1: 2: 3: 4: 5: 6: 7: 8: 9: 10: 11: 12: 13: 14: 15: 16: 17: 18: 19: 20: 21: 22: 23: 24: 25: 26: 27: 28: 29: 30: 31: 32: 33: 34: 35: 36: 37: 38: 39: 40: 41: 42: 43: 44: 45: 46: 47: 48: 49: 50: 51: 52: 53: 54: 55: 56: 57: 58: 59: 60: 61: 62: 63: 64: 65: 66: 67: 68: 69: 70: 71: 72: 73: 74: 75: 76: 77: 78: 79: 80: 81: 82: 83: 84: 85: 86: 87: 88: 89: 90: 91: 92: 93: 94: 95: 96: 97: 98: 99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: 111: 112: 113: 114: 115: 116: 117: 118: 119: 120: 121: 122: 123: 124: 125: 126: 127: 128: 129: 130: 131: 132: 133: 134: 135: 136: 137: 138: 139: 140: 141: 142: 143: 144: 145: 146: 147: 148: 149: 150: 151: 152: 153: 154: 155: 156: 157: 158: 159: 160: 161: 162: 163: 164: 165: 166: 167: 168: 169: 170: 171: 172: 173: 174: 175: 176: 177: 178: 179: 180: 181: 182: 183: 184: 185: 186: 187: 188: 189: 190: 191: 192: 193: 194: 195: 196: 197: 198: 199: 200: 201: 202: 203: 204: 205: 206: 207: 208: 209: 210: 211: 212: 213: 214: 215: 216: 217: 218: 219: 220: 221: 222: 223: 224: 225: 226: 227: 228: 229: 230: 231: 232: 233: 234: 235: 236: 237: 238: 239: 240: 241: 242: 243: 244: 245: 246: 247: 248: 249: 250: 251: 252: 253: 254: 255: 256: 257: 258: 259: 260: 261: 262: 263: 264: 265: 266: 267: 268: 269: 270: 271: 272: 273: 274: 275: 276: 277: 278: 279: 280: 281: 282: 283: 284: 285: 286: 287: 288: 289: 290: 291: 292: 293: 294: 295: 296: 297: 298: 299: 300: 301: 302: 303: 304: 305: 306: 307: 308: 309: 310: 311: 312: 313: 314: 315: 316: 317: 318: 319: 320: 321: 322: 323: 324: 325: 326: 327: 328: 329: 330: 331: 332: 333: 334: 335: 336: 337: 338: 339: 340: 341: 342: 343: 344: 345: 346: 347: 348: 349: 350: 351: 352: 353: 354: 355: 356: 357: 358: 359: 360: 361: 362: 363: 364: 365: 366: 367: 368: 369: 370: 371: 372: 373: 374: 375: 376: 377: 378: 379: 380: 381: 382: 383: 384: 385: 386: 387: 388: 389: 390: 391: 392: 393: 394: 395: 396: 397: 398: 399: 400: 401: 402: 403: 404: 405: 406: 407: 408: 409: 410: 411: 412: 413: 414: 415: 416: 417: 418: 419: 420: 421: 422: 423: 424: 425: 426: 427: 428: 429: 430: 431: 432: 433: 434: 435: 436: 437: 438: 439: 440: 441: 442: 443: 444: 445: 446: 447: 448: 449: 450: 451: 452: 453: 454: 455: 456: 457: 458: 459: 460: 461: 462: 463: 464: 465: 466: 467: 468: 469: 470: 471: 472: 473: 474: 475: 476: 477: 478: 479: 480: 481: 482: 483: 484: 485: 486: 487: 488: 489: 490: 491: 492: 493: 494: 495: 496: 497: 498: 499: 500: 501: 502: 503: 504: 505: 506: 507: 508: 509: 510: 511: 512: 513: 514: 515: 516: 517: 518: 519: 520: 521: 522: 523: 524:
<?php
class userDataExport {
public $username = '';
public $usermail = '';
public $galleryobj = '';
public $data = array();
function __construct($username, $usermail, $galleryobj) {
$this->username = $username;
$this->usermail = $usermail;
$this->galleryobj = $galleryobj;
require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/zenpage/class-zenpage.php';
require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/zenpage/class-zenpageroot.php';
require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/zenpage/class-zenpageitems.php';
require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/zenpage/class-zenpagenews.php';
require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/zenpage/class-zenpagepage.php';
require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/zenpage/class-zenpagecategory.php';
}
function getAllData() {
if (!empty($this->data)) {
return $this->data;
}
$generaldata = $this->getGeneralData();
$this->data = array_merge($this->getUserData(), $this->getSecurityLogData(), $this->getGalleryData());
foreach (array('owner', 'user', 'lastchangeuser') as $field) {
$this->data = array_merge($this->data, $this->getAlbumData($field));
}
foreach (array('owner', 'user', 'lastchangeuser') as $field) {
$this->data = array_merge($this->data, $this->getImageData($field));
}
foreach (array('author', 'lastchangeuser') as $field) {
$this->data = array_merge($this->data, $this->getZenpageData('news', $field));
}
foreach (array('user', 'lastchangeuser') as $field) {
$this->data = array_merge($this->data, $this->getZenpageData('newscategories', $field));
}
foreach (array('author', 'lastchangeuser', 'user') as $field) {
$this->data = array_merge($this->data, $this->getZenpageData('pages', $field));
}
foreach (array('name', 'email', 'lastchangeuser') as $field) {
$this->data = array_merge($this->data, $this->getCommentData($field));
}
if (!empty($this->data)) {
$this->data = array_merge($generaldata, $this->data);
}
return $this->data;
}
function generateFilename($dataformat = 'html') {
$email = '';
if (!empty($this->usermail)) {
$email = '_' . str_replace('@', '-at-', $this->usermail);
}
switch ($dataformat) {
case 'html':
default:
$suffix = '.html';
break;
case 'json':
$suffix = '.json';
break;
}
return date('Y-m-d_H-m-s') . '-userdata-export_' . $this->username . $email . $suffix;
}
function processFileDownload($dataformat = 'html') {
header('Content-Type: application/octet-stream');
header('Content-Transfer-Encoding: Binary');
header('Content-disposition: attachment; filename="' . $this->generateFilename($dataformat) . '"');
XSRFdefender('userdata-export');
$this->printDataReport($dataformat);
exitZP();
}
function printDataReport($dataformat = 'html') {
$data = $this->getAllData();
if ($data) {
switch ($dataformat) {
case 'html':
default:
if (empty($this->usermail)) {
$title = sprintf(gettext('Personal user data export for %1$s'), $this->username);
} else {
$title = sprintf(gettext('Personal user data export for %1$s and %2$s'), $this->username, $this->usermail);
}
?>
<!DOCTYPE html>
<html<?php printLangAttribute(); ?>>
<head>
<meta http-equiv='Content-Type' content='text/html; charset=UTF-8' />
<title><?php echo $title; ?></title></head>
<body>
<h1><?php echo html_encode($title); ?></h1>
<?php
foreach ($data as $sectionheadline => $section) {
?>
<h2><?php echo html_encode($sectionheadline); ?></h2>
<ul>
<?php
if ($section) {
foreach ($section as $headline => $entries) {
if (is_array($entries)) {
?>
<h3><?php echo html_encode($headline); ?></h3>
<ul>
<?php
foreach ($entries as $key => $val) {
?>
<li><strong><?php echo html_encode($key); ?>: </strong>
<?php
self::printList($val);
?>
</li>
<?php
}
?>
</ul>
<?php
} else {
?>
<li><strong><?php echo html_encode($headline); ?>:</strong> <?php self::printLink($entries); ?></li>
<?php
}
}
}
?>
</ul>
<?php
}
break;
?>
</body>
</html>
<?php
case 'json':
echo json_encode($data);
}
}
}
static function printLink($value) {
if (substr($value, 0, 7) == 'http://' || substr($value, 0, 8) == 'https://') {
echo '<a href="' . html_encode($value) . '">' . html_encode($value) . '</a>';
} else {
echo $value;
}
}
static function printList($value) {
if (is_array($value)) {
echo '<ul>';
foreach ($value as $key => $val) {
echo '<li><strong>' . $key . ':</strong> ';
self::printList($val);
echo '</li>';
}
echo '</ul>';
} else {
self::printLink($value);
}
}
static function printUserAccountExportLinks($userobj) {
$userdata_linkbase = FULLWEBPATH . '/' . ZENFOLDER . '/admin-users.php?XSRFToken=' . getXSRFToken('userdata-export') . '&userdata-username=' . html_encode($userobj->getUser()) . '&userdata-usermail=' . html_encode($userobj->getEmail()) . '&userdata-format=';
$userdata_link_html = $userdata_linkbase . 'html';
$userdata_link_json = $userdata_linkbase . 'json';
?>
<div><?php echo gettext('Export user data'); ?>:
<p class="buttons">
<a href="<?php echo $userdata_link_html; ?>"><?php echo gettext('Export as HTML'); ?></a>
<a href="<?php echo $userdata_link_json; ?>"><?php echo gettext('Export as JSON'); ?></a>
</p>
</div>
<?php
}
function getGeneralData() {
return array(gettext('Report for') =>
array(
gettext('User name') => $this->username,
gettext('User mail') => $this->usermail,
gettext('Website') => FULLWEBPATH,
gettext('Date') => date('Y-m-d H:m:s')
));
}
function getGalleryData() {
$user = $this->galleryobj->getUser();
if ($user == $this->username) {
return array(gettext('Gallery guest user') => $user);
}
return array();
}
function getUserData() {
$credentials['`user`='] = $this->username;
$credentials['`valid`='] = 1;
if (!empty($this->usermail)) {
$credentials['`email`='] = $this->usermail;
}
$user = Zenphoto_Authority::getAnAdmin($credentials);
if ($user) {
return array(gettext('User account data') => $user->getData());
}
return array();
}
function getSecurityLogData() {
$logs = safe_glob(SERVERPATH . "/" . DATA_FOLDER . '/security*.log');
$tempdata = array();
foreach ($logs as $log) {
$expl = array_reverse(explode('/', $log));
$logfile = $expl[0];
$handle = fopen($log, "r");
if ($handle) {
while (($line = fgets($handle)) !== false) {
if (preg_match('/' . $this->username . '/i', $line)) {
$tempdata[$logfile][] = trim(preg_replace('/\s+/', ' ', $line));
}
}
}
}
if (!empty($tempdata)) {
return array(gettext('Security log entries') => $tempdata);
}
return array();
}
function getCommentData($field) {
if (!in_array($field, array('name', 'lastchangeuser'))) {
return array();
}
$sectiontitle = gettext('Comments');
switch ($field) {
case 'name':
$dbquery = "SELECT * FROM " . prefix('comments') . " WHERE name = " . db_quote($this->username);
break;
case 'lastchangeuser':
$dbquery = "SELECT * FROM " . prefix('comments') . " WHERE lastchangeuser = " . db_quote($this->username);
break;
case 'email':
if (!empty($this->usermail)) {
$dbquery = "SELECT * FROM " . prefix('comments') . " WHERE email = " . db_quote($this->usermail);
}
break;
}
$result = query($dbquery);
$tempdata = array();
if ($result) {
while ($row = db_fetch_assoc($result)) {
$obj = getItemByID($row['type'], $row['ownerid']);
$row['URL'] = SERVER_HTTP_HOST . $obj->getLink() . '#zp_comment_id_' . $row['id'];
$tempdata[] = $row;
}
db_free_result($result);
if (!empty($tempdata)) {
return array($sectiontitle => $tempdata);
}
}
return array();
}
function getAlbumData($field) {
if (!in_array($field, array('owner', 'user', 'lastchangeuser'))) {
return array();
}
switch ($field) {
case 'owner':
$sectiontitle = gettext('Album owner');
$dbquery = "SELECT folder FROM " . prefix('albums') . " WHERE owner = " . db_quote($this->username);
break;
case 'user':
$sectiontitle = gettext('Album guest user');
$dbquery = "SELECT folder FROM " . prefix('albums') . " WHERE user = " . db_quote($this->username);
break;
case 'lastchangeuser':
$sectiontitle = gettext('Album last change user');
$dbquery = "SELECT folder FROM " . prefix('albums') . " WHERE lastchangeuser = " . db_quote($this->username);
break;
}
$result = query($dbquery);
if ($result) {
$tempdata = array();
while ($row = db_fetch_assoc($result)) {
$albobj = newAlbum($row['folder']);
$title = $albobj->getTitle();
if (!$albobj->isPublished()) {
$title .= ' [' . gettext('unpublished') . ']';
}
if ($albobj->isProtected()) {
$title .= ' [' . gettext('protected') . ']';
}
$tempdata[$title] = SERVER_HTTP_HOST . $albobj->getLink();
}
db_free_result($result);
if (!empty($tempdata)) {
return array($sectiontitle => $tempdata);
}
}
return array();
}
function getImageData($field) {
if (!in_array($field, array('owner', 'user', 'lastchangeuser'))) {
return array();
}
switch ($field) {
case 'owner':
$sectiontitle = gettext('Image owner');
$dbquery = "SELECT filename, albumid FROM " . prefix('images') . " WHERE owner = " . db_quote($this->username) . ' ORDER By albumid ASC';
break;
case 'user':
$sectiontitle = gettext('Image guest user');
$dbquery = "SELECT filename, albumid FROM " . prefix('images') . " WHERE user = " . db_quote($this->username) . ' ORDER By albumid ASC';
break;
case 'lastchangeuser':
$sectiontitle = gettext('Image last change user');
$dbquery = "SELECT filename, albumid FROM " . prefix('images') . " WHERE lastchangeuser = " . db_quote($this->username) . ' ORDER By albumid ASC';
break;
}
$result = query($dbquery);
$tempdata = array();
$imagesbyalbum = array();
$images = array();
$image_cache_suffix = getOption('image_cache_suffix');
if ($result) {
while ($row = db_fetch_assoc($result)) {
$imagesbyalbum[$row['albumid']][] = $row['filename'];
}
db_free_result($result);
foreach ($imagesbyalbum as $albumid => $images) {
$albobj = getItemByID('albums', $albumid);
if ($albobj && !$albobj->isDynamic()) {
foreach ($images as $image) {
$imgobj = newImage($albobj, $image);
$title = $imgobj->getTitle();
if (!$imgobj->isPublished()) {
$title .= ' [' . gettext('unpublished') . ']';
}
if ($imgobj->isProtected()) {
$title .= ' [' . gettext('protected') . ']';
}
$tempdata[$albobj->getTitle()][$title][gettext('Full image')] = SERVER_HTTP_HOST . $imgobj->getFullImage();
$filename_nosuffix = stripSuffix($imgobj->filename);
$suffix = getSuffix($imgobj->filename);
if (empty($image_cache_suffix)) {
$suffix = getSuffix($imgobj->filename);
} else {
$suffix = $image_cache_suffix;
}
$cachedimages = safe_glob(SERVERPATH . '/' . CACHEFOLDER . '/' . $albobj->name . '/' . $filename_nosuffix . '*' . $suffix);
if (!empty($cachedimages)) {
$cachedimages_webpath = array();
foreach ($cachedimages as $cacheimage) {
$cachedimages_webpath[] = str_replace(SERVERPATH, FULLWEBPATH, $cacheimage);
}
$tempdata[$albobj->getTitle()][$title][gettext('Cached images')] = $cachedimages_webpath;
}
}
}
}
if (!empty($tempdata)) {
return array($sectiontitle => $tempdata);
}
}
return array();
}
function getZenpageData($itemtype, $field) {
if (!in_array($itemtype, array('news', 'newscategories', 'pages')) || !in_array($field, array('author', 'lastchangeuser', 'user')) || ($itemtype == 'news' && $field == 'user') || ($itemtype == 'newscategories' && !in_array($field, array('user', 'lastchangeuser')))) {
return array();
}
switch ($itemtype) {
case 'news':
$sectiontitle = gettext('News articles');
$dbquery = "SELECT titlelink FROM " . prefix('news');
break;
case 'newscategories':
$sectiontitle = gettext('News categories');
$dbquery = "SELECT titlelink FROM " . prefix('news_categories');
break;
case 'pages':
$sectiontitle = gettext('Pages');
$dbquery = "SELECT titlelink FROM " . prefix('pages');
break;
}
switch ($field) {
case 'author':
$sectiontitle .= ' ' . gettext('author');
$dbquery .= " WHERE author = " . db_quote($this->username);
break;
case 'lastchangeuser':
$sectiontitle .= ' ' . gettext('last change user');
$dbquery .= " WHERE lastchangeuser = " . db_quote($this->username);
break;
case 'user':
$sectiontitle .= ' ' . gettext('guest user');
$dbquery .= " WHERE user = " . db_quote($this->username);
break;
}
$result = query($dbquery);
if ($result) {
$tempdata = array();
while ($row = db_fetch_assoc($result)) {
switch ($itemtype) {
case 'news':
$obj = new ZenpageNews($row['titlelink']);
break;
case 'newscategories':
$obj = new ZenpageCategory($row['titlelink']);
break;
case 'pages':
$obj = new ZenpagePage($row['titlelink']);
break;
}
$title = $obj->getTitle();
if (!$obj->isPublished()) {
$title .= ' [' . gettext('Unpublished') . ']';
}
if ($obj->isProtected()) {
$title .= ' [' . gettext('protected') . ']';
}
$tempdata[$title] = SERVER_HTTP_HOST . $obj->getLink();
}
db_free_result($result);
if (!empty($tempdata)) {
return array($sectiontitle => $tempdata);
}
}
return array();
}
}