/** * read wikidot.ini file * set some default values * calculate other values */ public static function init() { self::$iniConfig = parse_ini_file(WIKIDOT_ROOT . "/conf/wikidot.ini", true); // main settings self::$WIKI_FARM = self::fromIni("main", "wiki_farm", false); self::$HTTP_PORT = self::fromIni("main", "port", 8080); if (self::$WIKI_FARM) { self::$SERVICE_NAME = self::fromIni("main", "service"); //no default self::$URL_DOMAIN = self::fromIni("main", "domain", "singlewiki.wikidot.dev"); self::$URL_HOST = self::fromIni("main", "main_wiki", "www." . self::$URL_DOMAIN); } else { self::$SERVICE_NAME = ""; self::$URL_DOMAIN = self::fromIni("main", "domain", "singlewiki.wikidot.dev"); self::$URL_HOST = self::fromIni("main", "main_wiki", "www." . self::$URL_DOMAIN); } // security settings self::$SECRET = self::fromIni("security", "secret", self::fromFile('secret')); self::$USE_SSL = self::fromIni("security", "ssl", false); self::$SECRET_DOMAIN_LOGIN = self::fromIni("security", "secret_login", self::$SECRET . "_custom_domain_login"); self::$USE_UPLOAD_DOMAIN = self::fromIni("security", "upload_separate_domain", false); self::$URL_UPLOAD_DOMAIN = self::fromIni("security", "upload_domain", "wd.files." . self::$URL_DOMAIN); self::$RESTRICT_HTML = self::fromIni("security", "upload_restrict_html", true); self::$SECRET_MANAGE_SUPERADMIN = self::fromIni("security", "secret_manage_superadmin", md5(self::$SECRET . '_super_admin')); // database settings self::$DATABASE_USER = self::fromIni("db", "user"); // no default! self::$DATABASE_PASSWORD = self::fromIni("db", "password"); // no default! self::$DATABASE_NAME = self::fromIni("db", "database"); // no default! self::$DATABASE_SERVER = self::fromIni("db", "host", "127.0.0.1"); self::$DATABASE_PORT = self::fromIni("db", "port", "5432"); // search settings self::$SEARCH_LUCENE_INDEX = self::fromIni("search", "lucene_index", WIKIDOT_ROOT . "/tmp/lucene_index"); self::$SEARCH_LUCENE_QUEUE = self::fromIni("search", "lucene_queue", WIKIDOT_ROOT . "/tmp/lucene_queue"); self::$SEARCH_LUCENE_LOCK = self::fromIni("search", "lucene_lock", WIKIDOT_ROOT . "/tmp/lucene_lock"); self::$SEARCH_HIGHLIGHT = self::fromIni("search", "highlight", false); self::$SEARCH_USE_JAVA = self::fromIni("search", "use_java", false); // mail settings self::$DEFAULT_SMTP_HOST = self::fromIni("mail", "host", "127.0.0.1"); self::$DEFAULT_SMTP_SECURE = self::fromIni("mail", "ssl", false) ? "ssl" : ""; self::$DEFAULT_SMTP_PORT = self::fromIni("mail", "port", self::$DEFAULT_SMTP_SECURE == "ssl" ? 465 : 25); self::$DEFAULT_SMTP_USER = self::fromIni("mail", "user", "admin"); self::$DEFAULT_SMTP_PASSWORD = self::fromIni("mail", "password", ""); self::$DEFAULT_SMTP_AUTH = self::fromIni("mail", "auth", false); self::$DEFAULT_SMTP_HOSTNAME = self::fromIni("mail", "hostname", self::$DEFAULT_SMTP_HOST); self::$DEFAULT_SMTP_FROM_EMAIL = self::fromIni("mail", "from_mail", strstr(self::$DEFAULT_SMTP_USER, "@") ? self::$DEFAULT_SMTP_USER : self::$DEFAULT_SMTP_USER . "@" . self::$DEFAULT_SMTP_HOSTNAME); self::$DEFAULT_SMTP_FROM_NAME = self::fromIni("mail", "from_name", self::$SERVICE_NAME . " Mailer"); self::$DEFAULT_SMTP_REPLY_TO = self::fromIni("mail", "reply_to", "no-reply@" . self::$DEFAULT_SMTP_HOSTNAME); self::$DEFAULT_SMTP_SENDER = self::fromIni("mail", "sender", self::$DEFAULT_SMTP_FROM_EMAIL); self::$SUPPORT_EMAIL = self::fromIni("mail", "support", self::$DEFAULT_SMTP_FROM_EMAIL); // memcache settings self::$USE_MEMCACHE = self::fromIni("memcached", "enable", false); self::$MEMCACHE_HOST = self::fromIni("memcached", "host", "127.0.0.1"); self::$MEMCACHE_PORT = self::fromIni("memcached", "port", 11211); // session settings self::$SESSION_TIMEOUT = self::fromIni("session", "timeout", 3600); self::$SESSION_COOKIE_NAME = self::fromIni("session", "cookie_name", "WIKIDOT_SESSION_ID"); self::$SESSION_COOKIE_SECURE = self::fromIni("session", "cookie_ssl", false); self::$SESSION_COOKIE_NAME_IE = self::fromIni("session", "ie_cookie_name", self::$SESSION_COOKIE_NAME . "_IE"); // ui settings self::$UI_SLEEP = self::fromIni("ui", "sleep", true); self::$DEFAULT_LANGUAGE = self::fromIni("ui", "language", "en"); // log settings self::$LOGGER_LEVEL = self::fromIni("log", "level", "fatal"); self::$LOGGER_FILE = self::fromIni("log", "file", "wikidot.log"); // TODO: use this setting // other settings self::$CACHE_FILES_FOR = self::fromIni("misc", "cache_files_for", 0); self::$URL_DOCS = self::fromIni("misc", "doc_url", "http://www.wikidot.org/doc"); self::$IP_HOST = self::fromIni("misc", "ip", "127.0.0.1"); self::$USE_CUSTOM_DOMAINS = self::fromIni("misc", "custom_domains", false); self::$MODULES_JS_PATH = self::fromIni("misc", "modules_js_path", "web/files--common/modules/js"); self::$MODULES_JS_URL = self::fromIni("misc", "modules_js_url", "/common--modules/js"); self::$MODULES_CSS_PATH = self::fromIni("misc", "modules_css_path", "web/files--common/modules/css"); self::$MODULES_CSS_URL = self::fromIni("misc", "modules_css_url", "/common--modules/css"); self::$XSENDFILE_USE = self::fromIni("misc", "xsendfile", false); self::$XSENDFILE_HEADER = self::fromIni("misc", "xsendfile_header", "X-LIGHTTPD-send-file"); // non-configurable properties self::$DATABASE_TYPE = "pgsql"; self::$DATABASE_USE_PERSISTENT_CONNECTIONS = false; self::$SESSION_COOKIE_DOMAIN = "." . self::$URL_DOMAIN; self::$DEFAULT_SKIN = "default"; self::$URL_HOST_PREG = preg_quote(self::$URL_HOST); self::$URL_DOMAIN_PREG = preg_quote(self::$URL_DOMAIN); self::$URL_UPLOAD_DOMAIN_PREG = preg_quote(self::$URL_UPLOAD_DOMAIN); }
public function process() { global $timeStart; // quick fix to prevent recursive RSS access by Wikidot itself. if (strpos($_SERVER['HTTP_USER_AGENT'], 'MagpieRSS') !== false) { exit; } // initialize logging service $logger = OzoneLogger::instance(); $loggerFileOutput = new OzoneLoggerFileOutput(); $loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log"); $logger->addLoggerOutput($loggerFileOutput); $logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL); $logger->debug("request processing started, logger initialized"); Ozone::init(); $runData = new RunData(); $runData->init(); Ozone::setRunData($runData); $logger->debug("RunData object created and initialized"); // check if site (wiki) exists! $siteHost = $_SERVER["HTTP_HOST"]; $memcache = Ozone::$memcache; if (preg_match("/^([a-zA-Z0-9\\-]+)\\." . GlobalProperties::$URL_DOMAIN_PREG . "\$/", $siteHost, $matches) == 1) { $siteUnixName = $matches[1]; // select site based on the unix name // check memcached first! $mcKey = 'site..' . $siteUnixName; $site = $memcache->get($mcKey); if (!$site) { $c = new Criteria(); $c->add("unix_name", $siteUnixName); $c->add("site.deleted", false); $site = DB_SitePeer::instance()->selectOne($c); if ($site) { $memcache->set($mcKey, $site, 0, 864000); } } } else { // select site based on the custom domain $mcKey = 'site_cd..' . $siteHost; $site = $memcache->get($mcKey); if (!$site) { $c = new Criteria(); $c->add("custom_domain", $siteHost); $c->add("site.deleted", false); $site = DB_SitePeer::instance()->selectOne($c); if ($site) { $memcache->set($mcKey, $site, 0, 3600); } } if (!$site) { // check for redirects $c = new Criteria(); $q = "SELECT site.* FROM site, domain_redirect WHERE domain_redirect.url='" . db_escape_string($siteHost) . "' " . "AND site.deleted = false AND site.site_id = domain_redirect.site_id LIMIT 1"; $c->setExplicitQuery($q); $site = DB_SitePeer::instance()->selectOne($c); if ($site) { $newUrl = 'http://' . $site->getDomain() . $_SERVER['REQUEST_URI']; header("HTTP/1.1 301 Moved Permanently"); header("Location: " . $newUrl); exit; } } GlobalProperties::$SESSION_COOKIE_DOMAIN = '.' . $siteHost; } if (!$site) { $content = file_get_contents(WIKIDOT_ROOT . "/files/site_not_exists.html"); echo $content; return $content; } $runData->setTemp("site", $site); //nasty global thing... $GLOBALS['siteId'] = $site->getSiteId(); $GLOBALS['site'] = $site; // set language $lang = $site->getLanguage(); $runData->setLanguage($lang); $GLOBALS['lang'] = $lang; // and for gettext too: switch ($lang) { case 'pl': $glang = "pl_PL"; break; case 'en': $glang = "en_US"; break; } putenv("LANG={$glang}"); putenv("LANGUAGE={$glang}"); setlocale(LC_ALL, $glang . '.UTF-8'); // Set the text domain as 'messages' $gdomain = 'messages'; bindtextdomain($gdomain, WIKIDOT_ROOT . '/locale'); textdomain($gdomain); $settings = $site->getSettings(); // handle SSL $sslMode = $settings->getSslMode(); if ($_SERVER['HTTPS']) { if (!$sslMode) { // not enabled, redirect to http: header("HTTP/1.1 301 Moved Permanently"); header("Location: " . 'http://' . $_SERVER["HTTP_HOST"] . $_SERVER['REQUEST_URI']); exit; } elseif ($sslMode == "ssl_only_paranoid") { // use secure authentication cookie // i.e. change authentication scheme GlobalProperties::$SESSION_COOKIE_NAME = "WIKIDOT_SESSION_SECURE_ID"; GlobalProperties::$SESSION_COOKIE_SECURE = true; } } else { // page accessed via http (nonsecure) switch ($sslMode) { case 'ssl': //enabled, but nonsecure allowed too. break; case 'ssl_only_paranoid': case 'ssl_only': header("HTTP/1.1 301 Moved Permanently"); header("Location: " . 'https://' . $_SERVER["HTTP_HOST"] . $_SERVER['REQUEST_URI']); exit; break; } } // handle session at the begging of procession $runData->handleSessionStart(); $template = $runData->getScreenTemplate(); $classFile = $runData->getScreenClassPath(); $className = $runData->getScreenClassName(); $logger->debug("processing template: " . $runData->getScreenTemplate() . ", class: {$className}"); require_once $classFile; $screen = new $className(); $logger->debug("OZONE initialized"); $logger->info("Ozone engines successfully initialized"); $rendered = $screen->render($runData); if ($rendered != null) { $runData->setTemp("jsInclude", array()); // process modules... $moduleProcessor = new ModuleProcessor($runData); //$moduleProcessor->setJavascriptInline(true); // embed associated javascript files in <script> tags $moduleProcessor->setCssInline(true); $rendered = $moduleProcessor->process($rendered); $jss = $runData->getTemp("jsInclude"); $jss = array_unique($jss); $incl = ''; foreach ($jss as $js) { $incl .= '<script type="text/javascript" src="' . $js . '"></script>'; } $rendered = preg_replace(';</head>;', $incl . '</head>', $rendered); } $runData->handleSessionEnd(); // one more thing - some url will need to be rewritten if using HTTPS if ($_SERVER['HTTPS']) { // ? // scripts $rendered = preg_replace(';<script(.*?)src="http://' . GlobalProperties::$URL_HOST_PREG . '(.*?)</script>;s', '<script\\1src="https://' . GlobalProperties::$URL_HOST . '\\2</script>', $rendered); $rendered = preg_replace(';<link(.*?)href="http://' . GlobalProperties::$URL_HOST_PREG . '(.*?)/>;s', '<link\\1href="https://' . GlobalProperties::$URL_HOST . '\\2/>', $rendered); $rendered = preg_replace(';(<img\\s+.*?src=")http(://' . GlobalProperties::$URL_HOST_PREG . '(.*?)/>);s', '\\1https\\2', $rendered); do { $renderedOld = $rendered; $rendered = preg_replace(';(<style\\s+[^>]*>.*?@import url\\()http(://' . GlobalProperties::$URL_HOST_PREG . '.*?</style>);si', '\\1https\\2', $rendered); } while ($renderedOld != $rendered); } if (GlobalProperties::$SEARCH_HIGHLIGHT) { $rendered = Wikidot_Search_Highlighter::highlightIfSuitable($rendered, $_SERVER["REQUEST_URI"], $_SERVER["HTTP_REFERER"]); } echo str_replace("%%%CURRENT_TIMESTAMP%%%", time(), $rendered); return $rendered; }
public function process() { global $timeStart; // initialize logging service $logger = OzoneLogger::instance(); $loggerFileOutput = new OzoneLoggerFileOutput(); $loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log"); $logger->addLoggerOutput($loggerFileOutput); $logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL); $logger->debug("AJAX module request processing started, logger initialized"); Ozone::init(); $runData = new RunData(); /* processing an AJAX request! */ $runData->setAjaxMode(true); $runData->init(); // extra return array - just for ajax handling $runData->ajaxResponseAdd("status", "ok"); Ozone::setRunData($runData); $logger->debug("RunData object created and initialized"); try { // check security token if ($_COOKIE['wikidot_token7'] == null || $_COOKIE['wikidot_token7'] !== $runData->getParameterList()->getParameterValue('wikidot_token7', 'AMODULE')) { throw new ProcessException("no", "wrong_token7"); } //remove token from parameter list!!! $runData->getParameterList()->delParameter('wikidot_token7'); $callbackIndex = $runData->getParameterList()->getParameterValue('callbackIndex'); $runData->getParameterList()->delParameter('callbackIndex'); // check if site (wiki) exists! $siteHost = $_SERVER["HTTP_HOST"]; $memcache = Ozone::$memcache; if (preg_match("/^([a-zA-Z0-9\\-]+)\\." . GlobalProperties::$URL_DOMAIN_PREG . "\$/", $siteHost, $matches) == 1) { $siteUnixName = $matches[1]; // select site based on the unix name // check memcached first! // the memcache block is to avoid database connection if possible $mcKey = 'site..' . $siteUnixName; $site = $memcache->get($mcKey); if ($site == false) { $c = new Criteria(); $c->add("unix_name", $siteUnixName); $c->add("site.deleted", false); $site = DB_SitePeer::instance()->selectOne($c); $memcache->set($mcKey, $site, 0, 3600); } } else { // select site based on the custom domain $mcKey = 'site_cd..' . $siteHost; $site = $memcache->get($mcKey); if ($site == false) { $c = new Criteria(); $c->add("custom_domain", $siteHost); $c->add("site.deleted", false); $site = DB_SitePeer::instance()->selectOne($c); $memcache->set($mcKey, $site, 0, 3600); } GlobalProperties::$SESSION_COOKIE_DOMAIN = '.' . $siteHost; } if (!$site) { throw new ProcessException(_('The requested site does not exist.')); } $runData->setTemp("site", $site); //nasty global thing... $GLOBALS['siteId'] = $site->getSiteId(); $GLOBALS['site'] = $site; // set language $runData->setLanguage($site->getLanguage()); $GLOBALS['lang'] = $site->getLanguage(); // and for gettext too: $lang = $site->getLanguage(); switch ($lang) { case 'pl': $glang = "pl_PL"; break; case 'en': $glang = "en_US"; break; } putenv("LANG={$glang}"); putenv("LANGUAGE={$glang}"); setlocale(LC_ALL, $glang . '.UTF-8'); // Set the text domain as 'messages' $gdomain = 'messages'; bindtextdomain($gdomain, WIKIDOT_ROOT . '/locale'); textdomain($gdomain); $settings = $site->getSettings(); // handle SSL $sslMode = $settings->getSslMode(); if ($_SERVER['HTTPS']) { if (!$sslMode) { // not enabled, issue an errorr throw new ProcessException(_("Secure access is not enabled for this Wiki.")); } elseif ($sslMode == "ssl_only_paranoid") { // use secure authentication cookie // i.e. change authentication scheme GlobalProperties::$SESSION_COOKIE_NAME = "WIKIDOT_SESSION_SECURE_ID"; GlobalProperties::$SESSION_COOKIE_SECURE = true; } } else { // page accessed via http (nonsecure) switch ($sslMode) { case 'ssl': //enabled, but nonsecure allowed too. break; case 'ssl_only_paranoid': case 'ssl_only': throw new ProcessException(_("Nonsecure access is not enabled for this Wiki.")); break; } } // handle session at the begging of procession $runData->handleSessionStart(); // PRIVATE SITES: check if the site is private and if the user is its member if ($site->getPrivate()) { // check if not allow anyway $template = $runData->getModuleTemplate(); $actionClass = $runData->getAction(); $proceed = in_array($actionClass, array('', 'LoginAction', 'MembershipApplyAction', 'CreateAccountAction', 'PasswordRecoveryAction')) && ($template == '' || $template == 'Empty' || preg_match(';^createaccount/;', $template) || preg_match(';^login/;', $template) || preg_match(';^membership/;', $template) || preg_match(';^passwordrecovery/;', $template)); if (!$proceed) { $user = $runData->getUser(); if ($user && !$user->getSuperAdmin() && !$user->getSuperModerator()) { // check if member $c = new Criteria(); $c->add("site_id", $site->getSiteId()); $c->add("user_id", $user->getUserId()); $mem = DB_MemberPeer::instance()->selectOne($c); if (!$mem) { // check if a viewer $c = new Criteria(); $c->add("site_id", $site->getSiteId()); $c->add("user_id", $user->getUserId()); $vi = DB_SiteViewerPeer::instance()->selectOne($c); if (!$vi) { $user = null; } } } if ($user == null) { throw new ProcessException(_('This Site is private and accessible only to its members.')); } } } $template = $runData->getModuleTemplate(); $classFile = $runData->getModuleClassPath(); $className = $runData->getModuleClassName(); $logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}"); require_once $classFile; $module = new $className(); // module security check if (!$module->isAllowed($runData)) { throw new WDPermissionException(_("Not allowed.")); } Ozone::initSmarty(); $logger->debug("OZONE initialized"); $logger->info("Ozone engines successfully initialized"); // PROCESS ACTION $actionClass = $runData->getAction(); $logger->debug("processing action {$actionClass}"); $runData->setTemp("jsInclude", array()); $runData->setTemp("cssInclude", array()); if ($actionClass) { require_once PathManager::actionClass($actionClass); $tmpa1 = explode('/', $actionClass); $actionClassStripped = end($tmpa1); $action = new $actionClassStripped(); $classFile = $runData->getModuleClassPath(); if (!$action->isAllowed($runData)) { throw new WDPermissionException("Not allowed."); } $actionEvent = $runData->getActionEvent(); /*try{*/ if ($actionEvent != null) { $action->{$actionEvent}($runData); $logger->debug("processing action: {$actionClass}, event: {$actionEvent}"); } else { $logger->debug("processing action: {$actionClass}"); $action->perform($runData); } } // end action process // check if template has been changed by the module. if so... if ($template != $runData->getModuleTemplate()) { $classFile = $runData->getModuleClassPath(); $className = $runData->getModuleClassName(); $logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}"); require_once $classFile; $module = new $className(); } $module->setTemplate($template); $rendered = $module->render($runData); $jsInclude = $runData->getTemp("jsInclude"); $jsInclude = array_merge($jsInclude, $module->getExtraJs()); $runData->setTemp("jsInclude", $jsInclude); $cssInclude = $runData->getTemp("cssInclude"); $cssInclude = array_merge($cssInclude, $module->getExtraCss()); $runData->setTemp("cssInclude", $cssInclude); } catch (ProcessException $e) { $db = Database::connection(); $db->rollback(); $runData->ajaxResponseAdd("message", $e->getMessage()); $runData->ajaxResponseAdd("status", $e->getStatus()); $runData->setModuleTemplate(null); $template = null; } catch (WDPermissionException $e) { $db = Database::connection(); $db->rollback(); $runData->ajaxResponseAdd("message", $e->getMessage()); $runData->ajaxResponseAdd("status", "no_permission"); $runData->setModuleTemplate(null); $template = null; } catch (Exception $e) { $db = Database::connection(); $db->rollback(); $runData->ajaxResponseAdd("message", _("An error occured while processing the request.") . ' ' . $e->getMessage()); $runData->ajaxResponseAdd("status", "not_ok"); $runData->setModuleTemplate(null); $template = null; // LOG ERROR TOO!!! $logger = OzoneLogger::instance(); $logger->error("Exception caught while processing ajax module:\n\n" . $e->__toString()); } $rVars = $runData->getAjaxResponse(); if ($rendered != null) { // process modules... $moduleProcessor = new ModuleProcessor($runData); $out = $moduleProcessor->process($rendered); $rVars['body'] = $out; // check the javascript files for inclusion } if ($template != null && $template != "Empty") { $jsInclude = $runData->getTemp("jsInclude"); if ($module->getIncludeDefaultJs()) { $file = WIKIDOT_ROOT . '/' . GlobalProperties::$MODULES_JS_PATH . '/' . $template . '.js'; if (file_exists($file)) { $url = GlobalProperties::$MODULES_JS_URL . '/' . $template . '.js'; $incl = $url; $jsInclude[] = $incl; } } $rVars['jsInclude'] = $jsInclude; $cssInclude = $runData->getTemp("cssInclude"); if ($module->getIncludeDefaultCss()) { $file = WIKIDOT_ROOT . '/' . GlobalProperties::$MODULES_CSS_PATH . '/' . $template . '.css'; if (file_exists($file)) { $url = GlobalProperties::$MODULES_CSS_URL . '/' . $template . '.css'; $incl = $url; $cssInclude[] = $incl; } } $rVars['cssInclude'] = $cssInclude; } // specify (copy) jscallback. ugly, right? ;-) $rVars['callbackIndex'] = $callbackIndex; $json = new JSONService(); $out = $json->encode($rVars); $runData->handleSessionEnd(); echo $out; }
public function process() { global $timeStart; // initialize logging service $logger = OzoneLogger::instance(); $loggerFileOutput = new OzoneLoggerFileOutput(); $loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log"); $logger->addLoggerOutput($loggerFileOutput); $logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL); $logger->debug("request processing started, logger initialized"); Ozone::init(); $runData = new RunData(); $runData->init(); Ozone::setRunData($runData); $logger->debug("RunData object created and initialized"); // check if site (wiki) exists! $siteHost = $_SERVER["HTTP_HOST"]; $memcache = Ozone::$memcache; if (preg_match("/^([a-zA-Z0-9\\-]+)\\." . GlobalProperties::$URL_DOMAIN_PREG . "\$/", $siteHost, $matches) == 1) { $siteUnixName = $matches[1]; // select site based on the unix name // check memcached first! // the memcache block is to avoid database connection if possible $mcKey = 'site..' . $siteUnixName; $site = $memcache->get($mcKey); if ($site == false) { $c = new Criteria(); $c->add("unix_name", $siteUnixName); $c->add("site.deleted", false); $site = DB_SitePeer::instance()->selectOne($c); $memcache->set($mcKey, $site, 0, 3600); } } else { // select site based on the custom domain $mcKey = 'site_cd..' . $siteHost; $site = $memcache->get($mcKey); if ($site == false) { $c = new Criteria(); $c->add("custom_domain", $siteHost); $c->add("site.deleted", false); $site = DB_SitePeer::instance()->selectOne($c); $memcache->set($mcKey, $site, 0, 3600); } GlobalProperties::$SESSION_COOKIE_DOMAIN = '.' . $siteHost; } if ($site == null) { $runData->setScreenTemplate("wiki/SiteNotFound"); exit(1); } else { $runData->setTemp("site", $site); //nasty global thing... $GLOBALS['siteId'] = $site->getSiteId(); $GLOBALS['site'] = $site; } // set language $runData->setLanguage($site->getLanguage()); $GLOBALS['lang'] = $site->getLanguage(); // and for gettext too: $lang = $site->getLanguage(); switch ($lang) { case 'pl': $glang = "pl_PL"; break; case 'en': $glang = "en_US"; break; } putenv("LANG={$glang}"); putenv("LANGUAGE={$glang}"); setlocale(LC_ALL, $glang . '.UTF-8'); // Set the text domain as 'messages' $gdomain = 'messages'; bindtextdomain($gdomain, WIKIDOT_ROOT . '/locale'); textdomain($gdomain); $settings = $site->getSettings(); // handle SSL $sslMode = $settings->getSslMode(); if ($_SERVER['HTTPS']) { if (!$sslMode) { // not enabled, issue an errorr throw new ProcessException(_("Secure access is not enabled for this Wiki.")); } elseif ($sslMode == "ssl_only_paranoid") { // use secure authentication cookie // i.e. change authentication scheme GlobalProperties::$SESSION_COOKIE_NAME = "WIKIDOT_SESSION_SECURE_ID"; GlobalProperties::$SESSION_COOKIE_SECURE = true; } } else { // page accessed via http (nonsecure) switch ($sslMode) { case 'ssl': //enabled, but nonsecure allowed too. break; case 'ssl_only_paranoid': case 'ssl_only': throw new ProcessException(_("Nonsecure access is not enabled for this Wiki.")); break; } } // handle session at the begging of procession $runData->handleSessionStart(); $template = $runData->getScreenTemplate(); $classFile = $runData->getScreenClassPath(); $className = $runData->getScreenClassName(); $logger->debug("processing template: " . $runData->getScreenTemplate() . ", class: {$className}"); require_once $classFile; $screen = new $className(); // screen security check if (!$screen->isAllowed($runData)) { if ($classFile == $runData->getScreenClassPath()) { $runData->setScreenTemplate("errors/NotAllowed"); } else { // $screen->isAllowed() should set the error template!!! if not - // default NotAllowed is used // reload the class again - we do not want the unsecure screen to render! $classFile = $runData->getScreenClassPath(); $className = $runData->getScreenClassName(); $logger->debug("processing template: " . $runData->getScreenTemplate() . ", class: {$className}"); require_once $classFile; $screen = new $className(); $runData->setAction(null); } } // PROCESS ACTION $actionClass = $runData->getAction(); $logger->debug("processing action {$actionClass}"); while ($actionClass != null) { require_once PathManager::actionClass($actionClass); $tmpa1 = explode('/', $actionClass); $actionClassStripped = end($tmpa1); $action = new $actionClassStripped(); $classFile = $runData->getScreenClassPath(); if (!$action->isAllowed($runData)) { if ($classFile == $runData->getScreenClassPath()) { $runData->setScreenTemplate("errors/NotAllowed"); } // $action->isAllowed() should set the error template!!! if not - // default NotAllowed is used break; } $actionEvent = $runData->getActionEvent(); if ($actionEvent != null) { $action->{$actionEvent}($runData); $logger->debug("processing action: {$actionClass}, event: {$actionEvent}"); } else { $logger->debug("processing action: {$actionClass}"); $action->perform($runData); } // this is in case action changes the action name so that // the next action can be executed. if ($runData->getNextAction() != null) { $actionClass = $runData->getNextAction(); $runData->setAction($actionClass); $runData->setActionEvent($runData->getNextActionEvent()); } else { $actionClass = null; } } // end action process // check if template has been changed by the action. if so... if ($template != $runData->getScreenTemplate) { $classFile = $runData->getScreenClassPath(); $className = $runData->getScreenClassName(); $logger->debug("processing template: " . $runData->getScreenTemplate() . ", class: {$className}"); require_once $classFile; $screen = new $className(); } $rendered = $screen->render($runData); if ($rendered != null) { $moduleProcessor = new ModuleProcessor($runData); $moduleProcessor->setJavascriptInline(true); // embed associated javascript files in <script> tags $moduleProcessor->setCssInline(true); $rendered = $moduleProcessor->process($rendered); } $runData->handleSessionEnd(); // one more thing - some url will need to be rewritten if using HTTPS if ($_SERVER['HTTPS']) { // ? // scripts $rendered = preg_replace(';<script(.*?)src="http://' . GlobalProperties::$URL_HOST_PREG . '(.*?)</script>;s', '<script\\1src="https://' . GlobalProperties::$URL_HOST . '\\2</script>', $rendered); $rendered = preg_replace(';<link(.*?)href="http://' . GlobalProperties::$URL_HOST_PREG . '(.*?)/>;s', '<link\\1href="https://' . GlobalProperties::$URL_HOST . '\\2/>', $rendered); $rendered = preg_replace(';(<img\\s+.*?src=")http(://' . GlobalProperties::$URL_HOST_PREG . '(.*?)/>);s', '\\1https\\2', $rendered); do { $renderedOld = $rendered; $rendered = preg_replace(';(<style\\s+[^>]*>.*?@import url\\()http(://' . GlobalProperties::$URL_HOST_PREG . '.*?</style>);si', '\\1https\\2', $rendered); } while ($renderedOld != $rendered); } echo $rendered; }