private function getGeoIpByMaxMind()
{
$ip = isset($this->request->server['HTTP_X_FORWARDED_FOR']) && $this->request->server['HTTP_X_FORWARDED_FOR'] ? $this->request->server['HTTP_X_FORWARDED_FOR'] : 0;
$ip = $ip ? $ip : $this->request->server['REMOTE_ADDR'];
$part = explode(".", $ip);
$ip_int = 0;
if (count($part) == 4) {
$ip_int = $part[3] + 256 * ($part[2] + 256 * ($part[1] + 256 * $part[0]));
}
$geo = $this->cache->get('maxmind.' . $ip_int);
if (!isset($geo)) {
if (function_exists('apache_note') && ($code = apache_note('GEOIP_COUNTRY_CODE'))) {
if ($country_id = $this->getCountryIdbyISO($code)) {
$geo = array('country_id' => $country_id, 'zone_id' => '', 'city' => '', 'postcode' => '');
}
} else {
if (function_exists('geoip_record_by_name') && ($code = geoip_record_by_name($ip))) {
if ($country_id = $this->getCountryIdbyISO($code['country_code'])) {
$geo = array('country_id' => $country_id, 'zone_id' => '', 'city' => '', 'postcode' => '');
}
}
}
}
$this->cache->set('maxmind.' . $ip_int, isset($geo) ? $geo : false);
return $geo;
}
public function execute($filterChain)
{
if ($this->isFirstCall()) {
$user = $this->getContext()->getUser();
if ($user->isAuthenticated()) {
//Check if the user still exists
$q = Doctrine_Query::create()->useResultCache(true)->setResultCacheLifeSpan(60 * 5)->from('Users')->andWhere('id = ?', $user->getId());
$usr = $q->fetchOne();
if (!$usr) {
$user->clearCredentials();
$user->setAuthenticated(false);
return $this->getContext()->getController()->redirect('homepage');
}
$user->setAttribute('db_user_type', $usr->getDbUserType());
}
if ($user->isAuthenticated() && sfConfig::get('dw_tracking_enabled', null)) {
$conn = Doctrine_Manager::connection();
$conn->exec("select fct_set_user( ? );", array($user->getId()));
}
if ($user->isAuthenticated() && function_exists('apache_note')) {
apache_note('username', $user->getId());
apache_note('sessionID', session_id());
}
}
$filterChain->execute();
}
/**
* Logs user information to webserver logs.
*
* @param string $user user name
* @param string $status status message
*
* @return void
*/
function PMA_logUser($user, $status = 'ok')
{
if (function_exists('apache_note')) {
apache_note('userID', $user);
apache_note('userStatus', $status);
}
}
/**
* Logs execution time of script
* if $CONF['log_script_timing'] isn't set, nothing happens
* if $CONF['log_script_timing'] == 'file' timings are logged in the logs folder
* if $CONF['log_script_timing'] == 'apache' timings are logged via apache
*/
function log_script_timing()
{
global $STARTTIME, $USER, $CONF;
list($usec, $sec) = explode(' ', microtime());
$endtime = (double) $usec + (double) $sec;
$timetaken = sprintf('%0.4F', $endtime - $STARTTIME);
if ($CONF['log_script_timing'] == 'file') {
//%03.4f doesn't seem to work so we must add our own padding
//this makes the output file easily sortable
if ($timetaken < 100) {
$timetaken = '0' . $timetaken;
}
if ($timetaken < 10) {
$timetaken = '0' . $timetaken;
}
$logfile = $CONF['log_script_folder'] . '/' . date('Ymd-H') . '.log';
$h = @fopen($logfile, 'a');
if ($h) {
$time = date("i:s");
$logline = "{$timetaken},{$time},{$_SERVER['SCRIPT_URL']},{$_SERVER['REQUEST_METHOD']},\"{$_SERVER['QUERY_STRING']}\",{$_SERVER['REMOTE_ADDR']},{$USER->user_id},\"{$_SERVER['HTTP_REFERER']}\"\n";
fwrite($h, $logline);
fclose($h);
}
} elseif ($CONF['log_script_timing'] == 'apache') {
@apache_note('php_timing', $timetaken);
}
}
/**
* Logs user information to webserver logs.
*
* @param string $user user name
* @param string $status status message
*
* @return void
*/
public static function logUser($user, $status = 'ok')
{
if (function_exists('apache_note')) {
apache_note('userID', $user);
apache_note('userStatus', $status);
}
if (function_exists('syslog') && $status != 'ok') {
@openlog('phpMyAdmin', LOG_NDELAY | LOG_PID, LOG_AUTHPRIV);
@syslog(LOG_WARNING, 'user denied: ' . $user . ' (' . $status . ') from ' . PMA_getIp());
}
}
/**
* UIDが取得できる状態かどうか
* 取得のためのパラメータが設定されていなかったら、パラメータを付けてリダイレクトする
*
* @return null
*/
private function _canGetUid()
{
$context = $this->getContext();
$req = $context->getRequest();
if ($req->isMethod('get') && sfJpMobile::isDocomo() && $req->getParameter('guid') == null) {
$uri = getenv('REQUEST_URI');
$uri .= strpos($uri, '?') === false ? '?' : '&';
$context->getController()->getAction($context->getModuleName(), $context->getActionName())->redirect("{$uri}guid=ON");
}
apache_note('uid', sfJpMobile::getDevice()->getUid());
}
/**
* Logs user information to webserver logs.
*
* @param string $user user name
* @param string $status status message
*
* @return void
*/
function PMA_logUser($user, $status = 'ok')
{
if (function_exists('apache_note')) {
apache_note('userID', $user);
apache_note('userStatus', $status);
}
if (function_exists('syslog') && $status != 'ok') {
@openlog('phpMyAdmin', LOG_NDELAY | LOG_PID, LOG_AUTHPRIV);
@syslog(LOG_WARNING, 'user denied: ' . $user . ' (' . $status . ') from ' . $_SERVER['REMOTE_ADDR']);
}
}
public static function outputAccessLog(sfEvent $event, $content = '')
{
if (!function_exists('apache_note')) {
return $content;
}
$response = sfContext::getInstance()->getResponse();
$apps = sfContext::getInstance()->getConfiguration()->getApplication();
if (('pc_frontend' === $apps || 'mobile_frontend' === $apps) && 200 === $response->getStatusCode()) {
$memberId = (int) sfContext::getInstance()->getUser()->getMemberId();
$domain = sfContext::getInstance()->getRequest()->getHost();
apache_note('originallog', sprintf('PV %s %s %s %d', $apps, $domain, memory_get_peak_usage(), $memberId));
} else {
apache_note('originallog', sprintf('OT %s %s %s %d', $apps, '-', memory_get_peak_usage(), 0));
}
return $content;
}
public static function getCountry($allow_countory, $deny_countory)
{
// Block countory via Geolocation
$country_code = false;
if (isset($_SERVER['HTTP_CF_IPCOUNTRY'])) {
// CloudFlareを使用している場合、そちらのGeolocationを読み込む
// https://www.cloudflare.com/wiki/IP_Geolocation
$country_code = $_SERVER['HTTP_CF_IPCOUNTRY'];
} else {
if (isset($_SERVER['GEOIP_COUNTRY_CODE'])) {
// サーバーが$_SERVER['GEOIP_COUNTRY_CODE']を出力している場合
// Apache : http://dev.maxmind.com/geoip/mod_geoip2
// nginx : http://wiki.nginx.org/HttpGeoipModule
// cherokee : http://www.cherokee-project.com/doc/config_virtual_servers_rule_types.html
$country_code = $_SERVER['GEOIP_COUNTRY_CODE'];
} else {
if (function_exists('geoip_db_avail') && geoip_db_avail(GEOIP_COUNTRY_EDITION) && function_exists('geoip_region_by_name')) {
// それでもダメな場合は、phpのgeoip_region_by_name()からGeolocationを取得
// http://php.net/manual/en/function.geoip-region-by-name.php
$geoip = geoip_region_by_name(REMOTE_ADDR);
$country_code = $geoip['country_code'];
if (DEBUG) {
$info[] = !empty($geoip['country_code']) ? 'GeoIP is usable. Your country code from IP is inferred <var>' . $geoip['country_code'] . '</var>.' : 'GeoIP is NOT usable. Maybe database is not installed. Please check <a href="http://www.maxmind.com/app/installation?city=1" rel="external">GeoIP Database Installation Instructions</a>';
}
} else {
if (function_exists('apache_note')) {
// Apacheの場合
$country_code = apache_note('GEOIP_COUNTRY_CODE');
}
}
}
}
if (DEBUG) {
// 使用可能かをチェック
$info[] = isset($country_code) && !empty($country_code) ? 'Your country code from IP is inferred <var>' . $country_code . '</var>.' : 'Seems Geolocation is not available. <var>' . $deny_countory . '</var> value and <var>' . $allow_countory . '</var> value is ignoled.';
}
return $country_code;
}
/**
* Authenticate Subscription Requests
*
* @return void
*/
private function authenticateSubscriptionRequest()
{
$realm = '[' . Config::get('sitename') . '] Group Calendar: ' . $this->group->get('description');
if (empty($_SERVER['PHP_AUTH_USER'])) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="' . $realm . '"');
echo Lang::txt('You are not authorized to view this calendar.');
exit;
}
//get the username and password
$httpBasicUsername = $_SERVER['PHP_AUTH_USER'];
$httpBasicPassword = $_SERVER['PHP_AUTH_PW'];
//make sure we have a username and password
if (!isset($httpBasicUsername) || !isset($httpBasicPassword) || $httpBasicUsername == '' || $httpBasicPassword == '') {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="' . $realm . '"');
die(Lang::txt('You must enter a valid username and password.'));
}
//get the user based on username
$sql = "SELECT u.id, u.username, up.passhash\n\t\t FROM #__users AS u, #__users_password AS up\n\t\t WHERE u.id=up.user_id\n\t\t AND u.username="******"' . $realm . '"');
die(Lang::txt('You must enter a valid username and password.'));
}
//make sure password matches stored password
if (!\Hubzero\User\Password::comparePasswords($user->passhash, $httpBasicPassword)) {
App::get('log')->logger('auth')->info($httpBasicUsername . ' ' . $_SERVER['REMOTE_ADDR'] . ' invalid group calendar subscription auth for ' . $this->group->get('cn'));
apache_note('auth', 'invalid');
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="' . $realm . '"');
die(Lang::txt('You must enter a valid username and password.'));
}
return $user;
}
$UID = get_uid(false);
$ip = getRemoteIP();
// Ticket #0028763
if (is_release() && $UID > 0 && !isset($error404_page) && strpos($ip, '10.') !== 0 && isset($_SESSION['permissions']) && !empty($_SESSION['permissions'])) {
//Админ не под VPN
header("Location: /404.php");
exit;
}
//Если это не авторизация то чистим метку
$_action = __paramInit('striptrim', 'action', 'action');
if ($_action !== 'login' && !defined('IS_AUTH_SECOND') && !defined('IS_OPAUTH') && !defined('IS_PHP_JS')) {
unset($_SESSION['2fa_provider']);
}
// Добавление в Apache лог идентификатора пользователя
if (function_exists('apache_note')) {
apache_note('custom_field', $UID);
}
if (isset($_GET['blogon'])) {
$_SESSION['blog_ON'] = 1;
}
if (isset($_GET['blogoff'])) {
unset($_SESSION['blog_ON']);
}
// Закрываем блоги (перенос всего в сообщества) #0023347
// @TODO Вынести потом все эти настройки в конфиг
if ($_SESSION['blog_ON'] != 1) {
// Для теста на бете
define("BLOGS_CLOSED", true);
} else {
define("BLOGS_CLOSED", false);
}
<?php
apache_note('statsd.stat', 'set.via.note');
/**
* remove variable from memory
*
* @param string $name name of the variable
*
* @return bool true on success
* @access public
*/
function rm($name)
{
apache_note($name, null);
return true;
}
protected function init()
{
if (isset($this->_params['clientTag'])) {
$this->clientTag = $this->_params['clientTag'];
}
$ks = $this->getKs();
if ($ks === false) {
if (self::$_debugMode) {
$this->debugLog("getKs failed, disabling cache");
}
return false;
}
// if the request triggering the cache warmup was an https request, fool the code to treat the current request as https as well
$warmCacheHeader = self::getRequestHeaderValue(self::WARM_CACHE_HEADER);
if ($warmCacheHeader == "https") {
$_SERVER['HTTPS'] = "on";
}
$this->addKsData($ks);
$this->addInternalCacheParams();
// print the partner id using apache note
if ($this->_ksPartnerId) {
$this->_partnerId = $this->_ksPartnerId;
} else {
if (isset($this->_params["partnerId"])) {
$this->_partnerId = $this->_params["partnerId"];
}
}
if (!is_numeric($this->_partnerId)) {
$this->_partnerId = null;
}
if ($this->_partnerId && function_exists('apache_note')) {
apache_note("Kaltura_PartnerId", $this->_partnerId);
}
if (!kConf::get('enable_cache') || $this->isCacheDisabled()) {
if (self::$_debugMode) {
$this->debugLog("cache disabled due to request parameters / configuration");
}
return false;
}
return true;
}
/**
* 環境変数のチェック
*/
public static function checkEnv($env)
{
global $deny_countory, $allow_countory;
// 国別設定
$country_code = '';
if (isset($env['HTTP_CF_IPCOUNTRY'])) {
// CloudFlareを使用している場合、そちらのGeolocationを読み込む
// https://www.cloudflare.com/wiki/IP_Geolocation
$country_code = $env['HTTP_CF_IPCOUNTRY'];
} else {
if (isset($env['GEOIP_COUNTRY_CODE'])) {
// サーバーが$_SERVER['GEOIP_COUNTRY_CODE']を出力している場合
// Apache : http://dev.maxmind.com/geoip/mod_geoip2
// nginx : http://wiki.nginx.org/HttpGeoipModule
// cherokee : http://www.cherokee-project.com/doc/config_virtual_servers_rule_types.html
$country_code = $env['GEOIP_COUNTRY_CODE'];
} else {
if (function_exists('geoip_db_avail') && geoip_db_avail(GEOIP_COUNTRY_EDITION) && function_exists('geoip_region_by_name')) {
// それでもダメな場合は、phpのgeoip_region_by_name()からGeolocationを取得
// http://php.net/manual/en/function.geoip-region-by-name.php
$geoip = geoip_region_by_name(REMOTE_ADDR);
$country_code = $geoip['country_code'];
$info[] = !empty($geoip['country_code']) ? 'GeoIP is usable. Your country code from IP is inferred <var>' . $geoip['country_code'] . '</var>.' : 'GeoIP is NOT usable. Maybe database is not installed. Please check <a href="http://www.maxmind.com/app/installation?city=1" rel="external">GeoIP Database Installation Instructions</a>';
} else {
if (function_exists('apache_note')) {
// Apacheの場合
$country_code = apache_note('GEOIP_COUNTRY_CODE');
}
}
}
}
// 使用可能かをチェック
if (!isset($country_code) || empty($country_code)) {
$info[] = 'Seems Geolocation is not available. <var>$deny_countory</var> value and <var>$allow_countory</var> value is ignoled.';
} else {
$info[] = 'Your country code from IP is inferred <var>' . $country_code . '</var>.';
if (isset($deny_countory) && !empty($deny_countory)) {
if (in_array($country_code, $deny_countory)) {
die('Sorry, access from your country(' . $geoip['country_code'] . ') is prohibited.');
exit;
}
}
if (isset($allow_countory) && !empty($allow_countory)) {
if (!in_array($country_code, $allow_countory)) {
die('Sorry, access from your country(' . $geoip['country_code'] . ') is prohibited.');
exit;
}
}
}
// INI_FILE: $agents: UserAgentの識別
$user_agent = $matches = array();
$user_agent['agent'] = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
// unset(${$ua}, $_SERVER[$ua], $HTTP_SERVER_VARS[$ua], $ua); // safety
if (empty($user_agent['agent'])) {
die;
}
// UAが取得できない場合は処理を中断
foreach (self::loadConfig('profile.ini.php') as $agent) {
if (preg_match($agent['pattern'], $user_agent['agent'], $matches)) {
$user_agent = array('profile' => isset($agent['profile']) ? $agent['profile'] : null, 'name' => isset($matches[1]) ? $matches[1] : null, 'vers' => isset($matches[2]) ? $matches[2] : null);
break;
}
}
$ua_file = self::add_homedir($user_agent['profile'] . '.ini.php');
if ($ua_file) {
require $ua_file;
}
define('UA_NAME', isset($user_agent['name']) ? $user_agent['name'] : null);
define('UA_VERS', isset($user_agent['vers']) ? $user_agent['vers'] : null);
define('UA_CSS', isset($user_agent['css']) ? $user_agent['css'] : null);
// HTTP_X_REQUESTED_WITHヘッダーで、ajaxによるリクエストかを判別
define('IS_AJAX', isset($env['HTTP_X_REQUESTED_WITH']) && strtolower($env['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest' || isset($vars['ajax']));
}
/**
* Hook for login failure
*
* @param unknown $response
* @return boolean
*/
public function onUserLoginFailure($response)
{
App::get('log')->logger('auth')->info((isset($_POST['username']) ? $_POST['username'] : '******') . ' ' . (isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '') . ' invalid');
apache_note('auth', 'invalid');
return true;
}
function show($refresh = FALSE)
{
// sanity warnings
if (headers_sent()) {
return $this->_trigger_error('Conteg::show(): Cannot print; headers already sent.', E_USER_WARNING);
} else {
if ($this->isError()) {
return FALSE;
}
}
$this->_initResponse();
// common HTTP/1.x Response headers
if (!empty($this->last_modified)) {
header('Last-Modified: ' . gmdate('D, d M Y H:i:s \\G\\M\\T', $this->last_modified));
}
if (!empty($this->expires)) {
header('Expires: ' . gmdate('D, d M Y H:i:s \\G\\M\\T', $this->expires));
}
//if( !empty( $this->pragma )) header( 'Pragma: '. $this->pragma );
if (!empty($this->cache_control)) {
header('Cache-Control: ' . $this->cache_control);
}
if (!empty($this->content_type)) {
header('Content-Type: ' . $this->content_type);
}
if (!empty($this->content_lang)) {
header('Content-Language: ' . $this->content_lang);
}
// common HTTP/1.1 Response headers
if (!empty($this->vary)) {
header('Vary: ' . $this->vary);
}
if ($this->_noETag == FALSE and !empty($this->etag)) {
header('ETag: ' . $this->etag);
}
if ($this->_noAcceptRanges == FALSE) {
header('Accept-Ranges: bytes');
}
if (!empty($this->p3p_content)) {
header('P3P: ' . $this->p3p_content);
}
if (empty($this->_httpStatus) and ($this->_is304 or $this->_is406 or $this->_is412)) {
// can we avoid sending the data...?
ob_end_clean();
if ($this->_is304) {
$this->sendStatusHeader(304);
header('Content-Length: 0');
// my server sending a mysterious 20 bytes body (?)
} elseif ($this->_is406) {
$this->sendStatusHeader(406);
header('Cache-Control: private, max-age=0, must-revalidate');
if ($this->method != 'HEAD') {
header('Content-Type: text/plain');
// last header wins
echo "HTTP/1.1 Error 406 Not Acceptable:\n\nAvailable server charsets and/or media-type not acceptable to client.\n" . ($this->_contentType ? "Media-Type: {$this->_contentType}\n" : '') . ($this->_charset ? "Charset: {$this->_charset}\n" : '');
}
} else {
// if( $this->_is304 ) elseif( $this->_is406 )
$this->sendStatusHeader(412);
header('Cache-Control: private, max-age=0, must-revalidate');
if ($this->method != 'HEAD') {
header('Content-Type: text/plain');
// last header wins
echo "HTTP/1.1 Error 412 Precondition Failed: Precondition request failed positive evaluation\n";
}
}
// if( $this->_is304 ) elseif( $this->_is406 ) else
} else {
// ...no? oh, OK, go ahead
if ($this->_noSearch == FALSE) {
// search + replace
if (($key = array_search(_GZIP_ENCODE_STAT, $this->search)) !== FALSE) {
// compression is run twice to get compression stats; run #1
if ($this->compress() == FALSE) {
return FALSE;
}
// error triggered
$this->replace[$key] = $this->stat;
// compression stats on page
$refresh = FALSE;
// just refreshed $data
}
if (!empty($this->search)) {
// do the business
if (empty($this->data) or $refresh) {
if (($this->data = ob_get_contents()) === FALSE) {
return $this->_trigger_error('Conteg::show(): No ob_contents to do search/replace on.', E_USER_ERROR);
}
}
$this->data = str_replace($this->search, $this->replace, $this->data);
$refresh = FALSE;
// else will lose search/replace
}
}
// end search + replace
if ($this->compress() == FALSE) {
return FALSE;
}
// error triggered
ob_end_clean();
// note: prog errors below this point cannot be seen
if ($this->encoding == 'identity') {
if ($this->method != 'HEAD') {
if (empty($this->_httpStatus) and ($this->_noAcceptRanges == FALSE and !empty($this->range))) {
// send HTTP/1.1 Range-content
if ($this->_checkRange() == FALSE) {
// error within the range - send a 416
$this->sendStatusHeader(416);
header("Content-Range: */{$this->size}");
} else {
// range is fine - send a 206
$this->sendStatusHeader(206);
foreach ($this->range as $begin => $end) {
// currently, only one entry in array
$len = $end - $begin + 1;
header("Content-Range: bytes {$begin}-{$end}/{$this->size}");
header('Content-Length: ' . $len);
echo substr($this->data, $begin, $len);
}
}
// if( $this->_checkRange() == FALSE ) else
} else {
// send normal content, no encoding
$_httpStatus = empty($this->_httpStatus) ? 200 : $this->_httpStatus;
$this->sendStatusHeader($_httpStatus);
header('Content-Length: ' . $this->size);
echo $this->data;
}
} else {
// if( $this->method != 'HEAD' )
// send headers only
$_httpStatus = empty($this->_httpStatus) ? 200 : $this->_httpStatus;
$this->sendStatusHeader($_httpStatus);
echo '';
}
} else {
// if( $this->encoding == 'identity' ) (thus contents will be compressed)
$_httpStatus = empty($this->_httpStatus) ? 200 : $this->_httpStatus;
$this->sendStatusHeader($_httpStatus);
header('Content-Encoding: ' . $this->encoding);
header('Content-Length: ' . $this->gzsize);
header('X-Content-Encoded-By: class.Conteg.' . $this->_version);
if ($this->method != 'HEAD') {
if ($this->_noNotes == FALSE) {
apache_note($this->_inputNote, $this->size);
apache_note($this->_outputNote, $this->gzsize);
apache_note($this->_ratioNote, round($this->gzsize / $this->size * 100));
}
echo $this->gzdata;
} else {
// send headers only
echo '';
}
}
// if( $this->encoding == 'identity' ) else
}
// if( $this->_is304 or $this->_is406 or $this->_is412 ) else
// the return allows post-processing; be *very* careful not to cause more output
return TRUE;
}
<?php
// retrieve the session ID and add it to Apache's notes table
apache_note('session_id', session_id());
/**
* This method should handle any logout logic and report back to the subject
*
* @param array $user holds the user data
* @param array $options array holding options (remember, autoregister, group)
* @return boolean True on success
*/
public function onLogoutUser($user, $options = array())
{
Log::auth($user['username'] . ' ' . $_SERVER['REMOTE_ADDR'] . ' logout');
apache_note('auth', 'logout');
// If this is a temporary user created during the auth_link process (ex: username is a negative number)
// and they're logging out (i.e. they didn't finish the process to create a full account),
// then delete the temp account
if (is_numeric($user['username']) && $user['username'] < 0) {
$user = User::getInstance($user['id']);
// Further check to make sure this was an abandoned auth_link account
if (substr($user->get('email'), -8) == '@invalid') {
// Delete the user
$user->delete();
}
}
return true;
}
public function __toString()
{
if (self::$_uniqueId === null) {
self::$_uniqueId = (string) rand();
// add a the unique id to Apache's internal variable so we can later log it using the %{KalturaLog_UniqueId}n placeholder
// within the LogFormat apache directive. This way each access_log record can be matched with its kaltura log lines.
// before setting the apache note name and value, a condition checks if function exists,
// due to fact that running from command line will not define this function
if (function_exists('apache_note')) {
apache_note("KalturaLog_UniqueId", self::$_uniqueId);
}
}
return self::$_uniqueId;
}
function buffer_output($compress = true)
{
// FIXME: disables sessions (some byte before all headers_sent())
/*if (defined('USECACHE') and !USECACHE) {
$this->_is_buffering_output = false;
return;
}*/
if (defined('COMPRESS_OUTPUT')) {
if (!COMPRESS_OUTPUT) {
$compress = false;
}
} elseif (!check_php_version(4, 2, 3)) {
$compress = false;
} elseif (isCGI()) {
// necessary?
$compress = false;
}
if ($this->getArg('start_debug')) {
$compress = false;
}
// Should we compress even when apache_note is not available?
// sf.net bug #933183 and http://bugs.php.net/17557
// This effectively eliminates CGI, but all other servers also. hmm.
if ($compress and (!function_exists('ob_gzhandler') or !function_exists('apache_note'))) {
$compress = false;
}
// "output handler 'ob_gzhandler' cannot be used twice"
// http://www.php.net/ob_gzhandler
if ($compress and ini_get("zlib.output_compression")) {
$compress = false;
}
// New: we check for the client Accept-Encoding: "gzip" presence also
// This should eliminate a lot or reported problems.
if ($compress and (!$this->get("HTTP_ACCEPT_ENCODING") or !strstr($this->get("HTTP_ACCEPT_ENCODING"), "gzip"))) {
$compress = false;
}
// Most RSS clients are NOT(!) application/xml gzip compatible yet.
// Even if they are sending the accept-encoding gzip header!
// wget is, Mozilla, and MSIE no.
// Of the RSS readers only MagpieRSS 0.5.2 is. http://www.rssgov.com/rssparsers.html
// See also http://phpwiki.sourceforge.net/phpwiki/KnownBugs
if ($compress and $this->getArg('format') and strstr($this->getArg('format'), 'rss')) {
$compress = false;
}
if ($compress) {
ob_start('phpwiki_gzhandler');
// TODO: dont send a length or get the gzip'ed data length.
$this->_is_compressing_output = true;
header("Content-Encoding: gzip");
/*
* Attempt to prevent Apache from doing the dreaded double-gzip.
*
* It would be better if we could detect when apache was going
* to zip for us, and then let it ... but I have yet to figure
* out how to do that.
*/
if (function_exists('apache_note')) {
@apache_note('no-gzip', 1);
}
} else {
// Now we alway buffer output.
// This is so we can set HTTP headers (e.g. for redirect)
// at any point.
// FIXME: change the name of this method.
ob_start();
$this->_is_compressing_output = false;
}
$this->_is_buffering_output = true;
$this->_ob_get_length = 0;
}
/**
* Create a new instance of a page.
*
* The default constructor should be called by any pages extending this object. It creates the
* {@link I2CE_Template} and {@link I2CE_User} objects and sets up the basic member variables.
* @param array $args
* @param array $request_remainder The remainder of the request path
*/
public function __construct($args, $request_remainder, $get = null, $post = null)
{
if (array_key_exists('root_url', $args) && $args['root_url']) {
$this->root_url = $args['root_url'];
unset($args['root_url']);
}
$this->setIsPost(array_key_exists('REQUEST_METHOD', $_SERVER) && $_SERVER['REQUEST_METHOD'] == "POST");
$this->user = new I2CE_User();
if (function_exists('apache_note')) {
apache_note("iHRIS-username", $this->user->username == '0' ? '-' : $this->user->username);
} elseif (array_key_exists('HTTP_HOST', $_SERVER) && !headers_sent()) {
header('X-iHRIS-username', $this->user->username == '0' ? '-' : $this->user->username);
}
I2CE_Locales::setPreferredLocale($this->user->getPreferredLocale());
$this->args = $args;
$this->request_remainder = $request_remainder;
$i2ce_config = I2CE::getConfig()->I2CE;
if (!array_key_exists('access', $args)) {
if (array_key_exists('HTTP_HOST', $_SERVER)) {
$args['access'] = array('any');
//default is anyone logged in.
} else {
$args['access'] = array('all');
}
}
$this->access = $args['access'];
$this->setupGetPost($get, $post);
$this->template = null;
if (!$this->initializeTemplate()) {
I2CE::raiseError("Could not setup templates");
}
$this->redirect = "";
$this->permissionParser = new I2CE_PermissionParser($this->template);
I2CE_ModuleFactory::callHooks('page_constructor', array('page' => $this, 'args' => $args, 'request_remainder' => $request_remainder));
}
/// for alternative things that could be logged...
if ($USER && function_exists('apache_note')) {
$apachelog_username = clean_filename($USER->username);
// $apachelog_name = clean_filename($USER->firstname. " ".$USER->lastname);
// $apachelog_userid = $USER->ident;
/* Enable this commented out section ONLY if Elgg can do
user masquerading...
if (isset($USER->realuser)) {
if ($realuser = get_record('users', 'ident', $USER->realuser)) {
$apachelog_username = clean_filename($realuser->username." as ".$apachelog_username);
// $apachelog_name = clean_filename($realuser->firstname." ".$realuser->lastname ." as ".$apachelog_name);
// $apachelog_userid = clean_filename($realuser->id." as ".$apachelog_userid);
}
}
*/
apache_note('ELGGUSER', $apachelog_username);
}
/// Adjust ALLOWED_TAGS
adjust_allowed_tags();
// backwards compatibility (this is what elgg used to use)
define("db_server", $CFG->dbhost);
define("db_user", $CFG->dbuser);
define("db_pass", $CFG->dbpass);
define("db_name", $CFG->dbname);
define("sitename", $CFG->sitename);
define("url", $CFG->wwwroot);
define("path", $CFG->dirroot);
define("email", $CFG->sysadminemail);
define("locale", $CFG->defaultlocale);
//define("public_reg", $CFG->publicreg);
if (empty($CFG->default_access)) {
function authorization()
{
global $body;
global $mod;
global $curr;
global $modules;
// ---------------- init ---------------- //
$login = '';
$pass = '';
$auth = array('id' => 0, 'desc' => '', 'state' => 1, 'perm' => '', 'sid' => 0);
// state:
// 1 - sess exists
// 2 - ok
// 4 - sess not exists
// 8 - user for sess_id not exists
// ------------------------------------ identificate organization ------------------------------------ //
$auth['org'] = 0;
$auth['org_desc'] = 'Добро пожаловать в Pyur CRM-Framework';
// ---- DoS filter --------------------------------------------------------------------------- //
/*
// -- `IP` filter -- //
$remote_addr = explode('.', (isset($_SERVER['REMOTE_ADDR'])?$_SERVER['REMOTE_ADDR']:'0.0.0.0') );
$remote_addr = $remote_addr[0] * 16777216 + $remote_addr[1] * 65536 + $remote_addr[2] * 256 + $remote_addr[3];
//$result = db_read('login_ip', array('date', 'count'), '`ip` = '.$remote_addr);
$result = db_read(array('table'=>'login_ip', 'col'=>array('date', 'count'), 'where'=>'`ip` = '.$remote_addr));
if ($result) {
//$db = mysql_fetch_array($result, MYSQL_ASSOC);
$auth_ip_date = datesqltime($result['date']);
$auth_ip_count = $result['count'];
if ($auth_ip_count > 15) $auth['state'] = 16;
}
else {
$result = db_write(array('table'=>'login_ip', 'set'=>array('ip' => $remote_addr, 'count' => 0));
$auth_ip_date = $curr['time'];
$auth_ip_count = 0;
}
*/
// ------------------------------------ read COOKIE ------------------------------------- //
if (cookieb('bdsx_sid')) {
$sess = db_read(array('table' => 'sess', 'col' => array('id', 'user', 'ip', 'ua'), 'where' => array('`sid` = \'' . cookieh('bdsx_sid') . '\'', '`stat` = 0')));
if ($sess) {
$auth['sid'] = $sess['id'];
$ua = substr($_SERVER['HTTP_USER_AGENT'], 0, 512);
$ipn = inet_pton($_SERVER['REMOTE_ADDR']);
$set = array();
$set['datel'] = $curr['datetime'];
if ($sess['ip'] != $ipn) {
$set['ip'] = $ipn;
}
if ($sess['ua'] != $ua) {
$set['ua'] = $ua;
}
db_write(array('table' => 'sess', 'set' => $set, 'where' => '`sid` = \'' . cookieh('bdsx_sid') . '\''));
$sess = $sess['user'];
} else {
header("Cache-Control: no-cache, must-revalidate");
header("Expires: Thu, 17 Apr 1991 12:00:00 GMT");
setcookie('bdsx_sid', '', time() - 60 * 60, '/');
$auth['state'] = 4;
}
} else {
$auth['state'] = 4;
}
// --------------------- hardwired (embedded), not DB-MySQL users: --------------------------- //
if ($auth['state'] == 1 && $sess > 65503) {
include 'l/hu.php';
if (isset($harduser[$sess - 65504])) {
$auth['id'] = $sess;
$auth['desc'] = $harduser[$sess - 65504]['desc'];
$auth['perm'] = $harduser[$sess - 65504]['perm'];
$auth['state'] = 2;
} else {
$auth['state'] = 8;
}
}
// --------------------------------- read & check `user` --------------------------------------- //
/*
if ($auth['state'] == 1) {
$user = db_read(array('table' => array('user', 'user_cat'),
'col' => array('user`.`name',
'user_cat`.`perm',
),
'where' => array('`user`.`id` = \''.$sess.'\'',
'`user_cat`.`id` = `user`.`cat`',
),
));
if ($user) {
$auth['id'] = $sess;
$auth['desc'] = $user['name'];
$auth['perm'] = $user['perm'];
$auth['state'] = 2;
}
else {
$auth['state'] = 8;
}
}
*/
apache_note('userx', $auth['id']);
// --------------------------------- permissions --------------------------------- //
$perm = array();
//$auth['perm'] = 'stud:ank_edit,doc,stipen;test';
if ($auth['perm'] == 'all') {
$tmp = array();
foreach ($modules as $k => $v) {
if (!$v['acc'] || $v['acc'] & $auth['state']) {
$perm[$k] = array();
foreach ($v['perm'] as $kk => $vv) {
$perm[$k][$kk] = 1;
}
}
}
} else {
// ---- user's explicit permissions ---- //
$tmp = explode(';', $auth['perm']);
foreach ($tmp as $v) {
$tmp2 = explode(':', $v);
$perm[$tmp2[0]] = array();
if (isset($tmp2[1])) {
$tmp3 = explode(',', $tmp2[1]);
foreach ($tmp3 as $vv) {
//if (isset($modules[$tmp2[0]]))
//$tmp3[$vv] = '1';
$perm[$tmp2[0]][$vv] = 1;
}
}
//$perm[$tmp2[0]] = $tmp3;
}
}
$menu = array();
$num = 0;
foreach ($modules as $k => $v) {
if (isset($perm[$k]) || $v['acc'] & $auth['state']) {
$v['icon'] = $num;
$v['sort'] = substr('000' . $v['pos'], -3, 3) . $v['name'];
$menu[$k] = $v;
}
$num++;
}
/*
// -------- bruteforce control -------- //
if ($auth['state'] == 4 && $auth_ip_date > ($curr['time']-30) ) {
// ---- increment `count` on wrong password ---- //
$result = db_write(array('table'=>'login_ip', 'set'=>array('date' => datesql($curr['time'],1), 'count' => $auth_ip_count+1), 'where'=>'`ip` = '.$remote_addr));
}
elseif ($auth_ip_count && $auth_ip_date < ($curr['time']-3600) ) {
// ---- reset after 1 hour cooldown ---- //
$result = db_write(array('table'=>'login_ip', 'set'=>array('date' => datesql($curr['time'],1), 'count' => 0), 'where'=>'`ip` = '.$remote_addr));
}
*/
// -------------------------------------------------- activity log rotate -------------------------------------------------------- //
/*
// SELECT `id`, COUNT(`id`) as `count` FROM `log_rotate` LIMIT 1
$log_rotate = db_read(array('table' => 'log_rotate',
'col' => array('id', '!COUNT(`id`) as `count`'),
//verbose=>1
));
if ($log_rotate['count'] > 1999) {
$query = 'DELETE FROM `log_rotate` ORDER BY `id` LIMIT '.($log_rotate['count'] - 1999);
mysql_query($query);
}
db_write(array('table'=>'log_rotate',
'set' => array('host' => $remote_addr,
'time'=>date('Y-m-d H:i:s', $_SERVER['REQUEST_TIME']),
'user' => $auth['userx'],
'request' => $_SERVER['REQUEST_URI'],
)));
*/
// -------------------------------------------------- end: activity log rotate -------------------------------------------------------- //
// ---- access control ---- //
if (!isset($menu[$mod])) {
$mod = 'default';
}
if ($auth['perm'] == 'all') {
$auth['perm_su'] = 1;
}
$auth['menu'] = $menu;
$auth['perm'] = $perm;
return $auth;
}
/**
* This method gets called by self::filter()
*/
public static function doLog($method, array $values, &$output)
{
switch ($method) {
case 'apache':
foreach ($values as $varName => $value) {
/// @todo should remove any " or space chars in the value for proper parsing by updateperfstats.php
apache_note($varName, $value);
}
break;
case 'piwik':
$text = '';
foreach (eZPerfLoggerINI::variable('GeneralSettings', 'TrackVariables') as $i => $var) {
$text .= "\npiwikTracker.setCustomVariable( {$i}, \"{$var}\", \"{$values[$var]}\", \"page\" );";
}
$text .= "\npiwikTracker.trackPageView();";
$output = preg_replace('/piwikTracker\\.trackPageView\\( *\\);?/', $text, $output);
break;
case 'googleanalytics':
$text = '';
foreach (eZPerfLoggerINI::variable('GeneralSettings', 'TrackVariables') as $i => $var) {
$text .= "\n_gaq.push([{$i}, '{$var}', '{$values[$var]}', 3]);";
}
$text .= "\n_gaq.push(['_trackPageview']);";
$output = preg_replace("/_gaq.push\\( *[ *['\"]_trackPageview['\"] *] *\\);?/", $text, $output);
break;
case 'logfile':
case 'syslog':
/// same format as Apache "combined" by default
$size = self::$outputSize;
if ($size == 0) {
$size = '-';
}
$text = eZPerfLoggerApacheLogger::apacheLogLine('combined', $size, self::$returnCode) . ' ';
foreach ($values as $value) {
// do same as apache does: replace nulls with "-"
if ((string) $value === '') {
$text .= "- ";
} else {
/// @todo should remove any " or space chars in the value for proper parsing by updateperfstats.php
$text .= $value . " ";
}
}
if ($method == 'logfile') {
$text .= "\n";
file_put_contents(eZPerfLoggerINI::variable('logfileSettings', 'FileName'), $text, FILE_APPEND);
} else {
// syslog: we use apache log format for lack of a better idea...
openlog("eZPerfLog", LOG_PID, LOG_USER);
syslog(LOG_INFO, $text);
}
break;
case 'headers':
$prefix = eZPerfLoggerINI::variable('HeadersSettings', 'HeaderPrefix');
foreach (eZPerfLoggerINI::variable('GeneralSettings', 'TrackVariables') as $i => $var) {
header($prefix . str_replace(array('(', ')', '<', '>', '@', ',', ';', ':', '\\', '"', '/', '[', ']', '?', '=', '{', '}', ' ', "\t"), '-', $var) . ': ' . $values[$var]);
}
break;
case 'database':
case 'csv':
case 'storage':
if ($method == 'csv') {
$storageClass = 'eZPerfLoggerCSVStorage';
} else {
if ($method == 'database') {
$storageClass = 'eZPerfLoggerDBStorage';
} else {
$storageClass = eZPerfLoggerINI::variable('ParsingSettings', 'StorageClass');
}
}
/// @todo log error if storage class does not implement correct interface
// when we deprecate php 5.2, we will be able to use $storageClass::insertStats...
call_user_func(array($storageClass, 'insertStats'), array(array('url' => isset($_SERVER["REQUEST_URI"]) ? $_SERVER["REQUEST_URI"] : $_SERVER["PHP_SELF"], 'ip' => is_callable('eZSys::clientIP') ? eZSys::clientIP() : eZSys::serverVariable('REMOTE_ADDR'), 'time' => time(), 'response_status' => self::$returnCode, 'response_size' => self::$outputSize, 'counters' => $values)));
break;
/// @todo !important log a warning for default case (unhandled log format)
}
}
}
$Language = new BaseLanguage($GLOBALS['sys_supported_languages'], $GLOBALS['sys_lang']);
//various html utilities
require_once 'utils.php';
//database abstraction
require_once 'database.php';
db_connect();
//security library
require_once 'session.php';
//user functions like get_name, logged_in, etc
require_once 'user.php';
$user_manager = UserManager::instance();
$current_user = $user_manager->getCurrentUser();
//Pass username in order to be written in Apache access_log
if (!IS_SCRIPT) {
apache_note('username', $current_user->getUnixName());
}
//library to set up context help
require_once 'help.php';
//exit_error library
require_once 'exit.php';
//various html libs like button bar, themable
require_once 'html.php';
//left-hand nav library, themable
require_once 'menu.php';
//insert this page view into the database
if (!IS_SCRIPT) {
require_once 'logger.php';
}
/*
<?php
// get value
$session = apache_note('session');
// set value
apache_note('session', $session);
<?php
apache_note("blarb", "foo");
if (apache_note("blarb", "smurf") === "foo") {
echo "ok\n";
}
if (apache_note("blarb") === "smurf") {
echo "ok\n";
}
$apachelog_name = clean_filename($realuser->firstname . " " . $realuser->lastname . " as " . $apachelog_name);
$apachelog_userid = clean_filename($realuser->id . " as " . $apachelog_userid);
}
switch ($CFG->apacheloguser) {
case 3:
$logname = $apachelog_username;
break;
case 2:
$logname = $apachelog_name;
break;
case 1:
default:
$logname = $apachelog_userid;
break;
}
apache_note('MOODLEUSER', $logname);
}
// Adjust ALLOWED_TAGS
adjust_allowed_tags();
// Use a custom script replacement if one exists
if (!empty($CFG->customscripts)) {
if (($customscript = custom_script_path()) !== false) {
require $customscript;
}
}
// in the first case, ip in allowed list will be performed first
// for example, client IP is 192.168.1.1
// 192.168 subnet is an entry in allowed list
// 192.168.1.1 is banned in blocked list
// This ip will be banned finally
if (!empty($CFG->allowbeforeblock)) {
protected function _parseSefRoute(&$uri)
{
$vars = array();
$app = JApplication::getInstance('site');
// Call System plugin to before parsing sef route
JDispatcher::getInstance()->trigger('onBeforeParseSefRoute', array($uri));
/* START: HUBzero Extension for SEF Groups */
$app = JFactory::getApplication();
if ($app->getCfg('sef_groups')) {
$servername = rtrim(JURI::base(), '/');
$serveruri = JURI::getInstance($servername);
$sfqdn = $serveruri->getHost();
$rfqdn = $uri->getHost();
if ($rfqdn != $sfqdn) {
list($rhostname, $rdomainname) = explode('.', $rfqdn, 2);
list($shostname, $sdomainname) = explode('.', $sfqdn, 2);
if ($rdomainname == $sdomainname || ($rdomain = $sfqdn)) {
$suri = JURI::getInstance();
$group = \Hubzero\User\Group::getInstance($rhostname);
if (!empty($group) && $group->type == 3) {
$_SERVER['REWROTE_FROM'] = clone $suri;
$uri->setHost($sfqdn);
$uri->setPath('groups/' . $rhostname . '/' . $uri->getPath());
$suri->setHost($sfqdn);
$suri->setPath('/groups/' . $rhostname . '/' . $suri->getPath());
$_SERVER['HTTP_HOST'] = $suri->getHost();
$_SERVER['SERVER_NAME'] = $suri->getHost();
$_SERVER['SCRIPT_URI'] = $suri->toString(array('scheme', 'host', 'port', 'path'));
$_SERVER['REDIRECT_SCRIPT_URI'] = $suri->toString(array('scheme', 'host', 'port', 'path'));
$_SERVER['REDIRECT_SCRIPT_URL'] = $suri->getPath();
$_SERVER['REDIRECT_URL'] = $suri->getPath();
$_SERVER['SCRIPT_URL'] = $suri->getPath();
$_SERVER['REQUEST_URI'] = $suri->toString(array('path', 'query', 'fragment'));
$suri->setPath('/groups/' . $rhostname);
$_SERVER['REWROTE_TO'] = clone $suri;
}
}
}
}
/* END: HUBzero Extension for SEF Groups */
$menu = $app->getMenu(true);
$route = $uri->getPath();
// Remove the suffix
if ($this->_mode == JROUTER_MODE_SEF) {
if ($app->getCfg('sef_suffix')) {
if ($suffix = pathinfo($route, PATHINFO_EXTENSION)) {
$route = str_replace('.' . $suffix, '', $route);
}
}
}
// Get the variables from the uri
$vars = $uri->getQuery(true);
// Handle an empty URL (special case)
if (empty($route) && JRequest::getVar('option', '', 'post') == '') {
// If route is empty AND option is set in the query, assume it's non-sef url, and parse apropriately
if (isset($vars['option']) || isset($vars['Itemid'])) {
return $this->_parseRawRoute($uri);
}
$item = $menu->getDefault(JFactory::getLanguage()->getTag());
// if user not allowed to see default menu item then avoid notices
if (is_object($item)) {
//Set the information in the request
$vars = $item->query;
//Get the itemid
$vars['Itemid'] = $item->id;
// Set the active menu item
$menu->setActive($vars['Itemid']);
}
return $vars;
}
/*
* Parse the application route
*/
$segments = explode('/', $route);
if (count($segments) > 1 && $segments[0] == 'component') {
$vars['option'] = 'com_' . $segments[1];
$vars['Itemid'] = null;
$route = implode('/', array_slice($segments, 2));
} else {
//Need to reverse the array (highest sublevels first)
$items = array_reverse($menu->getMenu());
$found = false;
$route_lowercase = JString::strtolower($route);
$lang_tag = JFactory::getLanguage()->getTag();
foreach ($items as $item) {
//sqlsrv change
if (isset($item->language)) {
$item->language = trim($item->language);
}
$depth = substr_count(trim($item->route, '/'), '/') + 1;
// HUBzero: keep searching for better matches with higher depth
$length = strlen($item->route);
//get the length of the route
if ($length > 0 && JString::strpos($route_lowercase . '/', $item->route . '/') === 0 && $item->type != 'alias' && (!$app->getLanguageFilter() || $item->language == '*' || $item->language == $lang_tag)) {
/* START: HUBzero Extension to handle external url menu items differently */
if ($item->type == 'url') {
// If menu route exactly matches url route,
// redirect (if necessary) to menu link
if (trim($item->route, "/") == trim($route, "/")) {
if (trim($item->route, "/") != trim($item->link, "/") && trim($uri->base(true) . '/' . $item->route, "/") != trim($item->link, "/") && trim($uri->base(true) . '/index.php/' . $item->route, "/") != trim($item->link, "/")) {
// Added because it would cause redirect loop for instals not in top-level webroot
$app->redirect($item->link);
}
}
/* START: HUBzero extension to pass local URLs through, but record Itemid (we want the content parser to handle this) */
if (strpos($item->route, "://") === false) {
$vars['Itemid'] = $item->id;
break;
}
/* END: HUBzero extension to pass local URLs through */
}
/* END: HUBzero Extension to handle external url menu items differently */
// We have exact item for this language
if ($item->language == $lang_tag) {
$found = $item;
$foundDepth = $depth;
// HUBzero: track depth so we can replace with a better match later
break;
} elseif (!$found || $depth >= $foundDepth) {
// HUBzero: deeper or equal depth matches later on are prefered
$found = $item;
$foundDepth = $depth;
// HUBzero: track depth so we can replace with a better match later
}
}
}
if (!$found) {
$found = $menu->getDefault($lang_tag);
} else {
$route = substr($route, strlen($found->route));
if ($route) {
$route = substr($route, 1);
}
/* START: HUBzero extension to set vars if found (lines previously outside of if statement below) */
$vars['Itemid'] = $found->id;
$vars['option'] = $found->component;
/* END: HUBzero extension to set vars if found */
}
/* START: HUBzero extension to ignore the following two Joomla lines (moved to if statement above) */
//$vars['Itemid'] = $found->id;
//$vars['option'] = $found->component;
/* END: HUBzero extension to ignore the following two Joomla lines */
}
/* START: HUBzero Extension to parse com_content component specially */
if (empty($vars['option'])) {
//$bits = explode('/',ltrim($route,"/"));
$vars = $this->_parseContentRoute($segments);
if (!empty($vars['option'])) {
$route = false;
}
}
/* END: HUBzero Extension to parse com_content component specially */
/* START: HUBzero Extension to route based on unprefixed component name (if other routing fails to match) */
if (empty($vars['option'])) {
$segments = explode('/', $route);
if ($segments[0] == 'search') {
// @FIXME: search component should probably be configurable
$plugin = JPluginHelper::getPlugin('system', 'hubzero');
$param = new JParameter($plugin->params);
$search = $param->get('search', 'search');
if (empty($search)) {
$search = 'search';
}
$segments[0] = $search;
} elseif ($segments[0] == 'ysearch') {
// Hack for fallback search when hubgraph fails...
// We use ysearch as our keyword (even though ysearch doesn't exist anymore),
// just so we can distinguish between a generic search and a redirect from
// hubgraph (when it fails), which would otherwise result in an infinite loop.
$segments[0] = 'search';
}
$file = JPATH_BASE . DS . 'components' . DS . 'com_' . $segments[0] . DS . $segments[0] . ".php";
$file2 = JPATH_BASE . DS . 'components' . DS . 'com_' . $segments[0] . DS . 'site' . DS . $segments[0] . ".php";
if (file_exists($file) || file_exists($file2)) {
$vars['option'] = 'com_' . $segments[0];
if (!isset($vars['Itemid'])) {
$vars['Itemid'] = null;
}
$route = preg_replace('/^' . $segments[0] . '/', '', $route);
}
}
/* END: HUBzero Extension to route based on unprefixed component name (if other routing fails to match) */
// Set the active menu item
if (isset($vars['Itemid'])) {
$menu->setActive($vars['Itemid']);
}
// @FIXME: START FROM HUBZERO J1.5, NOT SURE WHAT TO DO WITH IT
/* START: HUBzero Extension to do ???? */
//if (empty($vars['Itemid'])) {
// $vars['Itemid'] = '-1';
//}
/* END: HUBzero Extension to do ???? */
// @FIXME: START FROM HUBZERO J1.5, NOT SURE WHAT TO DO WITH IT
// Set the variables
$this->setVars($vars);
/*
* Parse the component route
*/
if (!empty($route) && isset($this->_vars['option'])) {
$segments = explode('/', $route);
if (empty($segments[0])) {
array_shift($segments);
}
// Handle component route
$component = preg_replace('/[^A-Z0-9_\\.-]/i', '', $this->_vars['option']);
// Use the component routing handler if it exists
$path = JPATH_SITE . '/components/' . $component . '/router.php';
$path2 = JPATH_SITE . '/components/' . $component . '/site/router.php';
if ((file_exists($path) || file_exists($path2)) && count($segments)) {
if ($component != "com_search") {
// Cheap fix on searches
//decode the route segments
/* START: HUBzero Extension: don't do : to - conversion except in com_content */
/*
$segments = $this->_decodeSegments($segments);
*/
if ($component == "com_content") {
$segments = $this->_decodeSegments($segments);
}
/* END: HUBzero Extension: don't do : to - conversion except in com_content */
} else {
// fix up search for URL
$total = count($segments);
for ($i = 0; $i < $total; $i++) {
// urldecode twice because it is encoded twice
$segments[$i] = urldecode(urldecode(stripcslashes($segments[$i])));
}
}
/*require_once $path;
$function = substr($component, 4).'ParseRoute';
$function = str_replace(array("-", "."), "", $function);
$vars = $function($segments);*/
$routes = $this->getComponentRouter($component);
$vars = $routes->parse($segments);
$this->setVars($vars);
}
} else {
/* START: HUBzero Extension to check redirection table if otherwise unable to match URL to content */
if (!isset($vars['option'])) {
jimport('joomla.juri');
$db = JFactory::getDBO();
$db->setQuery("SELECT * FROM `#__redirect_links` WHERE `old_url`=" . $db->Quote($uri->current()));
$row = $db->loadObject();
if (!empty($row)) {
$myuri = JURI::getInstance($row->new_url);
$vars = $myuri->getQuery(true);
if (isset($vars['Itemid'])) {
$menu->setActive($vars['Itemid']);
}
}
}
/* END: HUBzero Extension to check redirection table if otherwise unable to match URL to content */
//Set active menu item
if ($item = $menu->getActive()) {
$vars = $item->query;
}
}
// Call System plugin to before parsing sef route
JDispatcher::getInstance()->trigger('onAfterParseSefRoute', array($vars));
/* START: HUBzero Extension to pass common query parameters to apache (for logging) */
if (!empty($vars['option'])) {
apache_note('component', $vars['option']);
}
if (!empty($vars['view'])) {
apache_note('view', $vars['view']);
}
if (!empty($vars['task'])) {
apache_note('task', $vars['task']);
}
if (!empty($vars['action'])) {
apache_note('action', $vars['action']);
}
if (!empty($vars['id'])) {
apache_note('action', $vars['id']);
}
/* END: HUBzero Extension to pass common query parameters to apache (for logging) */
return $vars;
}
