Example #1
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     // check if we need to handle admin auth
     if (stripos($this->getRequest()->getControllerName(), 'admin') === 0) {
         defined('AM_ADMIN') || define('AM_ADMIN', true);
         if ($this->di->authAdmin->getUserId() <= 0 && $request->getControllerName() != 'admin-auth') {
             $request->setControllerName('admin-auth')->setActionName('index')->setModuleName('default');
         }
         // check for maintenance mode
     } elseif ($msg = $this->di->config->get('maintenance')) {
         if (!$this->di->authAdmin->getUserId()) {
             return amDie($msg);
         }
     }
     // check if we are accessing disabled module
     $module = $request->getModuleName();
     if ($module != 'default') {
         if (!$this->di->modules->isEnabled($module)) {
             throw new Am_Exception_InputError("You are trying to access disabled module [" . htmlentities($module) . ']');
         }
     }
 }
Example #2
0
 public function getDbService()
 {
     static $v;
     if (!empty($v)) {
         return $v;
     }
     $config = $this->getParameter('db');
     try {
         $v = Am_Db::connect($config['mysql']);
     } catch (Am_Exception_Db $e) {
         if (APPLICATION_ENV != 'debug') {
             amDie("Error establishing a database connection. Please contact site webmaster if this error does not disappear long time");
         } else {
             throw $e;
         }
     }
     return $v;
 }
Example #3
0
function create_mysql_tables()
{
    global $config, $db, $create_email_templates, $old_db_version;
    $file = join('', file("../amember.sql"));
    if (strlen($file) < 255) {
        amDie("File ../amember.sql corrupted");
    }
    $file = str_replace('@DB_MYSQL_PREFIX@', $config['db']['mysql']['prefix'], $file);
    $pfile = preg_split('/^## (\\d\\d\\d|ALL) ##\\s*$/ms', $file, -1, PREG_SPLIT_DELIM_CAPTURE);
    array_unshift($pfile, '000');
    $file = array();
    for ($i = 0; $i < count($pfile); $i += 2) {
        $file[$pfile[$i]] = $pfile[$i + 1];
    }
    foreach ($file as $k => $v) {
        if ($k == 'ALL') {
            continue;
        }
        if ($k > $old_db_version) {
            continue;
        }
        unset($file[$k]);
    }
    $file = join("\n", $file);
    preg_match_all('/(CREATE TABLE\\s+(.+?)\\s+.+?|.+?);\\s*$/ms', $file, $out);
    foreach ($out[0] as $sql) {
        if (preg_match('/CREATE TABLE\\s+(\\w+)/', $sql, $regs)) {
            $tname = $regs[1];
            if (mysql_query("SELECT * FROM {$tname} LIMIT 1", $db->conn) && !mysql_errno($db->conn)) {
                continue;
                // SKIP TABLE CREATION
            }
            print "Creating table [{$tname}]<br/>\n";
        } elseif (preg_match("/REPLACE INTO {$db->config[prefix]}config \\(name,type,value\\) VALUES \\('db_version', 0, '(\\d+)'\\)/", $sql, $rr)) {
            $db->config_set('db_version', $rr[1], 0);
            if ($rr[1] != $config['db_version']) {
                if ($rr[1] == '250') {
                    // make secure password default
                    $db->config_set('safe_send_pass', 1, 0);
                }
                print "Setting database version to [{$rr['1']}]<br/>\n";
            }
            continue;
        } elseif ($create_email_templates && preg_match("/INSERT INTO {$db->config[prefix]}email_templates VALUES \\(\\d+, '(.+?)'/", $sql, $rr)) {
            print "Importing e-mail template [{$rr['1']}].<br />\n";
        } elseif (preg_match('/(INSERT|DELETE|UPDATE|REPLACE)\\s+/', $sql)) {
            continue;
        } elseif (preg_match('/DROP_FIELD\\s+(\\w+)/', $sql, $regs)) {
            $field = $regs[1];
            $q = mysql_query("SHOW FIELDS FROM {$tname}", $db->conn);
            $sql = '';
            while (list($f, $t, $null, $index, $add) = mysql_fetch_row($q)) {
                if ($f == $field) {
                    $sql = "ALTER TABLE {$tname} DROP {$field}";
                    break;
                }
            }
            if (!$sql) {
                continue;
            }
            print "Dropping field [{$tname}.{$field}]<br />\n";
        } elseif (preg_match('/MODIFY\\s+(\\w+)\\s+(.+);/', $sql, $regs)) {
            $tname = $regs[1];
            $mreq = $regs[2];
            if (preg_match('/FIELD\\s+(\\w+)\\s+(.+)/', $mreq, $regs)) {
                $field = $regs[1];
                $q = mysql_query("SHOW FIELDS FROM {$tname}", $db->conn);
                $sql = '';
                while (list($f, $t, $null, $index, $add) = mysql_fetch_row($q)) {
                    if ($f == $field) {
                        $sql = "ALTER TABLE {$tname} CHANGE {$field} {$field} {$regs['2']};";
                        break;
                    }
                }
                if (!$sql) {
                    $sql = "ALTER TABLE {$tname} ADD {$field} {$regs['2']};";
                }
                //		print "Adding field [$tname.$field]<br />\n";
            } elseif (preg_match('/(UNIQUE INDEX|INDEX)\\s+(\\w+)\\s+.+/', $mreq, $regs)) {
                $index = $regs[2];
                $q = mysql_query("SHOW INDEX FROM {$tname}", $db->conn);
                while (list($t, $t, $index1) = mysql_fetch_row($q)) {
                    if ($index1 != $index) {
                        continue;
                    }
                    mysql_query("ALTER TABLE {$tname} DROP INDEX {$index}", $db->conn);
                }
                $sql = "ALTER TABLE {$tname} ADD {$regs['0']}";
                print "Adding index to [{$tname}]<br />\n";
                ob_end_flush();
            } else {
                // unknown modify request
                print "<font color=red>Unknown modify request: {$sql}</font><br />\n";
                continue;
            }
        }
        $sql = preg_replace('/;\\s*$/s', '', $sql);
        mysql_query($sql, $db->conn);
        if ($err = mysql_error($db->conn)) {
            $errors[] = $err . "<br />SQL: <pre>{$sql}</pre>";
        }
        if ($errors) {
            amDie($errors[0]);
        }
    }
    mysql_query("ALTER TABLE {$config[db][mysql][prefix]}aff_commission\n        CHANGE comission_id commission_id int not null", $db->conn);
}
Example #4
0
 function __error($errno, $errstr, $errfile, $errline)
 {
     if (!(error_reporting() & $errno)) {
         return;
     }
     $ef = @APPLICATION_ENV != 'debug' ? basename($errfile) : $errfile;
     switch ($errno) {
         case E_RECOVERABLE_ERROR:
             $msg = "<b>RECOVERABLE ERROR:</b> {$errstr}\nin line {$errline} of file {$errfile}";
             if (APPLICATION_ENV == 'debug') {
                 echo $msg;
             }
             $this->di->errorLogTable->log($msg);
             return true;
         case E_ERROR:
         case E_PARSE:
         case E_CORE_ERROR:
         case E_COMPILE_ERROR:
         case E_USER_ERROR:
             $this->di->errorLogTable->log("<b>ERROR:</b> {$errstr}\nin line {$errline} of file {$errfile}");
             ob_clean();
             amDie("ERROR [{$errno}] {$errstr}\nin line {$errline} of file {$ef}");
             exit(1);
         case E_USER_WARNING:
         case E_WARNING:
             if (!defined('AM_DEBUG') || !AM_DEBUG) {
                 return;
             }
             if (!defined('SILENT_AMEMBER_ERROR_HANDLER') && !(!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest')) {
                 print "<b>WARNING:</b> {$errstr}\nin line {$errline} of file {$ef}<br />";
             }
             $this->di->errorLogTable->log("<b>WARNING:</b> {$errstr}\nin line {$errline} of file {$errfile}");
             break;
         case E_STRICT:
         case E_USER_NOTICE:
         case E_NOTICE:
             if (!defined('AM_DEBUG') || !AM_DEBUG) {
                 return;
             }
             if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
                 return;
             }
             print_rr("<b>NOTICE:</b> {$errstr}\nin line {$errline} of file {$ef}<br />");
             break;
     }
 }
Example #5
0
<?php

require_once 'bootstrap.php';
$path = Zend_Controller_Front::getInstance()->getRequest()->getPathInfo();
if (!($path = preg_replace('|^/public/|', '', $path))) {
    amDie("Wrong PathInfo - no public. Internal Error");
}
if (!($path = preg_replace('|^theme/|', '', $path))) {
    amDie("Wrong PathInfo - no theme. Internal Error");
}
$path = str_replace('..', '', $path);
$path = preg_replace('/[^a-zA-Z0-9-\\/.]/', '', $path);
if (preg_match('/\\.css$/', $path)) {
    header("Content-type: text/css");
    header('Cache-Control: maxage=3600');
    header("Expires: " . gmdate('D, d M Y H:i:s', time() + 3600) . ' GMT');
    header('Pragma: public');
}
echo $theme = Am_Di::getInstance()->theme->parsePublicWithVars($path);
function loggingObHandler($output)
{
    // Free a piece of memory.
    unset($GLOBALS['_tmp_buf']);
    // Now we have additional 100K of memory, so - continue to work.
    if ($output == '' || trim($output) == '.') {
        return;
    }
    if (strstr($output, 'Fatal error') !== false) {
        $GLOBALS['db']->log_error("FATAL CRON ERROR:<br />\n{$output}");
        return amDie("ERROR: Cron run resulted to fatal script execution error. Please look for details\n        in the aMember CP -> Error Log (seek for FATAL CRON ERROR string)", true);
    } else {
        $GLOBALS['db']->log_error("DEBUG (CRON OUTPUT):<br />\n{$output}");
    }
}