Esempio n. 1
0
 }
 fn_login_user($user_data['user_id']);
 Helpdesk::auth();
 // Set system notifications
 if (Registry::get('config.demo_mode') != true && AREA == 'A') {
     // If username equals to the password
     if (!fn_is_development() && fn_compare_login_password($user_data, $password)) {
         $lang_var = 'warning_insecure_password_email';
         fn_set_notification('E', __('warning'), __($lang_var, array('[link]' => fn_url('profiles.update'))), 'S', 'insecure_password');
     }
     if (empty($user_data['company_id']) && !empty($user_data['user_id'])) {
         // Insecure admin script
         if (!fn_is_development() && Registry::get('config.admin_index') == 'admin.php') {
             fn_set_notification('E', __('warning'), __('warning_insecure_admin_script', array('[href]' => Registry::get('config.resources.admin_protection_url'))), 'S');
         }
         if (!fn_is_development() && is_file(Registry::get('config.dir.root') . '/install/index.php')) {
             fn_set_notification('W', __('warning'), __('delete_install_folder'), 'S');
         }
         if (Development::isEnabled('compile_check')) {
             fn_set_notification('W', __('warning'), __('warning_store_optimization_dev', array('[link]' => fn_url("themes.manage"))));
         }
         fn_set_hook('set_admin_notification', $user_data);
     }
 }
 if (!empty($_REQUEST['remember_me'])) {
     fn_set_session_data(AREA . '_user_id', $user_data['user_id'], COOKIE_ALIVE_TIME);
     fn_set_session_data(AREA . '_password', $user_data['password'], COOKIE_ALIVE_TIME);
 }
 if (!empty($_REQUEST['return_url'])) {
     $redirect_url = $_REQUEST['return_url'];
 }
Esempio n. 2
0
/**
 * Dispathes the execution control to correct controller
 *
 * @return nothing
 */
function fn_dispatch($controller = '', $mode = '', $action = '', $dispatch_extra = '', $area = AREA)
{
    Debugger::checkpoint('After init');
    $auth = $_SESSION['auth'];
    $controller = empty($controller) ? Registry::get('runtime.controller') : $controller;
    $mode = empty($mode) ? Registry::get('runtime.mode') : $mode;
    $action = empty($action) ? Registry::get('runtime.action') : $action;
    $dispatch_extra = empty($dispatch_extra) ? Registry::get('runtime.dispatch_extra') : $dispatch_extra;
    fn_set_hook('before_dispatch', $controller, $mode, $action, $dispatch_extra, $area);
    $view = Registry::get('view');
    $run_controllers = true;
    $external = false;
    $status = CONTROLLER_STATUS_NO_PAGE;
    // CSRF protection
    if (fn_is_csrf_protection_enabled($auth) && !fn_csrf_validate_request(array('server' => $_SERVER, 'request' => $_REQUEST, 'session' => $_SESSION, 'controller' => $controller, 'mode' => $mode, 'action' => $action, 'dispatch_extra' => $dispatch_extra, 'area' => $area, 'auth' => $auth))) {
        fn_set_notification('E', __('error'), __('text_csrf_attack'));
        fn_redirect(fn_url());
    }
    // If $config['http_host'] was different from the domain name, there was redirection to $config['http_host'] value.
    if (strtolower(Registry::get('config.current_host')) != strtolower(REAL_HOST) && $_SERVER['REQUEST_METHOD'] == 'GET' && !defined('CONSOLE')) {
        if (!empty($_SERVER['REDIRECT_URL'])) {
            $qstring = $_SERVER['REDIRECT_URL'];
        } else {
            if (!empty($_SERVER['REQUEST_URI'])) {
                $qstring = $_SERVER['REQUEST_URI'];
            } else {
                $qstring = Registry::get('config.current_url');
            }
        }
        $curent_path = Registry::get('config.current_path');
        if (!empty($curent_path) && strpos($qstring, $curent_path) === 0) {
            $qstring = substr_replace($qstring, '', 0, fn_strlen($curent_path));
        }
        fn_redirect(Registry::get('config.current_location') . $qstring, false, true);
    }
    $upload_max_filesize = Bootstrap::getIniParam('upload_max_filesize');
    $post_max_size = Bootstrap::getIniParam('post_max_size');
    if (!defined('AJAX_REQUEST') && isset($_SERVER['CONTENT_LENGTH']) && ($_SERVER['CONTENT_LENGTH'] > fn_return_bytes($upload_max_filesize) || $_SERVER['CONTENT_LENGTH'] > fn_return_bytes($post_max_size))) {
        $max_size = fn_return_bytes($upload_max_filesize) < fn_return_bytes($post_max_size) ? $upload_max_filesize : $post_max_size;
        fn_set_notification('E', __('error'), __('text_forbidden_uploaded_file_size', array('[size]' => $max_size)));
        fn_redirect($_SERVER['HTTP_REFERER']);
    }
    // If URL contains session ID, remove it
    if (!defined('AJAX_REQUEST') && !empty($_REQUEST[Session::getName()]) && $_SERVER['REQUEST_METHOD'] == 'GET') {
        fn_redirect(fn_query_remove(Registry::get('config.current_url'), Session::getName()));
    }
    // If demo mode is enabled, check permissions FIX ME - why did we need one more user login check?
    if ($area == 'A') {
        if (Registry::get('config.demo_mode') == true) {
            $run_controllers = fn_check_permissions($controller, $mode, 'demo');
            if ($run_controllers == false) {
                fn_set_notification('W', __('demo_mode'), __('demo_mode_content_text'), 'K', 'demo_mode');
                if (defined('AJAX_REQUEST')) {
                    exit;
                }
                fn_delete_notification('changes_saved');
                $status = CONTROLLER_STATUS_REDIRECT;
                $_REQUEST['redirect_url'] = !empty($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : fn_url('');
            }
        } else {
            $run_controllers = fn_check_permissions($controller, $mode, 'admin', '', $_REQUEST);
            if ($run_controllers == false) {
                if (defined('AJAX_REQUEST')) {
                    $_info = Debugger::isActive() || fn_is_development() ? ' ' . $controller . '.' . $mode : '';
                    fn_set_notification('W', __('warning'), __('access_denied') . $_info);
                    exit;
                }
                $status = CONTROLLER_STATUS_DENIED;
            }
        }
    }
    if ($_SERVER['REQUEST_METHOD'] != 'POST' && !defined('AJAX_REQUEST')) {
        if ($area == 'A' && empty($_REQUEST['keep_location']) && !defined('CONSOLE')) {
            if (!defined('HTTPS') && Registry::get('settings.Security.secure_admin') == 'Y') {
                fn_redirect(Registry::get('config.https_location') . '/' . Registry::get('config.current_url'));
            } elseif (defined('HTTPS') && Registry::get('settings.Security.secure_admin') != 'Y') {
                fn_redirect(Registry::get('config.http_location') . '/' . Registry::get('config.current_url'));
            }
        } elseif ($area == 'C') {
            $secure_controllers = fn_get_secure_controllers();
            // if we are not on https but controller is secure, redirect to https
            if (!defined('HTTPS') && (Registry::get('settings.Security.secure_storefront') == 'full' || isset($secure_controllers[$controller]) && $secure_controllers[$controller] == 'active')) {
                fn_redirect(Registry::get('config.https_location') . '/' . Registry::get('config.current_url'), false, true);
            }
            // if we are on https and the controller is insecure, redirect to http
            if (defined('HTTPS') && Registry::get('settings.Security.secure_storefront') != 'full' && !isset($secure_controllers[$controller]) && Registry::get('settings.Security.keep_https') != 'Y') {
                fn_redirect(Registry::get('config.http_location') . '/' . Registry::get('config.current_url'), false, true);
            }
        }
    }
    LastView::instance()->prepare($_REQUEST);
    $controllers_cascade = array();
    $controllers_list = array('init');
    if ($run_controllers == true) {
        $controllers_list[] = $controller;
        $controllers_list = array_unique($controllers_list);
    }
    foreach ($controllers_list as $ctrl) {
        $core_controllers = fn_init_core_controllers($ctrl);
        list($addon_controllers) = fn_init_addon_controllers($ctrl);
        if (empty($core_controllers) && empty($addon_controllers)) {
            //$controllers_cascade = array(); // FIXME: controllers_cascade contains INIT. We should not clear initiation code.
            $status = CONTROLLER_STATUS_NO_PAGE;
            $run_controllers = false;
            break;
        }
        if (count($core_controllers) + count($addon_controllers) > 1) {
            throw new DeveloperException('Duplicate controller ' . $controller . var_export(array_merge($core_controllers, $addon_controllers), true));
        }
        $core_pre_controllers = fn_init_core_controllers($ctrl, GET_PRE_CONTROLLERS);
        $core_post_controllers = fn_init_core_controllers($ctrl, GET_POST_CONTROLLERS);
        list($addon_pre_controllers) = fn_init_addon_controllers($ctrl, GET_PRE_CONTROLLERS);
        list($addon_post_controllers, $addons) = fn_init_addon_controllers($ctrl, GET_POST_CONTROLLERS);
        // we put addon post-controller to the top of post-controller cascade if current addon serves this request
        if (count($addon_controllers)) {
            $addon_post_controllers = fn_reorder_post_controllers($addon_post_controllers, $addon_controllers[0]);
        }
        $controllers_cascade = array_merge($controllers_cascade, $addon_pre_controllers, $core_pre_controllers, $core_controllers, $addon_controllers, $core_post_controllers, $addon_post_controllers);
        if (empty($controllers_cascade)) {
            throw new DeveloperException("No controllers for: {$ctrl}");
        }
    }
    if ($mode == 'add') {
        $tpl = 'update.tpl';
    } elseif (strpos($mode, 'add_') === 0) {
        $tpl = str_replace('add_', 'update_', $mode) . '.tpl';
    } else {
        $tpl = $mode . '.tpl';
    }
    $view = Registry::get('view');
    if ($view->templateExists('views/' . $controller . '/' . $tpl)) {
        // try to find template in base views
        $view->assign('content_tpl', 'views/' . $controller . '/' . $tpl);
    } elseif (defined('LOADED_ADDON_PATH') && $view->templateExists('addons/' . LOADED_ADDON_PATH . '/views/' . $controller . '/' . $tpl)) {
        // try to find template in addon views
        $view->assign('content_tpl', 'addons/' . LOADED_ADDON_PATH . '/views/' . $controller . '/' . $tpl);
    } elseif (!empty($addons)) {
        // try to find template in addon views that extend base views
        foreach ($addons as $addon => $_v) {
            if ($view->templateExists('addons/' . $addon . '/views/' . $controller . '/' . $tpl)) {
                $view->assign('content_tpl', 'addons/' . $addon . '/views/' . $controller . '/' . $tpl);
                break;
            }
        }
    }
    /**
     * Performs actions after template assignment and before controller run
     *
     * @param string $controller          controller name
     * @param string $mode                controller mode name
     * @param string $area                current working area
     * @param array  $controllers_cascade list of controllers to run
     */
    fn_set_hook('dispatch_assign_template', $controller, $mode, $area, $controllers_cascade);
    foreach ($controllers_cascade as $item) {
        $_res = fn_run_controller($item, $controller, $mode, $action, $dispatch_extra);
        // 0 - status, 1 - url
        $url = !empty($_res[1]) ? $_res[1] : '';
        $external = !empty($_res[2]) ? $_res[2] : false;
        $permanent = !empty($_res[3]) ? $_res[3] : false;
        // Status could be changed only if we allow to run controllers despite of init controller
        if ($run_controllers == true) {
            $status = !empty($_res[0]) ? $_res[0] : CONTROLLER_STATUS_OK;
        }
        if ($status == CONTROLLER_STATUS_OK && !empty($url)) {
            $redirect_url = $url;
        } elseif ($status == CONTROLLER_STATUS_REDIRECT && !empty($url)) {
            $redirect_url = $url;
            break;
        } elseif ($status == CONTROLLER_STATUS_DENIED || $status == CONTROLLER_STATUS_NO_PAGE) {
            break;
        }
    }
    LastView::instance()->init($_REQUEST);
    // In console mode, just stop here
    if (defined('CONSOLE')) {
        $notifications = fn_get_notifications();
        $exit_code = 0;
        foreach ($notifications as $n) {
            fn_echo('[' . $n['title'] . '] ' . $n['message'] . "\n");
            if ($n['type'] == 'E') {
                $exit_code = 1;
            }
        }
        exit($exit_code);
    }
    if (!empty($auth['this_login']) && Registry::ifGet($auth['this_login'], 'N') === 'Y') {
        fn_set_notification('E', __('error'), __(ACCOUNT_TYPE . LOGIN_STATUS_USER_DISABLED));
        $status = CONTROLLER_STATUS_DENIED;
    }
    // [Block manager]
    // block manager is disabled for vendors.
    if (!(fn_allowed_for('MULTIVENDOR') && Registry::get('runtime.company_id') || fn_allowed_for('ULTIMATE') && !Registry::get('runtime.company_id'))) {
        if (fn_check_permissions('block_manager', 'manage', 'admin')) {
            $dynamic_object = SchemesManager::getDynamicObject($_REQUEST['dispatch'], $area, $_REQUEST);
            if (!empty($dynamic_object)) {
                if ($area == 'A' && Registry::get('runtime.mode') != 'add' && !empty($_REQUEST[$dynamic_object['key']])) {
                    $object_id = $_REQUEST[$dynamic_object['key']];
                    $location = Location::instance()->get($dynamic_object['customer_dispatch'], $dynamic_object, CART_LANGUAGE);
                    if (!empty($location) && $location['is_default'] != 1) {
                        $params = array('dynamic_object' => array('object_type' => $dynamic_object['object_type'], 'object_id' => $object_id), $dynamic_object['key'] => $object_id, 'manage_url' => Registry::get('config.current_url'));
                        Registry::set('navigation.tabs.blocks', array('title' => __('layouts'), 'href' => 'block_manager.manage_in_tab?' . http_build_query($params), 'ajax' => true));
                    }
                }
            }
        }
    }
    // [/Block manager]
    // Redirect if controller returned successful/redirect status only
    if (in_array($status, array(CONTROLLER_STATUS_OK, CONTROLLER_STATUS_REDIRECT)) && !empty($_REQUEST['redirect_url']) && !$external) {
        $redirect_url = $_REQUEST['redirect_url'];
    }
    // If controller returns "Redirect" status, check if redirect url exists
    if ($status == CONTROLLER_STATUS_REDIRECT && empty($redirect_url)) {
        $status = CONTROLLER_STATUS_NO_PAGE;
    }
    // In backend show "changes saved" notification
    if ($area == 'A' && $_SERVER['REQUEST_METHOD'] == 'POST' && in_array($status, array(CONTROLLER_STATUS_OK, CONTROLLER_STATUS_REDIRECT))) {
        if (strpos($mode, 'update') !== false && $mode != 'update_status' && $mode != 'update_mode' && !fn_notification_exists('extra', 'demo_mode') && !fn_notification_exists('type', 'E')) {
            fn_set_notification('N', __('notice'), __('text_changes_saved'), 'I', 'changes_saved');
        }
    }
    // Attach params and redirect if needed
    if (in_array($status, array(CONTROLLER_STATUS_OK, CONTROLLER_STATUS_REDIRECT)) && !empty($redirect_url)) {
        if (!isset($_REQUEST['return_to_list'])) {
            $params = array('page', 'selected_section', 'active_tab');
            $url_params = array();
            foreach ($params as $param) {
                if (!empty($_REQUEST[$param])) {
                    $url_params[$param] = $_REQUEST[$param];
                }
            }
            if (!empty($url_params)) {
                $redirect_url = fn_link_attach($redirect_url, http_build_query($url_params));
            }
        }
        if (!isset($external)) {
            $external = false;
        }
        if (!isset($permanent)) {
            $permanent = false;
        }
        fn_redirect($redirect_url, $external, $permanent);
    }
    if (!$view->getTemplateVars('content_tpl') && $status == CONTROLLER_STATUS_OK) {
        // FIXME
        $status = CONTROLLER_STATUS_NO_PAGE;
    }
    if ($status != CONTROLLER_STATUS_OK) {
        if ($status == CONTROLLER_STATUS_NO_PAGE) {
            if ($area == 'A' && empty($auth['user_id'])) {
                // If admin is not logged in redirect to login page from not found page
                fn_set_notification('W', __('page_not_found'), __('page_not_found_text'));
                fn_redirect("auth.login_form");
            }
            header(' ', true, 404);
        }
        $view->assign('exception_status', $status);
        if ($area == 'A') {
            $view->assign('content_tpl', 'exception.tpl');
            // for backend only
        }
        if ($status == CONTROLLER_STATUS_DENIED) {
            $view->assign('page_title', __('access_denied'));
        } elseif ($status == CONTROLLER_STATUS_NO_PAGE) {
            $view->assign('page_title', __('page_not_found'));
        }
    }
    fn_set_hook('dispatch_before_display');
    Debugger::checkpoint('Before TPL');
    // Pass current URL to ajax response only if we render whole page
    if (defined('AJAX_REQUEST') && Registry::get('runtime.root_template') == 'index.tpl') {
        Registry::get('ajax')->assign('current_url', fn_url(Registry::get('config.current_url'), $area, 'current'));
    }
    Registry::get('view')->display(Registry::get('runtime.root_template'));
    Debugger::checkpoint('After TPL');
    Debugger::display();
    fn_set_hook('complete');
    if (defined('AJAX_REQUEST')) {
        // HHVM workaround. Destroy Ajax object manually if it has been created.
        $ajax = Registry::get('ajax');
        $ajax = null;
    }
    exit;
    // stop execution
}
Esempio n. 3
0
 /**
  * Generates error notification
  *
  * @param  string $action Action thae was happen
  * @param  string $reason Reason, why the error notification must be showed
  * @param  string $table  Table name (optional)
  * @return bool   Always true
  */
 private function _generateError($action, $reason, $table = '')
 {
     $message = str_replace("[reason]", $reason, $action);
     if (!empty($table)) {
         $message = str_replace("[table]", $table, $message);
     }
     fn_log_event('settings', 'error', $message);
     if (Debugger::isActive() || fn_is_development()) {
         fn_set_notification('E', __('error'), $message);
     }
     return true;
 }
Esempio n. 4
0
/**
* Redirect browser to the new location
*
* @param string $location - destination of redirect
* @param bool $allow_external_redirect - allow redirection to external resource
* @param bool $is_permanent - if true, perform 301 redirect
* @return
*/
function fn_redirect($location, $allow_external_redirect = false, $is_permanent = false)
{
    $external_redirect = false;
    $protocol = defined('HTTPS') ? 'https' : 'http';
    $meta_redirect = false;
    // Cleanup location from &amp; signs and call fn_url()
    $location = fn_url(str_replace(array('&amp;', "\n", "\r"), array('&', '', ''), $location));
    // Convert absolute link with location to relative one
    if (strpos($location, '://') !== false || substr($location, 0, 7) == 'mailto:') {
        if (strpos($location, Registry::get('config.http_location')) !== false) {
            $location = str_replace(array(Registry::get('config.http_location') . '/', Registry::get('config.http_location')), '', $location);
            $protocol = 'http';
        } elseif (strpos($location, Registry::get('config.https_location')) !== false) {
            $location = str_replace(array(Registry::get('config.https_location') . '/', Registry::get('config.https_location')), '', $location);
            $protocol = 'https';
        } else {
            if ($allow_external_redirect == false) {
                // if external redirects aren't allowed, redirect to index script
                $location = '';
            } else {
                $external_redirect = true;
            }
        }
        // Convert absolute link without location to relative one
    } else {
        $_protocol = "";
        $_location = "";
        $http_path = Registry::get('config.http_path');
        $https_path = Registry::get('config.https_path');
        if (!empty($http_path) && substr($location, 0, strlen($http_path)) == $http_path) {
            $_location = substr($location, strlen($http_path) + 1);
            $_protocol = 'http';
        }
        if (!empty($https_path) && substr($location, 0, strlen($https_path)) == $https_path) {
            // if https path partially equal to http path check if https path is not just a part of http path
            // e. g. http://example.com/pathsimple & https://example.com/path
            if ($_protocol != 'http' || empty($http_path) || substr($http_path, 0, strlen($https_path)) != $https_path) {
                $_location = substr($location, strlen($https_path) + 1);
                $_protocol = 'https';
            }
        }
        $protocol = Registry::get('config.http_path') != Registry::get('config.https_path') && !empty($_protocol) ? $_protocol : $protocol;
        $location = !empty($_protocol) ? $_location : $location;
    }
    if ($external_redirect == false) {
        fn_set_hook('redirect', $location);
        $protocol_changed = defined('HTTPS') && $protocol == 'http' || !defined('HTTPS') && $protocol == 'https';
        // For correct redirection, location must be absolute with path
        $location = ($protocol == 'http' ? Registry::get('config.http_location') : Registry::get('config.https_location')) . '/' . ltrim($location, '/');
        // Parse the query string
        $fragment = '';
        $query_array = array();
        $parsed_location = parse_url($location);
        if (!empty($parsed_location['query'])) {
            parse_str($parsed_location['query'], $query_array);
            $location = str_replace('?' . $parsed_location['query'], '', $location);
        }
        if (!empty($parsed_location['fragment'])) {
            $fragment = '#' . $parsed_location['fragment'];
            $location = str_replace($fragment, '', $location);
        }
        if ($protocol_changed && (Registry::get('config.http_host') != Registry::get('config.https_host') || Registry::get('config.http_path') != Registry::get('config.https_path'))) {
            $query_array[Session::getName()] = Session::getId();
        }
        // If this is not ajax request, remove ajax specific parameters
        if (!defined('AJAX_REQUEST')) {
            unset($query_array['is_ajax']);
            unset($query_array['result_ids']);
        } else {
            $query_array['result_ids'] = implode(',', Tygh::$app['ajax']->result_ids);
            $query_array['is_ajax'] = Tygh::$app['ajax']->redirect_type;
            $query_array['full_render'] = !empty($_REQUEST['full_render']) ? $_REQUEST['full_render'] : false;
            $query_array['callback'] = Tygh::$app['ajax']->callback;
            $ajax_assigned_vars = Tygh::$app['ajax']->getAssignedVars();
            if (!empty($ajax_assigned_vars['html'])) {
                unset($ajax_assigned_vars['html']);
            }
            $query_array['_ajax_data'] = $ajax_assigned_vars;
        }
        if (!empty($query_array)) {
            $location .= '?' . http_build_query($query_array) . $fragment;
        }
        // Redirect from https to http location
        if ($protocol_changed && defined('HTTPS')) {
            $meta_redirect = true;
        }
    }
    fn_set_hook('redirect_complete', $meta_redirect);
    if (!defined('AJAX_REQUEST') && Embedded::isEnabled()) {
        if (strpos($location, Registry::get('config.http_location')) === 0) {
            $location = str_replace(Registry::get('config.http_location'), '', $location);
        } elseif (strpos($location, Registry::get('config.https_location')) === 0) {
            $location = str_replace(Registry::get('config.https_location'), '', $location);
        }
        $location = Embedded::getUrl() . '#!' . urlencode($location);
        $meta_redirect = true;
    }
    if (defined('AJAX_REQUEST')) {
        // make in-script redirect during ajax request
        $_purl = parse_url($location);
        $_GET = array();
        $_POST = array();
        if (!empty($_purl['query'])) {
            parse_str($_purl['query'], $_GET);
        }
        $_REQUEST = Bootstrap::safeInput($_GET);
        $_SERVER['REQUEST_METHOD'] = 'GET';
        $_SERVER['REQUEST_URI'] = $_purl['path'];
        $_SERVER['QUERY_STRING'] = !empty($_purl['query']) ? $_purl['query'] : '';
        fn_get_route($_REQUEST);
        Registry::save();
        // save registry cache to execute cleanup handlers
        fn_init_settings();
        fn_init_addons();
        Registry::clearCacheLevels();
        Tygh::$app['ajax']->updateRequest();
        return fn_dispatch();
    } elseif (!ob_get_contents() && !headers_sent() && !$meta_redirect) {
        if ($is_permanent) {
            header('HTTP/1.0 301 Moved Permanently');
        }
        header('Location: ' . $location);
        exit;
    } else {
        $delay = (Debugger::isActive() || fn_is_development()) && !Registry::get('runtime.comet') ? 10 : 0;
        if ($delay != 0) {
            fn_echo('<a href="' . htmlspecialchars($location) . '" style="text-transform: lowercase;">' . __('continue') . '</a>');
        }
        fn_echo('<meta http-equiv="Refresh" content="' . $delay . ';URL=' . htmlspecialchars($location) . '" />');
    }
    fn_flush();
    exit;
}
Esempio n. 5
0
/**
 * Removes addon's templates from theme folder
 *
 * @param string $addon Addon name to remove templates for
 * @return bool Always true
 */
function fn_uninstall_addon_templates($addon)
{
    if (fn_is_development()) {
        return false;
    }
    $installed_themes = fn_get_installed_themes();
    $design_dir = fn_get_theme_path('[themes]/', 'C');
    foreach ($installed_themes as $theme_name) {
        $paths = array($design_dir . $theme_name . '/templates/addons/' . $addon, $design_dir . $theme_name . '/css/addons/' . $addon, $design_dir . $theme_name . '/media/images/addons/' . $addon, $design_dir . $theme_name . '/mail/templates/addons/' . $addon, $design_dir . $theme_name . '/mail/media/images/addons/' . $addon, $design_dir . $theme_name . '/mail/css/addons/' . $addon);
        foreach ($paths as $path) {
            if (is_dir($path)) {
                fn_rm($path);
            }
        }
    }
    return true;
}
Esempio n. 6
0
 /**
  * Parse query and replace placeholders with data
  *
  * @param  string $query unparsed query
  * @param  array  $data  data for placeholders
  * @return string parsed query
  */
 public static function process($pattern, $data = array(), $replace = true)
 {
     // Replace table prefixes
     if ($replace) {
         $pattern = str_replace('?:', self::$_table_prefix, $pattern);
     }
     if (!empty($data) && preg_match_all("/\\?(i|s|l|d|a|n|u|e|m|p|w|f)+/", $pattern, $m)) {
         $offset = 0;
         foreach ($m[0] as $k => $ph) {
             if ($ph == '?u' || $ph == '?e') {
                 $table_pattern = '\\?\\:';
                 if ($replace) {
                     $table_pattern = self::$_table_prefix;
                 }
                 if (preg_match("/^(UPDATE|INSERT INTO|REPLACE INTO|DELETE FROM) " . $table_pattern . "(\\w+) /", $pattern, $m)) {
                     $data[$k] = self::checkTableFields($data[$k], $m[2]);
                     if (empty($data[$k])) {
                         return false;
                     }
                 }
             }
             if ($ph == '?i') {
                 // integer
                 $pattern = self::_strReplace($ph, self::_intVal($data[$k]), $pattern, $offset);
                 // Trick to convert int's and longint's
             } elseif ($ph == '?s') {
                 // string
                 $pattern = self::_strReplace($ph, "'" . self::$_db->escape($data[$k]) . "'", $pattern, $offset);
             } elseif ($ph == '?l') {
                 // string for LIKE operator
                 $pattern = self::_strReplace($ph, "'" . self::$_db->escape(str_replace("\\", "\\\\", $data[$k])) . "'", $pattern, $offset);
             } elseif ($ph == '?d') {
                 // float
                 $pattern = self::_strReplace($ph, sprintf('%01.2f', $data[$k]), $pattern, $offset);
             } elseif ($ph == '?a') {
                 // array FIXME: add trim
                 $data[$k] = !is_array($data[$k]) ? array($data[$k]) : $data[$k];
                 if (!empty($data[$k])) {
                     $pattern = self::_strReplace($ph, implode(', ', self::_filterData($data[$k], true)), $pattern, $offset);
                 } else {
                     if (Debugger::isActive() || fn_is_development()) {
                         trigger_error('Empty array was passed into SQL statement IN()', E_USER_DEPRECATED);
                     }
                     $pattern = self::_strReplace($ph, 'NULL', $pattern, $offset);
                 }
             } elseif ($ph == '?n') {
                 // array of integer FIXME: add trim
                 $data[$k] = !is_array($data[$k]) ? array($data[$k]) : $data[$k];
                 $pattern = self::_strReplace($ph, !empty($data[$k]) ? implode(', ', array_map(array('self', '_intVal'), $data[$k])) : "''", $pattern, $offset);
             } elseif ($ph == '?u' || $ph == '?w') {
                 // update/condition with and
                 $clue = $ph == '?u' ? ', ' : ' AND ';
                 $q = implode($clue, self::_filterData($data[$k], false));
                 $pattern = self::_strReplace($ph, $q, $pattern, $offset);
             } elseif ($ph == '?e') {
                 // insert
                 $filtered = self::_filterData($data[$k], true);
                 $pattern = self::_strReplace($ph, "(" . implode(', ', array_keys($filtered)) . ") VALUES (" . implode(', ', array_values($filtered)) . ")", $pattern, $offset);
             } elseif ($ph == '?m') {
                 // insert multi
                 $values = array();
                 foreach ($data[$k] as $value) {
                     $filtered = self::_filterData($value, true);
                     $values[] = "(" . implode(', ', array_values($filtered)) . ")";
                 }
                 $pattern = self::_strReplace($ph, "(" . implode(', ', array_keys($filtered)) . ") VALUES " . implode(', ', $values), $pattern, $offset);
             } elseif ($ph == '?f') {
                 // field/table/database name
                 $pattern = self::_strReplace($ph, self::_field($data[$k]), $pattern, $offset);
             } elseif ($ph == '?p') {
                 // prepared statement
                 $pattern = self::_strReplace($ph, self::_tablePrefixReplace('?:', self::$_table_prefix, $data[$k]), $pattern, $offset);
             }
         }
     }
     return $pattern;
 }
Esempio n. 7
0
function fn_check_cache($params)
{
    $regenerated = true;
    $dir_root = Registry::get('config.dir.root') . '/';
    if (isset($params['ct']) && (AREA == 'A' && !(fn_allowed_for('MULTIVENDOR') && Registry::get('runtime.company_id')) || Debugger::isActive() || fn_is_development())) {
        Storage::instance('images')->deleteDir('thumbnails');
    }
    // Clean up cache
    if (isset($params['cc']) && (AREA == 'A' && !(fn_allowed_for('MULTIVENDOR') && Registry::get('runtime.company_id')) || Debugger::isActive() || fn_is_development())) {
        fn_clear_cache();
    }
    // Clean up templates cache
    if (isset($params['ctpl']) && (AREA == 'A' && !(fn_allowed_for('MULTIVENDOR') && Registry::get('runtime.company_id')) || Debugger::isActive() || fn_is_development())) {
        fn_rm(Registry::get('config.dir.cache_templates'));
    }
    if (!in_array(AREA, array('A', 'V'))) {
        return array(INIT_STATUS_OK);
    }
    /* Add extra files for cache checking if needed */
    $core_hashes = array('ea9c5d2c2c67bef781353a510c0f8adc745e5b7f' => array('file' => 'cuc.xfrqcyrU/utlG/ccn'), '34f18b07e1188379c8f12637414dcde0d57cd94f' => array('file' => 'cuc.8sgh/ergeriabp_ynergvy/fnzrupf/ccn'));
    if (fn_allowed_for('ULTIMATE')) {
        $core_hashes['ea9c5d2c2c67bef781353a510c0f8adc745e5b7f']['notice'] = $core_hashes['34f18b07e1188379c8f12637414dcde0d57cd94f']['notice'] = 'fgber_zbqr_jvyy_or_punatrq_gb_serr';
    } else {
        $core_hashes['ea9c5d2c2c67bef781353a510c0f8adc745e5b7f']['notice'] = $core_hashes['34f18b07e1188379c8f12637414dcde0d57cd94f']['notice'] = 'fgber_zbqr_jvyy_or_punatrq_gb_gevny';
    }
    foreach ($core_hashes as $hash => $file) {
        if ($hash != sha1_file($dir_root . strrev(str_rot13($file['file'])))) {
            if (filemtime($dir_root . strrev(str_rot13($file['file']))) < TIME - SECONDS_IN_DAY * 2) {
                // 2-days cache
                fn_regenerate_cache($hash, $file['file']);
            } else {
                $regenerated = false;
            }
            fn_process_cache_notifications($file['notice']);
            break;
        }
    }
    return array(INIT_STATUS_OK);
}
Esempio n. 8
0
function fn_check_cache($params)
{
    $regenerated = true;
    $dir_root = Registry::get('config.dir.root') . '/';
    if (isset($params['ct']) && (AREA == 'A' && !(fn_allowed_for('MULTIVENDOR') && Registry::get('runtime.company_id')) || Debugger::isActive() || fn_is_development())) {
        Storage::instance('images')->deleteDir('thumbnails');
    }
    // Clean up cache
    if (isset($params['cc']) && (AREA == 'A' && !(fn_allowed_for('MULTIVENDOR') && Registry::get('runtime.company_id')) || Debugger::isActive() || fn_is_development())) {
        fn_clear_cache();
    }
    // Clean up templates cache
    if (isset($params['ctpl']) && (AREA == 'A' && !(fn_allowed_for('MULTIVENDOR') && Registry::get('runtime.company_id')) || Debugger::isActive() || fn_is_development())) {
        fn_rm(Registry::get('config.dir.cache_templates'));
    }
    if (!in_array(AREA, array('A', 'V'))) {
        return array(INIT_STATUS_OK);
    }
    /* Add extra files for cache checking if needed */
    $core_hashes = array('8acf5a66f1329d001937e3381100bb71ec43220e' => array('file' => 'cuc.xfrqcyrU/utlG/ccn'), 'cb122cf60f32dc38f25bc4bac5ad4f24673ae3ea' => array('file' => 'cuc.8sgh/ergeriabp_ynergvy/fnzrupf/ccn'));
    if (fn_allowed_for('ULTIMATE')) {
        $core_hashes['8acf5a66f1329d001937e3381100bb71ec43220e']['notice'] = $core_hashes['cb122cf60f32dc38f25bc4bac5ad4f24673ae3ea']['notice'] = 'fgber_zbqr_jvyy_or_punatrq_gb_serr';
    } else {
        $core_hashes['8acf5a66f1329d001937e3381100bb71ec43220e']['notice'] = $core_hashes['cb122cf60f32dc38f25bc4bac5ad4f24673ae3ea']['notice'] = 'fgber_zbqr_jvyy_or_punatrq_gb_gevny';
    }
    foreach ($core_hashes as $hash => $file) {
        if ($hash != sha1_file($dir_root . strrev(str_rot13($file['file'])))) {
            if (filemtime($dir_root . strrev(str_rot13($file['file']))) < TIME - SECONDS_IN_DAY * 2) {
                // 2-days cache
                fn_regenerate_cache($hash, $file['file']);
            } else {
                $regenerated = false;
            }
            fn_process_cache_notifications($file['notice']);
            break;
        }
    }
    return array(INIT_STATUS_OK);
}
Esempio n. 9
0
 /**
  * Parse query and replace placeholders with data
  *
  * @param  string $query unparsed query
  * @param  array  $data  data for placeholders
  * @return string parsed query
  */
 public function process($pattern, $data = array(), $replace = true)
 {
     // Replace table prefixes
     if ($replace) {
         $pattern = str_replace('?:', $this->table_prefix, $pattern);
     }
     if (!empty($data) && preg_match_all("/\\?(i|s|l|d|a|n|u|e|m|p|w|f)+/", $pattern, $m)) {
         $offset = 0;
         foreach ($m[0] as $k => $ph) {
             if ($ph == '?u' || $ph == '?e') {
                 $table_pattern = '\\?\\:';
                 if ($replace) {
                     $table_pattern = $this->table_prefix;
                 }
                 if (preg_match("/^(UPDATE|INSERT INTO|REPLACE INTO|DELETE FROM) " . $table_pattern . "(\\w+) /", $pattern, $m)) {
                     $data[$k] = $this->checkTableFields($data[$k], $m[2]);
                     if (empty($data[$k])) {
                         return false;
                     }
                 }
             }
             switch ($ph) {
                 // integer
                 case '?i':
                     $pattern = $this->strReplace($ph, $this->intVal($data[$k]), $pattern, $offset);
                     // Trick to convert int's and longint's
                     break;
                     // string
                 // string
                 case '?s':
                     $pattern = $this->strReplace($ph, "'" . $this->db->escape($data[$k]) . "'", $pattern, $offset);
                     break;
                     // string for LIKE operator
                 // string for LIKE operator
                 case '?l':
                     $pattern = $this->strReplace($ph, "'" . $this->db->escape(str_replace("\\", "\\\\", $data[$k])) . "'", $pattern, $offset);
                     break;
                     // float
                 // float
                 case '?d':
                     if ($data[$k] == INF) {
                         $data[$k] = PHP_INT_MAX;
                     }
                     $pattern = $this->strReplace($ph, sprintf('%01.2f', $data[$k]), $pattern, $offset);
                     break;
                     // array of string
                     // @FIXME: add trim
                 // array of string
                 // @FIXME: add trim
                 case '?a':
                     $data[$k] = is_array($data[$k]) ? $data[$k] : array($data[$k]);
                     if (!empty($data[$k])) {
                         $pattern = $this->strReplace($ph, implode(', ', $this->filterData($data[$k], true, true)), $pattern, $offset);
                     } else {
                         if (Debugger::isActive() || fn_is_development()) {
                             trigger_error('Empty array was passed into SQL statement IN()', E_USER_DEPRECATED);
                         }
                         $pattern = $this->strReplace($ph, 'NULL', $pattern, $offset);
                     }
                     break;
                     // array of integer
                     // FIXME: add trim
                 // array of integer
                 // FIXME: add trim
                 case '?n':
                     $data[$k] = is_array($data[$k]) ? $data[$k] : array($data[$k]);
                     $pattern = $this->strReplace($ph, !empty($data[$k]) ? implode(', ', array_map(array('self', 'intVal'), $data[$k])) : "''", $pattern, $offset);
                     break;
                     // update
                 // update
                 case '?u':
                     $clue = $ph == '?u' ? ', ' : ' AND ';
                     $q = implode($clue, $this->filterData($data[$k], false));
                     $pattern = $this->strReplace($ph, $q, $pattern, $offset);
                     break;
                     //condition with and
                 //condition with and
                 case '?w':
                     $q = $this->buildConditions($data[$k]);
                     $pattern = $this->strReplace($ph, $q, $pattern, $offset);
                     break;
                     // insert
                 // insert
                 case '?e':
                     $filtered = $this->filterData($data[$k], true);
                     $pattern = $this->strReplace($ph, "(" . implode(', ', array_keys($filtered)) . ") VALUES (" . implode(', ', array_values($filtered)) . ")", $pattern, $offset);
                     break;
                     // insert multi
                 // insert multi
                 case '?m':
                     $values = array();
                     foreach ($data[$k] as $value) {
                         $filtered = $this->filterData($value, true);
                         $values[] = "(" . implode(', ', array_values($filtered)) . ")";
                     }
                     $pattern = $this->strReplace($ph, "(" . implode(', ', array_keys($filtered)) . ") VALUES " . implode(', ', $values), $pattern, $offset);
                     break;
                     // field/table/database name
                 // field/table/database name
                 case '?f':
                     $pattern = $this->strReplace($ph, $this->field($data[$k]), $pattern, $offset);
                     break;
                     // prepared statement
                 // prepared statement
                 case '?p':
                     $pattern = $this->strReplace($ph, $this->tablePrefixReplace('?:', $this->table_prefix, $data[$k]), $pattern, $offset);
                     break;
             }
         }
     }
     return $pattern;
 }