/** * Boots the system and reads the configuration files. Should not be called manually. */ function __bootloader() { //get the current path $currentPath = getcwd(); //we make sure the last character of the current path is a separator if (substr($currentPath, -1) != '/') { $currentPath .= '/'; } //these definitions must be present if (!defined('PATH_SYSTEM')) { throw new \Exception('PATH_SYSTEM is not set in paths.inc'); } if (!defined('PATH_CONFIG')) { throw new \Exception('PATH_CONFIG is not set in paths.inc'); } if (!defined('PATH_TEMP')) { throw new \Exception('PATH_TEMP is not set in paths.inc'); } if (!defined('PATH_LOGS')) { throw new \Exception('PATH_LOGS is not set in paths.inc'); } if (!defined('PATH_MODULES')) { throw new \Exception('PATH_MODULES is not set in paths.inc'); } if (!defined('PATH_PAGECACHE_CACHE')) { throw new \Exception('PATH_PAGECACHE_CACHE is not set in paths.inc'); } //define the security locks so we can include files define('InSite', null); define('System', null); //we define the default character sets to utf8 mb_internal_encoding("UTF-8"); //load the autoloader. After this call, all the classes can be called. $autoloader = PATH_SYSTEM . 'Autoload.class.php'; if (file_exists($autoloader)) { require_once $autoloader; } else { throw new \Exception('Could not load ' . $autoloader . '. Please check the PATH_SYSTEM constant in your configuration!'); } //debug parameters when the platform is our development platform if (\System\Server\OS::getOS() == \System\Server\OS::OS_WINDOWS) { defined('DEBUG') || define('DEBUG', null); } register_shutdown_function('\\System\\Db\\Database::handleShutdown'); //boot the errorhandler and register the exception and error handlers \System\Error\ErrorHandler::getInstance(); //set the timezone values defined('TIMEZONE_IDENTIFIER') || define('TIMEZONE_IDENTIFIER', 'Europe/Amsterdam'); \System\Version::registerRequiredConfigDirective('TIMEZONE_IDENTIFIER'); date_default_timezone_set(TIMEZONE_IDENTIFIER); //register $register = \System\Register\Register::getInstance(); //we set the start timer \System\Calendar\Timer::getSystemExecutionTime(); //config require_once PATH_CONFIG . 'site.inc'; //initialize the language subsystem \System\Internationalization\Language::init(); //initialize the system interaction system \System\System\Interaction\Event\SystemInteractionEvent::registerListeners(); //register extra handlers if needed if (file_exists(PATH_CONFIG . 'handlers.inc')) { require_once PATH_CONFIG . 'handlers.inc'; } //turn the displaying of errors off, when we are in production environment defined('DEBUG') || ini_set('display_errors', 0); //verify the required configuration variables __requirements(); //check if the visitors ip address is allowed. if (!\System\HTTP\Visitor\PermaBan\PermaBan::isIPAllowed(\System\HTTP\Visitor\IP::getClientIP())) { header('HTTP/1.0 403 Forbidden'); header('Status: 403 Forbidden'); header('HTTP/1.1 403 Forbidden'); exit; } //database $register->defaultDb = \System\Db\Database::getConnection(); //we dont want to cache our output, as this allows access without revalidating header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); //requestshizzle \System\Version::registerRequiredConfigDirective('DEFAULT_CONTROLLER'); if (!defined('DEFAULT_CONTROLLER')) { throw new \System\Error\Exception\SystemException('The configuration is invalid: DEFAULT_CONTROLLER not set or invalid.'); } $controller = \System\Web\Controller::callController(); //do buffered output rendering if needed if ($controller->getRenderSetting() == \System\Web\Controller::RENDERER_ENABLED) { //render the surface $renderSurface = $controller->getRenderSurface(); if (!$renderSurface) { throw new \System\Error\Exception\SystemException('Please make sure your controller action sets a RenderSurface!'); } $controller->getRenderSurface()->execute(); } //shutdown the system to prevent further execution of code exit; }
/** * Outputs the error and logs it to a file. * Note that this function effectively halts the execution of our script. * @param int The errorlevel of the error. * @param string The message * @param string The file the error occured in * @param int The line number of the error * @param string The stacktrace as a string */ protected static final function outputError($errorLevel, $errorNotice, $errorFile, $errorLine, $stackTrace) { //logging of the error goes here. This is done using classic SQL queries and manual connecting to the db, //because we dont want to be dependant of the system $errorPage = self::ERRORPAGE; if (defined('ERRORPAGE_CUSTOM')) { $errorPage = constant('ERRORPAGE_CUSTOM'); } if (defined('DATABASE_HOST') && defined('DATABASE_USER') && defined('DATABASE_PASS') && defined('DATABASE_PORT') && defined('DATABASE_NAME')) { $link = @mysqli_connect(DATABASE_HOST, DATABASE_USER, DATABASE_PASS, DATABASE_NAME, DATABASE_PORT); if ($link) { $ip = @mysqli_real_escape_string($link, \System\HTTP\Visitor\IP::getClientIP()); $serverIp = @mysqli_real_escape_string($link, \System\HTTP\Request\Request::getServerAddress()); $query = @mysqli_real_escape_string($link, \System\HTTP\Request\Request::getQuery()); $referer = @mysqli_real_escape_string($link, \System\HTTP\Request\Request::getReferer()); $request = @mysqli_real_escape_string($link, \System\HTTP\Request\Request::getRequest()); $errorNumber = @mysqli_real_escape_string($link, $errorLevel); $errorString = @mysqli_real_escape_string($link, $errorNotice); $escapedError = @mysqli_real_escape_string($link, $errorFile); $errorLine = @mysqli_real_escape_string($link, $errorLine); $escapedTrace = @mysqli_real_escape_string($link, $stackTrace); $post = new \System\HTTP\Request\Post(); $postData = $post->serialize(); $get = new \System\HTTP\Request\Get(); $getData = $get->serialize(); @mysqli_query($link, "INSERT INTO syserror (syserror_code, syserror_string, syserror_file, syserror_line, syserror_timestamp, syserror_server_ip, syserror_ip, syserror_query, syserror_referer, syserror_request, syserror_stacktrace, syserror_post, syserror_get)\n\t VALUES ('{$errorNumber}', '{$errorString}', '{$escapedError}', '{$errorLine}', NOW(), '{$serverIp}', '{$ip}', '{$query}', '{$referer}', '{$request}', '{$escapedTrace}', '{$postData}', '{$getData}')"); @mysqli_close($link); //remove extended notices for cli mode if (\System\Server\SAPI::getSAPI() == \System\Server\SAPI::SAPI_CLI) { $errorPage = '{ERROR}'; } if (!defined('DEBUG')) { $errorPage = str_replace('{ERROR}', "<p><b>Details:</b></p><p>The page you requested could not be found. Please contact the webmaster.</p>", $errorPage); } else { $errorPage = str_ireplace("{ERROR}", "<p><b>Details:</b></p><p><b>Errorcode</b>: " . $errorNumber . " - " . self::translateErrorNumber($errorNumber) . "</p><p><b>Error message</b>: " . $errorNotice . "</p><p><b>Errorneous file</b>: " . $errorFile . "</p><p><b>On line</b>: " . $errorLine . "</p><p><b>Stacktrace</b>:<br />" . nl2br(strip_tags($stackTrace)) . "</p>", $errorPage); } //remove tags for cli mode if (\System\Server\SAPI::getSAPI() == \System\Server\SAPI::SAPI_CLI) { $errorPage = strip_tags(str_ireplace(array('<br />', '<br>', '<br/>', '</p><p>'), PHP_EOL, $errorPage)); } } } //terminate; in debug mode we output potentially harmfull info without escaping! $errorPage = str_replace('{ERROR}', "<p><b>Details:</b></p><p>(ERR: 1001) The page you requested could not be found. Please contact the webmaster.</p>" . (defined('DEBUG') ? '<p>' . $errorNotice . '</p>' : ''), $errorPage); echo $errorPage; }