function setup_ccms_for_40x_error($rcode, $pagereq) { global $cfg, $ccms, $_SERVER; // ERROR 403/404; if not 403, then we default to 404 // Or if DB query returns zero, show error 404: file does not exist // support custom Apache ErrorDocument rewrites, which use SERVER['REDIRECT_URL'], etc.: $content = ""; $complete_pageurl = $pagereq . ".html"; if ($cfg['IN_DEVELOPMENT_ENVIRONMENT']) { $content .= sprintf("<p>resp code: %d, req: %s, redir url: %s</p>", $rcode, $pagereq, !empty($_SERVER['REDIRECT_URL']) ? $_SERVER['REDIRECT_URL'] : '---'); } if (is_http_response_code($pagereq) && !empty($_SERVER['REDIRECT_URL'])) { $offending_pageurl = filterParam4FullFilePath($_SERVER['REDIRECT_URL']); if ($cfg['IN_DEVELOPMENT_ENVIRONMENT']) { $content .= sprintf("<p>resp code: %d, req: %s, redir url: %s, name: %s</p>", $rcode, $pagereq, !empty($_SERVER['REDIRECT_URL']) ? $_SERVER['REDIRECT_URL'] : '---', $offending_pageurl); } // check whether we have a 40x for a 'sane' page or for some sort of hack attempt: the latter will have a 'nasty' url (which won't equal the filtered one): if (!empty($offending_pageurl) && $offending_pageurl == $_SERVER['REDIRECT_URL']) { $complete_pageurl = $offending_pageurl; } } set_ccms_opt('module', 'error'); set_ccms_opt('module_info', null); set_ccms_opt('cfg', $cfg); set_ccms_opt('language', $cfg['language']); set_ccms_opt('tinymce_language', $cfg['language']); set_ccms_opt('editarea_language', $cfg['language']); set_ccms_opt('sitename', $cfg['sitename']); $pagetitle = $ccms['lang']['system']['error_404title']; $subheader = $ccms['lang']['system']['error_404header']; set_ccms_opt('printable', "N"); set_ccms_opt('published', "Y"); $bc = array(); $bc[] = '<a href="' . $cfg['rootdir'] . '" title="' . ucfirst($cfg['sitename']) . ' ' . $ccms['lang']['system']['home'] . '">' . $ccms['lang']['system']['home'] . '</a>'; $bc[] = $ccms['lang']['system']['error_404title']; set_ccms_opt('iscoding', "Y"); set_ccms_opt('rootdir', $cfg['rootdir']); set_ccms_opt('urlpage', $pagereq); // "404" or 'real' page -- the pagename is already filtered so no bad feedback can happen here, when site is under attack set_ccms_opt('complete_page_url', $complete_pageurl); $desc = $ccms['lang']['system']['error_404title']; set_ccms_opt('desc_extra', ''); set_ccms_opt('keywords', strval($rcode)); set_ccms_opt('responsecode', $rcode); set_ccms_opt('page_name', $pagereq); set_ccms_opt('toplevel', 0); set_ccms_opt('sublevel', 0); set_ccms_opt('menu_id', 0); set_ccms_opt('islink', 'N'); $tpl = DetermineTemplateName(null, $ccms['printing']); $tplel = explode('/', $tpl); set_ccms_opt('templatedir', $tplel[0]); set_ccms_opt('template', $tpl); $content .= $ccms['lang']['system']['error_404content']; switch ($rcode) { default: // assume 404 ~ default $ccms[] setup above. break; case 403: // patch the $ccms[] data for the 403 error: $pagetitle = $ccms['lang']['system']['error_403title']; $subheader = $ccms['lang']['system']['error_403header']; array_pop($bc); // ditch the '404' entry and replace it with... $bc[] = $ccms['lang']['system']['error_403title']; $content = $ccms['lang']['system']['error_403content']; $desc = $ccms['lang']['system']['error_403title']; break; } set_ccms_opt('breadcrumb', $bc); set_ccms_opt('pagetitle', $pagetitle); set_ccms_opt('subheader', $subheader); set_ccms_opt('desc', $desc); set_ccms_opt('title', ucfirst($ccms['pagetitle']) . ' - ' . $ccms['sitename'] . ' | ' . $ccms['subheader']); /* Even under error conditions, we need the side-effect of the content loader code: a properly initialized template! Also allow the template to override / augment the error page content: when it sets the 'content' slot, we won't override it with the default error message below. */ set_ccms_opt('content40x', $content); $rendered_page = ccmsContent(null, 'Y', false); //$content = $rendered_page['content']; //$rcode = $rendered_page['responsecode']; if (!empty($rendered_page['content'])) { $content = $rendered_page['content']; } set_ccms_opt('content', $content); }
/** * Convert any path (absolute or relative) to a fully qualified URL */ function makeAbsoluteURI($path) { $reqpage = filterParam4FullFilePath($_SERVER['PHP_SELF']); $page = array(); if (strpos($path, '://')) { if (strpos($path, '?') === false || strpos($path, '://') < strpos($path, '?')) { /* * parse_url can only parse URLs, not relative paths. * * http://bugs.php.net/report.php?manpage=function.parse-url#Notes */ $page = parse_url($path); if (isset($page[PHP_URL_SCHEME])) { return $path; } /* * We do NOT accept 'URL's like * * www.example.com/path.ext * * as input: we treat the entire string as a path (and a relative one at that)! */ } } /* * Expect input which is a subset of * * /path/file.exe?query#fragment * * with either absolute or relative path/file.ext as the mandatory part. */ $idx = strpos($path, '?'); if ($idx !== false) { $page[PHP_URL_PATH] = substr($path, 0, $idx); $path = substr($path, $idx + 1); $idx = strpos($path, '#'); if ($idx !== false) { $page[PHP_URL_QUERY] = substr($path, 0, $idx); $page[PHP_URL_FRAGMENT] = substr($path, $idx + 1); } else { $page[PHP_URL_QUERY] = $path; } } else { $page[PHP_URL_PATH] = $path; } $path = $page[PHP_URL_PATH]; if (strpos($path, '/') === 0) { //already absolute } else { /* * Convert relative path to absolute by prepending the current request path * (which is absolute) and a '../' basedir-similar. * * This way also provides for relative paths which don't start with './' but * simply say something like * relpath/file.ext * which will produce a dotted absolute path like this: * /current_request_path/reqfile.php/../relpath/file.ext * which is fine: the ../ will remove the reqfile.php component and we're left * with a neatly formatted absolute path! */ $page[PHP_URL_PATH] = $_SERVER['PHP_SELF'] . '/../' . $path; } $page[PHP_URL_PATH] = path_remove_dot_segments($page[PHP_URL_PATH]); // fill in the holes... assume defaults from the current request. if (empty($page[PHP_URL_SCHEME])) { if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || strpos(strtolower($_SERVER['SERVER_PROTOCOL']), 'https') === 0 || intval($_SERVER["SERVER_PORT"]) == 443) { $page[PHP_URL_SCHEME] = 'https'; } else { $page[PHP_URL_SCHEME] = 'http'; } } if (empty($page[PHP_URL_HOST])) { $page[PHP_URL_HOST] = $_SERVER["SERVER_NAME"]; } if (empty($page[PHP_URL_PORT])) { /* Only set the port number when it is non-standard: */ $portno = intval($_SERVER["SERVER_PORT"]); if ($portno != 0 && ($page[PHP_URL_SCHEME] == 'http' && $portno == 80) && ($page[PHP_URL_SCHEME] == 'https' && $portno == 443)) { $page[PHP_URL_PORT] = $portno; } } $url = ''; if (!empty($page[PHP_URL_SCHEME])) { $url = $page[PHP_URL_SCHEME] . '://'; } if (!empty($page[PHP_URL_USER])) { $url .= $page[PHP_URL_USER]; if (!empty($page[PHP_URL_PASS])) { $url .= ':' . $page[PHP_URL_PASS]; } $url .= '@'; } if (!empty($page[PHP_URL_HOST])) { $url .= $page[PHP_URL_HOST]; } $url .= $page[PHP_URL_PATH]; if (!empty($page[PHP_URL_QUERY])) { $url .= '?' . $page[PHP_URL_QUERY]; } if (!empty($page[PHP_URL_FRAGMENT])) { $url .= '#' . $page[PHP_URL_FRAGMENT]; } return $url; }