| 1 |
2
|
Manuela
|
<?php
|
| 2 |
23
|
Manuela
|
|
| 3 |
|
|
/*
|
| 4 |
|
|
* Copyright (C) 2017 Manuela v.d.Decken <manuela@isteam.de>
|
| 5 |
2
|
Manuela
|
*
|
| 6 |
23
|
Manuela
|
* DO NOT ALTER OR REMOVE COPYRIGHT OR THIS HEADER
|
| 7 |
2
|
Manuela
|
*
|
| 8 |
23
|
Manuela
|
* This program is free software: you can redistribute it and/or modify
|
| 9 |
|
|
* it under the terms of the GNU General Public License as published by
|
| 10 |
|
|
* the Free Software Foundation, version 2 of the License.
|
| 11 |
|
|
*
|
| 12 |
|
|
* This program is distributed in the hope that it will be useful,
|
| 13 |
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
| 14 |
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
| 15 |
|
|
* GNU General Public License 2 for more details.
|
| 16 |
|
|
*
|
| 17 |
|
|
* You should have received a copy of the GNU General Public License 2
|
| 18 |
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
| 19 |
2
|
Manuela
|
*/
|
| 20 |
23
|
Manuela
|
/**
|
| 21 |
|
|
* @package Core
|
| 22 |
|
|
* @copyright Ryan Djurovich
|
| 23 |
|
|
* @author Ryan Djurovich
|
| 24 |
|
|
* @author Manuela v.d.Decken <manuela@isteam.de>
|
| 25 |
|
|
* @license GNU General Public License 2.0
|
| 26 |
|
|
* @version 1.0.1
|
| 27 |
|
|
* @revision $Id$
|
| 28 |
|
|
* @deprecated no / since 0000/00/00
|
| 29 |
|
|
* @description xxx
|
| 30 |
|
|
*/
|
| 31 |
6
|
Manuela
|
// $aPhpFunctions = get_defined_functions();
|
| 32 |
2
|
Manuela
|
/**
|
| 33 |
|
|
* sanitize $_SERVER['HTTP_REFERER']
|
| 34 |
|
|
* @param string $sWbUrl qualified startup URL of current application
|
| 35 |
|
|
*/
|
| 36 |
6
|
Manuela
|
function SanitizeHttpReferer($sWbUrl = WB_URL)
|
| 37 |
|
|
{
|
| 38 |
2
|
Manuela
|
$sTmpReferer = '';
|
| 39 |
|
|
if (isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER'] != '') {
|
| 40 |
|
|
define('ORG_REFERER', ($_SERVER['HTTP_REFERER'] ?: ''));
|
| 41 |
|
|
$aRefUrl = parse_url($_SERVER['HTTP_REFERER']);
|
| 42 |
|
|
if ($aRefUrl !== false) {
|
| 43 |
|
|
$aRefUrl['host'] = isset($aRefUrl['host']) ? $aRefUrl['host'] : '';
|
| 44 |
|
|
$aRefUrl['path'] = isset($aRefUrl['path']) ? $aRefUrl['path'] : '';
|
| 45 |
|
|
$aRefUrl['fragment'] = isset($aRefUrl['fragment']) ? '#'.$aRefUrl['fragment'] : '';
|
| 46 |
|
|
$aWbUrl = parse_url(WB_URL);
|
| 47 |
|
|
if ($aWbUrl !== false) {
|
| 48 |
|
|
$aWbUrl['host'] = isset($aWbUrl['host']) ? $aWbUrl['host'] : '';
|
| 49 |
|
|
$aWbUrl['path'] = isset($aWbUrl['path']) ? $aWbUrl['path'] : '';
|
| 50 |
|
|
if (strpos($aRefUrl['host'].$aRefUrl['path'], $aWbUrl['host'].$aWbUrl['path']) !== false) {
|
| 51 |
|
|
$aRefUrl['path'] = preg_replace('#^'.$aWbUrl['path'].'#i', '', $aRefUrl['path']);
|
| 52 |
|
|
$sTmpReferer = WB_URL.$aRefUrl['path'].$aRefUrl['fragment'];
|
| 53 |
|
|
}
|
| 54 |
|
|
unset($aWbUrl);
|
| 55 |
|
|
}
|
| 56 |
|
|
unset($aRefUrl);
|
| 57 |
|
|
}
|
| 58 |
|
|
}
|
| 59 |
|
|
$_SERVER['HTTP_REFERER'] = $sTmpReferer;
|
| 60 |
|
|
}
|
| 61 |
|
|
/**
|
| 62 |
|
|
* makePhExp
|
| 63 |
|
|
* @param array list of names for placeholders
|
| 64 |
|
|
* @return array reformatted list
|
| 65 |
|
|
* @description makes an RegEx-Expression for preg_replace() of each item in $aList
|
| 66 |
|
|
* Example: from 'TEST_NAME' it mades '/\[TEST_NAME\]/s'
|
| 67 |
|
|
*/
|
| 68 |
|
|
function makePhExp($sList)
|
| 69 |
|
|
{
|
| 70 |
|
|
$aList = func_get_args();
|
| 71 |
|
|
// return preg_replace('/^(.*)$/', '/\[$1\]/s', $aList);
|
| 72 |
|
|
return preg_replace('/^(.*)$/', '[$1]', $aList);
|
| 73 |
|
|
}
|
| 74 |
|
|
|
| 75 |
|
|
/**
|
| 76 |
|
|
* Read DB settings from configuration file
|
| 77 |
|
|
* @return array
|
| 78 |
|
|
* @throws RuntimeException
|
| 79 |
|
|
*
|
| 80 |
|
|
*/
|
| 81 |
|
|
function initReadSetupFile()
|
| 82 |
|
|
{
|
| 83 |
|
|
// check for valid file request. Becomes more stronger in next version
|
| 84 |
|
|
// initCheckValidCaller(array('save.php','index.php','config.php','upgrade-script.php'));
|
| 85 |
|
|
$aCfg = array();
|
| 86 |
|
|
$sSetupFile = dirname(dirname(__FILE__)).'/setup.ini.php';
|
| 87 |
|
|
if(is_readable($sSetupFile) && !defined('WB_URL')) {
|
| 88 |
|
|
$aCfg = parse_ini_file($sSetupFile, true);
|
| 89 |
|
|
if (!isset($aCfg['Constants']) || !isset($aCfg['DataBase'])) {
|
| 90 |
|
|
throw new InvalidArgumentException('configuration missmatch in setup.ini.php');
|
| 91 |
|
|
}
|
| 92 |
|
|
foreach($aCfg['Constants'] as $key=>$value) {
|
| 93 |
|
|
switch($key):
|
| 94 |
|
|
case 'DEBUG':
|
| 95 |
|
|
$value = filter_var($value, FILTER_VALIDATE_BOOLEAN);
|
| 96 |
|
|
if(!defined('DEBUG')) { define('DEBUG', $value); }
|
| 97 |
|
|
break;
|
| 98 |
|
|
case 'WB_URL': // << case is set deprecated
|
| 99 |
|
|
case 'AppUrl':
|
| 100 |
|
|
$value = trim(str_replace('\\', '/', $value), '/');
|
| 101 |
|
|
if(!defined('WB_URL')) { define('WB_URL', $value); }
|
| 102 |
|
|
break;
|
| 103 |
|
|
case 'ADMIN_DIRECTORY': // << case is set deprecated
|
| 104 |
|
|
case 'AcpDir':
|
| 105 |
|
|
$value = trim(str_replace('\\', '/', $value), '/');
|
| 106 |
|
|
if(!defined('ADMIN_DIRECTORY')) { define('ADMIN_DIRECTORY', $value); }
|
| 107 |
|
|
break;
|
| 108 |
|
|
default:
|
| 109 |
|
|
if(!defined($key)) { define($key, $value); }
|
| 110 |
|
|
break;
|
| 111 |
|
|
endswitch;
|
| 112 |
|
|
}
|
| 113 |
|
|
}
|
| 114 |
|
|
return $aCfg;
|
| 115 |
|
|
// throw new RuntimeException('unable to read setup.ini.php');
|
| 116 |
|
|
}
|
| 117 |
|
|
/**
|
| 118 |
|
|
* Set constants for system/install values
|
| 119 |
|
|
* @throws RuntimeException
|
| 120 |
|
|
*/
|
| 121 |
6
|
Manuela
|
function initSetInstallWbConstants($aCfg)
|
| 122 |
|
|
{
|
| 123 |
2
|
Manuela
|
if (sizeof($aCfg)) {
|
| 124 |
|
|
foreach($aCfg['Constants'] as $key=>$value) {
|
| 125 |
|
|
switch($key):
|
| 126 |
|
|
case 'DEBUG':
|
| 127 |
|
|
$value = filter_var($value, FILTER_VALIDATE_BOOLEAN);
|
| 128 |
|
|
if(!defined('DEBUG')) { define('DEBUG', $value); }
|
| 129 |
|
|
break;
|
| 130 |
|
|
case 'WB_URL': // << case is set deprecated
|
| 131 |
|
|
case 'AppUrl':
|
| 132 |
|
|
$value = trim(str_replace('\\', '/', $value), '/');
|
| 133 |
|
|
if(!defined('WB_URL')) { define('WB_URL', $value); }
|
| 134 |
|
|
break;
|
| 135 |
|
|
case 'ADMIN_DIRECTORY': // << case is set deprecated
|
| 136 |
|
|
case 'AcpDir':
|
| 137 |
|
|
$value = trim(str_replace('\\', '/', $value), '/');
|
| 138 |
|
|
if(!defined('ADMIN_DIRECTORY')) { define('ADMIN_DIRECTORY', $value); }
|
| 139 |
|
|
if(!preg_match('/xx[a-z0-9_][a-z0-9_\-\.]+/i', 'xx'.ADMIN_DIRECTORY)) {
|
| 140 |
|
|
throw new RuntimeException('Invalid admin-directory: ' . ADMIN_DIRECTORY);
|
| 141 |
|
|
}
|
| 142 |
|
|
break;
|
| 143 |
|
|
default:
|
| 144 |
|
|
if(!defined($key)) { define($key, $value); }
|
| 145 |
|
|
break;
|
| 146 |
|
|
endswitch;
|
| 147 |
|
|
}
|
| 148 |
|
|
}
|
| 149 |
|
|
if(!defined('WB_PATH')){ define('WB_PATH', dirname(__DIR__)); }
|
| 150 |
|
|
if(!defined('ADMIN_URL')){ define('ADMIN_URL', rtrim(WB_URL, '/\\').'/'.ADMIN_DIRECTORY); }
|
| 151 |
|
|
if(!defined('ADMIN_PATH')){ define('ADMIN_PATH', WB_PATH.'/'.ADMIN_DIRECTORY); }
|
| 152 |
|
|
if(!defined('WB_REL')){
|
| 153 |
|
|
$x1 = parse_url(WB_URL);
|
| 154 |
|
|
define('WB_REL', (isset($x1['path']) ? $x1['path'] : ''));
|
| 155 |
|
|
}
|
| 156 |
|
|
if(!defined('ADMIN_REL')){ define('ADMIN_REL', WB_REL.'/'.ADMIN_DIRECTORY); }
|
| 157 |
|
|
if(!defined('DOCUMENT_ROOT')) {
|
| 158 |
|
|
define('DOCUMENT_ROOT', preg_replace('/'.preg_quote(str_replace('\\', '/', WB_REL), '/').'$/', '', str_replace('\\', '/', WB_PATH)));
|
| 159 |
|
|
$_SERVER['DOCUMENT_ROOT'] = DOCUMENT_ROOT;
|
| 160 |
|
|
}
|
| 161 |
|
|
if(!defined('TMP_PATH')){ define('TMP_PATH', WB_PATH.'/temp'); }
|
| 162 |
|
|
|
| 163 |
|
|
if (defined('DB_TYPE'))
|
| 164 |
|
|
{
|
| 165 |
|
|
// import constants for compatibility reasons
|
| 166 |
|
|
$db = array();
|
| 167 |
|
|
if (defined('DB_TYPE')) { $db['type'] = DB_TYPE; }
|
| 168 |
|
|
if (defined('DB_USERNAME')) { $db['user'] = DB_USERNAME; }
|
| 169 |
|
|
if (defined('DB_PASSWORD')) { $db['pass'] = DB_PASSWORD; }
|
| 170 |
|
|
if (defined('DB_HOST')) { $db['host'] = DB_HOST; }
|
| 171 |
|
|
if (defined('DB_PORT')) { $db['port'] = DB_PORT; }
|
| 172 |
|
|
if (defined('DB_NAME')) { $db['name'] = DB_NAME; }
|
| 173 |
|
|
if (defined('DB_CHARSET')) { $db['charset'] = DB_CHARSET; }
|
| 174 |
|
|
if (defined('TABLE_PREFIX')) { $db['table_prefix'] = TABLE_PREFIX; }
|
| 175 |
|
|
} else {
|
| 176 |
|
|
foreach($aCfg['DataBase'] as $key=>$value) {
|
| 177 |
|
|
switch($key):
|
| 178 |
|
|
case 'type':
|
| 179 |
|
|
if(!defined('DB_TYPE')) { define('DB_TYPE', $value); }
|
| 180 |
|
|
break;
|
| 181 |
|
|
case 'user':
|
| 182 |
|
|
if(!defined('DB_USERNAME')) { define('DB_USERNAME', $value); }
|
| 183 |
|
|
break;
|
| 184 |
|
|
case 'pass':
|
| 185 |
|
|
if(!defined('DB_PASSWORD')) { define('DB_PASSWORD', $value); }
|
| 186 |
|
|
break;
|
| 187 |
|
|
case 'host':
|
| 188 |
|
|
if(!defined('DB_HOST')) { define('DB_HOST', $value); }
|
| 189 |
|
|
break;
|
| 190 |
|
|
case 'port':
|
| 191 |
|
|
if(!defined('DB_PORT')) { define('DB_PORT', $value); }
|
| 192 |
|
|
break;
|
| 193 |
|
|
case 'name':
|
| 194 |
|
|
if(!defined('DB_NAME')) { define('DB_NAME', $value); }
|
| 195 |
|
|
break;
|
| 196 |
|
|
case 'charset':
|
| 197 |
|
|
if(!defined('DB_CHARSET')) { define('DB_CHARSET', $value); }
|
| 198 |
|
|
break;
|
| 199 |
|
|
default:
|
| 200 |
|
|
$key = strtoupper($key);
|
| 201 |
|
|
if(!defined($key)) { define($key, $value); }
|
| 202 |
|
|
break;
|
| 203 |
|
|
endswitch;
|
| 204 |
|
|
}
|
| 205 |
|
|
}
|
| 206 |
|
|
}
|
| 207 |
|
|
|
| 208 |
|
|
function WbErrorHandler($iErrorCode, $sErrorText, $sErrorFile, $iErrorLine)
|
| 209 |
|
|
{
|
| 210 |
|
|
$bRetval = false;
|
| 211 |
31
|
Manuela
|
if ((error_reporting() & $iErrorCode) || ini_get('log_errors') != 0) {
|
| 212 |
|
|
$sErrorLogFile = ini_get ('error_log');
|
| 213 |
|
|
if (is_writeable($sErrorLogFile)) {
|
| 214 |
|
|
$sErrorType = E_NOTICE ;
|
| 215 |
|
|
$aErrors = [
|
| 216 |
|
|
E_USER_DEPRECATED => 'E_USER_DEPRECATED',
|
| 217 |
|
|
E_USER_NOTICE => 'E_USER_NOTICE',
|
| 218 |
|
|
E_USER_WARNING => 'E_USER_WARNING',
|
| 219 |
|
|
E_DEPRECATED => 'E_DEPRECATED',
|
| 220 |
|
|
E_NOTICE => 'E_NOTICE',
|
| 221 |
|
|
E_WARNING => 'E_WARNING',
|
| 222 |
|
|
E_CORE_WARNING => 'E_CORE_WARNING',
|
| 223 |
|
|
E_COMPILE_WARNING => 'E_COMPILE_WARNING',
|
| 224 |
|
|
E_STRICT => 'E_STRICT',
|
| 225 |
|
|
E_RECOVERABLE_ERROR => 'E_RECOVERABLE_ERROR',
|
| 226 |
|
|
];
|
| 227 |
|
|
if (array_key_exists($iErrorCode, $aErrors)) {
|
| 228 |
|
|
$sErrorType = $aErrors[$iErrorCode];
|
| 229 |
|
|
$bRetval = true;
|
| 230 |
|
|
}
|
| 231 |
|
|
$aBt= debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS);
|
| 232 |
|
|
$x = sizeof($aBt) -1;
|
| 233 |
|
|
$iSize = $x < 0 ? 0 : ($x <= 2 ? $x : 2);
|
| 234 |
|
|
$sEntry = date('c').' '.'['.$sErrorType.'] '.str_replace(dirname(__DIR__), '', $sErrorFile).':['.$iErrorLine.'] '
|
| 235 |
|
|
. ' from '.str_replace(dirname(__DIR__), '', $aBt[$iSize]['file']).':['.$aBt[$iSize]['line'].'] '
|
| 236 |
|
|
. (isset($aBt[$iSize]['class']) ? $aBt[$iSize]['class'].$aBt[$iSize]['type'] : '').$aBt[$iSize]['function'].' '
|
| 237 |
|
|
. '"'.$sErrorText.'"'.PHP_EOL;
|
| 238 |
|
|
file_put_contents($sErrorLogFile, $sEntry, FILE_APPEND);
|
| 239 |
|
|
}
|
| 240 |
2
|
Manuela
|
}
|
| 241 |
|
|
return $bRetval;
|
| 242 |
|
|
}
|
| 243 |
6
|
Manuela
|
/**
|
| 244 |
|
|
* create / recreate a admin object
|
| 245 |
|
|
* @param string $section_name (default: '##skip##')
|
| 246 |
|
|
* @param string $section_permission (default: 'start')
|
| 247 |
|
|
* @param bool $auto_header (default: true)
|
| 248 |
|
|
* @param bool $auto_auth (default: true)
|
| 249 |
|
|
* @return \admin
|
| 250 |
|
|
*/
|
| 251 |
|
|
function newAdmin($section_name= '##skip##', $section_permission = 'start', $auto_header = true, $auto_auth = true)
|
| 252 |
|
|
{
|
| 253 |
|
|
if (isset($GLOBALS['admin']) && $GLOBALS['admin'] instanceof admin) {
|
| 254 |
|
|
unset($GLOBALS['admin']);
|
| 255 |
|
|
usleep(10000);
|
| 256 |
|
|
}
|
| 257 |
|
|
return new admin($section_name, $section_permission, $auto_header, $auto_auth);
|
| 258 |
|
|
}
|
| 259 |
|
|
|
| 260 |
2
|
Manuela
|
/* ***************************************************************************************
|
| 261 |
|
|
* Start initialization *
|
| 262 |
|
|
****************************************************************************************/
|
| 263 |
6
|
Manuela
|
// Stop execution if PHP version is too old
|
| 264 |
|
|
// PHP less then 5.6.0 is prohibited ---
|
| 265 |
|
|
if (version_compare(PHP_MAJOR_VERSION.'.'.PHP_MINOR_VERSION.'.'.PHP_RELEASE_VERSION, '5.6.0', '<')) {
|
| 266 |
|
|
$sMsg = '<p style="color: #ff0000;">WebsiteBaker is not able to run with PHP-Version less then 5.6.0!!<br />'
|
| 267 |
|
|
. 'Please change your PHP-Version to any kind from 5.6.0 and up!<br />'
|
| 268 |
|
|
. 'If you have problems to solve that, ask your hosting provider for it.<br />'
|
| 269 |
|
|
. 'The very best solution is the use of PHP-7.0 and up</p>';
|
| 270 |
|
|
die($sMsg);
|
| 271 |
|
|
}
|
| 272 |
|
|
error_reporting(E_ALL);
|
| 273 |
|
|
$sStarttime = array_sum(explode(" ", microtime()));
|
| 274 |
22
|
Manuela
|
if (!defined('MAX_DATETIME')) { define('MAX_DATETIME', ((2**31)-1)); }
|
| 275 |
6
|
Manuela
|
/* -------------------------------------------------------- */
|
| 276 |
|
|
if ( !defined('WB_PATH')) { define('WB_PATH', dirname(__DIR__)); }
|
| 277 |
34
|
Manuela
|
// activate PHP5 randomizer compatibility layer -----------------------------------------------------
|
| 278 |
|
|
if (PHP_MAJOR_VERSION < 7 && is_readable(WB_PATH.'/include/Paragonie/random.php')) {
|
| 279 |
|
|
include_once WB_PATH.'/include/Paragonie/random.php';
|
| 280 |
|
|
}
|
| 281 |
|
|
// activate Autoloader -------------------------------------------------------------------
|
| 282 |
22
|
Manuela
|
if (!class_exists('\bin\CoreAutoloader')) {
|
| 283 |
|
|
include __DIR__.'/CoreAutoloader.php';
|
| 284 |
|
|
}
|
| 285 |
23
|
Manuela
|
\bin\CoreAutoloader::doRegister(dirname(__DIR__));
|
| 286 |
31
|
Manuela
|
\bin\CoreAutoloader::addNamespace([ // add several needed namespaces->folder translations
|
| 287 |
30
|
Manuela
|
// Namespace Directory
|
| 288 |
31
|
Manuela
|
'bin' => 'framework',
|
| 289 |
|
|
'addon' => 'modules',
|
| 290 |
|
|
'vendor' => 'include',
|
| 291 |
|
|
'vendor\\jscalendar' => 'include/jscalendar',
|
| 292 |
|
|
'bin\\db' => 'framework/db',
|
| 293 |
|
|
'bin\\requester' => 'framework',
|
| 294 |
|
|
'bin\\requester\\filter' => 'framework',
|
| 295 |
|
|
'bin\\security' => 'framework',
|
| 296 |
|
|
'bin\\interfaces' => 'framework',
|
| 297 |
|
|
'api' => 'framework/api',
|
| 298 |
23
|
Manuela
|
]);
|
| 299 |
|
|
|
| 300 |
6
|
Manuela
|
// *** initialize Exception handling
|
| 301 |
|
|
if(!function_exists('globalExceptionHandler')) {
|
| 302 |
|
|
include(__DIR__.'/globalExceptionHandler.php');
|
| 303 |
|
|
}
|
| 304 |
|
|
// *** initialize Error handling
|
| 305 |
|
|
$sErrorLogFile = dirname(__DIR__).'/var/logs/php_error.log.php';
|
| 306 |
|
|
$sErrorLogPath = dirname($sErrorLogFile);
|
| 307 |
|
|
|
| 308 |
|
|
if (!file_exists($sErrorLogFile)) {
|
| 309 |
|
|
$sTmp = '<?php die(\'illegal file access\'); ?>'
|
| 310 |
|
|
. 'created: ['.date('c').']'.PHP_EOL;
|
| 311 |
|
|
if (false === file_put_contents($sErrorLogFile, $sTmp, FILE_APPEND)) {
|
| 312 |
|
|
throw new Exception('unable to create logfile \'/var/logs/php_error.log.php\'');
|
| 313 |
|
|
}
|
| 314 |
|
|
}
|
| 315 |
|
|
if (!is_writeable($sErrorLogFile)) {
|
| 316 |
|
|
throw new Exception('not writeable logfile \'/var/logs/php_error.log.php\'');
|
| 317 |
|
|
}
|
| 318 |
|
|
ini_set('log_errors', 1);
|
| 319 |
|
|
ini_set ('error_log', $sErrorLogFile);
|
| 320 |
|
|
|
| 321 |
30
|
Manuela
|
// activate errorhandler -----------------------------------------------------------------
|
| 322 |
2
|
Manuela
|
set_error_handler('WbErrorHandler', -1 );
|
| 323 |
6
|
Manuela
|
defined('SYSTEM_RUN') ? '' : define('SYSTEM_RUN', true);
|
| 324 |
2
|
Manuela
|
// load configuration ---
|
| 325 |
|
|
$aCfg = initReadSetupFile();
|
| 326 |
|
|
initSetInstallWbConstants($aCfg);
|
| 327 |
30
|
Manuela
|
// activate requester --------------------------------------------------------------------
|
| 328 |
31
|
Manuela
|
$oRequest = new \bin\requester\HttpRequester();
|
| 329 |
2
|
Manuela
|
// ---------------------------
|
| 330 |
|
|
// get Database connection data from configuration
|
| 331 |
6
|
Manuela
|
defined('ADMIN_DIRECTORY') ? '' : define('ADMIN_DIRECTORY', 'admin');
|
| 332 |
23
|
Manuela
|
if (
|
| 333 |
30
|
Manuela
|
!preg_match('/xx[a-z_][a-z0-9_\-\.]+/i', 'xx'.ADMIN_DIRECTORY) ||
|
| 334 |
|
|
!is_dir(dirname(__DIR__).'/'.ADMIN_DIRECTORY)
|
| 335 |
23
|
Manuela
|
) {
|
| 336 |
|
|
throw new RuntimeException('Invalid admin-directory set: ' . ADMIN_DIRECTORY);
|
| 337 |
6
|
Manuela
|
}
|
| 338 |
23
|
Manuela
|
// add Namespace 'acp' to Autoloader
|
| 339 |
|
|
\bin\CoreAutoloader::addNamespace('acp', ADMIN_DIRECTORY);
|
| 340 |
6
|
Manuela
|
defined('ADMIN_URL') ? '' : define('ADMIN_URL', WB_URL.'/'.ADMIN_DIRECTORY);
|
| 341 |
|
|
defined('ADMIN_PATH') ? '' : define('ADMIN_PATH', WB_PATH.'/'.ADMIN_DIRECTORY);
|
| 342 |
|
|
if ( !defined('WB_REL')){
|
| 343 |
|
|
$x1 = parse_url(WB_URL);
|
| 344 |
|
|
define('WB_REL', (isset($x1['path']) ? $x1['path'] : ''));
|
| 345 |
|
|
}
|
| 346 |
|
|
if ( !defined('DOCUMENT_ROOT')) {
|
| 347 |
|
|
define('DOCUMENT_ROOT', preg_replace('/'.preg_quote(str_replace('\\', '/', WB_REL), '/').'$/', '', str_replace('\\', '/', WB_PATH)));
|
| 348 |
|
|
$_SERVER['DOCUMENT_ROOT'] = DOCUMENT_ROOT;
|
| 349 |
|
|
}
|
| 350 |
|
|
|
| 351 |
22
|
Manuela
|
if (class_exists('database')) {
|
| 352 |
|
|
// sanitize $_SERVER['HTTP_REFERER']
|
| 353 |
|
|
SanitizeHttpReferer(WB_URL);
|
| 354 |
|
|
date_default_timezone_set('UTC');
|
| 355 |
|
|
// register TWIG autoloader ---
|
| 356 |
|
|
$sTmp = dirname(dirname(__FILE__)).'/include/Sensio/Twig/lib/Twig/Autoloader.php';
|
| 357 |
|
|
if (!class_exists('Twig_Autoloader') && is_readable($sTmp)){
|
| 358 |
|
|
include $sTmp;
|
| 359 |
|
|
Twig_Autoloader::register();
|
| 360 |
|
|
}
|
| 361 |
|
|
// register PHPMailer autoloader ---
|
| 362 |
|
|
$sTmp = dirname(dirname(__FILE__)).'/include/phpmailer/PHPMailerAutoload.php';
|
| 363 |
|
|
if (!function_exists('PHPMailerAutoload') && is_readable($sTmp)) {
|
| 364 |
|
|
include $sTmp;
|
| 365 |
|
|
}
|
| 366 |
|
|
// Create database class
|
| 367 |
|
|
$database = new database();
|
| 368 |
2
|
Manuela
|
|
| 369 |
22
|
Manuela
|
// activate frontend OutputFilterApi (initialize.php)
|
| 370 |
|
|
if (is_readable(WB_PATH .'/modules/output_filter/OutputFilterApi.php')) {
|
| 371 |
|
|
if (!function_exists('OutputFilterApi')) {
|
| 372 |
|
|
include WB_PATH .'/modules/output_filter/OutputFilterApi.php';
|
| 373 |
|
|
}
|
| 374 |
|
|
} else {
|
| 375 |
|
|
throw new RuntimeException('missing mandatory global OutputFilterApi!');
|
| 376 |
2
|
Manuela
|
}
|
| 377 |
22
|
Manuela
|
// Get website settings (title, keywords, description, header, and footer)
|
| 378 |
|
|
$sql = 'SELECT `name`, `value` FROM `'.TABLE_PREFIX.'settings`';
|
| 379 |
|
|
if (($get_settings = $database->query($sql))) {
|
| 380 |
|
|
$x = 0;
|
| 381 |
|
|
while ($setting = $get_settings->fetchRow(MYSQLI_ASSOC)) {
|
| 382 |
|
|
$setting_name = strtoupper($setting['name']);
|
| 383 |
|
|
$setting_value = $setting['value'];
|
| 384 |
|
|
if ($setting_value == 'false') {
|
| 385 |
|
|
$setting_value = false;
|
| 386 |
|
|
}
|
| 387 |
|
|
if ($setting_value == 'true') {
|
| 388 |
|
|
$setting_value = true;
|
| 389 |
|
|
}
|
| 390 |
|
|
defined($setting_name) ? '' : define($setting_name, $setting_value);
|
| 391 |
|
|
$x++;
|
| 392 |
2
|
Manuela
|
}
|
| 393 |
22
|
Manuela
|
} else {
|
| 394 |
|
|
die($database->get_error());
|
| 395 |
|
|
}
|
| 396 |
|
|
if (!$x) {
|
| 397 |
|
|
throw new RuntimeException('no settings found');
|
| 398 |
|
|
}
|
| 399 |
30
|
Manuela
|
defined('DO_NOT_TRACK') ? '' : define('DO_NOT_TRACK', ($oRequest->issetHeader('DNT')));
|
| 400 |
|
|
ini_set('display_errors', ((defined('DEBUG') && (DEBUG==true)) ? '1' : '0'));
|
| 401 |
22
|
Manuela
|
|
| 402 |
|
|
defined('DEBUG') ? '' : define('DEBUG', false);
|
| 403 |
|
|
$string_file_mode = defined('STRING_FILE_MODE') ? STRING_FILE_MODE : '0644';
|
| 404 |
|
|
defined('OCTAL_FILE_MODE') ? '' : define('OCTAL_FILE_MODE', (int) octdec($string_file_mode));
|
| 405 |
|
|
$string_dir_mode = defined('STRING_DIR_MODE') ? STRING_DIR_MODE : '0755';
|
| 406 |
|
|
defined('OCTAL_DIR_MODE') ? '' : define('OCTAL_DIR_MODE', (int) octdec($string_dir_mode));
|
| 407 |
30
|
Manuela
|
if (!defined('WB_INSTALL_PROCESS') && !defined('WB_UPGRADE_PROCESS')) {
|
| 408 |
22
|
Manuela
|
// get CAPTCHA and ASP settings
|
| 409 |
|
|
$sql = 'SELECT * FROM `'.TABLE_PREFIX.'mod_captcha_control`';
|
| 410 |
|
|
if (($get_settings = $database->query($sql)) &&
|
| 411 |
|
|
($setting = $get_settings->fetchRow(MYSQLI_ASSOC))
|
| 412 |
|
|
) {
|
| 413 |
|
|
defined('ENABLED_CAPTCHA') ? '' : define('ENABLED_CAPTCHA', (bool) ($setting['enabled_captcha'] == '1'));
|
| 414 |
|
|
defined('ENABLED_ASP') ? '' : define('ENABLED_ASP', (bool) ($setting['enabled_asp'] == '1'));
|
| 415 |
|
|
defined('CAPTCHA_TYPE') ? '' : define('CAPTCHA_TYPE', $setting['captcha_type']);
|
| 416 |
|
|
defined('ASP_SESSION_MIN_AGE') ? '' : define('ASP_SESSION_MIN_AGE', (int) $setting['asp_session_min_age']);
|
| 417 |
|
|
defined('ASP_VIEW_MIN_AGE') ? '' : define('ASP_VIEW_MIN_AGE', (int) $setting['asp_view_min_age']);
|
| 418 |
|
|
defined('ASP_INPUT_MIN_AGE') ? '' : define('ASP_INPUT_MIN_AGE', (int) $setting['asp_input_min_age']);
|
| 419 |
|
|
} else {
|
| 420 |
|
|
throw new RuntimeException('CAPTCHA-Settings not found');
|
| 421 |
2
|
Manuela
|
}
|
| 422 |
|
|
}
|
| 423 |
22
|
Manuela
|
// Start a session
|
| 424 |
|
|
if (!defined('SESSION_STARTED')) {
|
| 425 |
|
|
session_name(APP_NAME.'-sid');
|
| 426 |
|
|
@session_start();
|
| 427 |
|
|
define('SESSION_STARTED', true);
|
| 428 |
|
|
}
|
| 429 |
|
|
if (defined('ENABLED_ASP') && ENABLED_ASP && !isset($_SESSION['session_started'])) {
|
| 430 |
|
|
$_SESSION['session_started'] = time();
|
| 431 |
|
|
}
|
| 432 |
33
|
Manuela
|
// Get users language --------------------------------------------------------------------
|
| 433 |
|
|
$sLang = $oRequest->getParam('lang');
|
| 434 |
|
|
$aMatches = [];
|
| 435 |
|
|
$sPattern = '/^\s*([a-z]{2})(?:[\-_]([a-z]{2})(?:[\-_]([a-z\-_]{2,8}))?)?[\s_\-]*$/i';
|
| 436 |
|
|
if ($sLang && preg_match($sPattern, $sLang, $aMatches)) {
|
| 437 |
|
|
$sLang = strtoupper($aMatches[1]);
|
| 438 |
|
|
define('LANGUAGE', $sLang);
|
| 439 |
|
|
$_SESSION['LANGUAGE'] = $sLang;
|
| 440 |
|
|
} else {
|
| 441 |
|
|
if (isset($_SESSION['LANGUAGE']) && preg_match($sPattern, $_SESSION['LANGUAGE'], $aMatches)) {
|
| 442 |
|
|
define('LANGUAGE', strtoupper($aMatches[1]));
|
| 443 |
22
|
Manuela
|
} else {
|
| 444 |
|
|
define('LANGUAGE', DEFAULT_LANGUAGE);
|
| 445 |
|
|
}
|
| 446 |
2
|
Manuela
|
}
|
| 447 |
33
|
Manuela
|
unset($sLang, $sPattern, $aMatches);
|
| 448 |
|
|
// Load Language file(s) -----------------------------------------------------------------
|
| 449 |
22
|
Manuela
|
$sCurrLanguage = '';
|
| 450 |
|
|
$slangFile = WB_PATH.'/languages/EN.php';
|
| 451 |
2
|
Manuela
|
if (is_readable($slangFile)) {
|
| 452 |
|
|
require $slangFile;
|
| 453 |
22
|
Manuela
|
$sCurrLanguage ='EN';
|
| 454 |
2
|
Manuela
|
}
|
| 455 |
22
|
Manuela
|
if ($sCurrLanguage != DEFAULT_LANGUAGE) {
|
| 456 |
|
|
$slangFile = WB_PATH.'/languages/'.DEFAULT_LANGUAGE.'.php';
|
| 457 |
|
|
if (is_readable($slangFile)) {
|
| 458 |
|
|
require $slangFile;
|
| 459 |
|
|
$sCurrLanguage = DEFAULT_LANGUAGE;
|
| 460 |
|
|
}
|
| 461 |
2
|
Manuela
|
}
|
| 462 |
22
|
Manuela
|
if ($sCurrLanguage != LANGUAGE) {
|
| 463 |
|
|
$slangFile = WB_PATH.'/languages/'.LANGUAGE.'.php';
|
| 464 |
|
|
if (is_readable($slangFile)) {
|
| 465 |
|
|
require $slangFile;
|
| 466 |
|
|
}
|
| 467 |
|
|
}
|
| 468 |
30
|
Manuela
|
// activate SecureTokens -----------------------------------------------------------------
|
| 469 |
|
|
$oApp = (object) [
|
| 470 |
|
|
'oRequester' => $oRequest,
|
| 471 |
|
|
'oRegistry' => (object) [
|
| 472 |
|
|
'SecTokenFingerprint' => (bool) SEC_TOKEN_FINGERPRINT,
|
| 473 |
|
|
'SecTokenNetmask4' => SEC_TOKEN_NETMASK4,
|
| 474 |
|
|
'SecTokenNetmask6' => SEC_TOKEN_NETMASK6,
|
| 475 |
|
|
'SecTokenLifeTime' => SEC_TOKEN_LIFE_TIME
|
| 476 |
|
|
]
|
| 477 |
|
|
];
|
| 478 |
|
|
\bin\SecureTokens::getInstance($oApp);
|
| 479 |
|
|
\bin\SecureTokens::checkFTAN();
|
| 480 |
32
|
Manuela
|
// activate Translate --------------------------------------------------------------------
|
| 481 |
|
|
$sCachePath = dirname(__DIR__).'/temp/cache/';
|
| 482 |
|
|
if (!file_exists($sCachePath)) {
|
| 483 |
|
|
if (!mkdir($sCachePath, 0777, true)) { $sCachePath = dirname(__DIR__).'/temp/'; }
|
| 484 |
|
|
}
|
| 485 |
|
|
$oTrans = Translate::getInstance();
|
| 486 |
|
|
$oTrans->initialize(array('EN', DEFAULT_LANGUAGE, LANGUAGE), $sCachePath); // 'none'
|
| 487 |
30
|
Manuela
|
// ---------------------------------------------------------------------------------------
|
| 488 |
22
|
Manuela
|
// Get users timezone
|
| 489 |
|
|
if (isset($_SESSION['TIMEZONE'])) {
|
| 490 |
|
|
define('TIMEZONE', $_SESSION['TIMEZONE']);
|
| 491 |
|
|
} else {
|
| 492 |
|
|
define('TIMEZONE', DEFAULT_TIMEZONE);
|
| 493 |
|
|
}
|
| 494 |
|
|
// Get users date format
|
| 495 |
|
|
if (isset($_SESSION['DATE_FORMAT'])) {
|
| 496 |
|
|
define('DATE_FORMAT', $_SESSION['DATE_FORMAT']);
|
| 497 |
|
|
} else {
|
| 498 |
|
|
define('DATE_FORMAT', DEFAULT_DATE_FORMAT);
|
| 499 |
|
|
}
|
| 500 |
|
|
// Get users time format
|
| 501 |
|
|
if (isset($_SESSION['TIME_FORMAT'])) {
|
| 502 |
|
|
define('TIME_FORMAT', $_SESSION['TIME_FORMAT']);
|
| 503 |
|
|
} else {
|
| 504 |
|
|
define('TIME_FORMAT', DEFAULT_TIME_FORMAT);
|
| 505 |
|
|
}
|
| 506 |
|
|
// Set Theme dir
|
| 507 |
|
|
define('THEME_URL', WB_URL.'/templates/'.DEFAULT_THEME);
|
| 508 |
|
|
define('THEME_PATH', WB_PATH.'/templates/'.DEFAULT_THEME);
|
| 509 |
|
|
// extended wb_settings
|
| 510 |
|
|
define('EDIT_ONE_SECTION', false);
|
| 511 |
|
|
define('EDITOR_WIDTH', 0);
|
| 512 |
2
|
Manuela
|
}
|