// (! empty ($cgi->username) && ! empty ($cgi->password)) || // ! empty ($cookie->{$_sconf['Handler']['cookiename']}) // ) { $sources = array(); foreach ($_sconf as $k => $v) { if (strpos($k, 'Source ') === 0) { $sources[$v['driver']] = $v; } } list($user, $pass, $id) = @Session::gatherParameters($_sconf['Handler']['driver'], $_sconf['Handler']['cookiename']); $session = new Session($_sconf['Handler']['driver'], array_keys($sources), $_sconf['Store']['driver'], $user, $pass, $id); $session->init($_sconf['Session']['path']); $session->setTimeout($_sconf['Session']['timeout']); foreach ($sources as $k => $v) { $session->setSourceProperties($k, $v); } $session->setHandlerProperties($_sconf['Handler']); $session->setStoreProperties($_sconf['Store']); if ($_sconf['Handler']['driver'] == 'Cookie' && $conf['Site']['secure']) { $session->handler->cookiesecure = true; $session->store->cookiesecure = 1; } if (!empty($cgi->username) || !empty($cookie->{$_sconf['Handler']['cookiename']})) { if ($cookie->sitemember_remember > 0) { $session->handler->cookieexpires = $cookie->sitemember_remember; $session->setTimeout($cookie->sitemember_remember); $cookie->set('sitemember_remember', $cookie->sitemember_remember, $cookie->sitemember_remember, '/', site_domain(), site_secure()); } $session->start(); } //} // end evaluation condition
// your app begins here global $cgi; if (!empty($cgi->username) && session_admin()) { header('Location: ' . site_prefix() . '/index/cms-app?forward=' . urlencode($_SERVER['HTTP_REFERER'])); exit; } elseif (!session_valid()) { $action = 'login'; } elseif (!empty($cgi->username) && $cgi->remember_me == 'yes') { $duration = appconf('remember_login'); if ($duration) { // convert duration to seconds $duration = $duration * 86400; // set "sitemember_remember" cookie global $cookie; $cookie->set('sitemember_remember', $duration, $duration, '/', site_domain(), site_secure()); // adjust cookie session_change_timeout($duration); // adjust expires value session_user_edit(session_username(), array('expires' => date('Y-m-d H:i:s', time() + $duration))); } $action = 'home'; } else { $action = 'home'; } if (session_valid() && !empty($parameters['goto'])) { header('Location: ' . $parameters['goto']); exit; } list($type, $call) = split(':', appconf($action), 2); $func = 'loader_' . $type;
/** * Executes the specified form using the Sitellite form API, * which is essentially just an include of a file that defines a * subclass of saf.MailForm. * * @access public * @param string $name * @param string $context * @return string * */ function form($name, $context = 'normal') { if (!is_array($this->formAccess)) { if (!$this->formAllowed($name, $context)) { return ''; } } if ($this->formAccess['sitellite_secure']) { if (site_secure()) { if (!cgi_is_https()) { cgi_force_https(); } } else { die('The requested form requires an SSL connection, but Sitellite does not have SSL enabled.'); } } elseif ($this->formAccess['sitellite_secure'] === '') { if (cgi_is_https()) { cgi_force_http(); } } $app = $this->getApp($name); $name = $this->removeApp($name, $app); $this->apps[] = $app; if (@file_exists($this->prefix . '/' . $app . '/' . $this->formPath . '/' . $name . '/index.php')) { loader_import('saf.MailForm'); if (@file_exists($this->prefix . '/' . $app . '/conf/properties.php')) { include_once $this->prefix . '/' . $app . '/conf/properties.php'; } /*if (@file_exists ($this->prefix . '/' . $app . '/conf/settings.ini.php')) { $settings = ini_parse ($this->prefix . '/' . $app . '/conf/settings.ini.php', true); foreach ($settings as $k => $v) { appconf_set ($k, $v['value']); } }*/ appconf_default_settings(); ob_start(); // special behaviour changes for global objects when in a box global $simple, $tpl, $intl; $old_simple_path = $simple->path; $simple->path = $this->prefix . '/' . $app . '/html'; $old_tpl_path = $tpl->path; $tpl->path = $this->prefix . '/' . $app . '/html'; $old_intl_path = $intl->directory; $intl->directory = $this->prefix . '/' . $app . '/lang'; $intl->getIndex(); include $this->prefix . '/' . $app . '/' . $this->formPath . '/' . $name . '/index.php'; $contents .= ob_get_contents(); ob_end_clean(); $contents = trim($contents); if (empty($contents)) { $class = ucfirst($app); foreach (explode('/', $name) as $p) { $class .= ucfirst($p); } $class .= 'Form'; if (class_exists($class)) { ob_start(); $form = new $class(); $form->context = $context; echo $form->run(); $contents .= ob_get_contents(); ob_end_clean(); } } $simple->path = $old_simple_path; $tpl->path = $old_tpl_path; $intl->directory = $old_intl_path; $this->formAccess = false; array_pop($this->apps); return $contents; } else { $this->formAccess = false; array_pop($this->apps); global $errno; $errno = E_NOT_FOUND; switch (conf('Server', 'error_handler_type')) { case 'box': return $this->box(conf('Server', 'error_handler')); case 'form': return $this->form(conf('Server', 'error_handler')); default: header('Location: ' . site_prefix() . '/index/' . conf('Server', 'error_handler')); exit; } } $this->formAccess = false; array_pop($this->apps); return ''; }
/** * Checks for an $external property of the document object, which if found * is understood to represent an external document that this object is * actually an alias of, and so it will forward the request on to that * document. */ function isExternal() { if (!empty($this->external)) { global $intl; if ($intl->negotiation == 'url') { $intl_prefix = '/' . $intl->language; } else { $intl_prefix = ''; } if (conf('Site', 'remove_index')) { $index = '/'; } else { $index = '/index/'; } if (session_admin()) { if (!preg_match('|^[a-zA-Z0-9]+://|', $this->external)) { if (strpos($this->external, '/') === 0) { if (site_secure() && cgi_is_https()) { $ext = 'https://' . site_domain() . $this->external; } else { $ext = 'http://' . site_domain() . $this->external; } } else { if (site_secure() && cgi_is_https()) { $ext = 'https://' . site_domain() . site_prefix() . $intl_prefix . $index . $this->external; } else { $ext = 'http://' . site_domain() . site_prefix() . $intl_prefix . $index . $this->external; } } } else { $ext = $this->external; } $this->body = '<p>' . intl_get('This page is a placeholder for the following external resource') . ':</p><p><a href="' . $ext . '">' . $ext . '</a></p>'; return false; } if (!preg_match('|^[a-zA-Z0-9]+://|', $this->external)) { if (strpos($this->external, '/') === 0) { if (site_secure() && cgi_is_https()) { header('Location: https://' . site_domain() . $this->external); } else { header('Location: http://' . site_domain() . $this->external); } } else { if (site_secure() && cgi_is_https()) { header('Location: https://' . site_domain() . site_prefix() . $intl_prefix . $index . $this->external); } else { header('Location: http://' . site_domain() . site_prefix() . $intl_prefix . $index . $this->external); } } } else { header('Location: ' . $this->external); } exit; } }