Esempio n. 1
0
/**
* Boots the system and reads the configuration files. Should not be called manually.
*/
function __bootloader()
{
    //get the current path
    $currentPath = getcwd();
    //we make sure the last character of the current path is a separator
    if (substr($currentPath, -1) != '/') {
        $currentPath .= '/';
    }
    //these definitions must be present
    if (!defined('PATH_SYSTEM')) {
        throw new \Exception('PATH_SYSTEM is not set in paths.inc');
    }
    if (!defined('PATH_CONFIG')) {
        throw new \Exception('PATH_CONFIG is not set in paths.inc');
    }
    if (!defined('PATH_TEMP')) {
        throw new \Exception('PATH_TEMP is not set in paths.inc');
    }
    if (!defined('PATH_LOGS')) {
        throw new \Exception('PATH_LOGS is not set in paths.inc');
    }
    if (!defined('PATH_MODULES')) {
        throw new \Exception('PATH_MODULES is not set in paths.inc');
    }
    if (!defined('PATH_PAGECACHE_CACHE')) {
        throw new \Exception('PATH_PAGECACHE_CACHE is not set in paths.inc');
    }
    //define the security locks so we can include files
    define('InSite', null);
    define('System', null);
    //we define the default character sets to utf8
    mb_internal_encoding("UTF-8");
    //load the autoloader. After this call, all the classes can be called.
    $autoloader = PATH_SYSTEM . 'Autoload.class.php';
    if (file_exists($autoloader)) {
        require_once $autoloader;
    } else {
        throw new \Exception('Could not load ' . $autoloader . '. Please check the PATH_SYSTEM constant in your configuration!');
    }
    //debug parameters when the platform is our development platform
    if (\System\Server\OS::getOS() == \System\Server\OS::OS_WINDOWS) {
        defined('DEBUG') || define('DEBUG', null);
    }
    register_shutdown_function('\\System\\Db\\Database::handleShutdown');
    //boot the errorhandler and register the exception and error handlers
    \System\Error\ErrorHandler::getInstance();
    //set the timezone values
    defined('TIMEZONE_IDENTIFIER') || define('TIMEZONE_IDENTIFIER', 'Europe/Amsterdam');
    \System\Version::registerRequiredConfigDirective('TIMEZONE_IDENTIFIER');
    date_default_timezone_set(TIMEZONE_IDENTIFIER);
    //register
    $register = \System\Register\Register::getInstance();
    //we set the start timer
    \System\Calendar\Timer::getSystemExecutionTime();
    //config
    require_once PATH_CONFIG . 'site.inc';
    //initialize the language subsystem
    \System\Internationalization\Language::init();
    //initialize the system interaction system
    \System\System\Interaction\Event\SystemInteractionEvent::registerListeners();
    //register extra handlers if needed
    if (file_exists(PATH_CONFIG . 'handlers.inc')) {
        require_once PATH_CONFIG . 'handlers.inc';
    }
    //turn the displaying of errors off, when we are in production environment
    defined('DEBUG') || ini_set('display_errors', 0);
    //verify the required configuration variables
    __requirements();
    //check if the visitors ip address is allowed.
    if (!\System\HTTP\Visitor\PermaBan\PermaBan::isIPAllowed(\System\HTTP\Visitor\IP::getClientIP())) {
        header('HTTP/1.0 403 Forbidden');
        header('Status: 403 Forbidden');
        header('HTTP/1.1 403 Forbidden');
        exit;
    }
    //database
    $register->defaultDb = \System\Db\Database::getConnection();
    //we dont want to cache our output, as this allows access without revalidating
    header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
    //requestshizzle
    \System\Version::registerRequiredConfigDirective('DEFAULT_CONTROLLER');
    if (!defined('DEFAULT_CONTROLLER')) {
        throw new \System\Error\Exception\SystemException('The configuration is invalid: DEFAULT_CONTROLLER not set or invalid.');
    }
    $controller = \System\Web\Controller::callController();
    //do buffered output rendering if needed
    if ($controller->getRenderSetting() == \System\Web\Controller::RENDERER_ENABLED) {
        //render the surface
        $renderSurface = $controller->getRenderSurface();
        if (!$renderSurface) {
            throw new \System\Error\Exception\SystemException('Please make sure your controller action sets a RenderSurface!');
        }
        $controller->getRenderSurface()->execute();
    }
    //shutdown the system to prevent further execution of code
    exit;
}
Esempio n. 2
0
 /**
  * Outputs the error and logs it to a file.
  * Note that this function effectively halts the execution of our script.
  * @param int The errorlevel of the error.
  * @param string The message
  * @param string The file the error occured in
  * @param int The line number of the error
  * @param string The stacktrace as a string
  */
 protected static final function outputError($errorLevel, $errorNotice, $errorFile, $errorLine, $stackTrace)
 {
     //logging of the error goes here. This is done using classic SQL queries and manual connecting to the db,
     //because we dont want to be dependant of the system
     $errorPage = self::ERRORPAGE;
     if (defined('ERRORPAGE_CUSTOM')) {
         $errorPage = constant('ERRORPAGE_CUSTOM');
     }
     if (defined('DATABASE_HOST') && defined('DATABASE_USER') && defined('DATABASE_PASS') && defined('DATABASE_PORT') && defined('DATABASE_NAME')) {
         $link = @mysqli_connect(DATABASE_HOST, DATABASE_USER, DATABASE_PASS, DATABASE_NAME, DATABASE_PORT);
         if ($link) {
             $ip = @mysqli_real_escape_string($link, \System\HTTP\Visitor\IP::getClientIP());
             $serverIp = @mysqli_real_escape_string($link, \System\HTTP\Request\Request::getServerAddress());
             $query = @mysqli_real_escape_string($link, \System\HTTP\Request\Request::getQuery());
             $referer = @mysqli_real_escape_string($link, \System\HTTP\Request\Request::getReferer());
             $request = @mysqli_real_escape_string($link, \System\HTTP\Request\Request::getRequest());
             $errorNumber = @mysqli_real_escape_string($link, $errorLevel);
             $errorString = @mysqli_real_escape_string($link, $errorNotice);
             $escapedError = @mysqli_real_escape_string($link, $errorFile);
             $errorLine = @mysqli_real_escape_string($link, $errorLine);
             $escapedTrace = @mysqli_real_escape_string($link, $stackTrace);
             $post = new \System\HTTP\Request\Post();
             $postData = $post->serialize();
             $get = new \System\HTTP\Request\Get();
             $getData = $get->serialize();
             @mysqli_query($link, "INSERT INTO syserror (syserror_code, syserror_string, syserror_file, syserror_line, syserror_timestamp, syserror_server_ip, syserror_ip, syserror_query, syserror_referer, syserror_request, syserror_stacktrace, syserror_post, syserror_get)\n\t                VALUES ('{$errorNumber}', '{$errorString}', '{$escapedError}', '{$errorLine}', NOW(), '{$serverIp}', '{$ip}', '{$query}', '{$referer}', '{$request}', '{$escapedTrace}', '{$postData}', '{$getData}')");
             @mysqli_close($link);
             //remove extended notices for cli mode
             if (\System\Server\SAPI::getSAPI() == \System\Server\SAPI::SAPI_CLI) {
                 $errorPage = '{ERROR}';
             }
             if (!defined('DEBUG')) {
                 $errorPage = str_replace('{ERROR}', "<p><b>Details:</b></p><p>The page you requested could not be found. Please contact the webmaster.</p>", $errorPage);
             } else {
                 $errorPage = str_ireplace("{ERROR}", "<p><b>Details:</b></p><p><b>Errorcode</b>: " . $errorNumber . " - " . self::translateErrorNumber($errorNumber) . "</p><p><b>Error message</b>: " . $errorNotice . "</p><p><b>Errorneous file</b>: " . $errorFile . "</p><p><b>On line</b>: " . $errorLine . "</p><p><b>Stacktrace</b>:<br />" . nl2br(strip_tags($stackTrace)) . "</p>", $errorPage);
             }
             //remove tags for cli mode
             if (\System\Server\SAPI::getSAPI() == \System\Server\SAPI::SAPI_CLI) {
                 $errorPage = strip_tags(str_ireplace(array('<br />', '<br>', '<br/>', '</p><p>'), PHP_EOL, $errorPage));
             }
         }
     }
     //terminate; in debug mode we output potentially harmfull info without escaping!
     $errorPage = str_replace('{ERROR}', "<p><b>Details:</b></p><p>(ERR: 1001) The page you requested could not be found. Please contact the webmaster.</p>" . (defined('DEBUG') ? '<p>' . $errorNotice . '</p>' : ''), $errorPage);
     echo $errorPage;
 }