function getPageDB($page)
{
global $db;
$q="select path from pages where name='$page'";
$r=$db->query($q);
if($db->num_rows($r)==0)
return pageNotFound($page);
$row=$db->result($r);
include($row[path]);
return html(head().view());
}
public static function bindResource($vendor, $name, $file)
{
$module = module($vendor . '/' . $name);
if (!$module->exists()) {
return pageNotFound();
}
$path = $module->assets() . '/' . trim($file, '/');
if (file_exists($path)) {
return new Resource($path);
}
return pageNotFound();
}
function get()
{
// Make sure params are numeric
foreach ($this->params as $param) {
if (!is_numeric($param)) {
// TODO replace by decent error message
pageNotFound();
}
}
$date = join('-', $this->params);
$pages = $this->page->parent()->children(array('where' => 'page.created_on LIKE :date', 'order' => 'page.created_on DESC'), array(':date' => '' . $date . '%'));
return $pages;
}
public function __construct(&$page, $params)
{
$this->page =& $page;
$this->params = $params;
switch (count($params)) {
case 0:
break;
case 1:
$slug = $params[0];
/* We try to find a subpage of the calendar page, so the event's page can be customized */
$page_found = Page::findBySlug($slug, $this->page, true);
if (is_a($page_found, "Page")) {
$this->page = $page_found;
} else {
/* A subpage is not found, so try to parse a date and then create an event's page */
try {
$datetime = new DateTime($slug);
} catch (Exception $e) {
pageNotFound();
exit;
}
$events = CalendarEvent::findEventsByDate($datetime->format('Y-m-d'));
$this->page->title = strftime("%x", $datetime->getTimestamp());
/* The date should be localized */
$this->beginCapture();
showEvents($events);
$this->endCapture();
}
break;
case 2:
$year = $params[0];
$month = $params[1];
$this->beginCapture();
$this->showCalendarForMonth($year, $month);
$this->endCapture();
break;
default:
pageNotFound();
exit;
}
}
function main()
{
// get the uri string from the query
$path = $_SERVER['QUERY_STRING'];
// Make sure special characters are decoded (support non-western glyphs like japanese)
$path = urldecode($path);
// START processing $_GET variables
// If we're NOT using mod_rewrite, we check for GET variables we need to integrate
if (!USE_MOD_REWRITE && strpos($path, '?') !== false) {
$_GET = array();
// empty $_GET array since we're going to rebuild it
list($path, $get_var) = explode('?', $path);
$exploded_get = explode('&', $get_var);
if (count($exploded_get)) {
foreach ($exploded_get as $get) {
list($key, $value) = explode('=', $get);
$_GET[$key] = $value;
}
}
} else {
if (!USE_MOD_REWRITE && (strpos($path, '&') !== false || strpos($path, '=') !== false)) {
$path = '/';
}
}
// If we're using mod_rewrite, we should have a WOLFPAGE entry.
if (USE_MOD_REWRITE && array_key_exists('WOLFPAGE', $_GET)) {
$path = $_GET['WOLFPAGE'];
unset($_GET['WOLFPAGE']);
} else {
if (USE_MOD_REWRITE) {
// We're using mod_rewrite but don't have a WOLFPAGE entry, assume site root.
$path = '/';
}
}
// Needed to allow for ajax calls to backend
if (array_key_exists('WOLFAJAX', $_GET)) {
$path = '/' . ADMIN_DIR . $_GET['WOLFAJAX'];
unset($_GET['WOLFAJAX']);
}
// END processing $_GET variables
// remove suffix page if founded
if (URL_SUFFIX !== '' and URL_SUFFIX !== '/') {
$path = preg_replace('#^(.*)(' . URL_SUFFIX . ')$#i', "\$1", $path);
}
define('CURRENT_PATH', trim($path, '/'));
// Alias for backward compatibility, this constant should no longer be used.
define('CURRENT_URI', CURRENT_PATH);
if ($path != null && $path[0] != '/') {
$path = '/' . $path;
}
// Check if there's a custom route defined for this URI,
// otherwise continue and assume page was requested.
if (Dispatcher::hasRoute($path)) {
Observer::notify('dispatch_route_found', $path);
Dispatcher::dispatch($path);
exit;
}
foreach (Observer::getObserverList('page_requested') as $callback) {
$path = call_user_func_array($callback, array(&$path));
}
// this is where 80% of the things is done
$page = Page::findByPath($path, true);
// if we found it, display it!
if (is_object($page)) {
// If a page is in preview status, only display to logged in users
if (Page::STATUS_PREVIEW == $page->status_id) {
AuthUser::load();
if (!AuthUser::isLoggedIn() || !AuthUser::hasPermission('page_view')) {
pageNotFound($path);
}
}
// If page needs login, redirect to login
if ($page->getLoginNeeded() == Page::LOGIN_REQUIRED) {
AuthUser::load();
if (!AuthUser::isLoggedIn()) {
Flash::set('redirect', $page->url());
redirect(URL_PUBLIC . (USE_MOD_REWRITE ? '' : '?/') . ADMIN_DIR . '/login');
}
}
Observer::notify('page_found', $page);
$page->_executeLayout();
} else {
pageNotFound($path);
}
}
function sendToFriend()
{
global $db, $CONFIG, $pageInfo, $CONSTANT, $pageContents, $additionalJs, $intPropID;
$queryString = $pageInfo['queryString'];
parse_str($queryString, $string);
foreach ($string as $key => $val) {
$path = $val;
}
if (!is_numeric($path)) {
propertyNotFound();
} else {
$dea_id = intval($path);
}
$CONSTANT['robots'] = 'noindex,follow';
//
$sql = "SELECT\n\tpro_addr3,pro_addr4,pro_addr5,LEFT(pro_postcode, 4) AS pro_postcode,pro_north,pro_east,\n\tdeal.*,\n\tarea.are_title\n\tFROM deal\n\tLEFT JOIN property ON deal.dea_prop = property.pro_id\n\tLEFT JOIN area ON property.pro_area = area.are_id\n\tWHERE\n\t(deal.dea_status = 'Available' OR deal.dea_status = 'Under Offer' OR deal.dea_status = 'Exchanged') AND\n\tdea_id = {$dea_id}";
$q = $db->query($sql);
if ($q->numRows() == 0) {
propertyNotFound();
}
while ($row = $q->fetchRow()) {
$render = '<p>' . $row['dea_strapline'] . '</p><p>' . $row['pro_addr3'] . ', ' . $row['are_title'] . ', ' . $row['pro_postcode'] . ' - ' . format_price($row['dea_marketprice']);
if ($row['dea_type'] == 'Lettings') {
$render .= "p/w";
}
$render .= '</p><p><a href="' . $CONFIG['SITE_URL'] . 'details/' . $dea_id . '.html">' . $CONFIG['SITE_URL'] . 'details/' . $dea_id . '.html</a></p>';
$renderEmail = $row['dea_strapline'] . "\n" . $row['pro_addr3'] . ', ' . $row['are_title'] . ', ' . $row['pro_postcode'] . ' - ' . format_price($row['dea_marketprice']);
if ($row['dea_type'] == 'Lettings') {
$renderEmail .= "p/w";
}
$renderEmail .= "\n" . '' . $CONFIG['SITE_URL'] . 'details/' . $dea_id . '.html';
}
if ($_POST['action'] != 'sendtofriend') {
$render = '
<p>I\'m visiting the Wooster and Stock Web Site and I thought this property might be of interest to you:</p>
' . $render . '
<form method="post" action="">
<div class="row">
<label>Your Email Address</label>
<input type="text" name="sender_email" class="text" />
</div>
<div class="row">
<label>Your Friend\'s Email Address *</label>
<input type="text" name="recipient_email" class="text" />
</div>
<div class="row">
<label>Optional Comment</label>
<textarea name="comment" rows="4" cols="50"></textarea>
</div>
<input type="submit" value="Send" />
<input type="hidden" name="action" value="sendtofriend" />
</form>
';
} else {
if (!isset($_SERVER['HTTP_USER_AGENT'])) {
die("Forbidden - You are not authorized to view this page");
exit;
}
$authHosts = array("woosterstock.co.uk", "woosterstock.com", "wsvitaly.acp.local");
$fromArray = parse_url(strtolower($_SERVER['HTTP_REFERER']));
$wwwUsed = strpos($fromArray['host'], "www.");
if (!in_array($wwwUsed === false ? $fromArray['host'] : substr(stristr($fromArray['host'], '.'), 1), $authHosts)) {
pageNotFound();
}
// Attempt to defend against header injections:
$badStrings = array("Content-Type:", "MIME-Version:", "Content-Transfer-Encoding:", "bcc:", "cc:");
foreach ($_POST as $k => $v) {
foreach ($badStrings as $v2) {
if (strpos($v, $v2) !== false) {
pageNotFound();
}
}
}
if (!clean_input($_POST['recipient_email'])) {
$errors[] = 'Your Friend\'s Email Address';
} else {
$recipient = clean_input($_POST['recipient_email']);
}
$comment = clean_input($_POST['comment']);
if ($errors) {
$render = "<h3>Error</h3>\n<p>The following fields are mandatory:</p>\n<ul>\n";
foreach ($errors as $error) {
$render .= "<li>{$error}</li>\n";
}
$render .= "</ul>\n<p>Please <a href=\"javascript:goback();\">go back</a> and try again</p>\n";
} else {
// send the email
if ($_POST['sender_email']) {
$from = $_POST['sender_email'];
} else {
$from = '*****@*****.**';
}
$emailBody = "I'm visiting the Wooster and Stock Web Site and I thought this property might be of interest to you:\n\n";
$emailBody .= str_replace('£', 'GBP ', $renderEmail) . "\n\n";
$emailBody .= $comment;
$emailHeaders = "From: {$from}\r\n";
mail($recipient, 'Web Site recommendation from your friend or colleague', $emailBody, $emailHeaders);
header("Location:" . $CONFIG['SITE_URL'] . 'details/' . $dea_id . '.html');
}
}
return $render;
}
public function post()
{
return pageNotFound();
}
/**
* Provides a nice print out of the stack trace when an exception is thrown.
*
* @param Exception $e Exception object.
*/
function framework_exception_handler($e)
{
if (!DEBUG) {
pageNotFound();
}
echo '<style>h1,h2,h3,p,td {font-family:Verdana; font-weight:lighter;}</style>';
echo '<h1>Wolf CMS - Uncaught ' . get_class($e) . '</h1>';
echo '<h2>Description</h2>';
echo '<p>' . $e->getMessage() . '</p>';
echo '<h2>Location</h2>';
echo '<p>Exception thrown on line <code>' . $e->getLine() . '</code> in <code>' . $e->getFile() . '</code></p>';
echo '<h2>Stack trace</h2>';
$traces = $e->getTrace();
if (count($traces) > 1) {
echo '<pre style="font-family:Verdana; line-height: 20px">';
$level = 0;
foreach (array_reverse($traces) as $trace) {
++$level;
if (isset($trace['class'])) {
echo $trace['class'] . '→';
}
$args = array();
if (!empty($trace['args'])) {
foreach ($trace['args'] as $arg) {
if (is_null($arg)) {
$args[] = 'null';
} else {
if (is_array($arg)) {
$args[] = 'array[' . sizeof($arg) . ']';
} else {
if (is_object($arg)) {
$args[] = get_class($arg) . ' Object';
} else {
if (is_bool($arg)) {
$args[] = $arg ? 'true' : 'false';
} else {
if (is_int($arg)) {
$args[] = $arg;
} else {
$arg = htmlspecialchars(substr($arg, 0, 64));
if (strlen($arg) >= 64) {
$arg .= '...';
}
$args[] = "'" . $arg . "'";
}
}
}
}
}
}
}
echo '<strong>' . $trace['function'] . '</strong>(' . implode(', ', $args) . ') ';
echo 'on line <code>' . (isset($trace['line']) ? $trace['line'] : 'unknown') . '</code> ';
echo 'in <code>' . (isset($trace['file']) ? $trace['file'] : 'unknown') . "</code>\n";
echo str_repeat(" ", $level);
}
echo '</pre><hr/>';
}
$dispatcher_status = Dispatcher::getStatus();
$dispatcher_status['request method'] = get_request_method();
debug_table($dispatcher_status, 'Dispatcher status');
if (!empty($_GET)) {
debug_table($_GET, 'GET');
}
if (!empty($_POST)) {
debug_table($_POST, 'POST');
}
if (!empty($_COOKIE)) {
debug_table($_COOKIE, 'COOKIE');
}
debug_table($_SERVER, 'SERVER');
}
public static function exceptionHandler($e)
{
if (DEBUG == 0) {
pageNotFound();
}
$label = 'Uncaught ' . get_class($e) . ' ( ' . $e->getMessage() . ')';
$traceStack = array();
$traces = $e->getTrace();
if (count($traces) > 1) {
$level = 0;
foreach (array_reverse($traces) as $trace) {
++$level;
$var = false;
$val = false;
$args = array();
if (!empty($trace['args'])) {
foreach ($trace['args'] as $arg) {
if (is_null($arg)) {
$args[] = 'null';
} else {
if (is_array($arg)) {
$args[] = 'array[' . sizeof($arg) . ']';
} else {
if (is_object($arg)) {
$args[] = get_class($arg) . ' Object';
} else {
if (is_bool($arg)) {
$args[] = $arg ? 'true' : 'false';
} else {
if (is_int($arg)) {
$args[] = $arg;
} else {
$arg = htmlspecialchars(substr($arg, 0, 64));
if (strlen($arg) >= 64) {
$arg .= '...';
}
$args[] = "'" . $arg . "'";
}
}
}
}
}
}
}
$message = __('%s::%s(%s) on line %s in file %s', isset($trace['class']) ? $trace['class'] : '', $trace['function'], implode(', ', $args), $trace['line'], defined('FIREBUG') ? addslashes($trace['file']) : $trace['file']);
$traceStack[] = array('type' => 'info', 'message' => $message);
}
}
++$level;
$message = sprintf('Exception Thrown on line %s in file %s', $e->getLine(), defined('FIREBUG') ? addslashes($e->getFile()) : $e->getFile());
$traceStack[] = array('type' => 'error', 'message' => $message);
self::dump($traceStack, $label);
}
private function _displayPage($slug)
{
if (!($this->page = Page::findBySlug($slug, $this->page, true))) {
pageNotFound($slug);
}
}
if(!$Friend->exists)
{ echo pageNotFound(); return; }
//Friend exists, get their conversation
$User = new User($_SESSION['userID']);
$Conversation = $Friend->getConversationWith($User->ID, true);
if(!$Conversation->exists)
{ pageNotFound(); return; }
//Show their conversation
$title = $User->row['fName']." ".$User->row['lName']." - Chat";
$content = '/var/www/html/src/html/chat/conversation.html';
require_once('/var/www/html/src/html/blank.html');
return true;
}
else
{pageNotFound(); return;}
}
else
{pageNotFound(); return;}
return;
function pageNotFound()
{
echo "<span style='font-size:30'>404</span><br>";
echo "Page not found.";
}
?>
private function pageNotFound()
{
pageNotFound();
exit;
}
</div>
<div id="content">
<ul>
<?php
$page = $_GET['page'];
if (!isset($page)) {
print getBlogPostsList();
} else {
if ($page == 'blog') {
$post_id = $_GET['post_id'];
if (isset($post_id)) {
print getBlogPost($post_id);
} else {
print 'No Such Post';
}
} else {
print pageNotFound();
}
}
?>
</ul>
</div>
<div id="footer">
<span class="copyright">Copyright OMSU Web-Course 2015</span>
<span class="date"><?php
print getCurrentTIme();
?>
</span>
</div>
</body>
</html>