public function preDispatch(Zend_Controller_Request_Abstract $request) { // check if we need to handle admin auth if (stripos($this->getRequest()->getControllerName(), 'admin') === 0) { defined('AM_ADMIN') || define('AM_ADMIN', true); if ($this->di->authAdmin->getUserId() <= 0 && $request->getControllerName() != 'admin-auth') { $request->setControllerName('admin-auth')->setActionName('index')->setModuleName('default'); } // check for maintenance mode } elseif ($msg = $this->di->config->get('maintenance')) { if (!$this->di->authAdmin->getUserId()) { return amDie($msg); } } // check if we are accessing disabled module $module = $request->getModuleName(); if ($module != 'default') { if (!$this->di->modules->isEnabled($module)) { throw new Am_Exception_InputError("You are trying to access disabled module [" . htmlentities($module) . ']'); } } }
public function getDbService() { static $v; if (!empty($v)) { return $v; } $config = $this->getParameter('db'); try { $v = Am_Db::connect($config['mysql']); } catch (Am_Exception_Db $e) { if (APPLICATION_ENV != 'debug') { amDie("Error establishing a database connection. Please contact site webmaster if this error does not disappear long time"); } else { throw $e; } } return $v; }
function create_mysql_tables() { global $config, $db, $create_email_templates, $old_db_version; $file = join('', file("../amember.sql")); if (strlen($file) < 255) { amDie("File ../amember.sql corrupted"); } $file = str_replace('@DB_MYSQL_PREFIX@', $config['db']['mysql']['prefix'], $file); $pfile = preg_split('/^## (\\d\\d\\d|ALL) ##\\s*$/ms', $file, -1, PREG_SPLIT_DELIM_CAPTURE); array_unshift($pfile, '000'); $file = array(); for ($i = 0; $i < count($pfile); $i += 2) { $file[$pfile[$i]] = $pfile[$i + 1]; } foreach ($file as $k => $v) { if ($k == 'ALL') { continue; } if ($k > $old_db_version) { continue; } unset($file[$k]); } $file = join("\n", $file); preg_match_all('/(CREATE TABLE\\s+(.+?)\\s+.+?|.+?);\\s*$/ms', $file, $out); foreach ($out[0] as $sql) { if (preg_match('/CREATE TABLE\\s+(\\w+)/', $sql, $regs)) { $tname = $regs[1]; if (mysql_query("SELECT * FROM {$tname} LIMIT 1", $db->conn) && !mysql_errno($db->conn)) { continue; // SKIP TABLE CREATION } print "Creating table [{$tname}]<br/>\n"; } elseif (preg_match("/REPLACE INTO {$db->config[prefix]}config \\(name,type,value\\) VALUES \\('db_version', 0, '(\\d+)'\\)/", $sql, $rr)) { $db->config_set('db_version', $rr[1], 0); if ($rr[1] != $config['db_version']) { if ($rr[1] == '250') { // make secure password default $db->config_set('safe_send_pass', 1, 0); } print "Setting database version to [{$rr['1']}]<br/>\n"; } continue; } elseif ($create_email_templates && preg_match("/INSERT INTO {$db->config[prefix]}email_templates VALUES \\(\\d+, '(.+?)'/", $sql, $rr)) { print "Importing e-mail template [{$rr['1']}].<br />\n"; } elseif (preg_match('/(INSERT|DELETE|UPDATE|REPLACE)\\s+/', $sql)) { continue; } elseif (preg_match('/DROP_FIELD\\s+(\\w+)/', $sql, $regs)) { $field = $regs[1]; $q = mysql_query("SHOW FIELDS FROM {$tname}", $db->conn); $sql = ''; while (list($f, $t, $null, $index, $add) = mysql_fetch_row($q)) { if ($f == $field) { $sql = "ALTER TABLE {$tname} DROP {$field}"; break; } } if (!$sql) { continue; } print "Dropping field [{$tname}.{$field}]<br />\n"; } elseif (preg_match('/MODIFY\\s+(\\w+)\\s+(.+);/', $sql, $regs)) { $tname = $regs[1]; $mreq = $regs[2]; if (preg_match('/FIELD\\s+(\\w+)\\s+(.+)/', $mreq, $regs)) { $field = $regs[1]; $q = mysql_query("SHOW FIELDS FROM {$tname}", $db->conn); $sql = ''; while (list($f, $t, $null, $index, $add) = mysql_fetch_row($q)) { if ($f == $field) { $sql = "ALTER TABLE {$tname} CHANGE {$field} {$field} {$regs['2']};"; break; } } if (!$sql) { $sql = "ALTER TABLE {$tname} ADD {$field} {$regs['2']};"; } // print "Adding field [$tname.$field]<br />\n"; } elseif (preg_match('/(UNIQUE INDEX|INDEX)\\s+(\\w+)\\s+.+/', $mreq, $regs)) { $index = $regs[2]; $q = mysql_query("SHOW INDEX FROM {$tname}", $db->conn); while (list($t, $t, $index1) = mysql_fetch_row($q)) { if ($index1 != $index) { continue; } mysql_query("ALTER TABLE {$tname} DROP INDEX {$index}", $db->conn); } $sql = "ALTER TABLE {$tname} ADD {$regs['0']}"; print "Adding index to [{$tname}]<br />\n"; ob_end_flush(); } else { // unknown modify request print "<font color=red>Unknown modify request: {$sql}</font><br />\n"; continue; } } $sql = preg_replace('/;\\s*$/s', '', $sql); mysql_query($sql, $db->conn); if ($err = mysql_error($db->conn)) { $errors[] = $err . "<br />SQL: <pre>{$sql}</pre>"; } if ($errors) { amDie($errors[0]); } } mysql_query("ALTER TABLE {$config[db][mysql][prefix]}aff_commission\n CHANGE comission_id commission_id int not null", $db->conn); }
function __error($errno, $errstr, $errfile, $errline) { if (!(error_reporting() & $errno)) { return; } $ef = @APPLICATION_ENV != 'debug' ? basename($errfile) : $errfile; switch ($errno) { case E_RECOVERABLE_ERROR: $msg = "<b>RECOVERABLE ERROR:</b> {$errstr}\nin line {$errline} of file {$errfile}"; if (APPLICATION_ENV == 'debug') { echo $msg; } $this->di->errorLogTable->log($msg); return true; case E_ERROR: case E_PARSE: case E_CORE_ERROR: case E_COMPILE_ERROR: case E_USER_ERROR: $this->di->errorLogTable->log("<b>ERROR:</b> {$errstr}\nin line {$errline} of file {$errfile}"); ob_clean(); amDie("ERROR [{$errno}] {$errstr}\nin line {$errline} of file {$ef}"); exit(1); case E_USER_WARNING: case E_WARNING: if (!defined('AM_DEBUG') || !AM_DEBUG) { return; } if (!defined('SILENT_AMEMBER_ERROR_HANDLER') && !(!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest')) { print "<b>WARNING:</b> {$errstr}\nin line {$errline} of file {$ef}<br />"; } $this->di->errorLogTable->log("<b>WARNING:</b> {$errstr}\nin line {$errline} of file {$errfile}"); break; case E_STRICT: case E_USER_NOTICE: case E_NOTICE: if (!defined('AM_DEBUG') || !AM_DEBUG) { return; } if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') { return; } print_rr("<b>NOTICE:</b> {$errstr}\nin line {$errline} of file {$ef}<br />"); break; } }
<?php require_once 'bootstrap.php'; $path = Zend_Controller_Front::getInstance()->getRequest()->getPathInfo(); if (!($path = preg_replace('|^/public/|', '', $path))) { amDie("Wrong PathInfo - no public. Internal Error"); } if (!($path = preg_replace('|^theme/|', '', $path))) { amDie("Wrong PathInfo - no theme. Internal Error"); } $path = str_replace('..', '', $path); $path = preg_replace('/[^a-zA-Z0-9-\\/.]/', '', $path); if (preg_match('/\\.css$/', $path)) { header("Content-type: text/css"); header('Cache-Control: maxage=3600'); header("Expires: " . gmdate('D, d M Y H:i:s', time() + 3600) . ' GMT'); header('Pragma: public'); } echo $theme = Am_Di::getInstance()->theme->parsePublicWithVars($path);
function loggingObHandler($output) { // Free a piece of memory. unset($GLOBALS['_tmp_buf']); // Now we have additional 100K of memory, so - continue to work. if ($output == '' || trim($output) == '.') { return; } if (strstr($output, 'Fatal error') !== false) { $GLOBALS['db']->log_error("FATAL CRON ERROR:<br />\n{$output}"); return amDie("ERROR: Cron run resulted to fatal script execution error. Please look for details\n in the aMember CP -> Error Log (seek for FATAL CRON ERROR string)", true); } else { $GLOBALS['db']->log_error("DEBUG (CRON OUTPUT):<br />\n{$output}"); } }