1 | <?php |
||||
2 | /** |
||||
3 | * XOOPS admin file |
||||
4 | * |
||||
5 | * You may not change or alter any portion of this comment or credits |
||||
6 | * of supporting developers from this source code or any supporting source code |
||||
7 | * which is considered copyrighted (c) material of the original comment or credit authors. |
||||
8 | * This program is distributed in the hope that it will be useful, |
||||
9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
||||
11 | * |
||||
12 | * @copyright (c) 2000-2021 XOOPS Project (www.xoops.org) |
||||
13 | * @license GNU GPL 2 (https://www.gnu.org/licenses/gpl-2.0.html) |
||||
14 | */ |
||||
15 | $xoopsOption['pagetype'] = 'admin'; |
||||
16 | |||||
17 | include __DIR__ . '/mainfile.php'; |
||||
18 | include_once $GLOBALS['xoops']->path('include/cp_functions.php'); |
||||
19 | /** |
||||
20 | * Admin Authentication |
||||
21 | */ |
||||
22 | if ($xoopsUser) { |
||||
23 | if (!$xoopsUser->isAdmin(-1)) { |
||||
24 | redirect_header('index.php', 2, _AD_NORIGHT); |
||||
25 | } |
||||
26 | } else { |
||||
27 | redirect_header('index.php', 2, _AD_NORIGHT); |
||||
28 | } |
||||
29 | |||||
30 | xoops_cp_header(); |
||||
31 | // ###### Output warn messages for security ###### |
||||
32 | /** |
||||
33 | * Error warning messages |
||||
34 | */ |
||||
35 | // Define Stylesheet |
||||
36 | $xoTheme->addStylesheet(XOOPS_URL . '/modules/system/css/admin.css'); |
||||
37 | if (!isset($xoopsConfig['admin_warnings_enable']) || $xoopsConfig['admin_warnings_enable']) { |
||||
38 | // recommend the lowest security supported version at time of XOOPS release |
||||
39 | // see: https://php.net/supported-versions.php |
||||
40 | $minRecommendedPHP = '7.3.0'; |
||||
41 | if (version_compare(PHP_VERSION, $minRecommendedPHP) < 0) { |
||||
42 | xoops_error(sprintf(_AD_WARNING_OLD_PHP, $minRecommendedPHP)); |
||||
43 | echo '<br>'; |
||||
44 | } |
||||
45 | |||||
46 | $installDirs = glob(XOOPS_ROOT_PATH . '/install*', GLOB_ONLYDIR); |
||||
47 | if (!empty($installDirs)) { |
||||
48 | foreach ($installDirs as $installDir) { |
||||
49 | xoops_error(sprintf(_AD_WARNINGINSTALL, $installDir)); |
||||
50 | echo '<br>'; |
||||
51 | } |
||||
52 | } |
||||
53 | |||||
54 | if (is_writable(XOOPS_ROOT_PATH . '/mainfile.php')) { |
||||
55 | xoops_error(sprintf(_AD_WARNINGWRITEABLE, XOOPS_ROOT_PATH . '/mainfile.php')); |
||||
56 | echo '<br>'; |
||||
57 | } |
||||
58 | // ###### Output warn messages for correct functionality ###### |
||||
59 | if (!is_writable(XOOPS_CACHE_PATH)) { |
||||
60 | xoops_error(sprintf(_AD_WARNINGNOTWRITEABLE, XOOPS_CACHE_PATH)); |
||||
61 | echo '<br>'; |
||||
62 | } |
||||
63 | if (!is_writable(XOOPS_UPLOAD_PATH)) { |
||||
64 | xoops_error(sprintf(_AD_WARNINGNOTWRITEABLE, XOOPS_UPLOAD_PATH)); |
||||
65 | echo '<br>'; |
||||
66 | } |
||||
67 | if (!is_writable(XOOPS_COMPILE_PATH)) { |
||||
68 | xoops_error(sprintf(_AD_WARNINGNOTWRITEABLE, XOOPS_COMPILE_PATH)); |
||||
69 | echo '<br>'; |
||||
70 | } |
||||
71 | |||||
72 | //www fits inside www_private, lets add a trailing slash to make sure it doesn't |
||||
73 | if (strpos(XOOPS_PATH . '/', XOOPS_ROOT_PATH . '/') !== false || strpos(XOOPS_PATH . '/', $_SERVER['DOCUMENT_ROOT'] . '/') !== false) { |
||||
74 | xoops_error(sprintf(_AD_WARNINGXOOPSLIBINSIDE, XOOPS_PATH)); |
||||
75 | echo '<br>'; |
||||
76 | } |
||||
77 | |||||
78 | if (strpos(XOOPS_VAR_PATH . '/', XOOPS_ROOT_PATH . '/') !== false || strpos(XOOPS_VAR_PATH . '/', $_SERVER['DOCUMENT_ROOT'] . '/') !== false) { |
||||
79 | xoops_error(sprintf(_AD_WARNINGXOOPSLIBINSIDE, XOOPS_VAR_PATH)); |
||||
80 | echo '<br>'; |
||||
81 | } |
||||
82 | } |
||||
83 | |||||
84 | if (!empty($_GET['xoopsorgnews']) && !function_exists('xml_parser_create')) { |
||||
85 | xoops_warning(_AD_WARNING_NO_XML); |
||||
86 | echo '<br>'; |
||||
87 | unset($_GET['xoopsorgnews']); |
||||
88 | } |
||||
89 | |||||
90 | if (!empty($_GET['xoopsorgnews'])) { |
||||
91 | // Multiple feeds |
||||
92 | $myts = \MyTextSanitizer::getInstance(); |
||||
93 | $rssurl = []; |
||||
94 | $rssurl[] = 'https://xoops.org/modules/publisher/backend.php'; |
||||
95 | if ($URLs = include $GLOBALS['xoops']->path('language/' . xoops_getConfigOption('language') . '/backend.php')) { |
||||
0 ignored issues
–
show
Deprecated Code
introduced
by
Loading history...
|
|||||
96 | $rssurl = array_unique(array_merge($URLs, $rssurl)); |
||||
97 | } |
||||
98 | $rssfile = 'adminnews-' . xoops_getConfigOption('language'); |
||||
0 ignored issues
–
show
The function
xoops_getConfigOption() has been deprecated.
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||
99 | xoops_load('XoopsCache'); |
||||
100 | $items = []; |
||||
101 | if (!$items = XoopsCache::read($rssfile)) { |
||||
102 | XoopsLoad::load('xoopshttpget'); |
||||
103 | require_once $GLOBALS['xoops']->path('class/xml/rss/xmlrss2parser.php'); |
||||
104 | |||||
105 | xoops_load('XoopsLocal'); |
||||
106 | $cnt = 0; |
||||
107 | foreach ($rssurl as $url) { |
||||
108 | try { |
||||
109 | $httpGet = new XoopsHttpGet($url); |
||||
110 | } catch (\RuntimeException $e) { |
||||
111 | echo $e->getMessage() . '<br>'; |
||||
112 | break; |
||||
113 | } |
||||
114 | $rssdata = $httpGet->fetch(); |
||||
115 | if (false === $rssdata) { |
||||
116 | echo $httpGet->getError() . '<br>'; |
||||
117 | } else { |
||||
118 | $rss2parser = new XoopsXmlRss2Parser($rssdata); |
||||
119 | if (false !== $rss2parser->parse()) { |
||||
120 | $_items = & $rss2parser->getItems(); |
||||
121 | $count = count($_items); |
||||
122 | for ($i = 0; $i < $count; ++$i) { |
||||
123 | $_items[$i]['title'] = XoopsLocal::convert_encoding($_items[$i]['title'], _CHARSET, 'UTF-8'); |
||||
124 | $_items[$i]['description'] = XoopsLocal::convert_encoding($_items[$i]['description'], _CHARSET, 'UTF-8'); |
||||
125 | $items[(string) strtotime($_items[$i]['pubdate']) . '-' . (string) ($cnt++)] = $_items[$i]; |
||||
126 | } |
||||
127 | } else { |
||||
128 | echo $rss2parser->getErrors(); |
||||
129 | } |
||||
130 | } |
||||
131 | } |
||||
132 | //krsort($items); |
||||
133 | XoopsCache::write($rssfile, $items, 86400); |
||||
134 | } |
||||
135 | if ($items != '') { |
||||
136 | $ret = '<table id="xoopsorgnews" class="outer width100">'; |
||||
137 | foreach (array_keys($items) as $i) { |
||||
138 | $ret .= '<tr class="head"><td><a href="' . htmlspecialchars(trim($items[$i]['link']), ENT_QUOTES | ENT_HTML5) . '" rel="external">'; |
||||
139 | $ret .= htmlspecialchars($items[$i]['title'], ENT_QUOTES | ENT_HTML5) . '</a> (' . htmlspecialchars($items[$i]['pubdate'], ENT_QUOTES | ENT_HTML5) . ')</td></tr>'; |
||||
140 | if ($items[$i]['description'] != '') { |
||||
141 | $ret .= '<tr><td class="odd">' . $items[$i]['description']; |
||||
142 | if (!empty($items[$i]['guid'])) { |
||||
143 | $ret .= ' <a href="' . htmlspecialchars($items[$i]['guid'], ENT_QUOTES | ENT_HTML5) . '" rel="external" title="">' . _MORE . '</a>'; |
||||
144 | } |
||||
145 | $ret .= '</td></tr>'; |
||||
146 | } elseif ($items[$i]['guid'] != '') { |
||||
147 | $ret .= '<tr><td class="even aligntop"></td><td colspan="2" class="odd"><a href="' . htmlspecialchars($items[$i]['guid'], ENT_QUOTES | ENT_HTML5) . '" rel="external">' . _MORE . '</a></td></tr>'; |
||||
148 | } |
||||
149 | } |
||||
150 | $ret .= '</table>'; |
||||
151 | echo $ret; |
||||
152 | } |
||||
153 | } |
||||
154 | xoops_cp_footer(); |
||||
155 |