1<?php 2/** 3 * provides the Plugins tab of admin 4 * @package admin 5 */ 6// force UTF-8 Ø 7 8define('OFFSET_PATH', 1); 9require_once(dirname(__FILE__) . '/admin-globals.php'); 10 11admin_securityChecks(NULL, currentRelativeURL()); 12 13define('PLUGINS_PER_PAGE', max(1, getOption('plugins_per_page'))); 14if (isset($_GET['subpage'])) { 15 $subpage = sanitize_numeric($_GET['subpage']); 16} else { 17 if (isset($_POST['subpage'])) { 18 $subpage = sanitize_numeric($_POST['subpage']); 19 } else { 20 $subpage = 0; 21 } 22} 23 24$_GET['page'] = 'plugins'; 25list($tabs, $subtab, $pluginlist, $paths, $member) = getPluginTabs(); 26 27/* handle posts */ 28if (isset($_GET['action'])) { 29 if ($_GET['action'] == 'saveplugins') { 30 if (isset($_POST['checkForPostTruncation'])) { 31 XSRFdefender('saveplugins'); 32 $filelist = array(); 33 foreach ($_POST as $plugin => $value) { 34 preg_match('/^present_zp_plugin_(.*)$/xis', $plugin, $matches); 35 if ($matches) { 36 $filelist[] = $matches[1]; 37 } 38 } 39 foreach ($filelist as $extension) { 40 $extension = filesystemToInternal($extension); 41 $opt = 'zp_plugin_' . $extension; 42 if (isset($_POST[$opt])) { 43 $value = sanitize_numeric($_POST[$opt]); 44 if (!getOption($opt)) { 45 $option_interface = NULL; 46 require_once(getPlugin($extension . '.php')); 47 if ($option_interface && is_string($option_interface)) { 48 $if = new $option_interface; // prime the default options 49 } 50 } 51 setOption($opt, $value); 52 } else { 53 setOption($opt, 0); 54 } 55 } 56 $notify = '&saved'; 57 } else { 58 $notify = '&post_error'; 59 } 60 redirectURL(FULLWEBPATH . "/" . ZENFOLDER . "/admin-plugins.php?page=plugins&tab=" . html_encode($subtab) . "&subpage=" . html_encode($subpage) . $notify); 61 } 62} 63$saved = isset($_GET['saved']); 64printAdminHeader('plugins'); 65zp_apply_filter('texteditor_config', 'zenphoto'); 66 67sortArray($pluginlist); 68$rangeset = getPageSelector($pluginlist, PLUGINS_PER_PAGE); 69$filelist = array_slice($pluginlist, $subpage * PLUGINS_PER_PAGE, PLUGINS_PER_PAGE); 70?> 71<script type="text/javascript"> 72 <!-- 73 function toggleDetails(plugin) { 74 toggle(plugin + '_show'); 75 toggle(plugin + '_hide'); 76 } 77 78 $(document).ready(function() { 79 $(".plugin_doc").colorbox({ 80 close: '<?php echo gettext("close"); ?>', 81 maxHeight: "98%", 82 innerWidth: '560px' 83 }); 84 }); 85 var pluginsToPage = ['<?php echo implode("','", $pluginlist); ?>']; 86 function gotoPlugin(plugin) { 87 i = Math.floor(jQuery.inArray(plugin, pluginsToPage) / <?php echo PLUGINS_PER_PAGE; ?>); 88 window.location = '<?php echo FULLWEBPATH . '/' . ZENFOLDER; ?>/admin-plugins.php?page=plugins&tab=<?php echo html_encode($subtab); ?>&subpage=' + i + '&show=' + plugin + '#' + plugin; 89 } 90//--> 91</script> 92<?php 93echo "\n</head>"; 94echo "\n<body>"; 95printLogoAndLinks(); 96echo "\n" . '<div id="main">'; 97 98printTabs(); 99echo "\n" . '<div id="content">'; 100 101/* Page code */ 102 103if ($saved) { 104 echo '<div class="messagebox fade-message">'; 105 echo "<h2>" . gettext("Applied") . "</h2>"; 106 echo '</div>'; 107} 108?> 109<h1><?php echo gettext('Plugins'); ?></h1> 110<?php 111$subtab = printSubtabs(); 112?> 113<div class="tabbox"> 114 <?php 115 zp_apply_filter('admin_note', 'users', 'users'); 116 if (isset($_GET['post_error'])) { 117 echo '<div class="errorbox">'; 118 echo "<h2>" . gettext('Error') . "</h2>"; 119 echo gettext('The form submission is incomplete. Perhaps the form size exceeds configured server or browser limits.'); 120 echo '</div>'; 121 } 122 ?> 123 <p> 124 <?php 125 echo gettext("Plugins provide optional functionality for Zenphoto.") . ' '; 126 echo gettext("They may be provided as part of the Zenphoto distribution or as offerings from third parties.") . ' '; 127 echo sprintf(gettext("Third party plugins are placed in the <code>%s</code> folder and are automatically discovered."), USER_PLUGIN_FOLDER) . ' '; 128 echo gettext("If the plugin checkbox is checked, the plugin will be loaded and its functions made available. If the checkbox is not checked the plugin is disabled and occupies no resources."); 129 ?> 130 <a href="http://www.zenphoto.org/news/category/extensions" alt="Zenphoto extensions section"> <?php echo gettext('Find more plugins'); ?></a> 131 </p> 132 <p class='notebox'><?php echo gettext("<strong>Note:</strong> Support for a particular plugin may be theme dependent! You may need to add the plugin theme functions if the theme does not currently provide support."); ?> 133 </p> 134 <form class="dirty-check" id="form_plugins" action="?action=saveplugins&page=plugins&tab=<?php echo html_encode($subtab); ?>" method="post" autocomplete="off"> 135 <?php XSRFToken('saveplugins'); ?> 136 <input type="hidden" name="saveplugins" value="yes" /> 137 <input type="hidden" name="subpage" value="<?php echo $subpage; ?>" /> 138 <p class="buttons"> 139 <button type="submit" value="<?php echo gettext('Apply') ?>"><img src="images/pass.png" alt="" /><strong><?php echo gettext("Apply"); ?></strong></button> 140 <button type="reset" value="<?php echo gettext('Reset') ?>"><img src="images/reset.png" alt="" /><strong><?php echo gettext("Reset"); ?></strong></button> 141 </p><br class="clearall" /><br /><br /> 142 <table class="bordered options"> 143 <tr> 144 <th id="imagenav" colspan="3"> 145 <?php printPageSelector($subpage, $rangeset, 'admin-plugins.php', array('page' => 'plugins', 'tab' => $subtab)); ?> 146 </th> 147 </tr> 148 <tr> 149 <th colspan="2"><span class="displayleft"><?php echo gettext("Available Plugins"); ?></span></th> 150 <th colspan="1"> 151 <span class="displayleft"><?php echo gettext("Description"); ?></span> 152 </th> 153 154 </tr> 155 <?php 156 foreach ($filelist as $extension) { 157 $opt = 'zp_plugin_' . $extension; 158 $third_party_plugin = strpos($paths[$extension], ZENFOLDER) === false; 159 $pluginStream = file_get_contents($paths[$extension]); 160 $parserr = 0; 161 $plugin_name = ''; 162 if ($str = isolate('$plugin_name', $pluginStream)) { 163 if (false === eval($str)) { 164 $plugin_name = ''; // silent fallback on failure 165 } 166 } 167 if(empty($plugin_name)) { 168 $plugin_name = $extension; 169 } 170 $plugin_description = ''; 171 if ($str = isolate('$plugin_description', $pluginStream)) { 172 if (false === eval($str)) { 173 $parserr = $parserr | 1; 174 $plugin_description = gettext('<strong>Error parsing <em>plugin_description</em> string!</strong>'); 175 } else { 176 $plugin_description = processExtensionVariable($plugin_description); 177 } 178 } 179 $plugin_deprecated = ''; 180 if ($str = isolate('$plugin_deprecated', $pluginStream)) { 181 if (false === eval($str)) { 182 $parserr = $parserr | 2; 183 $plugin_deprecated = gettext('<strong>Error parsing <em>plugin_deprecated</em> string!</strong>'); 184 } else { 185 $plugin_deprecated = processExtensionVariable($plugin_deprecated); 186 } 187 } 188 $plugin_notice = ''; 189 if ($str = isolate('$plugin_notice', $pluginStream)) { 190 if (false === eval($str)) { 191 $parserr = $parserr | 3; 192 $plugin_notice = gettext('<strong>Error parsing <em>plugin_notice</em> string!</strong>'); 193 } else { 194 $plugin_notice = processExtensionVariable($plugin_notice); 195 } 196 } 197 $plugin_author = ''; 198 if ($str = isolate('$plugin_author', $pluginStream)) { 199 if (false === eval($str)) { 200 $parserr = $parserr | 4; 201 $plugin_author = gettext('<strong>Error parsing <em>plugin_author</em> string!</strong>'); 202 } 203 } 204 $plugin_version = ''; 205 if ($str = isolate('$plugin_version', $pluginStream)) { 206 if (false === eval($str)) { 207 $parserr = $parserr | 5; 208 $plugin_version = ' ' . gettext('<strong>Error parsing <em>plugin_version</em> string!</strong>'); 209 } 210 } 211 $plugin_disable = false; 212 if ($str = isolate('$plugin_disable', $pluginStream)) { 213 if (false === eval($str)) { 214 $parserr = $parserr | 6; 215 $plugin_disable = gettext('<strong>Error parsing <em>plugin_disable</em> string!</strong>'); 216 } 217 } 218 $plugin_disable = isIncompatibleExtension($plugin_disable); 219 if ($plugin_disable) { 220 disableExtension($extension); 221 } 222 $plugin_siteurl = ''; 223 if ($str = isolate('$plugin_siteurl', $pluginStream)) { 224 if (false === eval($str)) { 225 $parserr = $parserr | 7; 226 $plugin_siteurl = gettext('<strong>Error parsing <em>plugin_siteurl</em> string!</strong>'); 227 } 228 } 229 $plugin_date = ''; 230 if ($str = isolate('$plugin_date', $pluginStream)) { 231 if (false === eval($str)) { 232 $parserr = $parserr | 8; 233 $plugin_date = gettext('<strong>Error parsing <em>plugin_date</em> string!</strong>'); 234 } 235 } 236 $plugin_URL = FULLWEBPATH . '/' . ZENFOLDER . '/pluginDoc.php?extension=' . $extension; 237 if ($third_party_plugin) { 238 $plugin_URL .= '&thirdparty'; 239 } 240 $currentsetting = getOption($opt); 241 $plugin_is_filter = 1 | THEME_PLUGIN; 242 if ($str = isolate('$plugin_is_filter', $pluginStream)) { 243 eval($str); 244 if ($plugin_is_filter < THEME_PLUGIN) { 245 if ($plugin_is_filter < 0) { 246 $plugin_is_filter = abs($plugin_is_filter) | THEME_PLUGIN | ADMIN_PLUGIN; 247 } else { 248 if ($plugin_is_filter == 1) { 249 $plugin_is_filter = 1 | THEME_PLUGIN; 250 } else { 251 $plugin_is_filter = $plugin_is_filter | CLASS_PLUGIN; 252 } 253 } 254 } 255 if ($currentsetting && $currentsetting != $plugin_is_filter) { 256 setOption($opt, $plugin_is_filter); // the script has changed its setting! 257 } 258 } 259 $optionlink = NULL; 260 if ($str = isolate('$option_interface', $pluginStream)) { 261 if (preg_match('/\s*=\s*new\s(.*)\(/i', $str)) { 262 $plugin_notice .= '<br /><br />' . gettext('<strong>Note:</strong> Instantiating the option interface within the plugin may cause performance issues. You should instead set <code>$option_interface</code> to the name of the class as a string.'); 263 } else { 264 $option_interface = NULL; 265 eval($str); 266 if ($option_interface) { 267 $optionlink = FULLWEBPATH . '/' . ZENFOLDER . '/admin-options.php?page=options&tab=plugin&single=' . $extension; 268 } 269 } 270 } 271 272 273 $selected_style = ''; 274 if ($currentsetting > THEME_PLUGIN) { 275 $selected_style = ' class="currentselection"'; 276 } 277 if (isset($_GET['show']) && $_GET['show'] == $extension) { 278 $selected_style = ' class="highlightselection"'; 279 } 280 ?> 281 <tr<?php echo $selected_style; ?>> 282 <td width="30%"> 283 <input type="hidden" name="present_<?php echo $opt; ?>" id="present_<?php echo $opt; ?>" value="1" /> 284 <label id="<?php echo $extension; ?>"> 285 <?php 286 if ($third_party_plugin) { 287 $whose = gettext('third party plugin'); 288 $path = stripSuffix($paths[$extension]) . '/logo.png'; 289 if (file_exists($path)) { 290 $ico = str_replace(SERVERPATH, WEBPATH, $path); 291 } else { 292 $ico = 'images/place_holder_icon.png'; 293 } 294 } else { 295 $whose = 'Zenphoto official plugin'; 296 $ico = 'images/zp_gold.png'; 297 } 298 ?> 299 <img class="zp_logoicon" src="<?php echo $ico; ?>" alt="<?php echo gettext('logo'); ?>" title="<?php echo $whose; ?>" /> 300 <?php 301 if ($plugin_is_filter & CLASS_PLUGIN) { 302 $icon = $plugin_is_filter | THEME_PLUGIN | ADMIN_PLUGIN; 303 } else { 304 $icon = $plugin_is_filter; 305 } 306 if ($icon & THEME_PLUGIN | FEATURE_PLUGIN) { 307 ?> 308 <a title="<?php echo gettext('theme plugin'); ?>"><img class="zp_logoicon" src="images/pictures.png" /></a> 309 <?php 310 } else { 311 ?> 312 <img src="images/place_holder_icon.png" /> 313 <?php 314 } 315 if ($icon & ADMIN_PLUGIN) { 316 ?> 317 <a title="<?php echo gettext('admin plugin'); ?>"><img class="zp_logoicon" src="images/cache.png" /></a> 318 <?php 319 } else { 320 ?> 321 <img src="images/place_holder_icon.png" /> 322 <?php 323 } 324 $attributes = ''; 325 if ($parserr) { 326 $optionlink = false; 327 $attributes .= ' disabled="disabled"'; 328 } else { 329 if ($currentsetting > THEME_PLUGIN) { 330 $attributes .= ' checked="checked"'; 331 } 332 } 333 if ($plugin_disable) { 334 ?> 335 <span class="icons" id="<?php echo $extension; ?>_checkbox"> 336 <img src="images/action.png" alt="" class="zp_logoicon" /> 337 <input type="hidden" name="<?php echo $opt; ?>" id="<?php echo $opt; ?>" value="0" /> 338 </span> 339 <?php 340 } else { 341 ?> 342 <input type="checkbox" name="<?php echo $opt; ?>" id="<?php echo $opt; ?>" value="<?php echo $plugin_is_filter; ?>"<?php echo $attributes; ?> /> 343 <?php 344 } 345 echo '<strong>' . html_encode($plugin_name) . '</strong>'; 346 if (!empty($plugin_version)) { 347 echo ' v' . $plugin_version; 348 } 349 if(!empty($plugin_date)) { 350 echo ' <small>(' . html_encode($plugin_date) .')</small>'; 351 } 352 ?> 353 </label> 354 <?php 355 if ($subtab == 'all') { 356 $tab = $member[$extension]; 357 echo '<span class="displayrightsmall"><a href="' . html_encode($tabs[$tab]) . '"><em>' . $tab . '</em></a></span>'; 358 } 359 ?> 360 </td> 361 <td width="60"> 362 <span class="icons"><a class="plugin_doc" href="<?php echo $plugin_URL; ?>"><img class="icon-position-top3" src="images/info.png" title="<?php printf(gettext('More information on %s'), $extension); ?>" alt=""></a></span> 363 <?php 364 if ($optionlink) { 365 ?> 366 <span class="icons"><a href="<?php echo $optionlink; ?>" title="<?php printf(gettext("Change %s options"), $extension); ?>"><img class="icon-position-top3" src="images/options.png" alt="" /></a></span> 367 <?php 368 } 369 ?> 370 </td> 371 <td colspan="2"> 372 <?php 373 echo $plugin_description; 374 375 if($plugin_deprecated) { 376 echo '<p class="notebox">' . $plugin_deprecated . '</p>'; 377 } 378 if ($plugin_disable) { 379 ?> 380 <div id="showdisable_<?php echo $extension; ?>" class="warningbox"> 381 <?php 382 if ($plugin_disable) { 383 echo $plugin_disable; 384 } 385 ?> 386 </div> 387 <?php 388 } 389 if ($plugin_notice) { 390 ?> 391 <div class="notebox"> 392 <?php echo $plugin_notice;?> 393 </div> 394 <?php 395 } 396 echo '<p><small><strong>' . sprintf(gettext('by %s'), $plugin_author); 397 if(!empty($plugin_siteurl)) { 398 echo ' | <a href="' . html_encode($plugin_siteurl) . '" rel="noopener" target="_blank" title="'. html_encode($plugin_siteurl).'">' . gettext('Visit plugin site') . '</a>'; 399 } 400 echo '</strong></small></p>'; 401 ?> 402 </td> 403 </tr> 404 <?php 405 } 406 ?> 407 <tr> 408 <td colspan="4" id="imagenavb"> 409 <?php printPageSelector($subpage, $rangeset, 'admin-plugins.php', array('page' => 'plugins', 'tab' => $subtab)); ?> 410 </td> 411 </tr> 412 </table> 413 <br /> 414 <ul class="iconlegend"> 415 <li><img src="images/zp_gold.png" alt=""><?php echo gettext('Official plugin'); ?></li> 416 <li><img src="images/info.png" alt=""><?php echo gettext('Usage info'); ?></li> 417 <li><img src="images/options.png" alt=""><?php echo gettext('Options'); ?></li> 418 <li><img src="images/warn.png" alt=""><?php echo gettext('Warning note'); ?></li> 419 </ul> 420 <p class="buttons"> 421 <button type="submit" value="<?php echo gettext('Apply') ?>"><img src="images/pass.png" alt="" /><strong><?php echo gettext("Apply"); ?></strong></button> 422 <button type="reset" value="<?php echo gettext('Reset') ?>"><img src="images/reset.png" alt="" /><strong><?php echo gettext("Reset"); ?></strong></button> 423 </p><br /><br /> 424 <input type="hidden" name="checkForPostTruncation" value="1" /> 425 </form> 426</div> 427<?php 428echo "\n" . '</div>'; //content 429printAdminFooter(); 430echo "\n" . '</div>'; //main 431echo "\n</body>"; 432echo "\n</html>"; 433?> 434 435 436 437