public static function loadSiteProcessor($siteIDs, $params) { $timeout = DEFAULT_MAX_CLIENT_REQUEST_TIMEOUT; //$siteID = reset($siteIDs); $siteID = $_REQUEST['siteID']; if (empty($siteID)) { echo 'Invalid Site ID'; } //$where = $params['where'] ? $params['where'].".php" : ''; $where = $_REQUEST['where'] ? $_REQUEST['where'] . ".php" : ''; $loadSiteVars = array(); if (isset($_REQUEST['var_0'])) { for ($i = 0; $i < 5; $i++) { if (isset($_REQUEST['var_' . $i]) && strpos($_REQUEST['var_' . $i], '__IWPVAR__') !== false) { $temp = explode('__IWPVAR__', $_REQUEST['var_' . $i]); $loadSiteVars[$temp[0]] = $temp[1]; } } } //if(!empty($params['vars']) && is_array($params['vars'])){ // $loadSiteVars = $params['vars']; // } $siteData = DB::getRow("?:sites", "*", "siteID=" . DB::realEscapeString($siteID)); if (empty($siteData)) { echo 'Invalid Site ID'; } $type = 'site'; $action = 'load'; $events = 1; $historyData = array('siteID' => $siteData['siteID'], 'actionID' => Reg::get('currentRequest.actionID'), 'userID' => $GLOBALS['userID'], 'type' => $type, 'action' => $action, 'events' => $events, 'URL' => $siteData['URL'], 'status' => 'completed', 'timeout' => $timeout); $historyAdditionalData[] = array('detailedAction' => 'loadSite', 'uniqueName' => 'loadSite', 'status' => 'success'); $historyID = addHistory($historyData, $historyAdditionalData); $signature = signData($where . $historyID, $siteData['isOpenSSLActive'], $siteData['privateKey'], $siteData['randomSignature']); $URLQueryArray = array('auto_login' => 1, 'iwp_goto' => $where, 'signature' => base64_encode($signature), 'message_id' => $historyID, 'username' => $siteData['adminUsername']); //signature urlencode will be taken care by httpBuildURLCustom() if (!empty($loadSiteVars) && is_array($loadSiteVars)) { $URLQueryArray = array_merge($URLQueryArray, $loadSiteVars); } $adminURLArray = parse_url($siteData['adminURL']); if (!empty($adminURLArray['query'])) { $parsedQuery = array(); parse_str($adminURLArray['query'], $parsedQuery); if (!empty($parsedQuery) && is_array($parsedQuery)) { $URLQueryArray = array_merge($parsedQuery, $URLQueryArray); } } $adminURLArray['query'] = $URLQueryArray; $adminURLArray['path'] .= $where ? $where : ''; $URL = httpBuildURLCustom($adminURLArray); $argSeparator = ini_get('arg_separator.output'); if ($argSeparator == "&" || $argSeparator == "&") { $URL = str_replace($argSeparator, "&", $URL); } //$URL .='&signature='.$tempSignature; //$URL = $siteData['adminURL'].$where.'?'."auto_login=1&iwp_goto=".$where."&signature=".urlencode(base64_encode($signature))."&message_id=".$historyID."&username="******"Location: " . $URL); exit; }
function sign($params) { return signData(buildDataToSign($params), SECRET_KEY); }
function prepareRequestAndAddHistory($PRP) { $defaultPRP = array('doNotExecute' => false, 'exitOnComplete' => false, 'doNotShowUser' => false, 'directExecute' => false, 'signature' => false, 'timeout' => DEFAULT_MAX_CLIENT_REQUEST_TIMEOUT, 'runCondition' => false, 'status' => 'pending', 'isPluginResponse' => 1, 'sendAfterAllLoad' => false, 'callOpt' => array()); $PRP = array_merge($defaultPRP, $PRP); @extract($PRP); if (empty($historyAdditionalData)) { echo 'noHistoryAdditionalData'; return false; } if ($siteData['connectURL'] == 'default' && defined('CONNECT_USING_SITE_URL') && CONNECT_USING_SITE_URL == 1 || $siteData['connectURL'] == 'siteURL') { $URL = $siteData['URL']; } else { //if($siteData['connectURL'] == 'default' || $siteData['connectURL'] == 'adminURL') $URL = $siteData['adminURL']; } $historyData = array('siteID' => $siteData['siteID'], 'actionID' => Reg::get('currentRequest.actionID'), 'userID' => $GLOBALS['userID'], 'type' => $type, 'action' => $action, 'events' => $events, 'URL' => $URL, 'timeout' => $timeout, 'isPluginResponse' => $isPluginResponse); if ($doNotShowUser) { $historyData['showUser'] = '******'; } if ($parentHistoryID) { $historyData['parentHistoryID'] = $parentHistoryID; } if (!empty($siteData['callOpt'])) { $callOpt = @unserialize($siteData['callOpt']); } if (!empty($siteData['httpAuth'])) { $callOpt['httpAuth'] = @unserialize($siteData['httpAuth']); } if (!empty($runCondition)) { $historyData['runCondition'] = $runCondition; } if (!empty($timeScheduled)) { $historyData['timeScheduled'] = $timeScheduled; } $historyData['callOpt'] = serialize($callOpt); $historyID = addHistory($historyData, $historyAdditionalData); if ($signature === false) { $signature = signData($requestAction . $historyID, $siteData['isOpenSSLActive'], $siteData['privateKey'], $siteData['randomSignature']); } $requestParams['username'] = $siteData['adminUsername']; if (isset($requestParams['secure'])) { $requestParams['secure'] = secureData($requestParams['secure'], $siteData['isOpenSSLActive'], $siteData['privateKey'], $siteData['randomSignature']); } if (!empty($requestParams['args'])) { $requestParams['args']['parentHID'] = $historyID; } $requestData = array('iwp_action' => $requestAction, 'params' => $requestParams, 'id' => $historyID, 'signature' => $signature, 'iwp_admin_version' => APP_VERSION); $updateHistoryData = array('status' => $status); updateHistory($updateHistoryData, $historyID); DB::insert("?:history_raw_details", array('historyID' => $historyID, 'request' => base64_encode(serialize($requestData)), 'panelRequest' => serialize($_REQUEST))); if ($directExecute) { set_time_limit(0); echo 'direct_execute<br />'; executeRequest($historyID, $type, $action, $siteData['URL'], $requestData, $timeout, true, $callOpt); } else { echo 'async_call_it_should_be<br />'; if ($exitOnComplete) { set_time_limit(0); echo "async_call_it_should_be_working"; Reg::set('currentRequest.exitOnComplete', true); } elseif ($sendAfterAllLoad) { Reg::set('currentRequest.sendAfterAllLoad', true); } } return $historyID; }