function set_path_variables()
{
global $ConfSitePATH, $ConfSiteBase, $ConfSiteSuffix;
if (!@$ConfSitePATH) {
$ConfSitePATH = substr(__FILE__, 0, strrpos(__FILE__, "/"));
while ($ConfSitePATH !== "" && !file_exists("{$ConfSitePATH}/src/init.php")) {
$ConfSitePATH = substr($ConfSitePATH, 0, strrpos($ConfSitePATH, "/"));
}
if ($ConfSitePATH === "") {
$ConfSitePATH = "/var/www/html";
}
}
require_once "{$ConfSitePATH}/lib/navigation.php";
if (@$ConfSiteBase === null) {
$ConfSiteBase = Navigation::siteurl();
}
if (@$ConfSiteSuffix === null) {
$ConfSiteSuffix = Navigation::php_suffix();
}
}
function hoturl($page, $options = null)
{
$siteurl = Navigation::siteurl();
$t = hoturl_site_relative($page, $options);
if ($page !== "index") {
return $siteurl . $t;
}
$trail = substr($t, 5 + strlen(Navigation::php_suffix()));
if (@$trail[0] === "/") {
return $siteurl . $t;
} else {
if ($siteurl !== "") {
return $siteurl . $trail;
} else {
return Navigation::site_path() . $trail;
}
}
}
function expandvar($what, $isbool = false)
{
global $Opt;
$len = strlen($what);
// generic expansions: OPT, URLENC
if ($len > 7 && substr($what, 0, 5) == "%OPT(" && substr($what, $len - 2) == ")%") {
$inner = "%" . substr($what, 5, $len - 7) . "%";
$yes = $this->expandvar($inner, true);
if ($isbool) {
return $yes;
} else {
if ($yes) {
return $this->expandvar($inner, false);
} else {
return $yes === null ? $what : "";
}
}
}
if ($len > 10 && substr($what, 0, 8) == "%URLENC(" && substr($what, $len - 2) == ")%") {
$inner = "%" . substr($what, 8, $len - 10) . "%";
$yes = $this->expandvar($inner, true);
if ($isbool) {
return $yes;
} else {
if ($yes) {
return urlencode($this->expandvar($inner, false));
} else {
return $yes === null ? $what : "";
}
}
}
// expansions that do not require a recipient
if ($what == "%CONFNAME%") {
$t = Conf::$gLongName;
if (Conf::$gShortName && Conf::$gShortName != Conf::$gLongName) {
$t .= " (" . Conf::$gShortName . ")";
}
return $t;
}
if ($what == "%CONFSHORTNAME%") {
return Conf::$gShortName;
}
if ($what == "%CONFLONGNAME%") {
return Conf::$gLongName;
}
if ($what == "%SIGNATURE%") {
return get($Opt, "emailSignature") ?: "- " . Conf::$gShortName . " Submissions";
}
if ($what == "%ADMIN%" || $what == "%SITECONTACT%") {
return $this->expand_user(Contact::site_contact(), "CONTACT");
}
if ($what == "%ADMINNAME%") {
return $this->expand_user(Contact::site_contact(), "NAME");
}
if ($what == "%ADMINEMAIL%" || $what == "%SITEEMAIL%") {
return $this->expand_user(Contact::site_contact(), "EMAIL");
}
if ($what == "%URL%") {
return $Opt["paperSite"];
} else {
if ($len > 7 && substr($what, 0, 5) == "%URL(" && substr($what, $len - 2) == ")%") {
$a = preg_split('/\\s*,\\s*/', substr($what, 5, $len - 7));
for ($i = 0; $i < count($a); ++$i) {
$a[$i] = $this->expand($a[$i], "urlpart");
$a[$i] = preg_replace('/\\&(?=\\&|\\z)/', "", $a[$i]);
}
return hoturl_absolute_nodefaults($a[0], isset($a[1]) ? $a[1] : "");
}
}
if ($what == "%PHP%") {
return Navigation::php_suffix();
}
if (preg_match('/\\A%(CONTACT|NAME|EMAIL|FIRST|LAST)%\\z/', $what, $m)) {
if ($this->recipient) {
if ($this->preparation) {
$this->preparation->preparation_owner = $this->recipient->email;
}
return $this->expand_user($this->recipient, $m[1]);
} else {
if ($isbool) {
return false;
}
}
}
if ($what == "%LOGINNOTICE%") {
if (get($Opt, "disableCapabilities")) {
return $this->expand(get($Opt, "mailtool_loginNotice", " To sign in, either click the link below or paste it into your web browser's location field.\n\n%LOGINURL%"), $isbool);
} else {
return "";
}
}
if ($what == "%REASON%" || $what == "%ADMINUPDATE%" || $what == "%NOTES%") {
$which = strtolower(substr($what, 1, strlen($what) - 2));
$value = $this->{$which};
if ($value === null && !$this->recipient) {
return $isbool ? null : $what;
} else {
if ($what == "%ADMINUPDATE%") {
return $value ? "An administrator performed this update. " : "";
} else {
return $value === null ? "" : $value;
}
}
}
$result = $this->expandvar_generic($what, $isbool);
if ($result !== self::EXPANDVAR_CONTINUE) {
return $result;
}
// exit if no recipient
$external_password = isset($Opt["ldapLogin"]) || isset($Opt["httpAuthLogin"]);
if (!$this->recipient) {
if ($isbool && $what == "%PASSWORD%" && $external_password) {
return false;
} else {
return $isbool ? null : $what;
}
}
// expansions that require a recipient
if ($what == "%LOGINURL%" || $what == "%LOGINURLPARTS%" || $what == "%PASSWORD%") {
$password = false;
if (!$external_password) {
$pwd_plaintext = $this->recipient->plaintext_password();
if ($pwd_plaintext && !$this->sensitivity) {
$password = $pwd_plaintext;
} else {
if ($pwd_plaintext && $this->sensitivity === "display") {
$password = "******";
}
}
}
$loginparts = "";
if (!isset($Opt["httpAuthLogin"])) {
$loginparts = "email=" . urlencode($this->recipient->email);
if ($password) {
$loginparts .= "&password="******"%LOGINURL%") {
return $Opt["paperSite"] . ($loginparts ? "/?" . $loginparts : "/");
} else {
if ($what == "%LOGINURLPARTS%") {
return $loginparts;
} else {
return $isbool || $password ? $password : "";
}
}
}
if ($what == "%CAPABILITY%") {
return $isbool || $this->capability ? $this->capability : "";
}
$result = $this->expandvar_recipient($what, $isbool);
if ($result !== self::EXPANDVAR_CONTINUE) {
return $result;
}
// fallback
if ($isbool) {
return false;
} else {
$this->_unexpanded[$what] = true;
return $what;
}
}
public static function analyze($index_name = "index")
{
if (PHP_SAPI == "cli") {
return;
}
if (@$_SERVER["HTTPS"] && $_SERVER["HTTPS"] != "off") {
list($x, $xport) = array("https://", 443);
} else {
list($x, $xport) = array("http://", 80);
}
self::$protocol = $x;
if (!@$_SERVER["HTTP_HOST"]) {
$x .= "localhost";
} else {
$x .= $_SERVER["HTTP_HOST"];
}
if (($port = @$_SERVER["SERVER_PORT"]) && $port != $xport && strpos($x, ":", 6) === false) {
$x .= ":" . $port;
}
self::$server = $x;
// detect $sitedir
$sfilename = $_SERVER["SCRIPT_FILENAME"];
// pathname
$sfile = substr($sfilename, strrpos($sfilename, "/") + 1);
$sname = $_SERVER["SCRIPT_NAME"];
// URL-decoded
$sname_slash = strrpos($sname, "/");
if (substr($sname, $sname_slash + 1) !== $sfile) {
if ($sname === "" || $sname[strlen($sname) - 1] !== "/") {
$sname .= "/";
}
$sname_slash = strlen($sname) - 1;
}
$uri = $_SERVER["REQUEST_URI"];
// URL-encoded
if (substr($uri, 0, $sname_slash) === substr($sname, 0, $sname_slash)) {
$uri_slash = $sname_slash;
} else {
// URL-encoded prefix != URL-decoded prefix
for ($nslash = substr_count(substr($sname, 0, $sname_slash), "/"), $uri_slash = 0; $nslash > 0; --$nslash) {
$uri_slash = strpos($uri, "/", $uri_slash + 1);
}
}
if ($uri_slash === false || $uri_slash > strlen($uri)) {
$uri_slash = strlen($uri);
}
self::$sitedir = substr($uri, 0, $uri_slash) . "/";
// separate $page, $path, $query
$uri_suffix = substr($uri, $uri_slash);
preg_match(',\\A(/[^/\\?\\#]*|)([^\\?\\#]*)(.*)\\z,', substr($uri, $uri_slash), $m);
if ($m[1] !== "" && $m[1] !== "/") {
self::$page = urldecode(substr($m[1], 1));
} else {
self::$page = $index_name;
}
self::$path = urldecode($m[2]);
self::$query = $m[3];
// detect $sitedir_relative
$path_slash = substr_count(self::$path, "/");
if ($path_slash) {
self::$sitedir_relative = str_repeat("../", $path_slash);
} else {
if ($uri_slash >= strlen($uri)) {
self::$sitedir_relative = self::$sitedir;
} else {
self::$sitedir_relative = "";
}
}
self::$php_suffix = "";
}
function hoturl($page, $options = null)
{
$siteurl = Navigation::siteurl();
$t = hoturl_site_relative($page, $options);
if ($page !== "index") {
return $siteurl . $t;
}
$expectslash = 5 + strlen(Navigation::php_suffix());
if (strlen($t) < $expectslash || substr($t, 0, $expectslash) !== "index" . Navigation::php_suffix() || strlen($t) > $expectslash && $t[$expectslash] === "/") {
return $siteurl . $t;
} else {
return ($siteurl !== "" ? $siteurl : Navigation::site_path()) . substr($t, $expectslash);
}
}
private function header_head($title)
{
global $Me, $ConfSitePATH, $Opt;
// load session list and clear its cookie
$list = SessionList::active();
SessionList::set_requested(0);
echo "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"google\" content=\"notranslate\" />\n";
if (isset($Opt["fontScript"])) {
echo $Opt["fontScript"];
}
echo $this->make_css_link("stylesheets/style.css"), "\n";
if (get($Opt, "mobileStylesheet")) {
echo '<meta name="viewport" content="width=device-width, initial-scale=1">', "\n";
echo $this->make_css_link("stylesheets/mobile.css", "screen and (max-width: 768px)"), "\n";
}
if (isset($Opt["stylesheets"])) {
foreach (mkarray($Opt["stylesheets"]) as $css) {
echo $this->make_css_link($css), "\n";
}
}
// favicon
if ($favicon = defval($Opt, "favicon", "images/review24.png")) {
if (strpos($favicon, "://") === false && $favicon[0] != "/") {
if (get($Opt, "assetsUrl") && substr($favicon, 0, 7) === "images/") {
$favicon = $Opt["assetsUrl"] . $favicon;
} else {
$favicon = Navigation::siteurl() . $favicon;
}
}
if (substr($favicon, -4) == ".png") {
echo "<link rel=\"icon\" type=\"image/png\" href=\"{$favicon}\" />\n";
} else {
if (substr($favicon, -4) == ".ico") {
echo "<link rel=\"shortcut icon\" href=\"{$favicon}\" />\n";
} else {
if (substr($favicon, -4) == ".gif") {
echo "<link rel=\"icon\" type=\"image/gif\" href=\"{$favicon}\" />\n";
} else {
echo "<link rel=\"icon\" href=\"{$favicon}\" />\n";
}
}
}
}
// title
echo "<title>";
if ($title) {
$title = preg_replace("/<([^>\"']|'[^']*'|\"[^\"]*\")*>/", "", $title);
$title = preg_replace(",(?: | | )+,", " ", $title);
$title = str_replace("∕", "-", $title);
}
if ($title) {
echo $title, " - ";
}
echo htmlspecialchars($Opt["shortName"]), "</title>\n</head>\n";
// jQuery
$stash = Ht::take_stash();
if (isset($Opt["jqueryUrl"])) {
$jquery = $Opt["jqueryUrl"];
} else {
if (get($Opt, "jqueryCdn")) {
$jquery = "//code.jquery.com/jquery-1.12.3.min.js";
} else {
$jquery = "scripts/jquery-1.12.3.min.js";
}
}
Ht::stash_html($this->make_script_file($jquery, true) . "\n");
// Javascript settings to set before script.js
Ht::stash_script("siteurl=" . json_encode(Navigation::siteurl()) . ";siteurl_suffix=\"" . Navigation::php_suffix() . "\"");
if (session_id() !== "") {
Ht::stash_script("siteurl_postvalue=\"" . post_value() . "\"");
}
if ($list) {
Ht::stash_script("hotcrp_list=" . json_encode(["num" => $list->listno, "id" => $list->listid]) . ";");
}
if ($urldefaults = hoturl_defaults()) {
Ht::stash_script("siteurl_defaults=" . json_encode($urldefaults) . ";");
}
Ht::stash_script("assetsurl=" . json_encode($Opt["assetsUrl"]) . ";");
$huser = (object) array();
if ($Me && $Me->email) {
$huser->email = $Me->email;
}
if ($Me && $Me->is_pclike()) {
$huser->is_pclike = true;
}
if ($Me && $Me->has_database_account()) {
$huser->cid = $Me->contactId;
}
Ht::stash_script("hotcrp_user="******";");
$pid = get($_REQUEST, "paperId");
$pid = $pid && ctype_digit($pid) ? (int) $pid : 0;
if (!$pid && $this->paper) {
$pid = $this->paper->paperId;
}
if ($pid) {
Ht::stash_script("hotcrp_paperid={$pid}");
}
if ($pid && $Me && $Me->is_admin_force()) {
Ht::stash_script("hotcrp_want_override_conflict=true");
}
// script.js
if (!get($Opt, "noDefaultScript")) {
Ht::stash_html($this->make_script_file("scripts/script.js") . "\n");
}
// other scripts
if (get($Opt, "scripts")) {
foreach ($Opt["scripts"] as $file) {
Ht::stash_html($this->make_script_file($file) . "\n");
}
}
if ($stash) {
Ht::stash_html($stash);
}
}
private function header_head($title)
{
global $Me, $ConfSitePATH, $CurrentList;
echo "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta http-equiv=\"Content-Style-Type\" content=\"text/css\" />\n<meta http-equiv=\"Content-Script-Type\" content=\"text/javascript\" />\n<meta http-equiv=\"Content-Language\" content=\"en\" />\n<meta name=\"google\" content=\"notranslate\" />\n";
if (strstr($title, "<") !== false) {
$title = preg_replace("/<([^>\"']|'[^']*'|\"[^\"]*\")*>/", "", $title);
}
echo $this->opt("fontScript", "");
echo $this->make_css_link("stylesheets/style.css"), "\n";
if ($this->opt("mobileStylesheet")) {
echo '<meta name="viewport" content="width=device-width, initial-scale=1">', "\n";
echo $this->make_css_link("stylesheets/mobile.css", "screen and (max-width: 768px)"), "\n";
}
foreach (mkarray($this->opt("stylesheets", [])) as $css) {
echo $this->make_css_link($css), "\n";
}
// favicon
$favicon = $this->opt("favicon");
if ($favicon) {
if (strpos($favicon, "://") === false && $favicon[0] != "/") {
if ($this->opt["assetsUrl"] && substr($favicon, 0, 7) === "images/") {
$favicon = $this->opt["assetsUrl"] . $favicon;
} else {
$favicon = Navigation::siteurl() . $favicon;
}
}
if (substr($favicon, -4) == ".png") {
echo "<link rel=\"icon\" type=\"image/png\" href=\"{$favicon}\" />\n";
} else {
if (substr($favicon, -4) == ".ico") {
echo "<link rel=\"shortcut icon\" href=\"{$favicon}\" />\n";
} else {
if (substr($favicon, -4) == ".gif") {
echo "<link rel=\"icon\" type=\"image/gif\" href=\"{$favicon}\" />\n";
} else {
echo "<link rel=\"icon\" href=\"{$favicon}\" />\n";
}
}
}
}
// jQuery
if (isset($this->opt["jqueryUrl"])) {
$jquery = $this->opt["jqueryUrl"];
} else {
if ($this->opt("jqueryCdn")) {
$jquery = "//code.jquery.com/jquery-1.12.3.min.js";
} else {
$jquery = "scripts/jquery-1.12.3.min.js";
}
}
Ht::stash_html($this->make_script_file($jquery, true) . "\n");
Ht::stash_html($this->make_script_file("scripts/jquery.color-2.1.2.min.js", true) . "\n");
Ht::stash_html($this->make_script_file("scripts/jquery.flot.min.js", true) . "\n");
//Ht::stash_html($this->make_script_file("scripts/ZeroClipboard.min.js", true) . "\n");
// Javascript settings to set before script.js
Ht::stash_script("siteurl=" . json_encode(Navigation::siteurl()) . ";siteurl_suffix=\"" . Navigation::php_suffix() . "\"");
if (session_id() !== "") {
Ht::stash_script("siteurl_postvalue=\"" . post_value() . "\"");
}
if (@$CurrentList && ($list = SessionList::lookup($CurrentList))) {
Ht::stash_script("hotcrp_list={num:{$CurrentList},id:\"" . addcslashes($list->listid, "\n\r\\\"/") . "\"}");
}
if ($urldefaults = hoturl_defaults()) {
Ht::stash_script("siteurl_defaults=" . json_encode($urldefaults) . ";");
}
Ht::stash_script("assetsurl=" . json_encode($this->opt["assetsUrl"]) . ";");
$huser = (object) array();
if ($Me && $Me->email) {
$huser->email = $Me->email;
}
if ($Me && $Me->is_pclike()) {
$huser->is_pclike = true;
}
Ht::stash_script("hotcrp_user="******"ZeroClipboard.setDefaults({moviePath:\"" . Navigation::siteurl() . "cacheable" . Navigation::php_suffix() . "?file=scripts/ZeroClipboard.swf&mtime=" . filemtime("$ConfSitePATH/scripts/ZeroClipboard.swf") . "\"})");
// script.js
if (!$this->opt("noDefaultScript")) {
Ht::stash_html($this->make_script_file("scripts/script.js") . "\n");
}
echo Ht::unstash();
echo "<title>";
if ($title) {
echo $title, " - ";
}
echo htmlspecialchars($this->short_name), "</title>\n</head>\n";
}