array(
'timeout' => 60 // secs
)
));
// Start a session if we haven't already
if(!isset($_SESSION)) {session_start();}
// Logout if that's the action we're taking
if (isset($_GET['logout'])) {
$_SESSION['loggedIn']=false;
session_destroy();
header("Location: dirname(__FILE__)./?loggedOut");
}
// If magic quotes are still on (attempted to switch off in php.ini)
if (get_magic_quotes_gpc ()) {
function stripslashes_deep($value) {
$value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value);
return $value;
}
$_POST = (isset($_POST) && !empty($_POST)) ? array_map('stripslashes_deep', $_POST) : array();
$_GET = (isset($_GET) && !empty($_GET)) ? array_map('stripslashes_deep', $_GET) : array();
$_COOKIE = (isset($_COOKIE) && !empty($_COOKIE)) ? array_map('stripslashes_deep', $_COOKIE) : array();
$_REQUEST = (isset($_REQUEST) && !empty($_REQUEST)) ? array_map('stripslashes_deep', $_REQUEST) : array();
}
// Function to handle salted hashing
define('SALT_LENGTH',9);
function generateHash($plainText,$salt=null) {
if ($salt === null) {
$salt = substr(md5(uniqid(rand(), true)),0,SALT_LENGTH);
} else {
$salt = substr($salt,0,SALT_LENGTH);
}
return $salt.sha1($salt.$plainText);
}
// returns converted entities which have HTML entity equivalents
function strClean($var) {
return htmlentities($var, ENT_QUOTES, "UTF-8");
}
// returns a number, whole or decimal or null
function numClean($var) {
return is_numeric($var) ? floatval($var) : false;
}
// returns a UTF8 based string with any UFT8 BOM removed
function toUTF8noBOM($string,$message) {
// Attempt to detect encoding
$encType = mb_detect_encoding($string);
// Get rid of any UTF-8 BOM
$string = preg_replace('/\x{EF}\x{BB}\x{BF}/','',$string);
// Test for any bad characters
$teststring = $string;
$teststringBroken = utf8_decode($teststring);
$teststringConverted = iconv("UTF-8", "UTF-8//IGNORE", $teststringBroken);
// If we have a matching length, UTF8 encode it
if ($encType != "ASCII" && strlen($teststringConverted) == strlen($teststringBroken)) {
$string = utf8_encode($string);
if ($message) {
echo "";
}
}
return $string;
}
// Settings are stored in this file
$settingsTemplate = 'config-template.php';
$settingsFile = 'config-'.str_replace(".","_",$_SERVER['SERVER_NAME']).'.php';
if (!file_exists(dirname(__FILE__)."/".$settingsFile)) {
if (!copy(dirname(__FILE__)."/".$settingsTemplate, dirname(__FILE__)."/".$settingsFile)) {
die("Couldn't create $settingsFile. Maybe you need write permissions on the lib folder?");
}
}
include(dirname(__FILE__)."/".$settingsFile);
// Add ICEcoder settings to beginning of $ICEcoder array
$ICEcoder = array(
"versionNo" => "2.4",
"codeMirrorDir" => "CodeMirror-3.13",
"demoMode" => false,
"devMode" => false,
"lineEnding" => "\n"
)+$ICEcoder;
$onLoadExtras = "";
$pluginsDisplay = "";
if ($ICEcoder['demoMode'] && $ICEcoder['accountPassword']!="") {$_SESSION['loggedIn']=true;};
$demoMode = $ICEcoder['demoMode'];
// Update this config file?
if (!$demoMode && isset($_SESSION['loggedIn']) && $_SESSION['loggedIn'] && isset($_POST["theme"]) && $_POST["theme"]) {
$settingsContents = file_get_contents($settingsFile,false,$context);
// Replace our settings vars
$repPosStart = strpos($settingsContents,'"root"');
$repPosEnd = strpos($settingsContents,'"previousFiles"');
// Prepare all our vars
$ICEcoder["root"] = strClean($_POST['root']);
$ICEcoder["checkUpdates"] = isset($_POST['checkUpdates']) && $_POST['checkUpdates'] ? "true" : "false";
$ICEcoder["openLastFiles"] = isset($_POST['openLastFiles']) && $_POST['openLastFiles'] ? "true" : "false";
$ICEcoder["findFilesExclude"] = 'array("'.str_replace(',','","',str_replace(" ","",strClean($_POST['findFilesExclude']))).'")';
$ICEcoder["codeAssist"] = isset($_POST['codeAssist']) && $_POST['codeAssist'] ? "true" : "false";
$ICEcoder["visibleTabs"] = isset($_POST['visibleTabs']) && $_POST['visibleTabs'] ? "true" : "false";
$ICEcoder["lockedNav"] = isset($_POST['lockedNav']) && $_POST['lockedNav'] ? "true" : "false";
if ($_POST['accountPassword']!="") {$ICEcoder["accountPassword"] = generateHash(strClean($_POST['accountPassword']));};
$ICEcoder["bannedFiles"] = 'array("'.str_replace(',','","',str_replace(" ","",strClean($_POST['bannedFiles']))).'")';
$ICEcoder["bannedPaths"] = 'array("'.str_replace(',','","',str_replace(" ","",strClean($_POST['bannedPaths']))).'")';
$ICEcoder["allowedIPs"] = 'array("'.str_replace(',','","',str_replace(" ","",strClean($_POST['allowedIPs']))).'")';
$ICEcoder["plugins"] = 'array('.PHP_EOL.' array('.PHP_EOL.' '.str_replace('====================','),'.PHP_EOL.' array(',$_POST['plugins']).'))';
$ICEcoder["theme"] = strClean($_POST['theme']);
$ICEcoder["fontSize"] = strClean($_POST['fontSize']);
$ICEcoder["lineWrapping"] = strClean($_POST['lineWrapping']);
$ICEcoder["indentWithTabs"] = strClean($_POST['indentWithTabs']);
$ICEcoder["indentSize"] = numClean($_POST['indentSize']);
$settingsArray = array("root","checkUpdates","openLastFiles","findFilesExclude","codeAssist","visibleTabs","lockedNav","accountPassword","bannedFiles","bannedPaths","allowedIPs","plugins","theme","fontSize","lineWrapping","indentWithTabs","indentSize");
$settingsNew = "";
for ($i=0;$i ';
$settingWrap = $settingsArray[$i]=="root"||$settingsArray[$i]=="accountPassword"||$settingsArray[$i]=="theme"||$settingsArray[$i]=="fontSize" ? '"' : '';
$settingsNew .= $settingWrap.$ICEcoder[$settingsArray[$i]].$settingWrap.','.PHP_EOL.PHP_EOL;
}
// Compile our new settings
$settingsContents = substr($settingsContents,0,$repPosStart).$settingsNew.substr($settingsContents,($repPosEnd),strlen($settingsContents));
// Now update the config file
if (is_writeable($settingsFile)) {
$fh = fopen($settingsFile, 'w');
fwrite($fh, $settingsContents);
fclose($fh);
} else {
echo "";
}
// OK, now the config file has been updated, update our current session with new arrays
$settingsArray = array("findFilesExclude","bannedFiles","allowedIPs");
for ($i=0;$itop.ICEcoder.settingsScreen('hide');top.ICEcoder.useNewSettings('".$themeURL."',".$ICEcoder["codeAssist"].",".$ICEcoder["lockedNav"].",".$ICEcoder["visibleTabs"].",'".$ICEcoder["fontSize"]."',".$ICEcoder["lineWrapping"].",".$ICEcoder["indentWithTabs"].",".$ICEcoder["indentSize"].",".$refreshFM.");";
}
// Establish our user level
if (!isset($_SESSION['loggedIn'])) {$_SESSION['loggedIn'] = false;};
if(isset($_POST['loginPassword']) && generateHash(strClean($_POST['loginPassword']),$ICEcoder["accountPassword"])==$ICEcoder["accountPassword"]) {$_SESSION['loggedIn'] = true; header('Location: ../');};
$_SESSION['loggedIn'] = $_SESSION['loggedIn'];
// Define the serverType, docRoot & iceRoot
$serverType = stristr($_SERVER['SERVER_SOFTWARE'], "win") ? "Windows" : "Linux";
$docRoot = rtrim(str_replace("\\","/",$_SERVER['DOCUMENT_ROOT']));
$iceRoot = rtrim(str_replace("\\","/",$ICEcoder["root"]));
if ($_SESSION['loggedIn']) {
echo "";
}
// Setup our file security vars
$settingsArray = array("findFilesExclude","bannedFiles","allowedIPs");
for ($i=0;$itop.window.location="/";';
};
// Save the currently opened files for next time
if ($_SESSION['loggedIn'] && isset($_GET["saveFiles"]) && $_GET['saveFiles']) {
$settingsContents = file_get_contents($settingsFile,false,$context);
// Replace our previousFiles var with the the current
$repPosStart = strpos($settingsContents,'previousFiles" => "')+20;
$repPosEnd = strpos($settingsContents,'",',$repPosStart)-$repPosStart;
if (!$demoMode) {
if ($_GET['saveFiles']!="CLEAR") {
$saveFiles=strClean($_GET['saveFiles']);
$saveFilesArray = explode(",",$saveFiles);
$saveFiles="";
for ($i=0;$itop.ICEcoder.message('Cannot update config file. Please set public write permissions on lib/".$settingsFile." and try again');";
}
// Update our last10Files var?
$last10FilesArray = explode(",",$ICEcoder["last10Files"]);
for ($i=0;$i "')+18;
$repPosEnd = strpos($settingsContents,'"',$repPosStart)-$repPosStart;
$commaExtra = $ICEcoder["last10Files"]!="" ? "," : "";
if (count($last10FilesArray)>=10) {$ICEcoder["last10Files"]=substr($ICEcoder["last10Files"],0,strrpos($ICEcoder["last10Files"],','));};
$settingsContents = substr($settingsContents,0,$repPosStart).$saveFilesArray[$i].$commaExtra.$ICEcoder["last10Files"].substr($settingsContents,($repPosStart+$repPosEnd),strlen($settingsContents));
// Now update the config file
if (is_writeable($settingsFile)) {
$fh = fopen($settingsFile, 'w');
fwrite($fh, $settingsContents);
fclose($fh);
} else {
echo "";
}
}
}
}
echo '';
}
// If we're updating, do/redo plugins
if ($_SESSION['loggedIn']) {
// If we're updating, we need to recreate the plugins array
if (isset($_POST["theme"]) && $_POST["theme"]) {
$ICEcoder["plugins"] = array();
$pluginsArray = explode("====================",str_replace("\"","",str_replace("\r","",str_replace("\n","",$_POST['plugins']))));
for ($i=0;$i
';
};
// If we're updating, replace the plugin display with our newly established one
echo "";
// Work out what plugins we'll need to set on a setInterval
$onLoadExtras = "";
for ($i=0;$i
"",','"accountPassword" => "'.$password.'",',$settingsContents);
// Also set the update checker preference
$checkUpdates = $_POST['checkUpdates']=="true" ? "true" : "false";
// once to cover the true setting, once to cover false
$settingsContents = str_replace('"checkUpdates" => true,','"checkUpdates" => '.$checkUpdates.',',$settingsContents);
$settingsContents = str_replace('"checkUpdates" => false,','"checkUpdates" => '.$checkUpdates.',',$settingsContents);
// Now update the config file
$fh = fopen($settingsFile, 'w') or die("Can't update config file. Please set public write permissions on ".$settingsFile." and press refresh");
fwrite($fh, $settingsContents);
fclose($fh);
// Set the session user level
$_SESSION['loggedIn'] = true;
// Finally, load again as now this file has changed and auto login
header('Location: ../');
}
?>
ICEcoder <?php
echo $ICEcoder["versionNo"]." : ";
echo $ICEcoder["accountPassword"] == "" ? "Setup" : "Login";
?>
Password.focus()">
v
';
}
?>