public static function Run()
{
//--
global $configs;
//--
//==
//--
if (self::$MiddlewareCompleted !== false) {
// avoid to execute more than 1 this middleware !
self::Raise500Error('Middleware App Execution already completed ...');
return;
}
//end if
self::$MiddlewareCompleted = true;
//--
$the_midmark = '[A]';
//--
if (SMART_FRAMEWORK_ADMIN_AREA !== true) {
Smart::raise_error('Admin Middleware ERROR: SMART_FRAMEWORK_ADMIN_AREA is not set to TRUE', 'Invalid Area / This middleware is designed for Admin area and requires to turn ON the Administration flag ...');
return;
}
//end if
//--
if (!defined('SMART_APP_TEMPLATES_DIR')) {
self::Raise500Error('The SMART_APP_TEMPLATES_DIR not defined ...');
return;
}
//end if
//--
if (defined('SMART_APP_MODULE_AREA')) {
self::Raise500Error('Smart App Area must NOT be Defined outside controllers ...');
return;
}
//end if
if (defined('SMART_APP_MODULE_AUTH')) {
self::Raise500Error('Smart App Module Auth must NOT be Defined outside controllers ...');
return;
}
//end if
if (defined('SMART_APP_MODULE_REALM_AUTH')) {
self::Raise500Error('Smart App Module Realm Auth must NOT be Defined outside controllers ...');
return;
}
//end if
if (defined('SMART_APP_MODULE_DIRECT_OUTPUT')) {
self::Raise500Error('Smart App Module Direct Output must NOT be Defined outside controllers ...');
return;
}
//end if
//--
//==
//--
$smartframeworkservice = '';
// special operation
if (SmartFrameworkRegistry::issetRequestVar('smartframeworkservice') === true) {
$smartframeworkservice = (string) strtolower((string) SmartUnicode::utf8_to_iso((string) SmartFrameworkRegistry::getRequestVar('smartframeworkservice')));
switch ((string) $smartframeworkservice) {
case 'status':
case 'debug':
break;
default:
// invalid value
$smartframeworkservice = '';
}
//end switch
}
//end if
//--
//==
//-- switch language by cookie (this needs to be before loading the app core)
if (strlen(trim((string) $_COOKIE['SmartApp_ADM_LANGUAGE_SET'])) > 0) {
SmartTextTranslations::setLanguage(trim((string) $_COOKIE['SmartApp_ADM_LANGUAGE_SET']));
}
//end if
//-- switch language by print cookie (this needs to be before loading the app core and after language by cookie)
if (SmartFrameworkRegistry::issetRequestVar((string) SMART_FRAMEWORK_URL_PARAM_PRINTABLE) === true) {
if (strtolower((string) SmartFrameworkRegistry::getRequestVar((string) SMART_FRAMEWORK_URL_PARAM_PRINTABLE)) == strtolower((string) SMART_FRAMEWORK_URL_VALUE_ENABLED)) {
if (strlen(trim((string) $_COOKIE['SmartApp_ADM_PRINT_LANGUAGE_SET'])) > 0) {
SmartTextTranslations::setLanguage(trim((string) $_COOKIE['SmartApp_ADM_PRINT_LANGUAGE_SET']));
}
//end if
}
//end if
}
//end if
//--
//== RAW OUTPUT FOR STATUS
//--
if ((string) $smartframeworkservice == 'status') {
//--
if (SMART_SOFTWARE_DISABLE_STATUS_POWERED === true) {
$status_powered_info = '';
} else {
$status_powered_info = (string) SmartComponents::draw_powered_info('no');
}
//end if else
//--
self::HeadersNoCache();
// headers: cache control, force no-cache
echo SmartComponents::http_status_message('Smart.Framework :: Status :: [OK]', '<script type="text/javascript">setTimeout(function(){ self.location = self.location; }, 60000);</script><img src="lib/core/img/busy_bar.gif"><div><h1>' . date('Y-m-d H:i:s O') . ' // Service Ready :: ' . $the_midmark . '</h1></div>' . $status_powered_info . '<br>');
//--
return;
// break stop
//--
}
//end if
//--
//== OVERALL AUTHENTICATION BREAKPOINT
//--
SmartAppBootstrap::Authenticate('admin');
// if the auth uses session it may start now
//--
//== RAW OUTPUT FOR DEBUG
//--
if ((string) $smartframeworkservice == 'debug') {
//--
if ((string) SMART_FRAMEWORK_DEBUG_MODE == 'yes') {
self::HeadersNoCache();
// headers: cache control, force no-cache
$the_debug_cookie = trim((string) $_COOKIE['SmartFramework__DebugAdmID']);
echo SmartDebugProfiler::print_debug_info('adm', $the_debug_cookie);
} else {
http_response_code(404);
echo SmartComponents::http_message_404_notfound('No Debug service has been activated on this server ...');
}
//end if
//--
return;
// break stop
//--
}
//end if else
//--
//== LOAD THE MODULE (OR DEFAULT MODULE)
//--
$reserved_controller_names = ['php', 'html', 'stml', 'css', 'js', 'json', 'xml', 'rss', 'txt', 'csv', 'sql', 'png', 'gif', 'jpg', 'pdf', 'svg', 'zip', '7z', 'netarch'];
// these are reserved extensions and cannot be used as controller names because they need to be used also with friendly URLs as the 2nd param if module is missing from URL page param
//--
$err404 = '';
$arr = array();
//--
$page = (string) SmartUnicode::utf8_to_iso((string) SmartFrameworkRegistry::getRequestVar('page'));
$page = trim(str_replace(array('/', '\\', ':', '?', '&', '=', '%'), array('', '', '', '', '', '', ''), $page));
// fix for get as it automatically replaces . with _ (so, reverse), but also fix some invalid characters ...
if ((string) $page == '') {
$page = (string) $configs['app']['admin-home'];
}
//end if
//--
if (strpos($page, '.') !== false) {
// page can be as module.controller / module.controller(.php|html|stml|css|js|json|xml|rss|txt|csv|sql|png|gif|jpg|pdf|svg|zip|7z|netarch)
//--
$arr = (array) explode('.', (string) $page, 3);
// separe 1st and 2nd from the rest
//--
//#
//#
$arr[0] = trim(strtolower((string) $arr[0]));
// module
$arr[1] = trim(strtolower((string) $arr[1]));
// controller
//#
//# Admin will NOT integrate with friendly URLs SMART_FRAMEWORK_SEMANTIC_URL_SKIP_MODULE
//# that feature is just for Index
//#
//--
} elseif ((string) $configs['app']['admin-default-module'] != '') {
//--
$arr[0] = trim(strtolower((string) $configs['app']['admin-default-module']));
// get default module
$arr[1] = trim(strtolower((string) $page));
// controller
//--
} else {
//--
if ((string) $err404 == '') {
$err404 = 'Invalid Page (Invalid URL Page Segments Syntax): ' . $page;
}
//end if
//--
}
//end if else
//--
if ((string) $arr[0] == '' or (string) $arr[1] == '') {
if ((string) $err404 == '') {
$err404 = 'Invalid Page (Empty or Missing URL Page Segments): ' . $page;
}
//end if
}
//end if
if (!preg_match('/^[a-z0-9_\\-]+$/', (string) $arr[0]) or !preg_match('/^[a-z0-9_\\-]+$/', (string) $arr[1])) {
if ((string) $err404 == '') {
$err404 = 'Invalid Page (Invalid Characters in the URL Page Segments): ' . $page;
}
//end if
}
//end if
if (in_array((string) $arr[1], (array) $reserved_controller_names)) {
if ((string) $err404 == '') {
$err404 = 'Invalid Page (Reserved Page Controller Name): [' . $arr[1] . '] in: ' . $page;
}
//end if
}
//end if
//--
$the_controller_name = (string) $arr[0] . '.' . $arr[1];
$the_path_to_module = Smart::safe_pathname(SmartFileSysUtils::add_dir_last_slash('modules/mod-' . Smart::safe_filename($arr[0])));
$the_module = Smart::safe_pathname($the_path_to_module . Smart::safe_filename($arr[1]) . '.php');
if (!is_file($the_module)) {
if ((string) $err404 == '') {
$err404 = 'Page does not exist: ' . $page;
}
//end if
}
//end if
//--
if ((string) $err404 != '') {
self::Raise404Error((string) $err404);
return;
}
//end if
//--
if (!SmartFileSysUtils::check_file_or_dir_name($the_path_to_module) or !SmartFileSysUtils::check_file_or_dir_name($the_module)) {
self::Raise400Error('Insecure Module Access for Page: ' . $page);
return;
}
//end if
//--
if (class_exists('SmartAppIndexController') or class_exists('SmartAppAdminController')) {
self::Raise500Error('Module Class Runtimes must be defined only in modules ...');
return;
}
//end if
//--
require (string) $the_module;
//--
if ((string) SMART_APP_MODULE_AREA !== 'ADMIN' and (string) SMART_APP_MODULE_AREA !== 'SHARED') {
self::Raise403Error('Page Access Denied for Admin Area: ' . $page);
return;
}
//end if
if (defined('SMART_APP_MODULE_AUTH')) {
if (SmartAuth::check_login() !== true) {
self::Raise403Error('Page Access Denied ! No Authentication: ' . $page);
return;
}
//end if
if (defined('SMART_APP_MODULE_REALM_AUTH')) {
if ((string) SmartAuth::get_login_realm() !== (string) SMART_APP_MODULE_REALM_AUTH) {
self::Raise403Error('Page Access Denied ! Invalid Login Realm: ' . $page);
return;
}
//end if
}
//end if
}
//end if
//--
if (!class_exists('SmartAppAdminController')) {
self::Raise500Error('Invalid Module Class Runtime for Page: ' . $page);
return;
}
//end if
if (!is_subclass_of('SmartAppAdminController', 'SmartAbstractAppController')) {
self::Raise500Error('Invalid Module Class Inheritance for Controller Page: ' . $page);
return;
}
//end if
//--
//== PATHS
//--
$base_script = SmartUtils::get_server_current_script();
$base_full_path = SmartUtils::get_server_current_path();
$base_full_url = SmartUtils::get_server_current_url();
//--
//== RUN THE MODULE
//--
$appModule = new SmartAppAdminController($the_path_to_module, $base_script, $base_full_path, $base_full_url, $page, $the_controller_name);
//--
if (SMART_APP_MODULE_DIRECT_OUTPUT !== true) {
ob_start();
}
//end if
$appStatusCode = (int) $appModule->Run();
$appModule->ShutDown();
if (SMART_APP_MODULE_DIRECT_OUTPUT !== true) {
$ctrl_output = ob_get_contents();
ob_end_clean();
if ((string) $ctrl_output != '') {
Smart::log_warning('The middleware service ' . $the_midmark . ' detected an illegal output in the controller: ' . $page . "\n" . 'The result of this output is: ' . $ctrl_output);
}
//end if
$ctrl_output = '';
} else {
return;
// break stop after the controller has terminated the direct output
}
//end if else
//--
$appSettings = (array) $appModule->PageViewGetCfgs();
//--
//== CACHE CONTROL
//--
if ((int) $appSettings['expires'] > 0 and (string) SMART_FRAMEWORK_DEBUG_MODE != 'yes') {
self::HeadersCacheExpire((int) $appSettings['expires'], (int) $appSettings['modified']);
// headers: cache expiration control
} else {
self::HeadersNoCache();
// headers: cache control, force no-cache
}
//end if else
//--
//== STATUS CODE
//--
switch ((int) $appStatusCode) {
//-- client errors
case 400:
self::Raise400Error((string) $appSettings['error']);
return;
break;
case 401:
self::Raise401Error((string) $appSettings['error']);
return;
break;
case 403:
self::Raise403Error((string) $appSettings['error']);
return;
break;
case 404:
self::Raise404Error((string) $appSettings['error']);
return;
break;
case 429:
self::Raise429Error((string) $appSettings['error']);
return;
break;
//-- server errors
//-- server errors
case 500:
self::Raise500Error((string) $appSettings['error']);
return;
break;
case 502:
self::Raise502Error((string) $appSettings['error']);
return;
break;
case 503:
self::Raise503Error((string) $appSettings['error']);
return;
break;
case 504:
self::Raise504Error((string) $appSettings['error']);
return;
break;
//-- extended 2xx statuses: NOTICE / WARNING / ERROR that can be used for REST / API
//-- extended 2xx statuses: NOTICE / WARNING / ERROR that can be used for REST / API
case 202:
// NOTICE
if (!headers_sent()) {
http_response_code(202);
// Accepted (this should be used only as an alternate SUCCESS code instead of 200 for NOTICES)
} else {
Smart::log_warning('Headers Already Sent before 202 ...');
}
//end if else
break;
case 203:
// WARNING
if (!headers_sent()) {
http_response_code(203);
// Non-Authoritative Information (this should be used only as an alternate SUCCESS code instead of 200 for WARNINGS)
} else {
Smart::log_warning('Headers Already Sent before 203 ...');
}
//end if else
break;
case 208:
// ERROR
if (!headers_sent()) {
http_response_code(208);
// Already Reported (this should be used only as an alternate SUCCESS code instead of 200 for ERRORS)
} else {
Smart::log_warning('Headers Already Sent before 208 ...');
}
//end if else
break;
//-- DEFAULT: OK
//-- DEFAULT: OK
case 200:
default:
// any other codes not listed above are not supported and will be interpreted as 200
// nothing to do here ...
}
//end switch
//--
//== PREPARE THE OUTPUT
//--
if (stripos((string) $configs['js']['popup-override-mobiles'], '<' . SmartUtils::get_os_browser_ip('os') . '>') !== false) {
$configs['js']['popup-mode'] = 'popup';
// particular os settings for mobiles
}
//end if
//--
$rawpage = '';
if (isset($appSettings['rawpage'])) {
$rawpage = strtolower((string) $appSettings['rawpage']);
if ((string) $rawpage == 'yes') {
$rawpage = 'yes';
// standardize the value
}
//end if
}
//end if
if ((string) $rawpage != 'yes') {
$rawpage = '';
}
//end if
//--
$rawmime = '';
if (isset($appSettings['rawmime'])) {
$rawmime = (string) $appSettings['rawmime'];
if ((string) $rawmime != '') {
$rawmime = SmartValidator::validate_mime_type($rawmime);
}
//end if
}
//end if else
//--
$rawdisp = '';
if (isset($appSettings['rawdisp'])) {
$rawdisp = (string) $appSettings['rawdisp'];
if ((string) $rawdisp != '') {
$rawdisp = SmartValidator::validate_mime_disposition($rawdisp);
}
//end if
}
//end if else
//--
$appData = (array) $appModule->PageViewGetVars();
//--
$appData['base-path'] = (string) $base_full_path;
$appData['base-url'] = (string) $base_full_url;
//--
//== REDIRECTION HANDLER (this can be set only explicit from Controllers)
//--
if ((string) $appSettings['redirect-url'] != '') {
// expects a valid URL
//--
$the_redirect_link = '<a href="' . Smart::escape_html((string) $appSettings['redirect-url']) . '">' . Smart::escape_html((string) $appSettings['redirect-url']) . '</a>';
//--
if (headers_sent()) {
Smart::log_warning('Headers Already Sent before Redirection: [' . $appStatusCode . '] ; URL: ' . $appSettings['redirect-url']);
self::Raise500Error('The app failed to Redirect to: ' . $the_redirect_link);
return;
}
//end if
switch ((int) $appStatusCode) {
case 301:
http_response_code(301);
$the_redirect_text = 'Moved Permanently';
// permanent redirect for HTTP 1.0 / HTTP 1.1
break;
case 302:
default:
// any other code will be interpreted as 302 (the default redirection in PHP)
http_response_code(302);
$the_redirect_text = 'Found';
// temporary redirect for HTTP 1.0 / HTTP 1.1
break;
}
//end switch
header('Location: ' . SmartFrameworkSecurity::FilterUnsafeString((string) $appSettings['redirect-url']));
echo '<h1>' . Smart::escape_html($the_redirect_text) . '</h1>' . '<br>' . 'If the page redirection fails, click on the below link:' . '<br>' . $the_redirect_link;
return;
// break stop
}
//end if
//--
//== DOWNLOADS HANDLER (downloads can be set only explicit from Controllers)
//--
if ((string) $appSettings['download-packet'] != '' and (string) $appSettings['download-key'] != '') {
// expects an encrypted data packet and a key
$dwl_result = self::DownloadsHandler((string) $appSettings['download-packet'], (string) $appSettings['download-key']);
if ((string) $dwl_result != '') {
Smart::log_info('File Download - Client: ' . SmartUtils::get_visitor_signature(), (string) $dwl_result);
// log result and mark it as finalized
}
//end if
return;
// break stop
}
//end if
//--
//== RAW OUTPUT FOR PAGES
//--
if ((string) $rawpage == 'yes') {
//-- {{{SYNC-RESOURCES}}}
if (function_exists('memory_get_peak_usage')) {
$res_memory = @memory_get_peak_usage(false);
} else {
$res_memory = 'unknown';
}
//end if else
$res_time = (double) (microtime(true) - (double) SMART_FRAMEWORK_RUNTIME_READY);
//-- #END-SYNC
if ((string) SMART_FRAMEWORK_DEBUG_MODE == 'yes') {
//-- {{{SYNC-DEBUG-META-INFO}}}
SmartFrameworkRegistry::setDebugMsg('stats', 'memory', $res_memory);
// bytes
SmartFrameworkRegistry::setDebugMsg('stats', 'time', $res_time);
// seconds
//-- #END-SYNC
$the_debug_cookie = trim((string) $_COOKIE['SmartFramework__DebugAdmID']);
SmartDebugProfiler::save_debug_info('adm', $the_debug_cookie, false);
} else {
$the_debug_cookie = '';
}
//end if
//--
if (headers_sent()) {
Smart::raise_error('Middleware ERROR: Headers already sent', 'ERROR: Headers already sent !');
return;
// avoid serve raw pages with errors injections before headers
}
//end if
//--
if ((string) $rawmime != '') {
header('Content-Type: ' . $rawmime);
}
//end if
if ((string) $rawdisp != '') {
header('Content-Disposition: ' . $rawdisp);
}
//end if
header('Content-Length: ' . (0 + strlen((string) $appData['main'])));
// must be strlen NOT SmartUnicode::str_len as it must get number of bytes not characters
echo (string) $appData['main'];
return;
// break stop
//--
}
//end if else
//--
//== DEFAULT OUTPUT
//--
if (isset($appSettings['template-path'])) {
if ((string) $appSettings['template-path'] == '@') {
// if template path is set to self (module)
$the_template_path = '@';
// this is a special setting
} else {
$the_template_path = Smart::safe_pathname(SmartFileSysUtils::add_dir_last_slash(trim((string) $appSettings['template-path'])));
}
//end if else
} else {
$the_template_path = Smart::safe_pathname(SmartFileSysUtils::add_dir_last_slash(trim((string) $configs['app']['admin-template-path'])));
// use default template path
}
//end if else
//--
if (isset($appSettings['template-file'])) {
$the_template_file = Smart::safe_filename(trim((string) $appSettings['template-file']));
} else {
$the_template_file = Smart::safe_filename(trim((string) $configs['app']['admin-template-file']));
// use default template
}
//end if else
//--
if ((string) $the_template_path == '@') {
$the_template_path = (string) $the_path_to_module . 'templates/';
// must have the dir last slash as above
} else {
$the_template_path = (string) SMART_APP_TEMPLATES_DIR . $the_template_path;
// finally normalize and set the complete template path
}
//end if else
$the_template_file = (string) $the_template_file;
// finally normalize
//--
if (!SmartFileSysUtils::check_file_or_dir_name($the_template_path)) {
Smart::log_warning('Invalid Page Template Path: ' . $the_template_path);
self::Raise500Error('Invalid Page Template Path. See the error log !');
return;
}
//end if
if (!is_dir($the_template_path)) {
Smart::log_warning('Page Template Path does not Exists: ' . $the_template_path);
self::Raise500Error('Page Template Path does not Exists. See the error log !');
return;
}
//end if
if (!SmartFileSysUtils::check_file_or_dir_name($the_template_path . $the_template_file)) {
Smart::log_warning('Invalid Page Template File: ' . $the_template_path . $the_template_file);
self::Raise500Error('Invalid Page Template File. See the error log !');
return;
}
//end if
if (!is_file($the_template_path . $the_template_file)) {
Smart::log_warning('Page Template File does not Exists: ' . $the_template_path . $the_template_file);
self::Raise500Error('Page Template File does not Exists. See the error log !');
return;
}
//end if
//--
$the_template_content = trim(SmartMarkersTemplating::read_template_file($the_template_path . $the_template_file));
if ((string) $the_template_content == '') {
Smart::log_warning('Page Template File is Empty or cannot be read: ' . $the_template_path . $the_template_file);
self::Raise500Error('Page Template File is Empty or cannot be read. See the error log !');
return;
}
//end if
//--
if ((string) SMART_FRAMEWORK_DEBUG_MODE == 'yes') {
$the_template_content = str_ireplace('</head>', "\n" . SmartDebugProfiler::js_headers_debug('admin.php?smartframeworkservice=debug') . "\n" . '</head>', $the_template_content);
$the_template_content = str_ireplace('</body>', "\n" . SmartDebugProfiler::div_main_debug() . "\n" . '</body>', $the_template_content);
}
//end if
//--
$appData['app-domain'] = (string) $configs['app']['admin-domain'];
$appData['template-file'] = $the_template_path . $the_template_file;
$appData['template-path'] = $the_template_path;
$appData['js.settings'] = SmartComponents::js_inc_settings((string) $configs['js']['popup-mode'], true, (bool) SMART_APP_VISITOR_COOKIE);
$appData['head-meta'] = (string) $appData['head-meta'];
if ((string) $appData['head-meta'] == '') {
$appData['head-meta'] = '<!-- Head Meta -->';
}
//end if
$appData['title'] = (string) $appData['title'];
$appData['main'] = (string) $appData['main'];
$appData['lang'] = SmartTextTranslations::getLanguage();
//--
if ((string) SMART_FRAMEWORK_DEBUG_MODE == 'yes') {
//--
$the_debug_cookie = 'adm-' . Smart::uuid_10_seq() . '-' . Smart::uuid_10_num() . '-' . Smart::uuid_10_str();
@setcookie('SmartFramework__DebugAdmID', (string) $the_debug_cookie, 0, '/');
// debug token cookie is set just on main request
//--
}
//end if
//--
echo SmartMarkersTemplating::render_mixed_template((string) $the_template_content, (array) $appData, (string) $appData['template-path'], 'no', 'no');
//-- {{{SYNC-RESOURCES}}}
if (function_exists('memory_get_peak_usage')) {
$res_memory = @memory_get_peak_usage(false);
} else {
$res_memory = 'unknown';
}
//end if else
$res_time = (double) (microtime(true) - (double) SMART_FRAMEWORK_RUNTIME_READY);
//-- #END-SYNC
if ((string) SMART_FRAMEWORK_DEBUG_MODE == 'yes') {
//-- {{{SYNC-DEBUG-META-INFO}}}
SmartFrameworkRegistry::setDebugMsg('stats', 'memory', $res_memory);
// bytes
SmartFrameworkRegistry::setDebugMsg('stats', 'time', $res_time);
// seconds
//-- #END-SYNC
SmartDebugProfiler::save_debug_info('adm', $the_debug_cookie, true);
//--
}
//end if else
//--
if (SMART_SOFTWARE_DISABLE_STATUS_POWERED !== true) {
echo "\n" . '<!-- Smart.Framework スマート.フレームワーク :: ' . SMART_FRAMEWORK_RELEASE_TAGVERSION . ' / ' . SMART_FRAMEWORK_RELEASE_VERSION . ' @ ' . $the_midmark . ' :: ' . SMART_FRAMEWORK_RELEASE_URL . ' -->';
}
//end if
echo "\n" . '<!-- Resources: [' . Smart::format_number_dec($res_time, 13, '.', '') . ' sec.] / [' . Smart::format_number_dec($res_memory, 0, '.', ' ') . ' by.]' . ' -->' . "\n";
//--
}
private static function lock_file_name($file_name)
{
//--
$file_name = (string) $file_name;
//--
if (!SmartFileSysUtils::check_file_or_dir_name($file_name)) {
//-- this is for absolute paths for example, to avoid create lock outside ...
if (!is_dir('tmp/locks')) {
self::dir_recursive_create('tmp/locks');
}
//end if
$lock_file = 'tmp/locks/' . SmartHashCrypto::sha256(SMART_FRAMEWORK_SECURITY_KEY . '!' . $file_name) . '__' . substr(Smart::safe_filename($file_name, '-'), 0, 99) . '.__LOCK__';
// this is a max of 165 chars (file name is no more than 255 bytes on many systems)
//--
} else {
//--
$lock_file = $file_name . '.__LOCK__';
//--
}
//end if else
//--
return (string) $lock_file;
//--
}
/**
* Start the Session on request
*
*/
public static function start()
{
//=====
//--
if (self::$started !== false) {
return;
// avoid start session if already started ...
}
//end if
self::$started = true;
// avoid run start again
//--
//=====
//--
$browser_os_ip_identification = SmartUtils::get_os_browser_ip();
// get browser and os identification
//--
if ((string) $browser_os_ip_identification['bw'] == '@s#' or (string) $browser_os_ip_identification['bw'] == 'bot') {
return;
// in this case start no session for robots or the self browser (as they do not need to share info between many visits) ; if the self browser fail to identify will be at least identified as robot in the worst case
}
//end if
//--
//=====
//-- no log as the cookies can be dissalowed by the browser
if ((string) SMART_APP_VISITOR_COOKIE == '') {
return;
// session need cookies
}
//end if
//--
//=====
//--
$sf_sess_mode = 'files';
$sf_sess_area = 'default-sess';
$sf_sess_ns = 'unknown';
$sf_sess_dir = 'tmp/sess';
//--
//=====
if (!defined('SMART_FRAMEWORK_SESSION_PREFIX')) {
Smart::log_warning('FATAL ERROR: Invalid Session Prefix :: SMART_FRAMEWORK_SESSION_PREFIX');
return;
}
//end if
if (strlen(SMART_FRAMEWORK_SESSION_PREFIX) < 3 or strlen(SMART_FRAMEWORK_SESSION_PREFIX) > 9) {
Smart::log_warning('WARNING: Session Prefix must have a length between 3 and 9 characters :: SMART_FRAMEWORK_SESSION_PREFIX');
return;
}
//end if
if (!preg_match('/^[a-z\\-]+$/', (string) SMART_FRAMEWORK_SESSION_PREFIX)) {
Smart::log_warning('WARNING: Session Prefix contains invalid characters :: SMART_FRAMEWORK_SESSION_PREFIX');
return;
}
//end if
//--
if (!defined('SMART_FRAMEWORK_SESSION_NAME')) {
Smart::log_warning('FATAL ERROR: Invalid Session Name :: SMART_FRAMEWORK_SESSION_NAME');
return;
}
//end if
if (strlen(SMART_FRAMEWORK_SESSION_NAME) < 10 or strlen(SMART_FRAMEWORK_SESSION_NAME) > 25) {
Smart::log_warning('WARNING: Session Name must have a length between 10 and 25 characters :: SMART_FRAMEWORK_SESSION_NAME');
return;
}
//end if
if (!preg_match('/^[_A-Za-z0-9]+$/', (string) SMART_FRAMEWORK_SESSION_NAME)) {
Smart::log_warning('WARNING: Session Name contains invalid characters :: SMART_FRAMEWORK_SESSION_NAME');
return;
}
//end if
if (!SmartFrameworkSecurity::ValidateVariableName(strtolower(SMART_FRAMEWORK_SESSION_NAME))) {
Smart::log_warning('WARNING: Session Name have an invalid value :: SMART_FRAMEWORK_SESSION_NAME');
return;
}
//end if
//--
if (!defined('SMART_FRAMEWORK_SESSION_LIFETIME')) {
Smart::log_warning('FATAL ERROR: Invalid Session GC Lifetime :: SMART_FRAMEWORK_SESSION_LIFETIME');
return;
}
//end if
if (!is_int(SMART_FRAMEWORK_SESSION_LIFETIME)) {
Smart::log_warning('Invalid INIT constant value for SMART_FRAMEWORK_SESSION_LIFETIME');
return;
}
//end if
//--
if (!is_dir('tmp/sessions/')) {
Smart::log_warning('FATAL ERROR: The Folder \'tmp/sessions/\' does not exists for use with Session !');
return;
}
//end if
//--
$detected_session_mode = (string) ini_get('session.save_handler');
if ((string) $detected_session_mode === 'files') {
if ((string) SMART_FRAMEWORK_SESSION_HANDLER !== 'files') {
Smart::log_warning('FATAL ERROR: The value set for SMART_FRAMEWORK_SESSION_HANDLER is not set to: files / but the value found in session.save_handler is: ' . $detected_session_mode);
return;
}
//end if
} elseif ((string) $detected_session_mode === 'user') {
if ((string) SMART_FRAMEWORK_SESSION_HANDLER === 'files') {
Smart::log_warning('FATAL ERROR: The value set for SMART_FRAMEWORK_SESSION_HANDLER is set to: files / but the value found in session.save_handler is: ' . $detected_session_mode);
return;
}
//end if
} else {
Smart::log_warning('FATAL ERROR: The value set for session.save_handler must be set to one of these modes: files or user');
return;
}
//end if
//--
//=====
//-- generate a the client private key based on it's IP and Browser
$the_sess_client_uuid = SmartUtils::unique_client_private_key();
// SHA512 key to protect session data agains forgers
//-- a very secure approach based on a chain, derived with a secret salt from the framework security key:
// (1) an almost unique client private key lock based on it's IP and Browser
// (2) an entropy derived from the client random cookie combined with the (1)
// (3) a unique session name suffix derived from (1) and (2)
// (4) a unique session id composed from (1) and (2)
//-- thus the correlation between the random public client cookie, the session name suffix and the session id makes impossible to forge it as it locks to IP+Browser, using a public entropy cookie all encrypted with a secret key and derived and related, finally composed.
$the_sess_client_lock = SmartHashCrypto::sha1(SMART_FRAMEWORK_SECURITY_KEY . '#' . $the_sess_client_uuid);
$the_sess_client_entropy = SmartHashCrypto::sha1(SMART_APP_VISITOR_COOKIE . '*' . $the_sess_client_uuid . '%' . SMART_FRAMEWORK_SECURITY_KEY);
$the_sess_nsuffix = SmartHashCrypto::sha1($the_sess_client_uuid . ':' . SMART_FRAMEWORK_SECURITY_KEY . '^' . $the_sess_client_entropy . '+' . $the_sess_client_lock . '$' . SMART_APP_VISITOR_COOKIE);
$the_sess_id = $the_sess_client_entropy . '-' . $the_sess_client_lock;
// session ID combines the secret client key based on it's IP / Browser and the Client Entropy Cookie
//--
$sf_sess_area = Smart::safe_filename((string) SMART_FRAMEWORK_SESSION_PREFIX);
$sf_sess_dpfx = substr($the_sess_client_entropy, 0, 1) . '-' . substr($the_sess_client_lock, 0, 1);
// this come from hexa so 3 chars are 16x16x16=4096 dirs
//--
if ((string) $browser_os_ip_identification['bw'] == '@s#') {
$sf_sess_ns = '@sr-' . $sf_sess_dpfx;
} elseif ((string) $browser_os_ip_identification['bw'] == 'bot') {
$sf_sess_ns = 'r0-' . $sf_sess_dpfx;
// we just need a short prefix for robots (on disk is costly for GC to keep separate folders, but of course, not so safe)
} else {
$sf_sess_ns = 'c-' . substr($browser_os_ip_identification['bw'], 0, 3) . '-' . $sf_sess_dpfx;
// we just need a short prefix for clients (on disk is costly for GC to keep separate folders, but of course, not so safe)
}
//end if else
$sf_sess_ns = Smart::safe_filename($sf_sess_ns);
//-- by default set for files
$sf_sess_mode = 'files';
$sf_sess_dir = 'tmp/sessions/' . $sf_sess_area . '/' . $sf_sess_ns . '/';
if ((string) $detected_session_mode === 'user') {
if (class_exists('SmartCustomSession')) {
if ((string) get_parent_class('SmartCustomSession') == 'SmartAbstractCustomSession') {
$sf_sess_mode = 'user-custom';
$sf_sess_dir = 'tmp/sessions/' . $sf_sess_area . '/';
// here the NS is saved in DB so we do not need to complicate paths
} else {
Smart::log_warning('SESSION INIT ERROR: Invalid Custom Session Handler. The class SmartCustomSession must be extended from class SmartAbstractCustomSession ...');
return;
}
//end if else
} else {
Smart::log_warning('SESSION INIT ERROR: Custom Session Handler requires the class SmartCustomSession ...');
return;
}
//end if
}
//end if
$sf_sess_dir = Smart::safe_pathname($sf_sess_dir);
//--
if (!is_dir($sf_sess_dir)) {
SmartFileSystem::dir_recursive_create($sf_sess_dir);
}
//end if
SmartFileSystem::write_if_not_exists('tmp/sessions/' . $sf_sess_area . '/' . 'index.html', '');
//=====
//--
@session_save_path($sf_sess_dir);
@session_cache_limiter('nocache');
//--
$the_name_of_session = (string) SMART_FRAMEWORK_SESSION_NAME . '__Key_' . $the_sess_nsuffix;
// protect session name data agains forgers
//--
@session_id((string) $the_sess_id);
@session_name((string) $the_name_of_session);
//--
$tmp_exp_seconds = Smart::format_number_int(SMART_FRAMEWORK_SESSION_LIFETIME, '+');
if ($tmp_exp_seconds > 0) {
@session_set_cookie_params((int) $tmp_exp_seconds, '/');
// session cookie expire and the path
}
// end if
//-- be sure that session_write_close() is executed at the end of script if script if die('') premature and before pgsql shutdown register in the case of DB sessions
register_shutdown_function('session_write_close');
//-- handle custom session handler
if ((string) $sf_sess_mode === 'user-custom') {
//--
$sess_obj = new SmartCustomSession();
$sess_obj->sess_area = (string) $sf_sess_area;
$sess_obj->sess_ns = (string) $sf_sess_ns;
$sess_obj->sess_expire = (int) $tmp_exp_seconds;
//--
session_set_save_handler(array($sess_obj, 'open'), array($sess_obj, 'close'), array($sess_obj, 'read'), array($sess_obj, 'write'), array($sess_obj, 'destroy'), array($sess_obj, 'gc'));
//--
}
//end if else
//-- start session
@session_start();
//--
if ((string) $_SESSION['SoftwareFramework_VERSION'] != (string) SMART_FRAMEWORK_VERSION or (string) $_SESSION['website_ID'] != (string) SMART_SOFTWARE_NAMESPACE or strlen($_SESSION['session_ID']) < 32) {
//--
$_SESSION['SoftwareFramework_VERSION'] = (string) SMART_FRAMEWORK_VERSION;
// software version
$_SESSION['SoftwareFramework_SessionMode'] = (string) $sf_sess_mode;
// session mode
$_SESSION['website_ID'] = (string) SMART_SOFTWARE_NAMESPACE;
// the website ID
$_SESSION['uniqbrowser_ID'] = (string) $the_sess_client_uuid;
// a true unique browser ID (this is a protection against sessionID forgers)
$_SESSION['session_ID'] = (string) @session_id();
// read current session ID
$_SESSION['session_STARTED'] = (string) date('Y-m-d H:i:s O');
// read current session ID
//--
}
//end if
//--
if (!isset($_SESSION['visit_COUNTER'])) {
$_SESSION['visit_COUNTER'] = 1;
} else {
$_SESSION['visit_COUNTER'] += 1;
}
//end if else
//--
$_SESSION['SmartFramework__Browser__Identification__Data'] = (array) $browser_os_ip_identification;
//--
if ((string) $_SESSION['uniqbrowser_ID'] != (string) $the_sess_client_uuid) {
// we need at least a md5 session
//-- log, then unset old session (these are not well tested ...)
Smart::log_notice('Session Security Breakpoint :: Session-BrowserUniqueID = ' . $_SESSION['uniqbrowser_ID'] . "\n" . 'SessionSecurityUniqueID = ' . $the_sess_client_uuid . "\n" . 'Browser Ident = ' . $browser_os_ip_identification['bw'] . "\n" . 'Cookies = ' . print_r($_COOKIE, 1) . "\n" . 'SessID = ' . $_SESSION['session_ID'] . "\n" . 'ClientIP = ' . SmartUtils::get_ip_client() . ' @ ' . $_SERVER['REMOTE_ADDR'] . "\n" . 'UserAgent = ' . $_SERVER['HTTP_USER_AGENT']);
$_SESSION = array();
// reset it
//-- unset the cookie (from this below is tested)
@setcookie($the_name_of_session, 'EXPIRED', 1, '/');
//-- stop execution with message
Smart::raise_error('SESSION // SECURITY BREAK POINT: Possible Session Forgery Detected ...', 'SESSION // SECURITY BREAK POINT: Possible Session Forgery Detected ! Please refresh the page ... A new session will be assigned ! If you are not trying to forge another user\' session this situation can occur also if you are behind a proxy and some of your navigation parameters has been changed ! If this problem persist try to restart your browser or use other browser. If still persist, contact the website administrator');
die('');
// just in case
return;
// or is better to silent discard it ?
//--
}
//end if
//--
self::$active = time();
// successfuly started
//--
}
public static function print_debug_info($y_area, $y_debug_token)
{
global $configs;
//-- {{{SYNC-DEBUG-DATA}}}
if ((string) SMART_FRAMEWORK_DEBUG_MODE != 'yes') {
return '';
}
//end if
//--
if ((string) $y_area != 'idx' and (string) $y_area != 'adm') {
return '';
}
//end if
//--
$y_debug_token = trim((string) $y_debug_token);
if ((string) $y_debug_token == '') {
return '';
}
//end if
//--
$the_dir = 'tmp/logs/' . Smart::safe_filename($y_area) . '/' . date('Y-m-d@H') . '-debug-data/' . Smart::safe_filename($y_debug_token) . '/';
//-- #END# SYNC
//--
$storage = (new SmartGetFileSystem(true))->get_storage($the_dir, true, false);
$arr = array();
if (is_array($storage['list-files'])) {
$storage['list-files'] = Smart::array_sort($storage['list-files'], 'natsort');
for ($i = 0; $i < Smart::array_size($storage['list-files']); $i++) {
$arr[] = Smart::unseryalize(SmartFileSystem::read($storage['list-files'][$i]));
}
//end if
}
//end if
$storage = array();
//--
//--
$debug_response = '';
$debug_resources = '';
$debug_environment = '';
$debug_session = '';
$debug_auth = '';
$debug_mail = '';
$debug_dbqueries = '';
$debug_optimizations = '';
$debug_extra = '';
$debug_modules = '';
$tmp_decode_arr = array();
//--
$start_marker = '<div class="smartframework_debugbar_status smartframework_debugbar_status_title"><font size="5"><b># DEBUG Data :: ALL REQUESTS #</b></font></div>';
$end_marker = '<div class="smartframework_debugbar_status smartframework_debugbar_status_title"><font size="3"><b># DEBUG # END #</b></font></div>';
//--
for ($i = 0; $i < Smart::array_size($arr); $i++) {
//--
if ($arr[$i]['is-request-main'] === true) {
$txt_main = '<div class="smartframework_debugbar_status smartframework_debugbar_status_title"><font size="5"><b># DEBUG Data :: MAIN REQUEST #</b></font></div>';
} else {
$txt_main = '<div class="smartframework_debugbar_status smartframework_debugbar_status_title"><font size="3"><b># DEBUG Data :: SUB-REQUEST #</b></font></div>';
}
//end if else
$txt_token = '<div class="smartframework_debugbar_status smartframework_debugbar_status_token" style="width: 400px; text-align: center;"><font size="2"><b>Debug Token: ' . Smart::escape_html($arr[$i]['debug-token']) . '</b></font></div>';
$txt_url = '<div class="smartframework_debugbar_status smartframework_debugbar_status_url"><font size="2">URL: ' . Smart::escape_html($arr[$i]['request-uri']) . '</font></div>';
//--
$debug_response .= $txt_main . $txt_url . $txt_token . self::print_log_headers($arr[$i]['response-code'], Smart::unseryalize(base64_decode($arr[$i]['response-headers'])), Smart::unseryalize(base64_decode($arr[$i]['request-headers']))) . '<hr>';
//--
$debug_resources .= $txt_main . $txt_url . $txt_token . self::print_log_resources($arr[$i]['resources-time'], $arr[$i]['resources-memory']);
//--
$debug_environment .= $txt_main . $txt_url . $txt_token . self::print_log_environment(Smart::unseryalize(base64_decode($arr[$i]['env-req-filtered'])), Smart::unseryalize(base64_decode($arr[$i]['env-cookies'])), Smart::unseryalize(base64_decode($arr[$i]['env-get'])), Smart::unseryalize(base64_decode($arr[$i]['env-post'])), Smart::unseryalize(base64_decode($arr[$i]['env-server']))) . '<hr>';
//--
$debug_session .= $txt_main . $txt_url . $txt_token . self::print_log_session(Smart::unseryalize(base64_decode($arr[$i]['php-session']))) . '<hr>';
//--
$debug_auth .= $txt_main . $txt_url . $txt_token . self::print_log_auth($arr[$i]['auth-data']) . '<hr>';
//--
if (is_array($arr[$i]['log-optimizations'])) {
$debug_optimizations .= $txt_main . $txt_url . $txt_token;
foreach ($arr[$i]['log-optimizations'] as $key => $val) {
$debug_optimizations .= self::print_log_optimizations(strtoupper((string) $key), Smart::unseryalize(base64_decode($val))) . '<hr>';
}
//end foreach
}
//end if
//--
if (is_array($arr[$i]['log-mail'])) {
$debug_mail .= $txt_main . $txt_url . $txt_token . self::print_log_mail(Smart::unseryalize(base64_decode($arr[$i]['log-mail']))) . '<hr>';
}
//end if
//--
if (is_array($arr[$i]['log-db'])) {
$debug_dbqueries .= $txt_main . $txt_url . $txt_token;
foreach ($arr[$i]['log-db'] as $key => $val) {
$debug_dbqueries .= self::print_log_database(strtoupper((string) $key), Smart::unseryalize(base64_decode($val))) . '<hr>';
}
//end foreach
}
//end if
//--
if (is_array($arr[$i]['log-extra'])) {
$debug_extra .= $txt_main . $txt_url . $txt_token;
foreach ($arr[$i]['log-extra'] as $key => $val) {
$debug_extra .= self::print_log_extra(strtoupper((string) $key), Smart::unseryalize(base64_decode($val))) . '<hr>';
}
//end foreach
}
//end if
//--
if (is_array($arr[$i]['log-modules'])) {
$debug_modules .= $txt_main . $txt_url . $txt_token;
foreach ($arr[$i]['log-modules'] as $key => $val) {
$debug_modules .= self::print_log_modules(strtoupper((string) $key), Smart::unseryalize(base64_decode($val))) . '<hr>';
}
//end foreach
}
//end if
//--
}
//end for
//--
if ((string) $debug_optimizations == '') {
$debug_optimizations = '<div class="smartframework_debugbar_status smartframework_debugbar_status_nodata"><font size="5"><b>Optimization Hints: N/A</b></font></div>';
} else {
$debug_optimizations .= $end_marker;
}
//end if else
//--
if ((string) $debug_mail == '') {
$debug_mail = '<div class="smartframework_debugbar_status smartframework_debugbar_status_nodata"><font size="5"><b>Mail Debug: No data</b></font></div>';
} else {
$debug_mail .= $end_marker;
}
//end if else
//--
if ((string) $debug_dbqueries == '') {
$debug_dbqueries = '<div class="smartframework_debugbar_status smartframework_debugbar_status_nodata"><font size="5"><b>Database Debug: No Queries found</b></font></div>';
} else {
$debug_dbqueries .= $end_marker;
}
//end if else
//--
if ((string) $debug_extra == '') {
$debug_extra = '<div class="smartframework_debugbar_status smartframework_debugbar_status_nodata"><font size="5"><b>Extra Debug: No data</b></font></div>';
} else {
$debug_extra .= $end_marker;
}
//end if else
//--
if ((string) $debug_modules == '') {
$debug_modules = '<div class="smartframework_debugbar_status smartframework_debugbar_status_nodata"><font size="5"><b>Modules Debug: No data</b></font></div>';
} else {
$debug_modules .= $end_marker;
}
//end if else
//--
//--
return SmartMarkersTemplating::render_file_template('lib/core/templates/debug-profiler-footer.inc.htm', array('DEBUG-TIME' => date('Y-m-d H:i:s O'), 'DEBUG-RUNTIME' => $start_marker . self::print_log_runtime() . $end_marker, 'DEBUG-CONFIGS' => $start_marker . self::print_log_configs() . $end_marker, 'DEBUG-RESOURCES' => $debug_resources . $end_marker, 'DEBUG-HEADERS' => $debug_response . $end_marker, 'DEBUG-ENVIRONMENT' => $debug_environment . $end_marker, 'DEBUG-SESSION' => $debug_session . $end_marker, 'DEBUG-AUTH' => $debug_auth . $end_marker, 'DEBUG-OPTIMIZATIONS' => $debug_optimizations, 'DEBUG-MAIL' => $debug_mail, 'DEBUG-DATABASE' => $debug_dbqueries, 'DEBUG-EXTRA' => $debug_extra, 'DEBUG-MODULES' => $debug_modules), 'no');
//--
}
/**
* Test if Application Module Exists in modules/
*
* @param STRING $y_module_name :: The short module name (Ex: for 'modules/mod-something', this parameter would be: 'mod-something'
*
* @return BOOLEAN :: TRUE if module exists, FALSE if not detected
*/
public static function TestIfModuleExists($y_module_name)
{
//--
$y_module_name = Smart::safe_filename((string) $y_module_name);
//--
$test_cache = (string) self::$cache['TestIfModuleExists:' . $y_module_name];
//--
if ((string) $test_cache != '') {
// get cached test
//--
if ((string) $test_cache == 'YES') {
$exists = true;
} else {
$exists = false;
}
//end if
//--
} else {
// real test
//--
if (is_dir('modules/' . $y_module_name . '/')) {
$exists = true;
self::$cache['TestIfModuleExists:' . $y_module_name] = 'YES';
} else {
$exists = false;
self::$cache['TestIfModuleExists:' . $y_module_name] = 'NO';
}
//end if
//--
}
//end if else
//--
return (bool) $exists;
//--
}
