diff -r edfc24408769 -r 5d003b6c9e89 plugins/SpecialAdmin.php --- a/plugins/SpecialAdmin.php Sat Jun 23 10:38:24 2007 -0400 +++ b/plugins/SpecialAdmin.php Sat Jun 23 18:54:16 2007 -0400 @@ -10,7 +10,7 @@ /* * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between - * Version 1.0 release candidate 2 + * Version 1.0 release candidate 3 * Copyright (C) 2006-2007 Dan Fuhry * * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License @@ -58,8 +58,15 @@ Using the links on the left you can control every aspect of your website\'s look and feel, plus you can manage users, work with pages, and install plugins to make your Enano installation even better.'); + // Demo mode + if ( defined('ENANO_DEMO_MODE') ) + { + echo '

Enano is running in demo mode.

+

If you borked something up, or if you\'re done testing, you can reset this site. The site is reset automatically once every two hours. When a reset is performed, all custom modifications to the site are lost and replaced with default values.

'; + } + // Check for the installer scripts - if(file_exists(ENANO_ROOT.'/install.php') || file_exists(ENANO_ROOT.'/schema.sql')) + if( ( file_exists(ENANO_ROOT.'/install.php') || file_exists(ENANO_ROOT.'/schema.sql') ) && !defined('ENANO_DEMO_MODE') ) { echo '
NOTE: It appears that your install.php and/or schema.sql files still exist. It is HIGHLY RECOMMENDED that you delete or rename these files, to prevent getting your server hacked.
'; } @@ -141,7 +148,8 @@ return; } - if(isset($_POST['submit'])) { + if(isset($_POST['submit']) && !defined('ENANO_DEMO_MODE') ) + { // Global site options setConfig('site_name', $_POST['site_name']); @@ -214,6 +222,10 @@ echo '
Your changes to the site configuration have been saved.

'; } + else if ( isset($_POST['submit']) && defined('ENANO_DEMO_MODE') ) + { + echo '
Saving the general site configuration is blocked in the administration demo.
'; + } echo('
'); ?>
@@ -461,7 +473,14 @@ if(file_exists($_POST['imagemagick_path'])) setConfig('imagemagick_path', $_POST['imagemagick_path']); else echo 'Warning: the file "'.$_POST['imagemagick_path'].'" was not found, and the ImageMagick file path was not updated.'; $max_upload = floor((float)$_POST['max_file_size'] * (int)$_POST['fs_units']); - setConfig('max_file_size', $max_upload.''); + if ( $max_upload > 1048576 && defined('ENANO_DEMO_MODE') ) + { + echo '
Wouldn\'t want the server DoS\'ed now. Stick to under a megabyte for the demo, please.
'; + } + else + { + setConfig('max_file_size', $max_upload.''); + } } echo ''; ?> @@ -513,6 +532,11 @@ setConfig('plugin_'.$_GET['plugin'], '1'); break; case "disable": + if ( defined('ENANO_DEMO_MODE') && strstr($_GET['plugin'], 'Demo') ) + { + echo('

Error disabling plugin

The demo lockdown plugin cannot be disabled in demo mode.

'); + break; + } if ( $_GET['plugin'] != 'SpecialAdmin.php' ) { setConfig('plugin_'.$_GET['plugin'], '0'); @@ -613,7 +637,7 @@ } global $mime_types, $mimetype_exps, $mimetype_extlist; - if(isset($_POST['save'])) + if(isset($_POST['save']) && !defined('ENANO_DEMO_MODE')) { $bits = ''; $keys = array_keys($mime_types); @@ -626,6 +650,10 @@ setConfig('allowed_mime_types', $bits); echo '
Your changes have been saved.
'; } + else if ( isset($_POST['save']) && defined('ENANO_DEMO_MODE') ) + { + echo '
Hmm, enabling executables, are we? Tsk tsk. I\'d love to know what\'s in that EXE file you want to upload. OK, maybe you didn\'t enable EXEs. But nevertheless, changing allowed filetypes is disabled in the demo.
'; + } $allowed = fetch_allowed_extensions(); ?>

Allowed file types

@@ -727,11 +755,19 @@ return; } - if(isset($_POST['go'])) { + if(isset($_POST['go'])) + { // We need the user ID before we can do anything $q = $db->sql_query('SELECT user_id,username,email,real_name,style,user_level FROM '.table_prefix.'users WHERE username=\'' . $db->escape($_POST['username']) . '\''); - if(!$q) die('Error selecting user ID: '.mysql_error()); - if($db->numrows() < 1) { echo('User does not exist, please enter another username.'); return; } + if ( !$q ) + { + die('Error selecting user ID: '.mysql_error()); + } + if ( $db->numrows() < 1 ) + { + echo('User does not exist, please enter another username.'); + return; + } $r = $db->fetchrow(); $db->free_result(); if(isset($_POST['save'])) @@ -741,7 +777,15 @@ $new_level = $_POST['level']; $old_level = intval($r['user_level']); - $re = $session->update_user((int)$r['user_id'], $_POST['new_username'], false, $_POST['new_pass'], $_POST['email'], $_POST['real_name'], false, $_POST['level']); + if ( defined('ENANO_DEMO_MODE') ) + { + echo '
You cannot delete or modify user accounts in demo mode - they are cleaned up once every two hours.
'; + $re = Array('permission denied'); + } + else + { + $re = $session->update_user((int)$r['user_id'], $_POST['new_username'], false, $_POST['new_pass'], $_POST['email'], $_POST['real_name'], false, $_POST['level']); + } if($re == 'success') { @@ -789,14 +833,21 @@ } elseif(isset($_POST['deleteme']) && isset($_POST['delete_conf'])) { - $q = $db->sql_query('DELETE FROM users WHERE user_id='.$r['user_id'].';'); - if($q) + if ( defined('ENANO_DEMO_MODE') ) { - echo '
The user account "'.$r['username'].'" was deleted.
'; + echo '
You cannot delete or modify user accounts in demo mode - they are cleaned up once every two hours.
'; } else { - echo '
The user account "'.$r['username'].'" could not be deleted due to a database error.

'.$db->get_error().'
'; + $q = $db->sql_query('DELETE FROM users WHERE user_id='.$r['user_id'].';'); + if($q) + { + echo '
The user account "'.$r['username'].'" was deleted.
'; + } + else + { + echo '
The user account "'.$r['username'].'" could not be deleted due to a database error.

'.$db->get_error().'
'; + } } } else @@ -817,25 +868,34 @@ '); } - } elseif(isset($_POST['clearsessions'])) { - // Get the current session information so the user doesn't get logged out - $aes = new AESCrypt(); - $sk = md5($session->sid_super); - $qb = $db->sql_query('SELECT session_key,salt,auth_level,source_ip,time FROM '.table_prefix.'session_keys WHERE session_key=\''.$sk.'\' AND user_id='.$session->user_id.' AND auth_level='.USER_LEVEL_ADMIN); - if(!$qb) die('Error selecting session key info block B: '.$db->get_error()); - if($db->numrows($qb) < 1) die('Error: cannot read admin session info block B, aborting table clear process'); - $qa = $db->sql_query('SELECT session_key,salt,auth_level,source_ip,time FROM '.table_prefix.'session_keys WHERE session_key=\''.md5($session->sid).'\' AND user_id='.$session->user_id.' AND auth_level='.USER_LEVEL_MEMBER); - if(!$qa) die('Error selecting session key info block A: '.$db->get_error()); - if($db->numrows($qa) < 1) die('Error: cannot read user session info block A, aborting table clear process'); - $ra = mysql_fetch_object($qa); - $rb = mysql_fetch_object($qb); - $db->free_result($qa); - $db->free_result($qb); - $db->sql_query('DELETE FROM '.table_prefix.'session_keys;'); - $db->sql_query('INSERT INTO '.table_prefix.'session_keys( session_key,salt,user_id,auth_level,source_ip,time ) VALUES( \''.$ra->session_key.'\', \''.$ra->salt.'\', \''.$session->user_id.'\', \''.$ra->auth_level.'\', \''.$ra->source_ip.'\', '.$ra->time.' ),( \''.$rb->session_key.'\', \''.$rb->salt.'\', \''.$session->user_id.'\', \''.$rb->auth_level.'\', \''.$rb->source_ip.'\', '.$rb->time.' )'); - echo(' -
The session key table has been cleared. Your database should be a little bit smaller now.
- '); + } + else if(isset($_POST['clearsessions'])) + { + if ( defined('ENANO_DEMO_MODE') ) + { + echo '
Sorry Charlie, no can do. You might mess up other people logged into the demo site.
'; + } + else + { + // Get the current session information so the user doesn't get logged out + $aes = new AESCrypt(); + $sk = md5($session->sid_super); + $qb = $db->sql_query('SELECT session_key,salt,auth_level,source_ip,time FROM '.table_prefix.'session_keys WHERE session_key=\''.$sk.'\' AND user_id='.$session->user_id.' AND auth_level='.USER_LEVEL_ADMIN); + if(!$qb) die('Error selecting session key info block B: '.$db->get_error()); + if($db->numrows($qb) < 1) die('Error: cannot read admin session info block B, aborting table clear process'); + $qa = $db->sql_query('SELECT session_key,salt,auth_level,source_ip,time FROM '.table_prefix.'session_keys WHERE session_key=\''.md5($session->sid).'\' AND user_id='.$session->user_id.' AND auth_level='.USER_LEVEL_MEMBER); + if(!$qa) die('Error selecting session key info block A: '.$db->get_error()); + if($db->numrows($qa) < 1) die('Error: cannot read user session info block A, aborting table clear process'); + $ra = mysql_fetch_object($qa); + $rb = mysql_fetch_object($qb); + $db->free_result($qa); + $db->free_result($qb); + $db->sql_query('DELETE FROM '.table_prefix.'session_keys;'); + $db->sql_query('INSERT INTO '.table_prefix.'session_keys( session_key,salt,user_id,auth_level,source_ip,time ) VALUES( \''.$ra->session_key.'\', \''.$ra->salt.'\', \''.$session->user_id.'\', \''.$ra->auth_level.'\', \''.$ra->source_ip.'\', '.$ra->time.' ),( \''.$rb->session_key.'\', \''.$rb->salt.'\', \''.$session->user_id.'\', \''.$rb->auth_level.'\', \''.$rb->source_ip.'\', '.$rb->time.' )'); + echo(' +
The session key table has been cleared. Your database should be a little bit smaller now.
+ '); + } } echo('

User Management

@@ -1767,7 +1827,7 @@ $e = $db->sql_query('DELETE FROM '.table_prefix.'banlist WHERE ban_id=' . $db->escape($_GET['id']) . ''); if(!$e) $db->_die('The ban list entry was not deleted.'); } - if(isset($_POST['create'])) + if(isset($_POST['create']) && !defined('ENANO_DEMO_MODE')) { $q = 'INSERT INTO '.table_prefix.'banlist(ban_type,ban_value,reason,is_regex) VALUES( ' . $db->escape($_POST['type']) . ', \'' . $db->escape($_POST['value']) . '\', \''.$db->escape($_POST['reason']).'\''; if(isset($_POST['regex'])) $q .= ', 1'; @@ -1776,6 +1836,10 @@ $e = $db->sql_query($q); if(!$e) $db->_die('The banlist could not be updated.'); } + else if ( isset($_POST['create']) && defined('ENANO_DEMO_MODE') ) + { + echo '
This function is disabled in the demo. Just because you don\'t like ' . htmlspecialchars($_POST['value']) . ' doesn\'t mean we don\'t like ' . htmlspecialchars($_POST['value']) . '.
'; + } $q = $db->sql_query('SELECT ban_id,ban_type,ban_value,is_regex FROM '.table_prefix.'banlist ORDER BY ban_type;'); if(!$q) $db->_die('The banlist data could not be selected.'); echo ''; @@ -1813,7 +1877,7 @@ } global $enano_config; - if ( isset($_POST['do_send']) ) + if ( isset($_POST['do_send']) && !defined('ENANO_DEMO_MODE') ) { $use_smtp = getConfig('smtp_enabled') == '1'; @@ -1952,6 +2016,10 @@ } } + else if ( isset($_POST['do_send']) && defined('ENANO_DEMO_MODE') ) + { + echo '
This function is disabled in the demo. You think demo@enanocms.org likes getting "test" mass e-mails?
'; + } echo ''; ?>
@@ -2024,6 +2092,11 @@ return; } + if(isset($_GET['submitting']) && $_GET['submitting'] == 'yes' && defined('ENANO_DEMO_MODE') ) + { + redirect(makeUrlComplete('Special', 'Administration'), 'Access denied', 'You\'ve got to be kidding me. Forget it, kid.', 4 ); + } + global $system_table_list; if(isset($_GET['submitting']) && $_GET['submitting'] == 'yes') { @@ -2358,6 +2431,20 @@ $content = $_POST['plugin_id']; break; } + + if ( defined('ENANO_DEMO_MODE') ) + { + // Sanitize the HTML + $content = sanitize_html($content, true); + } + + if ( defined('ENANO_DEMO_MODE') && intval($_POST['type']) == BLOCK_PHP ) + { + echo '
Adding PHP code blocks in the Enano administration demo has been disabled for security reasons.
'; + $_POST['php_content'] = '?><Nulled>'; + $content = $_POST['php_content']; + } + // Get the value of item_order $q = $db->sql_query('SELECT * FROM '.table_prefix.'sidebar WHERE sidebar_id='.$db->escape($_POST['sidebar_id']).';'); @@ -2457,6 +2544,9 @@
+ +

Creating PHP blocks in demo mode is disabled for security reasons.

+

WARNING: If you don't know what you're doing, or if you are not fluent in PHP, stop now and choose a different block type. You will brick your Enano installation if you are not careful here. ALWAYS remember to write secure code! The Enano team is not responsible if someone drops all your tables because of an SQL injection vulnerability in your sidebar code. You are probably better off using the template-formatted block type. @@ -2478,6 +2568,7 @@

+
@@ -2586,6 +2677,24 @@ die($r['block_content']); break; case 'save': + if ( defined('ENANO_DEMO_MODE') ) + { + $q = $db->sql_query('SELECT block_type FROM '.table_prefix.'sidebar WHERE item_id=' . $db->escape($_GET['id']) . ';'); + if(!$q) + { + echo 'var status=unescape(\''.hexencode($db->get_error()).'\');'; + exit; + } + $row = $db->fetchrow(); + if ( $row['block_type'] == BLOCK_PHP ) + { + $_POST['content'] = '?><Nulled>'; + } + else + { + $_POST['content'] = sanitize_html($_POST['content'], true); + } + } $q = $db->sql_query('UPDATE '.table_prefix.'sidebar SET block_content=\''.$db->escape(rawurldecode($_POST['content'])).'\' WHERE item_id=' . $db->escape($_GET['id']) . ';'); if(!$q) {