Access Denied
You do not have access to this resource.');
//-- display messages as to why the editing access was denied
if (!WT_USER_GEDCOM_ADMIN) print "
".i18n::translate('This user name cannot edit this GEDCOM.');
print "
\n";
print_footer();
exit;
}
$banned = array();
if (file_exists($INDEX_DIRECTORY.'banned.php')) {
require($INDEX_DIRECTORY.'banned.php');
}
$search_engines = array();
if (file_exists($INDEX_DIRECTORY."search_engines.php")) {
require($INDEX_DIRECTORY.'search_engines.php');
}
$remoteServers = get_server_list();
$action = safe_GET('action');
if (empty($action)) $action = safe_POST('action');
$address = safe_GET('address');
if (empty($address)) $address = safe_POST('address');
$comment = safe_GET('comment');
if (empty($comment)) $comment = safe_POST('comment');
$comment = str_replace(array("\\", "\$", "\""), array("\\\\", "\\\$", "\\\""), $comment);
$deleteBanned = safe_POST('deleteBanned');
if (!empty($deleteBanned)) { // A "remove banned IP" button was pushed
$action = 'deleteBanned';
$address = $deleteBanned;
}
$deleteSearch = safe_POST('deleteSearch');
if (!empty($deleteSearch)) { // A "remove search engine IP" button was pushed
$action = 'deleteSearch';
$address = $deleteSearch;
}
$deleteServer = safe_POST('deleteServer');
if (!empty($deleteServer)) { // A "remove remote server" button was pushed
$action = 'deleteServer';
$address = $deleteServer;
}
if (empty($action)) $action = 'showForm';
/*
* Validate input string to be an IP address
*/
function validIP($address) {
if (!preg_match('/^\d{1,3}\.(\d{1,3}|\*)\.(\d{1,3}|\*)\.(\d{1,3}|\*)$/', $address)) return false;
$pieces = explode('.', $address);
foreach ($pieces as $number) {
if ($number!="*" && $number>255) return false;
}
return true;
}
if ($action=='addBanned' || $action=='addSearch' || $action=='deleteBanned' || $action=='deleteSearch') {
if (validIP($address)) {
// Even if we are adding a new record, we must delete the existing one first.
WT_DB::prepare(
"DELETE FROM {$TBLPREFIX}ip_address WHERE ip_address=?"
)->execute(array($address));
if ($action=='addBanned') {
WT_DB::prepare(
"INSERT INTO {$TBLPREFIX}ip_address (ip_address, category, comment) VALUES (?, ?, ?)"
)->execute(array($address, 'banned', $comment));
}
if ($action=='addSearch') {
WT_DB::prepare(
"INSERT INTO {$TBLPREFIX}ip_address (ip_address, category, comment) VALUES (?, ?, ?)"
)->execute(array($address, 'search-engine', $comment));
}
} else {
if ($action=='addBanned') {
$errorBanned=i18n::translate('Invalid IP address.');
}
if ($action=='addSearch') {
$errorSearch=i18n::translate('Invalid IP address.');
}
}
$action='showForm';
}
/**
* Adds a server to the outbound remote linking list
*/
if ($action=='addServer') {
$serverTitle = safe_POST('serverTitle', '[^<>"%{};]+'); // same as WT_REGEX_NOSCRIPT, but allow ampersand in title
$serverURL = safe_POST('serverURL', WT_REGEX_URL);
$gedcom_id = safe_POST('gedcom_id');
$username = safe_POST('username', WT_REGEX_USERNAME);
$password = safe_POST('password', WT_REGEX_PASSWORD);
if (!$serverTitle=="" || !$serverURL=="") {
$errorServer = '';
$turl = preg_replace("~^\w+://~", "", $serverURL);
//-- check the existing server list
foreach ($remoteServers as $server) {
if (stristr($server['url'], $turl)) {
if (empty($gedcom_id) || (strpos($server['gedcom'], "_DBID $gedcom_id")!==false)) {
$whichFile = $server['name'];
$errorServer = i18n::translate('This remote database is already in the list as %s', $server['name']);
break;
}
}
}
if (empty($errorServer)) {
$gedcom_string = "0 @new@ SOUR\n";
$gedcom_string.= "1 TITL ".$serverTitle."\n";
$gedcom_string.= "1 URL ".$serverURL."\n";
$gedcom_string.= "1 _DBID ".$gedcom_id."\n";
$gedcom_string.= "2 _USER ".$username."\n";
$gedcom_string.= "2 _PASS ".$password."\n";
//-- only allow admin users to see password
$gedcom_string.= "3 RESN confidential\n";
$service = new ServiceClient($gedcom_string);
$sid = $service->authenticate();
if (empty($sid) || PEAR::isError($sid)) {
$errorServer = i18n::translate('Failed to authenticate to remote site');
} else {
$serverID = append_gedrec($gedcom_string, WT_GED_ID);
accept_all_changes($serverID, WT_GED_ID);
$remoteServers = get_server_list(); // refresh the list
}
}
} else $errorServer = i18n::translate('Please do not leave remote site title or URL blank');
$action = 'showForm';
}
/**
* Removes a server from the remote linking outbound list
*/
if ($action=='deleteServer') {
if (!empty($address)) {
$sid = $address;
if (count_linked_indi($sid, 'SOUR', WT_GED_ID) || count_linked_fam($sid, 'SOUR', WT_GED_ID)) {
$errorDelete = i18n::translate('The remote server could not be removed because its Connections list is not empty.');
} else {
// No references exist: it's OK to delete this source
delete_gedrec($sid, WT_GED_ID);
}
}
$remoteServers = get_server_list(); // refresh the list
$action = 'showForm';
}
?>
';
?>
';
?>