lf_get_cache('james_version');
if ($james_version<0) {
$lastrun_sync_extra = @file_get_contents('https://www.warumwirleben.de/cache/extservers/sync_extra.last');
if (!is_numeric($lastrun_sync_extra)) { $lastrun_sync_extra=0; }
$james_version=$lastrun_sync_extra;
$this->lf_set_cache('james_version',$james_version);
}
if ($data['UID']>0) {
$out .= "LOGOUT
";
$out .= "Username
".$data['USERNAME']."
";
if ($data['LANG']=="de_DE") {
$helptxt='JAMES-Einstellungen';
} else {
$helptxt='JAMES-Configuration';
}
$out .= " ".$helptxt."
";
//$out .= " Chat
";
} else {
$out .= "LOGIN
";
$bzs="";
if (!(strpos($data['RU'],'quickreg')>0)) {
$bzs='&ref='.base64_encode($data['RU']);
}
$out .= "
";
}
if ($data['LANG']=="de_DE") {
$helptxt='HILFE';
} else {
$helptxt='HELP';
}
$out .= " ".$helptxt."";
$out .= "
".print_r($data,TRUE).""; } } return $out; } function lf_random_str($length,$keyspace = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ') { $str = ''; $max = mb_strlen($keyspace, '8bit') - 1; if ($max < 1) { throw new Exception('$keyspace must be at least two characters long'); } for ($i = 0; $i < $length; ++$i) { $str .= $keyspace[random_int(0, $max)]; } return $str; } function lf_getHTML($which, $atts, $content, $tag) { global $current_user, $wp_query, $dbg; wp_get_current_user(); if ($which == "") {return -1;} if (isset($_GET['f'])) { if ( ($_GET['f']=="menueditor") && ($_POST['menu_description']!="") ) { $_POST['menu_description']=base64_encode($_POST['menu_description']); } if ( ($_GET['f']=="tickets") && ($_POST['desc']!="") ) { $_POST['desc']=str_replace('<','<',str_replace('>','>',$_POST['desc'])); } } $param = array( 'UID' => $current_user->ID, 'IP' => $_SERVER['REMOTE_ADDR'], 'DOM' => $_SERVER['SERVER_NAME'], 'RU' => $_SERVER["REQUEST_URI"], 'PV' => serialize($_POST), 'GV' => serialize($_GET), 'FN' => $which, 'USERNAME' => $current_user->display_name, 'ATTS' => serialize($atts), 'WPQID' => $wp_query->posts[0]->guid, 'POT' => $wp_query->posts[0]->post_title, 'LANG' => get_locale(), 'BODY' => base64_encode($content), 'TAG' => $tag, 'COOKIE' => base64_encode(serialize($_COOKIE)) ); //die('
'.print_r($param,TRUE)); $start_ms = round(microtime(true) * 1000); $guest = (!($param['UID'] > 0)); $cache_version = 0; $cache_filename = ""; $ret=""; if ($atts['func']=="loginmenu") { // Direct Userfunction without data of DB needed return $this->lf_loginmenu($param); } // Cooldown 7 days $cooldown = 86400*7; if (isset($_GET['cache'])) { if ($_GET['cache'] == "0") {$guest = 0;} } if (in_array($_SERVER['REMOTE_ADDR'],array('217.86.139.36','185.163.118.100'))) { $guest = 0; } if (isset($_GET['f'])) { if ($_GET['f']=='quickreg') { $guest=0; } if ($_GET['f']=='user_in_channel_wotid') { $guest=0; } } else { $guest=0; //// no cache for main page } if (isset($atts['debug'])) { if ($atts['debug'] == "1") { // No Cache if debug=1 is set in shortcode-call $guest=0; } } if ($guest!="0") { $b64httpaufruf = $param['RU'] . '_GET_' . serialize($_GET); $cache_filename = str_replace('www.', '', $param['DOM']) . "_" . $param['UID'] . "_" . $param['FN'] . $b64httpaufruf; $cache_filename = str_replace(' ', '_', $cache_filename); $cache_filename = './jcache/' . preg_replace('/[^a-zA-Z0-9_\.=]/', '', $cache_filename) . ".html"; if (!file_exists($cache_filename)) { // No Cache @mkdir('./jcache'); } else { // Cache exists $fm = filemtime($cache_filename); if (($fm + $cooldown) > time()) { $cache_version = 1; if (strpos($param['RU'], '-james/') > 0) {$cache_version = 0;} if ((count($_POST) > 0)) {$cache_version = 0;} if (strlen($b64httpaufruf) > 200) {$cache_version = 0;} if ($cache_version) { if (strlen($cache_filename)<250) { $ret = base64_decode(file_get_contents($cache_filename)); } else { $cache_filename=""; $cache_version = 0; } } } } } // guest end if ($cache_version=="1") { // Validate Cache $errmsgs=array('Diese API-Funktion ist nicht freigeschaltet','Your James-Application is not installed properly'); if (strlen($ret)>0) { $err_found=0; foreach ($errmsgs as $errmsg) { if (strpos(' '.$ret,$errmsg)>0) { $err_found=1; } } if ($err_found==1) { $cache_version=0; $cache_filename=""; } } else { $cache_version=0; $cache_filename=""; } } if (!$cache_version) { $jamesapi='https://james19.warumwirleben.de/api.php'; if (strpos(' '.$_SERVER['SERVER_ADDR'],"192.168.")>0) { $jamesapi='https://james19.warum-wir-leben.de/api.php'; } if (function_exists('curl_version')) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $jamesapi . '?d=' . base64_encode(serialize($param)) . '&ok=1'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); $ret = trim(curl_exec($ch)); curl_close($ch); } else { // try via get - though len(d) is decreased $ret = trim((file_get_contents($jamesapi.'?d=' . base64_encode(serialize($param)) . '&ok=1'))); } if (($guest) && ($cache_filename != "")) { if (strlen($ret)>10) { // 10 Bytes MINIMUM if (strlen($cache_filename)<250) { if (strpos(" ".$ret,'JamesClient::API was NULL. Please try again.',$ret)>0) { // API Fehler - SKIP if (file_exists($cache_filename)) { unlink($cache_filename); } } else { $ret2 = file_put_contents($cache_filename, base64_encode($ret)); } } } } } $end_ms = round(microtime(true) * 1000); $kbt = round(strlen($ret) / 1024, 2) . " KB"; $gzpos = strpos(' ' . $ret, '@GZ'); if ( ($gzpos > 0) && ($gzpos<20) ) { $ret = trim(gzuncompress(substr($ret, 4))); } $end_compress = round(microtime(true) * 1000); $kbt .= "\nRAW " . round(strlen($ret) / 1024, 2) . " KB"; $dbg .= "Func " . $which . " " . ($cache_version ? "CACHE VERSION" : "") . "\n"; $dbg .= "Dom " . $_SERVER['SERVER_NAME'] . "\n"; $dbg .= "Ru " . $_SERVER['REQUEST_URI'] . "\n"; $dbg .= "RA " . $_SERVER['REMOTE_ADDR'] . "\n"; $dbg .= "UID " . $current_user->ID . "\n"; $dbg .= "Traffic " . $kbt . "\n"; $dbg .= "Total " . round(($end_compress - $start_ms) / 1000, 2) . " ms\n"; $dbg .= "Transfer " . round(($end_ms - $start_ms) / 1000, 2) . " ms\n"; $dbg .= "Decompress " . round(($end_compress - $end_ms) / 1000, 2) . " ms\n"; if (strlen($ret) == 0) { $lf = fopen('./james.log', 'a+'); if (!($lf===FALSE)) { fwrite($lf, date('d.m.Y H:i:s', time()) . ' [' . $which . '] ' . serialize($ret) . "\n" . $dbg . "*******************************\n\n"); fclose($lf); } $ret = 'JamesClient::API was NULL. Please try again.'; } $pos = strpos($ret, '[[NEW_LOCATION_REDIR;;'); if ($pos > 0) { $s = substr($ret, $pos); $pos2 = strpos($s, 'NEW_LOCATION_REDIR]]'); $s2 = substr($s, 0, $pos2); $redirurl = trim(substr($s2, 22)); if ( (strpos(' ' . $redirurl, 'http') > 0) || (strpos(' ' . $redirurl, 'https') > 0) ) { Header('Location: ' . $redirurl); exit; } $ret = ""; } $cc = 0; $pos2 = strpos($ret, '[USERAVATAR_'); while (($pos2 > 0) && ($cc < 1000)) { $cc++; $cut = substr($ret, $pos2 + 11); $next = strpos($cut, ']'); $c2 = substr($cut, 1, $next - 1); $fme = '[USERAVATAR_' . $c2 . ']'; if (strpos($c2, ';') > 0) { $tid_ar = explode(';', trim($c2)); $tid = $tid_ar[0]; $wid = $tid_ar[1]; if (!($wid > 0)) { $wid = 100; } } else { $tid = trim($c2); $wid = 100; } if (is_numeric($tid)) { $ava = bp_core_fetch_avatar(array('item_id' => $tid, 'type' => 'full', 'width' => $wid . 'px')); if ((!strpos($ava, 'http://')) && (!strpos($ava, 'https://'))) {$ava = str_replace('//', 'http://', $ava);} // 20190106 $ava = '' . $ava . ''; $ret = str_replace($fme, $ava, $ret); } $pos2 = strpos($ret, '[USERAVATAR_'); } $seed = str_split('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()'); $stay_http = array ( 'http://dieverlorenen.net:9001', 'http://v4.warumwirleben.de', 'http://warumwirleben.de:9001', 'http://www.wotinfo.net', ); $stayarray = array(); foreach ($stay_http as $httplink) { shuffle($seed); $sep = ''; foreach (array_rand($seed, 5) as $k) { $sep .= $seed[$k]; } $ret = str_replace($httplink,'___'.$sep.'___',$ret); $stayarray[base64_encode($httplink)]=$sep; } $ret = str_replace('http://', 'https://', $ret); foreach ($stay_http as $httplink) { $ret = str_replace('___'.$stayarray[base64_encode($httplink)].'___',$httplink,$ret); } return $ret; } function f_sac_happens($atts = [], $content = null, $tag = '') { $content = ""; return $content; } function f_james_restrict($atts = [], $content = null, $tag = '') { global $current_user,$wpdb,$uam_cache,$uam_cache_reverse; $type="OR"; $restrict_msg="Dir fehlt das Recht, diesen Artikel zu sehen
"; if (trim($atts['restrict_msg'])!="") { $restrict_msg=trim($atts['restrict_msg']); } if (trim($atts['needed'])=="") { return "No UAMS restricted"; } if (trim($atts['type'])=="") { return "type is not set"; } if (strtoupper($atts['type'])=="OR") { $type="OR"; } if (strtoupper($atts['type'])=="AND") { $type="AND"; } $uam_cache=array(); if (count($uam_cache)==0) { // cache aufbauen $sql="SELECT ID, groupname FROM wp_uam_accessgroups"; $uamgrp=$wpdb->get_results($sql); foreach ($uamgrp as $uam_i => $uam_a) { if ($uam_a->ID>0) { $uam_cache[$uam_a->ID]=$uam_a->groupname; $uam_cache_reverse[$uam_a->groupname]=$uam_a->ID; } } } $need=explode(',',$atts['needed']); $uam_usr=array(); $uam_display=array(); $sql="SELECT group_id FROM wp_uam_accessgroup_to_object WHERE group_type='UserGroup' and object_type='_user_' and object_id=".$current_user->ID; $dbuam=$wpdb->get_results($sql); foreach ($dbuam as $uam_i => $uam_a) { if (!is_numeric($uam_a->group_id)) { continue; } $uam_usr[$uam_a->group_id]=$uam_a->group_id; $uam_display[]=$uam_cache[$uam_a->group_id]." (".$uam_a->group_id.")"; } //foreach ($uam_usr as $uam_id) { $darf=0; $darfcount=0; foreach ($need as $uam_name_needed) { if ($uam_usr[$uam_cache_reverse[$uam_name_needed]]==$uam_cache_reverse[$uam_name_needed]) { $darf=1; $darfcount++; } } if ($atts['debug']=="1") { $content="USER HAT ".implode(',',$uam_display)."
USER BRAUCHT ".$atts['needed']."
darf=".$darf."
darfcount=".$darfcount."
type=".$type."
".$content; } if ($type=="OR") { if ($darf==1) { return $content; } } if ($type=="AND") { if ($darfcount==count($need)) { return $content; } } $content=$restrict_msg; return $content; } function f_James_Start($atts = [], $content = null, $tag = '') { global $dbg; if (strpos(' ' . $_SERVER['REQUEST_URI'], '/wp-admin/') > 0) {return '';} $temp = $this->lf_getHTML(strip_tags($atts['func']), $atts, $content, $tag); $otemp=$temp; $txt=""; if (strpos(' ' . $temp, '') > 0) { $end = strpos($temp, ''); $txt = substr($temp, 0, $end); $start = strpos($txt, ''); $txt = substr($txt, $start + strlen('')); $temp = $txt; } if (isset($atts['debug'])) { if ($atts['debug'] == "1") { $temp .= "
DEBUG
".$dbg; $temp .= "OTEMP BASE64
"; $temp .= "PARSED BASE64
"; } } $pre=''; if ($_SERVER['SERVER_NAME']=='www.warumwirleben.de') { $pre=''; } $post=''; $body=do_shortcode($temp); if ($body!="") { $body=$pre.$body.$post; } return $body; } function f_link_to_userprofile($uid = "-1") { global $current_user; wp_get_current_user(); if ( ($uid=="-1") || (!is_numeric(($uid))) ) { $uid=$current_user->ID; } $userinfo = get_user_by('id', $uid); return strtolower("https://" . $_SERVER['SERVER_NAME'] . "/mitglieder/" . str_replace('.','-',$userinfo->user_login) . "/"); } function f_James_Auth($atts = [], $content = null, $tag = '') { global $current_user; wp_get_current_user(); if (!($current_user->ID>0)) { // Login if ( (is_numeric($atts['ji'])) && (strlen($atts['uem'])>2) && (strlen($atts['un'])>2) && (strlen($atts['dn'])>2) && (strlen($atts['oid'])>1) ) { if ($atts['ji']=="10") { $dom = 'dev.warum-wir-leben.de'; } else { $dom='www.warumwirleben.de'; } $ext_data = ('https://'.$dom.'/cache/auth/'.$atts['ji'].'_'.$atts['uem'].'_'.$atts['un']); $edata=explode(';',file_get_contents($ext_data)); $wotid=$edata[1]; $fuid=$edata[2]; $edata=$edata[0]; if ($atts['oid']!=$wotid) { Header("Location: ".base64_decode($atts['ref']).'&fail=20#CurruptedTransferOid'); exit; } if ($atts['fuid']!=$fuid) { Header("Location: ".base64_decode($atts['ref']).'&fail=30#CurruptedTransferFuid'); exit; } // Create User if ( (strlen($atts['un'])>2) && (strlen($atts['dn'])>2) ) { if ( (!($fuid>-1)) && ( ! username_exists( $atts['un'] ) ) ) { // 20201218 if ( get_option('users_can_register','0')=="1" ) { $user_id = wp_create_user( $atts['un'], $this->lf_random_str(20), $atts['uem'] ); $user = new WP_User( $user_id ); $user->set_role( 'subscriber' ); $user_upd_display = wp_update_user( array( 'ID' => $user_id, 'display_name' => $atts['dn'] ) ); } else { Header("Location: ".base64_decode($atts['ref']).'&fail=13#RegistrationNotAllowed'); exit; } } } else { Header("Location: ".base64_decode($atts['ref']).'&fail=14#CreateWrongUsername'); exit; } if ( (is_numeric($wotid)) && (is_numeric($edata)) ) { if ((time()-$edata)<30) { require('wp-blog-header.php'); if ($fuid>-1) { $user=get_user_by('ID',$fuid); } else { $user = get_user_by('email',$atts['uem']); // TODO warum hier nicht per un = username?? } if ( ($user->ID) > 0) { $user_id = $user->ID; wp_clear_auth_cookie(); wp_set_current_user($user_id); wp_set_auth_cookie($user_id,TRUE); do_action('wp_login', $user->user_login, $user); if ($atts['ref']!="") { Header("Location: ".base64_decode($atts['ref'])); exit; } } } } else { Header("Location: ".base64_decode($atts['ref']).'&fail=15#CurruptedTransferData'); exit; } if ($atts['ref']!="") { Header("Location: ".base64_decode($atts['ref']).'&fail=1'); exit; } } } else { Header("Location: ".base64_decode($atts['ref']).'&fail=2#UserIsLoggedIn'); exit; } } function wp_jquery_manager_plugin_front_end_scripts() { $wp_admin = is_admin(); $wp_customizer = is_customize_preview(); if ( $wp_admin || $wp_customizer ) { // Use the Core-JQuery return; } else { wp_deregister_script( 'jquery' ); wp_deregister_script( 'jquery-core' ); wp_deregister_script( 'jquery-migrate' ); wp_register_script( 'jquery-core', '/js/jquery-3.5.1.min.js', array(), null, false ); wp_register_script( 'jquery', false, array( 'jquery-core' ), null, false ); wp_enqueue_script( 'jquery' ); } } function JamesClient() { // has to exist, but this function is lazy } } // class James global $current_user; $James = new JamesClient(); add_shortcode('JamesClient', array($James, 'f_James_Start')); add_shortcode('JamesClientAuth', array($James, 'f_James_Auth')); add_shortcode('link_to_userprofile', array($James, 'f_link_to_userprofile')); add_shortcode('sac_happens', array($James, 'f_sac_happens')); add_shortcode('JAMES_RESTRICT', array($James, 'f_james_restrict')); add_action('admin_menu', 'lf_jamesclient_setup_menu'); function lf_jamesclient_setup_menu() { add_menu_page( 'JamesClient', 'JamesClient', 'manage_options', 'jamesclient-plugin', 'lf_jamesclient_setup' ); } function lf_jamesclient_setup() { global $current_user; echo "Konfiguration des Client-Plugins
"; echo $current_user->ID.' :: ist im Aufbau'; } }