/** * Build and return a proper URL, from the $vars array. * Note: URL parameters should always be in lower case (one of the coding standards) * * @param array A map of parameter names to parameter values. Values may be strings or integers, or NULL. NULL indicates "skip this". 'page' cannot be NULL. * @param ID_TEXT The zone the URL is pointing to. YOU SHOULD NEVER HARD CODE THIS- USE '_SEARCH', '_SELF' (if you're self-referencing your own page) or the output of get_module_zone. * @param ?array Variables to explicitly not put in the URL (perhaps because we have $keep_all set, or we are blocking certain keep_ values). The format is of a map where the keys are the names, and the values are 1. (NULL: don't skip any) * @param boolean Whether to keep all non-skipped parameters that were in the current URL, in this URL * @param boolean Whether to avoid mod_rewrite (sometimes essential so we can assume the standard URL parameter addition scheme in templates) * @param boolean Whether to skip actually putting on keep_ parameters (rarely will this skipping be desirable) * @param string Hash portion of the URL (blank: none). * @return string The URL in string format. */ function _build_url($vars, $zone_name = '', $skip = NULL, $keep_all = false, $avoid_remap = false, $skip_keep = false, $hash = '') { global $HAS_KEEP_IN_URL, $USE_REWRITE_PARAMS, $CACHE_BOT_TYPE; // Build up our URL base $url = get_base_url(is_page_https($zone_name, isset($vars['page']) ? $vars['page'] : ''), $zone_name); $url .= '/'; // For bots we explicitly unset skippable injected 'keep_' params because it bloats the crawl-space if ($CACHE_BOT_TYPE !== NULL && get_bot_type() !== NULL) { foreach ($vars as $key => $val) { if ($key == 'redirect' || $key == 'root') { unset($vars[$key]); } if (substr($key, 0, 5) == 'keep_' && skippable_keep($key, $val)) { unset($vars[$key]); } } } // Things we need to keep in the url $keep_actual = array(); if ($HAS_KEEP_IN_URL === NULL || $HAS_KEEP_IN_URL || $keep_all) { $mc = get_magic_quotes_gpc(); $keep_cant_use = array(); $HAS_KEEP_IN_URL = false; foreach ($_GET as $key => $val) { if (!is_string($val)) { continue; } $is_keep = false; $appears_keep = $key[0] == 'k' && substr($key, 0, 5) == 'keep_'; if ($appears_keep) { if (!$skip_keep && !skippable_keep($key, $val)) { $is_keep = true; } $HAS_KEEP_IN_URL = true; } if (($keep_all && !$appears_keep || $is_keep) && !array_key_exists($key, $vars) && !isset($skip[$key])) { if ($mc) { $val = stripslashes($val); } if ($is_keep) { $keep_actual[$key] = $val; } else { $vars[$key] = $val; } } elseif ($is_keep) { if ($mc) { $val = stripslashes($val); } $keep_cant_use[$key] = $val; } } $vars += $keep_actual; } global $URL_MONIKERS_ENABLED; if ($URL_MONIKERS_ENABLED === NULL) { $URL_MONIKERS_ENABLED = url_monikers_enabled(); } if ($URL_MONIKERS_ENABLED) { $test = find_id_moniker($vars); if ($test !== NULL) { $vars['id'] = $test; } } // We either use mod_rewrite, or return a standard parameterisation if ($USE_REWRITE_PARAMS === NULL || $avoid_remap) { $use_rewrite_params = can_try_mod_rewrite($avoid_remap); if (!$avoid_remap) { $USE_REWRITE_PARAMS = $use_rewrite_params; } } else { $use_rewrite_params = $USE_REWRITE_PARAMS; } $test_rewrite = NULL; if ($use_rewrite_params) { $test_rewrite = _url_rewrite_params($zone_name, $vars, count($keep_actual) > 0); } else { $test_rewrite = NULL; } if ($test_rewrite === NULL) { $url .= 'index.php'; // Fix sort order if (isset($vars['id'])) { $_vars = $vars; unset($_vars['id']); $vars = array('id' => $vars['id']) + $_vars; } if (isset($vars['type'])) { $_vars = $vars; unset($_vars['type']); $vars = array('type' => $vars['type']) + $_vars; } if (isset($vars['page'])) { $_vars = $vars; unset($_vars['page']); $vars = array('page' => $vars['page']) + $_vars; } // Build up the URL string $symbol = '?'; foreach ($vars as $key => $val) { if ($val === NULL) { continue; } // NULL means skip if ($val === SELF_REDIRECT) { $val = get_self_url(true, true); } // Add in $url .= $symbol . $key . '=' . (is_integer($val) ? strval($val) : urlencode($val)); $symbol = '&'; } } else { $url .= $test_rewrite; } // Done return $url . $hash; }
/** * This is it - the start of rendering of a website page. * Take in all inputs, sends them to the correct functions to process, gathers up all the outputs, sticks them together and echoes them. */ function do_site() { // More SEO redirection (monikers) // Does this URL arrangement support monikers? $url_id = get_param('id', NULL, true); if ($url_id !== NULL && url_monikers_enabled()) { $type = get_param('type', 'misc'); $looking_for = '_SEARCH:' . get_page_name() . ':' . $type . ':_WILD'; $hooks = find_all_hooks('systems', 'content_meta_aware'); $ob_info = NULL; foreach (array_keys($hooks) as $hook) { require_code('hooks/systems/content_meta_aware/' . filter_naughty($hook)); $ob = object_factory('Hook_content_meta_aware_' . $hook, true); if ($ob === NULL) { continue; } $ob_info = $ob->info(); $ob_info['view_pagelink_pattern'] = preg_replace('#:[^:]*$#', ':_WILD', $ob_info['view_pagelink_pattern']); if ($ob_info['view_pagelink_pattern'] == $looking_for && $ob_info['support_url_monikers']) { if (is_numeric($url_id)) { $correct_moniker = find_id_moniker(array('page' => get_page_name(), 'type' => get_param('type', 'misc'), 'id' => $url_id)); if ($correct_moniker !== NULL && $correct_moniker != $url_id && count($_POST) == 0) { header('HTTP/1.0 301 Moved Permanently'); $_new_url = build_url(array('page' => '_SELF', 'id' => $correct_moniker), '_SELF', NULL, true); $new_url = $_new_url->evaluate(); header('Location: ' . $new_url); exit; } } else { // See if it is deprecated if (strpos(get_db_type(), 'mysql') !== false) { $monikers = $GLOBALS['SITE_DB']->query_select('url_id_monikers USE INDEX (uim_moniker)', array('m_resource_id', 'm_deprecated'), array('m_resource_page' => get_page_name(), 'm_resource_type' => get_param('type', 'misc'), 'm_moniker' => $url_id)); } else { $monikers = $GLOBALS['SITE_DB']->query_select('url_id_monikers', array('m_resource_id', 'm_deprecated'), array('m_resource_page' => get_page_name(), 'm_resource_type' => get_param('type', 'misc'), 'm_moniker' => $url_id)); } if (!array_key_exists(0, $monikers)) { warn_exit(do_lang_tempcode('MISSING_RESOURCE')); } $deprecated = $monikers[0]['m_deprecated'] == 1; if ($deprecated && count($_POST) == 0) { $correct_moniker = find_id_moniker(array('page' => get_page_name(), 'type' => get_param('type', 'misc'), 'id' => $monikers[0]['m_resource_id'])); header('HTTP/1.0 301 Moved Permanently'); $_new_url = build_url(array('page' => '_SELF', 'id' => $correct_moniker), '_SELF', NULL, true); $new_url = $_new_url->evaluate(); header('Location: ' . $new_url); exit; } else { $_GET['id'] = $monikers[0]['m_resource_id']; // We need to know the ID number rather than the moniker } } break; } } } // Any messages to output? if (get_param_integer('redirected', 0) == 1) { $messages = $GLOBALS['SITE_DB']->query_select('messages_to_render', array('r_message', 'r_type'), array('r_session_id' => get_session_id()), 'ORDER BY r_time DESC'); foreach ($messages as $message) { if ($GLOBALS['XSS_DETECT']) { ocp_mark_as_escaped($message['r_message']); } attach_message(protect_from_escaping($message['r_message']), $message['r_type']); } if (count($messages) != 0) { $GLOBALS['SITE_DB']->query('DELETE FROM ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'messages_to_render WHERE r_session_id=' . strval((int) get_session_id()) . ' OR r_time<' . strval(time() - 60 * 60)); } } if (in_safe_mode()) { $disable_safe_mode_url = get_self_url(true, true, array('keep_safe_mode' => NULL)); attach_message(do_lang_tempcode('CURRENTLY_HAS_KEEP_SAFE_MODE', escape_html($disable_safe_mode_url)), 'notice'); } if (get_param_integer('keep_fatalistic', 0) == 1) { $disable_fatalistic_url = get_self_url(true, true, array('keep_fatalistic' => NULL)); attach_message(do_lang_tempcode('CURRENTLY_HAS_KEEP_FATALISTIC', escape_html($disable_fatalistic_url)), 'notice'); } $special_page_type = get_param('special_page_type', 'view'); global $ZONE; $keep_markers = get_param_integer('keep_markers', 0); $show_edit_links = get_param_integer('show_edit_links', 0); global $KEEP_MARKERS, $SHOW_EDIT_LINKS; $KEEP_MARKERS = $keep_markers == 1 || $special_page_type == 'show_markers'; if ($KEEP_MARKERS && !headers_sent()) { header('Content-type: text/html; charset=' . get_charset()); } $SHOW_EDIT_LINKS = $show_edit_links == 1 || $special_page_type == 'show_edit_links'; $out_evaluated = NULL; if ($special_page_type != 'view' && $special_page_type != 'show_markers') { require_code('view_modes'); initialise_special_page_types($special_page_type); } // Set up Xdebug profiling if ($special_page_type == 'profile') { if (function_exists('xdebug_start_profiling')) { xdebug_start_profiling(); } // xdebug 1 style if (ini_get('xdebug.profiler_enable') != '1') { attach_message(escape_html('Profiling must be enabled in php.ini'), 'warn'); } // xdebug 2 style if (!is_writable_wrap(ini_get('xdebug.profiler_output_dir'))) { attach_message(escape_html('xdebug.profiler_output_dir needs setting to a writable directory'), 'warn'); } } // Allow the site to be closed $site_closed = get_option('site_closed'); if ($site_closed == '1' && !has_specific_permission(get_member(), 'access_closed_site') && !$GLOBALS['IS_ACTUALLY_ADMIN']) { require_code('site2'); closed_site(); } // Work out which page we're viewing global $PAGE; $PAGE = get_page_name(); $doing_special_page_type = $special_page_type != 'view' && $special_page_type != 'show_markers' && $special_page_type != 'show_edit_links' && $special_page_type != 'memory' && (has_specific_permission(get_member(), 'view_profiling_modes') || $GLOBALS['IS_ACTUALLY_ADMIN']); // Load up our frames into strings. Note that the header and the footer are fixed already. $middle = request_page($PAGE, true); global $CYCLES; $CYCLES = array(); // Here we reset some Tempcode environmental stuff, because template compilation or preprocessing may have dirtied things if ($middle === NULL || $middle->is_definitely_empty()) { $GLOBALS['HTTP_STATUS_CODE'] = '404'; if (!headers_sent()) { if (!browser_matches('ie') && strpos(ocp_srv('SERVER_SOFTWARE'), 'IIS') === false) { header('HTTP/1.0 404 Not Found'); } } $title = get_page_title('ERROR_OCCURRED'); $text = do_lang_tempcode('NO_PAGE_OUTPUT'); $middle = warn_screen($title, $text, false); } // Extra stuff we can tag on (like messages) $additional = new ocp_tempcode(); $site_closed = get_option('site_closed'); // May have been JUST changed in page load - think Setup Wizard if ($site_closed == '1' && $PAGE != 'login' && $PAGE != 'join' && get_param_integer('wide_high', 0) == 0) { $additional->attach(do_template('ADDITIONAL', array('_GUID' => '03a41a91606b3ad05330e7d6f3e741c1', 'TYPE' => 'notice', 'MESSAGE' => do_lang_tempcode(has_specific_permission(get_member(), 'access_closed_site') ? 'SITE_SPECIAL_ACCESS' : 'SITE_SPECIAL_ACCESS_SU')))); } if ($GLOBALS['IS_ACTUALLY_ADMIN']) { $unsu_link = get_self_url(true, true, array('keep_su' => NULL)); $su_username = $GLOBALS['FORUM_DRIVER']->get_username(get_member()); $additional->attach(do_template('ADDITIONAL', array('_GUID' => '13a41a91606b3ad05330e7d6f3e741c1', 'TYPE' => 'notice', 'MESSAGE' => do_lang_tempcode('USING_SU', escape_html($unsu_link), escape_html($su_username))))); } $out = new ocp_tempcode(); // This is important - it makes sure the tempcode tree appears nicely $middle->handle_symbol_preprocessing(); // Due to the '->evaluate()' below, plus so that some symbol preprocessing can be passed into header $out->attach(do_header()); if (function_exists('memory_get_usage') && get_param('special_page_type', '') == 'memory') { if (function_exists('memory_get_peak_usage')) { $memory_usage = memory_get_peak_usage(); } else { $memory_usage = memory_get_usage(); } $additional->attach(do_template('ADDITIONAL', array('_GUID' => 'd605c0d111742a8cd2d4ef270a1e5fe1', 'TYPE' => 'inform', 'MESSAGE' => do_lang_tempcode('MEMORY_USAGE', float_format(round(floatval($memory_usage) / 1024.0 / 1024.0, 2)))))); } // Whack it into our global template global $ATTACHED_MESSAGES; $global_template = 'GLOBAL'; if (get_option('show_docs') == '0') { $GLOBALS['HELPER_PANEL_TUTORIAL'] = ''; } $helper_panel_pic = $GLOBALS['HELPER_PANEL_PIC']; if ($helper_panel_pic != '') { if (find_theme_image($helper_panel_pic, true) == '') { $helper_panel_pic = ''; } } $global = do_template($global_template, array('HELPER_PANEL_TUTORIAL' => $GLOBALS['HELPER_PANEL_TUTORIAL'], 'HELPER_PANEL_HTML' => $GLOBALS['HELPER_PANEL_HTML'], 'HELPER_PANEL_TEXT' => $GLOBALS['HELPER_PANEL_TEXT'], 'HELPER_PANEL_PIC' => $helper_panel_pic, 'MIDDLE' => $doing_special_page_type ? $middle : $middle->evaluate(), 'MESSAGE_TOP' => $ATTACHED_MESSAGES, 'MESSAGE' => $additional, 'BREADCRUMBS' => breadcrumbs())); unset($middle); $out->attach($global); $out->attach(do_footer()); $out->handle_symbol_preprocessing(); if (get_value('xhtml_strict') === '1') { $out = make_xhtml_strict($out); } // Validation $novalidate = get_param_integer('keep_novalidate', get_param_integer('novalidate', 0)); $show_edit_links = get_param_integer('show_edit_links', 0); if ((in_array(ocp_srv('HTTP_HOST'), array('localhost', 'test.ocportal.com')) || $GLOBALS['FORUM_DRIVER']->is_staff(get_member())) && ($special_page_type == 'code' || $novalidate == 0 && get_option('validation') == '1') && $GLOBALS['REFRESH_URL'][0] == '' && $show_edit_links == 0) { require_code('view_modes'); $out_evaluated = $out->evaluate(NULL, false); do_xhtml_validation($out_evaluated, $special_page_type == 'code' && get_param_integer('preview_mode', NULL) === NULL, get_param_integer('preview_mode', 0)); } // Cacheing for spiders if (running_script('index') && count($_POST) == 0 && isset($GLOBALS['SITE_INFO']['fast_spider_cache']) && $GLOBALS['SITE_INFO']['fast_spider_cache'] == '1' && is_guest()) { $bot_type = get_bot_type(); if (($bot_type !== NULL || isset($GLOBALS['SITE_INFO']['any_guest_cached_too']) && $GLOBALS['SITE_INFO']['any_guest_cached_too'] == '1') && can_fast_spider_cache()) { $fast_cache_path = get_custom_file_base() . '/persistant_cache/' . md5(serialize(get_self_url_easy())); if ($bot_type === NULL) { $fast_cache_path .= '__non-bot'; } if (!array_key_exists('js_on', $_COOKIE)) { $fast_cache_path .= '__no-js'; } if (is_mobile()) { $fast_cache_path .= '_mobile'; } $fast_cache_path .= '.gcd'; if (!is_dir(get_custom_file_base() . '/persistant_cache/')) { if (@mkdir(get_custom_file_base() . '/persistant_cache/', 0777)) { fix_permissions(get_custom_file_base() . '/persistant_cache/', 0777); sync_file(get_custom_file_base() . '/persistant_cache/'); } else { intelligent_write_error($fast_cache_path); } } $out_evaluated = $out->evaluate(NULL, false); $myfile = @fopen($fast_cache_path, 'wb') or intelligent_write_error($fast_cache_path); if (function_exists('gzencode')) { fwrite($myfile, gzencode($out_evaluated, 9)); } else { fwrite($myfile, $out_evaluated); } fclose($myfile); fix_permissions($fast_cache_path); sync_file($fast_cache_path); } } if ($doing_special_page_type) { special_page_types($special_page_type, $out, $out_evaluated); } // We calculated the time before outputting so that latency and bandwidth do not adversely affect the result global $PAGE_START_TIME, $PAGE_STRING; $page_generation_time = microtime_diff($PAGE_START_TIME, microtime(false)); if (!$GLOBALS['QUICK_REDIRECT']) { if ($out_evaluated !== NULL) { echo $out_evaluated; } else { $GLOBALS['FINISHING_OUTPUT'] = true; $out->evaluate_echo(); } } // Finally, stats if ($PAGE_STRING !== NULL) { log_stats($PAGE_STRING, intval($page_generation_time)); } // When someone hits the Admin Zone front page. if ($ZONE['zone_name'] == 'adminzone' && get_page_name() == 'start') { // Security feature admins can turn on require_code('notifications'); $current_username = $GLOBALS['FORUM_DRIVER']->get_username(get_member()); $subject = do_lang('AFA_NOTIFICATION_MAIL_SUBJECT', $current_username, get_site_name(), get_ip_address()); $mail = do_lang('AFA_NOTIFICATION_MAIL', comcode_escape(get_site_name()), comcode_escape($current_username), comcode_escape(get_ip_address())); dispatch_notification('adminzone_frontpage_accessed', NULL, $subject, $mail); // Track very basic details of what sites use ocPortal. You can remove if you like. if (preg_match('#^localhost[\\.\\:$]?#', ocp_srv('HTTP_HOST')) == 0) { global $EXPIRE, $KEY; $timeout_before = @ini_get('default_socket_timeout'); @ini_set('default_socket_timeout', '3'); http_download_file('http://ocportal.com/user.php?url=' . urlencode(get_base_url()) . '&name=' . urlencode(get_site_name()) . '®istered=2&key=' . ($KEY === NULL ? '' : strval($KEY)) . '&expire=' . ($EXPIRE === NULL ? '' : strval($EXPIRE)) . '&version=' . urlencode(ocp_version_full()), NULL, false); @ini_set('default_socket_timeout', $timeout_before); } } // Little disk space check $last_space_check = get_value('last_space_check'); if ($last_space_check === NULL || intval($last_space_check) < time() - 60 * 60 * 3) { set_value('last_space_check', strval(time())); $low_space_check = intval(get_option('low_space_check')) * 1024 * 1024; $disk_space = @disk_free_space(get_file_base()); if (is_integer($disk_space) && $disk_space < $low_space_check) { require_code('notifications'); $subject = do_lang('LOW_DISK_SPACE_SUBJECT', NULL, NULL, NULL, get_site_default_lang()); $message = do_lang('LOW_DISK_SPACE_MAIL', strval(intval(round($disk_space / 1024 / 1024))), NULL, NULL, get_site_default_lang()); dispatch_notification('low_disk_space', NULL, $subject, $message, NULL, A_FROM_SYSTEM_PRIVILEGED); } } //exit(); }
/** * Take a moniker and it's page link details, and make a full path from it. * * @param ID_TEXT Page name. * @param ID_TEXT Screen type code. * @param ID_TEXT Resource ID. * @param string Pathless moniker. * @return string The fully qualified moniker. */ function _give_moniker_scope($page, $type, $id, $main) { // Does this URL arrangement support monikers? global $CONTENT_OBS; load_moniker_hooks(); $found = false; $looking_for = '_SEARCH:' . $page . ':' . $type . ':_WILD'; $ob_info = isset($CONTENT_OBS[$looking_for]) ? $CONTENT_OBS[$looking_for] : NULL; $moniker = $main; if (is_null($ob_info)) { return $moniker; } if (!is_null($ob_info['parent_category_field'])) { // Lookup DB record so we can discern the category $bak = $GLOBALS['NO_DB_SCOPE_CHECK']; $GLOBALS['NO_DB_SCOPE_CHECK'] = true; $select = array($ob_info['id_field']); if (substr($ob_info['title_field'], 0, 5) != 'EVAL:' && substr($ob_info['title_field'], 0, 5) != 'CALL:') { $select[] = $ob_info['title_field']; } if (!is_null($ob_info['parent_category_field'])) { $select[] = $ob_info['parent_category_field']; } $id_flat = mixed(); if ($ob_info['id_field_numeric']) { $id_flat = intval($id); } else { $id_flat = $id; } $_moniker_src = $GLOBALS['SITE_DB']->query_select($ob_info['table'], $select, array($ob_info['id_field'] => $id_flat)); $GLOBALS['NO_DB_SCOPE_CHECK'] = $bak; if (!array_key_exists(0, $_moniker_src)) { return $moniker; } // been deleted? // Discern the path (will effectively recurse, due to find_id_moniker call) $view_category_pagelink_pattern = explode(':', $ob_info['view_category_pagelink_pattern']); $parent = $_moniker_src[0][$ob_info['parent_category_field']]; if (is_integer($parent)) { $parent = strval($parent); } if (is_null($parent) || $parent === 'root' || $parent === '' || $parent == strval(db_get_first_id())) { $tree = NULL; } else { $tree = find_id_moniker(array('page' => $view_category_pagelink_pattern[1], 'type' => $view_category_pagelink_pattern[2], 'id' => $parent)); } // Okay, so our full tree path is as follows if (!is_null($tree)) { $moniker = $tree . '/' . $main; } } return $moniker; }