Domovská stránka Prehľadávať Pomoc
Registrovať Prihlásiť sa
aj
/
chamilo-lms2
1
0
Fork 0
Súbory Issues 0 Pull requesty 0 Wiki
Strom: a860d6adfc
Branche Tagy
chamilo-lms2
/
main
/
inc
/
ajax
/
admin.ajax.php

admin.ajax.php 9.8 KB
História Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241 
  1. <?php
    2. 

  2. /* For licensing terms, see /license.txt */
    3. 

  3. /**
    4. 

  4.  * Responses to AJAX calls
    5. 

  5.  */
    6. 

  6. 

  7. require_once __DIR__.'/../global.inc.php';
    8. 

  8. 

  9. api_protect_admin_script();
    10. 

  10. 

  11. $action = isset($_REQUEST['a']) ? $_REQUEST['a'] : null;
    12. 

  12. 

  13. switch ($action) {
    14. 

  14.     case 'update_changeable_setting':
    15. 

  15.         $url_id = api_get_current_access_url_id();
    16. 

  16. 

  17.         if (api_is_global_platform_admin() && $url_id == 1) {
    18. 

  18.             if (isset($_GET['id']) && !empty($_GET['id'])) {
    19. 

  19.                 $params = array('variable = ? ' =>  array($_GET['id']));
    20. 

  20.                 $data = api_get_settings_params($params);
    21. 

  21.                 if (!empty($data)) {
    22. 

  22.                     foreach ($data as $item) {
    23. 

  23.                         $params = array('id' =>$item['id'], 'access_url_changeable' => $_GET['changeable']);
    24. 

  24.                         api_set_setting_simple($params);
    25. 

  25.                     }
    26. 

  26.                 }
    27. 

  27.                 echo '1';
    28. 

  28.             }
    29. 

  29.         }
    30. 

  30.         break;
    31. 

  31.     case 'version':
    32. 

  32.         echo version_check();
    33. 

  33.         break;
    34. 

  34.     case 'get_extra_content':
    35. 

  35.         $blockName = isset($_POST['block']) ? Security::remove_XSS($_POST['block']) : null;
    36. 

  36. 

  37.         if (empty($blockName)) {
    38. 

  38.             die;
    39. 

  39.         }
    40. 

  40. 

  41.         if (api_is_multiple_url_enabled()) {
    42. 

  42.             $accessUrlId = api_get_current_access_url_id();
    43. 

  43. 

  44.             if ($accessUrlId == -1) {
    45. 

  45.                 die;
    46. 

  46.             }
    47. 

  47. 

  48.             $urlInfo = api_get_access_url($accessUrlId);
    49. 

  49.             $url = api_remove_trailing_slash(preg_replace('/https?:\/\//i', '', $urlInfo['url']));
    50. 

  50.             $cleanUrl = str_replace('/', '-', $url);
    51. 

  51.             $newUrlDir = api_get_path(SYS_APP_PATH)."home/$cleanUrl/admin/";
    52. 

  52.         } else {
    53. 

  53.             $newUrlDir = api_get_path(SYS_APP_PATH)."home/admin/";
    54. 

  54.         }
    55. 

  55. 

  56.         if (!file_exists($newUrlDir)) {
    57. 

  57.             die;
    58. 

  58.         }
    59. 

  59. 

  60.         if (!Security::check_abs_path("{$newUrlDir}{$blockName}_extra.html", $newUrlDir)) {
    61. 

  61.             die;
    62. 

  62.         }
    63. 

  63. 

  64.         if (!file_exists("{$newUrlDir}{$blockName}_extra.html")) {
    65. 

  65.             die;
    66. 

  66.         }
    67. 

  67. 

  68.         echo file_get_contents("{$newUrlDir}{$blockName}_extra.html");
    69. 

  69.         break;
    70. 

  70. }
    71. 

  71. 

  72. 

  73. /**
    74. 

  74.  * Displays either the text for the registration or the message that the installation is (not) up to date
    75. 

  75.  *
    76. 

  76.  * @return string html code
    77. 

  77.  * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
    78. 

  78.  * @version august 2006
    79. 

  79.  * @todo have a 6 monthly re-registration
    80. 

  80.  */
    81. 

  81. function version_check()
    82. 

  82. {
    83. 

  83.     $tbl_settings = Database::get_main_table(TABLE_MAIN_SETTINGS_CURRENT);
    84. 

  84.     $sql = 'SELECT selected_value FROM '.$tbl_settings.' WHERE variable = "registered" ';
    85. 

  85.     $result = Database::query($sql);
    86. 

  86.     $row = Database::fetch_array($result, 'ASSOC');
    87. 

  87. 

  88.     // The site has not been registered yet.
    89. 

  89.     $return = '';
    90. 

  90.     if ($row['selected_value'] == 'false') {
    91. 

  91.         $return .= get_lang('VersionCheckExplanation');
    92. 

  92.         $return .= '<form class="version-checking" action="'.api_get_path(WEB_CODE_PATH).'admin/index.php" id="VersionCheck" name="VersionCheck" method="post">';
    93. 

  93.         $return .= '<label class="checkbox"><input type="checkbox" name="donotlistcampus" value="1" id="checkbox" />'.get_lang('HideCampusFromPublicPlatformsList');
    94. 

  94.         $return .= '</label><button type="submit" class="btn btn-primary btn-block" name="Register" value="'.get_lang('EnableVersionCheck').'" id="register" >'.get_lang('EnableVersionCheck').'</button>';
    95. 

  95.         $return .= '</form>';
    96. 

  96.         check_system_version();
    97. 

  97.     } else {
    98. 

  98.         // site not registered. Call anyway
    99. 

  99.         $return .= check_system_version();
    100. 

  100.     }
    101. 

  101.     return $return;
    102. 

  102. }
    103. 

  103. 

  104. /**
    105. 

  105.  * Check if the current installation is up to date
    106. 

  106.  * The code is borrowed from phpBB and slighlty modified
    107. 

  107.  * @author The phpBB Group <support@phpbb.com> (the code)
    108. 

  108.  * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University (the modifications)
    109. 

  109.  * @author Yannick Warnier <ywarnier@beeznest.org> for the move to HTTP request
    110. 

  110.  * @copyright (C) 2001 The phpBB Group
    111. 

  111.  * @return string language string with some layout (color)
    112. 

  112.  */
    113. 

  113. function check_system_version()
    114. 

  114. {
    115. 

  115.     // the chamilo version of your installation
    116. 

  116.     $system_version = trim(api_get_configuration_value('system_version'));
    117. 

  117. 

  118.     if (ini_get('allow_url_fopen') == 1) {
    119. 

  119.         // The number of courses
    120. 

  120.         $number_of_courses = Statistics::countCourses();
    121. 

  121. 

  122.         // The number of users
    123. 

  123.         $number_of_users = Statistics::countUsers();
    124. 

  124.         $number_of_active_users = Statistics::countUsers(null, null, null, true);
    125. 

  125. 

  126.         // The number of sessions
    127. 

  127.         $number_of_sessions = Statistics::countSessions();
    128. 

  128.         $packager = api_get_configuration_value('packager');
    129. 

  129.         if (empty($packager)) {
    130. 

  130.             $packager = 'chamilo';
    131. 

  131.         }
    132. 

  132. 

  133.         $data = array(
    134. 

  134.             'url' => api_get_path(WEB_PATH),
    135. 

  135.             'campus' => api_get_setting('siteName'),
    136. 

  136.             'contact' => api_get_setting('emailAdministrator'), // the admin's e-mail, with the only purpose of being able to contact admins to inform about critical security issues
    137. 

  137.             'version' => $system_version,
    138. 

  138.             'numberofcourses' => $number_of_courses, // to sum up into non-personal statistics - see https://version.chamilo.org/stats/
    139. 

  139.             'numberofusers' => $number_of_users, // to sum up into non-personal statistics
    140. 

  140.             'numberofactiveusers' => $number_of_active_users, // to sum up into non-personal statistics
    141. 

  141.             'numberofsessions' => $number_of_sessions,
    142. 

  142.             //The donotlistcampus setting recovery should be improved to make
    143. 

  143.             // it true by default - this does not affect numbers counting
    144. 

  144.             'donotlistcampus' => api_get_setting('donotlistcampus'),
    145. 

  145.             'organisation' => api_get_setting('Institution'),
    146. 

  146.             'language' => api_get_setting('platformLanguage'), //helps us know the spread of language usage for campuses, by main language
    147. 

  147.             'adminname' => api_get_setting('administratorName').' '.api_get_setting('administratorSurname'), //not sure this is necessary...
    148. 

  148.             'ip' => $_SERVER['REMOTE_ADDR'], //the admin's IP address, with the only purpose of trying to geolocate portals around the globe to draw a map
    149. 

  149.             // Reference to the packager system or provider through which
    150. 

  150.             // Chamilo is installed/downloaded. Packagers can change this in
    151. 

  151.             // the default config file (main/install/configuration.dist.php)
    152. 

  152.             // or in the installed config file. The default value is 'chamilo'
    153. 

  153.             'packager' => $packager,
    154. 

  154.         );
    155. 

  155.         $version = null;
    156. 

  156.         // version.php has been updated to include the version in an HTTP header
    157. 

  157.         // called "X-Chamilo-Version", so that we don't have to worry about
    158. 

  158.         // issues with the content not being returned by fread for some reason
    159. 

  159.         $res = _http_request('version.chamilo.org', 80, '/version.php', $data, 5, null, true);
    160. 

  160.         $lines = preg_split('/\r\n/', $res);
    161. 

  161.         foreach ($lines as $line) {
    162. 

  162.             $elements = preg_split('/:/', $line);
    163. 

  163.             // extract the X-Chamilo-Version header from the version.php response
    164. 

  164.             if (strcmp(trim($elements[0]), 'X-Chamilo-Version') === 0) {
    165. 

  165.                 $version = trim($elements[1]);
    166. 

  166.             }
    167. 

  167.         }
    168. 

  168.         if (substr($res, 0, 5) != 'Error') {
    169. 

  169.             if (empty($version)) {
    170. 

  170.                 $version_info = $res;
    171. 

  171.             } else {
    172. 

  172.                 $version_info = $version;
    173. 

  173.             }
    174. 

  174. 

  175.             if (version_compare($system_version, $version_info, '<')) {
    176. 

  176.                 $output = '<span style="color:red">'.get_lang('YourVersionNotUpToDate').'<br />
    177. 

  177.                            '.get_lang('LatestVersionIs').' <b>Chamilo '.$version_info.'</b>.  <br />
    178. 

  178.                            '.get_lang('YourVersionIs').' <b>Chamilo '.$system_version.'</b>.  <br />'.str_replace('http://www.chamilo.org', '<a href="http://www.chamilo.org">http://www.chamilo.org</a>', get_lang('PleaseVisitOurWebsite')).'</span>';
    179. 

  179.             } else {
    180. 

  180.                 $output = '<span style="color:green">'.get_lang('VersionUpToDate').': Chamilo '.$version_info.'</span>';
    181. 

  181.             }
    182. 

  182.         } else {
    183. 

  183.             $output = '<span style="color:red">'.get_lang('ImpossibleToContactVersionServerPleaseTryAgain').'</span>';
    184. 

  184.         }
    185. 

  185.     } else {
    186. 

  186.         $output = '<span style="color:red">'.get_lang('AllowurlfopenIsSetToOff').'</span>';
    187. 

  187.     }
    188. 

  188.     return $output;
    189. 

  189. }
    190. 

  190. 

  191. /**
    192. 

  192.  * Function to make an HTTP request through fsockopen (specialised for GET)
    193. 

  193.  * Derived from Jeremy Saintot: http://www.php.net/manual/en/function.fsockopen.php#101872
    194. 

  194.  * @param string $ip IP or hostname
    195. 

  195.  * @param int    $port Target port
    196. 

  196.  * @param string $uri URI (defaults to '/')
    197. 

  197.  * @param array  $getdata GET data
    198. 

  198.  * @param int    $timeout Timeout
    199. 

  199.  * @param bool   $req_hdr Include HTTP Request headers?
    200. 

  200.  * @param bool   $res_hdr Include HTTP Response headers?
    201. 

  201.  * @return string
    202. 

  202.  */
    203. 

  203. function _http_request($ip, $port = 80, $uri = '/', $getdata = array(), $timeout = 5, $req_hdr = false, $res_hdr = false)
    204. 

  204. {
    205. 

  205.     $verb = 'GET';
    206. 

  206.     $ret = '';
    207. 

  207.     $getdata_str = count($getdata) ? '?' : '';
    208. 

  208. 

  209.     foreach ($getdata as $k => $v) {
    210. 

  210.                 $getdata_str .= urlencode($k).'='.urlencode($v).'&';
    211. 

  211.     }
    212. 

  212. 

  213.     $crlf = "\r\n";
    214. 

  214.     $req = $verb.' '.$uri.$getdata_str.' HTTP/1.1'.$crlf;
    215. 

  215.     $req .= 'Host: '.$ip.$crlf;
    216. 

  216.     $req .= 'User-Agent: Mozilla/5.0 Firefox/3.6.12'.$crlf;
    217. 

  217.     $req .= 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'.$crlf;
    218. 

  218.     $req .= 'Accept-Language: en-us,en;q=0.5'.$crlf;
    219. 

  219.     $req .= 'Accept-Encoding: deflate'.$crlf;
    220. 

  220.     $req .= 'Accept-Charset: utf-8;q=0.7,*;q=0.7'.$crlf;
    221. 

  221. 

  222.     $req .= $crlf;
    223. 

  223. 

  224.     if ($req_hdr) {
    225. 

  225.         $ret .= $req;
    226. 

  226.     }
    227. 

  227.     if (($fp = @fsockopen($ip, $port, $errno, $errstr, $timeout)) == false) {
    228. 

  228.         return "Error $errno: $errstr\n";
    229. 

  229.     }
    230. 

  230. 

  231.     stream_set_timeout($fp, $timeout);
    232. 

  232.     $r = fwrite($fp, $req);
    233. 

  233.     $line = @fread($fp, 512);
    234. 

  234.     $ret .= $line;
    235. 

  235.     fclose($fp);
    236. 

  236. 

  237.     if (!$res_hdr) {
    238. 

  238.         $ret = substr($ret, strpos($ret, "\r\n\r\n") + 4);
    239. 

  239.     }
    240. 

  240.     return trim($ret);
    241. 

  241. }
    242.