<?php
error_reporting(E_ALL & ~E_NOTICE);
define('MODX_BASE_PATH', realpath('../../../../') . '/');
include_once MODX_BASE_PATH . "assets/cache/siteManager.php";
define('MGR', MODX_BASE_PATH . MGR_DIR);
define('MODX_API_MODE', true);
include_once MGR . '/includes/config.inc.php';
include_once MGR . '/includes/document.parser.class.inc.php';
$modx = new DocumentParser();
$modx->db->connect();
$modx->getSettings();
startCMSSession();
$modx->minParserPasses = 2;
if (IN_MANAGER_MODE != 'true' && !$modx->hasPermission('exec_module')) {
die('<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the MODX Content Manager instead of accessing this file directly.');
}
if (version_compare(phpversion(), "5.3") < 0) {
@ini_set('magic_quotes_runtime', 0);
@ini_set('magic_quotes_sybase', 0);
}
$moduleurl = $modx->config['site_url'] . 'assets/modules/store/installer/index.php';
$modulePath = MODX_BASE_PATH . 'assets/modules/store/installer/';
$self = $modulePath . '/index.php';
require_once $modulePath . "/functions.php";
$_lang = array();
$_params = array();
$lang = $modx->config['manager_language'];
if (file_exists($modulePath . '/lang/' . $lang . '.inc.php')) {
include_once $modulePath . '/lang/' . $lang . '.inc.php';
} else {
$_SESSION['SystemAlertMsgQueque'] = array();
}
$SystemAlertMsgQueque =& $_SESSION['SystemAlertMsgQueque'];
// first we check to see if this is a frameset request
if (!isset($_POST['a']) && !isset($_GET['a']) && !isset($_POST['updateMsgCount'])) {
// this looks to be a top-level frameset request, so let's serve up a frameset
include_once "frames/1.php";
exit;
}
// OK, let's retrieve the action directive from the request
if (isset($_GET['a']) && isset($_POST['a'])) {
$modx->webAlertAndQuit($_lang["error_double_action"]);
} else {
$action = isset($_REQUEST['a']) ? (int) $_REQUEST['a'] : null;
}
if (isset($_POST['updateMsgCount']) && $modx->hasPermission('messages')) {
include_once 'messageCount.inc.php';
}
// save page to manager object
$modx->manager->action = $action;
// attempt to foil some simple types of CSRF attacks
if (isset($modx->config['validate_referer']) && intval($modx->config['validate_referer'])) {
if (isset($_SERVER['HTTP_REFERER'])) {
$referer = $_SERVER['HTTP_REFERER'];
if (!empty($referer)) {
if (!preg_match('/^' . preg_quote(MODX_SITE_URL, '/') . '/i', $referer)) {
$modx->webAlertAndQuit("A possible CSRF attempt was detected from referer: {$referer}.", "index.php");
}
} else {
$modx->webAlertAndQuit("A possible CSRF attempt was detected. No referer was provided by the client.", "index.php");
}
$action = isset($_POST['action']) ? preg_replace('/[^a-zA-Z0-9_-]+/', '', $_POST['action']) : false;
$docid = isset($_POST['id']) ? intval($_POST['id']) : false;
$tvid = isset($_POST['tvid']) ? intval(str_replace('tv', '', $_POST['tvid'])) : false;
switch ($configtype) {
case 'module':
$type = 'moduleconfig';
break;
case 'tv':
default:
$type = 'config';
break;
}
$answer = array();
switch ($mode) {
case 'dbtable':
if ($modx->hasPermission('exec_module')) {
if ($action && $config) {
$multiTV = new multiTV($modx, array('type' => 'module', 'tvUrl' => MTV_PATH));
// config exists?
$settings = $multiTV->loadSettings($config, $type, false);
if ($settings) {
$processors = isset($settings['processors']) ? $settings['processors'] : '';
$includeFile = $multiTV->includeFile($action, 'processor', '.inc.php', $processors);
if (!$includeFile) {
$includeFile = $multiTV->includeFile($action, 'processor', '.inc.php');
}
// processor available?
if ($includeFile) {
include $includeFile;
} else {
$answer['error'] = true;
