function Controller()
{
# create database object
if (!is_object($this->db)) {
include_once SP_LIBPATH . "/database.class.php";
$dbObj = new Database(DB_ENGINE);
$this->db = $dbObj->dbConnect();
$this->db->query("show tables", true);
if ($this->db->noRows <= 0) {
showErrorMsg("<p>The database tables could not be found.</p><p><a href=\"install/index.php\">Click here to install Seo Panel.</a></p>");
}
}
$this->view = new View();
$this->session = new Session();
$this->validate = new Validation();
$this->spider = new Spider();
$this->paging = new Paging();
# to define all system variables
$this->defineAllSystemSettings();
# to define all system variables
$force = false;
if (!empty($_GET['lang_code'])) {
$this->assignLangCode(trim($_GET['lang_code']));
$_GET['lang_code'] = '';
$force = true;
}
# func to assign texts to session
$_SESSION['lang_code'] = empty($_SESSION['lang_code']) ? SP_DEFAULTLANG : $_SESSION['lang_code'];
$this->assignTextsToSession($_SESSION['lang_code'], $force);
}
function checkDBConn($force = false)
{
if ($force || !is_object($this->db)) {
$dbObj = new Database(DB_ENGINE);
$this->db = $dbObj->dbConnect();
}
}
public static function connect($dbsortName = 'default')
{
global $db;
if (self::$hasConnected == 'no') {
if (!is_array($db[$dbsortName])) {
return false;
}
self::$dbinfo = $db[$dbsortName];
self::$dbType = $db[$dbsortName]['dbtype'];
switch ($db[$dbsortName]['dbtype']) {
case "mysqli":
$conn = new mysqli($db[$dbsortName]['dbhost'], $db[$dbsortName]['dbuser'], $db[$dbsortName]['dbpassword'], $db[$dbsortName]['dbname'], $db[$dbsortName]['dbport']);
// if (!$conn) Alert::make('Cant connect to your database.');
self::$dbConnect = $conn;
self::$hasConnected = 'yes';
self::$dbName = $db[$dbsortName]['dbname'];
if (isset($conn->connect_error[5])) {
Log::error('Can not connect to your database. You must to edit file config.php now!');
}
return $conn;
break;
case "sqlserver":
$conn = DatabaseSqlserver::connect();
self::$error = DatabaseSqlserver::$error;
self::$dbConnect = $conn;
self::$hasConnected = 'yes';
return $conn;
break;
case "mssql":
$conn = DatabaseMSSQL::connect();
// self::$error = DatabaseMSSQL::$error;
self::$dbConnect = $conn;
self::$hasConnected = 'yes';
return $conn;
break;
case "pdo":
$conn = DatabasePDO::connect();
self::$dbConnect = $conn;
self::$hasConnected = 'yes';
return $conn;
break;
// case "mysql":
//
// $conn = mysql_connect($db['dbhost'], $db['dbuser'], $db['dbpassword']);
//
// mysql_select_db($db['dbname']);
//
// self::$dbConnect = $conn;
//
// self::$hasConnected = 'yes';
//
// break;
}
}
}
error_reporting(0);
}
# system settings
define('SP_CONFPATH', SP_ABSPATH . "/config");
define('SP_CTRLPATH', SP_ABSPATH . "/controllers");
define('SP_INCPATH', SP_ABSPATH . "/includes");
define('SP_LIBPATH', SP_ABSPATH . "/libs");
define('SP_TMPPATH', SP_ABSPATH . "/tmp");
define('SP_PLUGINPATH', SP_ABSPATH . "/plugins");
define('SP_THEMEPATH', SP_ABSPATH . "/themes");
define('SP_DATAPATH', SP_ABSPATH . "/install/data");
define('SP_JSPATH', SP_WEBPATH . "/js");
#create database object
include_once SP_LIBPATH . "/database.class.php";
$dbObj = new Database(DB_ENGINE);
$dbConn = $dbObj->dbConnect();
# web settings
$sql = "select * from themes where status=1 order by id";
$themeInfo = $dbConn->select($sql, true);
$themeLocation = empty($themeInfo['folder']) ? "themes/classic" : "themes/" . $themeInfo['folder'];
define('SP_VIEWPATH', SP_ABSPATH . "/{$themeLocation}/views");
define('SP_CSSPATH', SP_WEBPATH . "/{$themeLocation}/css");
define('SP_IMGPATH', SP_WEBPATH . "/{$themeLocation}/images");
# to prevent sql injection
if (!empty($_SERVER['REQUEST_METHOD']) && SP_PREVENT_SQL_INJECTION) {
# merge all post and get elements
foreach (array_merge($_GET, $_POST) as $name => $value) {
# if not a numeric parameter
if (is_string($value) && !empty($value) && !is_numeric($value)) {
# Search for patterns in the value of the parameter that indicate an SQL injection
$pattern = '/(and|or)[\\s\\(\\)\\/\\*]+(update|delete|select)\\W|(select|update).+\\.(password|email)|(select|update|delete).+users/im';
