}
fn_login_user($user_data['user_id']);
Helpdesk::auth();
// Set system notifications
if (Registry::get('config.demo_mode') != true && AREA == 'A') {
// If username equals to the password
if (!fn_is_development() && fn_compare_login_password($user_data, $password)) {
$lang_var = 'warning_insecure_password_email';
fn_set_notification('E', __('warning'), __($lang_var, array('[link]' => fn_url('profiles.update'))), 'S', 'insecure_password');
}
if (empty($user_data['company_id']) && !empty($user_data['user_id'])) {
// Insecure admin script
if (!fn_is_development() && Registry::get('config.admin_index') == 'admin.php') {
fn_set_notification('E', __('warning'), __('warning_insecure_admin_script', array('[href]' => Registry::get('config.resources.admin_protection_url'))), 'S');
}
if (!fn_is_development() && is_file(Registry::get('config.dir.root') . '/install/index.php')) {
fn_set_notification('W', __('warning'), __('delete_install_folder'), 'S');
}
if (Development::isEnabled('compile_check')) {
fn_set_notification('W', __('warning'), __('warning_store_optimization_dev', array('[link]' => fn_url("themes.manage"))));
}
fn_set_hook('set_admin_notification', $user_data);
}
}
if (!empty($_REQUEST['remember_me'])) {
fn_set_session_data(AREA . '_user_id', $user_data['user_id'], COOKIE_ALIVE_TIME);
fn_set_session_data(AREA . '_password', $user_data['password'], COOKIE_ALIVE_TIME);
}
if (!empty($_REQUEST['return_url'])) {
$redirect_url = $_REQUEST['return_url'];
}
/**
* Dispathes the execution control to correct controller
*
* @return nothing
*/
function fn_dispatch($controller = '', $mode = '', $action = '', $dispatch_extra = '', $area = AREA)
{
Debugger::checkpoint('After init');
$auth = $_SESSION['auth'];
$controller = empty($controller) ? Registry::get('runtime.controller') : $controller;
$mode = empty($mode) ? Registry::get('runtime.mode') : $mode;
$action = empty($action) ? Registry::get('runtime.action') : $action;
$dispatch_extra = empty($dispatch_extra) ? Registry::get('runtime.dispatch_extra') : $dispatch_extra;
fn_set_hook('before_dispatch', $controller, $mode, $action, $dispatch_extra, $area);
$view = Registry::get('view');
$run_controllers = true;
$external = false;
$status = CONTROLLER_STATUS_NO_PAGE;
// CSRF protection
if (fn_is_csrf_protection_enabled($auth) && !fn_csrf_validate_request(array('server' => $_SERVER, 'request' => $_REQUEST, 'session' => $_SESSION, 'controller' => $controller, 'mode' => $mode, 'action' => $action, 'dispatch_extra' => $dispatch_extra, 'area' => $area, 'auth' => $auth))) {
fn_set_notification('E', __('error'), __('text_csrf_attack'));
fn_redirect(fn_url());
}
// If $config['http_host'] was different from the domain name, there was redirection to $config['http_host'] value.
if (strtolower(Registry::get('config.current_host')) != strtolower(REAL_HOST) && $_SERVER['REQUEST_METHOD'] == 'GET' && !defined('CONSOLE')) {
if (!empty($_SERVER['REDIRECT_URL'])) {
$qstring = $_SERVER['REDIRECT_URL'];
} else {
if (!empty($_SERVER['REQUEST_URI'])) {
$qstring = $_SERVER['REQUEST_URI'];
} else {
$qstring = Registry::get('config.current_url');
}
}
$curent_path = Registry::get('config.current_path');
if (!empty($curent_path) && strpos($qstring, $curent_path) === 0) {
$qstring = substr_replace($qstring, '', 0, fn_strlen($curent_path));
}
fn_redirect(Registry::get('config.current_location') . $qstring, false, true);
}
$upload_max_filesize = Bootstrap::getIniParam('upload_max_filesize');
$post_max_size = Bootstrap::getIniParam('post_max_size');
if (!defined('AJAX_REQUEST') && isset($_SERVER['CONTENT_LENGTH']) && ($_SERVER['CONTENT_LENGTH'] > fn_return_bytes($upload_max_filesize) || $_SERVER['CONTENT_LENGTH'] > fn_return_bytes($post_max_size))) {
$max_size = fn_return_bytes($upload_max_filesize) < fn_return_bytes($post_max_size) ? $upload_max_filesize : $post_max_size;
fn_set_notification('E', __('error'), __('text_forbidden_uploaded_file_size', array('[size]' => $max_size)));
fn_redirect($_SERVER['HTTP_REFERER']);
}
// If URL contains session ID, remove it
if (!defined('AJAX_REQUEST') && !empty($_REQUEST[Session::getName()]) && $_SERVER['REQUEST_METHOD'] == 'GET') {
fn_redirect(fn_query_remove(Registry::get('config.current_url'), Session::getName()));
}
// If demo mode is enabled, check permissions FIX ME - why did we need one more user login check?
if ($area == 'A') {
if (Registry::get('config.demo_mode') == true) {
$run_controllers = fn_check_permissions($controller, $mode, 'demo');
if ($run_controllers == false) {
fn_set_notification('W', __('demo_mode'), __('demo_mode_content_text'), 'K', 'demo_mode');
if (defined('AJAX_REQUEST')) {
exit;
}
fn_delete_notification('changes_saved');
$status = CONTROLLER_STATUS_REDIRECT;
$_REQUEST['redirect_url'] = !empty($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : fn_url('');
}
} else {
$run_controllers = fn_check_permissions($controller, $mode, 'admin', '', $_REQUEST);
if ($run_controllers == false) {
if (defined('AJAX_REQUEST')) {
$_info = Debugger::isActive() || fn_is_development() ? ' ' . $controller . '.' . $mode : '';
fn_set_notification('W', __('warning'), __('access_denied') . $_info);
exit;
}
$status = CONTROLLER_STATUS_DENIED;
}
}
}
if ($_SERVER['REQUEST_METHOD'] != 'POST' && !defined('AJAX_REQUEST')) {
if ($area == 'A' && empty($_REQUEST['keep_location']) && !defined('CONSOLE')) {
if (!defined('HTTPS') && Registry::get('settings.Security.secure_admin') == 'Y') {
fn_redirect(Registry::get('config.https_location') . '/' . Registry::get('config.current_url'));
} elseif (defined('HTTPS') && Registry::get('settings.Security.secure_admin') != 'Y') {
fn_redirect(Registry::get('config.http_location') . '/' . Registry::get('config.current_url'));
}
} elseif ($area == 'C') {
$secure_controllers = fn_get_secure_controllers();
// if we are not on https but controller is secure, redirect to https
if (!defined('HTTPS') && (Registry::get('settings.Security.secure_storefront') == 'full' || isset($secure_controllers[$controller]) && $secure_controllers[$controller] == 'active')) {
fn_redirect(Registry::get('config.https_location') . '/' . Registry::get('config.current_url'), false, true);
}
// if we are on https and the controller is insecure, redirect to http
if (defined('HTTPS') && Registry::get('settings.Security.secure_storefront') != 'full' && !isset($secure_controllers[$controller]) && Registry::get('settings.Security.keep_https') != 'Y') {
fn_redirect(Registry::get('config.http_location') . '/' . Registry::get('config.current_url'), false, true);
}
}
}
LastView::instance()->prepare($_REQUEST);
$controllers_cascade = array();
$controllers_list = array('init');
if ($run_controllers == true) {
$controllers_list[] = $controller;
$controllers_list = array_unique($controllers_list);
}
foreach ($controllers_list as $ctrl) {
$core_controllers = fn_init_core_controllers($ctrl);
list($addon_controllers) = fn_init_addon_controllers($ctrl);
if (empty($core_controllers) && empty($addon_controllers)) {
//$controllers_cascade = array(); // FIXME: controllers_cascade contains INIT. We should not clear initiation code.
$status = CONTROLLER_STATUS_NO_PAGE;
$run_controllers = false;
break;
}
if (count($core_controllers) + count($addon_controllers) > 1) {
throw new DeveloperException('Duplicate controller ' . $controller . var_export(array_merge($core_controllers, $addon_controllers), true));
}
$core_pre_controllers = fn_init_core_controllers($ctrl, GET_PRE_CONTROLLERS);
$core_post_controllers = fn_init_core_controllers($ctrl, GET_POST_CONTROLLERS);
list($addon_pre_controllers) = fn_init_addon_controllers($ctrl, GET_PRE_CONTROLLERS);
list($addon_post_controllers, $addons) = fn_init_addon_controllers($ctrl, GET_POST_CONTROLLERS);
// we put addon post-controller to the top of post-controller cascade if current addon serves this request
if (count($addon_controllers)) {
$addon_post_controllers = fn_reorder_post_controllers($addon_post_controllers, $addon_controllers[0]);
}
$controllers_cascade = array_merge($controllers_cascade, $addon_pre_controllers, $core_pre_controllers, $core_controllers, $addon_controllers, $core_post_controllers, $addon_post_controllers);
if (empty($controllers_cascade)) {
throw new DeveloperException("No controllers for: {$ctrl}");
}
}
if ($mode == 'add') {
$tpl = 'update.tpl';
} elseif (strpos($mode, 'add_') === 0) {
$tpl = str_replace('add_', 'update_', $mode) . '.tpl';
} else {
$tpl = $mode . '.tpl';
}
$view = Registry::get('view');
if ($view->templateExists('views/' . $controller . '/' . $tpl)) {
// try to find template in base views
$view->assign('content_tpl', 'views/' . $controller . '/' . $tpl);
} elseif (defined('LOADED_ADDON_PATH') && $view->templateExists('addons/' . LOADED_ADDON_PATH . '/views/' . $controller . '/' . $tpl)) {
// try to find template in addon views
$view->assign('content_tpl', 'addons/' . LOADED_ADDON_PATH . '/views/' . $controller . '/' . $tpl);
} elseif (!empty($addons)) {
// try to find template in addon views that extend base views
foreach ($addons as $addon => $_v) {
if ($view->templateExists('addons/' . $addon . '/views/' . $controller . '/' . $tpl)) {
$view->assign('content_tpl', 'addons/' . $addon . '/views/' . $controller . '/' . $tpl);
break;
}
}
}
/**
* Performs actions after template assignment and before controller run
*
* @param string $controller controller name
* @param string $mode controller mode name
* @param string $area current working area
* @param array $controllers_cascade list of controllers to run
*/
fn_set_hook('dispatch_assign_template', $controller, $mode, $area, $controllers_cascade);
foreach ($controllers_cascade as $item) {
$_res = fn_run_controller($item, $controller, $mode, $action, $dispatch_extra);
// 0 - status, 1 - url
$url = !empty($_res[1]) ? $_res[1] : '';
$external = !empty($_res[2]) ? $_res[2] : false;
$permanent = !empty($_res[3]) ? $_res[3] : false;
// Status could be changed only if we allow to run controllers despite of init controller
if ($run_controllers == true) {
$status = !empty($_res[0]) ? $_res[0] : CONTROLLER_STATUS_OK;
}
if ($status == CONTROLLER_STATUS_OK && !empty($url)) {
$redirect_url = $url;
} elseif ($status == CONTROLLER_STATUS_REDIRECT && !empty($url)) {
$redirect_url = $url;
break;
} elseif ($status == CONTROLLER_STATUS_DENIED || $status == CONTROLLER_STATUS_NO_PAGE) {
break;
}
}
LastView::instance()->init($_REQUEST);
// In console mode, just stop here
if (defined('CONSOLE')) {
$notifications = fn_get_notifications();
$exit_code = 0;
foreach ($notifications as $n) {
fn_echo('[' . $n['title'] . '] ' . $n['message'] . "\n");
if ($n['type'] == 'E') {
$exit_code = 1;
}
}
exit($exit_code);
}
if (!empty($auth['this_login']) && Registry::ifGet($auth['this_login'], 'N') === 'Y') {
fn_set_notification('E', __('error'), __(ACCOUNT_TYPE . LOGIN_STATUS_USER_DISABLED));
$status = CONTROLLER_STATUS_DENIED;
}
// [Block manager]
// block manager is disabled for vendors.
if (!(fn_allowed_for('MULTIVENDOR') && Registry::get('runtime.company_id') || fn_allowed_for('ULTIMATE') && !Registry::get('runtime.company_id'))) {
if (fn_check_permissions('block_manager', 'manage', 'admin')) {
$dynamic_object = SchemesManager::getDynamicObject($_REQUEST['dispatch'], $area, $_REQUEST);
if (!empty($dynamic_object)) {
if ($area == 'A' && Registry::get('runtime.mode') != 'add' && !empty($_REQUEST[$dynamic_object['key']])) {
$object_id = $_REQUEST[$dynamic_object['key']];
$location = Location::instance()->get($dynamic_object['customer_dispatch'], $dynamic_object, CART_LANGUAGE);
if (!empty($location) && $location['is_default'] != 1) {
$params = array('dynamic_object' => array('object_type' => $dynamic_object['object_type'], 'object_id' => $object_id), $dynamic_object['key'] => $object_id, 'manage_url' => Registry::get('config.current_url'));
Registry::set('navigation.tabs.blocks', array('title' => __('layouts'), 'href' => 'block_manager.manage_in_tab?' . http_build_query($params), 'ajax' => true));
}
}
}
}
}
// [/Block manager]
// Redirect if controller returned successful/redirect status only
if (in_array($status, array(CONTROLLER_STATUS_OK, CONTROLLER_STATUS_REDIRECT)) && !empty($_REQUEST['redirect_url']) && !$external) {
$redirect_url = $_REQUEST['redirect_url'];
}
// If controller returns "Redirect" status, check if redirect url exists
if ($status == CONTROLLER_STATUS_REDIRECT && empty($redirect_url)) {
$status = CONTROLLER_STATUS_NO_PAGE;
}
// In backend show "changes saved" notification
if ($area == 'A' && $_SERVER['REQUEST_METHOD'] == 'POST' && in_array($status, array(CONTROLLER_STATUS_OK, CONTROLLER_STATUS_REDIRECT))) {
if (strpos($mode, 'update') !== false && $mode != 'update_status' && $mode != 'update_mode' && !fn_notification_exists('extra', 'demo_mode') && !fn_notification_exists('type', 'E')) {
fn_set_notification('N', __('notice'), __('text_changes_saved'), 'I', 'changes_saved');
}
}
// Attach params and redirect if needed
if (in_array($status, array(CONTROLLER_STATUS_OK, CONTROLLER_STATUS_REDIRECT)) && !empty($redirect_url)) {
if (!isset($_REQUEST['return_to_list'])) {
$params = array('page', 'selected_section', 'active_tab');
$url_params = array();
foreach ($params as $param) {
if (!empty($_REQUEST[$param])) {
$url_params[$param] = $_REQUEST[$param];
}
}
if (!empty($url_params)) {
$redirect_url = fn_link_attach($redirect_url, http_build_query($url_params));
}
}
if (!isset($external)) {
$external = false;
}
if (!isset($permanent)) {
$permanent = false;
}
fn_redirect($redirect_url, $external, $permanent);
}
if (!$view->getTemplateVars('content_tpl') && $status == CONTROLLER_STATUS_OK) {
// FIXME
$status = CONTROLLER_STATUS_NO_PAGE;
}
if ($status != CONTROLLER_STATUS_OK) {
if ($status == CONTROLLER_STATUS_NO_PAGE) {
if ($area == 'A' && empty($auth['user_id'])) {
// If admin is not logged in redirect to login page from not found page
fn_set_notification('W', __('page_not_found'), __('page_not_found_text'));
fn_redirect("auth.login_form");
}
header(' ', true, 404);
}
$view->assign('exception_status', $status);
if ($area == 'A') {
$view->assign('content_tpl', 'exception.tpl');
// for backend only
}
if ($status == CONTROLLER_STATUS_DENIED) {
$view->assign('page_title', __('access_denied'));
} elseif ($status == CONTROLLER_STATUS_NO_PAGE) {
$view->assign('page_title', __('page_not_found'));
}
}
fn_set_hook('dispatch_before_display');
Debugger::checkpoint('Before TPL');
// Pass current URL to ajax response only if we render whole page
if (defined('AJAX_REQUEST') && Registry::get('runtime.root_template') == 'index.tpl') {
Registry::get('ajax')->assign('current_url', fn_url(Registry::get('config.current_url'), $area, 'current'));
}
Registry::get('view')->display(Registry::get('runtime.root_template'));
Debugger::checkpoint('After TPL');
Debugger::display();
fn_set_hook('complete');
if (defined('AJAX_REQUEST')) {
// HHVM workaround. Destroy Ajax object manually if it has been created.
$ajax = Registry::get('ajax');
$ajax = null;
}
exit;
// stop execution
}
/**
* Generates error notification
*
* @param string $action Action thae was happen
* @param string $reason Reason, why the error notification must be showed
* @param string $table Table name (optional)
* @return bool Always true
*/
private function _generateError($action, $reason, $table = '')
{
$message = str_replace("[reason]", $reason, $action);
if (!empty($table)) {
$message = str_replace("[table]", $table, $message);
}
fn_log_event('settings', 'error', $message);
if (Debugger::isActive() || fn_is_development()) {
fn_set_notification('E', __('error'), $message);
}
return true;
}
/**
* Redirect browser to the new location
*
* @param string $location - destination of redirect
* @param bool $allow_external_redirect - allow redirection to external resource
* @param bool $is_permanent - if true, perform 301 redirect
* @return
*/
function fn_redirect($location, $allow_external_redirect = false, $is_permanent = false)
{
$external_redirect = false;
$protocol = defined('HTTPS') ? 'https' : 'http';
$meta_redirect = false;
// Cleanup location from & signs and call fn_url()
$location = fn_url(str_replace(array('&', "\n", "\r"), array('&', '', ''), $location));
// Convert absolute link with location to relative one
if (strpos($location, '://') !== false || substr($location, 0, 7) == 'mailto:') {
if (strpos($location, Registry::get('config.http_location')) !== false) {
$location = str_replace(array(Registry::get('config.http_location') . '/', Registry::get('config.http_location')), '', $location);
$protocol = 'http';
} elseif (strpos($location, Registry::get('config.https_location')) !== false) {
$location = str_replace(array(Registry::get('config.https_location') . '/', Registry::get('config.https_location')), '', $location);
$protocol = 'https';
} else {
if ($allow_external_redirect == false) {
// if external redirects aren't allowed, redirect to index script
$location = '';
} else {
$external_redirect = true;
}
}
// Convert absolute link without location to relative one
} else {
$_protocol = "";
$_location = "";
$http_path = Registry::get('config.http_path');
$https_path = Registry::get('config.https_path');
if (!empty($http_path) && substr($location, 0, strlen($http_path)) == $http_path) {
$_location = substr($location, strlen($http_path) + 1);
$_protocol = 'http';
}
if (!empty($https_path) && substr($location, 0, strlen($https_path)) == $https_path) {
// if https path partially equal to http path check if https path is not just a part of http path
// e. g. http://example.com/pathsimple & https://example.com/path
if ($_protocol != 'http' || empty($http_path) || substr($http_path, 0, strlen($https_path)) != $https_path) {
$_location = substr($location, strlen($https_path) + 1);
$_protocol = 'https';
}
}
$protocol = Registry::get('config.http_path') != Registry::get('config.https_path') && !empty($_protocol) ? $_protocol : $protocol;
$location = !empty($_protocol) ? $_location : $location;
}
if ($external_redirect == false) {
fn_set_hook('redirect', $location);
$protocol_changed = defined('HTTPS') && $protocol == 'http' || !defined('HTTPS') && $protocol == 'https';
// For correct redirection, location must be absolute with path
$location = ($protocol == 'http' ? Registry::get('config.http_location') : Registry::get('config.https_location')) . '/' . ltrim($location, '/');
// Parse the query string
$fragment = '';
$query_array = array();
$parsed_location = parse_url($location);
if (!empty($parsed_location['query'])) {
parse_str($parsed_location['query'], $query_array);
$location = str_replace('?' . $parsed_location['query'], '', $location);
}
if (!empty($parsed_location['fragment'])) {
$fragment = '#' . $parsed_location['fragment'];
$location = str_replace($fragment, '', $location);
}
if ($protocol_changed && (Registry::get('config.http_host') != Registry::get('config.https_host') || Registry::get('config.http_path') != Registry::get('config.https_path'))) {
$query_array[Session::getName()] = Session::getId();
}
// If this is not ajax request, remove ajax specific parameters
if (!defined('AJAX_REQUEST')) {
unset($query_array['is_ajax']);
unset($query_array['result_ids']);
} else {
$query_array['result_ids'] = implode(',', Tygh::$app['ajax']->result_ids);
$query_array['is_ajax'] = Tygh::$app['ajax']->redirect_type;
$query_array['full_render'] = !empty($_REQUEST['full_render']) ? $_REQUEST['full_render'] : false;
$query_array['callback'] = Tygh::$app['ajax']->callback;
$ajax_assigned_vars = Tygh::$app['ajax']->getAssignedVars();
if (!empty($ajax_assigned_vars['html'])) {
unset($ajax_assigned_vars['html']);
}
$query_array['_ajax_data'] = $ajax_assigned_vars;
}
if (!empty($query_array)) {
$location .= '?' . http_build_query($query_array) . $fragment;
}
// Redirect from https to http location
if ($protocol_changed && defined('HTTPS')) {
$meta_redirect = true;
}
}
fn_set_hook('redirect_complete', $meta_redirect);
if (!defined('AJAX_REQUEST') && Embedded::isEnabled()) {
if (strpos($location, Registry::get('config.http_location')) === 0) {
$location = str_replace(Registry::get('config.http_location'), '', $location);
} elseif (strpos($location, Registry::get('config.https_location')) === 0) {
$location = str_replace(Registry::get('config.https_location'), '', $location);
}
$location = Embedded::getUrl() . '#!' . urlencode($location);
$meta_redirect = true;
}
if (defined('AJAX_REQUEST')) {
// make in-script redirect during ajax request
$_purl = parse_url($location);
$_GET = array();
$_POST = array();
if (!empty($_purl['query'])) {
parse_str($_purl['query'], $_GET);
}
$_REQUEST = Bootstrap::safeInput($_GET);
$_SERVER['REQUEST_METHOD'] = 'GET';
$_SERVER['REQUEST_URI'] = $_purl['path'];
$_SERVER['QUERY_STRING'] = !empty($_purl['query']) ? $_purl['query'] : '';
fn_get_route($_REQUEST);
Registry::save();
// save registry cache to execute cleanup handlers
fn_init_settings();
fn_init_addons();
Registry::clearCacheLevels();
Tygh::$app['ajax']->updateRequest();
return fn_dispatch();
} elseif (!ob_get_contents() && !headers_sent() && !$meta_redirect) {
if ($is_permanent) {
header('HTTP/1.0 301 Moved Permanently');
}
header('Location: ' . $location);
exit;
} else {
$delay = (Debugger::isActive() || fn_is_development()) && !Registry::get('runtime.comet') ? 10 : 0;
if ($delay != 0) {
fn_echo('<a href="' . htmlspecialchars($location) . '" style="text-transform: lowercase;">' . __('continue') . '</a>');
}
fn_echo('<meta http-equiv="Refresh" content="' . $delay . ';URL=' . htmlspecialchars($location) . '" />');
}
fn_flush();
exit;
}
/**
* Removes addon's templates from theme folder
*
* @param string $addon Addon name to remove templates for
* @return bool Always true
*/
function fn_uninstall_addon_templates($addon)
{
if (fn_is_development()) {
return false;
}
$installed_themes = fn_get_installed_themes();
$design_dir = fn_get_theme_path('[themes]/', 'C');
foreach ($installed_themes as $theme_name) {
$paths = array($design_dir . $theme_name . '/templates/addons/' . $addon, $design_dir . $theme_name . '/css/addons/' . $addon, $design_dir . $theme_name . '/media/images/addons/' . $addon, $design_dir . $theme_name . '/mail/templates/addons/' . $addon, $design_dir . $theme_name . '/mail/media/images/addons/' . $addon, $design_dir . $theme_name . '/mail/css/addons/' . $addon);
foreach ($paths as $path) {
if (is_dir($path)) {
fn_rm($path);
}
}
}
return true;
}
/**
* Parse query and replace placeholders with data
*
* @param string $query unparsed query
* @param array $data data for placeholders
* @return string parsed query
*/
public static function process($pattern, $data = array(), $replace = true)
{
// Replace table prefixes
if ($replace) {
$pattern = str_replace('?:', self::$_table_prefix, $pattern);
}
if (!empty($data) && preg_match_all("/\\?(i|s|l|d|a|n|u|e|m|p|w|f)+/", $pattern, $m)) {
$offset = 0;
foreach ($m[0] as $k => $ph) {
if ($ph == '?u' || $ph == '?e') {
$table_pattern = '\\?\\:';
if ($replace) {
$table_pattern = self::$_table_prefix;
}
if (preg_match("/^(UPDATE|INSERT INTO|REPLACE INTO|DELETE FROM) " . $table_pattern . "(\\w+) /", $pattern, $m)) {
$data[$k] = self::checkTableFields($data[$k], $m[2]);
if (empty($data[$k])) {
return false;
}
}
}
if ($ph == '?i') {
// integer
$pattern = self::_strReplace($ph, self::_intVal($data[$k]), $pattern, $offset);
// Trick to convert int's and longint's
} elseif ($ph == '?s') {
// string
$pattern = self::_strReplace($ph, "'" . self::$_db->escape($data[$k]) . "'", $pattern, $offset);
} elseif ($ph == '?l') {
// string for LIKE operator
$pattern = self::_strReplace($ph, "'" . self::$_db->escape(str_replace("\\", "\\\\", $data[$k])) . "'", $pattern, $offset);
} elseif ($ph == '?d') {
// float
$pattern = self::_strReplace($ph, sprintf('%01.2f', $data[$k]), $pattern, $offset);
} elseif ($ph == '?a') {
// array FIXME: add trim
$data[$k] = !is_array($data[$k]) ? array($data[$k]) : $data[$k];
if (!empty($data[$k])) {
$pattern = self::_strReplace($ph, implode(', ', self::_filterData($data[$k], true)), $pattern, $offset);
} else {
if (Debugger::isActive() || fn_is_development()) {
trigger_error('Empty array was passed into SQL statement IN()', E_USER_DEPRECATED);
}
$pattern = self::_strReplace($ph, 'NULL', $pattern, $offset);
}
} elseif ($ph == '?n') {
// array of integer FIXME: add trim
$data[$k] = !is_array($data[$k]) ? array($data[$k]) : $data[$k];
$pattern = self::_strReplace($ph, !empty($data[$k]) ? implode(', ', array_map(array('self', '_intVal'), $data[$k])) : "''", $pattern, $offset);
} elseif ($ph == '?u' || $ph == '?w') {
// update/condition with and
$clue = $ph == '?u' ? ', ' : ' AND ';
$q = implode($clue, self::_filterData($data[$k], false));
$pattern = self::_strReplace($ph, $q, $pattern, $offset);
} elseif ($ph == '?e') {
// insert
$filtered = self::_filterData($data[$k], true);
$pattern = self::_strReplace($ph, "(" . implode(', ', array_keys($filtered)) . ") VALUES (" . implode(', ', array_values($filtered)) . ")", $pattern, $offset);
} elseif ($ph == '?m') {
// insert multi
$values = array();
foreach ($data[$k] as $value) {
$filtered = self::_filterData($value, true);
$values[] = "(" . implode(', ', array_values($filtered)) . ")";
}
$pattern = self::_strReplace($ph, "(" . implode(', ', array_keys($filtered)) . ") VALUES " . implode(', ', $values), $pattern, $offset);
} elseif ($ph == '?f') {
// field/table/database name
$pattern = self::_strReplace($ph, self::_field($data[$k]), $pattern, $offset);
} elseif ($ph == '?p') {
// prepared statement
$pattern = self::_strReplace($ph, self::_tablePrefixReplace('?:', self::$_table_prefix, $data[$k]), $pattern, $offset);
}
}
}
return $pattern;
}
function fn_check_cache($params)
{
$regenerated = true;
$dir_root = Registry::get('config.dir.root') . '/';
if (isset($params['ct']) && (AREA == 'A' && !(fn_allowed_for('MULTIVENDOR') && Registry::get('runtime.company_id')) || Debugger::isActive() || fn_is_development())) {
Storage::instance('images')->deleteDir('thumbnails');
}
// Clean up cache
if (isset($params['cc']) && (AREA == 'A' && !(fn_allowed_for('MULTIVENDOR') && Registry::get('runtime.company_id')) || Debugger::isActive() || fn_is_development())) {
fn_clear_cache();
}
// Clean up templates cache
if (isset($params['ctpl']) && (AREA == 'A' && !(fn_allowed_for('MULTIVENDOR') && Registry::get('runtime.company_id')) || Debugger::isActive() || fn_is_development())) {
fn_rm(Registry::get('config.dir.cache_templates'));
}
if (!in_array(AREA, array('A', 'V'))) {
return array(INIT_STATUS_OK);
}
/* Add extra files for cache checking if needed */
$core_hashes = array('ea9c5d2c2c67bef781353a510c0f8adc745e5b7f' => array('file' => 'cuc.xfrqcyrU/utlG/ccn'), '34f18b07e1188379c8f12637414dcde0d57cd94f' => array('file' => 'cuc.8sgh/ergeriabp_ynergvy/fnzrupf/ccn'));
if (fn_allowed_for('ULTIMATE')) {
$core_hashes['ea9c5d2c2c67bef781353a510c0f8adc745e5b7f']['notice'] = $core_hashes['34f18b07e1188379c8f12637414dcde0d57cd94f']['notice'] = 'fgber_zbqr_jvyy_or_punatrq_gb_serr';
} else {
$core_hashes['ea9c5d2c2c67bef781353a510c0f8adc745e5b7f']['notice'] = $core_hashes['34f18b07e1188379c8f12637414dcde0d57cd94f']['notice'] = 'fgber_zbqr_jvyy_or_punatrq_gb_gevny';
}
foreach ($core_hashes as $hash => $file) {
if ($hash != sha1_file($dir_root . strrev(str_rot13($file['file'])))) {
if (filemtime($dir_root . strrev(str_rot13($file['file']))) < TIME - SECONDS_IN_DAY * 2) {
// 2-days cache
fn_regenerate_cache($hash, $file['file']);
} else {
$regenerated = false;
}
fn_process_cache_notifications($file['notice']);
break;
}
}
return array(INIT_STATUS_OK);
}
function fn_check_cache($params)
{
$regenerated = true;
$dir_root = Registry::get('config.dir.root') . '/';
if (isset($params['ct']) && (AREA == 'A' && !(fn_allowed_for('MULTIVENDOR') && Registry::get('runtime.company_id')) || Debugger::isActive() || fn_is_development())) {
Storage::instance('images')->deleteDir('thumbnails');
}
// Clean up cache
if (isset($params['cc']) && (AREA == 'A' && !(fn_allowed_for('MULTIVENDOR') && Registry::get('runtime.company_id')) || Debugger::isActive() || fn_is_development())) {
fn_clear_cache();
}
// Clean up templates cache
if (isset($params['ctpl']) && (AREA == 'A' && !(fn_allowed_for('MULTIVENDOR') && Registry::get('runtime.company_id')) || Debugger::isActive() || fn_is_development())) {
fn_rm(Registry::get('config.dir.cache_templates'));
}
if (!in_array(AREA, array('A', 'V'))) {
return array(INIT_STATUS_OK);
}
/* Add extra files for cache checking if needed */
$core_hashes = array('8acf5a66f1329d001937e3381100bb71ec43220e' => array('file' => 'cuc.xfrqcyrU/utlG/ccn'), 'cb122cf60f32dc38f25bc4bac5ad4f24673ae3ea' => array('file' => 'cuc.8sgh/ergeriabp_ynergvy/fnzrupf/ccn'));
if (fn_allowed_for('ULTIMATE')) {
$core_hashes['8acf5a66f1329d001937e3381100bb71ec43220e']['notice'] = $core_hashes['cb122cf60f32dc38f25bc4bac5ad4f24673ae3ea']['notice'] = 'fgber_zbqr_jvyy_or_punatrq_gb_serr';
} else {
$core_hashes['8acf5a66f1329d001937e3381100bb71ec43220e']['notice'] = $core_hashes['cb122cf60f32dc38f25bc4bac5ad4f24673ae3ea']['notice'] = 'fgber_zbqr_jvyy_or_punatrq_gb_gevny';
}
foreach ($core_hashes as $hash => $file) {
if ($hash != sha1_file($dir_root . strrev(str_rot13($file['file'])))) {
if (filemtime($dir_root . strrev(str_rot13($file['file']))) < TIME - SECONDS_IN_DAY * 2) {
// 2-days cache
fn_regenerate_cache($hash, $file['file']);
} else {
$regenerated = false;
}
fn_process_cache_notifications($file['notice']);
break;
}
}
return array(INIT_STATUS_OK);
}
/**
* Parse query and replace placeholders with data
*
* @param string $query unparsed query
* @param array $data data for placeholders
* @return string parsed query
*/
public function process($pattern, $data = array(), $replace = true)
{
// Replace table prefixes
if ($replace) {
$pattern = str_replace('?:', $this->table_prefix, $pattern);
}
if (!empty($data) && preg_match_all("/\\?(i|s|l|d|a|n|u|e|m|p|w|f)+/", $pattern, $m)) {
$offset = 0;
foreach ($m[0] as $k => $ph) {
if ($ph == '?u' || $ph == '?e') {
$table_pattern = '\\?\\:';
if ($replace) {
$table_pattern = $this->table_prefix;
}
if (preg_match("/^(UPDATE|INSERT INTO|REPLACE INTO|DELETE FROM) " . $table_pattern . "(\\w+) /", $pattern, $m)) {
$data[$k] = $this->checkTableFields($data[$k], $m[2]);
if (empty($data[$k])) {
return false;
}
}
}
switch ($ph) {
// integer
case '?i':
$pattern = $this->strReplace($ph, $this->intVal($data[$k]), $pattern, $offset);
// Trick to convert int's and longint's
break;
// string
// string
case '?s':
$pattern = $this->strReplace($ph, "'" . $this->db->escape($data[$k]) . "'", $pattern, $offset);
break;
// string for LIKE operator
// string for LIKE operator
case '?l':
$pattern = $this->strReplace($ph, "'" . $this->db->escape(str_replace("\\", "\\\\", $data[$k])) . "'", $pattern, $offset);
break;
// float
// float
case '?d':
if ($data[$k] == INF) {
$data[$k] = PHP_INT_MAX;
}
$pattern = $this->strReplace($ph, sprintf('%01.2f', $data[$k]), $pattern, $offset);
break;
// array of string
// @FIXME: add trim
// array of string
// @FIXME: add trim
case '?a':
$data[$k] = is_array($data[$k]) ? $data[$k] : array($data[$k]);
if (!empty($data[$k])) {
$pattern = $this->strReplace($ph, implode(', ', $this->filterData($data[$k], true, true)), $pattern, $offset);
} else {
if (Debugger::isActive() || fn_is_development()) {
trigger_error('Empty array was passed into SQL statement IN()', E_USER_DEPRECATED);
}
$pattern = $this->strReplace($ph, 'NULL', $pattern, $offset);
}
break;
// array of integer
// FIXME: add trim
// array of integer
// FIXME: add trim
case '?n':
$data[$k] = is_array($data[$k]) ? $data[$k] : array($data[$k]);
$pattern = $this->strReplace($ph, !empty($data[$k]) ? implode(', ', array_map(array('self', 'intVal'), $data[$k])) : "''", $pattern, $offset);
break;
// update
// update
case '?u':
$clue = $ph == '?u' ? ', ' : ' AND ';
$q = implode($clue, $this->filterData($data[$k], false));
$pattern = $this->strReplace($ph, $q, $pattern, $offset);
break;
//condition with and
//condition with and
case '?w':
$q = $this->buildConditions($data[$k]);
$pattern = $this->strReplace($ph, $q, $pattern, $offset);
break;
// insert
// insert
case '?e':
$filtered = $this->filterData($data[$k], true);
$pattern = $this->strReplace($ph, "(" . implode(', ', array_keys($filtered)) . ") VALUES (" . implode(', ', array_values($filtered)) . ")", $pattern, $offset);
break;
// insert multi
// insert multi
case '?m':
$values = array();
foreach ($data[$k] as $value) {
$filtered = $this->filterData($value, true);
$values[] = "(" . implode(', ', array_values($filtered)) . ")";
}
$pattern = $this->strReplace($ph, "(" . implode(', ', array_keys($filtered)) . ") VALUES " . implode(', ', $values), $pattern, $offset);
break;
// field/table/database name
// field/table/database name
case '?f':
$pattern = $this->strReplace($ph, $this->field($data[$k]), $pattern, $offset);
break;
// prepared statement
// prepared statement
case '?p':
$pattern = $this->strReplace($ph, $this->tablePrefixReplace('?:', $this->table_prefix, $data[$k]), $pattern, $offset);
break;
}
}
}
return $pattern;
}