Page MenuHomeIn-Portal Phabricator
Files F1101490

in-portal
No OneTemporary
Actions

File Metadata

Created
Sat, Aug 16, 9:47 PM

in-portal
View Options

Index: trunk/kernel/include/modules.php
===================================================================
--- trunk/kernel/include/modules.php (revision 3199)
+++ trunk/kernel/include/modules.php (revision 3200)
@@ -1,997 +1,996 @@
<?php
/* List of installed modules and module-specific variables
Copyright 2002, Intechnic Corporation, All rights reserved
*/
$ado =& GetADODBConnection();
$session_cookie_name = $ado->GetOne('SELECT VariableValue FROM '.$g_TablePrefix.'ConfigurationValues WHERE VariableName = "SessionCookieName"');
define('SESSION_COOKIE_NAME', $session_cookie_name);
set_cookie('cookies_on', '1', time() + 31104000);
// if branches that uses if($mod_prefix) or like that will never be executed
// due global variable $mod_prefix is never defined
$ExtraVars = array();
function ParseEnv()
{
global $env, $var_list, $mod_prefix,$objSession, $SessionQueryString;
/* parse individual sections */
$env = GetVar('env');
if (!$env)
{
$var_list['t'] = 'index';
if (is_array($mod_prefix))
{
foreach($mod_prefix as $module_prefix => $module_name)
{
$parser_name = $module_prefix.'_ParseEnv';
if( function_exists($parser_name) ) $parser_name();
}
}
}
else
{
$env_sections = explode(':', $env);
$main = array_shift($env_sections);
if($main)
{
list($sid, $template) = explode('-', $main, 2);
if(!$SessionQueryString)
{
if (!$sid || $sid == '_')
{
if ($sid != '_') $sid = $_COOKIE[SESSION_COOKIE_NAME];
}
else
{
$SessionQueryString = true;
}
}
$var_list['sid'] = $sid;
$var_list['t'] = $template;
if( getArrayValue($_GET, 'dest') ) $var_list['dest'] = $_GET['dest'];
}
foreach ($env_sections as $env_section)
{
$env_section = preg_replace("/^([a-zA-Z]+)([0-9]+)-(.*)/", "$1-$2-$3", $env_section);
$pieces = explode('-', $env_section);
$parser_name = $pieces[0].'_ParseEnv';
if( function_exists($parser_name) )
{
$env_section = preg_replace('/^([a-zA-Z]+)-([0-9]+)-(.*)/','\\1\\2-\\3', $env_section);
$parser_name($env_section);
}
}
}
if(!$SessionQueryString) $var_list['sid'] = $_COOKIE[SESSION_COOKIE_NAME];
}
function LoadEnv()
{
global $env, $var_list, $mod_prefix,$objSession;
- return '';
$env = $_GET["env"];
// echo "Loading Variables..<br>\n";
if ($env != "")
{
$envsections = explode(":", $env);
foreach($mod_prefix as $key => $value)
{
if(strlen($key))
{
$parsed=FALSE;
for($i=1; $i<sizeof($envsections); $i++)
{
$pieces = explode("-", $envsections[$i]);
if(substr($pieces[0],0,strlen($key))==$key)
{
$parsed=TRUE;
break;
}
}
if(!$parsed)
{
$parser_name = $key . "_LoadEnv";
//echo $parser_name;
if(function_exists($parser_name))
{
$parser_name();
}
}
else
{
$parser_name = $key . "_SaveEnv";
//echo $parser_name;
if(function_exists($parser_name))
{
$parser_name($envsections[$i]);
}
}
}
}
}
}
function BuildEnv($mod_prefix = false)
{
global $var_list,$m_var_list, $var_list_update, $mod_prefix, $objSession, $objConfig,
$ExtraVars, $objThemes, $CurrentTheme, $SessionQueryString, $FrontEnd;
static $theme;
$env = "";
//echo "Query String: $SessionQueryString<br>\n";
if(($objConfig->Get("CookieSessions")==0 || !$FrontEnd || ($objConfig->Get("CookieSessions")==2 && $SessionQueryString==TRUE)))
{
if(!$objSession->UseTempKeys)
{
$sessionkey = $objSession->GetSessionKey();
}
else
$sessionkey = $objSession->Get("CurrentTempKey");
$env = $sessionkey;
}
$env .= "-";
if (isset($var_list_update["t"]))
{
if($var_list_update["t"]=="_referer_")
{
$var_list_update["t"] =$objSession->GetVariable("Template_Referer");
}
$t = $var_list_update["t"];
if (substr($t, 0, strlen('kernel4:')) == 'kernel4:')
{
$t = substr($t, strlen('kernel4:'));
$env .= $t;
}
else {
if(!is_numeric($t))
{
if(!is_object($theme))
$theme = $objThemes->GetItem($m_var_list["theme"]);
$id = $theme->GetTemplateId($t);
$var_list_update["t"] = $id;
}
$env .= $var_list_update["t"];
}
}
else
{
$t = isset($var_list['t']) ? $var_list['t'] : '';
if(!is_numeric($t))
{
if(!is_object($theme))
$theme = $objThemes->GetItem($m_var_list["theme"]);
$id = $theme->GetTemplateId($t);
$t = $id;
}
$env .= $t;
}
if(is_array($mod_prefix))
{
foreach($mod_prefix as $key => $value)
{
$builder_name = $key . "_BuildEnv";
if(function_exists($builder_name))
{
if($key == 'm')
{
$GLOBALS[$key.'_var_list_update']['test'] = 'test';
}
$env .= $builder_name();
}
}
}
$extra = "";
$keys = array_keys($ExtraVars);
if(is_array($keys))
{
for($i=0;$i<count($keys);$i++)
{
$key = $keys[$i];
$e = "&".$key."=".$ExtraVars[$key];
$extra .= $e;
$e = "";
}
}
$env .= $extra;
return $env;
}
function BuildEnv_NEW($mod_prefix = false)
{
global $var_list, $var_list_update, $mod_prefix, $objSession;
$t = getArrayValue($var_list_update, 't') ? $var_list_update['t'] : $var_list['t'];
if($t == '_referer_') $t = $objSession->GetVariable('Template_Referer');
if ( substr($t, 0, strlen('kernel4:') ) == 'kernel4:' ) $t = substr($t, strlen('kernel4:') );
$url_params = Array('t' => $t);
$app =& kApplication::Instance();
$app->SetVar('prefixes_passed', Array() );
if( is_array($mod_prefix) )
{
foreach($mod_prefix as $key => $value)
{
$builder_name = $key.'_BuildEnv_NEW';
if( function_exists($builder_name) )
{
if($key == 'm')
{
$GLOBALS[$key.'_var_list_update']['test'] = 'test';
}
$url_params = array_merge_recursive2($url_params, $builder_name() );
}
}
}
$url_params['pass'] = implode( ',', $app->GetVar('prefixes_passed') );
return $url_params;
}
function CategoryActionFunc($basename,$CatList)
{
global $mod_prefix;
foreach($mod_prefix as $key => $value)
{
$function_name = $key."_".$basename;
if(function_exists($function_name))
{
$function_name($CatList);
}
}
}
function RegisterEnv($Var,$Value)
{
global $ExtraVars;
$ExtraVars[$Var] = $Value;
}
function UnregisterEnv($Var)
{
global $ExtraVars;
unset($ExtraVars[$Var]);
}
function ModuleTagPrefix($name)
{
global $modules_loaded;
$ret = "";
foreach($modules_loaded as $prefix=>$mod_name)
{
if($name==$mod_name)
{
$ret = $prefix;
break;
}
}
return $ret;
}
function ModuleEnabled($name)
{
global $template_path;
$a = array_keys($template_path);
if(in_array($name,$a))
return TRUE;
return FALSE;
}
function GetModuleArray($array_name="mod_prefix")
{
switch($array_name)
{
case "mod_prefix":
global $mod_prefix;
return $mod_prefix;
break;
case "admin":
global $mod_prefix, $modules_loaded;
$mod = array();
if(is_array($mod_prefix) && is_array($modules_loaded))
{
foreach ($mod_prefix as $key=>$value)
{
if($key != 'bbcat' && _ModuleLicensed($modules_loaded[$key]) || $key=="m")
{
$mod[$key] = $value;
}
}
}
return $mod;
break;
case "loaded":
global $modules_loaded;
return $modules_loaded;
break;
case "template":
global $template_path;
return $template_path;
case "rootcat":
global $mod_root_cats;
return $mod_root_cats;
break;
}
}
function admin_login()
{
global $objSession,$login_error, $objConfig,$g_Allow,$g_Deny;
// echo "<pre>"; print_r($objSession); echo "</pre>";
if( GetVar('help_usage') == 'install' ) return true;
$env_arr = explode('-', $_GET['env']);
$get_session_key = $env_arr[0];
$admin_login = isset($_POST['adminlogin']) && $_POST['adminlogin'];
if(!$objSession->ValidSession() || ($objSession->GetSessionKey() != $get_session_key && !$admin_login)) {
if( isset($_GET['expired']) && ($_GET['expired'] == 1) )
$login_error = admin_language("la_text_sess_expired");
return FALSE;
//echo "Expired<br>";
}
if ($objSession->HasSystemPermission("ADMIN") == 1)
return TRUE;
if(count($_POST)==0 || $_POST["adminlogin"]!=1)
return FALSE;
$login=$_POST["login"];
$password = $_POST["password"];
if (strlen($login) && strlen($password))
{
if(!_IpAccess($_SERVER['REMOTE_ADDR'],$g_Allow,$g_Deny))
{
$login_error = admin_language("la_text_address_denied");
return FALSE;
}
$valid = $objSession->Login($login, md5($password));
$hasperm = ($objSession->HasSystemPermission("ADMIN") == 1);
if (($login=="root" || $hasperm) && $valid)
{
if(_ValidateModules())
{
return TRUE;
}
else
$login_error = "Missing or invalid In-Portal License";
}
else
{
if(!$hasperm && $valid)
{
$login_error = admin_language("la_text_nopermissions");
}
else
{
$login_error = admin_language("la_Text_Access_Denied");
}
return FALSE;
}
}
else
{
if(!strlen($login))
{
$login_error = admin_language("la_Text_Missing_Username");
}
else
if(!strlen($password))
$login_error = admin_language("la_Text_Missing_Password");
return FALSE;
}
}
#---------------------------------------------------------------------------
function _EnableCookieSID()
{
global $var_list, $objConfig;
if((!$_COOKIE[SESSION_COOKIE_NAME] && $objConfig->Get("CookieSessions")>0 && strlen($var_list["sid"])<2 && !headers_sent())
|| strlen($_COOKIE[SESSION_COOKIE_NAME]) > 0)
{
return TRUE;
}
else
return FALSE;
}
function _IsSpider($UserAgent)
{
global $robots, $pathtoroot;
$lines = file($pathtoroot."robots_list.txt");
if(!is_array($robots))
{
$robots = array();
for($i=0;$i<count($lines);$i++)
{
$l = $lines[$i];
$p = explode("\t",$l,3);
$robots[] = $p[2];
}
}
return in_array($UserAgent,$robots);
}
function _StripDomainHost($d)
{
$dotcount = substr_count($d,".");
if($dotcount==3)
{
$IsIp = TRUE;
for($x=0;$x<strlen($d);$x++)
{
if(!is_numeric(substr($d,$x,1)) && substr($d,$x,1)!=".")
{
$IsIp = FALSE;
break;
}
}
}
if($dotcount>1 && !$IsIp)
{
$p = explode(".",$d);
$ret = $p[count($p)-2].".".$p[count($p)-1];
}
else
$ret = $d;
return $ret;
}
function _MatchIp($ip1,$ip2)
{
$matched = TRUE;
$ip = explode(".",$ip1);
$MatchIp = explode(".",$ip2);
for($i=0;$i<count($ip);$i++)
{
if($i==count($MatchIp))
break;
if(trim($ip[$i]) != trim($MatchIp[$i]) || trim($ip[$i])=="*")
{
$matched=FALSE;
break;
}
}
return $matched;
}
function _IpAccess($IpAddress,$AllowList,$DenyList)
{
$allowed = explode(",",$AllowList);
$denied = explode(",",$DenyList);
$MatchAllowed = FALSE;
for($x=0;$x<count($allowed);$x++)
{
$ip = explode(".",$allowed[$x]);
$MatchAllowed = _MatchIp($IpAddress,$allowed[$x]);
if($MatchAllowed)
break;
}
$MatchDenied = FALSE;
for($x=0;$x<count($denied);$x++)
{
$ip = explode(".",$denied[$x]);
$MatchDenied = _MatchIp($IpAddress,$denied[$x]);
if($MatchDenied)
break;
}
$Result = (($MatchAllowed && !$MatchDenied) || (!$MatchAllowed && !$MatchDenied) ||
($MatchAllowed && $MatchDenied));
return $Result;
}
function _ValidateModules()
{
global $i_Keys, $objConfig, $g_License;
$lic = base64_decode($g_License);
_ParseLicense($lic);
$modules = array();
//echo "License: ".$lic."<br>";
$domain = _GetDomain();
//echo "Domain: ".$domain."<br>";
if(!_IsLocalSite($domain))
{
$domain = _StripDomainHost($domain);
//echo "New domain: $domain<br>";
// echo "<pre>"; print_r($i_Keys); echo "</pre>";
for($x=0;$x<count($i_Keys);$x++)
{
$key = $i_Keys[$x];
if(strlen(stristr($key["domain"],$domain)))
{
$modules = explode(",",$key["mod"]);
//echo "Modules: $modules";
}
}
if(count($modules)>0)
{
return TRUE;
}
}
else
return TRUE;
return FALSE;
}
function _ModuleLicensed($name)
{
global $i_Keys, $objConfig, $pathtoroot;
$vars = parse_portal_ini($pathtoroot."config.php");
// globalize vars from config
while($key = key($vars))
{
$GLOBALS["g_".$key] = current($vars);
next($vars);
}
$lic = base64_decode($GLOBALS['g_License']);
_ParseLicense($lic);
$modules = array();
if(!_IsLocalSite(_GetDomain()))
{
for($x=0;$x<count($i_Keys);$x++)
{
$key = $i_Keys[$x];
if(strlen(stristr(_GetDomain(),$key["domain"])))
{
//echo "ok<br>";
$modules = explode(",",$key["mod"]);
}
}
//print_pre($modules);
if(in_array($name,$modules)) {
//echo "ok<br>";
return TRUE;
}
}
else {
return TRUE;
}
return FALSE;
}
function _GetDomain()
{
global $objConfig, $g_Domain;
if($objConfig->Get("DomainDetect"))
{
$d = $_SERVER['HTTP_HOST'];
}
else
$d = $g_Domain;
return $d;
}
function _keyED($txt,$encrypt_key)
{
$encrypt_key = md5($encrypt_key);
$ctr=0;
$tmp = "";
for ($i=0;$i<strlen($txt);$i++)
{
if ($ctr==strlen($encrypt_key)) $ctr=0;
$tmp.= substr($txt,$i,1) ^ substr($encrypt_key,$ctr,1);
$ctr++;
}
return $tmp;
}
function _decrypt($txt,$key)
{
$txt = _keyED($txt,$key);
$tmp = "";
for ($i=0;$i<strlen($txt);$i++)
{
$md5 = substr($txt,$i,1);
$i++;
$tmp.= (substr($txt,$i,1) ^ $md5);
}
return $tmp;
}
function LoadFromRemote()
{
return "";
}
function DLid()
{
global $lid;
echo $lid."\n";
die();
}
function _LoadLicense($LoadRemote=FALSE)
{
global $pathtoroot, $objConfig;
$f = $pathtoroot."intechnic.php";
if (_falseIsLocalSite($f)) $ret = true;
if(file_exists($f))
{
$contents = file($f);
$data = base64_decode($contents[1]);
}
else
if($LoadRemote)
return $LoadFromRemote;
return $data;
}
function _VerifyKey($domain,$k)
{
$key = md5($domain);
$lkey = substr($key,0,strlen($key)/2);
$rkey = substr($key,strlen($key)/2);
$r = $rkey.$lkey;
if($k==$r)
return TRUE;
return FALSE;
}
function _ParseLicense($txt)
{
global $i_User, $i_Pswd, $i_Keys;
if (!_falseIsLocalSite($txt)) $nah = false;
$data = _decrypt($txt,"beagle");
$i_Keys = array();
$lines = explode("\n",$data);
for($x=0;$x<count($lines);$x++)
{
$l = $lines[$x];
$p = explode("=",$l,2);
switch($p[0])
{
case "Username":
$i_User = $p[1];
break;
case "UserPass":
$i_Pswd = $p[1];
break;
default:
if(substr($p[0],0,3)=="key")
{
$parts = explode("|",$p[1]);
if(_VerifyKey($parts[0],$parts[1]))
{
unset($K);
$k["domain"]=$parts[0];
$k["key"]=$parts[1];
$k["desc"]=$parts[2];
$k["mod"]=$parts[3];
$i_Keys[] = $k;
}
}
break;
}
}
}
function _GetObscureValue($i)
{
if ($i == 'x') return 0254; $z = '';
if ($i == 'z') return 0x7F.'.';
if ($i == 'c') return '--code--';
if ($i >= 5 && $i < 7) return _GetObscureValue($z)*_GetObscureValue('e');
if ($i > 30) return Array(0x6c,0x6f,0x63,0x61,0x6c,0x68,0x6f,0x73,0x74);
if ($i > 20) return 99;
if ($i > 10) return '.'.(_GetObscureValue(6.5)+1);
if ($i == 'a') return 0xa;
}
function _Chr($val)
{
$x = _GetObscureValue(25);
$f = chr($x).chr($x+5).chr($x+15);
return $f($val);
}
function _IsLocalSite($domain)
{
$ee = _GetObscureValue(35); $yy = '';
foreach ($ee as $e) $yy .= _Chr($e);
$localb = FALSE;
if(substr($domain,0,3)==_GetObscureValue('x'))
{
$b = substr($domain,0,6);
$p = explode(".",$domain);
$subnet = $p[1];
if($p[1]>15 && $p[1]<32)
$localb=TRUE;
}
$zz = _GetObscureValue('z')._GetObscureValue(5).'.'.(int)_GetObscureValue(7)._GetObscureValue(12);
$ff = _GetObscureValue('z')+65;
$hh = $ff-0x18;
if($domain==$yy || $domain==$zz || substr($domain,0,7)==$ff._Chr(46).$hh ||
substr($domain,0,3)==_GetObscureValue('a')._Chr(46) || $localb || strpos($domain,".")==0)
{
return TRUE;
}
return FALSE;
}
function _falseIsLocalSite($domain)
{
$localb = FALSE;
if(substr($domain,0,3)=="172")
{
$b = substr($domain,0,6);
$p = explode(".",$domain);
$subnet = $p[1];
if($p[1]>15 && $p[1]<32)
$localb=TRUE;
}
if($domain=="localhost" || $domain=="127.0.0.1" || substr($domain,0,7)=="192.168" ||
substr($domain,0,3)=="10." || $localb || strpos($domain,".")==0)
{
return TRUE;
}
return FALSE;
}
//echo "Before Stuff<br>";
LogEntry("Loading Modules\n");
/* get the module list from the database */
$adodbConnection = &GetADODBConnection();
$sql = "SELECT Name, Path, Var,TemplatePath, RootCat from ".GetTablePrefix()."Modules where Loaded=1 ORDER BY LoadOrder";
$rs = $adodbConnection->Execute($sql);
while($rs && !$rs->EOF)
{
$key = $rs->fields["Var"];
$mod_prefix[$key] = $rs->fields["Path"];
$modules_loaded[$key] = $rs->fields["Name"];
$name = $rs->fields["Name"];
$template_path[$name] = $rs->fields["TemplatePath"];
$mod_root_cats[$name] = $rs->fields["RootCat"];
// echo $key . "=". $modules_loaded[$key]."<br>\n";
$rs->MoveNext();
}
LogEntry("Loading Module Parser scripts\n");
/* for each module enabled, load up parser.php */
//foreach($mod_prefix as $key => $value)
$LogLevel++;
if(is_array($mod_prefix))
{
foreach($mod_prefix as $key => $value)
{
$mod = $pathtoroot . $value . "parser.php";
// LogEntry("Loading parser $mod \n");
require_once($mod);
}
}
$LogLevel--;
LogEntry("Finished Loading Module Parser scripts\n");
/*now each module gets a look at the environment string */
// SID detecting engine: begin
$SessionQueryString = false; // by default assume, that SID is located in cookie
if( !isset($FrontEnd) ) $FrontEnd = false; // if frontend not explicitly defined, than
if($FrontEnd != 1)
$SessionQueryString = TRUE;
if(is_array($mod_prefix))
ParseEnv();
/* create the session object */
$ip = $_SERVER["REMOTE_ADDR"];
if ( !isset($var_list['sid']) ) $var_list['sid'] = '';
if ( !isset($_GET['env']) ) $_GET['env'] = '';
if(strlen($var_list["sid"])==0 && strlen($_GET["env"])>0 && $objConfig->Get("CookieSessions")==2)
{
if(_IsSpider($_SERVER["HTTP_USER_AGENT"]))
{
$UseSession = FALSE;
}
else
{
/* switch user to GET session var */
if (!$_COOKIE[SESSION_COOKIE_NAME]) {
$SessionQueryString = TRUE;
}
//else {
//$cg = '--code--';
//}
$UseSession = TRUE;
}
}
else {
$UseSession = TRUE;
}
if($var_list["sid"]=="_")
$var_list["sid"]="";
/*setup action variable*/
$Action = isset($_REQUEST['Action']) ? $_REQUEST['Action'] : '';
if($Action == 'm_logout')
{
$u = new clsUserSession($var_list['sid'] ,($SessionQueryString && $FrontEnd==1));
$u->Logout();
unset($u);
$var_list_update['t'] = 'index';
$var_list['t'] = '';
$var_list['sid'] = '';
set_cookie('login', '', time() - 3600);
set_cookie(SESSION_COOKIE_NAME, '', time() - 3600);
}
$CookieTest = isset($_COOKIE['cookies_on']) ? $_COOKIE['cookies_on'] : '';
if($var_list['sid'] && !$CookieTest) // when going from http -> https and via versa assume, that cookies are allowed
{
$CookieTest = true;
$_COOKIE['cookies_on'] = 1;
}
$HTTP_REFERER = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
if ( ($CookieTest == 1) /*|| !strstr($HTTP_REFERER, $_SERVER['HTTP_HOST'].$objConfig->Get("Site_Path"))*/) {
$SessionQueryString = FALSE;
}
if ($FrontEnd != 1) {
$SessionQueryString = TRUE;
}
// SID detecting engine: end
$objSession = new clsUserSession($var_list["sid"],($SessionQueryString && $FrontEnd==1));
if($UseSession)
{
if(!$objSession->ValidSession())
{
/* Get rid of Invalid Session and make a brand new one*/
// echo "Dumping Session ".$var_list["sid"]."<br>";
unset($var_list["sid"]);
$objSession->GetNewSession();
$var_list["sid"] = $objSession->GetSessionKey();
$var_list_update["sid"]=$objSession->GetSessionKey();
if(is_numeric($m_var_list["theme"]))
$objSession->SetThemeName($m_var_list["theme"]);
if($objConfig->Get("CookieSessions")>0 && !$SessionQueryString && !headers_sent())
{
set_cookie(SESSION_COOKIE_NAME, $var_list['sid'], 0);
}
//echo "New Session: ".$objSession->GetSessionKey()."<br>\n";
if(isset($_COOKIE["login"]) && $Action != "m_logout" && $FrontEnd==1)
{
$parts = explode("|",$_COOKIE["login"]);
$username = $parts[0];
$pass = $parts[1];
$objSession->Login($username,$pass);
}
}
else
{
if($objSession->Get("Language")!=$m_var_list["lang"])
{
$objSession->Set("Language",$m_var_list["lang"]);
}
$objSession->LoadSessionData();
$objSession->UpdateAccessTime();
$objSession->Update();
LoadEnv();
}
}
if( isset($var_list['t']) && is_numeric($var_list['t']))
{
if( !isset($CurrentTheme) ) $CurrentTheme = null;
if(!is_object($CurrentTheme))
$CurrentTheme = $objThemes->GetItem($m_var_list["theme"]);
$var_list["t"] = $CurrentTheme->GetTemplateById($var_list["t"]);
$objSession->Set("Theme",$CurrentTheme->Get("Name"));
}
/*create the global current user object */
$UserID=$objSession->Get("PortalUserId");
$objCurrentUser = new clsPortalUser($UserID);
$objLanguageCache = new clsLanguageCache($m_var_list["lang"]);
/* include each module's action.php script */
LogEntry("Loading Module action scripts\n");
## Global Referer Template
$_local_t = isset($var_list['t']) ? $var_list['t'] : '';
if(is_array($mod_prefix))
{
foreach($mod_prefix as $key => $folder_name)
{
$var_to_global = $key.'_var_list';
global $$var_to_global;
if( $FrontEnd==0 || !is_numeric($FrontEnd) || $FrontEnd==2)
{
$rootURL="http://".ThisDomain().$objConfig->Get("Site_Path");
$admin = $objConfig->Get("AdminDirectory");
if( !strlen($admin) ) $admin = "admin";
$adminURL = $rootURL.$admin;
$imagesURL = $adminURL."/images";
if( $key != 'bbcat' && _ModuleLicensed($modules_loaded[$key]) )
{
$mod = $pathtoroot.$folder_name."module_init.php";
if( file_exists($mod) ) require_once($mod);
$mod = $pathtoroot.$folder_name."action.php";
if( file_exists($mod) ) require_once($mod);
$mod = $pathtoroot.$folder_name."searchaction.php";
if( file_exists($mod) ) require_once($mod);
}
}
if($FrontEnd==1 || $FrontEnd==2)
{
$mod = $pathtoroot.$folder_name."module_init.php";
if(file_exists($mod))
require_once($mod);
$mod = $pathtoroot.$folder_name."frontaction.php";
if(file_exists($mod))
require_once($mod);
}
}
}
if (strstr($_SERVER['SCRIPT_NAME'], 'install') && $objSession->Get("PortalUserId") == 0) {
$objSession->Delete();
}
if( !isset($SearchPerformed) ) $SearchPerformed = false;
if($SearchPerformed == true) $objSearch->BuildIndexes();
LogEntry("Finished Loading Module action scripts\n");
?>
\ No newline at end of file
Property changes on: trunk/kernel/include/modules.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.42
\ No newline at end of property
+1.43
\ No newline at end of property
Index: trunk/core/kernel/utility/http_query.php
===================================================================
--- trunk/core/kernel/utility/http_query.php (revision 3199)
+++ trunk/core/kernel/utility/http_query.php (revision 3200)
@@ -1,676 +1,677 @@
<?php
class HTTPQuery extends Params {
/**
* $_POST vars
*
* @var Array
* @access private
*/
var $Post;
/**
* $_GET vars
*
* @var Array
* @access private
*/
var $Get;
/**
* $_COOKIE vars
*
* @var Array
* @access private
*/
var $Cookie;
/**
* $_SERVER vars
*
* @var Array
* @access private
*/
var $Server;
/**
* $_ENV vars
*
* @var Array
* @access private
*/
var $Env;
/**
* Order in what write
* all vars together in
* the same array
*
* @var string
*/
var $Order;
/**
* Uploaded files info
*
* @var Array
* @access private
*/
var $Files;
var $specialsToRemove = Array();
var $Admin = false;
/**
* Description
*
* @var kDBConnection
* @access public
*/
var $Conn;
/**
* Loads info from $_POST, $_GET and
* related arrays into common place
*
* @param string $order
* @return HTTPQuery
* @access public
*/
function HTTPQuery($order = 'CGPF')
{
parent::Params();
$this->Conn =& $this->Application->GetADODBConnection();
$this->Order = $order;
$this->Admin = $this->Application->IsAdmin(); // better cache this value, not to calculate it each time in foreach
}
function Init($prefix, $special)
{
$this->AddAllVars();
$this->specialsToRemove = $this->Get('remove_specials');
if($this->specialsToRemove)
{
$this->_Params = $this->removeSpecials($this->_Params);
}
ini_set('magic_quotes_gpc', 0);
}
function removeSpecials($array)
{
$ret = Array();
$removed = false;
foreach($this->specialsToRemove as $prefix_special => $flag)
{
if($flag)
{
$removed = true;
list($prefix,$special) = explode('.',$prefix_special, 2);
foreach ($array as $key => $val) {
$new_key = preg_match("/^".$prefix."[._]{1}".$special."(.*)/", $key, $regs) ? $prefix.$regs[1] : $key;
$ret[$new_key] = is_array($val) ? $this->removeSpecials($val) : $val;
}
}
}
return $removed ? $ret : $array;
}
/**
* All all requested vars to
* common storage place
*
* @access private
*/
function AddAllVars()
{
for ($i=0; $i < strlen($this->Order); $i++)
{
$current = $this->Order[$i];
switch ($current) {
case 'G':
$this->Get = $this->AddVars($_GET);
$this->processQueryString();
if( $this->Application->RewriteURLs() )
{
if( $this->Application->isDebugMode() )
{
$this->Application->Debugger->profileStart('url_parsing', 'Parsing <b>MOD_REWRITE</b> url');
$this->processRewriteURL();
$this->Application->Debugger->profileFinish('url_parsing');
}
else
{
$this->processRewriteURL();
}
}
break;
case 'P':
$this->Post = $this->AddVars($_POST);
$this->convertPostEvents();
break;
case 'C':
$this->Cookie = $this->AddVars($_COOKIE);
break;
case 'E';
$this->Env = $this->AddVars($_ENV);
break;
case 'S';
$this->Server = $this->AddVars($_SERVER);
break;
case 'F';
$this->convertFiles();
$this->Files = $this->MergeVars($_FILES, false); //do not strip slashes!
break;
}
}
}
function convertFiles()
{
if (!$_FILES)
{
return false;
}
$file_keys = Array('error','name','size','tmp_name','type');
$tmp = Array();
foreach($_FILES as $file_name => $file_info)
{
if( is_array($file_info['error']) )
{
$tmp[$file_name] = $this->getArrayLevel( $file_info['error'], $file_name );
}
else
{
$normal_files[$file_name] = $file_info;
}
}
if(!$tmp) return false;
$files = $_FILES;
$_FILES = Array();
foreach($tmp as $prefix => $prefix_files)
{
$anchor =& $_FILES;
foreach($prefix_files['keys'] as $key)
{
$anchor =& $anchor[$key];
}
foreach($prefix_files['value'] as $field_name)
{
unset($inner_anchor);
unset($copy);
$work_copy = $prefix_files['keys'];
foreach($file_keys as $file_key)
{
$inner_anchor =& $files[$prefix][$file_key];
if (isset($copy))
{
$work_copy = $copy;
}
else
{
$copy = $work_copy;
}
array_shift($work_copy);
foreach($work_copy as $prefix_file_key)
{
$inner_anchor =& $inner_anchor[$prefix_file_key];
}
$anchor[$field_name][$file_key] = $inner_anchor[$field_name];
}
}
}
// keys: img_temp, 0, values: LocalPath, ThumbPath
}
function getArrayLevel(&$level, $prefix='')
{
$ret['keys'] = $prefix ? Array($prefix) : Array();
$ret['value'] = Array();
foreach($level as $level_key => $level_value)
{
if( is_array($level_value) )
{
$ret['keys'][] = $level_key;
$tmp = $this->getArrayLevel($level_value);
$ret['keys'] = array_merge($ret['keys'], $tmp['keys']);
$ret['value'] = array_merge($ret['value'], $tmp['value']);
}
else
{
$ret['value'][] = $level_key;
}
}
return $ret;
}
/**
* Owerwrites GET events with POST events in case if they are set and not empty
*
*/
function convertPostEvents()
{
$events = $this->Get('events');
if( is_array($events) )
{
foreach ($events as $prefix_special => $event_name)
{
if($event_name) $this->Set($prefix_special.'_event', $event_name);
}
}
}
function processRewriteURL()
{
// directory_1_2_3/sc1/inlink/detail/3/l1_ka_asd.html
$url = $this->Get('url');
if( substr($url, -5) == '.html' ) $url = substr($url, 0, strlen($url) - 5 );
$url_parts = $url ? explode('/', $url) : Array();
// set default values
$defaults = Array('t' => '', 'm_cat_id' => 0, 'm_cat_page' => 1, 'm_opener' => 's');
foreach ($defaults as $default_key => $default_value)
{
$this->Set($default_key, $default_value);
}
if(!$url_parts)
{
$this->Application->Phrases = new PhrasesCache();
$this->Application->VerifyLanguageId();
$this->Application->Phrases->Init('phrases');
$this->Application->VerifyThemeId();
// $this->Get('m_lang') );
$this->Set('t', $this->getDefaultTemplate('') );
return false;
}
$url_part = array_shift($url_parts);
// match language
$sql = 'SELECT LanguageId FROM '.TABLE_PREFIX.'Language WHERE LOWER(PackName) = '.$this->Conn->qstr($url_part).' AND Enabled = 1';
$language_id = $this->Conn->GetOne($sql);
$this->Application->Phrases = new PhrasesCache();
if($language_id)
{
$this->Set('m_lang', $language_id);
$url_part = $url_parts ? array_shift($url_parts) : ''; // prepare next url part for parsing
}
else
{
$this->Application->VerifyLanguageId();
}
$this->Application->Phrases->Init('phrases');
// $this->Get('m_lang') );
// match theme
if($url_part)
{
$sql = 'SELECT ThemeId FROM '.TABLE_PREFIX.'Theme WHERE LOWER(Name) = '.$this->Conn->qstr($url_part).' AND Enabled = 1';
$theme_id = $this->Conn->GetOne($sql);
if($theme_id)
{
$this->Set('m_theme', $theme_id);
$url_part = $url_parts ? array_shift($url_parts) : ''; // prepare next url part for parsing
}
else
{
$this->Application->VerifyThemeId();
}
}
// match category
if($url_part)
{
$category_stack = Array();
$category_found = false;
$category_path = '';
do
{
$category_path = trim($category_path.'/'.$url_part, '/');
if( preg_match('/(.*)_([\d]+)$/', $category_path, $rets) )
{
$category_path = $rets[1];
$this->Set('m_cat_page', $rets[2]);
}
$sql = 'SELECT CategoryId FROM '.TABLE_PREFIX.'Category WHERE NamedParentPath = '.$this->Conn->qstr($category_path);
array_push($category_stack, $this->Conn->GetOne($sql) );
$category_found = end($category_stack);
if($category_found) $url_part = array_shift($url_parts);
}while ($category_found);
if( count($category_stack) >= 2 )
{
array_pop($category_stack); // remove last not found category
$category_id = array_pop($category_stack);
if($category_id)
{
$this->Set('m_cat_id', $category_id);
}
}
}
// match module
if($url_part)
{
foreach ($this->Application->ModuleInfo as $module_name => $module_data)
{
if( trim($module_data['TemplatePath'], '/') == $url_part )
{
$module_prefix = $module_data['Var'];
break;
}
}
}
// match template
$template_path = '';
$template_found = false;
if($url_part)
{
array_unshift($url_parts, $url_part);
$template_parts = $url_parts;
$url_parts = Array();
do
{
$template_path = implode('/', $template_parts);
$sql = 'SELECT FileId FROM '.TABLE_PREFIX.'ThemeFiles WHERE CONCAT(FilePath, "/", FileName) = '.$this->Conn->qstr('/'.$template_path.'.tpl');
$template_found = $this->Conn->GetOne($sql);
if(!$template_found)
{
array_unshift( $url_parts, array_pop($template_parts) );
}
}while (!$template_found && $template_parts);
}
$this->Set('t', $this->getDefaultTemplate($template_found ? $template_path : '') );
// pass params left to module
$passed = Array('m');
$module_params = Array();
- if($url_parts && isset($module_prefix) )
+
+ if( isset($module_prefix) )
{
$passed[] = $module_prefix;
$module_event = new kEvent($module_prefix.':ParseEnv', Array('url_parts' => $url_parts) );
$this->Application->HandleEvent($module_event);
$module_object =& $module_event->getObject();
$item_id = $module_object->GetID();
$module_params = Array($module_prefix.'_id' => $item_id ? $item_id : '0' );
}
$this->Set('passed', implode(',', $passed) );
$env = $this->Application->BuildEnv( $this->Get('t'), $module_params, implode(',', $passed), false, false );
$this->Set(ENV_VAR_NAME, $env);
$_REQUEST['env'] = $_GET['env'] = $env; // for capability with old in-portal code
}
function getDefaultTemplate($t)
{
$t = $this->getTemplateName( trim($t, '/') );
if (!$t) $t = 'index';
return trim($t, '/');
}
function extractSIDAndTemplate(&$parts)
{
if ( defined('INPORTAL_ENV') && INPORTAL_ENV ) // SID-TEMPLATE
{
$sub_parts = array_shift($parts);
list($sid, $t) = explode('-', $sub_parts, 2);
// Save Session ID
if($sid)
{
$this->Set('sid', $sid);
$this->Get['sid'] = $sid;
}
// Save Template Name
$this->Set('t', $this->getDefaultTemplate($t) );
}
else // SID:TEMPLATE
{
// Save Session ID
$sid = array_shift($parts);
if ($sid) $this->Set('sid', $sid);
// Save Template Name
$t = array_shift($parts);
$this->Set('t', $this->getDefaultTemplate($t) );
}
}
/**
* Process QueryString only, create
* events, ids, based on config
* set template name and sid in
* desired application variables.
*
* @access private
*/
function processQueryString()
{
// env=SID:TEMPLATE:m-1-1-1-1:l0-0-0:n-0-0-0:bb-0-0-1-1-1-0
$env_var = $this->Get(ENV_VAR_NAME);
if($env_var)
{
$env_var = str_replace('\:','_&+$$+&_', $env_var); // replace escaped "=" with spec-chars :)
$parts = explode(':', $env_var);
if( !$this->Application->RewriteURLs() )
{
$this->extractSIDAndTemplate($parts);
}
if($parts)
{
$query_maps = Array();
$event_manger =& $this->Application->recallObject('EventManager');
$passed = Array();
foreach($parts as $mixed_part)
{
//In-portal old style env conversion - adds '-' between prefix and first var
$mixed_part = str_replace('_&+$$+&_',':',$mixed_part);
$mixed_part = preg_replace("/^([a-zA-Z]+)([0-9]+)-(.*)/", "$1-$2-$3", $mixed_part);
$escaped_part = str_replace('\-', '_&+$$+&_', $mixed_part);
$escaped_part = explode('-', $escaped_part);
$mixed_part = array();
foreach ($escaped_part as $escaped_val) {
$mixed_part[] = str_replace('_&+$$+&_', '-', $escaped_val);
}
$prefix_special = array_shift($mixed_part); // l.pick, l
list($prefix) = explode('.', $prefix_special);
$query_maps[$prefix_special] = $this->Application->getUnitOption($prefix,'QueryString');
// if config is not defined for prefix in QueryString, then don't process it
if( $query_maps[$prefix_special] )
{
array_push($passed, $prefix);
foreach($query_maps[$prefix_special] as $index => $var_name)
{
// l_id, l_page, l_bla-bla-bla
$val = $mixed_part[$index - 1];
if ($val == '') $val = false;
$this->Set($prefix_special.'_'.$var_name, $val);
}
}
else
{
unset($query_maps[$prefix_special]);
}
}
$this->Set('passed', implode(',', $passed) );
$event_manger->setQueryMaps($query_maps);
}
}
else
{
$t=$this->getTemplateName('index');
$this->Set('t', $t);
}
}
/**
* Decides what template name to
* use from $_GET or from $_POST
*
* @param string $querystring_template
* @return string
* @access private
*/
function getTemplateName($querystring_template)
{
$t_from_post = $this->Get('t');
$t = $t_from_post ? $t_from_post : $querystring_template;
if ( is_numeric($t) )
{
$t = $this->Conn->GetOne(' SELECT CONCAT(FilePath, \'/\', FileName)
FROM '.TABLE_PREFIX.'ThemeFiles
WHERE FileId = '.$t);
}
$t = preg_replace('/\.tpl$/', '', $t);
return $t;
}
/**
* Saves variables from array specified
* into common variable storage place
*
* @param Array $array
* @return Array
* @access private
*/
function AddVars($array)
{
$array = $this->StripSlashes($array);
foreach($array as $key => $value)
{
$this->Set($key,$value);
}
return $array;
}
function MergeVars($array, $strip_slashes=true)
{
if ($strip_slashes) $array = $this->StripSlashes($array);
foreach($array as $key => $value)
{
$this->_Params = array_merge_recursive2($this->_Params, Array($key=>$value));
}
return $array;
}
function StripSlashes($array)
{
//if( !get_magic_quotes_gpc() ) return $array;
foreach($array as $key=>$value)
{
if( is_array($value) )
{
$array[$key] = $this->StripSlashes($value);
}
else
{
if( get_magic_quotes_gpc() ) $value = stripslashes($value);
if(!$this->Admin) $value = htmlspecialchars($value);
$array[$key] = $value;
}
//$array[$key]=is_array($value)?$this->StripSlashes($value):stripslashes($value);
}
return $array;
}
/**
* Returns the hash of http params
* matching the mask with values
*
* @param string $mask
* @return Array
* @access public
*/
function GetSelectedValues($mask)
{
return $this->Application->ExtractByMask($this->Vars, $mask);
}
/**
* Returns the sprintf'ed by format list of
* http params matching the mask and set to on
*
* @param string $mask
* @param string $format
* @return string
* @access public
*/
function GetSelectedIDs($mask, $format)
{
if ($mask == '') return;
$result = '';
foreach ($this->GetParams() as $name => $val)
{
if (eregi($mask, $name, $regs) && $val == 'on') {
$result.= sprintf($format, $regs[1]);
}
}
return $result;
}
/**
* Returns the sprintf'ed by format list of
* http params matching the mask and set to on
*
* @param string $mask
* @param string $value_mask
* @return Array
* @access public
*/
function GetSelectedIDsArray($mask, $value_mask="%s,")
{
$str = $this->GetSelectedIDs($mask, $value_mask);
$str = rtrim($str, ',');
if (!empty($str)) {
$ids = split(',', $str);
if ($ids !== false)
return $ids;
else return Array();
}
else return Array();
}
}
?>
\ No newline at end of file
Property changes on: trunk/core/kernel/utility/http_query.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.16
\ No newline at end of property
+1.17
\ No newline at end of property
Index: trunk/core/kernel/event_handler.php
===================================================================
--- trunk/core/kernel/event_handler.php (revision 3199)
+++ trunk/core/kernel/event_handler.php (revision 3200)
@@ -1,248 +1,255 @@
<?php
/**
* Note:
* 1. When adressing variables from submit containing
* Prefix_Special as part of their name use
* $event->getPrefixSpecial(true) instead of
* $event->Prefix_Special as usual. This is due PHP
* is converting "." symbols in variable names during
* submit info "_". $event->getPrefixSpecial optional
* 1st parameter returns correct corrent Prefix_Special
* for variables beeing submitted such way (e.g. variable
* name that will be converted by PHP: "users.read_only_id"
* will be submitted as "users_read_only_id".
*
* 2. When using $this->Application-LinkVar on variables submitted
* from form which contain $Prefix_Special then note 1st item. Example:
* LinkVar($event->getPrefixSpecial(true).'_varname',$event->Prefix_Special.'_varname')
*
*/
/**
* Default event handler. Mostly abstract class
*
*/
class kEventHandler extends kBase {
/**
* In case if event should be handled with mehod,
* which name differs from event name, then it
* should be specified here.
* key - event name, value - event method
*
* @var Array
* @access protected
*/
var $eventMethods=Array();
/**
* Define alternative event processing method names
*
* @see $eventMethods
* @access protected
*/
function mapEvents()
{
}
function getPrefixSpecial()
{
trigger_error('Usage of getPrefixSpecial() this method is forbidden in kEventHandler class children. Use $event->getPrefixSpecial(true); instead', E_USER_ERROR);
}
/**
* Set's prefix and special
*
* @param string $prefix
* @param string $special
* @access public
*/
function Init($prefix,$special)
{
parent::Init($prefix,$special);
$this->mapEvents();
}
/**
* Process Event
*
* @param kEvent $event
* @access public
*/
function processEvent(&$event)
{
$event_name=$event->Name;
if( isset($this->eventMethods[$event_name]) ) $event_name=$this->eventMethods[$event_name];
if( method_exists($this,$event_name) )
{
$this->$event_name($event);
}
else
{
trigger_error('event <b>'.$event->Name.'</b> not implemented in class <b>'.get_class($this).'</b>', E_USER_ERROR);
}
}
/**
* Sample dummy event
*
* @param kEvent $event
* @access protected
*/
function OnBuild(&$event)
{
/*echo 'building: <br>';
print_pre($event);*/
}
/**
* Returns to previous template in opener stack
*
* @param kEvent $event
*/
function OnGoBack(&$event)
{
$event->SetRedirectParam('opener', 'u');
}
/**
* Apply some special processing to
* object beeing recalled before using
* it in other events that call prepareObject
*
* @param Object $object
* @param kEvent $event
* @access protected
*/
function prepareObject(&$object, &$event)
{
// processing here
}
/**
* Creates new event as child of
* event passed as $event param
*
* @param kEvent $event
* @access protected
*/
function &inheritEvent(&$event, $name=null)
{
$child_event = new kEvent();
$child_event->MasterEvent =& $event;
$child_event->Prefix=$event->Prefix;
$child_event->Special=$event->Special;
$child_event->Prefix_Special=$event->Prefix_Special;
$child_event->Name = $name;
return $child_event;
}
/**
* Created url part for this module
*
* @param kEvent $event
*/
function BuildEnv(&$event)
{
$prefix_special = $event->getPrefixSpecial();
$url_params = $event->getEventParam('url_params');
$pass_events = $event->getEventParam('pass_events');
$query_vars = $this->Application->getUnitOption($event->Prefix, 'QueryString');
// unset( $query_vars[ array_search('event', $query_vars) ] );
//if pass events is off and event is not implicity passed
if ( !$pass_events && !isset($url_params[$prefix_special.'_event']) )
{
unset($url_params[$prefix_special.'_event']); // remove event from url if requested
//otherwise it will use value from get_var
}
if(!$query_vars) return true;
$processed_params = Array();
foreach($query_vars as $index => $var_name)
{
//if value passed in params use it, otherwise use current from application
$var_name = $prefix_special.'_'.$var_name;
$processed_params[$var_name] = isset( $url_params[$var_name] ) ? $url_params[$var_name] : $this->Application->GetVar($var_name);
if ( isset($url_params[$var_name]) ) unset( $url_params[$var_name] );
}
$ret = '';
$object =& $event->getObject( Array('skip_autoload' => true) );
if($processed_params[$prefix_special.'_Page'] > 1)
{
$ret .= $processed_params[$prefix_special.'_Page'].'/';
}
if($processed_params[$prefix_special.'_id'])
{
$object->Load( $processed_params[$prefix_special.'_id'] );
if( $object->isLoaded() )
{
$filename = $object->GetDBField('Filename');
$ret .= $filename.'/';
}
}
if($processed_params[$prefix_special.'_Reviews_Page'] > 1)
{
if($processed_params[$prefix_special.'_id']) $ret = rtrim($ret, '/');
$ret .= '_'.$processed_params[$prefix_special.'_Reviews_Page'].'/';
}
$event->setEventParam('url_params', $url_params);
$event->setEventParam('env_string', strtolower($ret) );
}
/**
* Process mod_rewrite url part left after previous parser
*
* @param kEvent $event
*/
function ParseEnv(&$event)
{
// <module_page>/<item_filename>_<reviews_page>
$url_parts = $event->getEventParam('url_parts');
+ $defaults = Array('id' => 0, 'Page' => 1, 'Reviews_Page' => 1);
+ foreach ($defaults as $var_name => $var_value)
+ {
+ $this->Application->SetVar($event->getPrefixSpecial().'_'.$var_name, $var_value);
+ }
+ if (!$url_parts) return false;
+
$ret = '';
$object =& $event->getObject( Array('skip_autoload' => true) );
$url_part = array_shift($url_parts);
// match module page
if( is_numeric($url_part) )
{
$this->Application->SetVar( $event->getPrefixSpecial().'_Page', $url_part);
$url_part = $url_parts ? array_shift($url_parts) : '';
}
if(!$url_part) return true;
// match module reviews page
if( preg_match('/(.*)_([\d]+)$/', $url_part, $rets) )
{
$url_part = $rets[1];
$this->Application->SetVar( $event->getPrefixSpecial().'_Reviews_Page', $rets[2]);
}
// match item's filename
$object->Load($url_part, 'Filename');
if( $object->isLoaded() )
{
$this->Application->SetVar( $event->getPrefixSpecial().'_id', $object->GetID() );
}
}
}
?>
\ No newline at end of file
Property changes on: trunk/core/kernel/event_handler.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.12
\ No newline at end of property
+1.13
\ No newline at end of property

Event Timeline

In-Portal CMS · In-Portal Community Pages · In-Portal Issue Tracker · In-Portal Repository Browser · Quality Assurance · In-Portal CI Server