| [ Index ] | PHP Cross Reference of Mambo 4.6.5 |
|
| [ Variables ] [ Functions ] [ Classes ] [ Constants ] [ Statistics ] | ||
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * @package Mambo 4 * @author Mambo Foundation Inc see README.php 5 * @copyright (C) 2000 - 2009 Mambo Foundation Inc. 6 * See COPYRIGHT.php for copyright notices and details. 7 * @license GNU/GPL Version 2, see LICENSE.php 8 * 9 * Redistributions of files must retain the above copyright notice. 10 * 11 * Mambo is free software; you can redistribute it and/or 12 * modify it under the terms of the GNU General Public License 13 * as published by the Free Software Foundation; version 2 of the License. 14 */ 15 16 /** Set flag that this is a parent file */ 17 if (!defined('_VALID_MOS')) define( '_VALID_MOS', 1 ); 18 19 $dir = isset($adminside)?"../":""; 20 21 if ( !file_exists($dir.'configuration.php' ) || filesize( $dir.'configuration.php' ) < 10 ) { 22 header("Location: ".$dir."installation/index.php"); 23 exit(); 24 } 25 26 $protects = array('_REQUEST', '_GET', '_POST', '_COOKIE', '_FILES', '_SERVER', '_ENV', 'GLOBALS', '_SESSION'); 27 foreach ($protects as $protect) { 28 if ( in_array($protect , array_keys($_REQUEST)) || 29 in_array($protect , array_keys($_GET)) || 30 in_array($protect , array_keys($_POST)) || 31 in_array($protect , array_keys($_COOKIE)) || 32 in_array($protect , array_keys($_FILES))) { 33 die("Invalid Request."); 34 } 35 } 36 37 /** 38 * used to leave the input element without trim it 39 */ 40 define( "_MOS_NOTRIM", 0x0001 ); 41 /** 42 * used to leave the input element with all HTML tags 43 */ 44 define( "_MOS_ALLOWHTML", 0x0002 ); 45 /** 46 * used to leave the input element without convert it to numeric 47 */ 48 define( "_MOS_ALLOWRAW", 0x0004 ); 49 /** 50 * used to leave the input element without slashes 51 */ 52 define( "_MOS_NOMAGIC", 0x0008 ); 53 54 /** 55 * function to sanitize input values from arrays 56 * 57 * This function provides a way to sanitize inputs, should be used to obtain values from 58 * _POST, _GET, _COOKIES, etc; a default value can be passed to be used in case that not 59 * values are founded to the element, a binary mask can be passed to discard some of test, 60 *, this value is matched with _MOS_NOTRIM, _MOS_ALLOWHTML and, _MOS_ALLOWRAW, currently 61 * 3 test are do it, trim, strip html and convert the value to numeric when is possible. 62 * 63 * Example of use: 64 * 65 * To get task variable from the URL and select the view like default task, you can use: 66 * 67 * <code>$task = mosGetParam ($_GET,"task","view");</code> 68 * 69 * To get task variable from the URL, select the view like default task, allows HTML and 70 * without trim you can use : 71 * 72 * <code>$task = mosGetParam ($_GET,"task","view",_MOS_NOTRIM+_MOS_ALLOWHTML);</code> 73 * 74 * @acces public 75 * @param array &$arr reference to array which contains the value 76 * @param string $name name of element searched 77 * @param mixed $def default value to use if nothing is founded 78 * @param int $mask mask to select checks that will do it 79 * @return mixed value from the selected element or default value if nothing was found 80 */ 81 function mosGetParam( &$arr, $name, $def=null, $mask=0 ) { 82 if (isset( $arr[$name] )) { 83 if (is_array($arr[$name])) foreach ($arr[$name] as $key=>$element) $result[$key] = mosGetParam ($arr[$name], $key, $def, $mask); 84 else { 85 $result = $arr[$name]; 86 if (!($mask&_MOS_NOTRIM)) $result = trim($result); 87 if (!is_numeric( $result)) { 88 if (!($mask&_MOS_ALLOWHTML)) $result = strip_tags($result); 89 if (!($mask&_MOS_ALLOWRAW)) { 90 if (is_numeric($def)) $result = intval($result); 91 } 92 } 93 if (!get_magic_quotes_gpc()) { 94 $result = addslashes( $result ); 95 } 96 } 97 return $result; 98 } else { 99 return $def; 100 } 101 } 102 103 /** 104 * sets or returns the current side (frontend/backend) 105 * 106 * This function returns TRUE when the user are in the backend area; this is set to 107 * TRUE when are invocated /administrator/index.php, /administrator/index2.php 108 * or /administrator/index3.php, to set this value is not a normal use. 109 * 110 * @access public 111 * @param bool $val value used to set the adminSide value, not planned to be used by users 112 * @return bool TRUE when the user are in backend area, FALSE when are in frontend 113 */ 114 function adminSide($val='') { 115 static $adminside; 116 if (is_null($adminside)) { 117 $adminside = ($val == '') ? 0 : $val; 118 } else { 119 $adminside = ($val == '') ? $adminside : $val; 120 } 121 return $adminside; 122 } 123 124 125 /** 126 * sets or returns the index type 127 * 128 * This function returns 1, 2 or 3 depending of called file index.php, index2.php or index3.php. 129 * 130 * @access private 131 * @param int $val value used to set the indexType value, not planned to be used by users 132 * @return int return 1, 2 or 3 depending of called file 133 */ 134 135 function indexType($val='') 136 { 137 static $indextype; 138 if (is_null($indextype)) { 139 $indextype = ($val == '') ? 1 : $val; 140 } else { 141 $indextype = ($val == '') ? $indextype : $val; 142 } 143 return $indextype; 144 } 145 146 if (!isset($adminside)) $adminside = 0; 147 if (!isset($indextype)) $indextype = 1; 148 149 adminSide($adminside); 150 indexType($indextype); 151 152 $adminside = adminSide(); 153 $indextype = indexType(); 154 155 156 $testLanguage = mosGetParam($_REQUEST,'lang',''); 157 if (!empty($testLanguage) && $testLanguage != 'en'){ 158 if (!is_dir(dirname(__FILE__).'/language/'.$testLanguage) ){ 159 $_GET['lang'] = $_POST['lang'] = $_REQUEST['lang'] = $_GLOBALS['lang'] =''; 160 } 161 } 162 163 require_once (dirname(__FILE__).'/includes/database.php'); 164 require_once(dirname(__FILE__).'/includes/core.classes.php'); 165 require_once(dirname(__FILE__).'/includes/core.helpers.php'); 166 $configuration =& mamboCore::getMamboCore(); 167 $configuration->handleGlobals(); 168 169 if (!$adminside) { 170 $urlerror = 0; 171 $sefcode = dirname(__FILE__).'/components/com_sef/sef.php'; 172 if (file_exists($sefcode)) require_once($sefcode); 173 else require_once(dirname(__FILE__).'/includes/sef.php'); 174 } 175 176 $configuration->loadLanguage(); 177 178 require($configuration->rootPath().'/includes/version.php'); 179 $_VERSION =& new version(); 180 181 182 $version = $_VERSION->PRODUCT .' '. $_VERSION->RELEASE .'.'. $_VERSION->DEV_LEVEL .' ' 183 . $_VERSION->DEV_STATUS 184 .' [ '.$_VERSION->CODENAME .' ] '. $_VERSION->RELDATE .' ' 185 . $_VERSION->RELTIME .' '. $_VERSION->RELTZ; 186 187 if (phpversion() < '4.2.0') require_once( $configuration->rootPath() . '/includes/compat.php41x.php' ); 188 if (phpversion() < '4.3.0') require_once( $configuration->rootPath() . '/includes/compat.php42x.php' ); 189 if (phpversion() < '5.0.0') require_once( $configuration->rootPath() . '/includes/compat.php5xx.php' ); 190 191 $local_backup_path = $configuration->rootPath().'/administrator/backups'; 192 $media_path = $configuration->rootPath().'/media/'; 193 $image_path = $configuration->rootPath().'/images/stories'; 194 $lang_path = $configuration->rootPath().'/language'; 195 $image_size = 100; 196 197 198 $database =& mamboDatabase::getInstance(); 199 // Start NokKaew patch 200 $mosConfig_nok_content=0; 201 if (file_exists( $configuration->rootPath().'components/com_nokkaew/nokkaew.php' ) && !$adminside ) { 202 $mosConfig_nok_content=1; // can also go into the configuration - but this might be overwritten! 203 require_once( $configuration->rootPath()."administrator/components/com_nokkaew/nokkaew.class.php"); 204 require_once( $configuration->rootPath()."components/com_nokkaew/classes/nokkaew.class.php"); 205 } 206 if( $mosConfig_nok_content ) { 207 $database = new mlDatabase( $mosConfig_host, $mosConfig_user, $mosConfig_password, $mosConfig_db, $mosConfig_dbprefix ); 208 } 209 210 if ($mosConfig_nok_content) { 211 $mosConfig_defaultLang = $mosConfig_locale; // Save the default language of the site 212 $iso_client_lang = NokKaew::discoverLanguage( $database ); 213 $_NOKKAEW_MANAGER = new NokKaewManager(); 214 } 215 // end NokKaew Patch 216 $database->debug(mamboCore::get('mosConfig_debug')); 217 218 /** retrieve some possible request string (or form) arguments */ 219 $type = (int)mosGetParam($_REQUEST, 'type', 1); 220 $do_pdf = (int)mosGetParam( $_REQUEST, 'do_pdf', 0 ); 221 $id = (int)mosGetParam( $_REQUEST, 'id', 0 ); 222 $task = htmlspecialchars(mosGetParam($_REQUEST, 'task', '')); 223 $act = strtolower(htmlspecialchars(mosGetParam($_REQUEST, 'act', ''))); 224 $section = htmlspecialchars(mosGetParam($_REQUEST, 'section', '')); 225 $no_html = strtolower(mosGetParam($_REQUEST, 'no_html', '')); 226 $cid = (array) mosGetParam( $_POST, 'cid', array() ); 227 228 $testOption = mosGetParam($_REQUEST,'option',''); 229 $allowedOptions = array ('login','logout','admin','search', 'categories','simple_mode','advanced_mode'); 230 if (!empty($testOption)){ 231 if (!is_dir($configuration->rootPath().'/components/'.$testOption) && 232 !is_dir($configuration->rootPath().'/administrator/components/'.$testOption) && 233 !in_array($testOption, $allowedOptions) ){ 234 $_GET['option'] = $_POST['option'] = $_REQUEST['option'] = $_GLOBALS['option'] =''; 235 } 236 } 237 238 ini_set('session.use_trans_sid', 0); 239 ini_set('session.use_cookies', 1); 240 ini_set('session.use_only_cookies', 1); 241 242 243 /* initialize i18n */ 244 $lang = $configuration->current_language->name; 245 $charset = $configuration->current_language->charset; 246 $gettext =& phpgettext(); 247 $gettext->debug = $configuration->mosConfig_locale_debug; 248 $gettext->has_gettext = $configuration->mosConfig_locale_use_gettext; 249 $language = new mamboLanguage($lang); 250 $gettext->setlocale($lang, $language->getSystemLocale()); 251 $gettext->bindtextdomain($lang, $configuration->rootPath().'/language'); 252 $gettext->bind_textdomain_codeset($lang, $charset); 253 $gettext->textdomain($lang); 254 #$gettext =& phpgettext(); dump($gettext); 255 256 if ($adminside) { 257 // Start ACL 258 require_once($configuration->rootPath().'/includes/gacl.class.php' ); 259 require_once($configuration->rootPath().'/includes/gacl_api.class.php' ); 260 $acl = new gacl_api(); 261 // Handle special admin side options 262 $option = strtolower(mosGetParam($_REQUEST,'option','com_admin')); 263 264 $domain = substr($option, 4); 265 session_name(md5(mamboCore::get('mosConfig_live_site'))); 266 mos_session_start(); 267 if (!isset($_SESSION['initiated'])) { 268 session_regenerate_id(true); 269 $_SESSION['initiated'] = true; 270 } 271 // restore some session variables 272 $my = new mosUser(); 273 $my->getSession(); 274 if (mosSession::validate($my)) { 275 mosSession::purge(); 276 } else { 277 mosSession::purge(); 278 $my = null; 279 } 280 if (!$my AND $option == 'login') { 281 $option='admin'; 282 require_once($configuration->rootPath().'/includes/authenticator.php'); 283 $authenticator =& mamboAuthenticator::getInstance(); 284 $my = $authenticator->loginAdmin($acl); 285 } 286 // Handle the remaining special options 287 elseif ($option == 'logout') { 288 require($configuration->rootPath().'/administrator/logout.php'); 289 exit(); 290 } 291 // We can now create the mainframe object 292 $mainframe =& new mosMainFrame($database, $option, '..', true); 293 // Provided $my is set, we have a valid admin side session and can include remaining code 294 if ($my) { 295 mamboCore::set('currentUser', $my); 296 if ($option == 'simple_mode') $admin_mode = 'on'; 297 elseif ($option == 'advanced_mode') $admin_mode = 'off'; 298 else $admin_mode = mosGetParam($_SESSION, 'simple_editing', ''); 299 $_SESSION['simple_editing'] = mosGetParam($_POST, 'simple_editing', $admin_mode); 300 require_once($configuration->rootPath().'/administrator/includes/admin.php'); 301 require_once( $configuration->rootPath().'/includes/mambo.php' ); 302 require_once ($configuration->rootPath().'/includes/mambofunc.php'); 303 require_once ($configuration->rootPath().'/includes/mamboHTML.php'); 304 require_once( $configuration->rootPath().'/administrator/includes/mosAdminMenus.php'); 305 require_once($configuration->rootPath().'/administrator/includes/admin.php'); 306 require_once( $configuration->rootPath() . '/includes/cmtclasses.php' ); 307 require_once( $configuration->rootPath() . '/components/com_content/content.class.php' ); 308 $_MAMBOTS =& mosMambotHandler::getInstance(); 309 310 311 // If no_html is set, we avoid starting the template, and go straight to the component 312 if ($no_html) { 313 if ($path = $mainframe->getPath( "admin" )) require $path; 314 exit(); 315 } 316 $configuration->initGzip(); 317 // When adminside = 3 we assume that HTML is being explicitly written and do nothing more 318 if ($adminside != 3) { 319 $path = $configuration->rootPath().'/administrator/templates/'.$mainframe->getTemplate().'/index.php'; 320 require_once($path); 321 $configuration->doGzip(); 322 } 323 else { 324 if (!isset($popup)) { 325 $pop = mosGetParam($_REQUEST, 'pop', ''); 326 $pathPopup = $configuration->rootPath()."/administrator/popups/$pop"; 327 if (strpos($pop,'..') === false && file_exists($pathPopup) && $pop) { 328 require($pathPopup); 329 } else { 330 require($configuration->rootPath()."/administrator/popups/index3pop.php"); 331 } 332 $configuration->doGzip(); 333 } 334 } 335 } 336 // If $my was not set, the only possibility is to offer a login screen 337 else { 338 $configuration->initGzip(); 339 $path = $configuration->rootPath().'/administrator/templates/'.$mainframe->getTemplate().'/login.php'; 340 require_once( $path ); 341 $configuration->doGzip(); 342 } 343 } 344 // Finished admin side; the rest is user side code: 345 else { 346 $option = $configuration->determineOptionAndItemid(); 347 $Itemid = $configuration->get('Itemid'); 348 349 $mainframe =& new mosMainFrame($database, $option, '.'); 350 if ($option == 'login') $configuration->handleLogin(); 351 elseif ($option == 'logout') $configuration->handleLogout(); 352 353 $session =& mosSession::getCurrent(); 354 $my =& new mosUser(); 355 $my->getSessionData(); 356 mamboCore::set('currentUser',$my); 357 $configuration->offlineCheck($my, $database); 358 $gid = intval( $my->gid ); 359 // gets template for page 360 $cur_template = $mainframe->getTemplate(); 361 362 require_once( $configuration->rootPath().'/includes/frontend.php' ); 363 require_once( $configuration->rootPath().'/includes/mambo.php' ); 364 require_once ($configuration->rootPath().'/includes/mambofunc.php'); 365 require_once ($configuration->rootPath().'/includes/mamboHTML.php'); 366 367 if ($indextype == 2 AND $do_pdf == 1 ) { 368 include_once ('includes/pdf.php'); 369 exit(); 370 } 371 372 /** detect first visit */ 373 $mainframe->detect(); 374 375 /** @global mosPlugin $_MAMBOTS */ 376 $_MAMBOTS =& mosMambotHandler::getInstance(); 377 require_once( $configuration->rootPath().'/editor/editor.php' ); 378 require_once( $configuration->rootPath() . '/includes/gacl.class.php' ); 379 require_once( $configuration->rootPath() . '/includes/gacl_api.class.php' ); 380 require_once( $configuration->rootPath() . '/components/com_content/content.class.php' ); 381 require_once( $configuration->rootPath() . '/includes/cmtclasses.php' ); 382 $acl = new gacl_api(); 383 384 /** Load system start mambot for 3pd **/ 385 $_MAMBOTS->loadBotGroup('system'); 386 $_MAMBOTS->trigger('onAfterStart'); 387 388 /** Get the component handler */ 389 $c_handler =& mosComponentHandler::getInstance(); 390 $c_handler->startBuffer(); 391 392 if (!$urlerror AND $path = $mainframe->getPath( 'front' )) { 393 $menuhandler =& mosMenuHandler::getInstance(); 394 $ret = $menuhandler->menuCheck($Itemid, $option, $task, $my->getAccessGid()); 395 $menuhandler->setPathway($Itemid); 396 if ($ret) { 397 require ($path); 398 } 399 else mosNotAuth(); 400 } 401 else { 402 header ('HTTP/1.1 404 Not Found'); 403 $mainframe->setPageTitle(T_('404 Error - page not found')); 404 include ($configuration->rootPath().'/page404.php'); 405 } 406 407 $c_handler->endBuffer(); 408 409 /** cache modules output**/ 410 $m_handler =& mosModuleHandler::getInstance(); 411 $m_handler->initBuffers(); 412 413 /** load html helpers **/ 414 $html =& mosHtmlHelper::getInstance(); 415 416 $configuration->initGzip(); 417 418 $configuration->standardHeaders(); 419 if (mosGetParam($_GET, 'syndstyle', '') == 'yes') { 420 mosMainBody(); 421 } else { 422 if ($indextype == 2) { 423 if ( $no_html == 0 ) { 424 $html->render('xmlprologue'); 425 $html->render('doctype'); 426 ?> 427 <html xmlns="http://www.w3.org/1999/xhtml"> 428 <head> 429 <?php 430 $html->render('css'); 431 $html->render('charset'); 432 $html->renderMeta('robots', 'noindex, nofollow'); 433 ?> 434 </head> 435 <body class="contentpane"> 436 <?php mosMainBody(); ?> 437 </body> 438 </html> 439 <?php 440 } else { 441 mosMainBody(); 442 } 443 } else { 444 if ( !file_exists( 'templates/'. $cur_template .'/index.php' ) ) { 445 echo '<span style="color:red; font-weight:bold;">'.T_('Template File Not Found! Looking for template').'</span> '.$cur_template; 446 } else { 447 require_once( 'templates/'. $cur_template .'/index.php' ); 448 $mambothandler =& mosMambotHandler::getInstance(); 449 $mambothandler->loadBotGroup('system'); 450 $mambothandler->trigger('afterTemplate', array($configuration)); 451 echo "<!-- ".time()." -->"; 452 } 453 } 454 } 455 456 $configuration->doGzip(); 457 } 458 // displays queries performed for page 459 if ($configuration->get('mosConfig_debug') AND $adminside != 3) $database->displayLogged(); 460 461 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Mar 10 00:05:01 2010 | Cross-referenced by PHPXref 0.7 |
| Mambo API: Mambo is Free software released under the GNU/General Public License, Version 2 |