// Now we can enable debug if required if (defined('OBS_DEBUG_WUI')) { if ($_SESSION['userlevel'] < 7 && !$config['permit_user_debug']) { // DO NOT ALLOW show debug output for users with privilege level less than "global secure read" define('OBS_DEBUG', 0); ini_set('display_errors', 0); ini_set('display_startup_errors', 0); ini_set('log_errors', 1); //ini_set('error_reporting', 0); // Default } else { define('OBS_DEBUG', 1); } } $permissions = permissions_cache($_SESSION['user_id']); // Add feeds & api keys after first auth if ($mcrypt_exists && !get_user_pref($_SESSION['user_id'], 'atom_key')) { // Generate unique token do { $atom_key = md5(strgen()); } while (dbFetchCell("SELECT COUNT(*) FROM `users_prefs` WHERE `pref` = ? AND `value` = ?;", array('atom_key', $atom_key)) > 0); set_user_pref($_SESSION['user_id'], 'atom_key', $atom_key); } } if ($auth_success) { // If just logged in go to request uri, unless we're debugging, in which case we want to see authentication module output first. if (!OBS_DEBUG) { header("Location: " . $_SERVER['REQUEST_URI']); } else { print_message("Debugging mode has disabled redirect to front page; please click <a href=\"" . $_SERVER['REQUEST_URI'] . "\">here</a> to continue."); } exit;
function generate_feed_url($vars) { $url = FALSE; if (!class_exists('SimpleXMLElement')) { return $url; } // Break if class SimpleXMLElement is not available. if (is_numeric($_SESSION['user_id']) && is_numeric($_SESSION['userlevel'])) { $key = get_user_pref($_SESSION['user_id'], 'atom_key'); } if ($key) { $param = array(rtrim($GLOBALS['config']['base_url'], '/') . '/feed.php?id=' . $_SESSION['user_id']); $param[] = 'hash=' . encrypt($_SESSION['user_id'] . '|' . $_SESSION['userlevel'] . '|' . $_SESSION['auth_mechanism'], $key); $feed_type = 'atom'; foreach ($vars as $var => $value) { if ($value != '') { switch ($var) { case 'v': if ($value == 'rss') { $param[] = "{$var}=rss"; $feed_type = 'rss'; } break; case 'feed': $title = "Observium :: " . ucfirst($value) . " Feed"; $param[] = 'size=' . $GLOBALS['config']['frontpage']['eventlog']['items']; // no break here // no break here case 'size': $param[] = "{$var}={$value}"; break; } } } $baseurl = implode('&', $param); $url = '<link href="' . $baseurl . '" rel="alternate" title="' . $title . '" type="application/' . $feed_type . '+xml" />'; } return $url; }
ini_set('display_startup_errors', 0); ini_set('log_errors', 0); ini_set('allow_url_fopen', 0); ini_set('error_reporting', E_ALL); } include_once "../includes/defaults.inc.php"; include_once "../config.php"; include_once "../includes/definitions.inc.php"; include $config['install_dir'] . "/includes/common.inc.php"; include $config['install_dir'] . "/includes/rewrites.inc.php"; include $config['install_dir'] . "/includes/dbFacile.php"; //include($config['install_dir'] . "/includes/functions.inc.php"); include $config['html_dir'] . "/includes/functions.inc.php"; //include($config['html_dir'] . "/includes/authenticate.inc.php"); // not for RSS! if (isset($_GET['hash']) && is_numeric($_GET['id'])) { $key = get_user_pref($_GET['id'], 'atom_key'); list($user_id, $user_level) = explode('|', decrypt($_GET['hash'], $key)); // user_id|user_level if ($user_id == $_GET['id']) { session_start(); $_SESSION['user_id'] = $user_id; $_SESSION['userlevel'] = $user_level; $permissions = permissions_cache($_SESSION['user_id']); include $config['html_dir'] . "/includes/cache-data.inc.php"; // Need for check permissions $use_rss = $_GET['v'] == 'rss' ? TRUE : FALSE; // In most cases used ATOM feed $param = array('short' => TRUE, 'pagesize' => 25); if (is_numeric($_GET['size'])) { $param['pagesize'] = $_GET['size']; }