
1659	c70b4618	Andreas	if(!$result) {
1660	c70b4618	Andreas	$this->db->db_rollback_transaction();
1661	c70b4618	Andreas	die("Upgrade failover - tranaction rollback");
1662	c70b4618	Andreas	}
1663	c70b4618	Andreas
1664	c70b4618	Andreas	$result = $this->db->db_exec("
1665	c70b4618	Andreas	INSERT INTO nephthys_users
1666	c70b4618	Andreas	SELECT *
1667	c70b4618	Andreas	FROM nephthys_users_tmp;
1668	c70b4618	Andreas	");
1669	c70b4618	Andreas
1670	c70b4618	Andreas	if(!$result) {
1671	c70b4618	Andreas	$this->db->db_rollback_transaction();
1672	c70b4618	Andreas	die("Upgrade failover - tranaction rollback");
1673	c70b4618	Andreas	}
1674	c70b4618	Andreas
1675	c70b4618	Andreas	$result = $this->db->db_exec("
1676	c70b4618	Andreas	DROP TABLE nephthys_users_tmp;
1677	c70b4618	Andreas	");
1678	c70b4618	Andreas
1679	c70b4618	Andreas	if(!$result) {
1680	c70b4618	Andreas	$this->db->db_rollback_transaction();
1681	c70b4618	Andreas	die("Upgrade failover - tranaction rollback");
1682	c70b4618	Andreas	}
1683	c70b4618	Andreas
1684	c70b4618	Andreas	if(!$this->db->db_commit_transaction())
1685	c70b4618	Andreas	die("Can not commit database transaction");
1686	c70b4618	Andreas
1687	c70b4618	Andreas	break;
1688	c70b4618	Andreas	}
1689	c70b4618	Andreas
1690	c70b4618	Andreas	$this->set_db_version(4);
1691	c70b4618	Andreas
1692	e5ea37f1	Andreas	} /* // db version 4 */
1693	e5ea37f1	Andreas
1694	e5ea37f1	Andreas	/* db version 5 */
1695	e5ea37f1	Andreas	if($this->get_db_version() < 5) {
1696	e5ea37f1	Andreas
1697	e5ea37f1	Andreas	/* add column contact_name to nephthys_addressbook */
1698	e5ea37f1	Andreas
1699	e5ea37f1	Andreas	switch($this->cfg->db_type) {
1700	e5ea37f1	Andreas	default:
1701	e5ea37f1	Andreas	case 'mysql':
1702	e5ea37f1	Andreas	$this->db->db_alter_table(
1703	e5ea37f1	Andreas	"nephthys_addressbook",
1704	e5ea37f1	Andreas	"add",
1705	e5ea37f1	Andreas	"contact_name",
1706	e5ea37f1	Andreas	"varchar(255) default NULL"
1707	e5ea37f1	Andreas	);
1708	e5ea37f1	Andreas	break;
1709	e5ea37f1	Andreas
1710	e5ea37f1	Andreas	case 'sqlite':
1711	e5ea37f1	Andreas
1712	e5ea37f1	Andreas	/* SQlite v2 does not support ALTER TABLE, so we need
1713	e5ea37f1	Andreas	to take the help of a temporary table.
1714	e5ea37f1	Andreas	*/
1715	e5ea37f1	Andreas	if(!$this->db->db_start_transaction())
1716	e5ea37f1	Andreas	die("Can not start database transaction");
1717	e5ea37f1	Andreas
1718	e5ea37f1	Andreas	$result = $this->db->db_exec("
1719	e5ea37f1	Andreas	CREATE TEMPORARY TABLE nephthys_addressbook_tmp (
1720	e5ea37f1	Andreas	contact_idx INTEGER PRIMARY KEY,
1721	e5ea37f1	Andreas	contact_name varchar(255),
1722	e5ea37f1	Andreas	contact_email varchar(255),
1723	e5ea37f1	Andreas	contact_owner int
1724	e5ea37f1	Andreas	);
1725	e5ea37f1	Andreas	");
1726	e5ea37f1	Andreas
1727	e5ea37f1	Andreas	if(!$result) {
1728	e5ea37f1	Andreas	$this->db->db_rollback_transaction();
1729	e5ea37f1	Andreas	die("Upgrade failover - tranaction rollback");
1730	e5ea37f1	Andreas	}
1731	e5ea37f1	Andreas
1732	e5ea37f1	Andreas	$result = $this->db->db_exec("
1733	e5ea37f1	Andreas	INSERT INTO nephthys_addressbook_tmp
1734	e5ea37f1	Andreas	SELECT
1735	e5ea37f1	Andreas	contact_idx,
1736	e5ea37f1	Andreas	NULL,
1737	e5ea37f1	Andreas	contact_email,
1738	e5ea37f1	Andreas	contact_owner
1739	e5ea37f1	Andreas	FROM nephthys_addressbook;
1740	e5ea37f1	Andreas	");
1741	e5ea37f1	Andreas
1742	e5ea37f1	Andreas	if(!$result) {
1743	e5ea37f1	Andreas	$this->db->db_rollback_transaction();
1744	e5ea37f1	Andreas	die("Upgrade failover - tranaction rollback");
1745	e5ea37f1	Andreas	}
1746	e5ea37f1	Andreas
1747	e5ea37f1	Andreas	$result = $this->db->db_exec("
1748	e5ea37f1	Andreas	DROP TABLE nephthys_addressbook;
1749	e5ea37f1	Andreas	");
1750	e5ea37f1	Andreas
1751	e5ea37f1	Andreas	if(!$result) {
1752	e5ea37f1	Andreas	$this->db->db_rollback_transaction();
1753	e5ea37f1	Andreas	die("Upgrade failover - tranaction rollback");
1754	e5ea37f1	Andreas	}
1755	e5ea37f1	Andreas
1756	e5ea37f1	Andreas	$result = $this->db->db_exec("
1757	e5ea37f1	Andreas	CREATE TABLE nephthys_addressbook (
1758	e5ea37f1	Andreas	contact_idx INTEGER PRIMARY KEY,
1759	e5ea37f1	Andreas	contact_name varchar(255),
1760	e5ea37f1	Andreas	contact_email varchar(255),
1761	e5ea37f1	Andreas	contact_owner int
1762	e5ea37f1	Andreas	);
1763	e5ea37f1	Andreas	");
1764	e5ea37f1	Andreas
1765	e5ea37f1	Andreas	if(!$result) {
1766	e5ea37f1	Andreas	$this->db->db_rollback_transaction();
1767	e5ea37f1	Andreas	die("Upgrade failover - tranaction rollback");
1768	e5ea37f1	Andreas	}
1769	e5ea37f1	Andreas
1770	e5ea37f1	Andreas	$result = $this->db->db_exec("
1771	e5ea37f1	Andreas	INSERT INTO nephthys_addressbook
1772	e5ea37f1	Andreas	SELECT *
1773	e5ea37f1	Andreas	FROM nephthys_addressbook_tmp;
1774	e5ea37f1	Andreas	");
1775	e5ea37f1	Andreas
1776	e5ea37f1	Andreas	if(!$result) {
1777	e5ea37f1	Andreas	$this->db->db_rollback_transaction();
1778	e5ea37f1	Andreas	die("Upgrade failover - tranaction rollback");
1779	e5ea37f1	Andreas	}
1780	e5ea37f1	Andreas
1781	e5ea37f1	Andreas	$result = $this->db->db_exec("
1782	e5ea37f1	Andreas	DROP TABLE nephthys_addressbook_tmp;
1783	e5ea37f1	Andreas	");
1784	e5ea37f1	Andreas
1785	e5ea37f1	Andreas	if(!$result) {
1786	e5ea37f1	Andreas	$this->db->db_rollback_transaction();
1787	e5ea37f1	Andreas	die("Upgrade failover - tranaction rollback");
1788	e5ea37f1	Andreas	}
1789	e5ea37f1	Andreas
1790	e5ea37f1	Andreas	if(!$this->db->db_commit_transaction())
1791	e5ea37f1	Andreas	die("Can not commit database transaction");
1792	e5ea37f1	Andreas
1793	e5ea37f1	Andreas	break;
1794	e5ea37f1	Andreas	}
1795	e5ea37f1	Andreas
1796	e5ea37f1	Andreas	$this->set_db_version(5);
1797	e5ea37f1	Andreas
1798	e5ea37f1	Andreas	} /* // db version 5 */
1799	e5ea37f1	Andreas
1800	ec4319a4	Andreas	/* db version 6 */
1801	ec4319a4	Andreas	if($this->get_db_version() < 6) {
1802	ec4319a4	Andreas
1803	ec4319a4	Andreas	/* add column user_deny_chpwd to nephthys_users */
1804	ec4319a4	Andreas
1805	ec4319a4	Andreas	switch($this->cfg->db_type) {
1806	ec4319a4	Andreas	default:
1807	ec4319a4	Andreas	case 'mysql':
1808	ec4319a4	Andreas	$this->db->db_alter_table(
1809	ec4319a4	Andreas	"nephthys_users",
1810	ec4319a4	Andreas	"add",
1811	ec4319a4	Andreas	"user_deny_chpwd",
1812	ec4319a4	Andreas	"varchar(1) default NULL"
1813	ec4319a4	Andreas	);
1814	ec4319a4	Andreas	break;
1815	ec4319a4	Andreas
1816	ec4319a4	Andreas	case 'sqlite':
1817	ec4319a4	Andreas
1818	ec4319a4	Andreas	/* SQlite v2 does not support ALTER TABLE, so we need
1819	ec4319a4	Andreas	to take the help of a temporary table.
1820	ec4319a4	Andreas	*/
1821	ec4319a4	Andreas	if(!$this->db->db_start_transaction())
1822	ec4319a4	Andreas	die("Can not start database transaction");
1823	ec4319a4	Andreas
1824	ec4319a4	Andreas	$result = $this->db->db_exec("
1825	ec4319a4	Andreas	CREATE TEMPORARY TABLE nephthys_users_tmp (
1826	ec4319a4	Andreas	user_idx INTEGER PRIMARY KEY,
1827	ec4319a4	Andreas	user_name varchar(255),
1828	ec4319a4	Andreas	user_full_name varchar(255),
1829	ec4319a4	Andreas	user_pass varchar(255),
1830	ec4319a4	Andreas	user_email varchar(255),
1831	ec4319a4	Andreas	user_priv varchar(16),
1832	ec4319a4	Andreas	user_active varchar(1),
1833	ec4319a4	Andreas	user_last_login int,
1834	ec4319a4	Andreas	user_default_expire int,
1835	ec4319a4	Andreas	user_priv_expire varchar(1),
1836	ec4319a4	Andreas	user_auto_created varchar(1),
1837	ec4319a4	Andreas	user_deny_chpwd varchar(1),
1838	ec4319a4	Andreas	user_language varchar(6)
1839	ec4319a4	Andreas	)
1840	ec4319a4	Andreas	");
1841	ec4319a4	Andreas
1842	ec4319a4	Andreas	if(!$result) {
1843	ec4319a4	Andreas	$this->db->db_rollback_transaction();
1844	ec4319a4	Andreas	die("Upgrade failover - tranaction rollback");
1845	ec4319a4	Andreas	}
1846	ec4319a4	Andreas
1847	ec4319a4	Andreas	$result = $this->db->db_exec("
1848	ec4319a4	Andreas	INSERT INTO nephthys_users_tmp
1849	ec4319a4	Andreas	SELECT
1850	ec4319a4	Andreas	user_idx,
1851	ec4319a4	Andreas	user_name,
1852	ec4319a4	Andreas	user_full_name,
1853	ec4319a4	Andreas	user_pass,
1854	ec4319a4	Andreas	user_email,
1855	ec4319a4	Andreas	user_priv,
1856	ec4319a4	Andreas	user_active,
1857	ec4319a4	Andreas	user_last_login,
1858	ec4319a4	Andreas	user_default_expire,
1859	ec4319a4	Andreas	user_priv_expire,
1860	ec4319a4	Andreas	user_auto_created,
1861	ec4319a4	Andreas	NULL,
1862	ec4319a4	Andreas	user_language
1863	ec4319a4	Andreas	FROM nephthys_users;
1864	ec4319a4	Andreas	");
1865	ec4319a4	Andreas
1866	ec4319a4	Andreas	if(!$result) {
1867	ec4319a4	Andreas	$this->db->db_rollback_transaction();
1868	ec4319a4	Andreas	die("Upgrade failover - tranaction rollback");
1869	ec4319a4	Andreas	}
1870	ec4319a4	Andreas
1871	ec4319a4	Andreas	$result = $this->db->db_exec("
1872	ec4319a4	Andreas	DROP TABLE nephthys_users;
1873	ec4319a4	Andreas	");
1874	ec4319a4	Andreas
1875	ec4319a4	Andreas	if(!$result) {
1876	ec4319a4	Andreas	$this->db->db_rollback_transaction();
1877	ec4319a4	Andreas	die("Upgrade failover - tranaction rollback");
1878	ec4319a4	Andreas	}
1879	ec4319a4	Andreas
1880	ec4319a4	Andreas	$result = $this->db->db_exec("
1881	9fa6f1fe	Andreas	CREATE TABLE nephthys_users (
1882	ec4319a4	Andreas	user_idx INTEGER PRIMARY KEY,
1883	ec4319a4	Andreas	user_name varchar(255),
1884	ec4319a4	Andreas	user_full_name varchar(255),
1885	ec4319a4	Andreas	user_pass varchar(255),
1886	ec4319a4	Andreas	user_email varchar(255),
1887	ec4319a4	Andreas	user_priv varchar(16),
1888	ec4319a4	Andreas	user_active varchar(1),
1889	ec4319a4	Andreas	user_last_login int,
1890	ec4319a4	Andreas	user_default_expire int,
1891	ec4319a4	Andreas	user_priv_expire varchar(1),
1892	ec4319a4	Andreas	user_auto_created varchar(1),
1893	ec4319a4	Andreas	user_deny_chpwd varchar(1),
1894	ec4319a4	Andreas	user_language varchar(6)
1895	ec4319a4	Andreas	)
1896	ec4319a4	Andreas	");
1897	ec4319a4	Andreas
1898	ec4319a4	Andreas	if(!$result) {
1899	ec4319a4	Andreas	$this->db->db_rollback_transaction();
1900	ec4319a4	Andreas	die("Upgrade failover - tranaction rollback");
1901	ec4319a4	Andreas	}
1902	ec4319a4	Andreas
1903	ec4319a4	Andreas	$result = $this->db->db_exec("
1904	ec4319a4	Andreas	INSERT INTO nephthys_users
1905	ec4319a4	Andreas	SELECT *
1906	ec4319a4	Andreas	FROM nephthys_users_tmp;
1907	ec4319a4	Andreas	");
1908	ec4319a4	Andreas
1909	ec4319a4	Andreas	if(!$result) {
1910	ec4319a4	Andreas	$this->db->db_rollback_transaction();
1911	ec4319a4	Andreas	die("Upgrade failover - tranaction rollback");
1912	ec4319a4	Andreas	}
1913	ec4319a4	Andreas
1914	ec4319a4	Andreas	$result = $this->db->db_exec("
1915	9fa6f1fe	Andreas	DROP TABLE nephthys_users_tmp;
1916	ec4319a4	Andreas	");
1917	ec4319a4	Andreas
1918	ec4319a4	Andreas	if(!$result) {
1919	ec4319a4	Andreas	$this->db->db_rollback_transaction();
1920	ec4319a4	Andreas	die("Upgrade failover - tranaction rollback");
1921	ec4319a4	Andreas	}
1922	ec4319a4	Andreas
1923	ec4319a4	Andreas	if(!$this->db->db_commit_transaction())
1924	ec4319a4	Andreas	die("Can not commit database transaction");
1925	ec4319a4	Andreas
1926	ec4319a4	Andreas	break;
1927	ec4319a4	Andreas	}
1928	ec4319a4	Andreas
1929	ec4319a4	Andreas	/* per default we deny every auto-created user
1930	ec4319a4	Andreas	to change his password.
1931	ec4319a4	Andreas	*/
1932	ec4319a4	Andreas	$this->db->db_query("
1933	ec4319a4	Andreas	UPDATE
1934	ec4319a4	Andreas	nephthys_users
1935	ec4319a4	Andreas	SET
1936	ec4319a4	Andreas	user_deny_chpwd='Y'
1937	ec4319a4	Andreas	WHERE
1938	ec4319a4	Andreas	user_auto_created LIKE 'Y'
1939	ec4319a4	Andreas	");
1940	ec4319a4	Andreas	/* per default we allowe every non auto-created user
1941	ec4319a4	Andreas	to change his password.
1942	ec4319a4	Andreas	*/
1943	ec4319a4	Andreas	$this->db->db_query("
1944	ec4319a4	Andreas	UPDATE
1945	ec4319a4	Andreas	nephthys_users
1946	ec4319a4	Andreas	SET
1947	ec4319a4	Andreas	user_deny_chpwd='N'
1948	ec4319a4	Andreas	WHERE
1949	ec4319a4	Andreas	user_auto_created NOT LIKE 'Y'
1950	ec4319a4	Andreas	");
1951	ec4319a4	Andreas
1952	ec4319a4	Andreas	$this->set_db_version(6);
1953	ec4319a4	Andreas
1954	ec4319a4	Andreas	} /* // db version 6 */
1955	c70b4618	Andreas
1956	385f188a	Andreas	/* db version 7 */
1957	385f188a	Andreas	if($this->get_db_version() < 7) {
1958	385f188a	Andreas
1959	385f188a	Andreas	/* add column user_deny_chpwd to nephthys_users */
1960	385f188a	Andreas
1961	385f188a	Andreas	switch($this->cfg->db_type) {
1962	385f188a	Andreas	default:
1963	385f188a	Andreas	case 'mysql':
1964	385f188a	Andreas	$this->db->db_alter_table(
1965	385f188a	Andreas	"nephthys_buckets",
1966	385f188a	Andreas	"add",
1967	385f188a	Andreas	"bucket_notify_on_expire",
1968	385f188a	Andreas	"varchar(1) default NULL"
1969	385f188a	Andreas	);
1970	385f188a	Andreas	break;
1971	385f188a	Andreas
1972	385f188a	Andreas	case 'sqlite':
1973	385f188a	Andreas
1974	385f188a	Andreas	/* SQlite v2 does not support ALTER TABLE, so we need
1975	385f188a	Andreas	to take the help of a temporary table.
1976	385f188a	Andreas	*/
1977	385f188a	Andreas	if(!$this->db->db_start_transaction())
1978	385f188a	Andreas	die("Can not start database transaction");
1979	385f188a	Andreas
1980	385f188a	Andreas	$result = $this->db->db_exec("
1981	385f188a	Andreas	CREATE TEMPORARY TABLE nephthys_buckets_tmp (
1982	385f188a	Andreas	bucket_idx INTEGER PRIMARY KEY,
1983	385f188a	Andreas	bucket_name varchar(255),
1984	385f188a	Andreas	bucket_sender varchar(255),
1985	385f188a	Andreas	bucket_receiver varchar(255),
1986	385f188a	Andreas	bucket_hash varchar(64),
1987	385f188a	Andreas	bucket_created int,
1988	385f188a	Andreas	bucket_expire int,
1989	385f188a	Andreas	bucket_note text,
1990	385f188a	Andreas	bucket_owner int,
1991	385f188a	Andreas	bucket_active varchar(1),
1992	385f188a	Andreas	bucket_notified varchar(1),
1993	385f188a	Andreas	bucket_notify_on_expire varchar(1)
1994	385f188a	Andreas	)
1995	385f188a	Andreas	");
1996	385f188a	Andreas
1997	385f188a	Andreas	if(!$result) {
1998	385f188a	Andreas	$this->db->db_rollback_transaction();
1999	385f188a	Andreas	die("Upgrade failover - tranaction rollback");
2000	385f188a	Andreas	}
2001	385f188a	Andreas
2002	385f188a	Andreas	$result = $this->db->db_exec("
2003	385f188a	Andreas	INSERT INTO nephthys_buckets_tmp
2004	385f188a	Andreas	SELECT
2005	385f188a	Andreas	bucket_idx,
2006	385f188a	Andreas	bucket_name,
2007	385f188a	Andreas	bucket_sender,
2008	385f188a	Andreas	bucket_receiver,
2009	385f188a	Andreas	bucket_hash,
2010	385f188a	Andreas	bucket_created,
2011	385f188a	Andreas	bucket_expire,
2012	385f188a	Andreas	bucket_note,
2013	385f188a	Andreas	bucket_owner,
2014	385f188a	Andreas	bucket_active,
2015	385f188a	Andreas	bucket_notified,
2016	385f188a	Andreas	NULL
2017	385f188a	Andreas	FROM nephthys_buckets;
2018	385f188a	Andreas	");
2019	385f188a	Andreas
2020	385f188a	Andreas	if(!$result) {
2021	385f188a	Andreas	$this->db->db_rollback_transaction();
2022	385f188a	Andreas	die("Upgrade failover - tranaction rollback");
2023	385f188a	Andreas	}
2024	385f188a	Andreas
2025	385f188a	Andreas	$result = $this->db->db_exec("
2026	385f188a	Andreas	DROP TABLE nephthys_buckets;
2027	385f188a	Andreas	");
2028	385f188a	Andreas
2029	385f188a	Andreas	if(!$result) {
2030	385f188a	Andreas	$this->db->db_rollback_transaction();
2031	385f188a	Andreas	die("Upgrade failover - tranaction rollback");
2032	385f188a	Andreas	}
2033	385f188a	Andreas
2034	385f188a	Andreas	$result = $this->db->db_exec("
2035	385f188a	Andreas	CREATE TABLE nephthys_buckets (
2036	385f188a	Andreas	bucket_idx INTEGER PRIMARY KEY,
2037	385f188a	Andreas	bucket_name varchar(255),
2038	385f188a	Andreas	bucket_sender varchar(255),
2039	385f188a	Andreas	bucket_receiver varchar(255),
2040	385f188a	Andreas	bucket_hash varchar(64),
2041	385f188a	Andreas	bucket_created int,
2042	385f188a	Andreas	bucket_expire int,
2043	385f188a	Andreas	bucket_note text,
2044	385f188a	Andreas	bucket_owner int,
2045	385f188a	Andreas	bucket_active varchar(1),
2046	385f188a	Andreas	bucket_notified varchar(1),
2047	385f188a	Andreas	bucket_notify_on_expire varchar(1)
2048	385f188a	Andreas	)
2049	385f188a	Andreas	");
2050	385f188a	Andreas
2051	385f188a	Andreas	if(!$result) {
2052	385f188a	Andreas	$this->db->db_rollback_transaction();
2053	385f188a	Andreas	die("Upgrade failover - tranaction rollback");
2054	385f188a	Andreas	}
2055	385f188a	Andreas
2056	385f188a	Andreas	$result = $this->db->db_exec("
2057	385f188a	Andreas	INSERT INTO nephthys_buckets
2058	385f188a	Andreas	SELECT *
2059	385f188a	Andreas	FROM nephthys_buckets_tmp;
2060	385f188a	Andreas	");
2061	385f188a	Andreas
2062	385f188a	Andreas	if(!$result) {
2063	385f188a	Andreas	$this->db->db_rollback_transaction();
2064	385f188a	Andreas	die("Upgrade failover - tranaction rollback");
2065	385f188a	Andreas	}
2066	385f188a	Andreas
2067	385f188a	Andreas	$result = $this->db->db_exec("
2068	385f188a	Andreas	DROP TABLE nephthys_buckets_tmp;
2069	385f188a	Andreas	");
2070	385f188a	Andreas
2071	385f188a	Andreas	if(!$result) {
2072	385f188a	Andreas	$this->db->db_rollback_transaction();
2073	385f188a	Andreas	die("Upgrade failover - tranaction rollback");
2074	385f188a	Andreas	}
2075	385f188a	Andreas
2076	385f188a	Andreas	if(!$this->db->db_commit_transaction())
2077	385f188a	Andreas	die("Can not commit database transaction");
2078	385f188a	Andreas
2079	385f188a	Andreas	break;
2080	385f188a	Andreas	}
2081	385f188a	Andreas
2082	385f188a	Andreas	/* per default do not notify an expired bucket */
2083	385f188a	Andreas	$this->db->db_query("
2084	385f188a	Andreas	UPDATE
2085	385f188a	Andreas	nephthys_buckets
2086	385f188a	Andreas	SET
2087	385f188a	Andreas	bucket_notify_on_expire='N'
2088	385f188a	Andreas	");
2089	385f188a	Andreas
2090	385f188a	Andreas	$this->set_db_version(7);
2091	385f188a	Andreas
2092	385f188a	Andreas	} /* // db version 7 */
2093	385f188a	Andreas
2094	cc1b5b35	Andreas	} // check_db_tables()
2095	cc1b5b35	Andreas
2096	d08c99b8	Andreas	/**
2097	d08c99b8	Andreas	* add a email address to user's address book
2098	d08c99b8	Andreas	*
2099	d08c99b8	Andreas	* @param string $email
2100	d08c99b8	Andreas	*/
2101	d08c99b8	Andreas	public function add_to_addressbook($email)
2102	d08c99b8	Andreas	{
2103	d08c99b8	Andreas	$to_ab = Array();
2104	d08c99b8	Andreas
2105	d08c99b8	Andreas	/* only one email address? */
2106	d08c99b8	Andreas	if(strstr($email, ',') === false)
2107	d08c99b8	Andreas	array_push($to_ab, $email);
2108	d08c99b8	Andreas
2109	d08c99b8	Andreas	/* multiple email addresses */
2110	7831391e	Andreas	$emails = preg_split("/,/", $email);
2111	7831391e	Andreas
2112	d08c99b8	Andreas	foreach($emails as $email_addr) {
2113	a17e2908	Andreas	$email_addr = trim($email_addr);
2114	d08c99b8	Andreas	array_push($to_ab, $email_addr);
2115	d08c99b8	Andreas	}
2116	d08c99b8	Andreas
2117	d08c99b8	Andreas	/* loop over all contacts */
2118	d08c99b8	Andreas	foreach($to_ab as $address) {
2119	d08c99b8	Andreas
2120	f7b0ea3d	Andreas	$fullname = '';
2121	ccc35b9d	Andreas
2122	f7b0ea3d	Andreas	/* when entered in the format
2123	f7b0ea3d	Andreas	fullname <email-address>
2124	f7b0ea3d	Andreas	we need to extract the parts of that string first
2125	f7b0ea3d	Andreas	*/
2126	f7b0ea3d	Andreas	if(preg_match('/^(.+)\s\<(.+)\>/', $address, $matches)) {
2127	f7b0ea3d	Andreas	$fullname = $matches[1];
2128	f7b0ea3d	Andreas	$address = $matches[2];
2129	f7b0ea3d	Andreas	}
2130	f7b0ea3d	Andreas
2131	b1fa0a38	Andreas	/* do nothing if such a contact already exists */
2132	d08c99b8	Andreas	if($this->db->db_fetchSingleRow("
2133	d08c99b8	Andreas	SELECT *
2134	d08c99b8	Andreas	FROM nephthys_addressbook
2135	d08c99b8	Andreas	WHERE
2136	d08c99b8	Andreas	contact_email LIKE '". $address ."'
2137	d08c99b8	Andreas	")) {
2138	d08c99b8	Andreas	continue;
2139	d08c99b8	Andreas	}
2140	d08c99b8	Andreas
2141	b1fa0a38	Andreas	$sth = $this->db->db_prepare("
2142	d08c99b8	Andreas	INSERT INTO nephthys_addressbook (
2143	f7b0ea3d	Andreas	contact_idx,
2144	f7b0ea3d	Andreas	contact_email,
2145	f7b0ea3d	Andreas	contact_owner,
2146	f7b0ea3d	Andreas	contact_name
2147	d08c99b8	Andreas	) VALUES (
2148	f7b0ea3d	Andreas	NULL,
2149	f7b0ea3d	Andreas	?,
2150	f7b0ea3d	Andreas	?,
2151	f7b0ea3d	Andreas	?
2152	d08c99b8	Andreas	)
2153	d08c99b8	Andreas	");
2154	d08c99b8	Andreas
2155	b1fa0a38	Andreas	$this->db->db_execute($sth, array(
2156	b1fa0a38	Andreas	$address,
2157	b1fa0a38	Andreas	$_SESSION['login_idx'],
2158	f7b0ea3d	Andreas	$fullname,
2159	b1fa0a38	Andreas	));
2160	b1fa0a38	Andreas
2161	d08c99b8	Andreas	}
2162	d08c99b8	Andreas
2163	b1fa0a38	Andreas	} // add_to_addressbook()
2164	d08c99b8	Andreas
2165	d08c99b8	Andreas	/**
2166	45ec4be6	Andreas	* get bucket information & details
2167	45ec4be6	Andreas	*
2168	45ec4be6	Andreas	* this function just invokes get_bucket_info() of the
2169	45ec4be6	Andreas	* NEPHTHYS_BUCKETS class. See that one for more info.
2170	45ec4be6	Andreas	*
2171	45ec4be6	Andreas	* @return string
2172	45ec4be6	Andreas	*/
2173	45ec4be6	Andreas	public function get_bucket_info()
2174	45ec4be6	Andreas	{
2175	45ec4be6	Andreas	if(isset($_POST['id']) && is_numeric($_POST['id'])) {
2176	45ec4be6	Andreas	$bucket = new NEPHTHYS_BUCKETS($_POST['id']);
2177	45ec4be6	Andreas	return $bucket->get_bucket_info();
2178	45ec4be6	Andreas	}
2179	45ec4be6	Andreas
2180	45ec4be6	Andreas	return "unkown bucket";
2181	45ec4be6	Andreas
2182	45ec4be6	Andreas	} // get_bucket_info()
2183	45ec4be6	Andreas
2184	45ec4be6	Andreas	/**
2185	d08c99b8	Andreas	* returns the value for the autocomplete tag-search
2186	d08c99b8	Andreas	* @return string
2187	d08c99b8	Andreas	*/
2188	d08c99b8	Andreas	public function get_xml_list()
2189	d08c99b8	Andreas	{
2190	d08c99b8	Andreas	if(!isset($_GET['search']) \|\| !is_string($_GET['search']))
2191	d08c99b8	Andreas	$_GET['search'] = '';
2192	d08c99b8	Andreas
2193	3212736d	Andreas	/* strip leading or pending whitespaces */
2194	3212736d	Andreas	$_GET['search'] = trim($_GET['search']);
2195	3212736d	Andreas
2196	3212736d	Andreas	/* if string contains multiple receivers separated by
2197	3212736d	Andreas	a comma character, just handle the last one entered.
2198	3212736d	Andreas	*/
2199	3212736d	Andreas	if($matches = explode(',', $_GET['search'])) {
2200	3212736d	Andreas	$_GET['search'] = trim($matches[count($matches)-1]);
2201	3212736d	Andreas	}
2202	3212736d	Andreas
2203	d08c99b8	Andreas	$length = 15;
2204	d08c99b8	Andreas	$i = 1;
2205	d08c99b8	Andreas
2206	d08c99b8	Andreas	$matched_contacts = Array();
2207	d08c99b8	Andreas
2208	d08c99b8	Andreas	header("Content-Type: text/xml");
2209	d08c99b8	Andreas
2210	d08c99b8	Andreas	$string = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>\n";
2211	d08c99b8	Andreas	$string.= "<results>\n";
2212	d08c99b8	Andreas
2213	d08c99b8	Andreas	$contacts = $this->db->db_query("
2214	d08c99b8	Andreas	SELECT
2215	e5ea37f1	Andreas	contact_idx,
2216	e5ea37f1	Andreas	contact_name,
2217	e5ea37f1	Andreas	contact_email
2218	d08c99b8	Andreas	FROM
2219	d08c99b8	Andreas	nephthys_addressbook
2220	d08c99b8	Andreas	WHERE
2221	d08c99b8	Andreas	contact_owner LIKE '". $_SESSION['login_idx'] ."'
2222	d08c99b8	Andreas	");
2223	d08c99b8	Andreas
2224	d08c99b8	Andreas	while($contact = $contacts->fetchRow()) {
2225	d08c99b8	Andreas
2226	e5ea37f1	Andreas	/* ignore empty searches */
2227	e5ea37f1	Andreas	if(empty($_GET['search']))
2228	e5ea37f1	Andreas	break;
2229	e5ea37f1	Andreas
2230	e5ea37f1	Andreas	if((
2231	e5ea37f1	Andreas	preg_match("/". $_GET['search'] ."/i", $contact->contact_email) \|\|
2232	e5ea37f1	Andreas	preg_match("/". $_GET['search'] ."/i", $contact->contact_name)
2233	e5ea37f1	Andreas	)&&
2234	d08c99b8	Andreas	count($matched_contacts) < $length) {
2235	d08c99b8	Andreas
2236	e5ea37f1	Andreas	$string.= " <rs id=\"". $i ."\" ";
2237	e5ea37f1	Andreas
2238	e5ea37f1	Andreas	/* if a contact-name is available, add it as info for autosuggest */
2239	e5ea37f1	Andreas	if(isset($contact->contact_name) && !empty($contact->contact_name))
2240	e5ea37f1	Andreas	$string.= " info=\"". $this->unescape($contact->contact_name, false) ."\">";
2241	e5ea37f1	Andreas	else
2242	e5ea37f1	Andreas	$string.= " info=\"\">";
2243	e5ea37f1	Andreas
2244	e5ea37f1	Andreas	$string.= $this->unescape($contact->contact_email, false);
2245	e5ea37f1	Andreas	$string.= "</rs>\n";
2246	e5ea37f1	Andreas
2247	d08c99b8	Andreas	$i++;
2248	d08c99b8	Andreas	}
2249	d08c99b8	Andreas
2250	d08c99b8	Andreas	/* if we have collected enough items, break out */
2251	d08c99b8	Andreas	if(count($matched_contacts) >= $length)
2252	d08c99b8	Andreas	break;
2253	d08c99b8	Andreas	}
2254	d08c99b8	Andreas
2255	d08c99b8	Andreas	$string.= "</results>\n";
2256	d08c99b8	Andreas
2257	d08c99b8	Andreas	return $string;
2258	d08c99b8	Andreas
2259	d08c99b8	Andreas	} // get_xml_list()
2260	d08c99b8	Andreas
2261	a95ce4d1	Andreas	/**
2262	a95ce4d1	Andreas	* return available disk space
2263	a95ce4d1	Andreas	*
2264	a95ce4d1	Andreas	* this function returns the available disk space of that
2265	a95ce4d1	Andreas	* disk where $data_path resists.
2266	a95ce4d1	Andreas	*
2267	a95ce4d1	Andreas	* @return string
2268	a95ce4d1	Andreas	*/
2269	a95ce4d1	Andreas	private function get_free_diskspace()
2270	a95ce4d1	Andreas	{
2271	a95ce4d1	Andreas	$bytes = disk_free_space($this->cfg->data_path);
2272	a95ce4d1	Andreas	return $bytes;
2273	a95ce4d1	Andreas
2274	a95ce4d1	Andreas	} // get_free_diskspace()
2275	a95ce4d1	Andreas
2276	a95ce4d1	Andreas
2277	a95ce4d1	Andreas	/**
2278	a95ce4d1	Andreas	* return used disk space
2279	a95ce4d1	Andreas	*
2280	a95ce4d1	Andreas	* this functions returns the used disk space of that
2281	a95ce4d1	Andreas	* disk where $data_path resists.
2282	a95ce4d1	Andreas	*
2283	1ae4ed13	Andreas	* @param string $path
2284	a95ce4d1	Andreas	* @return string
2285	a95ce4d1	Andreas	*/
2286	45ec4be6	Andreas	public function get_used_diskspace($path = NULL)
2287	a95ce4d1	Andreas	{
2288	0f139521	Andreas	/* this function will be called recursive. if no path is
2289	0f139521	Andreas	provided as parameter, use $data_path to start from.
2290	1ae4ed13	Andreas	*/
2291	1ae4ed13	Andreas	if(!isset($path))
2292	1ae4ed13	Andreas	$path = $this->cfg->data_path;
2293	1ae4ed13	Andreas
2294	1ae4ed13	Andreas	$bytes = 0;
2295	1ae4ed13	Andreas
2296	0f139521	Andreas	$dirhandle = opendir($path);
2297	1ae4ed13	Andreas	while($file = readdir($dirhandle)) {
2298	45ec4be6	Andreas
2299	45ec4be6	Andreas	if(!$this->is_valid_file($path, $file))
2300	45ec4be6	Andreas	continue;
2301	45ec4be6	Andreas
2302	45ec4be6	Andreas	if(is_dir($path."/".$file)) {
2303	45ec4be6	Andreas	$bytes = $bytes + $this->get_used_diskspace($path."/".$file);
2304	45ec4be6	Andreas	}
2305	45ec4be6	Andreas	else {
2306	0f139521	Andreas	/* On 32bit plattforms filesize() can returns unexptected
2307	0f139521	Andreas	and negative results when files are larger then 2GB.
2308	0f139521	Andreas	Let's try to caputre this here and get the filesize by
2309	0f139521	Andreas	invoking stat on the command line instead.
2310	0f139521	Andreas	*/
2311	0f139521	Andreas	if(($size = @filesize($path."/".$file)) === false)
2312	0f139521	Andreas	$size = exec ('stat -c %s '. escapeshellarg ($path."/".$file));
2313	0f139521	Andreas
2314	0f139521	Andreas	if($size > 0)
2315	0f139521	Andreas	$bytes+= $size;
2316	1ae4ed13	Andreas	}
2317	1ae4ed13	Andreas	}
2318	1ae4ed13	Andreas
2319	1ae4ed13	Andreas	closedir($dirhandle);
2320	1ae4ed13	Andreas
2321	a95ce4d1	Andreas	return $bytes;
2322	a95ce4d1	Andreas
2323	a95ce4d1	Andreas	} // get_used_diskspace()
2324	a95ce4d1	Andreas
2325	a95ce4d1	Andreas	/**
2326	a95ce4d1	Andreas	* return size of unit
2327	a95ce4d1	Andreas	*
2328	a95ce4d1	Andreas	* this function returns the suitable unit for the
2329	a95ce4d1	Andreas	* provided amount of bytes.
2330	a95ce4d1	Andreas	*
2331	a95ce4d1	Andreas	* @param int $bytes
2332	a95ce4d1	Andreas	* @return string
2333	a95ce4d1	Andreas	*/
2334	45ec4be6	Andreas	public function get_unit($bytes)
2335	a95ce4d1	Andreas	{
2336	27af6e13	Andreas	$symbols = array('B', 'kB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB');
2337	493d5979	Andreas
2338	493d5979	Andreas	/* if $bytes = 0, return 0b */
2339	493d5979	Andreas	if(empty($bytes))
2340	493d5979	Andreas	return '0'. $symbols[0];
2341	493d5979	Andreas
2342	27af6e13	Andreas	/* if a non-numeric value has been provided, return */
2343	69f0963f	Andreas	if(!is_numeric($bytes))
2344	69f0963f	Andreas	return "n/a";
2345	a95ce4d1	Andreas
2346	a95ce4d1	Andreas	$exp = floor(log($bytes)/log(1024));
2347	493d5979	Andreas
2348	493d5979	Andreas	/* if $bytes was to small, return 0b */
2349	493d5979	Andreas	if($exp == -INF)
2350	493d5979	Andreas	return '0'. $symbols[0];
2351	493d5979	Andreas
2352	a95ce4d1	Andreas	return sprintf('%.2f '.$symbols[$exp], ($bytes/pow(1024, floor($exp))));
2353	a95ce4d1	Andreas
2354	a95ce4d1	Andreas	} // get_unit()
2355	a95ce4d1	Andreas
2356	2bf77cf3	Andreas	/**
2357	2bf77cf3	Andreas	* get database version
2358	2bf77cf3	Andreas	*
2359	2bf77cf3	Andreas	* this function queries the nephthys_meta table
2360	2bf77cf3	Andreas	* and returns the current database version.
2361	2bf77cf3	Andreas	*
2362	2bf77cf3	Andreas	* @return integer
2363	2bf77cf3	Andreas	*/
2364	2bf77cf3	Andreas	public function get_db_version()
2365	2bf77cf3	Andreas	{
2366	2bf77cf3	Andreas	if($row = $this->db->db_fetchSingleRow("
2367	2bf77cf3	Andreas	SELECT meta_value
2368	2bf77cf3	Andreas	FROM
2369	2bf77cf3	Andreas	nephthys_meta
2370	2bf77cf3	Andreas	WHERE
2371	2bf77cf3	Andreas	meta_key LIKE 'Nephthys Database Version'
2372	2bf77cf3	Andreas	")) {
2373	2bf77cf3	Andreas
2374	2bf77cf3	Andreas	return $row->meta_value;
2375	2bf77cf3	Andreas
2376	2bf77cf3	Andreas	}
2377	2bf77cf3	Andreas
2378	2bf77cf3	Andreas	return 0;
2379	2bf77cf3	Andreas
2380	2bf77cf3	Andreas	} // get_db_version()
2381	2bf77cf3	Andreas
2382	2bf77cf3	Andreas	/**
2383	2bf77cf3	Andreas	* set database version
2384	2bf77cf3	Andreas	*
2385	2bf77cf3	Andreas	* this function updates the nephthys_meta table
2386	2bf77cf3	Andreas	* with the version number provided as the first
2387	2bf77cf3	Andreas	* parameter.
2388	2bf77cf3	Andreas	*
2389	2bf77cf3	Andreas	* @param int $version
2390	2bf77cf3	Andreas	*/
2391	2bf77cf3	Andreas	public function set_db_version($version)
2392	2bf77cf3	Andreas	{
2393	2bf77cf3	Andreas	if(isset($version) && $version > 0) {
2394	2bf77cf3	Andreas
2395	2bf77cf3	Andreas	$this->db->db_exec("
2396	2bf77cf3	Andreas	UPDATE
2397	2bf77cf3	Andreas	nephthys_meta
2398	2bf77cf3	Andreas	SET
2399	2bf77cf3	Andreas	meta_value='". $version ."'
2400	2bf77cf3	Andreas	WHERE
2401	2bf77cf3	Andreas	meta_key LIKE 'Nephthys Database Version'
2402	2bf77cf3	Andreas	");
2403	2bf77cf3	Andreas
2404	2bf77cf3	Andreas	}
2405	2bf77cf3	Andreas
2406	2bf77cf3	Andreas	} // set_db_version()
2407	2bf77cf3	Andreas
2408	c70b4618	Andreas	public function _($text)
2409	c70b4618	Andreas	{
2410	c70b4618	Andreas	return $this->get_translation($text);
2411	c70b4618	Andreas	}
2412	c70b4618	Andreas
2413	c70b4618	Andreas	function get_language()
2414	c70b4618	Andreas	{
2415	c70b4618	Andreas	return $this->cfg->language;
2416	c70b4618	Andreas
2417	c70b4618	Andreas	} // get_language()
2418	c70b4618	Andreas
2419	c70b4618	Andreas	function load_translation_table()
2420	c70b4618	Andreas	{
2421	c70b4618	Andreas	$locale = $this->get_language();
2422	c70b4618	Andreas
2423	c70b4618	Andreas	$path = $this->cfg->base_path
2424	c70b4618	Andreas	. '/themes/'
2425	c70b4618	Andreas	. $this->cfg->theme_name
2426	c70b4618	Andreas	. '/lang/'
2427	c70b4618	Andreas	. $locale
2428	c70b4618	Andreas	. '.lang';
2429	c70b4618	Andreas
2430	c70b4618	Andreas	if (isset($this->_loadedTranslationTables[$locale])) {
2431	c70b4618	Andreas	if (in_array($path, $this->_loadedTranslationTables[$locale])) {
2432	c70b4618	Andreas	// Translation table was already loaded
2433	c70b4618	Andreas	return true;
2434	c70b4618	Andreas	}
2435	c70b4618	Andreas	}
2436	c70b4618	Andreas
2437	c70b4618	Andreas	/* if the language file is not available, stop execution. */
2438	c70b4618	Andreas	if(!file_exists($path) \|\| !is_readable($path)) {
2439	24a140ce	Andreas	die("Can not open language file $path");
2440	c70b4618	Andreas	}
2441	c70b4618	Andreas
2442	c70b4618	Andreas	$entries = file($path);
2443	c70b4618	Andreas	$this->_translationTable[$locale][$path] = Array();
2444	c70b4618	Andreas	$this->_loadedTranslationTables[$locale][] = $path;
2445	c70b4618	Andreas
2446	c70b4618	Andreas	foreach ($entries as $row) {
2447	c70b4618	Andreas
2448	c70b4618	Andreas	$row = trim($row);
2449	c70b4618	Andreas
2450	c70b4618	Andreas	// ignore empty lines
2451	c70b4618	Andreas	if(empty($row))
2452	c70b4618	Andreas	continue;
2453	c70b4618	Andreas
2454	c70b4618	Andreas	// ignore lines with comments
2455	c70b4618	Andreas	if (substr(ltrim($row),0,2) == '//') // ignore comments
2456	c70b4618	Andreas	continue;
2457	c70b4618	Andreas
2458	c70b4618	Andreas	$keyValuePair = explode('=',$row);
2459	c70b4618	Andreas
2460	c70b4618	Andreas	// multiline values: the first line with an equal sign '=' will start a new key=value pair
2461	c70b4618	Andreas	if(sizeof($keyValuePair) == 1) {
2462	d1d68a4d	Andreas	if(isset($key) && !empty($key)) {
2463	d1d68a4d	Andreas	$this->_translationTable[$locale][$key] .= ' ' . chop($keyValuePair[0]);
2464	d1d68a4d	Andreas	}
2465	c70b4618	Andreas	continue;
2466	c70b4618	Andreas	}
2467	c70b4618	Andreas
2468	c70b4618	Andreas	$key = trim($keyValuePair[0]);
2469	c70b4618	Andreas	$value = $keyValuePair[1];
2470	c70b4618	Andreas	if (!empty($key)) {
2471	c70b4618	Andreas	$this->_translationTable[$locale][$key] = chop($value);
2472	c70b4618	Andreas	}
2473	c70b4618	Andreas	}
2474	c70b4618	Andreas
2475	c70b4618	Andreas	return true;
2476	d1d68a4d	Andreas
2477	d1d68a4d	Andreas	} // load_translation_table()
2478	c70b4618	Andreas
2479	c70b4618	Andreas	function get_translation($key)
2480	c70b4618	Andreas	{
2481	c70b4618	Andreas	$locale = $this->get_language();
2482	c70b4618	Andreas
2483	c70b4618	Andreas	// if get_tranlation() get called via RPC (indirect), the translation
2484	c70b4618	Andreas	// table may not be loaded yet.
2485	c70b4618	Andreas	if (!isset($this->_loadedTranslationTables[$locale]))
2486	c70b4618	Andreas	$this->load_translation_table($locale);
2487	c70b4618	Andreas
2488	c70b4618	Andreas	$trans = $this->_translationTable[$locale];
2489	c70b4618	Andreas
2490	c70b4618	Andreas	/* get the real translation key */
2491	c70b4618	Andreas	$key = preg_replace('/##(.+?)##/', '${1}', $key);
2492	c70b4618	Andreas
2493	c70b4618	Andreas	if (is_array($trans)) {
2494	c70b4618	Andreas	if (isset($trans[$key])) {
2495	c70b4618	Andreas	return $trans[$key];
2496	c70b4618	Andreas	}
2497	c70b4618	Andreas	}
2498	c70b4618	Andreas
2499	c70b4618	Andreas	return "Can not find translation for key $key";
2500	c70b4618	Andreas	}
2501	c70b4618	Andreas
2502	ccc35b9d	Andreas	/**
2503	ccc35b9d	Andreas	* unescape string and translate some characters to HTML
2504	ccc35b9d	Andreas	*
2505	ccc35b9d	Andreas	* this function gets used on strings previously modified
2506	ccc35b9d	Andreas	* by escape(). It will strip of slashes and translate
2507	ccc35b9d	Andreas	* some special characters (quotes for example) to HTML
2508	6ce39592	Andreas	* entities (if $encode_html == true).
2509	ccc35b9d	Andreas	*
2510	ccc35b9d	Andreas	* @param string $text
2511	6ce39592	Andreas	* @param boolean $encode_html
2512	ccc35b9d	Andreas	* @return string
2513	ccc35b9d	Andreas	*/
2514	6ce39592	Andreas	public function unescape($text, $encode_html = true)
2515	ccc35b9d	Andreas	{
2516	ccc35b9d	Andreas	/* if text has already been escaped, we need to strip
2517	ccc35b9d	Andreas	slashes before
2518	ccc35b9d	Andreas	*/
2519	ccc35b9d	Andreas
2520	de253b48	Andreas	$text = stripslashes($text);
2521	ccc35b9d	Andreas
2522	6ce39592	Andreas	if($encode_html)
2523	6ce39592	Andreas	return htmlspecialchars($text);
2524	6ce39592	Andreas
2525	6ce39592	Andreas	return $text;
2526	ccc35b9d	Andreas
2527	ccc35b9d	Andreas	} // unescape()
2528	ccc35b9d	Andreas
2529	9ea98166	Andreas	/**
2530	9ea98166	Andreas	* update users last login time
2531	9ea98166	Andreas	*
2532	9ea98166	Andreas	* this function updates the users last login time
2533	9ea98166	Andreas	* in the database table nephthys_users.
2534	9ea98166	Andreas	* @param int $user_idx
2535	9ea98166	Andreas	*/
2536	9ea98166	Andreas	private function update_last_login($user_idx)
2537	9ea98166	Andreas	{
2538	9ea98166	Andreas	$this->db->db_query("
2539	9ea98166	Andreas	UPDATE
2540	9ea98166	Andreas	nephthys_users
2541	9ea98166	Andreas	SET
2542	9ea98166	Andreas	user_last_login='". mktime() ."'
2543	9ea98166	Andreas	WHERE
2544	9ea98166	Andreas	user_idx LIKE '". $user_idx ."'
2545	9ea98166	Andreas	");
2546	9ea98166	Andreas
2547	9ea98166	Andreas	} // update_last_login()
2548	c70b4618	Andreas
2549	e9535274	Andreas	/**
2550	e9535274	Andreas	* get privilege name
2551	e9535274	Andreas	*
2552	e9535274	Andreas	* this function returns the real privilege name for the
2553	e9535274	Andreas	* requests permission in the used language.
2554	e9535274	Andreas	* @param string $user_priv
2555	e9535274	Andreas	* @return string
2556	e9535274	Andreas	*/
2557	e9535274	Andreas	public function get_priv_name($user_priv)
2558	e9535274	Andreas	{
2559	e9535274	Andreas	if(isset($this->cfg->privileges[$user_priv])) {
2560	e9535274	Andreas	return $this->_($this->cfg->privileges[$user_priv]);
2561	e9535274	Andreas	}
2562	e9535274	Andreas
2563	e9535274	Andreas	/* return what we got, if we found no matching privilege */
2564	e9535274	Andreas	return $user_priv;
2565	e9535274	Andreas
2566	e9535274	Andreas	} // get_priv_name()
2567	e9535274	Andreas
2568	fbaee801	Andreas	/**
2569	fbaee801	Andreas	* update column sort order
2570	fbaee801	Andreas	*
2571	fbaee801	Andreas	* this function checks the provided information in the $_POST
2572	fbaee801	Andreas	* variable for the new requested sort options. it validates
2573	fbaee801	Andreas	* and then stores it in the $_SESSION['sort_order'] variable.
2574	fbaee801	Andreas	* @return string
2575	fbaee801	Andreas	*/
2576	fbaee801	Andreas	public function update_sort_order()
2577	fbaee801	Andreas	{
2578	fbaee801	Andreas	/* define columns in each module which can be used for sorting.
2579	fbaee801	Andreas	* this array is used to validate the information provided by
2580	fbaee801	Andreas	* HTTP POST.
2581	fbaee801	Andreas	*/
2582	fbaee801	Andreas	$modules = Array(
2583	fbaee801	Andreas	'buckets' => Array(
2584	fbaee801	Andreas	'bucket_name',
2585	fbaee801	Andreas	'bucket_owner',
2586	fbaee801	Andreas	'bucket_created',
2587	fbaee801	Andreas	'bucket_expire',
2588	fbaee801	Andreas	'bucket_notified',
2589	fbaee801	Andreas	),
2590	fbaee801	Andreas	'addressbook' => Array(
2591	fbaee801	Andreas	'contact_name',
2592	fbaee801	Andreas	'contact_owner',
2593	fbaee801	Andreas	),
2594	fbaee801	Andreas	'users' => Array(
2595	fbaee801	Andreas	'user_name',
2596	fbaee801	Andreas	'user_full_name',
2597	fbaee801	Andreas	'user_priv',
2598	fbaee801	Andreas	'user_last_login',
2599	fbaee801	Andreas	),
2600	fbaee801	Andreas	);
2601	fbaee801	Andreas
2602	fbaee801	Andreas	/* check if all parameters are available */
2603	fbaee801	Andreas	if(!isset($_POST['module']) \|\| empty($_POST['module']) \|\|
2604	fbaee801	Andreas	!isset($_POST['column']) \|\| empty($_POST['column']) \|\|
2605	fbaee801	Andreas	!isset($_POST['order']) \|\| empty($_POST['order'])) {
2606	fbaee801	Andreas
2607	fbaee801	Andreas	return "update_sort_order(): some parameters are missing!";
2608	fbaee801	Andreas	}
2609	fbaee801	Andreas
2610	fbaee801	Andreas	/* make it a bit easier to handle... */
2611	fbaee801	Andreas	$module = $_POST['module'];
2612	fbaee801	Andreas	$column = $_POST['column'];
2613	fbaee801	Andreas	$order = $_POST['order'];
2614	fbaee801	Andreas
2615	fbaee801	Andreas	/* check if the requested sort-order is valid */
2616	fbaee801	Andreas	if($order != 'asc' && $order != 'desc') {
2617	fbaee801	Andreas	return "update_sort_order(): incorrect sort order specified!";
2618	fbaee801	Andreas	}
2619	fbaee801	Andreas
2620	fbaee801	Andreas	/* check if the requested module is valid */
2621	fbaee801	Andreas	if(in_array($module, array_keys($modules))) {
2622	fbaee801	Andreas	/* check if the requested column is valid */
2623	fbaee801	Andreas	if(in_array($column, $modules[$module])) {
2624	fbaee801	Andreas	/* update sort-order in session variable */
2625	fbaee801	Andreas	$_SESSION['sort_order'][$module]['column'] = $column;
2626	fbaee801	Andreas	$_SESSION['sort_order'][$module]['order'] = $order;
2627	fbaee801	Andreas	return "ok";
2628	fbaee801	Andreas	}
2629	fbaee801	Andreas	}
2630	fbaee801	Andreas
2631	fbaee801	Andreas	return "update_sort_order(): incorrect order options specified!";
2632	fbaee801	Andreas
2633	fbaee801	Andreas	} // update_sort_order()
2634	fbaee801	Andreas
2635	ae2d18b9	Andreas	/**
2636	ae2d18b9	Andreas	* return column to be used to sort module results
2637	ae2d18b9	Andreas	*
2638	ae2d18b9	Andreas	* this function returns the column-name to be used in the
2639	ae2d18b9	Andreas	* SQL queries to sort the results.
2640	ae2d18b9	Andreas	* @param string $module
2641	ae2d18b9	Andreas	* @return string
2642	ae2d18b9	Andreas	*/
2643	ae2d18b9	Andreas	public function get_sort_column($module)
2644	ae2d18b9	Andreas	{
2645	ae2d18b9	Andreas	if(isset($_SESSION['sort_order'][$module]))
2646	ae2d18b9	Andreas	return $_SESSION['sort_order'][$module]['column'];
2647	ae2d18b9	Andreas
2648	ae2d18b9	Andreas	return NULL;
2649	ae2d18b9	Andreas
2650	ae2d18b9	Andreas	} // get_sort_column()
2651	ae2d18b9	Andreas
2652	ae2d18b9	Andreas	/**
2653	ae2d18b9	Andreas	* return sort-order to be used to sort module results
2654	ae2d18b9	Andreas	*
2655	ae2d18b9	Andreas	* this function returns the sort-order to be used in the
2656	ae2d18b9	Andreas	* SQL queries to sort the results.
2657	ae2d18b9	Andreas	* @param string $module
2658	ae2d18b9	Andreas	* @return string
2659	ae2d18b9	Andreas	*/
2660	ae2d18b9	Andreas	public function get_sort_order($module)
2661	ae2d18b9	Andreas	{
2662	ae2d18b9	Andreas	if(isset($_SESSION['sort_order'][$module]))
2663	ae2d18b9	Andreas	return $_SESSION['sort_order'][$module]['order'];
2664	ae2d18b9	Andreas
2665	ae2d18b9	Andreas	return NULL;
2666	ae2d18b9	Andreas
2667	ae2d18b9	Andreas	} // get_sort_order()
2668	ae2d18b9	Andreas
2669	45ec4be6	Andreas	/**
2670	45ec4be6	Andreas	* get directory information
2671	45ec4be6	Andreas	*
2672	45ec4be6	Andreas	* this function collect some directory information like
2673	45ec4be6	Andreas	* amount of directories and files, last modification
2674	45ec4be6	Andreas	* time, ... and returns them as array.
2675	45ec4be6	Andreas	*
2676	45ec4be6	Andreas	* @param string $path
2677	45ec4be6	Andreas	* @return mixed
2678	45ec4be6	Andreas	*/
2679	45ec4be6	Andreas	public function get_dir_info($path)
2680	45ec4be6	Andreas	{
2681	45ec4be6	Andreas	$info = Array();
2682	45ec4be6	Andreas
2683	45ec4be6	Andreas	$info['files'] = 0;
2684	45ec4be6	Andreas	$info['dirs'] = 0;
2685	45ec4be6	Andreas	$info['last_mod'] = 0;
2686	45ec4be6	Andreas
2687	45ec4be6	Andreas	if(!file_exists($path))
2688	45ec4be6	Andreas	return __METHOD__ ." directory $path does not exist";
2689	45ec4be6	Andreas
2690	45ec4be6	Andreas	if(!is_dir($path))
2691	45ec4be6	Andreas	return __METHOD__ ." $path is not a directory";
2692	45ec4be6	Andreas
2693	45ec4be6	Andreas	if(!is_readable($path) && !is_executable($path))
2694	45ec4be6	Andreas	return __METHOD__ ." $path is either not readable or executable";
2695	45ec4be6	Andreas
2696	45ec4be6	Andreas	$dirhandle = opendir($path);
2697	45ec4be6	Andreas
2698	45ec4be6	Andreas	while($file = readdir($dirhandle)) {
2699	45ec4be6	Andreas
2700	45ec4be6	Andreas	if(!$this->is_valid_file($path, $file))
2701	45ec4be6	Andreas	continue;
2702	45ec4be6	Andreas
2703	45ec4be6	Andreas	if(is_dir($path."/".$file)) {
2704	45ec4be6	Andreas
2705	45ec4be6	Andreas	$info['dirs']++;
2706	45ec4be6	Andreas
2707	1489fbb7	Andreas	$sub_info = $this->get_dir_info($path."/".$file);
2708	45ec4be6	Andreas
2709	1489fbb7	Andreas	$info['dirs'] += $sub_info['dirs'];
2710	1489fbb7	Andreas	$info['files'] += $sub_info['files'];
2711	45ec4be6	Andreas	$info['last_mod'] = $info['last_mod'] > $sub_info['last_mod'] ? $info['last_mod'] : $sub_info['last_mod'];
2712	45ec4be6	Andreas
2713	45ec4be6	Andreas	}
2714	45ec4be6	Andreas	else {
2715	45ec4be6	Andreas
2716	45ec4be6	Andreas	$info['files']++;
2717	45ec4be6	Andreas
2718	45ec4be6	Andreas	$last_mod = filemtime($path ."/". $files);
2719	45ec4be6	Andreas	$info['last_mod'] = $info['last_mod'] > $last_mod ? $info['last_mod'] : $last_mod;
2720	45ec4be6	Andreas
2721	45ec4be6	Andreas	}
2722	45ec4be6	Andreas	}
2723	45ec4be6	Andreas
2724	45ec4be6	Andreas	closedir($dirhandle);
2725	45ec4be6	Andreas
2726	45ec4be6	Andreas	return $info;
2727	45ec4be6	Andreas
2728	45ec4be6	Andreas	} // get_dir_info()
2729	45ec4be6	Andreas
2730	45ec4be6	Andreas	/**
2731	45ec4be6	Andreas	* validate a file
2732	45ec4be6	Andreas	*
2733	45ec4be6	Andreas	* this function returns true, if the inspect file is
2734	45ec4be6	Andreas	* valid in Nephthys point of view
2735	45ec4be6	Andreas	*
2736	45ec4be6	Andreas	* @param string $path
2737	45ec4be6	Andreas	* @param string $file
2738	45ec4be6	Andreas	* @return boolean
2739	45ec4be6	Andreas	*/
2740	45ec4be6	Andreas	private function is_valid_file($path, $file)
2741	45ec4be6	Andreas	{
2742	45ec4be6	Andreas	if(!file_exists($path."/".$file))
2743	45ec4be6	Andreas	return false;
2744	45ec4be6	Andreas
2745	45ec4be6	Andreas	if(is_link($path."/".$file))
2746	45ec4be6	Andreas	return false;
2747	45ec4be6	Andreas
2748	45ec4be6	Andreas	if($file == "." \|\| $file == "..")
2749	45ec4be6	Andreas	return false;
2750	45ec4be6	Andreas
2751	45ec4be6	Andreas	if($file == "webdav.html")
2752	45ec4be6	Andreas	return false;
2753	45ec4be6	Andreas
2754	45ec4be6	Andreas	return true;
2755	45ec4be6	Andreas
2756	45ec4be6	Andreas	} // is_valid_file()
2757	45ec4be6	Andreas
2758	27af6e13	Andreas	public function load_filemgr()
2759	27af6e13	Andreas	{
2760	27af6e13	Andreas	$upload = new NEPHTHYS_UPLOAD;
2761	27af6e13	Andreas	return $upload->filemgr();
2762	27af6e13	Andreas
2763	27af6e13	Andreas	} // load_filemgr()
2764	27af6e13	Andreas
2765	27af6e13	Andreas	/**
2766	27af6e13	Andreas	* deltree similar function
2767	27af6e13	Andreas	*
2768	27af6e13	Andreas	* this function deletes the given $directory recursivley
2769	27af6e13	Andreas	* @param string $directory
2770	27af6e13	Andreas	* @return bool
2771	27af6e13	Andreas	*/
2772	27af6e13	Andreas	public function deltree($directory)
2773	27af6e13	Andreas	{
2774	27af6e13	Andreas	/* verify that $directory is really a directory */
2775	27af6e13	Andreas	if (!is_dir($directory))
2776	27af6e13	Andreas	return false;
2777	27af6e13	Andreas
2778	27af6e13	Andreas	if(!is_readable($directory))
2779	27af6e13	Andreas	return false;
2780	27af6e13	Andreas
2781	27af6e13	Andreas	/* open the directory and start reading all entries within */
2782	27af6e13	Andreas	$handle = opendir($directory);
2783	27af6e13	Andreas	while (false !== ($obj = readdir($handle))) {
2784	27af6e13	Andreas
2785	27af6e13	Andreas	if ($obj == "." \|\| $obj == "..")
2786	27af6e13	Andreas	continue;
2787	27af6e13	Andreas
2788	27af6e13	Andreas	$fq_obj = $directory ."/". $obj;
2789	27af6e13	Andreas
2790	27af6e13	Andreas	/* if object is a directory, call deltree for this directory. */
2791	27af6e13	Andreas	if (is_dir($fq_obj) && !is_link($fq_obj)) {
2792	27af6e13	Andreas	$this->deltree($fq_obj);
2793	27af6e13	Andreas	} else {
2794	27af6e13	Andreas	/* ordinary file will be deleted here */
2795	27af6e13	Andreas	if(!unlink($fq_obj))
2796	27af6e13	Andreas	return false;
2797	27af6e13	Andreas	}
2798	27af6e13	Andreas	}
2799	27af6e13	Andreas
2800	27af6e13	Andreas	closedir($handle);
2801	27af6e13	Andreas
2802	27af6e13	Andreas	/* now remove the - hopefully empty - directory */
2803	27af6e13	Andreas	if(!rmdir($directory))
2804	27af6e13	Andreas	return false;
2805	27af6e13	Andreas
2806	27af6e13	Andreas	return true;
2807	27af6e13	Andreas
2808	27af6e13	Andreas	} // deltree()
2809	27af6e13	Andreas
2810	dae2f932	Andreas	} // class NEPHTHYS
2811	dae2f932	Andreas
2812	5941d462	Andreas	/***************************************************************************
2813	5941d462	Andreas	*
2814	9507541c	Andreas	* NEPHTHYS_DEFAULTS class, inherited by nephthys_cfg.php
2815	5941d462	Andreas	*
2816	5941d462	Andreas	***************************************************************************/
2817	5941d462	Andreas
2818	5941d462	Andreas	class NEPHTHYS_DEFAULT_CFG {
2819	5941d462	Andreas
2820	5941d462	Andreas	var $page_title = "Nephthys - file sharing";
2821	69f0963f	Andreas	var $base_path = "/srv/www/htdocs/nephthys";
2822	5941d462	Andreas	var $data_path = "/srv/www/nephthys_data";
2823	5941d462	Andreas	var $web_path = "/nephthys";
2824	092b8a0f	Andreas	var $ftp_path = "";
2825	092b8a0f	Andreas	var $dav_path = "/transfer";
2826	092b8a0f	Andreas
2827	5941d462	Andreas	var $theme_name = "default";
2828	cc1b5b35	Andreas	var $db_type = "mysql";
2829	5941d462	Andreas	var $mysql_host = "localhost";
2830	5941d462	Andreas	var $mysql_db = "nephthys";
2831	5941d462	Andreas	var $mysql_user = "user";
2832	5941d462	Andreas	var $mysql_pass = "password";
2833	8932ed08	Andreas	var $sqlite_path = "/srv/www/nephthys_db/nephthys.db";
2834	5941d462	Andreas	var $smarty_path = "/usr/share/php/smarty";
2835	5941d462	Andreas	var $logging = "display";
2836	5941d462	Andreas	var $log_file = "nephthys_err.log";
2837	c1c2fe26	Andreas	var $ignore_js = false;
2838	025d1320	Andreas	var $hide_logout = false;
2839	c1c2fe26	Andreas	var $use_https = false;
2840	c70b4618	Andreas
2841	524f818d	Andreas	var $bucket_via_dav = true;
2842	524f818d	Andreas	var $bucket_via_ftp = true;
2843	27af6e13	Andreas	var $bucket_via_http_upload = true;
2844	5941d462	Andreas
2845	8ad5a624	Andreas	var $allow_server_auth = false;
2846	c70b4618	Andreas	var $user_auto_create = false;
2847	20d75384	Andreas
2848	20d75384	Andreas	var $force_profile_update = true;
2849	20d75384	Andreas
2850	20d75384	Andreas	var $expirations = Array(
2851	4a23938d	Andreas	"1;1 ##DAY##;user",
2852	4a23938d	Andreas	"3;3 ##DAYS##;user",
2853	4a23938d	Andreas	"7;1 ##WEEK##;user",
2854	4a23938d	Andreas	"30;1 ##MONTH##;user",
2855	4a23938d	Andreas	"186;6 ##MONTHS##;manager",
2856	4a23938d	Andreas	"365;1 ##YEAR##; manager",
2857	4a23938d	Andreas	"-1;##NEVER##; manager",
2858	10c3d3f3	Andreas	);
2859	20d75384	Andreas	var $privileges = Array(
2860	e9535274	Andreas	"user" => "##USER##",
2861	e9535274	Andreas	"manager" => "##MANAGER##",
2862	e9535274	Andreas	"admin" => "##ADMIN##",
2863	e9535274	Andreas	);
2864	5941d462	Andreas
2865	c70b4618	Andreas	var $language = "en";
2866	c70b4618	Andreas	var $avail_langs = Array(
2867	c70b4618	Andreas	"en" => "English",
2868	daf19d23	Andreas	"de" => "German",
2869	3c354cdf	Andreas	"ru" => "Russian",
2870	59f61b4d	Andreas	"it" => "Italian",
2871	d71f07fe	Andreas	"es" => "Spanish",
2872	f368247b	Andreas	"nl" => "Dutch",
2873	c70b4618	Andreas	);
2874	c70b4618	Andreas
2875	e0eec83a	Andreas	public function __construct()
2876	e0eec83a	Andreas	{
2877	e0eec83a	Andreas	if(!isset($this->tmpl_path)) {
2878	e0eec83a	Andreas	$this->tmpl_path = $this->base_path;
2879	e0eec83a	Andreas	}
2880	e0eec83a	Andreas
2881	e0eec83a	Andreas	} // __construct()
2882	e0eec83a	Andreas
2883	5941d462	Andreas	} // class NEPHTHYS_DEFAULT_CFG
2884	5941d462	Andreas
2885	9507541c	Andreas	/***************************************************************************
2886	9507541c	Andreas	*
2887	9507541c	Andreas	* NEPHTHYS_EXCEPTION class, inherits PHP's Exception class
2888	9507541c	Andreas	*
2889	9507541c	Andreas	***************************************************************************/
2890	9507541c	Andreas
2891	9507541c	Andreas	class NEPHTHYS_EXCEPTION extends Exception {
2892	9507541c	Andreas
2893	9507541c	Andreas	// custom string representation of object
2894	9507541c	Andreas	public function __toString() {
2895	9507541c	Andreas	return "Backtrace:<br />\n". str_replace("\n", "<br />\n", parent::getTraceAsString());
2896	9507541c	Andreas	}
2897	9507541c	Andreas
2898	9507541c	Andreas	} // class NEPHTHYS_EXCEPTION
2899	9507541c	Andreas
2900	b392cb9b	Andreas	// vim: set filetype=php expandtab softtabstop=3 tabstop=3 shiftwidth=3 autoindent smartindent:
2901	dae2f932	Andreas	?>