Session->CookieName); /*$session_cookie_name = $ado->GetOne('SELECT VariableValue FROM '.$g_TablePrefix.'ConfigurationValues WHERE VariableName = "SessionCookieName"'); define('SESSION_COOKIE_NAME', $session_cookie_name ? $session_cookie_name : 'sid'); */ set_cookie('cookies_on', '1', adodb_mktime() + 31104000); // if branches that uses if($mod_prefix) or like that will never be executed // due global variable $mod_prefix is never defined $ExtraVars = array(); function ParseEnv() { global $env, $var_list, $mod_prefix,$objSession, $SessionQueryString; /* parse individual sections */ $env = GetVar('env'); if (!$env) { $var_list['t'] = 'index'; if (is_array($mod_prefix)) { foreach($mod_prefix as $module_prefix => $module_name) { $parser_name = $module_prefix.'_ParseEnv'; if( function_exists($parser_name) ) $parser_name(); } } } else { $env_sections = explode(':', $env); $main = array_shift($env_sections); if($main) { list($sid, $template) = explode('-', $main, 2); if(!$SessionQueryString) { if (!$sid || $sid == '_') { if ($sid != '_') $sid = $_COOKIE[SESSION_COOKIE_NAME]; } else { $SessionQueryString = true; } } $var_list['sid'] = $sid; $var_list['t'] = $template; if( getArrayValue($_GET, 'dest') ) $var_list['dest'] = $_GET['dest']; } foreach ($env_sections as $env_section) { $env_section = preg_replace("/^([a-zA-Z]+)([0-9]+)-(.*)/", "$1-$2-$3", $env_section); $pieces = explode('-', $env_section); $parser_name = $pieces[0].'_ParseEnv'; if( function_exists($parser_name) ) { $env_section = preg_replace('/^([a-zA-Z]+)-([0-9]+)-(.*)/','\\1\\2-\\3', $env_section); $parser_name($env_section); } } } if(!$SessionQueryString) $var_list['sid'] = $_COOKIE[SESSION_COOKIE_NAME]; } function LoadEnv() { global $env, $var_list, $mod_prefix,$objSession; $env = $_GET["env"]; // echo "Loading Variables..
\n"; if ($env != "") { $envsections = explode(":", $env); foreach($mod_prefix as $key => $value) { if(strlen($key)) { $parsed=FALSE; for($i=1; $i\n"; if(($objConfig->Get("CookieSessions")==0 || !$FrontEnd || ($objConfig->Get("CookieSessions")==2 && $SessionQueryString==TRUE))) { if(!$objSession->UseTempKeys) { $sessionkey = $objSession->GetSessionKey(); } else $sessionkey = $objSession->Get("CurrentTempKey"); $env = $sessionkey; } $env .= "-"; if (isset($var_list_update["t"])) { if($var_list_update["t"]=="_referer_") { $var_list_update["t"] =$objSession->GetVariable("Template_Referer"); } $t = $var_list_update["t"]; if (substr($t, 0, strlen('kernel4:')) == 'kernel4:') { $t = substr($t, strlen('kernel4:')); $env .= $t; } else { if(!is_numeric($t)) { if(!is_object($theme)) $theme = $objThemes->GetItem($m_var_list["theme"]); $id = $theme->GetTemplateId($t); $var_list_update["t"] = $id; } $env .= $var_list_update["t"]; } } else { $t = isset($var_list['t']) ? $var_list['t'] : ''; if(!is_numeric($t)) { if(!is_object($theme)) $theme = $objThemes->GetItem($m_var_list["theme"]); $id = $theme->GetTemplateId($t); $t = $id; } $env .= $t; } if(is_array($mod_prefix)) { foreach($mod_prefix as $key => $value) { $builder_name = $key . "_BuildEnv"; if(function_exists($builder_name)) { if($key == 'm') { $GLOBALS[$key.'_var_list_update']['test'] = 'test'; } $env .= $builder_name(); } } } $extra = ""; $keys = array_keys($ExtraVars); if(is_array($keys)) { for($i=0;$iGetVariable('Template_Referer'); if ( substr($t, 0, strlen('kernel4:') ) == 'kernel4:' ) $t = substr($t, strlen('kernel4:') ); $url_params = Array('t' => $t); // sicne 1.3.0 the category is not passed by default when mod_rewrite is on // enable pass category for module templates (they usually need it) and suggest_cat. // platform templates usually do not need category if ( preg_match('/^inlink|^inbulletin|^innews/', $t) || in_array(preg_replace('/\.tpl$/', '', $t), array('suggest_cat')) ) { $url_params['pass_category'] = 1; } $app =& kApplication::Instance(); $app->SetVar('prefixes_passed', Array() ); if( is_array($mod_prefix) ) { foreach($mod_prefix as $key => $value) { $builder_name = $key.'_BuildEnv_NEW'; if( function_exists($builder_name) ) { if($key == 'm') { $GLOBALS[$key.'_var_list_update']['test'] = 'test'; } $url_params = array_merge_recursive2($url_params, $builder_name() ); } } } $url_params['pass'] = implode( ',', $app->GetVar('prefixes_passed') ); return $url_params; } function CategoryActionFunc($basename,$CatList) { global $mod_prefix; foreach($mod_prefix as $key => $value) { $function_name = $key."_".$basename; if(function_exists($function_name)) { $function_name($CatList); } } } function RegisterEnv($Var,$Value) { global $ExtraVars; $ExtraVars[$Var] = $Value; } function UnregisterEnv($Var) { global $ExtraVars; unset($ExtraVars[$Var]); } function ModuleTagPrefix($name) { global $modules_loaded; $ret = ""; foreach($modules_loaded as $prefix=>$mod_name) { if($name==$mod_name) { $ret = $prefix; break; } } return $ret; } function ModuleEnabled($name) { global $template_path; $a = array_keys($template_path); if(in_array($name,$a)) return TRUE; return FALSE; } function GetModuleArray($array_name="mod_prefix") { switch($array_name) { case "mod_prefix": global $mod_prefix; return $mod_prefix; break; case "admin": global $mod_prefix, $modules_loaded; $mod = array(); if(is_array($mod_prefix) && is_array($modules_loaded)) { foreach ($mod_prefix as $key=>$value) { if($key != 'bbcat' && _ModuleLicensed($modules_loaded[$key]) || $key=="m") { $mod[$key] = $value; } } } return $mod; break; case "loaded": global $modules_loaded; return $modules_loaded; break; case "template": global $template_path; return $template_path; case "rootcat": global $mod_root_cats; return $mod_root_cats; break; } } function admin_login() { global $objSession,$login_error, $objConfig,$g_Allow,$g_Deny; // echo "

"; print_r($objSession); echo "

"; if( GetVar('help_usage') == 'install' ) return true; $env_arr = explode('-', $_GET['env']); $get_session_key = $env_arr[0]; $admin_login = isset($_POST['adminlogin']) && $_POST['adminlogin']; if(!$objSession->ValidSession()) { // || ($objSession->GetSessionKey() != $get_session_key && !$admin_login) if( isset($_GET['expired']) && ($_GET['expired'] == 1) ) $login_error = admin_language("la_text_sess_expired"); return FALSE; //echo "Expired
"; } if ($objSession->HasSystemPermission("ADMIN") == 1) return TRUE; if(count($_POST)==0 || $_POST["adminlogin"]!=1) return FALSE; $login=$_POST["login"]; $password = $_POST["password"]; if (strlen($login) && strlen($password)) { if(!_IpAccess($_SERVER['REMOTE_ADDR'],$g_Allow,$g_Deny)) { $login_error = admin_language("la_text_address_denied"); return FALSE; } $valid = $objSession->Login($login, md5($password)); $hasperm = ($objSession->HasSystemPermission("ADMIN") == 1); if (($login=="root" || $hasperm) && $valid) { if(_ValidateModules()) { return TRUE; } else $login_error = "Missing or invalid In-Portal License"; } else { if(!$hasperm && $valid) { $login_error = admin_language("la_text_nopermissions"); } else { $login_error = admin_language("la_Text_Access_Denied"); } return FALSE; } } else { if(!strlen($login)) { $login_error = admin_language("la_Text_Missing_Username"); } else if(!strlen($password)) $login_error = admin_language("la_Text_Missing_Password"); return FALSE; } } #--------------------------------------------------------------------------- function _EnableCookieSID() { global $var_list, $objConfig; if((!$_COOKIE[SESSION_COOKIE_NAME] && $objConfig->Get("CookieSessions")>0 && strlen($var_list["sid"])<2 && !headers_sent()) || strlen($_COOKIE[SESSION_COOKIE_NAME]) > 0) { return TRUE; } else return FALSE; } function _IsSpider($UserAgent) { global $robots, $pathtoroot; $lines = file($pathtoroot.'kernel/include/robots_list.txt'); if(!is_array($robots)) { $robots = array(); for($i=0;$i1 && !$IsIp) { $p = explode(".",$d); $ret = $p[count($p)-2].".".$p[count($p)-1]; } else $ret = $d; return $ret; } function _MatchIp($ip1,$ip2) { $matched = TRUE; $ip = explode(".",$ip1); $MatchIp = explode(".",$ip2); for($i=0;$i"; $domain = _GetDomain(); //echo "Domain: ".$domain."
"; if(!_IsLocalSite($domain)) { $domain = _StripDomainHost($domain); //echo "New domain: $domain
"; // echo "

"; print_r($i_Keys); echo "

"; for($x=0;$x0) { return TRUE; } } else return TRUE; return FALSE; } function _ModuleLicensed($name) { global $i_Keys, $objConfig, $pathtoroot; $vars = parse_portal_ini($pathtoroot.'config.php'); // globalize vars from config (theese vars are already present, why to do this again?) foreach ($vars as $config_key => $config_value) { $GLOBALS['g_'.$config_key] = $config_value; } $lic = base64_decode($GLOBALS['g_License']); _ParseLicense($lic); $modules = array(); if(!_IsLocalSite(_GetDomain())) { for($x=0;$x"; $modules = explode(",",$key["mod"]); } } //print_pre($modules); if(in_array($name,$modules)) { //echo "ok
"; return TRUE; } } else { return TRUE; } return FALSE; } function _GetDomain() { global $objConfig, $g_Domain; if($objConfig->Get("DomainDetect")) { $d = $_SERVER['HTTP_HOST']; } else $d = $g_Domain; return $d; } function _keyED($txt,$encrypt_key) { $encrypt_key = md5($encrypt_key); $ctr=0; $tmp = ""; for ($i=0;$i= 5 && $i < 7) return _GetObscureValue($z)*_GetObscureValue('e'); if ($i > 30) return Array(0x6c,0x6f,0x63,0x61,0x6c,0x68,0x6f,0x73,0x74); if ($i > 20) return 99; if ($i > 10) return '.'.(_GetObscureValue(6.5)+1); if ($i == 'a') return 0xa; } function _Chr($val) { $x = _GetObscureValue(25); $f = chr($x).chr($x+5).chr($x+15); return $f($val); } function _IsLocalSite($domain) { $ee = _GetObscureValue(35); $yy = ''; foreach ($ee as $e) $yy .= _Chr($e); $localb = FALSE; if(substr($domain,0,3)==_GetObscureValue('x')) { $b = substr($domain,0,6); $p = explode(".",$domain); $subnet = $p[1]; if($p[1]>15 && $p[1]<32) $localb=TRUE; } $zz = _GetObscureValue('z')._GetObscureValue(5).'.'.(int)_GetObscureValue(7)._GetObscureValue(12); $ff = _GetObscureValue('z')+65; $hh = $ff-0x18; if($domain==$yy || $domain==$zz || substr($domain,0,7)==$ff._Chr(46).$hh || substr($domain,0,3)==_GetObscureValue('a')._Chr(46) || $localb || strpos($domain,".")==0) { return TRUE; } return FALSE; } function _falseIsLocalSite($domain) { $localb = FALSE; if(substr($domain,0,3)=="172") { $b = substr($domain,0,6); $p = explode(".",$domain); $subnet = $p[1]; if($p[1]>15 && $p[1]<32) $localb=TRUE; } if($domain=="localhost" || $domain=="127.0.0.1" || substr($domain,0,7)=="192.168" || substr($domain,0,3)=="10." || $localb || strpos($domain,".")==0) { return TRUE; } return FALSE; } //echo "Before Stuff
"; LogEntry("Loading Modules\n"); /* get the module list from the database */ $adodbConnection = &GetADODBConnection(); $sql = "SELECT Name, Path, Var,TemplatePath, RootCat from ".GetTablePrefix()."Modules where Loaded=1 ORDER BY LoadOrder"; $rs = $adodbConnection->Execute($sql); while($rs && !$rs->EOF) { $key = $rs->fields["Var"]; $mod_prefix[$key] = $rs->fields["Path"]; $modules_loaded[$key] = $rs->fields["Name"]; $name = $rs->fields["Name"]; $template_path[$name] = $rs->fields["TemplatePath"]; $mod_root_cats[$name] = $rs->fields["RootCat"]; // echo $key . "=". $modules_loaded[$key]."
\n"; $rs->MoveNext(); } LogEntry("Loading Module Parser scripts\n"); /* for each module enabled, load up parser.php */ //foreach($mod_prefix as $key => $value) $LogLevel++; if(is_array($mod_prefix)) { foreach($mod_prefix as $key => $value) { $mod = $pathtoroot . $value . "parser.php"; // LogEntry("Loading parser $mod \n"); if (file_exists($mod)) { // k4 modules may have no parser.php require_once($mod); } } } $LogLevel--; LogEntry("Finished Loading Module Parser scripts\n"); /*now each module gets a look at the environment string */ // SID detecting engine: begin $SessionQueryString = false; // by default assume, that SID is located in cookie if( !isset($FrontEnd) ) $FrontEnd = false; // if frontend not explicitly defined, than $SessionQueryString = $application->Session->NeedQueryString(); /*if($FrontEnd != 1) { $SessionQueryString = true; }*/ if (is_array($mod_prefix)) { ParseEnv(); } if (defined('THIS_FILE') && (THIS_FILE == 'admin/index') ) { // this is admin login screen & we don't have sid in url here, // but session is already created by K4, then gether sid from it $application =& kApplication::Instance(); $var_list['sid'] = $application->GetSID(); } /* create the session object */ $ip = $_SERVER["REMOTE_ADDR"]; if ( !isset($var_list['sid']) ) $var_list['sid'] = ''; if ( !isset($_GET['env']) ) $_GET['env'] = ''; if(strlen($var_list["sid"])==0 && strlen($_GET["env"])>0 && $objConfig->Get("CookieSessions")==smCOOKIES_ONLY) { if(_IsSpider($_SERVER["HTTP_USER_AGENT"])) { $UseSession = FALSE; } else { /* switch user to GET session var */ if (!$_COOKIE[SESSION_COOKIE_NAME]) { $SessionQueryString = TRUE; } //else { //$cg = '--code--'; //} $UseSession = TRUE; } } else { $UseSession = TRUE; } if($var_list["sid"]=="_") $var_list["sid"]=""; /*setup action variable*/ $Action = isset($_REQUEST['Action']) ? $_REQUEST['Action'] : ''; if($Action == 'm_logout') { $u = new clsUserSession($var_list['sid']); // ,($SessionQueryString && $FrontEnd==1) $application =& kApplication::Instance(); $application->HandleEvent( new kEvent('u:OnInpLogout') ); $u->Logout(); unset($u); $var_list_update['t'] = 'index'; $var_list['t'] = ''; $var_list['sid'] = ''; set_cookie('login', '', adodb_mktime() - 3600); set_cookie(SESSION_COOKIE_NAME, '', adodb_mktime() - 3600); } $CookieTest = isset($_COOKIE['cookies_on']) ? $_COOKIE['cookies_on'] : ''; if($var_list['sid'] && !$CookieTest) // when going from http -> https and via versa assume, that cookies are allowed { $CookieTest = true; $_COOKIE['cookies_on'] = 1; } $HTTP_REFERER = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''; /*if ( ($CookieTest == 1) ) { // || !strstr($HTTP_REFERER, $_SERVER['HTTP_HOST'].$objConfig->Get("Site_Path")) $SessionQueryString = FALSE; } if ($FrontEnd != 1) { $SessionQueryString = TRUE; }*/ // SID detecting engine: end $objSession = new clsUserSession($var_list["sid"],($SessionQueryString && $FrontEnd==1)); if($UseSession) { if(!$objSession->ValidSession()) { /* Get rid of Invalid Session and make a brand new one*/ // echo "Dumping Session ".$var_list["sid"]."
"; unset($var_list["sid"]); $objSession->GetNewSession(); $var_list["sid"] = $objSession->GetSessionKey(); $var_list_update["sid"]=$objSession->GetSessionKey(); if(is_numeric($m_var_list["theme"])) $objSession->SetThemeName($m_var_list["theme"]); if($objConfig->Get("CookieSessions")>0 && !$SessionQueryString && !headers_sent()) { // set_cookie(SESSION_COOKIE_NAME, $var_list['sid'], 0); } //echo "New Session: ".$objSession->GetSessionKey()."
\n"; if(isset($_COOKIE["login"]) && $Action != "m_logout" && $FrontEnd==1) { $parts = explode("|",$_COOKIE["login"]); $username = $parts[0]; $pass = $parts[1]; $objSession->Login($username,$pass); } } else { if($objSession->Get("Language")!=$m_var_list["lang"]) { $objSession->Set("Language", (int)$m_var_list["lang"]); } $objSession->LoadSessionData(); $objSession->UpdateAccessTime(); $objSession->Update(); LoadEnv(); } } if( isset($var_list['t']) && is_numeric($var_list['t'])) { if( !isset($CurrentTheme) ) $CurrentTheme = null; if(!is_object($CurrentTheme)) $CurrentTheme = $objThemes->GetItem($m_var_list["theme"]); $var_list["t"] = $CurrentTheme->GetTemplateById($var_list["t"]); $objSession->Set("Theme", (int)$CurrentTheme->Get("Name")); } /*create the global current user object */ $UserID=$objSession->Get("PortalUserId"); $objCurrentUser = new clsPortalUser($UserID); /* include each module's action.php script */ LogEntry("Loading Module action scripts\n"); ## Global Referer Template $_local_t = isset($var_list['t']) ? $var_list['t'] : ''; if(is_array($mod_prefix)) { foreach($mod_prefix as $key => $folder_name) { $var_to_global = $key.'_var_list'; global $$var_to_global; $application =& kApplication::Instance(); // just to sure, that object is here in all actions if($FrontEnd == 0 || !is_numeric($FrontEnd) || $FrontEnd == 2) { $rootURL = 'http://'.ThisDomain().$objConfig->Get('Site_Path'); $admin = $objConfig->Get("AdminDirectory"); if( !strlen($admin) ) $admin = "admin"; $adminURL = $rootURL.$admin; $imagesURL = $adminURL."/images"; if( $key != 'bbcat' && _ModuleLicensed($modules_loaded[$key]) ) { $mod = $pathtoroot.$folder_name."module_init.php"; if( file_exists($mod) ) require_once($mod); $mod = $pathtoroot.$folder_name."action.php"; if( file_exists($mod) ) require_once($mod); $mod = $pathtoroot.$folder_name."searchaction.php"; if( file_exists($mod) ) require_once($mod); } } if($FrontEnd==1 || $FrontEnd==2) { $mod = $pathtoroot.$folder_name."module_init.php"; if(file_exists($mod)) require_once($mod); $mod = $pathtoroot.$folder_name."frontaction.php"; if(file_exists($mod)) require_once($mod); } } } if( !isset($SearchPerformed) ) $SearchPerformed = false; if($SearchPerformed == true) $objSearch->BuildIndexes(); LogEntry("Finished Loading Module action scripts\n"); ?>