1<?php 2/** 3 * XOOPS admin file 4 * 5 * You may not change or alter any portion of this comment or credits 6 * of supporting developers from this source code or any supporting source code 7 * which is considered copyrighted (c) material of the original comment or credit authors. 8 * This program is distributed in the hope that it will be useful, 9 * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 11 * 12 * @copyright (c) 2000-2016 XOOPS Project (www.xoops.org) 13 * @license GNU GPL 2 (http://www.gnu.org/licenses/gpl-2.0.html) 14 */ 15$xoopsOption['pagetype'] = 'admin'; 16 17include __DIR__ . '/mainfile.php'; 18include_once $GLOBALS['xoops']->path('include/cp_functions.php'); 19/** 20 * Admin Authentication 21 */ 22if ($xoopsUser) { 23 if (!$xoopsUser->isAdmin(-1)) { 24 redirect_header('index.php', 2, _AD_NORIGHT); 25 } 26} else { 27 redirect_header('index.php', 2, _AD_NORIGHT); 28} 29 30xoops_cp_header(); 31// ###### Output warn messages for security ###### 32/** 33 * Error warning messages 34 */ 35if (!isset($xoopsConfig['admin_warnings_enable']) || $xoopsConfig['admin_warnings_enable']) { 36 // recommend lowest security supported version at time of XOOPS release 37 // see: http://php.net/supported-versions.php 38 $minRecommendedPHP = '7.1.0'; 39 if (version_compare(PHP_VERSION, $minRecommendedPHP) < 0) { 40 xoops_error(sprintf(_AD_WARNING_OLD_PHP, $minRecommendedPHP)); 41 echo '<br>'; 42 } 43 44 if (is_dir(XOOPS_ROOT_PATH . '/install/')) { 45 xoops_error(sprintf(_AD_WARNINGINSTALL, XOOPS_ROOT_PATH . '/install/')); 46 echo '<br>'; 47 } 48 49 if (is_writable(XOOPS_ROOT_PATH . '/mainfile.php')) { 50 xoops_error(sprintf(_AD_WARNINGWRITEABLE, XOOPS_ROOT_PATH . '/mainfile.php')); 51 echo '<br>'; 52 } 53 // ###### Output warn messages for correct functionality ###### 54 if (!is_writable(XOOPS_CACHE_PATH)) { 55 xoops_error(sprintf(_AD_WARNINGNOTWRITEABLE, XOOPS_CACHE_PATH)); 56 echo '<br>'; 57 } 58 if (!is_writable(XOOPS_UPLOAD_PATH)) { 59 xoops_error(sprintf(_AD_WARNINGNOTWRITEABLE, XOOPS_UPLOAD_PATH)); 60 echo '<br>'; 61 } 62 if (!is_writable(XOOPS_COMPILE_PATH)) { 63 xoops_error(sprintf(_AD_WARNINGNOTWRITEABLE, XOOPS_COMPILE_PATH)); 64 echo '<br>'; 65 } 66 67 //www fits inside www_private, lets add a trailing slash to make sure it doesn't 68 if (strpos(XOOPS_PATH . '/', XOOPS_ROOT_PATH . '/') !== false || strpos(XOOPS_PATH . '/', $_SERVER['DOCUMENT_ROOT'] . '/') !== false) { 69 xoops_error(sprintf(_AD_WARNINGXOOPSLIBINSIDE, XOOPS_PATH)); 70 echo '<br>'; 71 } 72 73 if (strpos(XOOPS_VAR_PATH . '/', XOOPS_ROOT_PATH . '/') !== false || strpos(XOOPS_VAR_PATH . '/', $_SERVER['DOCUMENT_ROOT'] . '/') !== false) { 74 xoops_error(sprintf(_AD_WARNINGXOOPSLIBINSIDE, XOOPS_VAR_PATH)); 75 echo '<br>'; 76 } 77} 78 79if (!empty($_GET['xoopsorgnews'])) { 80 // Multiple feeds 81 $myts = MyTextSanitizer::getInstance(); 82 $rssurl = array(); 83 //$rssurl[] = 'http://sourceforge.net/export/rss2_projnews.php?group_id=41586&rss_fulltext=1'; 84 $rssurl[] = 'http://www.xoops.org/backend.php'; 85 if ($URLs = include $GLOBALS['xoops']->path('language/' . xoops_getConfigOption('language') . '/backend.php')) { 86 $rssurl = array_unique(array_merge($rssurl, $URLs)); 87 } 88 $rssfile = 'adminnews-' . xoops_getConfigOption('language'); 89 xoops_load('XoopsCache'); 90 $items = array(); 91 if (!$items = XoopsCache::read($rssfile)) { 92 require_once $GLOBALS['xoops']->path('class/snoopy.php'); 93 include_once $GLOBALS['xoops']->path('class/xml/rss/xmlrss2parser.php'); 94 95 xoops_load('XoopsLocal'); 96 $snoopy = new Snoopy(); 97 $cnt = 0; 98 foreach ($rssurl as $url) { 99 if ($snoopy->fetch($url)) { 100 $rssdata = $snoopy->results; 101 $rss2parser = new XoopsXmlRss2Parser($rssdata); 102 if (false !== $rss2parser->parse()) { 103 $_items =& $rss2parser->getItems(); 104 $count = count($_items); 105 for ($i = 0; $i < $count; ++$i) { 106 $_items[$i]['title'] = XoopsLocal::convert_encoding($_items[$i]['title'], _CHARSET, 'UTF-8'); 107 $_items[$i]['description'] = XoopsLocal::convert_encoding($_items[$i]['description'], _CHARSET, 'UTF-8'); 108 $items[(string)strtotime($_items[$i]['pubdate']) . '-' . (string)($cnt++)] = $_items[$i]; 109 } 110 } else { 111 echo $rss2parser->getErrors(); 112 } 113 } 114 } 115 krsort($items); 116 XoopsCache::write($rssfile, $items, 86400); 117 } 118 if ($items != '') { 119 $ret = '<table class="outer width100">'; 120 foreach (array_keys($items) as $i) { 121 $ret .= '<tr class="head"><td><a href="' . htmlspecialchars($items[$i]['link']) . '" rel="external">'; 122 $ret .= htmlspecialchars($items[$i]['title']) . '</a> (' . htmlspecialchars($items[$i]['pubdate']) . ')</td></tr>'; 123 if ($items[$i]['description'] != '') { 124 $ret .= '<tr><td class="odd">' . $items[$i]['description']; 125 if (!empty($items[$i]['guid'])) { 126 $ret .= ' <a href="' . htmlspecialchars($items[$i]['guid']) . '" rel="external" title="">' . _MORE . '</a>'; 127 } 128 $ret .= '</td></tr>'; 129 } elseif ($items[$i]['guid'] != '') { 130 $ret .= '<tr><td class="even aligntop"></td><td colspan="2" class="odd"><a href="' . htmlspecialchars($items[$i]['guid']) . '" rel="external">' . _MORE . '</a></td></tr>'; 131 } 132 } 133 $ret .= '</table>'; 134 echo $ret; 135 } 136} 137xoops_cp_footer(); 138