/**
* Is used as error handler
*
* @param int $level Error level
* @param null|string $string Error message
*/
function trigger($level, $string = null)
{
if (!$this->error) {
return;
}
$string = xap($string);
$dump = 'null';
$debug_backtrace = debug_backtrace();
if (isset($debug_backtrace[0]['file'], $debug_backtrace[0]['file'])) {
$file = $debug_backtrace[0]['file'];
$line = $debug_backtrace[0]['line'];
} else {
$file = $debug_backtrace[1]['file'];
$line = $debug_backtrace[1]['line'];
}
if (DEBUG) {
$dump = _json_encode($debug_backtrace);
}
unset($debug_backtrace);
$log_file = LOGS . '/' . date('d-m-Y') . '_' . strtr(date_default_timezone_get(), '/', '_');
$time = date('d-m-Y h:i:s') . ' [' . microtime(true) . ']';
switch ($level) {
case E_USER_ERROR:
case E_ERROR:
++$this->num;
file_put_contents($log_file, "E {$time} {$string} Occurred: {$file}:{$line} Dump: {$dump}\n", LOCK_EX | FILE_APPEND);
unset($dump);
$this->errors_list[] = "E {$time} {$string} Occurred: {$file}:{$line}";
error_code(500);
/**
* If Index instance exists - execution will be stopped there, otherwise in Page instance
*/
Index::instance(true)->__finish();
Page::instance()->error();
break;
case E_USER_WARNING:
case E_WARNING:
++$this->num;
file_put_contents($log_file, "W {$time} {$string} Occurred: {$file}:{$line} Dump: {$dump}\n", LOCK_EX | FILE_APPEND);
unset($dump);
$this->errors_list[] = "W {$time} {$string} Occurred: {$file}:{$line}";
break;
default:
file_put_contents($log_file, "N {$time} {$string} Occurred: {$file}:{$line} Dump: {$dump}\n", LOCK_EX | FILE_APPEND);
unset($dump);
$this->errors_list[] = "N {$time} {$string} Occurred: {$file}:{$line}";
break;
}
/**
* If too many non-critical errors - also stop execution
*/
if ($this->num >= 100) {
/**
* If Index instance exists - execution will be stopped there, otherwise in Page instance
*/
Index::instance(true)->__finish();
Page::instance()->error();
}
}
if (!isset($_POST['stream_code'], $_POST['lat'], $_POST['lng'])) {
error_code(400);
return;
}
$User = User::instance();
if (!in_array(STREAMER_GROUP, $User->get_groups())) {
error_code(403);
return;
}
$stream_code = trim($_POST['stream_code']);
if (preg_match('/ustream.tv\\/(channel|embed)\\/([0-9]+)/', $stream_code, $m)) {
$stream_code = "https://www.ustream.tv/embed/{$m['2']}";
} elseif (preg_match('/(youtube.com\\/embed\\/|youtube.com\\/watch\\?v=)([0-9a-z\\-]+)/i', $stream_code, $m)) {
$stream_code = "https://www.youtube.com/embed/{$m['2']}";
} elseif ($stream_code != '') {
error_code(400);
return;
}
$User->set_data('stream_url', $stream_code);
$Events = Events::instance();
$event = $User->get_data('stream_event');
if ($event) {
$Events->del($event);
}
if ($stream_code) {
$event = Events::instance()->add(STREAM_CATEGORY, 120, $_POST['lat'], $_POST['lng'], 0, "stream:{$stream_code}", 'urgent', 2, 30, '');
if (!$event) {
error_code(500);
}
$User->set_data('stream_event', $event);
}
*/
if (!$Config->server['referer']['local'] || !$Config->server['ajax'] || !isset($_POST['verify_hash'], $_POST['new_password']) || !$User->user()) {
sleep(1);
error_code(403);
return;
} elseif (!$_POST['new_password']) {
error_code(400);
$Page->error($L->please_type_new_password);
return;
} elseif (hash('sha224', $User->password_hash . $User->get_session()) != $_POST['verify_hash']) {
error_code(400);
$Page->error($L->wrong_current_password);
return;
} elseif (($new_password = xor_string($_POST['new_password'], $User->password_hash)) == $User->password_hash) {
error_code(400);
$Page->error($L->current_new_password_equal);
return;
}
if ($new_password == hash('sha512', hash('sha512', '') . Core::instance()->public_key)) {
error_code(400);
$Page->error($L->please_type_new_password);
return;
}
$id = $User->id;
if ($User->set('password_hash', $new_password)) {
$User->add_session($id);
$Page->json('OK');
} else {
error_code(400);
$Page->error($L->change_password_server_error);
}
<?php
/**
* @package CleverStyle CMS
* @subpackage System module
* @category modules
* @author Nazar Mokrynskyi <*****@*****.**>
* @copyright Copyright (c) 2011-2014, Nazar Mokrynskyi
* @license MIT License, see license.txt
*/
namespace cs;
$User = User::instance();
if ($User->guest()) {
error_code(403);
return;
}
$fields = ['id', 'login', 'username', 'language', 'timezone', 'avatar'];
$Page = Page::instance();
$id = $User->id;
$Page->json($User->get($fields, $id));
/**
* Error pages processing
*
* @param null|string|string[] $custom_text Custom error text instead of text like "404 Not Found",
* or array with two elements: [error, error_description]
* @param bool $json Force JSON return format
*/
function error($custom_text = null, $json = false)
{
static $error_showed = false;
if ($error_showed) {
return;
}
$error_showed = true;
if (!defined('ERROR_CODE')) {
error_code(500);
}
if (defined('API') && !API && ERROR_CODE == 403 && _getcookie('sign_out')) {
header('Location: ' . Config::instance()->base_url(), true, 302);
$this->Content = '';
exit;
}
interface_off();
$error = code_header(ERROR_CODE);
if (is_array($custom_text)) {
$error = $custom_text[0];
$error_description = $custom_text[1];
} else {
$error_description = $custom_text ?: $error;
}
if (defined('API') && API || $json) {
if ($json) {
header('Content-Type: application/json; charset=utf-8', true);
interface_off();
}
$this->json(['error' => $error, 'error_description' => $error_description]);
} else {
ob_start();
if (!_include_once(THEMES . "/{$this->theme}/error.html", false) && !_include_once(THEMES . "/{$this->theme}/error.php", false)) {
echo "<!doctype html>\n" . h::title(code_header($error)) . ($error_description ?: $error);
}
$this->Content = ob_get_clean();
}
$this->__finish();
exit;
}
<?php
/**
* @package Package
* @category modules
* @author Nazar Mokrynskyi <*****@*****.**>
* @copyright Copyright (c) 2014, Nazar Mokrynskyi
* @license MIT License, see license.txt
*/
namespace cs;
$rc = Config::instance()->route;
if (!isset($rc[0])) {
return;
}
switch ($rc[0]) {
case 'profile':
case path(Language::instance()->profile):
error_code(404);
}
/**
* Initialization: loading of module structure, including of necessary module files, inclusion of save file
*/
protected function init()
{
$Config = Config::instance();
$L = Language::instance();
$Page = Page::instance();
$User = User::instance();
/**
* Some routing preparations
*/
$rc_path =& $this->route_path;
$rc_ids =& $this->route_ids;
foreach ($Config->route as &$item) {
if (is_numeric($item)) {
$rc_ids[] =& $item;
} else {
$rc_path[] =& $item;
}
}
unset($item, $rc_path, $rc_ids);
$rc =& $this->route_path;
if ($Config->core['simple_admin_mode'] && file_exists(MFOLDER . '/index_simple.json')) {
$structure_file = 'index_simple.json';
} else {
$structure_file = 'index.json';
}
if (file_exists(MFOLDER . "/{$structure_file}")) {
$this->structure = file_get_json(MFOLDER . "/{$structure_file}");
if (is_array($this->structure)) {
foreach ($this->structure as $item => $value) {
if (!is_array($value)) {
$item = $value;
}
if ($User->get_permission($this->permission_group, $item)) {
$this->parts[] = $item;
if (isset($rc[0]) && $item == $rc[0] && is_array($value)) {
foreach ($value as $subpart) {
if ($User->get_permission($this->permission_group, "{$item}/{$subpart}")) {
$this->subparts[] = $subpart;
} elseif (isset($rc[1]) && $rc[1] == $subpart) {
error_code(403);
return;
}
}
}
} elseif ($rc[0] == $item) {
error_code(403);
return;
}
}
unset($item, $value, $subpart);
}
} elseif (API && !file_exists(MFOLDER . '/index.php') && !file_exists(MFOLDER . "/index.{$this->request_method}.php")) {
error_code(404);
return;
}
unset($structure_file);
_include_once(MFOLDER . '/index.php', false);
if (API && $this->request_method) {
_include_once(MFOLDER . "/index.{$this->request_method}.php", false);
}
if ($this->stop || defined('ERROR_CODE')) {
return;
}
if ($this->parts) {
if (!isset($rc[0]) || $rc[0] == '') {
if (API) {
return;
}
$rc[0] = $this->parts[0];
if (isset($this->structure[$rc[0]]) && is_array($this->structure[$rc[0]])) {
$this->subparts = $this->structure[$rc[0]];
}
} elseif ($rc[0] != '' && !empty($this->parts) && !in_array($rc[0], $this->parts)) {
error_code(404);
return;
}
/**
* Saving of changes
*/
if (IN_ADMIN && !_include_once(MFOLDER . "/{$rc['0']}/{$this->savefile}.php", false)) {
_include_once(MFOLDER . "/{$this->savefile}.php", false);
}
IN_ADMIN && $this->title_auto && $Page->title($L->administration);
if (!$this->api && $this->title_auto) {
$Page->title($L->{HOME ? 'home' : MODULE});
}
if (!$this->api) {
if (!HOME && $this->title_auto) {
$Page->title($L->{$rc}[0]);
}
}
/**
* Warning if site is closed
*/
if (!$Config->core['site_mode']) {
$Page->warning(get_core_ml_text('closed_title'));
}
_include_once(MFOLDER . "/{$rc['0']}.php", false);
if (API && $this->request_method) {
_include_once(MFOLDER . "/{$rc['0']}.{$this->request_method}.php", false);
}
if ($this->stop || defined('ERROR_CODE')) {
return;
}
if ($this->subparts) {
if (!isset($rc[1]) || $rc[1] == '' && !empty($this->subparts)) {
if (API) {
return;
}
$rc[1] = $this->subparts[0];
} elseif ($rc[1] != '' && !empty($this->subparts) && !in_array($rc[1], $this->subparts)) {
error_code(404);
return;
}
if (!$this->api) {
if (!HOME && $this->title_auto) {
$Page->title($L->{$rc}[1]);
}
if ($this->action === null) {
$this->action = (IN_ADMIN ? 'admin/' : '') . MODULE . "/{$rc['0']}/{$rc['1']}";
}
}
_include_once(MFOLDER . "/{$rc['0']}/{$rc['1']}.php", false);
if (API && $this->request_method) {
_include_once(MFOLDER . "/{$rc['0']}/{$rc['1']}.{$this->request_method}.php", false);
}
if ($this->stop || defined('ERROR_CODE')) {
return;
}
} elseif (!$this->api && $this->action === null) {
$this->action = (IN_ADMIN ? 'admin/' : '') . MODULE . "/{$rc['0']}";
}
unset($rc);
if ($this->post_title && $this->title_auto) {
$Page->title($this->post_title);
}
} elseif (!$this->api) {
IN_ADMIN && $Page->title($L->administration);
if (!$this->api && $this->title_auto) {
$Page->title($L->{HOME ? 'home' : MODULE});
}
if ($this->action === null) {
$this->action = $Config->server['relative_address'];
}
_include_once(MFOLDER . "/{$this->savefile}.php", false);
}
}
<?php
// Database class folder path
define('DBPATH', dirname(__FILE__) . '/database/');
// erro reporting
error_reporting(E_ALL);
// get db environment variables
require_once DBPATH . 'config.php';
// include all databse classes
require_once DBPATH . 'index.php';
// include all databse classes
require_once DBPATH . 'function.php';
//check up to exsist of DB class
if (!class_exists('DB')) {
error_code('can not find db class.', __FILE__, __LINE__);
}
//global db variable
$db = require_db();
// proceeding for request from mobile
require_once DBPATH . 'controlDB.php';
/**
* Loading of base system configuration, creating of missing directories
*/
protected function construct()
{
if (!file_exists(CONFIG . '/main.json')) {
error_code(500);
Page::instance()->error(h::p('Config file not found, is system installed properly?') . h::a('How to install CleverStyle CMS', ['href' => 'https://github.com/nazar-pc/CleverStyle-CMS/wiki/Installation']));
exit;
}
$this->config = file_get_json_nocomments(CONFIG . '/main.json');
_include_once(CONFIG . '/main.php', false);
defined('DEBUG') || define('DEBUG', false);
define('DOMAIN', $this->config['domain']);
date_default_timezone_set($this->config['timezone']);
if ($clangs = Cache::instance()->{'languages/clangs'}) {
if (is_array($clangs) && !empty($clangs)) {
$clang = explode('/', trim($_SERVER['REQUEST_URI'], '/'), 2)[0];
if (in_array($clang, $clangs)) {
$this->set('language', array_flip($clangs)[$clang]);
define('FIXED_LANGUAGE', true);
}
unset($clang);
}
}
unset($clangs);
if (!is_dir(STORAGE)) {
@mkdir(STORAGE, 0755);
file_put_contents(STORAGE . '/.htaccess', 'Allow From All');
}
if (!is_dir(CACHE)) {
@mkdir(CACHE, 0700);
}
if (!is_dir(PCACHE)) {
@mkdir(PCACHE, 0755);
file_put_contents(PCACHE . '/.htaccess', '<FilesMatch "\\.(css|js)$">
Allow From All
</FilesMatch>
<ifModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 1 month"
</ifModule>
<ifModule mod_headers.c>
Header set Cache-Control "max-age=2592000, public"
</ifModule>
AddEncoding gzip .js
AddEncoding gzip .css
');
}
if (!is_dir(LOGS)) {
@mkdir(LOGS, 0700);
}
if (!is_dir(TEMP)) {
@mkdir(TEMP, 0755);
file_put_contents(TEMP . '/.htaccess', 'Allow From All');
}
if (isset($_SERVER['CONTENT_TYPE']) && strpos($_SERVER['CONTENT_TYPE'], 'application/json') === 0) {
$_POST = _json_decode(@file_get_contents('php://input')) ?: [];
$_REQUEST = array_merge($_REQUEST, $_POST);
} elseif (in_array(strtolower($_SERVER['REQUEST_METHOD']), ['head', 'put', 'delete'])) {
if (isset($_SERVER['CONTENT_TYPE']) && strpos($_SERVER['CONTENT_TYPE'], 'application/x-www-form-urlencoded') === 0) {
@parse_str(file_get_contents('php://input'), $_POST);
$_REQUEST = array_merge($_REQUEST, $_POST);
}
}
$this->constructed = true;
}
