function getLatestChange()
{
if ($this->scheduleCaching) {
$this->db->executeQuery("SELECT MAX(mdate) FROM " . mktablename("boxes") . " WHERE name LIKE '" . $this->pageName . "_%'");
$tmp = $this->db->fetchArray();
$this->latestChange = $tmp[0];
DEBUG("CACHE: Latest change on page occured on: " . strftime("%Y-%m-%d, %H:%M:%S %z", $this->latestChange));
}
}
private function auxiliaryStylesheet($params)
{
$this->pdo->databaseConnector->executeQuery("SELECT * FROM " . mktablename("stylesheets") . " WHERE name='" . $params[0] . "'");
if ($this->pdo->databaseConnector->getNumRows() != 0) {
$stylesheetArray = $this->pdo->databaseConnector->fetchArray();
$this->pdo->scheduleInsertion_Stylesheet($stylesheetArray['content']);
return 0;
// no error
} else {
throw new GeneralException("Stylesheet for this page was not found: " . $params[0]);
return 16;
// not found
}
}
function setMainStylesheet($name, $type)
{
if ($type == "internal") {
$this->pdo->databaseConnector->executeQuery("SELECT * FROM " . mktablename("stylesheets") . " WHERE name='" . $name . "'");
$test = $this->pdo->databaseConnector;
if ($this->pdo->databaseConnector->getNumRows() != 0) {
$stylesheetArray = $this->pdo->databaseConnector->fetchArray();
$this->pdo->scheduleInsertion_Stylesheet($stylesheetArray['content']);
return 0;
// no error
} else {
throw new GeneralException("Stylesheet for this page was not found: " . $params[0]);
return 16;
// not found
}
}
if ($type == "external") {
$this->pdo->scheduleInsertion_ExternalStylesheet($params[0]);
} else {
throw new CodingException("Wrong parameter count, possible missing parameter 2.", __FUNCTION__, "header");
}
}
function doBodyJobs()
{
global $SYSTEM_INFO;
$frame_01 = new uiFrame("accountsFrame", "", "mgmtFrame");
$text_header = new uiText("text01", "<span class=\"cHeading\">:: accounts</span>");
$text_welcome = new uiText("textAccounts", "With <strong>Accounts</strong> you can setup multiple users and groups and manage their particular permissions. If you want to change the permissions or details of a certain user or group, click the respective "Modify" link.<br/><br/>\n");
$text_usermenu = new uiText("", '<a href="' . mksyslink("?mgmt;CreateUser;") . '">Create new user</a>');
/* users option group */
$og_users = new uiOptionGroup("og_users", "Users", "background-color: rgb(166, 220, 113);");
$text_users = new uiText("", "Modify or create users.");
$og_users->attach($text_users);
$this->db->executeQuery("SELECT * FROM " . mktablename("users") . " ORDER BY uid ASC");
$i = 0;
while ($user = $this->db->fetchArray()) {
$ugo = new uiMgmtUserGroup($i, "", "user", "uiMgmtUser", implode(":::", $user));
$og_users->attach($ugo);
$i++;
}
$text_usermenu = new uiText("", '<small><a href="' . mksyslink("?mgmt;CreateUser;") . '">Create new user</a></small>');
$og_users->attach($text_usermenu);
/* group option group */
$og_groups = new uiOptionGroup("og_groups", "Groups", "background-color: rgb(229, 136, 46);");
$text_groups = new uiText("", "Create new groups or modify existing ones.");
$og_groups->attach($text_groups);
$this->db->executeQuery("SELECT * FROM " . mktablename("groups") . " ORDER BY gid ASC");
$i = 0;
while ($group = $this->db->fetchArray()) {
$ugo = new uiMgmtUserGroup($i, "", "group", "uiMgmtGroup", implode(":::", $group));
$og_groups->attach($ugo);
$i++;
}
$text_groupmenu = new uiText("", '<small><a href="' . mksyslink("?mgmt;CreateGroup;") . '">Create new group</a></small>');
$og_groups->attach($text_groupmenu);
$frame_01->attach($text_header);
$frame_01->attach($text_welcome);
$frame_01->attach($og_users);
$frame_01->attach($og_groups);
$this->pdo->insertIntoBodyBuffer($frame_01->__toString());
}
function parseRequest()
{
global $CONFIG;
$this->userAgent = $_SERVER['HTTP_USER_AGENT'];
$this->timestamp = 0;
$requestString = explode(";", getenv("QUERY_STRING"));
if ($requestString[0] == "mgmt") {
$this->wantAdmin = 1;
// this is needed due to the stylesheets
// and as we think the admin is "clean" to the users, the console p.e. is not needed
// removes the key containing "2mc" from the array
// so that it can be used furthermore.
DEBUG("PR: Admin wanted.");
if (isset($requestString[2])) {
$tmpString = $requestString[2];
$this->wantedAdminFuncParam = $requestString[2];
$this->wantedAdminFunc = $requestString[1];
} else {
$tmpString = "";
}
$this->wantAdmin++;
DEBUG("PR: Admin non-db page requested: " . $requestString[1]);
return;
} else {
$tmpString = $requestString[0];
}
if ($tmpString != "") {
$tmpString = killScriptKiddies($tmpString);
$tmpString = explode("/", $tmpString);
if (count($tmpString) == 1) {
$this->requestedSite = "default";
$this->requestedPage = $tmpString[0];
}
if (count($tmpString) >= 2) {
if (strlen($tmpString[1]) == 0) {
$this->requestedPage = "home";
} else {
$this->requestedPage = $tmpString[1];
}
$this->requestedSite = $tmpString[0];
}
$this->connector->executeQuery("SELECT * FROM " . mktablename("sites") . " WHERE name='" . $this->requestedSite . "';");
$siteArr = $this->connector->fetchArray();
if ($siteArr !== false) {
$existingPages = explode(";", $siteArr['members']);
if (array_search($this->requestedPage, $existingPages) === false) {
header("HTTP/1.1 404 Not Found");
$orig_page = $this->requestedPage;
$this->requestedPage = "404NotFound";
DEBUG("PR: Given page not found in database (" . $this->requestedSite . "/" . $orig_page . ")");
$this->error = 404;
return;
}
$this->connector->executeQuery("SELECT * FROM " . mktablename("pages") . " WHERE name='" . $this->requestedPage . "'");
$pageArr = $this->connector->fetchArray();
$rm = new rightsManager($pageArr);
if ($rm->hasUserViewingRights() == false) {
header("HTTP/1.1 401 Forbidden");
$this->requestedPage = "401Forbidden";
DEBUG("PR: Current user has insufficient rights to view this page.");
$this->error = 401;
return;
}
} else {
header("HTTP/1.1 404 Not Found");
$or_site = $this->requestedSite;
$or_page = $this->requestedPage;
$this->requestedPage = "404NotFound";
$this->requestedSite = "default";
DEBUG("PR: Given site does not exist, falling back to " . $this->requestedSite . "/" . $this->requestedPage . ". Requested site/page was: " . $or_site . "/" . $or_page);
$this->error = 404;
return;
}
} else {
$homeFound = false;
$this->connector->executeQuery("SELECT name FROM " . mktablename("pages"));
while ($arr = $this->connector->fetchArray()) {
if ($arr["name"] == "home") {
$homeFound = true;
}
}
if ($homeFound) {
$this->requestedPage = "home";
$this->requestedSite = "default";
DEBUG("PR: Falling back to default target.");
} else {
$this->requestedPage = "InstallationSuccessful";
$this->requestedSite = "default";
DEBUG("*** fresh 29o3 installation, defaulting to default/InstallationSuccessful ***");
}
}
}
function doBodyJobs()
{
global $SYSTEM_INFO, $CONFIG;
$this->pdo->scheduleInsertion_ExternalStylesheet("lib/admin/adminAppearance.css");
if (strpos($this->pdo->getAdminFuncParam(), "EditLayout") === 0) {
$CONFIG["Developer_Debug"] = false;
$paramlist = split("_", $this->pdo->getAdminFuncParam());
if (!isset($paramlist[1]) || $paramlist[1] == "") {
$this->pdo->insertIntoBodyBuffer("<em><strong>Please select a layout from the list above or click "Create" to create a new one.</strong></em>");
} else {
ob_start();
echo '<textarea style="width: 400px; height: 200px; border: 1px solid black;">';
$file = file_get_contents($CONFIG["ContentDir"] . "layouts/" . $paramlist[1] . ".php");
echo "<![CDATA[" . $file . "]]>";
echo '</textarea>';
$string = ob_get_contents();
ob_end_clean();
$this->pdo->insertIntoBodyBuffer($string);
}
return;
}
$this->pdo->insertIntoBodyBuffer(adminFuncs::getAdminDesignStart("appearance"));
ob_start();
echo "\n<br/>\n<div align=\"left\">";
echo "<strong>Existing Layouts:</strong><br/>";
echo '<div class="embedded">';
// lets check which layouts we have
$query = "SELECT " . mktablename("pages") . ".name, " . mktablename("pages") . ".layout, " . mktablename("layouts") . ".lname, " . mktablename("layouts") . ".file FROM " . mktablename("layouts") . " LEFT JOIN " . mktablename("pages") . " ON " . mktablename("layouts") . ".lname=" . mktablename("pages") . ".layout";
$this->db->executeQuery($query);
echo "<div class=\"layout_table\">\n";
echo "<div class=\"layout_tr\" style=\"font-size: 12px; font-weight: bold; background-image: url(lib/images/uiMgmtMenuBgHover.png);\">\n";
echo '<div class="layout_td" style="background-image: url(lib/images/uiMgmtMenuBgHover.png);">Layout name</div><div class="layout_td" style="background-image: url(lib/images/uiMgmtMenuBgHover.png);">Used on page:</div><div class="layout_td" style="background-image: url(lib/images/uiMgmtMenuBgHover.png);"> </div>' . "\n";
echo "</div>";
while ($arr = $this->db->fetchArray()) {
echo "<div class=\"layout_tr\" style=\"";
if ($arr["name"] == "") {
echo "background-color: lightgreen; color: black;\">\n";
} else {
echo "background-color: white; color: black; background-image: url(lib/images/uiMgmtMenuBgHover.png);\">\n";
}
// layout name
echo "<div class=\"layout_td\" id=\"td_lname\"><strong><a href=\"" . mksyslink("?mgmt;Appearance;EditLayout_" . $arr["file"]) . "\" target=\"editorframe\">" . $arr["lname"] . "</a></strong></div>\n";
// page name
if ($arr["name"] != "") {
echo "<div class=\"layout_td\" id=\"td_pname\">" . $arr["name"] . "</div>\n";
} else {
echo "<div class=\"layout_td\" id=\"td_pname\"><em>none</em></div>\n";
}
//echo "Layout " . $arr["lname"] . " used on page " . $arr["name"] . "<br/>\n";
echo "<div class=\"layout_td\" style=\"width: 285px;\"> </div>";
// close row
echo "</div>\n";
}
// close table
echo "</div>\n";
// close embedded
echo "</div>\n";
echo "<br/>";
echo '<iframe src="' . mksyslink("?mgmt;Appearance;EditLayout_") . '" name="editorframe" class="editorframe"></iframe>';
echo "</div>\n";
$string = ob_get_contents();
ob_end_clean();
$this->pdo->insertIntoBodyBuffer($string . "\n" . adminFuncs::getAdminDesignEnd());
}
function getAvailableBoxes()
{
$boxCount = 0;
$availBoxCount = 0;
$this->databaseConnector->executeQuery("SELECT * FROM " . mktablename("boxes") . " WHERE owning_page='" . $this->name . "'");
if ($this->databaseConnector->getNumRows() != 0) {
while ($arr = $this->databaseConnector->fetchArray()) {
$rm = new rightsManager($arr);
if ($rm->hasUserViewingRights() == false) {
$arr["content"] = "<em>You do not have access to this box.</em>";
} else {
$arr["content"] = $this->boxParser->parseBox($arr["content"]);
$availBoxCount++;
}
$tempArray = array($arr["name"] => $arr);
$this->boxes = array_merge($tempArray, $this->boxes);
$boxCount++;
}
}
DEBUG("PDO: Got {$boxCount} boxes with {$availBoxCount} available to current user.");
}
$ping_excerpt = substr(0, 253, $ping_excerpt) . "...";
} else {
$ping_excerpt = "";
}
killScriptKiddiesGently($ping_url);
killScriptKiddiesGently($ping_title);
killScriptKiddiesGently($ping_blogname);
killScriptKiddiesGently($ping_excerpt);
header("Content-type: text/xml");
printf('<?xml version="1.0" encoding="UTF-8"?>%s', "\n");
echo "<!-- 29o3 generated TrackBack response to ping from -->\n";
echo "<response>\n";
if ($request->getWantAdmin()) {
echo "<error>401</error>\n";
echo "<message>Forbidden</message>\n";
} else {
if ($request->getError() != 0) {
echo "<error>" . $request->getError() . "</error>\n";
echo "<message>" . getMsgFromNo($request->getError()) . "</message>\n";
} elseif ($ping_url == "") {
echo "<error>2</error>\n";
echo "<message>No Ping URL given</message>\n";
} else {
if ($ping_title == "") {
$ping_title = $ping_url;
}
$connector->executeQuery("INSERT INTO " . mktablename("tbping") . " VALUES(0, '" . $request->getRequestedSite() . "/" . $request->getRequestedPage() . "', '" . $ping_url . "', '" . $ping_title . "', '" . $ping_excerpt . "', '" . $ping_blogname . "');");
echo "<error>0</error>\n";
}
}
echo "</response>\n";
function bootstrap()
{
global $CONFIG, $SYSTEM_INFO, $output_started, $body_started, $console, $profiler, $ALLOWED_MGMT_FUNCS;
header("Content-type: application/xhtml+xml\r");
$console = new SystemConsole();
DEBUG("<strong>This is 29o3 " . $SYSTEM_INFO['SystemVersion'] . " Codename " . $SYSTEM_INFO['SystemCodename'] . "</strong>");
DEBUG("SYS: Bootstrapping started...");
$connector = new DatabaseConnector();
$connector->setupConnection($CONFIG['DatabaseHost'], $CONFIG['DatabaseUser'], $CONFIG['DatabasePassword'], $CONFIG['DatabaseName'], $CONFIG['DatabasePort']);
DEBUG("DB: Connected to database.");
$request = new PageRequest($connector);
$request->parseRequest();
// instanciate new cache object
$co = new cacheObject($connector, $request->getRequestedSite(), $request->getRequestedPage());
// check if we have content for current page cached
$cacheContent = $co->getCached();
if ($cacheContent === false) {
// construct header and body objects
$header = new XHTMLHeader();
$body = new XHTMLBody();
$pdo = new pageDescriptionObject($header, $body, $connector, $request->getWantAdmin(), $request->getAdminFuncParam());
$connector->executeQuery("SELECT * FROM " . mktablename("pages") . " WHERE name='" . $request->getRequestedPage() . "'");
/* lets see what the admin wants */
if ($request->getWantAdmin()) {
if ($request->getRequestedPage() == "overview") {
}
}
$pageInfo = $connector->fetchArray();
$pdo->setPageDescriptionA($pageInfo, $request->getRequestedSite());
$header->setTitle($pdo->getContent("title"));
if ($pdo->getContent("description") != "") {
$header->addMetaDCDescription($pdo->getContent('description'));
}
if ($pdo->getContent("subject") != "") {
$header->addMetaDCSubject($pdo->getContent("subject"));
}
if ($pdo->getContent("date") != 0) {
$header->addMetaDCDate(strftime("%Y-%m-%d", $pdo->getContent('date')));
}
if ($pdo->getContent("creator") != "") {
$header->addMetaDCCreator($pdo->getContent("creator"));
}
if ($pdo->getContent("contributors") != "") {
$c_arr = explode(";", $pdo->getContent('contributors'));
for ($i = 0; $i <= count($c_arr) - 1; $i++) {
$header->addMetaDCContributor($c_arr[$i]);
}
}
if ($pdo->getContent("type") != "") {
$header->addMetaDCType($pdo->getContent("type"));
}
if ($pdo->getContent("sources") != "") {
$sources_array = explode(";", $pdo->getContent('sources'));
for ($i = 0; $i <= count($sources_array) - 1; $i++) {
$header->addMetaDCSource($sources_array[$i]);
}
}
/*
!!! FIXME: THE FOLLOWING CODE CAUSES A RACE CONDITION ON BOTH APACHE2/PHP
!!! AND PHP-CLI.
!!! SEV: (5) - Causes server process to fill RAM and swap -> kill
!!! RES: Currently no resolution, commented out because of this.
!!! I'd say it has got something to do with the database for
!!! I cannot find an error elsewhere.
>!< *** FIXED ***
>!< F**K YOU F**K YOU DAMN CODER!!!! F**K YOU!!!
*/
if ($pdo->getContent("language") != "") {
$header->addMetaDCLanguage($pdo->getContent('language'));
}
if ($pdo->getContent('copyright') != "") {
$header->addMetaDCRights($pdo->getContent("copyright"));
}
// this is the r0x0r1ng stylesheet which controls how system messages (errors, etc.) appear
$pdo->scheduleInsertion_ExternalStylesheet("n_style.css");
if ($pdo->getContent('no_cache') == 1) {
$co->setScheduleCaching(false);
DEBUG("CACHE: Caching deactivated on request.");
}
// now, get the page's stylesheet; it might be empty, but we'll add it if not :)
if ($request->getWantAdmin() <= 1) {
if ($request->getWantAdmin() == 1) {
$co->setScheduleCaching(false);
DEBUG("CACHE: Admin wanted, caching deactivated.");
}
$layoutManager = new LayoutManager($pdo);
$pdo->getAvailableBoxes();
$connector->executeQuery("SELECT * FROM " . mktablename("layouts") . " WHERE lname='" . $pageInfo['layout'] . "'");
if ($connector->getNumRows() != 0) {
$currentLayout = $connector->fetchArray();
$layoutManager->setLayoutFile($currentLayout['file']);
$layoutManager->parseLayout();
} else {
throw new GeneralException("No layout found. 29o3 cannot continue.");
}
if ($request->getWantAdmin()) {
require_once $CONFIG['LibDir'] . 'admin/adminFuncs.php';
$af = new adminFuncs($pdo, $request);
$pdo->scheduleInsertion_ExternalStylesheet($af->getAdminStylesheet());
}
DEBUG("DB: " . $connector->getExecutedQueries() . " queries executed.");
$connector->closeConnection();
DEBUG("DB: Connection closed.");
$profiler->addBreakpoint();
DEBUG("SYS: Resource usage, sys:" . $profiler->getBreakpointGrandSysDifference() . "µs usr:"******"µs");
DEBUG("SYS: Exiting normally.");
// print the buffer of the header since we're done with it :)
$pdo->doInsertions();
// we have everything at this point... start caching procedure
$co->doCache($pdo->getBuffers());
if ($CONFIG['Developer_Debug'] == true) {
if ($body) {
$body->eyecandyConsole($console);
} else {
$console->printBuffer();
}
}
if ($pdo->getBrandingState() == true) {
$pdo->insertBodyDiv("Powered by <a href=\"http://twonineothree.berlios.de\">29o3</a> " . $SYSTEM_INFO["SystemVersion"] . " Codename " . $SYSTEM_INFO["SystemCodename"], "poweredBy", "poweredBy_Banner", "Powered by 29o3");
}
printf('<?xml version="1.0" encoding="UTF-8"?>');
printf('<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">%s', "\n");
printf('<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">%s', "\n");
$pdo->printHeaderBuffer();
$header_started = true;
// destruct the header object
$pdo->destroyHeaderObject();
$body_started = true;
// print out the body buffer
$pdo->printBodyBuffer();
printf('</html>');
// exit normally.
exit(0);
} else {
$co->setScheduleCaching(false);
$pdo->setOmitBranding(true);
DEBUG("CACHE: Admin wanted, caching deactivated.");
require_once $CONFIG['LibDir'] . 'admin/adminFuncs.php';
$co->setScheduleCaching(false);
$af = new adminFuncs($pdo, $request);
$pdo->scheduleInsertion_ExternalStylesheet($af->getAdminStylesheet());
// $pdo->insertBodyDiv("<img src=\"lib/images/adminlogotop.png\" style=\"vertical-align: top; text-align: left; border: 0; padding: 0; margin: 0;\" /><span class=\"adminMenu\" style=\"width: 100%;\">" . $af->getAdminMenu() . "</span>", "adminStripe", "2mc_menu", "29o3 management console");
// this part is for the admin scripts which require
// are not fetched from database
DEBUG("SYS: Skipping normal layout and box fetching procedures");
$header->setTitle("29o3 management console");
$ao = NULL;
$func = $request->getWantedAdminFunc();
if (!array_search($func, $ALLOWED_MGMT_FUNCS)) {
$func = "Overview";
}
// administration needs admin logged in
$sm = new sessionManager($connector);
if ($sm->checkSession() == false) {
DEBUG("MGMT: Admin not logged in.");
$func = "Login";
}
if ($func == "Logout") {
$sm->invalidateSession();
header("Location: " . mksyslink("?"));
}
require_once $CONFIG["LibDir"] . 'admin/admin' . $func . '.php';
$name = "Admin" . $func;
$ao = new $name($connector, $pdo, $sm);
$ao->doPreBodyJobs();
$pdo->insertIntoBodyBuffer($af->getAdminMenu());
$ao->doBodyJobs();
DEBUG("DB: " . $connector->getExecutedQueries() . " queries executed.");
$profiler->addBreakpoint();
DEBUG("SYS: Resource usage, sys:" . $profiler->getBreakpointGrandSysDifference() . "µs usr:"******"µs");
$connector->closeConnection();
DEBUG("DB: Connection closed.");
DEBUG("SYS: Exiting normally.");
if ($CONFIG['Developer_Debug'] == true) {
if ($body) {
$body->eyecandyConsole($console);
} else {
$console->printBuffer();
}
}
// $pdo->insertBodyDiv("Powered by <a href=\"http://twonineothree.berlios.de\">29o3</a> " . $SYSTEM_INFO["SystemVersion"] . " Codename " . $SYSTEM_INFO["SystemCodename"], "poweredBy", "poweredBy_Banner", "Powered by 29o3");
// print the buffer of the header since we're done with it :)
printf('<?xml version="1.0" encoding="UTF-8"?>');
printf('<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">%s', "\n");
printf('<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">%s', "\n");
$pdo->doInsertions();
$pdo->printHeaderBuffer();
$header_started = true;
// destruct the header object
$pdo->destroyHeaderObject();
$body_started = true;
// print out the body buffer
$pdo->printBodyBuffer();
printf('</html>');
// exit normally
exit(0);
}
} else {
echo $co->getCacheContent();
DEBUG("DB: " . $connector->getExecutedQueries() . " queries executed.");
$profiler->addBreakpoint();
DEBUG("SYS: Resource usage, sys:" . $profiler->getBreakpointGrandSysDifference() . "µs usr:"******"µs");
$connector->closeConnection();
DEBUG("DB: Connection closed.");
DEBUG("SYS: Exiting normally.");
if ($CONFIG['Developer_Debug'] == true) {
echo '<center><div class="eyecandyConsole">' . $console->getBuffer() . '</div></center>';
}
echo "\n</body>\n</html>";
// exit normally
exit(0);
}
// never reached
}
function invalidateSession()
{
$this->db->executeQuery("DELETE FROM " . mktablename("sessions") . " WHERE id='" . $this->cur_uniqueID . "'");
}