mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-04 13:47:31 +02:00
Code Issues Releases Wiki Activity

IMPORTANT: class2/e107 class massive changes - most of code building core environment moved to e107 class; getter for retrieving SQL related config data added; still some problems awaiting solution - e_cache (pref independent, new static methods), class2 - Language related code need its own handler; follow XXX, FIXME, TODO comments.

Browse Source
This commit is contained in:
secretr
2009-11-24 16:30:08 +00:00
parent 4980b1bd3b
commit 6b173127d8
3 changed files with 419 additions and 246 deletions
Download Patch File Download Diff File Expand all files Collapse all files

328
class2.php
View File

@@ -9,9 +9,9 @@
* General purpose file * General purpose file
* *
* $Source: /cvs_backup/e107_0.8/class2.php,v $ * $Source: /cvs_backup/e107_0.8/class2.php,v $
* $Revision: 1.163 $ * $Revision: 1.164 $
* $Date: 2009-11-23 21:04:16 $ * $Date: 2009-11-24 16:30:08 $
* $Author: e107steved $ * $Author: secretr $
* *
*/ */
// //
@@ -63,6 +63,8 @@ if(!isset($_E107['cli']))
// C: Find out if register globals is enabled and destroy them if so // C: Find out if register globals is enabled and destroy them if so
// (DO NOT use the value of any variables before this point! They could have been set by the user) // (DO NOT use the value of any variables before this point! They could have been set by the user)
// //
// Can't be moved to e107, required here for e107_config vars security
$register_globals = true; $register_globals = true;
if(function_exists('ini_get')) if(function_exists('ini_get'))
{ {
@@ -83,35 +85,37 @@ if($register_globals == true)
unset($global); unset($global);
} }
// MOVED TO $e107->prepare_request()
// TODO - better ajax detection method (headers when possible) // TODO - better ajax detection method (headers when possible)
define('e_AJAX_REQUEST', isset($_REQUEST['ajax_used'])); //define('e_AJAX_REQUEST', isset($_REQUEST['ajax_used']));
unset($_REQUEST['ajax_used']); // removed because it's auto-appended from JS (AJAX), could break something... //unset($_REQUEST['ajax_used']); // removed because it's auto-appended from JS (AJAX), could break something...
//
if(isset($_E107['minimal']) || e_AJAX_REQUEST) //if(isset($_E107['minimal']) || e_AJAX_REQUEST)
{ //{
$_e107vars = array('forceuserupdate', 'online', 'theme', 'menus', 'prunetmp'); // $_e107vars = array('forceuserupdate', 'online', 'theme', 'menus', 'prunetmp');
foreach($_e107vars as $v) // foreach($_e107vars as $v)
{ // {
$noname = 'no_'.$v; // $noname = 'no_'.$v;
if(!isset($_E107[$v])) // if(!isset($_E107[$v]))
{ // {
$_E107[$noname] = 1; // $_E107[$noname] = 1;
} // }
unset($_E107[$v]); // unset($_E107[$v]);
} // }
} //}
// MOVED TO $e107->prepare_request()
// e107 uses relative url's, which are broken by "pretty" URL's. So for now we don't support / after .php // e107 uses relative url's, which are broken by "pretty" URL's. So for now we don't support / after .php
if(($pos = strpos($_SERVER['PHP_SELF'], '.php/')) !== false) // redirect bad URLs to the correct one. //if(($pos = strpos($_SERVER['PHP_SELF'], '.php/')) !== false) // redirect bad URLs to the correct one.
{ //{
$new_url = substr($_SERVER['PHP_SELF'], 0, $pos+4); // $new_url = substr($_SERVER['PHP_SELF'], 0, $pos+4);
$new_loc = ($_SERVER['QUERY_STRING']) ? $new_url.'?'.$_SERVER['QUERY_STRING'] : $new_url; // $new_loc = ($_SERVER['QUERY_STRING']) ? $new_url.'?'.$_SERVER['QUERY_STRING'] : $new_url;
header('Location: '.$new_loc); // header('Location: '.$new_loc);
exit(); // exit();
} //}
// If url contains a .php in it, PHP_SELF is set wrong (imho), affecting all paths. We need to 'fix' it if it does. // If url contains a .php in it, PHP_SELF is set wrong (imho), affecting all paths. We need to 'fix' it if it does.
$_SERVER['PHP_SELF'] = (($pos = strpos($_SERVER['PHP_SELF'], '.php')) !== false ? substr($_SERVER['PHP_SELF'], 0, $pos+4) : $_SERVER['PHP_SELF']); //$_SERVER['PHP_SELF'] = (($pos = strpos($_SERVER['PHP_SELF'], '.php')) !== false ? substr($_SERVER['PHP_SELF'], 0, $pos+4) : $_SERVER['PHP_SELF']);
// //
// D: Setup PHP error handling // D: Setup PHP error handling
@@ -125,14 +129,16 @@ set_error_handler(array(&$error_handler, 'handle_error'));
// //
define('e107_INIT', true); define('e107_INIT', true);
// MOVED TO $e107->prepare_request()
// setup some php options // setup some php options
e107_ini_set('magic_quotes_runtime', 0); //e107_ini_set('magic_quotes_runtime', 0);
e107_ini_set('magic_quotes_sybase', 0); //e107_ini_set('magic_quotes_sybase', 0);
e107_ini_set('arg_separator.output', '&'); //e107_ini_set('arg_separator.output', '&');
e107_ini_set('session.use_only_cookies', 1); //e107_ini_set('session.use_only_cookies', 1);
e107_ini_set('session.use_trans_sid', 0); //e107_ini_set('session.use_trans_sid', 0);
// DEPRECATED, use e107::getConfig() and e107::getPlugConfig()
if(isset($retrieve_prefs) && is_array($retrieve_prefs)) if(isset($retrieve_prefs) && is_array($retrieve_prefs))
{ {
foreach ($retrieve_prefs as $key => $pref_name) foreach ($retrieve_prefs as $key => $pref_name)
@@ -145,46 +151,48 @@ else
unset($retrieve_prefs); unset($retrieve_prefs);
} }
define("MAGIC_QUOTES_GPC", (ini_get('magic_quotes_gpc') ? true : false)); // MOVED TO e107->set_constants()
//define("MAGIC_QUOTES_GPC", (ini_get('magic_quotes_gpc') ? true : false));
// Define the domain name and subdomain name. //
if($_SERVER['HTTP_HOST'] && is_numeric(str_replace(".","",$_SERVER['HTTP_HOST']))) //// Define the domain name and subdomain name.
{ //if($_SERVER['HTTP_HOST'] && is_numeric(str_replace(".","",$_SERVER['HTTP_HOST'])))
$srvtmp = ''; // Host is an IP address. //{
} // $srvtmp = ''; // Host is an IP address.
else //}
{ //else
$srvtmp = explode('.',str_replace('www.', '', $_SERVER['HTTP_HOST'])); //{
} // $srvtmp = explode('.',str_replace('www.', '', $_SERVER['HTTP_HOST']));
//}
define('e_SUBDOMAIN', (count($srvtmp)>2 && $srvtmp[2] ? $srvtmp[0] : false)); // needs to be available to e107_config. //
//define('e_SUBDOMAIN', (count($srvtmp)>2 && $srvtmp[2] ? $srvtmp[0] : false)); // needs to be available to e107_config.
if(e_SUBDOMAIN) //
{ //if(e_SUBDOMAIN)
unset($srvtmp[0]); //{
} // unset($srvtmp[0]);
//}
define('e_DOMAIN',(count($srvtmp) > 1 ? (implode('.', $srvtmp)) : false)); // if it's an IP it must be set to false. //
//define('e_DOMAIN',(count($srvtmp) > 1 ? (implode('.', $srvtmp)) : false)); // if it's an IP it must be set to false.
unset($srvtmp); //
//unset($srvtmp);
// MOVED TO $e107->prepare_request()
// Ensure thet '.' is the first part of the include path // Ensure thet '.' is the first part of the include path
$inc_path = explode(PATH_SEPARATOR, ini_get('include_path')); //$inc_path = explode(PATH_SEPARATOR, ini_get('include_path'));
if($inc_path[0] != '.') //if($inc_path[0] != '.')
{ //{
array_unshift($inc_path, '.'); // array_unshift($inc_path, '.');
$inc_path = implode(PATH_SEPARATOR, $inc_path); // $inc_path = implode(PATH_SEPARATOR, $inc_path);
e107_ini_set('include_path', $inc_path); // e107_ini_set('include_path', $inc_path);
} //}
unset($inc_path); //unset($inc_path);
// //
// F: Grab e107_config, get directory paths and create $e107 object // F: Grab e107_config, get directory paths and create $e107 object
// //
@include_once(realpath(dirname(__FILE__).'/e107_config.php')); @include_once(realpath(dirname(__FILE__).'/e107_config.php'));
define("MPREFIX", $mySQLprefix); //define("MPREFIX", $mySQLprefix); moved to $e107->set_constants()
if(!isset($ADMIN_DIRECTORY)) if(!isset($ADMIN_DIRECTORY))
{ {
@@ -204,52 +212,56 @@ e107_require_once($tmp.'/e107_class.php');
unset($tmp); unset($tmp);
$e107_paths = compact('ADMIN_DIRECTORY', 'FILES_DIRECTORY', 'IMAGES_DIRECTORY', 'THEMES_DIRECTORY', 'PLUGINS_DIRECTORY', 'HANDLERS_DIRECTORY', 'LANGUAGES_DIRECTORY', 'HELP_DIRECTORY', 'DOWNLOADS_DIRECTORY'); $e107_paths = compact('ADMIN_DIRECTORY', 'FILES_DIRECTORY', 'IMAGES_DIRECTORY', 'THEMES_DIRECTORY', 'PLUGINS_DIRECTORY', 'HANDLERS_DIRECTORY', 'LANGUAGES_DIRECTORY', 'HELP_DIRECTORY', 'DOWNLOADS_DIRECTORY');
$e107 = e107::getInstance()->init($e107_paths, realpath(dirname(__FILE__))); $sql_info = compact('mySQLserver', 'mySQLuser', 'mySQLpassword', 'mySQLdefaultdb', 'mySQLprefix');
$e107 = e107::getInstance()->initCore($e107_paths, realpath(dirname(__FILE__)), $sql_info);
$inArray = array("'", ';', '/**/', '/UNION/', '/SELECT/', 'AS '); // MOVED TO $e107->set_request()
if (strpos($_SERVER['PHP_SELF'], 'trackback') === false) //$inArray = array("'", ';', '/**/', '/UNION/', '/SELECT/', 'AS ');
{ //if (strpos($_SERVER['PHP_SELF'], 'trackback') === false)
foreach($inArray as $res) //{
{ // foreach($inArray as $res)
if(stristr($_SERVER['QUERY_STRING'], $res)) // {
{ // if(stristr($_SERVER['QUERY_STRING'], $res))
die('Access denied.'); // {
} // die('Access denied.');
} // }
} // }
//}
/** /**
* set CHARSET for backward compatibility * set CHARSET for backward compatibility
*/ */
define('CHARSET', 'utf-8'); //define('CHARSET', 'utf-8'); moved to e107->set_constants()
// remove ajax_used=1 from query string to avoid SELF problems, ajax should always be detected via e_AJAX_REQUEST constant // remove ajax_used=1 from query string to avoid SELF problems, ajax should always be detected via e_AJAX_REQUEST constant
$_SERVER['QUERY_STRING'] = str_replace(array('ajax_used=1', '&&'), array('', '&'), $_SERVER['QUERY_STRING']); // MOVED TO $e107->prepare_request()
//$_SERVER['QUERY_STRING'] = str_replace(array('ajax_used=1', '&&'), array('', '&'), $_SERVER['QUERY_STRING']);
// //
// G: Retrieve Query data from URI // G: Retrieve Query data from URI
// (Until this point, we have no idea what the user wants to do) // (Until this point, we have no idea what the user wants to do)
// //
if (strpos($_SERVER['QUERY_STRING'], ']') && preg_match("#\[(.*?)](.*)#", $_SERVER['QUERY_STRING'], $matches)) // MOVED TO $e107->set_request()
{ //if (strpos($_SERVER['QUERY_STRING'], ']') && preg_match("#\[(.*?)](.*)#", $_SERVER['QUERY_STRING'], $matches))
define('e_MENU', $matches[1]); //{
$e_QUERY = $matches[2]; // define('e_MENU', $matches[1]);
if(strlen(e_MENU) == 2) // language code ie. [fr] // $e_QUERY = $matches[2];
{ // if(strlen(e_MENU) == 2) // language code ie. [fr]
require_once(e_HANDLER."language_class.php"); // {
$slng = new language; // require_once(e_HANDLER."language_class.php");
define('e_LANCODE', true); // $slng = new language;
$_GET['elan'] = $slng->convert(e_MENU); // define('e_LANCODE', true);
} // $_GET['elan'] = $slng->convert(e_MENU);
// }
} //
else //}
{ //else
define('e_MENU', ''); //{
$e_QUERY = $_SERVER['QUERY_STRING']; // define('e_MENU', '');
define('e_LANCODE', ''); // $e_QUERY = $_SERVER['QUERY_STRING'];
} // define('e_LANCODE', '');
//}
// //
// Start the parser; use it to grab the full query string // Start the parser; use it to grab the full query string
@@ -263,21 +275,29 @@ $tp = e107::getParser(); //TODO - find & replace $tp, $e107->tp
//define("e_QUERY", $matches[2]); //define("e_QUERY", $matches[2]);
//define("e_QUERY", $_SERVER['QUERY_STRING']); //define("e_QUERY", $_SERVER['QUERY_STRING']);
$e_QUERY = str_replace("&","&",$tp->post_toForm($e_QUERY));
define('e_QUERY', $e_QUERY);
// MOVED TO $e107->set_request()
//$e_QUERY = str_replace("&","&",$tp->post_toForm($e_QUERY));
//define('e_QUERY', $e_QUERY);
//$e_QUERY = e_QUERY; //$e_QUERY = e_QUERY;
define('e_TBQS', $_SERVER['QUERY_STRING']); // MOVED TO $e107->set_request()
$_SERVER['QUERY_STRING'] = e_QUERY; //define('e_TBQS', $_SERVER['QUERY_STRING']);
//$_SERVER['QUERY_STRING'] = e_QUERY;
define('e_UC_PUBLIC', 0); // MOVED TO $e107->set_constants()
define('e_UC_MAINADMIN', 250); //define('e_UC_PUBLIC', 0);
define('e_UC_READONLY', 251); //define('e_UC_MAINADMIN', 250);
define('e_UC_GUEST', 252); //define('e_UC_READONLY', 251);
define('e_UC_MEMBER', 253); //define('e_UC_GUEST', 252);
define('e_UC_ADMIN', 254); //define('e_UC_MEMBER', 253);
define('e_UC_NOBODY', 255); //define('e_UC_ADMIN', 254);
define('ADMINDIR', $ADMIN_DIRECTORY); //define('e_UC_NOBODY', 255);
// MOVED TO $e107->set_urls() - DEPRECATED, use e107->getFolder()
//define('ADMINDIR', $ADMIN_DIRECTORY);
// //
// H: Initialize debug handling // H: Initialize debug handling
@@ -308,8 +328,6 @@ if (!$ADMIN_DIRECTORY && !$DOWNLOADS_DIRECTORY)
e107::getSingleton('e107_traffic'); // We start traffic counting ASAP e107::getSingleton('e107_traffic'); // We start traffic counting ASAP
//$eTraffic->Calibrate($eTraffic); //$eTraffic->Calibrate($eTraffic);
e107_require_once(e_HANDLER.'mysql_class.php'); e107_require_once(e_HANDLER.'mysql_class.php');
//DEPRECATED, BC, $e107->sql caught by __get() //DEPRECATED, BC, $e107->sql caught by __get()
@@ -352,6 +370,7 @@ e107_require_once(e_HANDLER.'php_compatibility_handler.php');
// //
$sql->db_Mark_Time('Start: Extract Core Prefs'); $sql->db_Mark_Time('Start: Extract Core Prefs');
// TODO - remove it from here, auto-loaded when required
e107_require_once(e_HANDLER.'cache_handler.php'); e107_require_once(e_HANDLER.'cache_handler.php');
//DEPRECATED, BC, call the method only when needed, $e107->arrayStorage caught by __get() //DEPRECATED, BC, call the method only when needed, $e107->arrayStorage caught by __get()
@@ -360,6 +379,7 @@ $eArrayStorage = e107::getArrayStorage(); //TODO - find & replace $eArrayStorag
//DEPRECATED, BC, call the method only when needed, $e107->e_event caught by __get() //DEPRECATED, BC, call the method only when needed, $e107->e_event caught by __get()
$e_event = e107::getEvent(); //TODO - find & replace $e_event, $e107->e_event $e_event = e107::getEvent(); //TODO - find & replace $e_event, $e107->e_event
// TODO - DEPRECATED - remove
e107_require_once(e_HANDLER."pref_class.php"); e107_require_once(e_HANDLER."pref_class.php");
$sysprefs = new prefs; $sysprefs = new prefs;
@@ -410,82 +430,7 @@ if(!e107::getConfig()->hasData())
//DEPRECATED, BC, call e107::getPref() instead //DEPRECATED, BC, call e107::getPref() instead
$pref = e107::getPref(); $pref = e107::getPref();
/* //this could be part of e107->init() method now, prefs will be auto-initialized
$PrefCache = ecache::retrieve_sys('SitePrefs', 24 * 60, true);
if(!$PrefCache)
{
// No cache of the prefs array, going for the db copy..
$retrieve_prefs[] = 'SitePrefs';
$sysprefs->ExtractPrefs($retrieve_prefs, TRUE);
$PrefData = $sysprefs->get('SitePrefs');
$pref = $eArrayStorage->ReadArray($PrefData);
if(!$pref)
{
$admin_log->log_event('CORE_LAN8', 'CORE_LAN7', E_LOG_WARNING); // Core prefs error, core is attempting to
// Try for the automatic backup..
$PrefData = $sysprefs->get('SitePrefs_Backup');
$pref = $eArrayStorage->ReadArray($PrefData);
if(!$pref)
{
// No auto backup, try for the 'old' prefs system.
$PrefData = $sysprefs->get('pref');
$pref = unserialize($PrefData);
if(!is_array($pref))
{
message_handler('CRITICAL_ERROR', 3, __LINE__, __FILE__);
// No old system, so point in the direction of resetcore :(
message_handler('CRITICAL_ERROR', 4, __LINE__, __FILE__);
$admin_log->log_event('CORE_LAN8', 'CORE_LAN9', E_LOG_FATAL); // Core could not restore from automatic backup. Execution halted.
exit;
}
else
{
// old prefs found, remove old system, and update core with new system
$PrefOutput = $eArrayStorage->WriteArray($pref);
if(!$sql->db_Update('core', "e107_value='{$PrefOutput}' WHERE e107_name='SitePrefs'"))
{
$sql->db_Insert('core', "'SitePrefs', '{$PrefOutput}'");
}
if(!$sql->db_Update('core', "e107_value='{$PrefOutput}' WHERE e107_name='SitePrefs_Backup'"))
{
$sql->db_Insert('core', "'SitePrefs_Backup', '{$PrefOutput}'");
}
$sql->db_Delete('core', "`e107_name` = 'pref'");
}
}
else
{
message_handler('CRITICAL_ERROR', 3, __LINE__, __FILE__);
// auto backup found, use backup to restore the core
if(!$sql->db_Update('core', "`e107_value` = '".addslashes($PrefData)."' WHERE `e107_name` = 'SitePrefs'"))
{
$sql->db_Insert('core', "'SitePrefs', '".addslashes($PrefData)."'");
}
}
}
// write pref cache array
$PrefCache = $eArrayStorage->WriteArray($pref, false);
// store the prefs in cache if cache is enabled
ecache::set_sys('SitePrefs', $PrefCache);
}
else
{
// cache of core prefs was found, so grab all the useful core rows we need
if(!isset($sysprefs->DefaultIgnoreRows))
{
$sysprefs->DefaultIgnoreRows = '';
}
$sysprefs->DefaultIgnoreRows .= '|SitePrefs';
$sysprefs->prefVals['core']['SitePrefs'] = $PrefCache;
if(isset($retrieve_prefs))
{
$sysprefs->ExtractPrefs($retrieve_prefs, TRUE);
}
$pref = $eArrayStorage->ReadArray($PrefCache);
}
*/
//TODO - this could be part of e107->init() method now, prefs will be auto-initialized
//when proper called (e107::getPref()) //when proper called (e107::getPref())
// $e107->set_base_path(); moved to init(). // $e107->set_base_path(); moved to init().
@@ -503,12 +448,17 @@ $sql->db_Mark_Time('(Extracting Core Prefs Done)');
// //
// if a cookie name pref isn't set, make one :) // if a cookie name pref isn't set, make one :)
// TODO - do we really need this? e107 method could do the job.
if (!$pref['cookie_name']) { $pref['cookie_name'] = 'e107cookie'; } if (!$pref['cookie_name']) { $pref['cookie_name'] = 'e107cookie'; }
define('SITEURLBASE', ($pref['ssl_enabled'] == '1' ? 'https://' : 'http://').$_SERVER['HTTP_HOST']);
define('SITEURL', SITEURLBASE.e_HTTP);
define('e_COOKIE', $pref['cookie_name']); define('e_COOKIE', $pref['cookie_name']);
// MOVED TO $e107->set_urls()
//define('SITEURLBASE', ($pref['ssl_enabled'] == '1' ? 'https://' : 'http://').$_SERVER['HTTP_HOST']);
//define('SITEURL', SITEURLBASE.e_HTTP);
/*
* FIXME - pack all Language related code below to Language handler (new or extend the existing one)
*/
// let the subdomain determine the language (when enabled). // let the subdomain determine the language (when enabled).
if(varset($pref['multilanguage_subdomain']) && ($pref['user_tracking'] == 'session') && e_DOMAIN && MULTILANG_SUBDOMAIN !== FALSE) if(varset($pref['multilanguage_subdomain']) && ($pref['user_tracking'] == 'session') && e_DOMAIN && MULTILANG_SUBDOMAIN !== FALSE)

11
e107_handlers/cache_handler.php
View File

@@ -9,9 +9,9 @@
* Cache handler * Cache handler
* *
* $Source: /cvs_backup/e107_0.8/e107_handlers/cache_handler.php,v $ * $Source: /cvs_backup/e107_0.8/e107_handlers/cache_handler.php,v $
* $Revision: 1.16 $ * $Revision: 1.17 $
* $Date: 2009-11-18 01:04:43 $ * $Date: 2009-11-24 16:30:06 $
* $Author: e107coders $ * $Author: secretr $
*/ */
if (!defined('e107_INIT')) { exit; } if (!defined('e107_INIT')) { exit; }
@@ -20,11 +20,12 @@ define('CACHE_PREFIX','<?php exit;');
/** /**
* Class to cache data as files, improving site speed and throughput. * Class to cache data as files, improving site speed and throughput.
* FIXME - pref independant cache handler, cache drivers
* *
* @package e107 * @package e107
* @category e107_handlers * @category e107_handlers
* @version $Revision: 1.16 $ * @version $Revision: 1.17 $
* @author $Author: e107coders $ * @author $Author: secretr $
*/ */
class ecache { class ecache {

326
e107_handlers/e107_class.php
View File

@@ -9,9 +9,9 @@
* e107 Main * e107 Main
* *
* $Source: /cvs_backup/e107_0.8/e107_handlers/e107_class.php,v $ * $Source: /cvs_backup/e107_0.8/e107_handlers/e107_class.php,v $
* $Revision: 1.82 $ * $Revision: 1.83 $
* $Date: 2009-11-23 11:51:01 $ * $Date: 2009-11-24 16:30:06 $
* $Author: e107coders $ * $Author: secretr $
*/ */
if (!defined('e107_INIT')) { exit; } if (!defined('e107_INIT')) { exit; }
@@ -25,7 +25,14 @@ define('LOCALHOST_IP', '0000:0000:0000:0000:0000:ffff:7f00:0001'); // IPV6 stri
class e107 class e107
{ {
public $server_path; public $server_path;
public $e107_dirs;
public $e107_dirs = array();
/**
* @var array SQL connection data
*/
protected $e107_config_mysql_info = array();
public $http_path; public $http_path;
public $https_path; public $https_path;
public $base_path; public $base_path;
@@ -36,6 +43,11 @@ class e107
public $site_theme; public $site_theme;
/**
* @var string Current request type (http or https)
*/
protected $HTTP_SCHEME;
/** /**
* Used for runtime caching of user extended struct * Used for runtime caching of user extended struct
* *
@@ -128,14 +140,14 @@ class e107
'themeHandler' => '{e_HANDLER}theme_handler.php', 'themeHandler' => '{e_HANDLER}theme_handler.php',
'e_model' => '{e_HANDLER}model_class.php', 'e_model' => '{e_HANDLER}model_class.php',
'e_admin_model' => '{e_HANDLER}model_class.php', 'e_admin_model' => '{e_HANDLER}model_class.php',
'e_admin_dispatcher' => '{e_HANDLER}admin_handler.php', 'e_admin_dispatcher' => '{e_HANDLER}admin_ui.php',
'e_admin_request' => '{e_HANDLER}admin_handler.php', 'e_admin_request' => '{e_HANDLER}admin_ui.php',
'e_admin_response' => '{e_HANDLER}admin_handler.php', 'e_admin_response' => '{e_HANDLER}admin_ui.php',
'e_admin_controller' => '{e_HANDLER}admin_handler.php', 'e_admin_controller' => '{e_HANDLER}admin_ui.php',
'e_admin_controller_ui' => '{e_HANDLER}admin_handler.php', 'e_admin_controller_ui' => '{e_HANDLER}admin_ui.php',
'e_admin_ui' => '{e_HANDLER}admin_handler.php', 'e_admin_ui' => '{e_HANDLER}admin_ui.php',
'e_admin_form_ui' => '{e_HANDLER}admin_handler.php', 'e_admin_form_ui' => '{e_HANDLER}admin_ui.php',
'e_admin_icons' => '{e_HANDLER}admin_handler.php', 'e_admin_icons' => '{e_HANDLER}admin_ui.php',
'DHTML_Calendar' => '{e_HANDLER}calendar/calendar_class.php', 'DHTML_Calendar' => '{e_HANDLER}calendar/calendar_class.php',
'comment' => '{e_HANDLER}comment_class.php', 'comment' => '{e_HANDLER}comment_class.php',
'e107_user_extended' => '{e_HANDLER}user_extended_class.php', 'e107_user_extended' => '{e_HANDLER}user_extended_class.php',
@@ -202,9 +214,9 @@ class e107
* *
* @return e107 * @return e107
*/ */
public function init($e107_paths, $e107_root_path) public function initCore($e107_paths, $e107_root_path, $e107_config_mysql_info)
{ {
return $this->_init($e107_paths, $e107_root_path); return $this->_init($e107_paths, $e107_root_path, $e107_config_mysql_info);
} }
/** /**
@@ -212,15 +224,34 @@ class e107
* *
* @return e107 * @return e107
*/ */
protected function _init($e107_paths, $e107_root_path) protected function _init($e107_paths, $e107_root_path, $e107_config_mysql_info)
{ {
if(empty($this->e107_dirs)) if(empty($this->e107_dirs))
{ {
// Do some security checks/cleanup, prepare the environment
$this->prepare_request();
// folder info
$this->e107_dirs = $e107_paths; $this->e107_dirs = $e107_paths;
// mysql connection info
$this->e107_config_mysql_info = $e107_config_mysql_info;
// various constants - MAGIC_QUOTES_GPC, MPREFIX, ...
$this->set_constants();
// build all paths
$this->set_paths(); $this->set_paths();
$this->set_base_path();
$this->set_eUrls();
$this->file_path = $this->fix_windows_paths($e107_root_path)."/"; $this->file_path = $this->fix_windows_paths($e107_root_path)."/";
// set base path, SSL is auto-detected
$this->set_base_path(false);
// set some core URLs (e_LOGIN/SIGNUP)
$this->set_urls();
// cleanup QUERY_STRING and friends, set related constants
$this->set_request();
} }
return $this; return $this;
} }
@@ -288,14 +319,29 @@ class e107
/** /**
* Get folder name (e107_config) * Get folder name (e107_config)
* Replaces all $(*)_DIRECTORY globals * Replaces all $(*)_DIRECTORY globals
* Example: $e107->getFolder('images'); * Example: <code>$e107->getFolder('images')</code>;
* *
* @param string $for * @param string $for
* @return string * @return string
*/ */
function getFolder($for) function getFolder($for)
{ {
return varset($this->e107_dirs[strtoupper($for).'_DIRECTORY']); $key = strtoupper($for).'_DIRECTORY';
return (isset($this->e107_dirs[$key]) ? $this->e107_dirs[$key] : '');
}
/**
* Get mysql config var (e107_config.php)
* Replaces all $mySQL(*) globals
* Example: <code>$e107->getMySQLConfig('prefix');</code>
*
* @param string $for prefix|server|user|password|defaultdb
* @return string
*/
function getMySQLConfig($for)
{
$key = 'mySQL'.$for;
return (isset($this->e107_config_mysql_info[$key]) ? $this->e107_config_mysql_info[$key] : '');
} }
/** /**
@@ -1236,32 +1282,122 @@ class e107
} }
/** /**
* Check if plugin is installed * Prepare e107 environment
* @param string $plugname * This is done before e107_dirs initilization and [TODO] config include
* @return boolean * @return e107
*/ */
public static function isInstalled($plugname) public function prepare_request()
{ {
// Could add more checks here later if appropriate // TODO - better ajax detection method (headers when possible)
return self::getConfig()->isData('plug_installed/'.$plugname); define('e_AJAX_REQUEST', isset($_REQUEST['ajax_used']));
unset($_REQUEST['ajax_used']); // removed because it's auto-appended from JS (AJAX), could break something...
//$GLOBALS['_E107'] - minimal mode - here because of the e_AJAX_REQUEST
if(isset($GLOBALS['_E107']['minimal']) || e_AJAX_REQUEST)
{
$_e107vars = array('forceuserupdate', 'online', 'theme', 'menus', 'prunetmp');
foreach($_e107vars as $v)
{
$noname = 'no_'.$v;
if(!isset($GLOBALS['_E107'][$v]))
{
$GLOBALS['_E107'][$noname] = 1;
}
unset($GLOBALS['_E107'][$v]);
}
}
// remove ajax_used=1 from query string to avoid SELF problems, ajax should always be detected via e_AJAX_REQUEST constant
$_SERVER['QUERY_STRING'] = str_replace(array('ajax_used=1', '&&'), array('', '&'), $_SERVER['QUERY_STRING']);
// e107 uses relative url's, which are broken by "pretty" URL's. So for now we don't support / after .php
if(($pos = strpos($_SERVER['PHP_SELF'], '.php/')) !== false) // redirect bad URLs to the correct one.
{
$new_url = substr($_SERVER['PHP_SELF'], 0, $pos+4);
$new_loc = ($_SERVER['QUERY_STRING']) ? $new_url.'?'.$_SERVER['QUERY_STRING'] : $new_url;
header('Location: '.$new_loc);
exit();
}
// If url contains a .php in it, PHP_SELF is set wrong (imho), affecting all paths. We need to 'fix' it if it does.
$_SERVER['PHP_SELF'] = (($pos = strpos($_SERVER['PHP_SELF'], '.php')) !== false ? substr($_SERVER['PHP_SELF'], 0, $pos+4) : $_SERVER['PHP_SELF']);
// setup some php options
e107::ini_set('magic_quotes_runtime', 0);
e107::ini_set('magic_quotes_sybase', 0);
e107::ini_set('arg_separator.output', '&amp;');
e107::ini_set('session.use_only_cookies', 1);
e107::ini_set('session.use_trans_sid', 0);
// Ensure thet '.' is the first part of the include path
$inc_path = explode(PATH_SEPARATOR, ini_get('include_path'));
if($inc_path[0] != '.')
{
array_unshift($inc_path, '.');
$inc_path = implode(PATH_SEPARATOR, $inc_path);
e107_ini_set('include_path', $inc_path);
}
unset($inc_path);
return $this;
} }
/** /**
* Set base system path
* @return e107 * @return e107
*/ */
public function set_base_path() public function set_base_path($force = null)
{ {
$this->base_path = (self::getPref('ssl_enabled') == 1 ? $this->https_path : $this->http_path); $ssl_enabled = (null !== $force) ? $force : $this->isSecure();//(self::getPref('ssl_enabled') == 1);
$this->base_path = $ssl_enabled ? $this->https_path : $this->http_path;
return $this;
}
/**
* Set various system environment constants
* @return e107
*/
public function set_constants()
{
define('MAGIC_QUOTES_GPC', (ini_get('magic_quotes_gpc') ? true : false));
define('MPREFIX', $this->getMySQLConfig('prefix')); // mysql prefix
define('CHARSET', 'utf-8'); // set CHARSET for backward compatibility
// Define the domain name and subdomain name.
if($_SERVER['HTTP_HOST'] && is_numeric(str_replace(".","",$_SERVER['HTTP_HOST'])))
{
$srvtmp = ''; // Host is an IP address.
}
else
{
$srvtmp = explode('.',str_replace('www.', '', $_SERVER['HTTP_HOST']));
}
define('e_SUBDOMAIN', (count($srvtmp)>2 && $srvtmp[2] ? $srvtmp[0] : false)); // needs to be available to e107_config.
if(e_SUBDOMAIN)
{
unset($srvtmp[0]);
}
define('e_DOMAIN',(count($srvtmp) > 1 ? (implode('.', $srvtmp)) : false)); // if it's an IP it must be set to false.
define('e_UC_PUBLIC', 0);
define('e_UC_MAINADMIN', 250);
define('e_UC_READONLY', 251);
define('e_UC_GUEST', 252);
define('e_UC_MEMBER', 253);
define('e_UC_ADMIN', 254);
define('e_UC_NOBODY', 255);
return $this; return $this;
} }
/** /**
* Set all environment vars and constants * Set all environment vars and constants
* FIXME - remove globals * FIXME - remove globals
* @return e107
*/ */
public function set_paths() public function set_paths()
{ {
@@ -1270,7 +1406,14 @@ class e107
$UPLOADS_DIRECTORY,$_E107, $MEDIA_DIRECTORY; $UPLOADS_DIRECTORY,$_E107, $MEDIA_DIRECTORY;
// global $NEWSIMAGES_DIRECTORY, $CUSTIMAGES_DIRECTORY; // global $NEWSIMAGES_DIRECTORY, $CUSTIMAGES_DIRECTORY;
// ssl_enabled pref not needed anymore, scheme is auto-detected
$this->HTTP_SCHEME = 'http';
if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on')
{
$this->HTTP_SCHEME = 'https';
}
$path = ""; $i = 0; $path = ""; $i = 0;
if(!isset($_E107['cli'])) if(!isset($_E107['cli']))
@@ -1413,6 +1556,7 @@ class e107
define("e_UPLOAD_ABS", e_HTTP.$UPLOADS_DIRECTORY); define("e_UPLOAD_ABS", e_HTTP.$UPLOADS_DIRECTORY);
} }
} }
return $this;
} }
/** /**
@@ -1428,28 +1572,27 @@ class e107
return $fixed_path; return $fixed_path;
} }
/** /**
* Define e_PAGE, e_SELF, e_ADMIN_AREA and USER_AREA; * Define e_PAGE, e_SELF, e_ADMIN_AREA and USER_AREA;
* The following files are assumed to use admin theme: * The following files are assumed to use admin theme:
* 1. Any file in the admin directory (check for non-plugin added to avoid mismatches) * 1. Any file in the admin directory (check for non-plugin added to avoid mismatches)
* 2. any plugin file starting with 'admin_' * 2. any plugin file starting with 'admin_'
* 3. any plugin file in a folder called admin/ * 3. any plugin file in a folder called admin/
* 4. any file that specifies $eplug_admin = TRUE; * 4. any file that specifies $eplug_admin = TRUE; or ADMIN_AREA = TRUE;
* @return * NOTE: USER_AREA = true; will force e_ADMIN_AREA to FALSE
* @return e107
*/ */
public function set_eUrls() public function set_urls()
{ {
global $PLUGINS_DIRECTORY,$ADMIN_DIRECTORY, $eplug_admin; //global $PLUGINS_DIRECTORY,$ADMIN_DIRECTORY, $eplug_admin;
$PLUGINS_DIRECTORY = $this->getFolder('plugins');
$ADMIN_DIRECTORY = $this->getFolder('admin');
$eplug_admin = $GLOBALS['eplug_admin'];
$pref = $this->getConfig()->getPref();
$page = substr(strrchr($_SERVER['PHP_SELF'], '/'), 1); $page = substr(strrchr($_SERVER['PHP_SELF'], '/'), 1);
define('e_PAGE', $page); define('e_PAGE', $page);
define('e_SELF', ($pref['ssl_enabled'] == '1' ? 'https://'.$_SERVER['HTTP_HOST'] : 'http://'.$_SERVER['HTTP_HOST']) . ($_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_FILENAME'])); define('e_SELF', $this->HTTP_SCHEME . '://' . $_SERVER['HTTP_HOST'] . ($_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_FILENAME']));
define('e_SIGNUP', e_BASE.(file_exists(e_BASE.'customsignup.php') ? 'customsignup.php' : 'signup.php')); define('e_SIGNUP', e_BASE.(file_exists(e_BASE.'customsignup.php') ? 'customsignup.php' : 'signup.php'));
define('e_LOGIN', e_BASE.(file_exists(e_BASE.'customlogin.php') ? 'customlogin.php' : 'login.php')); define('e_LOGIN', e_BASE.(file_exists(e_BASE.'customlogin.php') ? 'customlogin.php' : 'login.php'));
@@ -1471,16 +1614,69 @@ class e107
} }
// This should avoid further checks - NOTE: used in js_manager.php // This should avoid further checks - NOTE: used in js_manager.php
define('e_ADMIN_AREA', ($inAdminDir && !defsettrue('USER_AREA'))); //Force USER_AREA added define('e_ADMIN_AREA', ($inAdminDir && !deftrue('USER_AREA'))); //Force USER_AREA added
define('ADMINDIR', $ADMIN_DIRECTORY);
define('SITEURLBASE', $this->HTTP_SCHEME.'://'.$_SERVER['HTTP_HOST']);
define('SITEURL', SITEURLBASE.e_HTTP);
return $this;
} }
/**
* Set request related constants
* @return e107
*/
public function set_request()
{
$inArray = array("'", ';', '/**/', '/UNION/', '/SELECT/', 'AS ');
if (strpos($_SERVER['PHP_SELF'], 'trackback') === false)
{
foreach($inArray as $res)
{
if(stristr($_SERVER['QUERY_STRING'], $res))
{
die('Access denied.');
}
}
}
if (strpos($_SERVER['QUERY_STRING'], ']') && preg_match("#\[(.*?)](.*)#", $_SERVER['QUERY_STRING'], $matches))
{
define('e_MENU', $matches[1]);
$e_QUERY = $matches[2];
if(strlen(e_MENU) == 2) // language code ie. [fr]
{
require_once(e_HANDLER."language_class.php");
$slng = new language;
define('e_LANCODE', true);
$_GET['elan'] = $slng->convert(e_MENU);
}
}
else
{
define('e_MENU', '');
$e_QUERY = $_SERVER['QUERY_STRING'];
define('e_LANCODE', '');
}
$e_QUERY = str_replace("&","&amp;", self::getParser()->post_toForm($e_QUERY));
define('e_QUERY', $e_QUERY);
define('e_TBQS', $_SERVER['QUERY_STRING']);
$_SERVER['QUERY_STRING'] = e_QUERY;
}
/**
* Check if current request is secure (https)
* @return
*/
public function isSecure()
{
return ($this->HTTP_SCHEME === 'https');
}
/** /**
* Check if current user is banned * Check if current user is banned
* *
@@ -1904,6 +2100,32 @@ class e107
return (null !== $separator ? implode($separator, $ret) : $ret); return (null !== $separator ? implode($separator, $ret) : $ret);
} }
/**
* Check if plugin is installed
* @param string $plugname
* @return boolean
*/
public static function isInstalled($plugname)
{
// Could add more checks here later if appropriate
return self::getConfig()->isData('plug_installed/'.$plugname);
}
/**
* Safe way to set ini var
* @param string $var
* @param string $value
* @return
*/
public static function ini_set($var, $value)
{
if (function_exists('ini_set'))
{
return ini_set($var, $value);
}
return false;
}
public function __get($name) public function __get($name)
{ {