public function __construct()
{
parent::__construct();
if (Glucose::config('user', 'stats')) {
http_auth(Glucose::config('user', 'stats'), Glucose::config('pass', 'stats'));
}
}
<?php
/*
* http://localhost/services/api/getDocument.php?id=1735&name=Bildschirmfoto.png
*
* param: id = document id
* param: name = document name
*/
require_once "../../../etc/koala.conf.php";
require_once PATH_LIB . "http_auth_handling.inc.php";
require_once "error_handling.php";
if (http_auth()) {
if (!(defined("API_ENABLED") && API_ENABLED === TRUE)) {
header('Content-Type: text/xml; charset=utf-8');
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>";
xml_error("API_ENABLED not set");
exit;
}
if (!(defined("API_CLIENT_ID") && isset($_GET["cid"]) && API_CLIENT_ID == $_GET["cid"])) {
header('Content-Type: text/xml; charset=utf-8');
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>";
xml_error("API_CLIENT_ID not allowed");
exit;
}
if (isset($_GET["id"]) && isset($_GET["name"])) {
$download_url = "/download/" . $_GET["id"] . "/" . $_GET["name"];
header("Location: " . $download_url);
} else {
header('Content-Type: text/xml; charset=utf-8');
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>";
xml_error("Parameter id or name is missing.");
$content = request_var('content', '');
$forum_ids = request_var('f', array(0));
$topic_id = request_var('t', 0);
$include_subforums = request_var('sub', false);
$cat = request_var('cat', false);
$syndication_method = request_var('format', '');
$number_items = request_var('items', (int) $config['syndication_items']);
$global = $content != 'topic_posts' ? request_var('global', false) : false;
$folder = request_var('folder', '');
$http_auth = isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']) ? true : false;
// do we have a guest and HTTP AUTH present?
if (($http_auth || $content == 'pm') && $user->data['user_id'] == ANONYMOUS) {
if ($http_auth) {
phpbb_login();
} else {
http_auth();
}
}
// do not exceed the limit
$number_items > $config['syndication_items'] || $number_items < 0 ? $number_items = (int) $config['syndication_items'] : '';
$syndication_method = parse_format($syndication_method);
switch ($content) {
case 'pm':
if (!$config['allow_privmsg'] || !$auth->acl_get('u_readpm')) {
$user->add_lang('ucp');
trigger_error('PM_DISABLED');
}
switch ($folder) {
case PRIVMSGS_INBOX:
$folder = 'inbox';
break;
public function handleRequest($pathArray)
{
// handel Frame Requests
$urlRequestObject = new UrlRequestObject();
if (isset($pathArray[0])) {
$urlRequestObject->setNamespace($pathArray[0]);
}
if (isset($pathArray[1])) {
$urlRequestObject->setCommand($pathArray[1]);
}
if (count($pathArray) > 2) {
$params = array();
for ($i = 2; $i < count($pathArray); $i++) {
$params[] = $pathArray[$i];
}
$urlRequestObject->setParams($params);
}
$namespaceExtension = ExtensionMaster::getInstance()->getExtensionForNamespace($urlRequestObject->getNamespace());
if (isset($namespaceExtension)) {
if ($urlRequestObject->getCommand() == "") {
$urlRequestObject->setCommand($namespaceExtension->getDefaultCommandName($urlRequestObject->getNamespace()));
}
$command = $namespaceExtension->getCommand($urlRequestObject->getCommand());
if ($command == null) {
if (strtolower($urlRequestObject->getCommand()) == "asset") {
$command = new Asset();
} else {
if (strtolower($urlRequestObject->getCommand()) == "css") {
$command = new Css();
} else {
if (strtolower($urlRequestObject->getCommand()) == "js") {
$command = new Js();
}
}
}
}
if ($command == null) {
if (DEVELOPMENT_MODE) {
throw new Exception("Command {$urlRequestObject->getCommand()} not found.");
} else {
ExtensionMaster::getInstance()->send404Error();
}
}
//init commands extension
$command->getExtension();
if ($command->httpAuth($urlRequestObject)) {
include_once PATH_LIB . "http_auth_handling.inc.php";
if (!http_auth()) {
die("Bitte anmelden.");
}
}
$frame = lms_portal::get_instance();
if ($command instanceof IResourcesCommand) {
if ($command->validateData($urlRequestObject)) {
if ($command->isGuestAllowed($urlRequestObject)) {
$frame->initialize(GUEST_ALLOWED, $command->workOffline($urlRequestObject));
} else {
$frame->initialize(GUEST_NOT_ALLOWED, $command->workOffline($urlRequestObject));
}
ExtensionMaster::getInstance()->getExtensionById("Chronic")->setCurrentObject($namespaceExtension->getCurrentObject($urlRequestObject));
$command->processData($urlRequestObject);
$command->resourcesResponse();
die;
}
} else {
if ($command instanceof IFrameCommand) {
if ($command->validateData($urlRequestObject)) {
if ($command->isGuestAllowed($urlRequestObject)) {
$frame->initialize(GUEST_ALLOWED, $command->workOffline($urlRequestObject));
} else {
$frame->initialize(GUEST_NOT_ALLOWED, $command->workOffline($urlRequestObject));
}
ExtensionMaster::getInstance()->getExtensionById("Chronic")->setCurrentObject($namespaceExtension->getCurrentObject($urlRequestObject));
$command->processData($urlRequestObject);
$frameResponeObject = $command->frameResponse(new FrameResponseObject());
if ($command->embedContent($urlRequestObject)) {
$data = \Widgets\Widget::getData($frameResponeObject->getWidgets());
$frame->add_css_style($data["css"]);
$frame->add_javascript_code("Widgets", $data["js"]);
$frame->set_page_main($frameResponeObject->getHeadline(), $data["html"] . "<script type=\"text/javascript\">{$data["postjs"]}</script>", "");
$frame->set_page_title($frameResponeObject->getTitle());
$frame->set_confirmation($frameResponeObject->getConfirmText());
$frame->set_problem_description($frameResponeObject->getProblemDescription(), $frameResponeObject->getProblemSolution());
$frame->show_html();
die;
} else {
$data = \Widgets\Widget::getData($frameResponeObject->getWidgets());
echo $data["html"];
die;
}
}
}
}
if (DEVELOPMENT_MODE) {
throw new Exception("Command {$urlRequestObject->getCommand()} execution error.");
} else {
ExtensionMaster::getInstance()->send404Error();
}
}
ExtensionMaster::getInstance()->send404Error();
}
/**
* do login for user authenticating via HTTP AUTH
*/
function phpbb_login()
{
global $auth;
// get username and password
set_var($username, $_SERVER['PHP_AUTH_USER'], 'string', true);
set_var($password, $_SERVER['PHP_AUTH_PW'], 'string', true);
$result = $auth->login($username, $password, true, false);
if ($result['status'] == LOGIN_SUCCESS) {
// Special case... the user is effectively banned, but we allow founders to login
if (defined('IN_CHECK_BAN') && $result['user_row']['user_type'] != USER_FOUNDER) {
trigger_error('BANNED');
}
// user logged in successfully, redirect to the same page to make the new session become effective
$url = build_feed_url();
$redirect = reapply_sid($url);
redirect($redirect);
} else {
http_auth();
}
}
