function logCacheThrottle() { // saves a log of the last hour of cachecontrol in the log folder, it can be accessed or viewed by the console. This is not used other than logging if (!isset($this->parent->storage['CORE_CACHECONTROL'])) { $this->startCaches(); } $average = $this->parent->storage['CORE_CACHECONTROL'][0]; $cmod = $this->parent->storage['CORE_CACHECONTROL'][1]; $cc = array(); if (is_file(CONS_PATH_LOGS . "cachecontrol.dat")) { $cc = unserialize(cReadFile(CONS_PATH_LOGS . "cachecontrol.dat")); if (!is_array($cc)) { $cc = array(); } } $thisEntry = array(date("Y-m-d H:i:s"), $average, $cmod); $cc[] = $thisEntry; // cleanup to show only the whole last week (24*7=168) while (count($cc) > 168) { array_shift($cc); } cWriteFile(CONS_PATH_LOGS . "cachecontrol.dat", serialize($cc)); }
$temp = $siteObj->techo($outputData) . $temp; } } if ($highest == 0) { $highest = 1; } for ($c = 0; $c < 7; $c++) { $pct = ceil(38 * $week[$c] / $highest); $core->template->assign("allhits" . $c, 38 - $pct); $core->template->assign("allhits" . $c . 'b', $pct); } $core->template->assign("allvisits", $totalHoje . " / " . $total); $core->template->assign("_site", $temp); # botprotect $throttleFiles = listFiles(CONS_PATH_TEMP, "@throttle_(.*)\\.dat@i"); $out = ""; $IPs = 0; foreach ($throttleFiles as $tf) { $thd = @unserialize(cReadFile(CONS_PATH_TEMP . $tf)); preg_match("@throttle_(.*)\\.dat@", $tf, $regs); $ip = str_replace("_", ":", $regs[1]); foreach ($thd as $thname => $thditem) { if (substr($thname, 0, 4) == "hits") { $IPs++; } else { $out .= "<span style='color:#ee1111'>" . $ip . " BANNED SINCE " . $thditem . "</span>\n"; } } } $out .= "IPs monitored: {$IPs}\n"; $core->template->assign("botprotect", $out);
<?php // ------------------------ Honeypot list bootup (catching is done inside core::checkDirectLink) // do not call this if you already know the useragent is a bot (double check is pointless) if (!isset($_SESSION[CONS_SESSION_HONEYPOTLIST])) { $_SESSION[CONS_SESSION_HONEYPOTLIST] = @unserialize(cReadFile(CONS_PATH_TEMP . "honeypot.dat")); // this file is reset DAILY on cron if (!is_array($_SESSION[CONS_SESSION_HONEYPOTLIST])) { $_SESSION[CONS_SESSION_HONEYPOTLIST] = array(); } } if (in_array($_SERVER['HTTP_USER_AGENT'], $_SESSION[CONS_SESSION_HONEYPOTLIST])) { // we know user agent is set otherwise it would be a bot already $core->isbot = true; }
function fget($url, $login, $pass, $file, $tries = 1, $tmpfile = "", $mode = FTP_ASCII) { if ($tmpfile == "") { $tmpfile = "tmpdlw.tmp"; } if (is_file($tmpfile)) { @unlink($tmpfile); } while ($tries > 0) { $fp = ftp_connect($url); if ($fp) { $login = ftp_login($fp, $login, $pass); if ($login) { ftp_pasv($fp, true); $handle = fopen($tmpfile, 'w'); $sucess = ftp_fget($fp, $handle, $file, $mode); if ($sucess) { ftp_close($fp); fclose($handle); return cReadFile($tmpfile); } else { fclose($handle); if (is_file($tmpfile)) { @unlink($tmpfile); } // incomplete? } } ftp_close($fp); unset($fp); $tries--; if ($tries > 0) { sleep(1); } } } return false; }
#################### LISTING ########################## if (isset($module->options[CONS_MODULE_LISTING]) && !is_array($module->options[CONS_MODULE_LISTING]) && $module->options[CONS_MODULE_LISTING] != "") { $module->options[CONS_MODULE_LISTING] = explode(",", $module->options[CONS_MODULE_LISTING]); } if (!isset($module->options[CONS_MODULE_LISTING]) || !is_array($module->options[CONS_MODULE_LISTING]) || count($module->options[CONS_MODULE_LISTING]) == 0) { $toShow = false; // check admin cache for listing (created at module[bi_adm]::buildAdminMenu when at the index, usually) $file = CONS_PATH_CACHE . $_SESSION['CODE'] . "/admin" . $_SESSION[CONS_SESSION_ACCESS_USER]['id_group'] . ".cache"; // HTML output with normal menu if (!is_file($file)) { $this->buildAdminMenu(); } // no cache, create it if (is_file($file)) { // we have the cache of admin.xml (might had some error above) $admxml = unserialize(cReadFile($file)); if (is_object($admxml)) { function checkXMLlisting(&$xml, $moduleName) { // does the current node have the listing for my module if (isset($xml->data['module']) && $xml->data['module'] == $moduleName && isset($xml->data['listing'])) { // yes ... return (explode) return explode(",", $xml->data['listing']); } $total = $xml->total(); for ($c = 0; $c < $total; $c++) { $response = checkXMLlisting($xml->branchs[$c], $moduleName); if ($response !== false) { return $response; } // found it!
function importer() { $htmlIMG = $_REQUEST['imgpath']; $cssIMG = $_REQUEST['cssimgpath']; // improves/fix css, in and out $cssFiles = listFiles(CONS_PATH_PAGES . $_SESSION["CODE"] . "/files/", '/^.*\\.css$/i'); foreach ($cssFiles as $cF) { $css = cReadFile(CONS_PATH_PAGES . $_SESSION["CODE"] . "/files/" . $cF); $css = str_replace($cssIMG, "", $css); $css = str_replace(" ", "\t", $css); cWriteFile(CONS_PATH_PAGES . $_SESSION["CODE"] . "/files/" . $cF, $css); } // improves/fix html, in $htmlFiles = listFiles(CONS_PATH_PAGES . $_SESSION["CODE"] . "/template/", '/^([^_]).*\\.html$/i'); $htmlSTR = array(); $cut = array(); foreach ($htmlFiles as $hF) { $htmlSTR[$hF] = cReadFile(CONS_PATH_PAGES . $_SESSION["CODE"] . "/template/" . $hF); $htmlSTR[$hF] = str_replace($htmlIMG, "{IMG_PATH}", $htmlSTR[$hF]); $htmlSTR[$hF] = str_replace(" ", "\t", $htmlSTR[$hF]); $bodyPos = strpos($htmlSTR[$hF], "<body>"); if ($bodyPos !== false) { $htmlSTR[$hF] = substr($htmlSTR[$hF], $bodyPos + 6); $htmlSTR[$hF] = str_replace("</body>", "", $htmlSTR[$hF]); } else { $bodyPos = strpos($htmlSTR[$hF], "<body"); if ($bodyPos !== false && $bodyPos != 0) { $htmlSTR[$hF] = substr($htmlSTR[$hF], $bodyPos - 1); } } $htmlSTR[$hF] = str_replace("</html>", "", $htmlSTR[$hF]); cWriteFile(CONS_PATH_PAGES . $_SESSION["CODE"] . "/template/" . $hF . ".out", $htmlSTR[$hF]); } // locate patterns within the files, using index.html //{CORE_DEBUG} {FRAME_CONTENT} echo "css replaced, html outputed as .out, frame breaking not implemented"; #TODO: die; }
} // 2 day ago $previousDay = datecalc(date("Y-m-d"), 0, 0, -2); $previousDay = str_replace("-", "", $previousDay); if (is_file(CONS_PATH_LOGS . $_SESSION['CODE'] . "/act" . $previousDay . ".log")) { appendActs($core, $temp, $template, explode("\n", cReadFile(CONS_PATH_LOGS . $_SESSION['CODE'] . "/act" . $previousDay . ".log"))); } // 1 day ago $previousDay = datecalc(date("Y-m-d"), 0, 0, -1); $previousDay = str_replace("-", "", $previousDay); if (is_file(CONS_PATH_LOGS . $_SESSION['CODE'] . "/act" . $previousDay . ".log")) { appendActs($core, $temp, $template, explode("\n", cReadFile(CONS_PATH_LOGS . $_SESSION['CODE'] . "/act" . $previousDay . ".log"))); } # Today $previousDay = date("Ymd"); if (is_file(CONS_PATH_LOGS . $_SESSION['CODE'] . "/act" . $previousDay . ".log")) { appendActs($core, $temp, $template, explode("\n", cReadFile(CONS_PATH_LOGS . $_SESSION['CODE'] . "/act" . $previousDay . ".log"))); } $core->template->assign("_actions", $temp); //404 errors 24h if (isset($_REQUEST['clean404'])) { @unlink(CONS_PATH_LOGS . $_SESSION['CODE'] . "/404.log"); } else { if (is_file(CONS_PATH_LOGS . $_SESSION['CODE'] . "/404.log")) { $core->template->assignFile("log404", CONS_PATH_LOGS . $_SESSION['CODE'] . "/404.log", false, true); } } //pm log 24h if (is_file(CONS_PATH_LOGS . $_SESSION['CODE'] . "/pm.log")) { $core->template->assignFile('logpm', CONS_PATH_LOGS . $_SESSION['CODE'] . "/pm.log", false, true); }
# step 1: easy check if this IP is banned, if so, bye if (isset($_SESSION['BOTPROTECT_BANNED'])) { // session controlled ban include_once CONS_PATH_INCLUDE . "datetime.php"; $td = time_diff($now, $_SESSION['BOTPROTECT_BANNED']); if ($td < CONS_BOTPROTECT_BANTIME * 60) { header($_SERVER["SERVER_PROTOCOL"] . " 403 Forbidden"); echo str_replace("{MORE}", CONS_BOTPROTECT_BANTIME * 60 - $td, str_replace("{TS}", $_SESSION['BOTPROTECT_BANNED'], $throttle)); die; } else { unset($_SESSION['BOTPROTECT_BANNED']); } } # step 2: load ip controller (non session related) and check it if (is_file($filename)) { $thd = @unserialize(cReadFile($filename)); if (!is_array($thd)) { $thd = array(); } } else { $thd = array(); } if (isset($thd['banned'])) { include_once CONS_PATH_INCLUDE . "datetime.php"; $td = time_diff($now, $thd['banned']); if ($td < CONS_BOTPROTECT_BANTIME * 60) { header($_SERVER["SERVER_PROTOCOL"] . " 403 Forbidden"); echo str_replace("{MORE}", CONS_BOTPROTECT_BANTIME * 60 - $td, str_replace("{TS}", $now, $throttle)); die; } else { unset($thd['banned']);
function onEcho(&$PAGE) { $core =& $this->parent; if (CONS_ECONOMICMODE && $core->isbot) { return; } $pageToBelogged = substr($core->original_context_str, 1); if ($pageToBelogged != "" && $pageToBelogged[strlen($pageToBelogged) - 1] != "/") { $pageToBelogged .= "/"; } $core =& $this->parent; if ($pageToBelogged != '') { if (isset($core->dimconfig['nostats']) && strpos(',/rss,' . $core->dimconfig['nostats'], ',' . $pageToBelogged . $core->action) !== false) { $this->doNotLogMe = true; } if (isset($core->dimconfig['nostats']) && strpos(',' . $core->dimconfig['nostats'], ',' . $pageToBelogged) !== false) { $this->doNotLogMe = true; } } if ($core->action == '404' || $core->action == '403') { $this->doNotLogMe = true; } if (!$this->doNotLogMe || $this->forceLogMe) { # what page are we logging (original call always) $act = $core->original_action; if ($act == "") { $act = "index"; } else { if (strpos($act, ".") !== false) { $act = explode(".", $act); // remove extension: array_pop($act); $act = implode(".", $act); } } $pageToBelogged .= $act; $pageToBelogged = str_replace('"', "", $pageToBelogged); # there are exploits everywhere! # is this a BOT? atm we consider unknown browsers as bots (some obvious crawlers are already set to unknown, see getBrowser.php) to make this faster, if CONS_HONEYPOT is on, will also detect bots using a honeypot $isBot = $core->isbot; # -- Check for "ignore ip" $iip = isset($this->parent->dimconfig['bi_statsignoreip']) ? $this->parent->dimconfig['bi_statsignoreip'] : ''; $iip = explode(",", $iip); $ignoreme = false; foreach ($iip as $ip) { $ip = trim($ip); if ($ip != '' && strpos(CONS_IP, trim($ip)) !== -1) { $ignoreme = true; break; } } if ($ignoreme) { return; } // is an IP to be ignored # -- Administrator logged in, log a-hit if ($_SESSION[CONS_SESSION_ACCESS_LEVEL] > $this->admRestrictionLevel) { $id = isset($_REQUEST['id']) && is_numeric($_REQUEST['id']) ? $_REQUEST['id'] : 0; $x = $core->dbo->fetch("SELECT hits FROM " . $core->modules['stats']->dbname . " WHERE data = '" . date("Y-m-d") . "' AND hour = '" . date("H") . "' AND page=\"" . $pageToBelogged . "\" AND hid=\"" . $id . "\" AND lang=\"" . $_SESSION[CONS_SESSION_LANG] . "\""); if ($x === false) { $ok = $core->dbo->simpleQuery("INSERT INTO " . $core->modules['stats']->dbname . " SET data = '" . date("Y-m-d") . "' , hour = '" . date("H") . "' , page=\"" . $pageToBelogged . "\" , hid=\"" . $id . "\", hits=0, uhits=0, bhits=0, ahits=1, rhits=0, lang=\"" . $_SESSION[CONS_SESSION_LANG] . "\""); if (!$ok) { $lastError = $this->parent->dbo->log[count($this->parent->dbo->log) - 1]; if (strpos(strtolower($lastError), "duplicate") !== false) { // concurrent INSERT happened first! use update array_pop($this->parent->dbo->log); // ignore this error please $core->dbo->simpleQuery("UPDATE " . $core->modules['stats']->dbname . " SET ahits=ahits+1 WHERE data = '" . date("Y-m-d") . "' AND hour = '" . date("H") . "' AND page=\"" . $pageToBelogged . "\" AND hid=\"" . $id . "\" AND lang=\"" . $_SESSION[CONS_SESSION_LANG] . "\""); } } } else { $core->dbo->simpleQuery("UPDATE " . $core->modules['stats']->dbname . " SET ahits=ahits+1 WHERE data = '" . date("Y-m-d") . "' AND hour = '" . date("H") . "' AND page=\"" . $pageToBelogged . "\" AND hid=\"" . $id . "\" AND lang=\"" . $_SESSION[CONS_SESSION_LANG] . "\""); } if ($this->doNotLogAdmins) { return; } } # -- BOT STATS (if it's a bot, leave after this part) -- if ($this->logBOTS) { $fd = fopen(CONS_PATH_LOGS . $_SESSION['CODE'] . "/bots" . date("Ymd") . ".log", "a"); if ($fd) { fwrite($fd, date("H:i:s") . " " . CONS_IP . " [" . (isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : "") . "] " . $pageToBelogged . "\n"); fclose($fd); } } if ($isBot) { $core->dbo->query("SELECT hits FROM " . $core->modules['statsbots']->dbname . " WHERE data='" . date("Y-m-d") . "'", $r, $n); if ($n == 0) { # first bot visit $ok = $core->dbo->simpleQuery("INSERT INTO " . $core->modules['statsbots']->dbname . " SET hits=1,data='" . date("Y-m-d-") . "'"); if (!$ok) { $lastError = $this->parent->dbo->log[count($this->parent->dbo->log) - 1]; if (strpos(strtolower($lastError), "duplicate") !== false) { // concurrent INSERT happened first! use update array_pop($this->parent->dbo->log); // ignore this error please $core->dbo->simpleQuery("UPDATE " . $core->modules['statsbots']->dbname . " SET hits=hits+1 WHERE data='" . date("Y-m-d-") . "'"); } } } else { $core->dbo->simpleQuery("UPDATE " . $core->modules['statsbots']->dbname . " SET hits=hits+1 WHERE data='" . date("Y-m-d-") . "'"); } return; # no more stats for bots } # -- end BOT stats $browser = ""; $legacy = false; list($browser, $legacy, $ismob) = getBrowser(); # -- prepare cookie/IP monitoring variables $logByIP = false; $alreadyVisited = false; if ($core->dbo->query("SELECT page,fullpath FROM " . $core->modules['statsrt']->dbname . " WHERE ip='" . CONS_IP . "'", $r, $n) && $n != 0) { list($page, $fullpath) = $core->dbo->fetch_row($r); $alreadyVisited = true; // by IP } else { $page = ""; $fullpath = ""; } # -- REFERER STATS -- if (!isset($_COOKIE['session_visited'])) { // no cookies, first visit or cookies disabled if ($this->detectVisitorByIP && $alreadyVisited) { // NOT first visit, but no cookies?, and we want to track by IP $logByIP = true; } if (!$logByIP) { $partial_referer = str_replace("www.", "", $core->domain); // www.prescia.net -> prescia.net (might be at sub-domain) $http_referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''; if ($http_referer == "" || strpos($http_referer, $partial_referer) === false && strpos($partial_referer, '.') !== false) { # valid external REFERER OR empty (bookmark) $referer = str_replace("http://", "", $http_referer); $referer = str_replace("https://", "", $referer); $referer = str_replace('"', "", $referer); # die exploits, die $domain = explode("/", $referer); $domain = $domain[0]; // lets get some search engines here (faster than preg) if (strpos($domain, ".google.") !== false) { $domain = "*.google.*"; } else { if (strpos($domain, ".yahoo.") !== false) { $domain = "*.yahoo.*"; } else { if (strpos($domain, ".facebook.com") !== false) { $domain = "*.facebook.com"; } else { if (strpos($domain, ".bing.") !== false) { $domain = "*.bing.*"; } else { if (strpos($domain, "busca.uol.") !== false) { $domain = "busca.uol.*"; } else { if (strpos($domain, ".mail.") !== false || substr($domain, 0, 5) == "mail." || strpos($domain, ".webmail.") !== false || substr($domain, 0, 8) == "webmail.") { $domain = "MAIL"; } else { if (strlen($domain) > 50) { $domain = substr($domain, 0, 47) . "..."; } } } } } } } $core->dbo->query("SELECT hits, pages FROM " . $core->modules['statsref']->dbname . " WHERE data='" . date("Y-m-d") . "' AND referer=\"{$domain}\" AND entrypage=\"" . $pageToBelogged . "\"", $r, $n); if ($n > 0) { list($hits, $pages) = $core->dbo->fetch_row($r); } else { $hits = 0; $pages = ""; } $hits++; if (strpos($pages, $referer . ",") === false) { $pages .= cleanString($referer) . ","; } if ($n == 0) { $ok = $core->dbo->simpleQuery("INSERT INTO " . $core->modules['statsref']->dbname . " SET data='" . date("Y-m-d") . "', referer=\"{$domain}\", entrypage=\"" . $pageToBelogged . "\", hits={$hits}, pages=\"" . $pages . "\""); if (!$ok) { $lastError = $this->parent->dbo->log[count($this->parent->dbo->log) - 1]; if (strpos(strtolower($lastError), "duplicate") !== false) { // concurrent INSERT happened first! use update array_pop($this->parent->dbo->log); // ignore this error please $core->dbo->simpleQuery("UPDATE " . $core->modules['statsref']->dbname . " SET hits={$hits}, pages=\"" . $pages . "\" WHERE data='" . date("Y-m-d") . "' AND referer=\"{$domain}\" AND entrypage=\"" . $pageToBelogged . "\""); } } } else { $core->dbo->simpleQuery("UPDATE " . $core->modules['statsref']->dbname . " SET hits={$hits}, pages=\"" . $pages . "\" WHERE data='" . date("Y-m-d") . "' AND referer=\"{$domain}\" AND entrypage=\"" . $pageToBelogged . "\""); } } # not log by IP (is set if detected this IP already visited in the last 15 min, but has no cookies) } # if valid } # if new entry # -- end referer and query stats -- # -- REAL TIME/Location STATS -- $ok = false; // we will use this to control if we try second+ visit on concurrent include if (!$alreadyVisited) { $ok = true; # first visit if (!isset($referer)) { # should be set at referer stats $referer = str_replace("http://", "", isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ""); $referer = str_replace("https://", "", $referer); } $whatToSave = CONS_BROWSER_ISMOB ? "MO" : CONS_BROWSER; $ok = $core->dbo->simpleQuery("INSERT INTO " . $core->modules['statsrt']->dbname . " SET ip='" . CONS_IP . "', page=\"" . $pageToBelogged . "\", pagelast=\"" . $pageToBelogged . "\", agent=\"" . $browser . "\", agentcode=\"" . $whatToSave . "\", fullpath=\"" . $pageToBelogged . ",\", data=NOW(), data_ini=NOW(), referer=\"{$referer}\"", true); if (!$ok) { $lastError = $this->parent->dbo->log[count($this->parent->dbo->log) - 1]; if (strpos(strtolower($lastError), "duplicate") === false) { // concurrent INSERT happened first! use update array_pop($this->parent->dbo->log); // ignore this error please } } } if (!$ok) { # second+ visit or concurrent include if ($page != $pageToBelogged) { $fullpath .= $pageToBelogged . ","; } $core->dbo->simpleQuery("UPDATE " . $core->modules['statsrt']->dbname . " SET page=\"" . $pageToBelogged . "\", pagelast=\"{$page}\", data=NOW(), fullpath=\"{$fullpath}\" WHERE ip='" . CONS_IP . "'"); # -- STATS PATH -- $count = $core->dbo->fetch("SELECT hits FROM " . $core->modules['statspath']->dbname . " WHERE data='" . date("Y-m-d") . "' AND page=\"{$page}\" AND pagefoward=\"" . $pageToBelogged . "\""); if ($count === false) { $ok = $core->dbo->simpleQuery("INSERT INTO " . $core->modules['statspath']->dbname . " SET data='" . date("Y-m-d") . "', page=\"{$page}\", pagefoward=\"" . $pageToBelogged . "\", hits=1"); if (!$ok) { $lastError = $this->parent->dbo->log[count($this->parent->dbo->log) - 1]; if (strpos(strtolower($lastError), "duplicate") !== false) { // concurrent INSERT happened first! use update array_pop($this->parent->dbo->log); // ignore this error please $core->dbo->simpleQuery("UPDATE " . $core->modules['statspath']->dbname . " SET hits=hits+1 WHERE data='" . date("Y-m-d") . "' AND page=\"{$page}\" AND pagefoward=\"" . $pageToBelogged . "\""); } } } else { $core->dbo->simpleQuery("UPDATE " . $core->modules['statspath']->dbname . " SET hits=hits+1 WHERE data='" . date("Y-m-d") . "' AND page=\"{$page}\" AND pagefoward=\"" . $pageToBelogged . "\""); } # -- end STATS PATH -- } # -- end STATS PATH and REAL TIME -- # -- HIT/UHIT/BHIT/AHITS stats -- (BHIT = browsing hit = acceptance, one per visitor) $id = isset($_REQUEST['id']) && is_numeric($_REQUEST['id']) ? $_REQUEST['id'] : 0; $isReturning = isset($_COOKIE['akr_returning']); $isAdm = str_replace("/", "", $this->parent->context_str) == $this->admFolder; $x = $core->dbo->fetch("SELECT hits FROM " . $core->modules['stats']->dbname . " WHERE data = '" . date("Y-m-d") . "' AND hour = '" . date("H") . "' AND page=\"" . $pageToBelogged . "\" AND hid=\"" . $id . "\" AND lang=\"" . $_SESSION[CONS_SESSION_LANG] . "\""); $ok = true; // also control concurrent includes from here if ($x === false) { # FIRST hit on this page here today if (!isset($_COOKIE['session_visited']) && !$logByIP) { // no cookie and we do not want to log by IP // first hit (1 1 0) $ok = $core->dbo->simpleQuery("INSERT INTO " . $core->modules['stats']->dbname . " SET data = '" . date("Y-m-d") . "' , hour = '" . date("H") . "' , page=\"" . $pageToBelogged . "\" , hid=\"" . $id . "\", hits=1, uhits=1, bhits=0, ahits=" . ($isAdm ? 1 : 0) . ", rhits=" . ($isReturning ? "1" : "0") . ", lang=\"" . $_SESSION[CONS_SESSION_LANG] . "\""); if (!$isReturning) { @setcookie("akr_returning", '1', Time() + 86400); } // 1 day @setcookie("session_visited", '1', Time() + 3600); // 60 min } else { if (!$logByIP && $_COOKIE['session_visited'] == 1) { // when logging by IP, we can't gather acceptance/browsing (b) hits // second hit (1 0 1) $ok = $core->dbo->simpleQuery("INSERT INTO " . $core->modules['stats']->dbname . " SET data = '" . date("Y-m-d") . "' , hour = '" . date("H") . "' , page=\"" . $pageToBelogged . "\" , hid=\"" . $id . "\", hits=1, uhits=0, bhits=1, ahits=" . ($isAdm ? 1 : 0) . ", rhits=0, lang=\"" . $_SESSION[CONS_SESSION_LANG] . "\""); @setcookie("session_visited", '2', Time() + 3600); // 60 min } else { // third+ hit (1 0 0) $ok = $core->dbo->simpleQuery("INSERT INTO " . $core->modules['stats']->dbname . " SET data = '" . date("Y-m-d") . "' , hour = '" . date("H") . "' , page=\"" . $pageToBelogged . "\" , hid=\"" . $id . "\", hits=1, uhits=0, bhits=0, ahits=" . ($isAdm ? 1 : 0) . ", rhits=0, lang=\"" . $_SESSION[CONS_SESSION_LANG] . "\""); @setcookie("session_visited", '2', Time() + 3600); // 60 min } } if (!$ok) { $lastError = $this->parent->dbo->log[count($this->parent->dbo->log) - 1]; if (strpos(strtolower($lastError), "duplicate") !== false) { // concurrent INSERT happened first! use update array_pop($this->parent->dbo->log); // ignore this error please } } } if (!$ok || $x !== false) { // second+ hit of day if (!isset($_COOKIE['session_visited']) && !$logByIP) { // first hit 1 1 0 $core->dbo->simpleQuery("UPDATE " . $core->modules['stats']->dbname . " SET hits=hits+1, uhits=uhits+1 " . ($isReturning ? ", rhits=rhits+1" : "") . ($isAdm ? ", ahits=ahits+1" : "") . " WHERE data = '" . date("Y-m-d") . "' AND hour = '" . date("H") . "' AND page=\"" . $pageToBelogged . "\" AND hid=\"" . $id . "\" AND lang=\"" . $_SESSION[CONS_SESSION_LANG] . "\""); if (!$isReturning) { @setcookie("akr_returning", '1', Time() + 86400); } // 1 day @setcookie("session_visited", '1', Time() + 3600); // 60 min } else { if (!$logByIP && $_COOKIE['session_visited'] == 1) { // second hit (1 0 1) $core->dbo->simpleQuery("UPDATE " . $core->modules['stats']->dbname . " SET hits=hits+1, bhits=bhits+1" . ($isAdm ? ", ahits=ahits+1" : "") . " WHERE data = '" . date("Y-m-d") . "' AND hour = '" . date("H") . "' AND page=\"" . $pageToBelogged . "\" AND hid=\"" . $id . "\" AND lang=\"" . $_SESSION[CONS_SESSION_LANG] . "\""); @setcookie("session_visited", '2', Time() + 3600); // 60 min } else { // third+ hit (1 0 0) $core->dbo->simpleQuery("UPDATE " . $core->modules['stats']->dbname . " SET hits=hits+1" . ($isAdm ? ", ahits=ahits+1" : "") . " WHERE data = '" . date("Y-m-d") . "' AND hour = '" . date("H") . "' AND page=\"" . $pageToBelogged . "\" AND hid=\"" . $id . "\" AND lang=\"" . $_SESSION[CONS_SESSION_LANG] . "\""); @setcookie("session_visited", '2', Time() + 3600); // 60 min } } } # -- end HIT/UHIT/BHIT stats -- # -- BROWSER stats -- if ($browser != "") { if ($ismob) { $browser .= " (mob)"; } $visits = $core->dbo->fetch("SELECT hits FROM " . $core->modules['statsbrowser']->dbname . " WHERE data='" . date("Y-m-d") . "' AND browser=\"{$browser}\""); if ($visits === false) { # first $ok = $core->dbo->simpleQuery("INSERT INTO " . $core->modules['statsbrowser']->dbname . " SET data=NOW(), browser=\"{$browser}\",hits=1"); if (!$ok) { $lastError = $this->parent->dbo->log[count($this->parent->dbo->log) - 1]; if (strpos(strtolower($lastError), "duplicate") !== false) { // concurrent INSERT happened first! use update array_pop($this->parent->dbo->log); // ignore this error please $core->dbo->simpleQuery("UPDATE " . $core->modules['statsbrowser']->dbname . " SET hits=hits+1 WHERE data='" . date("Y-m-d") . "' AND browser=\"{$browser}\""); } } } else { # second+ visit $core->dbo->simpleQuery("UPDATE " . $core->modules['statsbrowser']->dbname . " SET hits=hits+1 WHERE data='" . date("Y-m-d") . "' AND browser=\"{$browser}\""); } } # -- end Browser stats -- # -- RESOLUTION stats -- if (isset($_SESSION[CONS_USER_RESOLUTION])) { $visits = $core->dbo->fetch("SELECT hits FROM " . $core->modules['statsres']->dbname . " WHERE data='" . date("Y-m-d") . "' AND resolution=\"" . $_SESSION[CONS_USER_RESOLUTION] . "\""); if ($visits === false) { # first $ok = $core->dbo->simpleQuery("INSERT INTO " . $core->modules['statsres']->dbname . " SET data=NOW(), resolution=\"" . $_SESSION[CONS_USER_RESOLUTION] . "\",hits=1"); if (!$ok) { $lastError = $this->parent->dbo->log[count($this->parent->dbo->log) - 1]; if (strpos(strtolower($lastError), "duplicate") !== false) { // concurrent INSERT happened first! use update array_pop($this->parent->dbo->log); // ignore this error please $core->dbo->simpleQuery("UPDATE " . $core->modules['statsres']->dbname . " SET hits=hits+1 WHERE data='" . date("Y-m-d") . "' AND resolution=\"" . $_SESSION[CONS_USER_RESOLUTION] . "\""); } } } else { # second+ visit $core->dbo->simpleQuery("UPDATE " . $core->modules['statsres']->dbname . " SET hits=hits+1 WHERE data='" . date("Y-m-d") . "' AND resolution=\"" . $_SESSION[CONS_USER_RESOLUTION] . "\""); } } } ## BENCHMARK ## if (CONS_ECONOMICMODE || isset($core->dimconfig['nobenchstats']) && strpos(',' . $core->dimconfig['nobenchstats'], ',' . $core->action) !== false) { return; # ignore benchmark on this page } $totalTime = scriptTime() * 1000; $file = CONS_PATH_LOGS . $_SESSION['CODE'] . "/scripttime.dat"; $data = array(date('H'), 0, 0, 0, 0, 0, array()); // hour, max time w/o cache, max time w/ cache, bot hits today, normal hits today, last week average, browser array if (is_file($file)) { $data = unserialize(cReadFile($file)); } if (!is_array($data) || count($data) < 5) { $data = array(date('H'), 0, 0, 0, 0, 0, array()); } // error above if ($data[0] != date('H')) { $data = array(date('H'), 0, 0, 0, 0, 0, array()); } // reset if (CONS_CACHE && $this->parent->cacheControl->contentFromCache) { if ($data[2] < $totalTime) { # this hit took longer $data[2] = $totalTime; if ($data[4] > 0) { # other stats are ok, just save the new data and leave cWriteFile($file, serialize($data)); return; } } else { # first hit should never get here, so we will end up on resetSTdata return; } } else { if ($data[1] < $totalTime) { # this hit took longer $data[1] = $totalTime; if ($data[4] > 0) { # other stats are ok, just save the new data and leave cWriteFile($file, serialize($data)); return; } } else { # first hit should never get here, so we will end up on resetSTdata return; } } # if reached this line, stats for hits is not full and we want to save it $this->resetSTdata($data); }
} $code = $_REQUEST['code']; $logs = ""; $template = $core->template->get("_error"); if (is_file(CONS_PATH_LOGS . $code . "/err" . date('Ymd') . ".log")) { function appendErrors(&$core, &$output, &$template, $data) { foreach ($data as $line) { $line = explode("|", $line); # date|id_client|uri|errCode|module|parameters|extended parameters|log[|...] $coreData = array(); $coreData['date'] = array_shift($line); $coreData['id_client'] = array_shift($line); $coreData['uri'] = array_shift($line); $coreData['errCode'] = array_shift($line); $coreData['module'] = array_shift($line); $coreData['parameters'] = array_shift($line); $coreData['extended'] = array_shift($line); $coreData['log'] = implode("|", $line); if (is_numeric($coreData['errCode']) && isset($core->errorControl->ERRORS[$coreData['errCode']])) { $errorLevel = $core->errorControl->ERRORS[$coreData['errCode']]; $coreData['level'] = $errorLevel < 10 ? 0 : ($errorLevel < 20 ? 1 : 2); $output .= $template->techo($coreData); } } } appendErrors($core, $logs, $template, explode("\n", cReadFile(CONS_PATH_LOGS . $code . "/err" . date('Ymd') . ".log"))); } else { $logs = "No log"; } $core->template->assign("_error", $logs);
function console($core, $command) { if (defined('CONS_AUTH_USERMODULE') && $_SESSION[CONS_SESSION_ACCESS_LEVEL] < 100) { echo 'access denied'; $core->close(); } $words = explode(" ", trim($command)); if ($words[0] == "help" || $words[0] == "?") { echo "clear - clears the console screen<br/>"; // implemented on the HTML/js echo "delete [key] - deletes a key off dimconfig<br/>"; echo "dev [on|off] - enable/disable developer assistent plugin (affbi_dev)<br/>"; echo "test - returns a bi_dev fulltest<br/>"; echo "dump [dimconfig|session|constants|config] - displays the contents of the dimconfig, session or constant variables<br/>"; //echo "compileaff - compiles aff distribution into new/ folder<br/>"; echo "dbfill - adds up to 10 random items on EVERY database of the site<br/>"; echo "set [variable] [value] - sets a dimconfig variable<br/>"; echo "cache - displays the full cacheThrottle log, as well current values<br/>"; echo "purge [log|cache|bans|all] - purches all server-side log, cache, ip bans or all these options<br/>"; echo "ip - Shows local/server IP's"; $core->close(); } if ($words[0] == "set" && isset($words[1]) && isset($words[2])) { $core->dimconfig[$words[1]] = $words[2]; echo $words[1] . " set to '" . $words[2] . "'"; $core->saveConfig(true); $core->close(); } if ($words[0] == "ip") { echo "SERVER IP: " . GetIP(false) . "<br/>"; echo "ON SERVER: " . (CONS_ONSERVER ? "true" : "false") . "<br/>"; echo "REMOTE IP: " . CONS_IP; $core->close(); } if ($words[0] == "delete") { if (isset($core->dimconfig[$words[1]])) { unset($core->dimconfig[$words[1]]); $core->saveConfig(true); echo "dimconfig keyword deleted"; } else { echo "dimconfig keyword not found"; } $core->close(); } if ($words[0] == "dev") { if ($words[1] == "on" || $words[1] == '1') { if (isset($core->loadedPlugins['bi_dev'])) { echo "dev already on"; $core->close(); } else { $filenm = CONS_PATH_PAGES . $_SESSION['CODE'] . "/_config/config.php"; $file = cReadFile($filenm); cWriteFile($filenm . ".bak", $file); $file .= "\n\$dev = \$this->addPlugin('bi_dev');\n\$dev->administrativePage = \"/adm/\";"; cWriteFile($filenm, $file); echo "dev added to config.php"; $core->close(); } } else { if (!isset($core->loadedPlugins['bi_dev'])) { echo "dev already off"; $core->close(); } else { $filenm = CONS_PATH_PAGES . $_SESSION['CODE'] . "/_config/config.php"; $file = cReadFile($filenm); cWriteFile($filenm . ".bak", $file); $file = str_replace("\$dev = \$this->addPlugin('bi_dev');", "", $file); $file = str_replace("\$dev->administrativePage = \"/adm/\";", "", $file); cWriteFile($filenm, $file); echo "dev removed from config.php"; $core->close(); } } } if ($words[0] == "test") { if (isset($core->loadedPlugins['bi_dev'])) { $ok = $core->loadedPlugins['bi_dev']->fulltest(true); echo "DEV-Fulltest: " . ($ok ? "ERRORS!" : "OK!"); } else { echo "dev is off"; } $core->close(); } if ($words[0] == "dump") { $out = ""; if ($words[1] == "dimconfig") { foreach ($core->dimconfig as $name => $content) { $out .= $name . " : " . vardump($content) . "<br/>"; } echo $out; $core->close(); } else { if ($words[1] == "session") { foreach ($_SESSION as $name => $content) { $out .= $name . " : " . (is_array($content) ? implode(", ", $content) : $content) . "<br/>"; } echo $out; $core->close(); } else { if ($words[1] == "constants") { foreach ($core->template->constants as $name => $content) { $out .= $name . " : " . (is_array($content) ? implode(", ", $content) : $content) . "<br/>"; } echo $out; $core->close(); } else { if ($words[1] == "config") { echo "CONS_AFF_DATABASECONNECTOR: " . CONS_AFF_DATABASECONNECTOR . "<br/>"; echo "CONS_AFF_ERRORHANDLER: " . (CONS_AFF_ERRORHANDLER ? "true" : "false") . "<br/>"; echo "CONS_AFF_ERRORHANDLER_NOWARNING: " . (CONS_AFF_ERRORHANDLER_NOWARNING ? "true" : "false") . "<br/>"; echo "CONS_AJAXRUNSSCRIPTS: " . (CONS_AJAXRUNSSCRIPTS ? "true" : "false") . "<br/>"; echo "CONS_SINGLEDOMAIN: " . CONS_SINGLEDOMAIN . "<br/>"; echo "CONS_DEFAULT_IPP: " . CONS_DEFAULT_IPP . "<br/>"; echo "CONS_FLATTENURL: " . CONS_FLATTENURL . "<br/>"; echo "CONS_AUTOREMOVEWWW: " . CONS_AUTOREMOVEWWW . "<br/>"; echo "CONS_DEFAULT_MIN_OBJECTCACHETIME: " . CONS_DEFAULT_MIN_OBJECTCACHETIME . "<br/>"; echo "CONS_DEFAULT_MAX_OBJECTCACHETIME: " . CONS_DEFAULT_MAX_OBJECTCACHETIME . "<br/>"; echo "CONS_DEFAULT_MIN_BROWSERCACHETIME: " . CONS_DEFAULT_MIN_BROWSERCACHETIME . "<br/>"; echo "CONS_DEFAULT_MAX_BROWSERCACHETIME: " . CONS_DEFAULT_MAX_BROWSERCACHETIME . "<br/>"; echo "CONS_PM_MINTIME: " . CONS_PM_MINTIME . "<br/>"; echo "CONS_PM_TIME: " . CONS_PM_TIME . "<br/>"; echo "CONS_FREECPU: " . (CONS_FREECPU ? "true" : "false") . "<br/>"; echo "CONS_MONITORMAILSOURCE: " . CONS_MONITORMAILSOURCE . "<br/>"; echo "CONS_MONITORMAIL: " . CONS_MONITORMAIL . "<br/>"; echo "CONS_HTTPD_ERRDIR: " . CONS_HTTPD_ERRDIR . "<br/>"; echo "CONS_HTTPD_ERRFILE: " . CONS_HTTPD_ERRFILE . "<br/>"; echo "CONS_MASTERMAIL: " . CONS_MASTERMAIL . "<br/>"; echo "CONS_ECONOMICMODE: " . (CONS_ECONOMICMODE ? 'true' : 'false') . "<br/>"; echo "CONS_ACCEPT_DIRECTLINK: " . (CONS_ACCEPT_DIRECTLINK ? "true" : "false") . "<br/>"; echo "CONS_SITESELECTOR: " . (CONS_SITESELECTOR ? "true" : "false") . "<br/>"; echo "CONS_NOROBOTDOMAINS: " . CONS_NOROBOTDOMAINS . "<br/>"; echo "CONS_FILESEARCH_EXTENSIONS: " . CONS_FILESEARCH_EXTENSIONS . "<br/>"; echo "CONS_TOOLS_DEFAULTPERM: " . CONS_TOOLS_DEFAULTPERM . "<br/>"; echo "CONS_GZIP_MINSIZE: " . CONS_GZIP_MINSIZE . "<br/>"; echo "CONS_CRAWLER_WHITELIST_ENABLE: " . (CONS_CRAWLER_WHITELIST_ENABLE ? "true" : "false") . "<br/>"; echo "CONS_CRAWLER_WHITELIST: " . CONS_GZIP_MINSIZE . "<br/>"; echo "CONS_HONEYPOT: " . (CONS_HONEYPOT ? "true" : "false") . "<br/>"; echo "CONS_HONEYPOTURL: " . CONS_GZIP_MINSIZE . "<br/>"; echo "------ site config (" . $_SESSION['CODE'] . ") ------<br/>"; echo "CONS_USE_I18N: " . (CONS_USE_I18N ? "true" : "false") . "<br/>"; echo "CONS_DEFAULT_LANG: " . CONS_DEFAULT_LANG . "<br/>"; echo "CONS_DEFAULT_FAVICON: " . (CONS_DEFAULT_FAVICON ? "true" : "false") . "<br/>"; echo "CONS_INSTALL_ROOT: " . CONS_INSTALL_ROOT . "<br/>"; echo "CONS_DB_HOST: " . CONS_DB_HOST . "<br/>"; echo "CONS_DB_BASE: " . CONS_DB_BASE . "<br/>"; echo "CONS_SITE_ENTRYPOINT: " . CONS_SITE_ENTRYPOINT . "<br/>"; echo "languagetl: " . vardump($core->languageTL) . "<br/>"; echo "forceLang: " . $core->forceLang . "<br/>"; echo "------ modules loaded ----------<br/>"; foreach ($core->modules as $mname => &$m) { echo "{$mname}<br/>"; } $core->close(); } } } } echo "add 'dimconfig', 'session', 'constants', 'config'<br/>"; } if ($words[0] == "dbfill") { if (isset($core->loadedPlugins['bi_dev'])) { $ok = $core->loadedPlugins['bi_dev']->fill(); echo "DEV-Fill: " . ($ok == false ? "ERROR!" : "Ok, {$ok} items included"); } else { echo "dev is off, turn dev on to use dbfill"; } $core->close(); } if ($words[0] == 'cache') { if (CONS_ECONOMICMODE) { echo "Economic mode on, cache control disabled"; } else { if (is_file(CONS_PATH_LOGS . "cachecontrol.dat")) { $cc = unserialize(cReadFile(CONS_PATH_LOGS . "cachecontrol.dat")); if ($cc !== false) { echo "Date, Page average loadtime, Cache throttle %\n<br/>"; foreach ($cc as $ccitem) { echo $ccitem[0] . ", " . number_format($ccitem[1]) . "ms, " . floor(100 * $ccitem[2]) . "%\n<br/>"; } $cc = unserialize(cReadFile(CONS_PATH_CACHE . "cachecontrol.dat")); if ($cc !== false) { echo "CURRENT: " . number_format($cc[0]) . "ms, " . floor(100 * $cc[1]) . "%"; } else { echo "CURRENT: unable to load cachecontrol.dat in cache"; } } else { echo "cachecontrol.dat corrupt"; } } else { echo "cachecontrol.dat not found in logs"; } } $core->close(); } if ($words[0] == "purge") { $purgeThis = array(!isset($words[1]) || $words[1] == "log" || $words[1] == "all", !isset($words[1]) || $words[1] == "cache" || $words[1] == "all", !isset($words[1]) || $words[1] == "bans" || $words[1] == "all"); if ($purgeThis[1]) { $core->cacheControl->dumpTemplateCaches($purgeThis[0], true); $core->dimconfig['_404cache'] = array(); $core->saveConfig(true); } if ($purgeThis[0]) { $listFiles = listFiles(CONS_PATH_LOGS, "/^([^a]).*(\\.log)\$/i", false, false, true); foreach ($listFiles as $file) { @unlink(CONS_PATH_LOGS . $file); } } if ($purgeThis[2]) { foreach (glob(CONS_PATH_TEMP . "*.dat") as $file) { if (!is_dir($file)) { @unlink($file); } } } echo "Ok! (flags=" . ($purgeThis[0] ? "L" : "l") . ($purgeThis[1] ? "C" : "c") . ($purgeThis[2] ? "B" : "b") . ")"; $core->close(); } if ($words[0] == "phpinfo") { phpinfo(); $core->close(); } if (is_file(CONS_PATH_PAGES . $_SESSION['CODE'] . "/_config/_console.php")) { include CONS_PATH_PAGES . $_SESSION['CODE'] . "/_config/_console.php"; } echo "command not understood"; $core->close(); }
} $maxActions -= $added; if ($maxActions > 0) { // 1 day ago $previousDay = datecalc(date("Y-m-d"), 0, 0, -1); $previousDay = str_replace("-", "", $previousDay); if (is_file(CONS_PATH_LOGS . $_SESSION['CODE'] . "/act" . $previousDay . ".log")) { appendActs($core, $temp, $template, explode("\n", cReadFile(CONS_PATH_LOGS . $_SESSION['CODE'] . "/act" . $previousDay . ".log")), $maxActions); } } $core->template->assign("_actions", $temp); $core->cacheControl->addCachedContent('admindex_actionlog', $temp, true); } // Warnings to developer if (is_file(CONS_PATH_LOGS . $_SESSION['CODE'] . "/fulltest.log") && isset($core->loadedPlugins['bi_dev'])) { $core->template->assign("bi_dev", cReadFile(CONS_PATH_LOGS . $_SESSION['CODE'] . "/fulltest.log")); } else { $core->template->assign("_devwarning"); } // Statistics if ($this->hasStats) { // stats installed, show today's hits $stp = $core->loadedPlugins['bi_stats']->getHits(7); $biggest = 0; foreach ($stp as $stpi) { if ($stpi[0] > $biggest) { $biggest = $stpi[0]; } } if ($biggest == 0) { $biggest = 1;
function addPlugin($script, $relateToModule = "", $renamePluginTo = "", $noRaise = false) { $r = parent::addPlugin($script, $relateToModule, $renamePluginTo, $noRaise); if (!isset($this->dimconfig['_pluginStarter' . $script]) || $this->dimconfig['_pluginStarter' . $script] != true) { // ad monitors form this script to the list $fileP = CONS_PATH_SYSTEM . "plugins/{$script}/monitor.xml"; $fileS = CONS_PATH_PAGES . $_SESSION['CODE'] . "/_config/monitor.xml"; if (is_file($fileP)) { // plugin has a monitor if (is_file($fileS)) { // site has a monitor $contentP = cReadFile($fileP); if (preg_match("@[^<]*(<[^>]*>).*@", $contentP, $e)) { // get first tag ($e[1]) // check if site's monitor has this tag $contentS = cReadFile($fileS); if (strpos($contentS, $e[1]) === false) { // it doesn't have, add $contentS .= "\n" . $contentP; } cWriteFile($fileS, $contentS); } } else { copy($fileP, $fileS); } } $this->dimconfig['_pluginStarter' . $script] = true; } return $r; }
$core->addLink("ckfinder/ckfinder.js", true); $core->addLink("ckeditor/ckeditor.js", true); } if ($hasCalendar) { $core->addLink("calendar/dyncalendar.css"); $core->addLink("calendar/dyncalendar.js"); $endScript .= "var calendarHandler = new dynCalendar('" . CONS_INSTALL_ROOT . CONS_PATH_PAGES . "_js/calendar/gifs/');\n"; } if ($hasSlider) { $core->addLink("scriptaculous/slider.js"); } $core->template->assign("endscript", $endScript); if ($_SESSION[CONS_SESSION_ACCESS_LEVEL] == 100) { $core->template->assign("_hiddenoptions", $temp); if (!CONS_ONSERVER && CONS_SITESELECTOR) { $domains = unserialize(cReadFile(CONS_PATH_CACHE . "domains.dat")); $codes = array(); foreach ($domains as $url => $code) { if (!isset($codes[$code])) { $codes[$code] = array($url); } else { $codes[$code][] = $url; } } $obj = $core->template->get("_sites"); $tempOutput = ""; foreach ($codes as $code => $urls) { $tempOutput .= $obj->techo(array('code' => $code)); } $core->template->assign("_sites", $tempOutput); } else {
public function cReadXML($arquivo, $params = array(), $fetchData = false) { if (!is_file($arquivo)) { return false; } $data = cReadFile($arquivo); return $this->parseXML($data, $params, $fetchData); }
function showTemplate() { if (count($this->log) > 0) { $output = ""; foreach ($this->log as $saida) { $output .= $saida . "\n<br/>"; } $file = $this->debugFile; if ($this->debugFile == '' || !is_file($file)) { if (is_file(CONS_PATH_PAGES . $_SESSION['CODE'] . "/template/_debugarea.html")) { $file = CONS_PATH_PAGES . $_SESSION['CODE'] . "/template/_debugarea.html"; } else { $file = CONS_PATH_SETTINGS . "defaults/_debugarea.html"; } } $tp = new CKTemplate($this->template); $tp->fetch($file); $tp->assign("CORE_DEBUG", $output); $tp->assign("CORE_DEBUGWARNING", $this->loglevel); // CONS_LOGGING_... $this->template->constants['CORE_DEBUG'] = $tp->techo(); unset($tp); } if (!is_object($this->template) || get_class($this->template) != "CKTemplate") { return; // huh, no template? oh well } # Echo dimconfig if something should be outputed $data = $this->cacheControl->getCachedContent('dimconfig_auto'); if ($data === false) { $data = $this->dimconfig; $dimconfigMD = unserialize(cReadFile(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/_dimconfig.dat")); foreach ($data as $name => $content) { if (isset($dimconfigMD[$name])) { if ($dimconfigMD[$name][CONS_XML_TIPO] == CONS_TIPO_UPLOAD) { $FirstfileName = CONS_FMANAGER . $dimconfigMD[$name]['location']; $path = explode("/", $FirstfileName); $fileName = array_pop($path); $path = implode("/", $path) . "/"; $hasFile = locateAnyFile($FirstfileName, $ext); if (isset($dimconfigMD[$name][CONS_XML_THUMBNAILS])) { // images $imgs = count($dimconfigMD[$name][CONS_XML_THUMBNAILS]); for ($c = 1; $c <= $imgs; $c++) { $fnamedata = $name . "_" . $c; $data[$fnamedata] = $FirstfileName; $data[$fnamedata . "w"] = ""; $data[$fnamedata . "h"] = ""; $data[$fnamedata . "t"] = ""; $data[$fnamedata . "tr"] = ""; $data[$fnamedata . "s"] = ""; if ($hasFile) { $data[$fnamedata] = $FirstfileName; $popped = explode("/", $FirstfileName); $data[$fnamedata . "filename"] = array_pop($popped); if (in_array(strtolower($ext), array("jpg", "gif", "png", "jpeg", "swf"))) { // image/flash $h = getimagesize($FirstfileName); $data[$fnamedata . "w"] = $h[0]; $data[$fnamedata . "h"] = $h[1]; $data[$fnamedata . "s"] = humanSize(filesize($FirstfileName)); if (in_array(strtolower($ext), array("jpg", "gif", "png", "jpeg"))) { $data[$fnamedata . "t"] = "<img src=\"" . $FirstfileName . "\" width='" . $h[0] . "' height='" . $h[1] . "' alt='' />"; $data[$fnamedata . "tr"] = "<img src=\"" . $FirstfileName . "\" width='100%' height='100%' alt='' />"; } else { if (strtolower($ext) == "swf") { $data[$fnamedata . "t"] = str_replace("{FILE}", $FirstfileName, str_replace("{H}", $h[1], str_replace("{W}", $h[0], SWF_OBJECT))); $data[$fnamedata . "tr"] = $data[$fnamedata . "t"]; } } } } } } else { if ($hasFile) { $fnamedata = $name . "_1"; $data[$fnamedata] = $FirstfileName; $data[$fnamedata . "s"] = humanSize(filesize($FirstfileName)); $popped = explode("/", $FirstfileName); $data[$fnamedata . "filename"] = array_pop($popped); } else { $fnamedata = $name . "_1"; $data[$fnamedata] = ""; $data[$fnamedata . "t"] = ""; $data[$fnamedata . "tr"] = ""; $data[$fnamedata . "s"] = ""; } } $this->template->fill($data); } else { $data[$name] = $content; } } else { $data[$name] = $content; } } $this->cacheControl->addCachedContent('dimconfig_auto', $data, true); } $this->template->fill($data); $this->template->constants['CHARSET'] = $this->charset; if ($this->doctype == "html" || CONS_BROWSER == "IE" && CONS_BROWSER_VERSION < 9) { $this->template->assign("_DOCTYPEXML"); } # metadata - fill default values if not set yet (plugins can set) if ($this->layout != 2) { if ((!isset($this->template->constants['METAKEYS']) || $this->template->constants['METAKEYS'] == '') && $this->dimconfig['metakeys'] != '') { $this->template->constants['METAKEYS'] = $this->dimconfig['metakeys']; } if ((!isset($this->template->constants['METADESC']) || $this->template->constants['METADESC'] == '') && $this->dimconfig['metadesc'] != '') { $this->template->constants['METADESC'] = $this->dimconfig['metadesc']; } // METAS if ($this->template->constants['CANONICAL'] == '') { $this->template->constants['CANONICAL'] = "http://" . $_SESSION['CANONICAL'] . $this->context_str . $this->action . ".html"; if (isset($_REQUEST['id'])) { $this->template->constants['CANONICAL'] .= "?id=" . $_REQUEST['id']; } } $metadata = $this->template->constants['METATAGS']; if (CONS_PATH_PAGES . $_SESSION['CODE'] . "/template/_meta.xml") { $metadata .= cReadFile(CONS_PATH_PAGES . $_SESSION['CODE'] . "/template/_meta.xml"); } $metadata .= "\t<link rel=\"canonical\" href=\"" . $this->template->constants['CANONICAL'] . "\" />\n"; if ($this->template->constants['METAKEYS'] != '') { $metadata .= "\t<meta name=\"keywords\" content=\"" . str_replace("\"", "", $this->template->constants['METAKEYS']) . "\"/>\n"; } if ($this->template->constants['METADESC'] != '') { $metadata .= "\t<meta name=\"description\" content=\"" . str_replace("\"", "", $this->template->constants['METADESC']) . "\"/>\n"; $metadata .= "\t<meta property=\"og:description\" content=\"" . str_replace("\"", "", $this->template->constants['METADESC']) . "\"/>\n"; } $metadata .= "\t<meta property=\"og:type\" content=\"website\" />\n"; $metadata .= "\t<meta property=\"og:title\" content=\"" . str_replace("\"", "", $this->template->constants['PAGE_TITLE']) . "\" />\n"; $metadata .= "\t<meta property=\"og:url\" content=\"" . $this->template->constants['CANONICAL'] . "\" />\n"; if (isset($this->template->constants['METAFIGURE']) && $this->template->constants['METAFIGURE'] != "") { if ($this->template->constants['METAFIGURE'][0] != '/') { $this->template->constants['METAFIGURE'] = "/" . $this->template->constants['METAFIGURE']; } $metadata .= "\t<meta property=\"og:image\" content=\"http://" . $_SESSION['CANONICAL'] . $this->template->constants['METAFIGURE'] . "\" />\n"; $metadata .= "\t<link rel=\"image_src\" href=\"http://" . $_SESSION['CANONICAL'] . $this->template->constants['METAFIGURE'] . "\" />\n"; } $favfile = CONS_PATH_PAGES . $_SESSION['CODE'] . "/files/favicon"; if (locateFile($favfile, $ext)) { $favfile = CONS_INSTALL_ROOT . $favfile; $metadata .= "\t<link rel=\"shortcut icon\" href=\"/favicon." . $ext . "\" />\n"; } else { if (CONS_DEFAULT_FAVICON) { $favfile = "favicon"; if (locateFile($favfile, $ext)) { $favfile = CONS_INSTALL_ROOT . $favfile; $metadata .= "\t<link rel=\"shortcut icon\" href=\"/favicon." . $ext . "\" />\n"; } } } // Alternate Language and domains versions (only on root index) if ($this->context_str == "/" && $this->action == "index") { if (CONS_USE_I18N) { $langs = explode(",", CONS_POSSIBLE_LANGS); foreach ($langs as $lang) { if ($lang != $_SESSION[CONS_SESSION_LANG]) { if (count($this->languageTL) > 0) { foreach ($this->languageTL as $fl => $ln) { if ($ln == $lang) { $metadata .= "\t<link rel=\"alternate\" hreflang=\"{$lang}\" href=\"/{$fl}/index.html\"/>\n"; break; } } } else { $metadata .= "\t<link rel=\"alternate\" hreflang=\"{$lang}\" href=\"" . $this->template->constants['CANONICAL'] . "?lang={$lang}\"/>\n"; } } } } foreach ($this->parseRewrite as $domain => $settings) { if ($domain != $this->domain) { $metadata .= "\t<link rel=\"alternate\" hreflang=\"" . ($settings[0] == '' ? CONS_DEFAULT_LANG : $settings[0]) . "\" href=\"http://" . $domain . "\"/>\n"; } } } $this->template->constants['METATAGS'] = $metadata; } $this->removeAutoTags($this->template); // print version if ($this->template->get("printver") == '') { $printVersion = arrayToString($_GET, array("layout")); $printVersion .= "&layout=1"; $this->template->assign("printver", $this->action . ".html?" . $printVersion); } return $this->template->techo(); }
function getMonitorArray() { $monitorXmlCache = CONS_PATH_CACHE . $_SESSION['CODE'] . "/monitor.cache"; $monitorXml = array(); $core =& $this->parent; if ($core->debugmode || !is_file($monitorXmlCache)) { if (!defined('C_XHTML_AUTOTAB')) { include CONS_PATH_INCLUDE . "xmlHandler.php"; } $xml = new xmlHandler(); $xml = $xml->cReadXML(CONS_PATH_PAGES . $_SESSION['CODE'] . "/_config/monitor.xml", array('C_XML_autoparse' => true, 'C_XML_lax' => true), false); if ($xml === false) { $core->errorControl->raise(514); $monitorXmlCache = array(); } else { # browses the XML and loads modules $xml =& $xml->getbranch(0); $total = $xml->total(); for ($c = 0; $c < $total; $c++) { $thisbranch =& $xml->getbranch($c); $total_childs = $thisbranch->total(); $item = array("xmlname" => strtolower($thisbranch->data[0])); for ($cb = 0; $cb < $total_childs; $cb++) { $temp = $thisbranch->getbranch($cb); $item[strtolower($temp->data[0])] = $temp->data[2]; unset($temp); } if (isset($item['module']) && isset($item['sql']) && isset($core->modules[strtolower($item['module'])])) { $item['module'] = strtolower($item['module']); $monitorXml[] = $item; } else { $core->errorControl->raise(515, isset($item['sql']) ? $item['sql'] : "NO SQL", isset($item['module']) ? $item['module'] : "NO MODULE"); } } } unset($xml); } else { // use cache $monitorXml = unserialize(cReadFile($monitorXmlCache)); } return $monitorXml; }
function import($file) { if (!is_file($file)) { return false; } $sql = cReadFile($file); $query = ""; $total = strlen($sql); $inQuote = ""; $this->quickmode = true; $q = 0; for ($c = 0; $c < $total; $c++) { $char = $sql[$c]; if ($inQuote == "") { // not in quote if ($char == "\"" || $char == "'" || $char == "`") { $inQuote = $char; $query .= $char; } else { if ($char == ";") { // end query if (!$this->simpleQuery($query, false)) { $this->log[] = "import error in char {$c}, query was: {$query}"; return false; } $q++; $query = ""; } else { $query .= $char; } } } else { // in quote if ($char == $inQuote) { $inQuote = ""; } $query .= $char; } } $this->quickmode = false; unset($sql); return $q; }
$siteObj = $core->template->get("_site"); $temp = ""; $week = array(); for ($c = 0; $c < 7; $c++) { $week[$c] = 0; } $highest = 0; $browsers = array(); $highestb = 0; $sum = 0; $hasBrowser = false; foreach ($codes as $code => $urls) { // cron $file = CONS_PATH_LOGS . $code . "/scripttime.dat"; if (is_file($file)) { $statsdata = unserialize(cReadFile($file)); for ($c = 0; $c < count($statsdata[5]); $c++) { $sum += $statsdata[5][$c][0]; } // hits for ($c = 0; $c < 7; $c++) { if (isset($statsdata[5][6 - $c])) { $week[$c] += $statsdata[5][6 - $c][0]; if ($week[$c] > $highest) { $highest = $week[$c]; } } } // browsers (last month) if (isset($statsdata[6])) { foreach ($statsdata[6] as $browser => $h) {
$maxP = $p; $maxF = $possible; } } $file = $maxF; } } else { if (isset($_REQUEST['css'])) { $file = $_REQUEST['css']; } } $file = str_replace("..", "", $file); // very basic anti-injection if (is_file($file)) { if ($gzip) { header("Content-Encoding: gzip"); header("Content-Type: " . (isset($_REQUEST['js']) ? "text/javascript" : "text/css")); header('Pragma: public'); header('Cache-Control: public,max-age=' . CONS_CACHE_TIME . ',s-maxage=' . CONS_CACHE_TIME); echo gzencode(cReadFile($file)); } else { header("Content-Type: " . (isset($_REQUEST['js']) ? "text/javascript" : "text/css")); header('Pragma: public'); header('Cache-Control: public,max-age=' . CONS_CACHE_TIME . ',s-maxage=' . CONS_CACHE_TIME); readfile($file); } } else { header("HTTP/1.0 404 Not Found"); header('Pragma: no-cache'); die("<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"><HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY><H1>Not Found</H1>The requested URL was not found on this server.<P><P>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.<br/><br/>Aff optimizer, {$file}</BODY></HTML>"); }
<?php /* -------------------------------- Domain cache | Copyleft (ɔ) 2011+, Caio Vianna de Lima Netto (www.prescia.net) | LICENSE TYPE: BSD-new/ɔ | reads from main domains file, create the cache and in the process fill in my $_SESSION['CODE'] -*/ $domains = cReadFile(CONS_PATH_SETTINGS . "domains"); if (!$domains) { $this->errorControl->raise(100); } $domains = explode("\n", str_replace("\r", "", preg_replace("/(\t| ){1,}/", " ", $domains))); $domainList = array(); $gotdomain = false; foreach ($domains as $dline) { if (strlen($dline) > 0 && $dline[0] != "#") { $dline = explode(" ", $dline); if (count($dline) == 2) { $thisdomains = explode(",", $dline[1]); foreach ($thisdomains as $td) { $td = trim($td); if ($td != "") { $domainList[$td] = $dline[0]; if (!$gotdomain && ($td == $this->domain || $td == "*")) { $_SESSION["CODE"] = $dline[0]; $gotdomain = true; } } } } }
function rebuildCM() { $files = listFiles(CONS_PATH_PAGES . $_SESSION['CODE'] . "/template/", '/^(.*)\\.htm(l)?$/i', false, false, true); $cm = $this->parent->loaded($this->moduleRelation); $possibleLangs = CONS_USE_I18N ? explode(",", CONS_POSSIBLE_LANGS) : array(CONS_DEFAULT_LANG); foreach ($files as $file) { if ($file != "_cms.html") { $content = cReadFile(CONS_PATH_PAGES . $_SESSION['CODE'] . "/template/{$file}"); $filewoext = explode(".", $file); array_pop($filewoext); $filewoext = implode(".", $filewoext); if (strpos($content, "{CONTENTMAN}") !== false) { $sql = "SELECT page FROM " . $cm->dbname . " WHERE code=1 AND page=\"/{$filewoext}\""; $id = $this->parent->dbo->fetch($sql); if ($id === false) { foreach ($possibleLangs as $lang) { if ($lang != '') { $this->parent->dbo->simpleQuery("INSERT INTO " . $cm->dbname . " SET code=1,page=\"/{$filewoext}\",title=\"{$filewoext}\",content=\"Content Manager\", lang='" . $lang . "'"); } } } } $c = 2; while (true) { // we are insane =p if (strpos($content, "{CONTENTMAN" . $c . "}") !== false) { $sql = "SELECT page FROM " . $cm->dbname . " WHERE code={$c} AND page=\"/{$filewoext}\""; $id = $this->parent->dbo->fetch($sql); if ($id === false) { foreach ($possibleLangs as $lang) { if ($lang != '') { $this->parent->dbo->simpleQuery("INSERT INTO " . $cm->dbname . " SET code={$c},page=\"/{$filewoext}\",title=\"{$filewoext} {$c}\",content=\"Content Manager ({$filewoext} {$c})\", lang='" . $lang . "'"); } } } } else { break; } // nah, not insane $c++; } } } }
function loadLangFile($file, $standard = true, $plugin = '') { # loads a templating language file to the template, checks if cache is present # called by /index.php $file .= ".php"; $strippedFile = str_replace("/", "_", $file); if ($standard) { if ($plugin == "") { $file = CONS_PATH_SETTINGS . "locale/" . $file; } else { $file = CONS_PATH_SYSTEM . "plugins/{$plugin}/locale/{$file}"; } } else { $file = CONS_PATH_PAGES . $_SESSION['CODE'] . "/_config/locale/{$file}"; } if (!is_file($file)) { return false; } if (!isset($_REQUEST['nocache'])) { # if nocache is specified, ignore caches ... not the case if ($standard) { if ($plugin != '') { $plugin .= '/'; } if (!is_dir(CONS_PATH_CACHE . "locale/{$plugin}")) { safe_mkdir(CONS_PATH_CACHE . "locale/{$plugin}"); } $cacheFile = CONS_PATH_CACHE . "locale/{$plugin}" . $strippedFile . ".cache"; $cacheMTFile = CONS_PATH_CACHE . "locale/{$plugin}" . $strippedFile . ".cachemd"; } else { if (!is_dir(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/locale/")) { safe_mkdir(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/locale/"); } $cacheFile = CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/locale/" . $strippedFile . ".cache"; $cacheMTFile = CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/locale/" . $strippedFile . ".cachemd"; } if (is_file($cacheFile) && is_file($cacheMTFile)) { $ofMD = filemtime($file); # modify date of ORIGINAL file $cMD = cReadFile($cacheMTFile); # modify date of ORIGINAL file when CACHE file was created if ($cMD == $ofMD) { # valid cache file (it was created from the current original file) $newData = @unserialize(cReadFile($cacheFile)); if (is_array($newData)) { $this->parent->template->lang_replacer = array_merge($this->parent->template->lang_replacer, $newData); return true; } else { $this->parent->errorControl->raise(6, $_SESSION[CONS_SESSION_LANG], $plugin, $standard ? "standard" : "non-standard"); } } else { if ($this->parent->debugmode && CONS_CACHE) { # Warning: if the lang file was replaced, template caches might be invalid # So we must delete ALL TEMPLATE CACHES! $this->parent->cacheControl->dumpTemplateCaches(); } } } } # no cache available or no cache specified $data = (include $file); if ($data === false || !is_array($data)) { $this->parent->errorControl->raise(7, $_SESSION[CONS_SESSION_LANG], $plugin, $standard ? "standard" : "non-standard"); return false; } if (!isset($_REQUEST['nocache'])) { $ofMD = filemtime($file); cWriteFile($cacheMTFile, $ofMD); cWriteFile($cacheFile, serialize($data)); } foreach ($data as $term => $trans) { $this->parent->template->lang_replacer[$term] = $trans; // array_merge has issues } return true; }
function get_base_sql($embedWhere = "", $embedOrder = "", $embedLimit = "", $noJoin = false) { // send $noJoin to get only THIS table, with no auto joining linked tables $sql = false; if (!$this->parent->debugmode && !$noJoin && is_file(CONS_PATH_CACHE . $_SESSION['CODE'] . "/" . $this->dbname . "_list.cache") && !isset($_REQUEST['nocache'])) { $sql = unserialize(cReadFile(CONS_PATH_CACHE . $_SESSION['CODE'] . "/" . $this->dbname . "_list.cache")); } if (!$sql) { $sql = array("SELECT" => array(), "FROM" => array(), "LEFT" => array(), "WHERE" => array(), "GROUP" => array(), "ORDER" => array(), "LIMIT" => array(), "HAVING" => array()); $sql['FROM'][] = $this->dbname . " as " . $this->name; $pos = 0; foreach ($this->fields as $nome => $campo) { $extrakey = array(); if ($campo[CONS_XML_TIPO] == CONS_TIPO_LINK && !$noJoin) { // we will add all fields and build the where or left join for this table $linkname = $campo[CONS_XML_MODULE]; // remote table name $remodeModule = $this->parent->loaded($linkname); // remote module $tablecast = substr($nome, 3); # id_[name] ... removes id_ if (in_array($tablecast, array("group", "from", "to", "as", "having", "order", "by", "join", "left", "right"))) { #reserved words that could cause issues on the SQL $tablecast .= "s"; } # keyword, add a "s" to prevent it from causing SQL problems foreach ($remodeModule->fields as $cremote_nome => $remote_campo) { if ($cremote_nome == "password") { continue; } // yeap, never select passwords // for each field on remote table if ($cremote_nome != $remodeModule->keys[0]) { # do not add main key (this module should have it anyway) $rmod_nome = $tablecast; $sql['SELECT'][] = $tablecast . "." . $cremote_nome . " as " . $rmod_nome . "_" . $cremote_nome; } if ($remote_campo[CONS_XML_TIPO] == CONS_TIPO_LINK) { if ($remote_campo[CONS_XML_MODULE] == $this->name && (!isset($remote_campo[CONS_XML_JOIN]) || $remote_campo[CONS_XML_JOIN] == "from")) { # mandatory key to myself (parent)? $extrakey[] = $tablecast . "." . $cremote_nome . "=" . $this->name . "." . $this->keys[0]; } else { if (in_array($cremote_nome, $remodeModule->keys) && in_array($cremote_nome, $this->keys)) { // we are linking the same things oO $extrakey[] = $tablecast . "." . $cremote_nome . "=" . $this->name . "." . $cremote_nome; # TODO: is this necessary? who cares we have keys to the same things? } } } } if (isset($campo[CONS_XML_JOIN]) && $campo[CONS_XML_JOIN] == "left") { // left join $linker = array(); foreach ($remodeModule->keys as $rkey) { if ($rkey == "id") { $linker[] = $tablecast . ".{$rkey} = " . $this->name . "." . $nome; } else { if ($remodeModule->fields[$rkey][CONS_XML_TIPO] == CONS_TIPO_LINK) { // not a parent nor main key, is a link to another table if ($remodeModule->fields[$rkey][CONS_XML_MODULE] == $this->name) { $linker[] = $tablecast . ".{$rkey} = " . $this->name . "." . $this->keys[0]; } else { $localField = $this->get_key_from($remodeModule->fields[$rkey][CONS_XML_MODULE]); $linker[] = $tablecast . ".{$rkey} = " . $this->name . "." . $localField; } } else { // not simple id, parent or link. Its a non-standard ID for another table $linker[] = $tablecast . ".{$rkey} = " . $this->name . "." . ($rkey == $remodeModule->keys[0] ? $nome : $nome . "_" . $rkey); // first key as is, rest is the original key name + "_" and remote key name } } } $sql['LEFT'][] = $remodeModule->dbname . " as " . $tablecast . " ON " . implode(" AND ", $linker) . (count($extrakey) > 0 && count($linker) > 0 ? " AND " : "") . implode(" AND ", $extrakey); } else { // inner join $sql['FROM'][] = $remodeModule->dbname . " as " . $tablecast; foreach ($remodeModule->keys as $rkey) { if ($rkey == "id") { $sql['WHERE'][] = $tablecast . ".{$rkey} = " . $this->name . "." . $nome; } else { if ($remodeModule->fields[$rkey][CONS_XML_TIPO] == CONS_TIPO_LINK) { // not a parent nor main key, is a link to another table if ($remodeModule->fields[$rkey][CONS_XML_MODULE] == $this->name) { $sql['WHERE'][] = $tablecast . ".{$rkey} = " . $this->name . "." . $this->keys[0]; } else { $localField = $this->get_key_from($remodeModule->fields[$rkey][CONS_XML_MODULE]); $sql['WHERE'][] = $tablecast . ".{$rkey} = " . $this->name . "." . $localField; } } else { // not simple id, parent or link. Its a non-standard ID for another table $sql['WHERE'][] = $tablecast . ".{$rkey} = " . $this->name . "." . ($rkey == $remodeModule->keys[0] ? $nome : $nome . "_" . $rkey); // first key as is, rest is the original key name + "_" and remote key name } } } foreach ($extrakey as $exk) { $sql['WHERE'][] = $exk; } } $pos++; } } array_unshift($sql['SELECT'], $this->name . ".*"); if (!$noJoin && $this->parent->debugmode && !is_file(CONS_PATH_CACHE . $_SESSION['CODE'] . "/" . $this->dbname . "_list.cache") && !isset($_REQUEST['nocache'])) { // save simple cache cWriteFile(CONS_PATH_CACHE . $_SESSION['CODE'] . "/" . $this->dbname . "_list.cache", serialize($sql)); } } # !$sql // embeds: if ($embedWhere != "") { array_unshift($sql['WHERE'], $embedWhere); } if ($this->order != "" && $embedOrder == "") { $ord = explode(",", $this->order); foreach ($ord as $orditem) { $orditem = trim($orditem); if (strpos($orditem, "+") !== false) { $orditem = str_replace("+", "", $orditem); if (isset($this->fields[$orditem])) { $sql['ORDER'][] = $this->name . "." . $orditem . " ASC"; } else { $sql['ORDER'][] = $orditem . " ASC"; } } else { $orditem = str_replace("-", "", $orditem); if (isset($this->fields[$orditem])) { $sql['ORDER'][] = $this->name . "." . $orditem . " DESC"; } else { $sql['ORDER'][] = $orditem . " DESC"; } } } } if ($embedOrder != "") { $sql['ORDER'][] = $embedOrder; } if ($embedLimit != "") { $sql['LIMIT'] = is_array($embedLimit) ? $embedLimit : array($embedLimit); } // done! return $sql; }
<?php $core->loadAllModules(); $core->loadDimconfig(true); if (isset($_REQUEST['haveinfo'])) { if ($_SESSION[CONS_SESSION_ACCESS_LEVEL] < $core->dimconfig['minlvltooptions']) { $core->log[] = $core->langOut('permission_denied'); $core->setLog(CONS_LOGGING_WARNING); } else { $dimconfigMD = unserialize(cReadFile(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/_dimconfig.dat")); foreach ($core->dimconfig as $name => $v) { if (!isset($dimconfigMD[$name])) { if (isset($_POST[$name])) { $core->dimconfig[$name] = trim($_POST[$name]); } } else { if (isset($dimconfigMD[$name][CONS_XML_RESTRICT]) && $dimconfigMD[$name][CONS_XML_RESTRICT] > $_SESSION[CONS_SESSION_ACCESS_LEVEL]) { continue; } if ($name == 'guest_group' && is_numeric($v)) { $groupModule = $core->loaded(CONS_AUTH_GROUPMODULE); $lvl = $core->dbo->fetch("SELECT level FROM " . $groupModule->dbname . " WHERE id=" . $_POST[$name]); if ($lvl > 0) { $core->log[] = $core->langOut("guest_mustbe_level0_group"); $core->setLog(CONS_LOGGING_WARNING); continue; // won't change guest_group } } switch ($dimconfigMD[$name][CONS_XML_TIPO]) { case CONS_TIPO_UPLOAD: