/**
* Standard code module initialisation function.
*/
function init__site()
{
if (defined('BREADCRUMB_CROP_LENGTH')) {
return;
}
global $HELPER_PANEL_TEXT, $HELPER_PANEL_HTML, $HELPER_PANEL_PIC, $HELPER_PANEL_TUTORIAL;
$HELPER_PANEL_TEXT = '';
$HELPER_PANEL_HTML = '';
$HELPER_PANEL_PIC = '';
$HELPER_PANEL_TUTORIAL = '';
global $REQUEST_PAGE_NEST_LEVEL;
$REQUEST_PAGE_NEST_LEVEL = 0;
global $REDIRECT_CACHE;
$REDIRECT_CACHE = array();
global $REDIRECTED_TO;
$REDIRECTED_TO = NULL;
global $REFRESH_URL, $FORCE_META_REFRESH, $EXTRA_HEAD, $EXTRA_FOOT, $QUICK_REDIRECT;
$REFRESH_URL[0] = '';
$REFRESH_URL[1] = 0;
$FORCE_META_REFRESH = false;
if (!isset($EXTRA_HEAD)) {
$EXTRA_HEAD = new ocp_tempcode();
}
if (!isset($EXTRA_FOOT)) {
$EXTRA_FOOT = new ocp_tempcode();
}
$QUICK_REDIRECT = false;
global $FEED_URL, $FEED_URL_2;
$FEED_URL = NULL;
$FEED_URL_2 = NULL;
global $NON_CANONICAL_PARAMS;
// We only bother listing ones the software itself may inject - otherwise admin responsible for their own curation of canonical settings
$NON_CANONICAL_PARAMS = array('wide_high', 'wide', 'wide_print', 'root', 'filtered', 'utheme', 'active_filter', 'redirected', 'redirect_url', 'redirect', 'redirect_passon');
$canonical_keep_params = explode(',', is_null(get_value('canonical_keep_params')) ? '' : get_value('canonical_keep_params'));
foreach (array_keys($_GET) as $key) {
if (substr($key, 0, 5) == 'keep_' && !@in_array($key, $canonical_keep_params)) {
$NON_CANONICAL_PARAMS[] = $key;
}
}
global $ATTACHED_MESSAGES, $ATTACHED_MESSAGES_RAW, $FAILED_TO_ATTACH_ALL_ERRORS;
$ATTACHED_MESSAGES = new ocp_tempcode();
$ATTACHED_MESSAGES_RAW = array();
$FAILED_TO_ATTACH_ALL_ERRORS = false;
global $DONE_HEADER;
$DONE_HEADER = false;
// We may fill these in from the code, or we may not
global $SEO_KEYWORDS, $SEO_DESCRIPTION, $SEO_TITLE;
$SEO_KEYWORDS = NULL;
$SEO_DESCRIPTION = NULL;
$SEO_TITLE = NULL;
global $PAGE_STRING, $LAST_COMCODE_PARSED_TITLE;
$PAGE_STRING = NULL;
$LAST_COMCODE_PARSED_TITLE = '';
global $BREADCRUMBS, $BREADCRUMB_SET_PARENTS, $BREADCRUMB_EXTRA_SEGMENTS, $DISPLAYED_TITLE, $BREADCRUMB_SET_SELF;
$BREADCRUMBS = NULL;
$BREADCRUMB_SET_PARENTS = array();
$BREADCRUMB_EXTRA_SEGMENTS = new ocp_tempcode();
$DISPLAYED_TITLE = NULL;
$BREADCRUMB_SET_SELF = NULL;
$bcl = get_value('breadcrumb_crop_length');
define('BREADCRUMB_CROP_LENGTH', is_null($bcl) ? 26 : intval($bcl));
global $PT_PAIR_CACHE_CP;
$PT_PAIR_CACHE_CP = array();
global $ATTACH_MESSAGE_CALLED;
$ATTACH_MESSAGE_CALLED = 0;
global $ZONE, $RELATIVE_PATH;
$zone = get_zone_name();
$real_zone = $RELATIVE_PATH == '_tests' || $RELATIVE_PATH == 'data' || $RELATIVE_PATH == 'data_custom' ? get_param('zone', '') : $zone;
$ZONE = persistant_cache_get(array('ZONE', $real_zone));
if ($ZONE === NULL) {
$zones = $GLOBALS['SITE_DB']->query_select('zones', array('*'), array('zone_name' => $real_zone), '', 1);
if (!array_key_exists(0, $zones) && is_dir(get_file_base() . '/' . $real_zone . '/' . 'pages')) {
$GLOBALS['SITE_DB']->query_insert('zones', array('zone_name' => $real_zone, 'zone_title' => insert_lang($real_zone, 1), 'zone_default_page' => 'start', 'zone_header_text' => insert_lang($real_zone, 1), 'zone_theme' => 'default', 'zone_wide' => 0, 'zone_require_session' => 0, 'zone_displayed_in_menu' => 0));
require_code('menus2');
add_menu_item_simple('zone_menu', NULL, $real_zone, $real_zone . ':', 0, 1);
$zones = $GLOBALS['SITE_DB']->query_select('zones z LEFT JOIN ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'translate t ON ' . db_string_equal_to('language', user_lang()) . ' AND z.zone_header_text=t.id', array('z.*', 'text_original AS zone_header_text_trans'), array('zone_name' => $real_zone), '', 1);
}
if (array_key_exists(0, $zones)) {
$ZONE = $zones[0];
$ZONE['zone_header_text_trans'] = get_translated_text($ZONE['zone_header_text']);
persistant_cache_set(array('ZONE', $real_zone), $ZONE);
}
if ($ZONE === NULL) {
$zones = $GLOBALS['SITE_DB']->query_select('zones', array('*'), array('zone_name' => ''), '', 1);
$ZONE = $zones[0];
$ZONE['zone_header_text_trans'] = get_translated_text($ZONE['zone_header_text']);
warn_exit(do_lang_tempcode('BAD_ZONE', escape_html($real_zone)));
}
unset($zones);
}
if ($ZONE !== NULL && $ZONE['zone_wide'] === NULL) {
$ZONE['zone_wide'] = get_forum_type() == 'ocf' ? $GLOBALS['FORUM_DRIVER']->get_member_row_field(get_member(), 'm_zone_wide') : 1;
}
if ($ZONE['zone_name'] == 'adminzone' || $ZONE['zone_name'] == 'cms') {
require_css('adminzone');
}
$_zone = get_zone_name();
$REDIRECT_CACHE = array($_zone => array());
if (addon_installed('redirects_editor')) {
$redirect = persistant_cache_get(array('REDIRECT', $_zone));
if ($redirect === NULL) {
$redirect = $GLOBALS['SITE_DB']->query_select('redirects', array('*'));
persistant_cache_set(array('REDIRECT', $_zone), $redirect);
}
foreach ($redirect as $r) {
if ($r['r_from_zone'] == $r['r_to_zone'] && $r['r_from_page'] == $r['r_to_page']) {
continue;
}
$REDIRECT_CACHE[$r['r_from_zone']][$r['r_from_page']] = $r;
}
}
// SEO redirection
require_code('urls');
if (can_try_mod_rewrite()) {
$ruri = ocp_srv('REQUEST_URI');
$old_style = get_option('htm_short_urls') != '1';
if (!headers_sent() && running_script('index') && isset($_SERVER['HTTP_HOST']) && count($_POST) == 0 && (strpos($ruri, '/pg/') === false || !$old_style) && (strpos($ruri, '.htm') === false || $old_style)) {
$GLOBALS['HTTP_STATUS_CODE'] = '301';
header('HTTP/1.0 301 Moved Permanently');
header('Location: ' . get_self_url(true));
exit;
}
}
// Search engine having session in URL, we don't like this
if (get_bot_type() !== NULL && isset($_SERVER['HTTP_HOST']) && count($_POST) == 0 && get_param_integer('keep_session', NULL) !== NULL) {
$GLOBALS['HTTP_STATUS_CODE'] = '301';
header('HTTP/1.0 301 Moved Permanently');
header('Location: ' . get_self_url(true, false, array('keep_session' => NULL, 'keep_print' => NULL)));
exit;
}
// Detect bad access domain
global $SITE_INFO;
$access_host = preg_replace('#:.*#', '', ocp_srv('HTTP_HOST'));
if ($access_host != '' && isset($_SERVER['HTTP_HOST'])) {
$parsed_base_url = parse_url(get_base_url());
if (array_key_exists('host', $parsed_base_url) && strtolower($parsed_base_url['host']) != strtolower($access_host)) {
if (!array_key_exists('ZONE_MAPPING_' . get_zone_name(), $SITE_INFO)) {
if ($GLOBALS['FORUM_DRIVER']->is_super_admin(get_member())) {
attach_message(do_lang_tempcode('BAD_ACCESS_DOMAIN', escape_html($parsed_base_url['host']), escape_html($access_host)), 'warn');
}
header('Location: ' . str_replace(chr(13), '', str_replace(chr(10), '', str_replace($access_host, $parsed_base_url['host'], get_self_url_easy()))));
exit;
}
}
}
// The most important security check
global $SESSION_CONFIRMED;
get_member();
// Make sure we've loaded our backdoor if installed
require_code('permissions');
if ($ZONE['zone_require_session'] == 1) {
header('X-Frame-Options: SAMEORIGIN');
}
// Clickjacking protection
if ($ZONE['zone_name'] != '' && !is_httpauth_login() && (get_session_id() == -1 || $SESSION_CONFIRMED == 0) && $ZONE['zone_require_session'] == 1 && get_page_name() != 'login') {
access_denied($real_zone == 'data' || has_zone_access(get_member(), $ZONE['zone_name']) ? 'ZONE_ACCESS_SESSION' : 'ZONE_ACCESS', $ZONE['zone_name'], true);
} else {
if ($real_zone == 'data' || has_zone_access(get_member(), $ZONE['zone_name'])) {
global $NON_PAGE_SCRIPT;
if ($NON_PAGE_SCRIPT == 0 && !has_page_access(get_member(), get_page_name(), $ZONE['zone_name'], true)) {
access_denied('PAGE_ACCESS');
}
} else {
/* if ($ZONE['zone_name']=='adminzone') GoogleAds will pick up on ANY URL any go and CRAWL IT. So don't use with googleads unless you want googlead-triggering-heart-attacks ;)
log_hack_attack_and_exit('ADMINZONE_ACCESS_DENIED');*/
if (get_page_name() != 'login') {
access_denied('ZONE_ACCESS', $ZONE['zone_name'], true);
}
}
}
}
/**
* Build and return a proper URL, from the $vars array.
* Note: URL parameters should always be in lower case (one of the coding standards)
*
* @param array A map of parameter names to parameter values. Values may be strings or integers, or NULL. NULL indicates "skip this". 'page' cannot be NULL.
* @param ID_TEXT The zone the URL is pointing to. YOU SHOULD NEVER HARD CODE THIS- USE '_SEARCH', '_SELF' (if you're self-referencing your own page) or the output of get_module_zone.
* @param ?array Variables to explicitly not put in the URL (perhaps because we have $keep_all set, or we are blocking certain keep_ values). The format is of a map where the keys are the names, and the values are 1. (NULL: don't skip any)
* @param boolean Whether to keep all non-skipped parameters that were in the current URL, in this URL
* @param boolean Whether to avoid mod_rewrite (sometimes essential so we can assume the standard URL parameter addition scheme in templates)
* @param boolean Whether to skip actually putting on keep_ parameters (rarely will this skipping be desirable)
* @param string Hash portion of the URL (blank: none).
* @return string The URL in string format.
*/
function _build_url($vars, $zone_name = '', $skip = NULL, $keep_all = false, $avoid_remap = false, $skip_keep = false, $hash = '')
{
global $HAS_KEEP_IN_URL, $USE_REWRITE_PARAMS, $CACHE_BOT_TYPE;
// Build up our URL base
$url = get_base_url(is_page_https($zone_name, isset($vars['page']) ? $vars['page'] : ''), $zone_name);
$url .= '/';
// For bots we explicitly unset skippable injected 'keep_' params because it bloats the crawl-space
if ($CACHE_BOT_TYPE !== NULL && get_bot_type() !== NULL) {
foreach ($vars as $key => $val) {
if ($key == 'redirect' || $key == 'root') {
unset($vars[$key]);
}
if (substr($key, 0, 5) == 'keep_' && skippable_keep($key, $val)) {
unset($vars[$key]);
}
}
}
// Things we need to keep in the url
$keep_actual = array();
if ($HAS_KEEP_IN_URL === NULL || $HAS_KEEP_IN_URL || $keep_all) {
$mc = get_magic_quotes_gpc();
$keep_cant_use = array();
$HAS_KEEP_IN_URL = false;
foreach ($_GET as $key => $val) {
if (!is_string($val)) {
continue;
}
$is_keep = false;
$appears_keep = $key[0] == 'k' && substr($key, 0, 5) == 'keep_';
if ($appears_keep) {
if (!$skip_keep && !skippable_keep($key, $val)) {
$is_keep = true;
}
$HAS_KEEP_IN_URL = true;
}
if (($keep_all && !$appears_keep || $is_keep) && !array_key_exists($key, $vars) && !isset($skip[$key])) {
if ($mc) {
$val = stripslashes($val);
}
if ($is_keep) {
$keep_actual[$key] = $val;
} else {
$vars[$key] = $val;
}
} elseif ($is_keep) {
if ($mc) {
$val = stripslashes($val);
}
$keep_cant_use[$key] = $val;
}
}
$vars += $keep_actual;
}
global $URL_MONIKERS_ENABLED;
if ($URL_MONIKERS_ENABLED === NULL) {
$URL_MONIKERS_ENABLED = url_monikers_enabled();
}
if ($URL_MONIKERS_ENABLED) {
$test = find_id_moniker($vars);
if ($test !== NULL) {
$vars['id'] = $test;
}
}
// We either use mod_rewrite, or return a standard parameterisation
if ($USE_REWRITE_PARAMS === NULL || $avoid_remap) {
$use_rewrite_params = can_try_mod_rewrite($avoid_remap);
if (!$avoid_remap) {
$USE_REWRITE_PARAMS = $use_rewrite_params;
}
} else {
$use_rewrite_params = $USE_REWRITE_PARAMS;
}
$test_rewrite = NULL;
if ($use_rewrite_params) {
$test_rewrite = _url_rewrite_params($zone_name, $vars, count($keep_actual) > 0);
} else {
$test_rewrite = NULL;
}
if ($test_rewrite === NULL) {
$url .= 'index.php';
// Fix sort order
if (isset($vars['id'])) {
$_vars = $vars;
unset($_vars['id']);
$vars = array('id' => $vars['id']) + $_vars;
}
if (isset($vars['type'])) {
$_vars = $vars;
unset($_vars['type']);
$vars = array('type' => $vars['type']) + $_vars;
}
if (isset($vars['page'])) {
$_vars = $vars;
unset($_vars['page']);
$vars = array('page' => $vars['page']) + $_vars;
}
// Build up the URL string
$symbol = '?';
foreach ($vars as $key => $val) {
if ($val === NULL) {
continue;
}
// NULL means skip
if ($val === SELF_REDIRECT) {
$val = get_self_url(true, true);
}
// Add in
$url .= $symbol . $key . '=' . (is_integer($val) ? strval($val) : urlencode($val));
$symbol = '&';
}
} else {
$url .= $test_rewrite;
}
// Done
return $url . $hash;
}
