public function process()
{
Ozone::init();
$runData = new RunData();
$runData->init();
Ozone::setRunData($runData);
$runData->handleSessionStart();
$user = $runData->getUser();
$site = $this->siteFromHost($_SERVER['HTTP_HOST'], false, true);
if (!$this->userAllowed($user, $site)) {
$this->setContentTypeHeader("text/javascript");
echo "window.location = '/local--auth/' + encodeURIComponent(window.location);";
}
}
public function process()
{
Ozone::init();
$runData = new RunData();
$runData->init();
Ozone::setRunData($runData);
$url = $_GET["url"];
$confirm = isset($_GET["confirm"]);
$setie = isset($_GET["setiecookie"]);
$siteHost = $_SERVER['HTTP_HOST'];
$site = $this->siteFromHost($siteHost, true, true);
if ($setie) {
if ($siteHost != GlobalProperties::$URL_DOMAIN) {
$this->siteNotExists();
}
$runData->handleSessionStart();
if ($runData->getUser()) {
setcookie(GlobalProperties::$SESSION_COOKIE_NAME_IE, $runData->getSessionId(), null, '/');
} else {
setcookie(GlobalProperties::$SESSION_COOKIE_NAME_IE, "ANONYMOUS", null, '/');
}
$this->redirect($url);
} else {
if (!$site) {
$this->siteNotExists();
return;
}
if (!$confirm) {
$user_id = $_GET["user_id"];
$skey = $_GET["skey"];
$session = $runData->getSessionFromDomainHash($skey, $_SERVER['HTTP_HOST'], $user_id);
if ($session) {
setcookie(GlobalProperties::$SESSION_COOKIE_NAME, "_domain_cookie_{$user_id}_{$skey}", null, '/', GlobalProperties::$SESSION_COOKIE_DOMAIN);
$this->redirectConfirm($url);
} else {
$this->redirect($url);
}
} else {
// checking if cookie exists
$runData->handleSessionStart();
if ($runData->getUser()) {
$this->redirect($url);
} else {
$this->cookieError($url);
}
}
}
}
public function process()
{
Ozone::init();
$runData = new RunData();
$runData->init();
Ozone::setRunData($runData);
/* Get session cookie.*/
$sessionId = $_COOKIE[GlobalProperties::$SESSION_COOKIE_NAME];
if (!$sessionId) {
throw new ProcessException('Please accept cookies in your browser.');
}
/* Make sure we are using http: protocol. */
if ($_SERVER['HTTPS']) {
throw new ProcessException('This controller should be invoked in the http: mode.');
}
$pl = $runData->getParameterList();
$sessionHash = $pl->getParameterValue('sessionHash');
/* Select session from the database. */
$c = new Criteria();
$c->add('session_id', $sessionId);
$c->add("md5(session_id || '" . self::$secretSeed . "')", $sessionHash);
$session = DB_OzoneSessionPeer::instance()->selectOne($c);
if (!$session) {
throw new ProcessException('No valid session found.');
}
/* Set IP strings. */
/* Assume that the previous ip was obtained using the SSL proto.
If not, this controller should not be invoked at all. */
$session->setIpAddressSsl($session->getIpAddress());
$session->setIpAddress($runData->createIpString());
$session->save();
/* IMPORTANT: Also clear the session cache. */
$mc = OZONE::$memcache;
$key = 'session..' . $session->getSessionId();
$mc->set($key, $session, 0, 600);
/* If everything went well, redirect to the original URL. */
$url = $pl->getParameterValue('origUrl');
if (!$url) {
$url = 'http://' . GlobalProperties::$URL_HOST;
}
//echo $url;
header('HTTP/1.1 301 Moved Permanently');
header("Location: {$url}");
}
public function process()
{
global $timeStart;
// initialize logging service
$logger = OzoneLogger::instance();
$loggerFileOutput = new OzoneLoggerFileOutput();
$loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log");
$logger->addLoggerOutput($loggerFileOutput);
$logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL);
$logger->debug("AJAX module request processing started, logger initialized");
Ozone::init();
$runData = new RunData();
/* processing an AJAX request! */
$runData->setAjaxMode(true);
$runData->init();
// extra return array - just for ajax handling
$runData->ajaxResponseAdd("status", "OK");
Ozone::setRunData($runData);
$logger->debug("RunData object created and initialized");
// handle session at the begging of procession
$runData->handleSessionStart();
$template = $runData->getModuleTemplate();
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
// module security check
if (!$module->isAllowed($runData)) {
if ($classFile == $runData->getModuleClassPath()) {
$runData->setModuleTemplate("errors/NotAllowed");
} else {
// $module->isAllowed() should set the error template!!! if not -
// default NotAllowed is used
// reload the class again - we do not want the unsecure module to render!
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
$runData->setAction(null);
}
}
Ozone::initSmarty();
$logger->debug("OZONE initialized");
Ozone::initServices();
$logger->debug("Smarty template services loaded");
Ozone::parseMacros();
$logger->debug("Smarty macros parsed");
Ozone::updateSmartyPlain();
$logger->debug("plain version of Smarty created");
$logger->info("Ozone engines successfully initialized");
// PROCESS ACTION
$actionClass = $runData->getAction();
$logger->debug("processing action {$actionClass}");
while ($actionClass != null) {
require_once PathManager::actionClass($actionClass);
$tmpa1 = explode('/', $actionClass);
$actionClassStripped = end($tmpa1);
$action = new $actionClassStripped();
// action security check
$classFile = $runData->getModuleClassPath();
if (!$action->isAllowed($runData)) {
if ($classFile == $runData->getModuleClassPath()) {
$runData->setModuleTemplate("errors/NotAllowed");
}
// $action->isAllowed() should set the error template!!! if not -
// default NotAllowed is used
break;
}
$actionEvent = $runData->getActionEvent();
if ($actionEvent != null) {
$action->{$actionEvent}($runData);
$logger->debug("processing action: {$actionClass}, event: {$actionEvent}");
} else {
$logger->debug("processing action: {$actionClass}");
$action->perform($runData);
}
// this is in case action changes the action name so that
// the next action can be executed.
if ($runData->getNextAction() != null) {
$actionClass = $runData->getNextAction();
$runData->setAction($actionClass);
$runData->setActionEvent($runData->getNextActionEvent());
} else {
$actionClass = null;
}
}
// end action process
// check if template has been changed by the module. if so...
if ($template != $runData->getModuleTemplate) {
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
}
$module->setTemplate($template);
$rendered = $module->render($runData);
$rVars = $runData->getAjaxResponse();
if ($rendered != null) {
// process modules...
$moduleProcessor = new ModuleProcessor($runData);
$out = $moduleProcessor->process($rendered);
$rVars['body'] = $out;
}
$json = new JSONService();
$out = $json->encode($rVars);
echo $out;
$runData->handleSessionEnd();
}
public function process()
{
Ozone::init();
$runData = new RunData();
$runData->init();
Ozone::setRunData($runData);
$siteHost = $_SERVER['HTTP_HOST'];
$site = $this->siteFromHost($siteHost, false, true);
if (!$site) {
$this->siteNotExists();
return;
}
if ($site->getSettings()->getSslMode() == "ssl_only" && !$_SERVER['HTTPS']) {
header("HTTP/1.1 301 Moved Permanently");
header("Location: https://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}");
return;
}
$file = urldecode($_SERVER['QUERY_STRING']);
$file = preg_replace("/\\?[0-9]+\$/", "", $file);
$file = preg_replace("|^/*|", "", $file);
if (!$file) {
$this->fileNotExists();
return;
}
$path = $this->buildPath($site, $file);
if ($this->isUploadDomain($siteHost) || !GlobalProperties::$USE_UPLOAD_DOMAIN) {
if ($this->publicArea($site, $file)) {
if ($this->isCodeRequest($file)) {
$this->serveCode($site, $file, GlobalProperties::$CACHE_FILES_FOR, GlobalProperties::$RESTRICT_HTML);
} else {
$this->serveFileWithMime($path, GlobalProperties::$CACHE_FILES_FOR, GlobalProperties::$RESTRICT_HTML);
}
return;
} else {
/* NON PUBLIC AREA -- CHECK PERMISSION! */
$runData->handleSessionStart();
$user = $runData->getUser();
if ($this->userAllowed($user, $site, $file)) {
if ($this->isCodeRequest($file)) {
$this->serveCode($site, $file, -3600);
} elseif ($this->isAuthRequest($file)) {
$this->serveAuthResponse($file);
} else {
$this->serveFileWithMime($path, -3600, GlobalProperties::$RESTRICT_HTML);
}
return;
} else {
$url = $this->buildURL($site, GlobalProperties::$URL_DOMAIN, $file);
$this->redirect($url);
return;
}
}
} else {
/* NOT UPLOAD DOMAIN, so it's *.wikidot.com or a custom domain */
if ($this->publicArea($site, $file)) {
$url = $this->buildURL($site, GlobalProperties::$URL_UPLOAD_DOMAIN, $file);
$this->redirect($url);
return;
} else {
$runData->handleSessionStart();
$user = $runData->getUser();
if ($this->userAllowed($user, $site, $file)) {
$siteFilesDomain = $site->getUnixName() . "." . GlobalProperties::$URL_UPLOAD_DOMAIN;
$skey = $runData->generateSessionDomainHash($siteFilesDomain);
$user_id = $user->getUserId();
$file_url = $this->buildURL($site, GlobalProperties::$URL_UPLOAD_DOMAIN, $file);
$url = $siteFilesDomain . CustomDomainLoginFlowController::$controllerUrl;
$this->redirect($url, array("user_id" => $user_id, "skey" => $skey, "url" => $file_url), true);
return;
}
}
}
$this->forbidden();
}
public function process()
{
global $timeStart;
// initialize logging service
$logger = OzoneLogger::instance();
$loggerFileOutput = new OzoneLoggerFileOutput();
$loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log");
$logger->addLoggerOutput($loggerFileOutput);
$logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL);
$logger->debug("AJAX module request processing started, logger initialized");
Ozone::init();
$runData = new RunData();
/* processing an AJAX request! */
$runData->setAjaxMode(true);
$runData->init();
// extra return array - just for ajax handling
$runData->ajaxResponseAdd("status", "ok");
Ozone::setRunData($runData);
$logger->debug("RunData object created and initialized");
try {
// check security token
if ($_COOKIE['wikidot_token7'] == null || $_COOKIE['wikidot_token7'] !== $runData->getParameterList()->getParameterValue('wikidot_token7', 'AMODULE')) {
throw new ProcessException("no", "wrong_token7");
}
//remove token from parameter list!!!
$runData->getParameterList()->delParameter('wikidot_token7');
$callbackIndex = $runData->getParameterList()->getParameterValue('callbackIndex');
$runData->getParameterList()->delParameter('callbackIndex');
// check if site (wiki) exists!
$siteHost = $_SERVER["HTTP_HOST"];
$memcache = Ozone::$memcache;
if (preg_match("/^([a-zA-Z0-9\\-]+)\\." . GlobalProperties::$URL_DOMAIN_PREG . "\$/", $siteHost, $matches) == 1) {
$siteUnixName = $matches[1];
// select site based on the unix name
// check memcached first!
// the memcache block is to avoid database connection if possible
$mcKey = 'site..' . $siteUnixName;
$site = $memcache->get($mcKey);
if ($site == false) {
$c = new Criteria();
$c->add("unix_name", $siteUnixName);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
$memcache->set($mcKey, $site, 0, 3600);
}
} else {
// select site based on the custom domain
$mcKey = 'site_cd..' . $siteHost;
$site = $memcache->get($mcKey);
if ($site == false) {
$c = new Criteria();
$c->add("custom_domain", $siteHost);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
$memcache->set($mcKey, $site, 0, 3600);
}
GlobalProperties::$SESSION_COOKIE_DOMAIN = '.' . $siteHost;
}
if (!$site) {
throw new ProcessException(_('The requested site does not exist.'));
}
$runData->setTemp("site", $site);
//nasty global thing...
$GLOBALS['siteId'] = $site->getSiteId();
$GLOBALS['site'] = $site;
// set language
$runData->setLanguage($site->getLanguage());
$GLOBALS['lang'] = $site->getLanguage();
// and for gettext too:
$lang = $site->getLanguage();
switch ($lang) {
case 'pl':
$glang = "pl_PL";
break;
case 'en':
$glang = "en_US";
break;
}
putenv("LANG={$glang}");
putenv("LANGUAGE={$glang}");
setlocale(LC_ALL, $glang . '.UTF-8');
// Set the text domain as 'messages'
$gdomain = 'messages';
bindtextdomain($gdomain, WIKIDOT_ROOT . '/locale');
textdomain($gdomain);
$settings = $site->getSettings();
// handle SSL
$sslMode = $settings->getSslMode();
if ($_SERVER['HTTPS']) {
if (!$sslMode) {
// not enabled, issue an errorr
throw new ProcessException(_("Secure access is not enabled for this Wiki."));
} elseif ($sslMode == "ssl_only_paranoid") {
// use secure authentication cookie
// i.e. change authentication scheme
GlobalProperties::$SESSION_COOKIE_NAME = "WIKIDOT_SESSION_SECURE_ID";
GlobalProperties::$SESSION_COOKIE_SECURE = true;
}
} else {
// page accessed via http (nonsecure)
switch ($sslMode) {
case 'ssl':
//enabled, but nonsecure allowed too.
break;
case 'ssl_only_paranoid':
case 'ssl_only':
throw new ProcessException(_("Nonsecure access is not enabled for this Wiki."));
break;
}
}
// handle session at the begging of procession
$runData->handleSessionStart();
// PRIVATE SITES: check if the site is private and if the user is its member
if ($site->getPrivate()) {
// check if not allow anyway
$template = $runData->getModuleTemplate();
$actionClass = $runData->getAction();
$proceed = in_array($actionClass, array('', 'LoginAction', 'MembershipApplyAction', 'CreateAccountAction', 'PasswordRecoveryAction')) && ($template == '' || $template == 'Empty' || preg_match(';^createaccount/;', $template) || preg_match(';^login/;', $template) || preg_match(';^membership/;', $template) || preg_match(';^passwordrecovery/;', $template));
if (!$proceed) {
$user = $runData->getUser();
if ($user && !$user->getSuperAdmin() && !$user->getSuperModerator()) {
// check if member
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$mem = DB_MemberPeer::instance()->selectOne($c);
if (!$mem) {
// check if a viewer
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$vi = DB_SiteViewerPeer::instance()->selectOne($c);
if (!$vi) {
$user = null;
}
}
}
if ($user == null) {
throw new ProcessException(_('This Site is private and accessible only to its members.'));
}
}
}
$template = $runData->getModuleTemplate();
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
// module security check
if (!$module->isAllowed($runData)) {
throw new WDPermissionException(_("Not allowed."));
}
Ozone::initSmarty();
$logger->debug("OZONE initialized");
$logger->info("Ozone engines successfully initialized");
// PROCESS ACTION
$actionClass = $runData->getAction();
$logger->debug("processing action {$actionClass}");
$runData->setTemp("jsInclude", array());
$runData->setTemp("cssInclude", array());
if ($actionClass) {
require_once PathManager::actionClass($actionClass);
$tmpa1 = explode('/', $actionClass);
$actionClassStripped = end($tmpa1);
$action = new $actionClassStripped();
$classFile = $runData->getModuleClassPath();
if (!$action->isAllowed($runData)) {
throw new WDPermissionException("Not allowed.");
}
$actionEvent = $runData->getActionEvent();
/*try{*/
if ($actionEvent != null) {
$action->{$actionEvent}($runData);
$logger->debug("processing action: {$actionClass}, event: {$actionEvent}");
} else {
$logger->debug("processing action: {$actionClass}");
$action->perform($runData);
}
}
// end action process
// check if template has been changed by the module. if so...
if ($template != $runData->getModuleTemplate()) {
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
}
$module->setTemplate($template);
$rendered = $module->render($runData);
$jsInclude = $runData->getTemp("jsInclude");
$jsInclude = array_merge($jsInclude, $module->getExtraJs());
$runData->setTemp("jsInclude", $jsInclude);
$cssInclude = $runData->getTemp("cssInclude");
$cssInclude = array_merge($cssInclude, $module->getExtraCss());
$runData->setTemp("cssInclude", $cssInclude);
} catch (ProcessException $e) {
$db = Database::connection();
$db->rollback();
$runData->ajaxResponseAdd("message", $e->getMessage());
$runData->ajaxResponseAdd("status", $e->getStatus());
$runData->setModuleTemplate(null);
$template = null;
} catch (WDPermissionException $e) {
$db = Database::connection();
$db->rollback();
$runData->ajaxResponseAdd("message", $e->getMessage());
$runData->ajaxResponseAdd("status", "no_permission");
$runData->setModuleTemplate(null);
$template = null;
} catch (Exception $e) {
$db = Database::connection();
$db->rollback();
$runData->ajaxResponseAdd("message", _("An error occured while processing the request.") . ' ' . $e->getMessage());
$runData->ajaxResponseAdd("status", "not_ok");
$runData->setModuleTemplate(null);
$template = null;
// LOG ERROR TOO!!!
$logger = OzoneLogger::instance();
$logger->error("Exception caught while processing ajax module:\n\n" . $e->__toString());
}
$rVars = $runData->getAjaxResponse();
if ($rendered != null) {
// process modules...
$moduleProcessor = new ModuleProcessor($runData);
$out = $moduleProcessor->process($rendered);
$rVars['body'] = $out;
// check the javascript files for inclusion
}
if ($template != null && $template != "Empty") {
$jsInclude = $runData->getTemp("jsInclude");
if ($module->getIncludeDefaultJs()) {
$file = WIKIDOT_ROOT . '/' . GlobalProperties::$MODULES_JS_PATH . '/' . $template . '.js';
if (file_exists($file)) {
$url = GlobalProperties::$MODULES_JS_URL . '/' . $template . '.js';
$incl = $url;
$jsInclude[] = $incl;
}
}
$rVars['jsInclude'] = $jsInclude;
$cssInclude = $runData->getTemp("cssInclude");
if ($module->getIncludeDefaultCss()) {
$file = WIKIDOT_ROOT . '/' . GlobalProperties::$MODULES_CSS_PATH . '/' . $template . '.css';
if (file_exists($file)) {
$url = GlobalProperties::$MODULES_CSS_URL . '/' . $template . '.css';
$incl = $url;
$cssInclude[] = $incl;
}
}
$rVars['cssInclude'] = $cssInclude;
}
// specify (copy) jscallback. ugly, right? ;-)
$rVars['callbackIndex'] = $callbackIndex;
$json = new JSONService();
$out = $json->encode($rVars);
$runData->handleSessionEnd();
echo $out;
}
*
* @category Wikidot
* @package Wikidot_Tools
* @version $Id$
* @copyright Copyright (c) 2008, Wikidot Inc. (http://www.wikidot-inc.com)
* @license http://www.gnu.org/licenses/agpl-3.0.html GNU Affero General Public License
*/
chdir(dirname(__FILE__));
// unifies CLI/CGI cwd handling
require '../php/setup.php';
// initialize things now
$logger = OzoneLogger::instance();
$loggerFileOutput = new OzoneLoggerFileOutput();
$loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/jobs.log");
$logger->addLoggerOutput($loggerFileOutput);
$logger->setDebugLevel("debug");
$logger->debug("request processing started, logger initialized");
// initialize OZONE object too
Ozone::init();
$runData = new RunData();
$runData->init();
Ozone::setRunData($runData);
// Set the text domain as 'messages'
$gdomain = 'messages';
bindtextdomain($gdomain, WIKIDOT_ROOT . '/locale');
textdomain($gdomain);
$jobName = $argv[1];
$classFile = WIKIDOT_ROOT . '/php/jobs/' . $jobName . '.php';
require_once $classFile;
$job = new $jobName();
$job->run();
public function process()
{
global $timeStart;
// quick fix to prevent recursive RSS access by Wikidot itself.
if (strpos($_SERVER['HTTP_USER_AGENT'], 'MagpieRSS') !== false) {
exit;
}
// initialize logging service
$logger = OzoneLogger::instance();
$loggerFileOutput = new OzoneLoggerFileOutput();
$loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log");
$logger->addLoggerOutput($loggerFileOutput);
$logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL);
$logger->debug("request processing started, logger initialized");
Ozone::init();
$runData = new RunData();
$runData->init();
Ozone::setRunData($runData);
$logger->debug("RunData object created and initialized");
// check if site (wiki) exists!
$siteHost = $_SERVER["HTTP_HOST"];
$memcache = Ozone::$memcache;
if (preg_match("/^([a-zA-Z0-9\\-]+)\\." . GlobalProperties::$URL_DOMAIN_PREG . "\$/", $siteHost, $matches) == 1) {
$siteUnixName = $matches[1];
// select site based on the unix name
// check memcached first!
$mcKey = 'site..' . $siteUnixName;
$site = $memcache->get($mcKey);
if (!$site) {
$c = new Criteria();
$c->add("unix_name", $siteUnixName);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
if ($site) {
$memcache->set($mcKey, $site, 0, 864000);
}
}
} else {
// select site based on the custom domain
$mcKey = 'site_cd..' . $siteHost;
$site = $memcache->get($mcKey);
if (!$site) {
$c = new Criteria();
$c->add("custom_domain", $siteHost);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
if ($site) {
$memcache->set($mcKey, $site, 0, 3600);
}
}
if (!$site) {
// check for redirects
$c = new Criteria();
$q = "SELECT site.* FROM site, domain_redirect WHERE domain_redirect.url='" . db_escape_string($siteHost) . "' " . "AND site.deleted = false AND site.site_id = domain_redirect.site_id LIMIT 1";
$c->setExplicitQuery($q);
$site = DB_SitePeer::instance()->selectOne($c);
if ($site) {
$newUrl = 'http://' . $site->getDomain() . $_SERVER['REQUEST_URI'];
header("HTTP/1.1 301 Moved Permanently");
header("Location: " . $newUrl);
exit;
}
}
GlobalProperties::$SESSION_COOKIE_DOMAIN = '.' . $siteHost;
}
if (!$site) {
$content = file_get_contents(WIKIDOT_ROOT . "/files/site_not_exists.html");
echo $content;
return $content;
}
$runData->setTemp("site", $site);
//nasty global thing...
$GLOBALS['siteId'] = $site->getSiteId();
$GLOBALS['site'] = $site;
// set language
$lang = $site->getLanguage();
$runData->setLanguage($lang);
$GLOBALS['lang'] = $lang;
// and for gettext too:
switch ($lang) {
case 'pl':
$glang = "pl_PL";
break;
case 'en':
$glang = "en_US";
break;
}
putenv("LANG={$glang}");
putenv("LANGUAGE={$glang}");
setlocale(LC_ALL, $glang . '.UTF-8');
// Set the text domain as 'messages'
$gdomain = 'messages';
bindtextdomain($gdomain, WIKIDOT_ROOT . '/locale');
textdomain($gdomain);
$settings = $site->getSettings();
// handle SSL
$sslMode = $settings->getSslMode();
if ($_SERVER['HTTPS']) {
if (!$sslMode) {
// not enabled, redirect to http:
header("HTTP/1.1 301 Moved Permanently");
header("Location: " . 'http://' . $_SERVER["HTTP_HOST"] . $_SERVER['REQUEST_URI']);
exit;
} elseif ($sslMode == "ssl_only_paranoid") {
// use secure authentication cookie
// i.e. change authentication scheme
GlobalProperties::$SESSION_COOKIE_NAME = "WIKIDOT_SESSION_SECURE_ID";
GlobalProperties::$SESSION_COOKIE_SECURE = true;
}
} else {
// page accessed via http (nonsecure)
switch ($sslMode) {
case 'ssl':
//enabled, but nonsecure allowed too.
break;
case 'ssl_only_paranoid':
case 'ssl_only':
header("HTTP/1.1 301 Moved Permanently");
header("Location: " . 'https://' . $_SERVER["HTTP_HOST"] . $_SERVER['REQUEST_URI']);
exit;
break;
}
}
// handle session at the begging of procession
$runData->handleSessionStart();
$template = $runData->getScreenTemplate();
$classFile = $runData->getScreenClassPath();
$className = $runData->getScreenClassName();
$logger->debug("processing template: " . $runData->getScreenTemplate() . ", class: {$className}");
require_once $classFile;
$screen = new $className();
$logger->debug("OZONE initialized");
$logger->info("Ozone engines successfully initialized");
$rendered = $screen->render($runData);
if ($rendered != null) {
$runData->setTemp("jsInclude", array());
// process modules...
$moduleProcessor = new ModuleProcessor($runData);
//$moduleProcessor->setJavascriptInline(true); // embed associated javascript files in <script> tags
$moduleProcessor->setCssInline(true);
$rendered = $moduleProcessor->process($rendered);
$jss = $runData->getTemp("jsInclude");
$jss = array_unique($jss);
$incl = '';
foreach ($jss as $js) {
$incl .= '<script type="text/javascript" src="' . $js . '"></script>';
}
$rendered = preg_replace(';</head>;', $incl . '</head>', $rendered);
}
$runData->handleSessionEnd();
// one more thing - some url will need to be rewritten if using HTTPS
if ($_SERVER['HTTPS']) {
// ?
// scripts
$rendered = preg_replace(';<script(.*?)src="http://' . GlobalProperties::$URL_HOST_PREG . '(.*?)</script>;s', '<script\\1src="https://' . GlobalProperties::$URL_HOST . '\\2</script>', $rendered);
$rendered = preg_replace(';<link(.*?)href="http://' . GlobalProperties::$URL_HOST_PREG . '(.*?)/>;s', '<link\\1href="https://' . GlobalProperties::$URL_HOST . '\\2/>', $rendered);
$rendered = preg_replace(';(<img\\s+.*?src=")http(://' . GlobalProperties::$URL_HOST_PREG . '(.*?)/>);s', '\\1https\\2', $rendered);
do {
$renderedOld = $rendered;
$rendered = preg_replace(';(<style\\s+[^>]*>.*?@import url\\()http(://' . GlobalProperties::$URL_HOST_PREG . '.*?</style>);si', '\\1https\\2', $rendered);
} while ($renderedOld != $rendered);
}
if (GlobalProperties::$SEARCH_HIGHLIGHT) {
$rendered = Wikidot_Search_Highlighter::highlightIfSuitable($rendered, $_SERVER["REQUEST_URI"], $_SERVER["HTTP_REFERER"]);
}
echo str_replace("%%%CURRENT_TIMESTAMP%%%", time(), $rendered);
return $rendered;
}
public function process()
{
global $timeStart;
// initialize logging service
$logger = OzoneLogger::instance();
$loggerFileOutput = new OzoneLoggerFileOutput();
$loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log");
$logger->addLoggerOutput($loggerFileOutput);
$logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL);
$logger->debug("request processing started, logger initialized");
Ozone::init();
$runData = new RunData();
$runData->init();
Ozone::setRunData($runData);
$logger->debug("RunData object created and initialized");
// handle session at the begging of procession
$runData->handleSessionStart();
$template = $runData->getScreenTemplate();
$classFile = $runData->getScreenClassPath();
$className = $runData->getScreenClassName();
$logger->debug("processing template: " . $runData->getScreenTemplate() . ", class: {$className}");
require_once $classFile;
$screen = new $className();
// screen security check
if (!$screen->isAllowed($runData)) {
if ($classFile == $runData->getScreenClassPath()) {
$runData->setScreenTemplate("errors/NotAllowed");
} else {
// $screen->isAllowed() should set the error template!!! if not -
// default NotAllowed is used
// reload the class again - we do not want the unsecure screen to render!
$classFile = $runData->getScreenClassPath();
$className = $runData->getScreenClassName();
$logger->debug("processing template: " . $runData->getScreenTemplate() . ", class: {$className}");
require_once $classFile;
$screen = new $className();
$runData->setAction(null);
}
}
$logger->info("Ozone engines successfully initialized");
// caching of LAYOUT tasks should start here
$cacheSettings = $screen->getScreenCacheSettings();
$updateLayoutContentLater = false;
if ($runData->getRequestMethod() == "GET" && $runData->getAction() == null && $cacheSettings != null && $cacheSettings->isLayoutCacheable($runData)) {
$content = ScreenCacheManager::instance()->cachedLayout($runData, $screen->getScreenCacheSettings());
if ($content != null && $content != "") {
// process modules!!!
// process modules...
$moduleProcessor = new ModuleProcessor($runData);
$out = $moduleProcessor->process($content);
echo $out;
$runData->handleSessionEnd();
return;
} else {
$updateLayoutContentLater = true;
}
}
// PROCESS ACTION
$actionClass = $runData->getAction();
$logger->debug("processing action {$actionClass}");
while ($actionClass != null) {
require_once PathManager::actionClass($actionClass);
$tmpa1 = explode('/', $actionClass);
$actionClassStripped = end($tmpa1);
$action = new $actionClassStripped();
$classFile = $runData->getScreenClassPath();
if (!$action->isAllowed($runData)) {
if ($classFile == $runData->getScreenClassPath()) {
$runData->setScreenTemplate("errors/NotAllowed");
}
// $action->isAllowed() should set the error template!!! if not -
// default NotAllowed is used
break;
}
$actionEvent = $runData->getActionEvent();
if ($actionEvent != null) {
$action->{$actionEvent}($runData);
$logger->debug("processing action: {$actionClass}, event: {$actionEvent}");
} else {
$logger->debug("processing action: {$actionClass}");
$action->perform($runData);
}
// this is in case action changes the action name so that
// the next action can be executed.
if ($runData->getNextAction() != null) {
$actionClass = $runData->getNextAction();
$runData->setAction($actionClass);
$runData->setActionEvent($runData->getNextActionEvent());
} else {
$actionClass = null;
}
}
// end action process
// check if template has been changed by the action. if so...
if ($template != $runData->getScreenTemplate) {
$classFile = $runData->getScreenClassPath();
$className = $runData->getScreenClassName();
$logger->debug("processing template: " . $runData->getScreenTemplate() . ", class: {$className}");
require_once $classFile;
$screen = new $className();
}
$rendered = $screen->render($runData);
if ($rendered != null) {
// process modules...
$moduleProcessor = new ModuleProcessor($runData);
$out = $moduleProcessor->process($rendered);
}
if ($updateLayoutContentLater == true) {
ScreenCacheManager::instance()->updateCachedLayout($runData, $rendered);
}
$runData->handleSessionEnd();
echo $out;
}
public function process()
{
// initialize logging service
$logger = OzoneLogger::instance();
$loggerFileOutput = new OzoneLoggerFileOutput();
$loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log");
$logger->addLoggerOutput($loggerFileOutput);
$logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL);
$logger->debug("Feed request processing started, logger initialized");
Ozone::init();
$runData = new RunData();
$runData->init();
Ozone::setRunData($runData);
$logger->debug("RunData object created and initialized");
// check if site (wiki) exists!
$siteHost = $_SERVER["HTTP_HOST"];
$memcache = Ozone::$memcache;
if (preg_match("/^([a-zA-Z0-9\\-]+)\\." . GlobalProperties::$URL_DOMAIN . "\$/", $siteHost, $matches) == 1) {
$siteUnixName = $matches[1];
// select site based on the unix name
// check memcached first!
// the memcache block is to avoid database connection if possible
$mcKey = 'site..' . $siteUnixName;
$site = $memcache->get($mcKey);
if ($site == false) {
$c = new Criteria();
$c->add("unix_name", $siteUnixName);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
$memcache->set($mcKey, $site, 0, 3600);
}
} else {
// select site based on the custom domain
$mcKey = 'site_cd..' . $siteHost;
$site = $memcache->get($mcKey);
if ($site == false) {
$c = new Criteria();
$c->add("custom_domain", $siteHost);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
$memcache->set($mcKey, $site, 0, 3600);
}
GlobalProperties::$SESSION_COOKIE_DOMAIN = '.' . $siteHost;
}
if ($site == null) {
$content = file_get_contents(WIKIDOT_ROOT . "/files/site_not_exists.html");
echo $content;
return $content;
}
$runData->setTemp("site", $site);
//nasty global thing...
$GLOBALS['siteId'] = $site->getSiteId();
$GLOBALS['site'] = $site;
// set language
$lang = $site->getLanguage();
$runData->setLanguage($lang);
$GLOBALS['lang'] = $lang;
// and for gettext too:
switch ($lang) {
case 'pl':
$glang = "pl_PL";
break;
case 'en':
$glang = "en_US";
break;
}
putenv("LANG={$glang}");
putenv("LANGUAGE={$glang}");
setlocale(LC_ALL, $glang . '.UTF-8');
$settings = $site->getSettings();
// handle SSL
$sslMode = $settings->getSslMode();
if ($_SERVER['HTTPS']) {
if (!$sslMode) {
// not enabled, redirect to http:
echo _("Secure access is not enabled for this Wiki.");
exit;
}
}
$template = $runData->getScreenTemplate();
$classFile = $runData->getScreenClassPath();
$className = $runData->getScreenClassName();
$logger->debug("processing template: " . $runData->getScreenTemplate() . ", class: {$className}");
require_once $classFile;
$screen = new $className();
// check if requires authentication
if ($screen->getRequiresAuthentication() || $site->getPrivate()) {
$username = $_SERVER['PHP_AUTH_USER'];
$password = $_SERVER['PHP_AUTH_PW'];
$user = null;
if ($username !== null && $password !== null) {
$user = SecurityManager::getUserByName($username);
if ($user) {
$upass = md5("feed_hashed_password_" . $user->getPassword());
$upass = substr($upass, 0, 15);
if ($upass !== $password) {
$user = null;
}
}
}
if ($site->getPrivate()) {
if ($user && !$user->getSuperAdmin() && !$user->getSuperModerator()) {
// check if member
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$mem = DB_MemberPeer::instance()->selectOne($c);
if (!$mem) {
// check if a viewer
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$vi = DB_SiteViewerPeer::instance()->selectOne($c);
if (!$vi) {
$user = null;
}
}
}
}
if ($user == null) {
header('WWW-Authenticate: Basic realm="Private"');
header('HTTP/1.0 401 Unauthorized');
header('Content-type: text/plain; charset=utf-8');
echo _("This is a private feed. User authentication required via Basic HTTP Authentication. You can not access it. Please go to 'Account settings' -> 'Notifications' to get the password if you believe you should be allowed.");
exit;
}
$runData->setTemp("user", $user);
}
$logger->debug("OZONE initialized");
$logger->info("Ozone engines successfully initialized");
$rendered = $screen->render($runData);
echo str_replace("%%%CURRENT_TIMESTAMP%%%", time(), $rendered);
return $rendered;
}
public function process()
{
global $timeStart;
// initialize logging service
$logger = OzoneLogger::instance();
$loggerFileOutput = new OzoneLoggerFileOutput();
$loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log");
$logger->addLoggerOutput($loggerFileOutput);
$logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL);
$logger->debug("request processing started, logger initialized");
Ozone::init();
$runData = new RunData();
$runData->init();
Ozone::setRunData($runData);
$logger->debug("RunData object created and initialized");
// check if site (wiki) exists!
$siteHost = $_SERVER["HTTP_HOST"];
$memcache = Ozone::$memcache;
if (preg_match("/^([a-zA-Z0-9\\-]+)\\." . GlobalProperties::$URL_DOMAIN_PREG . "\$/", $siteHost, $matches) == 1) {
$siteUnixName = $matches[1];
// select site based on the unix name
// check memcached first!
// the memcache block is to avoid database connection if possible
$mcKey = 'site..' . $siteUnixName;
$site = $memcache->get($mcKey);
if ($site == false) {
$c = new Criteria();
$c->add("unix_name", $siteUnixName);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
$memcache->set($mcKey, $site, 0, 3600);
}
} else {
// select site based on the custom domain
$mcKey = 'site_cd..' . $siteHost;
$site = $memcache->get($mcKey);
if ($site == false) {
$c = new Criteria();
$c->add("custom_domain", $siteHost);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
$memcache->set($mcKey, $site, 0, 3600);
}
GlobalProperties::$SESSION_COOKIE_DOMAIN = '.' . $siteHost;
}
if ($site == null) {
$runData->setScreenTemplate("wiki/SiteNotFound");
exit(1);
} else {
$runData->setTemp("site", $site);
//nasty global thing...
$GLOBALS['siteId'] = $site->getSiteId();
$GLOBALS['site'] = $site;
}
// set language
$runData->setLanguage($site->getLanguage());
$GLOBALS['lang'] = $site->getLanguage();
// and for gettext too:
$lang = $site->getLanguage();
switch ($lang) {
case 'pl':
$glang = "pl_PL";
break;
case 'en':
$glang = "en_US";
break;
}
putenv("LANG={$glang}");
putenv("LANGUAGE={$glang}");
setlocale(LC_ALL, $glang . '.UTF-8');
// Set the text domain as 'messages'
$gdomain = 'messages';
bindtextdomain($gdomain, WIKIDOT_ROOT . '/locale');
textdomain($gdomain);
$settings = $site->getSettings();
// handle SSL
$sslMode = $settings->getSslMode();
if ($_SERVER['HTTPS']) {
if (!$sslMode) {
// not enabled, issue an errorr
throw new ProcessException(_("Secure access is not enabled for this Wiki."));
} elseif ($sslMode == "ssl_only_paranoid") {
// use secure authentication cookie
// i.e. change authentication scheme
GlobalProperties::$SESSION_COOKIE_NAME = "WIKIDOT_SESSION_SECURE_ID";
GlobalProperties::$SESSION_COOKIE_SECURE = true;
}
} else {
// page accessed via http (nonsecure)
switch ($sslMode) {
case 'ssl':
//enabled, but nonsecure allowed too.
break;
case 'ssl_only_paranoid':
case 'ssl_only':
throw new ProcessException(_("Nonsecure access is not enabled for this Wiki."));
break;
}
}
// handle session at the begging of procession
$runData->handleSessionStart();
$template = $runData->getScreenTemplate();
$classFile = $runData->getScreenClassPath();
$className = $runData->getScreenClassName();
$logger->debug("processing template: " . $runData->getScreenTemplate() . ", class: {$className}");
require_once $classFile;
$screen = new $className();
// screen security check
if (!$screen->isAllowed($runData)) {
if ($classFile == $runData->getScreenClassPath()) {
$runData->setScreenTemplate("errors/NotAllowed");
} else {
// $screen->isAllowed() should set the error template!!! if not -
// default NotAllowed is used
// reload the class again - we do not want the unsecure screen to render!
$classFile = $runData->getScreenClassPath();
$className = $runData->getScreenClassName();
$logger->debug("processing template: " . $runData->getScreenTemplate() . ", class: {$className}");
require_once $classFile;
$screen = new $className();
$runData->setAction(null);
}
}
// PROCESS ACTION
$actionClass = $runData->getAction();
$logger->debug("processing action {$actionClass}");
while ($actionClass != null) {
require_once PathManager::actionClass($actionClass);
$tmpa1 = explode('/', $actionClass);
$actionClassStripped = end($tmpa1);
$action = new $actionClassStripped();
$classFile = $runData->getScreenClassPath();
if (!$action->isAllowed($runData)) {
if ($classFile == $runData->getScreenClassPath()) {
$runData->setScreenTemplate("errors/NotAllowed");
}
// $action->isAllowed() should set the error template!!! if not -
// default NotAllowed is used
break;
}
$actionEvent = $runData->getActionEvent();
if ($actionEvent != null) {
$action->{$actionEvent}($runData);
$logger->debug("processing action: {$actionClass}, event: {$actionEvent}");
} else {
$logger->debug("processing action: {$actionClass}");
$action->perform($runData);
}
// this is in case action changes the action name so that
// the next action can be executed.
if ($runData->getNextAction() != null) {
$actionClass = $runData->getNextAction();
$runData->setAction($actionClass);
$runData->setActionEvent($runData->getNextActionEvent());
} else {
$actionClass = null;
}
}
// end action process
// check if template has been changed by the action. if so...
if ($template != $runData->getScreenTemplate) {
$classFile = $runData->getScreenClassPath();
$className = $runData->getScreenClassName();
$logger->debug("processing template: " . $runData->getScreenTemplate() . ", class: {$className}");
require_once $classFile;
$screen = new $className();
}
$rendered = $screen->render($runData);
if ($rendered != null) {
$moduleProcessor = new ModuleProcessor($runData);
$moduleProcessor->setJavascriptInline(true);
// embed associated javascript files in <script> tags
$moduleProcessor->setCssInline(true);
$rendered = $moduleProcessor->process($rendered);
}
$runData->handleSessionEnd();
// one more thing - some url will need to be rewritten if using HTTPS
if ($_SERVER['HTTPS']) {
// ?
// scripts
$rendered = preg_replace(';<script(.*?)src="http://' . GlobalProperties::$URL_HOST_PREG . '(.*?)</script>;s', '<script\\1src="https://' . GlobalProperties::$URL_HOST . '\\2</script>', $rendered);
$rendered = preg_replace(';<link(.*?)href="http://' . GlobalProperties::$URL_HOST_PREG . '(.*?)/>;s', '<link\\1href="https://' . GlobalProperties::$URL_HOST . '\\2/>', $rendered);
$rendered = preg_replace(';(<img\\s+.*?src=")http(://' . GlobalProperties::$URL_HOST_PREG . '(.*?)/>);s', '\\1https\\2', $rendered);
do {
$renderedOld = $rendered;
$rendered = preg_replace(';(<style\\s+[^>]*>.*?@import url\\()http(://' . GlobalProperties::$URL_HOST_PREG . '.*?</style>);si', '\\1https\\2', $rendered);
} while ($renderedOld != $rendered);
}
echo $rendered;
}
