<?php define('ROOT', dirname(__FILE__)); if (!isset($con)) { require ROOT . '/config.php'; } if (!isset($titles)) { require ROOT . '/lang/' . $language . '.php'; } if (!function_exists('getSetting')) { require ROOT . '/includes/functions.php'; } @session_set_cookie_params(0, '/', getCurrentDomain()); @session_start(); // Log the user out logout();
function allowedLevels($levels) { global $con; global $script_path; $uid = mysqli_real_escape_string($con, $_SESSION['uid']); $getuser = mysqli_query($con, "SELECT * FROM users WHERE id='{$uid}'"); $gu = mysqli_fetch_array($getuser); $permid = $gu['permission']; $gperm = mysqli_query($con, "SELECT * FROM permissions WHERE id='{$permid}'"); $gp = mysqli_fetch_array($gperm); $level = explode(",", $levels); // Separate the levels from the commas $found = 0; // Check if the level of the user is one of the specified levels foreach ($level as $l) { $l = trim($l); if ($l == $gp['level']) { $found++; // Count 1 to $found if the levels match } } // If user does not have one of the specified levels, he will be redirected to a no permission link if ($found == 0) { if (getSetting("use_redirect_nopermission", "text") == "true") { header('Location: ' . getSetting("redirect_nopermission", "text")); } else { if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != "off") { header('Location: https://www.' . getCurrentDomain() . $script_path . 'profile.php?m=1'); } else { header('Location: http://www.' . getCurrentDomain() . $script_path . 'profile.php?m=1'); } } exit; } }
// Check if remember last page is enabled $last_url = $_COOKIE['last_url']; setcookie("last_url", "", time() - 3600); unset($_COOKIE['last_url']); // Delete last URL cookie to avoid infinite redirections if the user is not allowed to visit the URL echo "link|||" . $last_url; } elseif (!empty($gp['on_login'])) { // Check if the user's permission has a logged in redirect URL echo "link|||" . $gp['on_login']; } elseif (getSetting("use_redirect_login", "text") == "true") { // Check if on login redirect is enabled if (getSetting("use_redirect_login", "text") != "") { // Extra check if the URL is filled in echo "link|||" . getSetting("redirect_login", "text"); } else { echo "link|||http://www." . getCurrentDomain(); } } else { if (getSetting("message_login", "text") != "") { // Check if there is a custom message filled in, else display default message echo "text|||<h5 class='text-center green'>" . nl2br(getSetting("message_login", "text")) . "</h5>"; } else { echo "text|||<h5 class='text-center green'>" . $m['successful_login'] . "</h5>"; } } // Check if log successful logins is enabled, if so, log this login try if (getSetting("log_successful_logins", "text") == "true") { addLog("1", $_SERVER['REMOTE_ADDR'], $uid, $loginname, "website"); } } }
// Initialize Facebook $returnurl = "http://www." . getCurrentDomain() . $script_path . "social.php?return=facebook"; // Create callback URL $params = array("redirect_uri" => $returnurl, "scope" => "public_profile, email"); header('Location: ' . $facebook->getLoginUrl($params)); // Request login URL and redirect to it } // Check if login method is twitter if ($_GET['login'] == "twitter" && getSetting("enable_twitter", "text") == "true") { unset($_SESSION['oauth_token']); // Remove old oauth_token session, just to make sure it won't use them unset($_SESSION['oauth_token_secret']); // Same $twitter = twitter(); // Initialize Twitter $callback = "http://www." . getCurrentDomain() . $script_path . "social.php?return=twitter"; // Create callback URL $request_token = $twitter->oauth('oauth/request_token', array('oauth_callback' => $callback)); // Request request token $_SESSION['oauth_token'] = $request_token['oauth_token']; // Save oauth_token in session, for callback $_SESSION['oauth_token_secret'] = $request_token['oauth_token_secret']; // Same try { $url = $twitter->url('oauth/authenticate', array('oauth_token' => $request_token['oauth_token'])); // Request login URL header('Location: ' . $url); // Redirect to login URL } catch (Abraham\TwitterOAuth\TwitterOAuthException $e) { // Something went wrong ?>
$stop['lang'] = microtime(true); // Check if install.php still exists if (file_exists('./install.php') && $config->get('core', 'debug') == 0) { $notify->add('Critical Error', $lang->get('install_php_error')); } // Force disable magic quotes if required if ($config->get('core', 'disable-magic-quotes') == '1') { disable_magic_quotes(); } // Module Engine $start['initialize::mod'] = microtime(true); include './core/mod.core.php'; $mod = new Mod(); $stop['initialize::mod'] = microtime(true); // +++++++++++ Domains +++++++++++++ // $domain = getCurrentDomain(); @($d_id = (int) $domain['domainid']); if (@$d_id > 0) { $debug->add('core::domain', $domain['name'] . ' [ ' . $domain['domainid'] . ' ]'); $template = $domain['template']; if ($domain['language'] != '') { $current_language = $domain['language']; $debug->add('core::domain', 'Domain forced language to ' . strtoupper($current_language)); } } else { $debug->add('core::domain', '[ NONE ]'); } // Finally, set language after all checks have been made. $lang->set($current_language, $mobile); // +++++++++++ Check Login +++++++++++++ // $start['login'] = microtime(true);
/** * Set a cookie that expires in one year. * @param $name Name of cookie * @param $value Value of cookie */ function sendCookie($name, $value) { if (!headers_sent()) { setcookie($name, $value, time() + 31104000, "/", "." . getCurrentDomain()); } }
function getCurrentDomainIndex() { $domain = getCurrentDomain(); return (int) $domain['domainid']; }
<?php // Set Catmis version number define("productName", "Catmis"); define("productLink", "http://code.google.com/p/catmis/"); define("version", "0.5"); define("databaseVersion", "3"); // Check whether to load extensions if (!isset($noExtensions)) { $noExtensions = false; } // Include utility functions require_once "functions.php"; // Make sure session variables are set for main domain and all subdomains session_set_cookie_params(3600, '/', "." . getCurrentDomain()); // Start session session_start(); // Set default separator for PHP to avoid breaking XHTML standard ini_set("arg_separator.output", "&"); // Include configuration (int) @(include_once dirname(__FILE__) . "/config.php") or die("Configuration file can not be read. Check that the file 'include/config.php' exists."); // Check if session is valid? $checkSession = !isset($checkSession) ? true : $checkSession; // Check if values in configuration file has been set if (empty($scriptUrl) || empty($scriptPath) || empty($filePath) || empty($dbHost) || empty($dbName) || empty($dbUserId) || empty($dbPassword)) { // Display welcome message if (file_exists("install/welcome.php")) { header("Location: install/welcome.php"); exit; } else { echo "Please go to the root directory of your " . productName . " installation.";