public function run() { $static_found = false; foreach (Core::get_system('static_views') as $view) { /** Verify a static template for the url does not exist */ $dir = opendir(Core::get_system('views') . '/' . $view); while ($file = readdir($dir)) { /** This is a template file that has a url specific extension */ $exploded = explode('.', $file); if (strpos($file, '.tpl') && $exploded[1] === current(Core::get_args())) { $static_found = true; } } closedir($dir); if ($static_found) { break; } } /** Handle 404 Errors */ if (current(Core::get_args()) !== 'default' && $static_found === false) { Core::error('404'); } else { /** Display the default page or 404*/ Core::display(); } }
public function __construct() { // load the field templates if (($this->field_template = Core::config('db_field_templates')) && count($this->field_template) > 0) { // we have to make sure all the templates have string keys defined since we'll use them as names foreach ($this->field_template as $key => $field) { if (!is_string($key)) { if (!isset($field['NAME'])) { Core::error('DBFDTM', 'LIBTIT', array(__CLASS__, $key)); } else { $this->field_template[$field['NAME']] =& $field; // remove old keys unset($this->field_template[$key], $this->field_template[$field['NAME']]['NAME']); } } } } else { $this->field_template = false; } // propagate database connection info to public vars if (is_array(DB::$INFO)) { foreach (DB::$INFO as $param => $value) { $this->{$param} = $value; } } // initialize the connection if the auto flag is set to true. if (DB::$AUTO === true) { $this->init(); } }
protected function _query($sql, $error = true) { $sql = $this->_query_set($sql); echo '<h3>' . $sql . '::'; $qry = @mysql_query($sql, $this->DB); echo var_dump($qry) . '</h3>'; if (!$qry && $error) { Core::error('DBIQRY', 'LIBTIT', array('__METHOD-2__', mysql_error())); } else { return $qry; } }
/** * This function is used to load views and files. * Variables are prefixed with __ to avoid symbol collision with * variables made available to view files **/ private static function _loadfile($name, $vars, $__return, $ispath = false) { // we make sure that vars is an array even if it's empty. if (!is_array($vars)) { $vars = array(); } // if $name refers to a file located in the views directory // or to an absolute file path. if (!$ispath) { // Add the views directory path and the default // file extension if $name of doesn't contain one $__path = pathinfo($name, PATHINFO_EXTENSION) != '' ? VIEW . $name : VIEW . $name . EXT; } else { $__path = $name; } if (!file_exists($__path)) { Core::error('404MSG', 'LIBTIT', array(__CLASS__, $name)); } // Extract variables to file (if any). // Note: We're merging the $vars array with the self::$_VAR array // so we can use either of the two methods available for accessing these vars. extract(self::$_VAR = array_merge(self::$_VAR, $vars)); // Unset variables so they don't interfere with files' vars. unset($name, $vars, $ispath); // Start buffering ob_start(); // Forcing PHP Short Tags // Note: I recommend not to use this feature, if your PHP installation // doesn't support it natively and you plan to code a complex application. // It's wasting processing time just for avoiding to write some chars. don't be lazy! if ((bool) @ini_get('short_open_tag') === false && Core::config('force_short_tags') === true) { echo eval('?>' . preg_replace("/;*\\s*\\?>/", "; ?>", str_replace('<?=', '<?php echo ', file_get_contents($__path))) . '<?php '); } else { require $__path; } // return the file data if requested if ($__return) { $b = ob_get_contents(); ob_end_clean(); return $b; } // Flushing the buffer // In order to allow views to be nested within other views, we need to flush // the content back out whenever we are beyond the first level of Output Buffering // So it can be seen and included properly by the first included template and any subsequent ones. Oy! if (!Core::obflush()) { $c = ob_get_contents(); ob_end_clean(); Output::append($c); } }
private static function _cachewrite($output) { // Build the file path and open the file $path = self::_cachepath(); if (!($file = @fopen($path, 'wb'))) { Core::error('403MSG', 'LIBTIT', array(__CLASS__, 'cache')); } // determine the cache expiration time $exp = time() + self::$_CEX * 60; // lock the file so it can only be written flock($file, LOCK_EX); // write the timestamp and the output fwrite($file, $exp . 'TS--->' . $output); // unlock and close the cache file flock($file, LOCK_UN); fclose($file); // set write permissions to newly created cache file @chmod($path, 0777); }
/** Loads the Template File and Compiles the Template if needed **/ private function loadTemplate() { try { if (file_exists('template/sites/tpl.' . $this->_page . '.php')) { $content = $_GET['content']; if ($this->_data != "") { $tpl = (include 'template/sites/tpl.' . $this->_page . '.php?data=' . $this->_data); } else { $tpl = (include 'template/sites/tpl.' . $this->_page . '.php'); } if ($tpl != "1") { echo $tpl; } if ($this->_cache && self::$_cacheableData) { $this->saveTemplate($tpl); } self::$_cacheableData = true; } else { throw new Exception(Core::error('<b> Seite konnte nicht gefunden werden. Name wahrscheinlich falsch.</b><br />template/sites/tpl.' . $this->_page . $this->c . '.php<br /><br /><a href="index.html" style="color: black">Zurück zur Startseite</a>')); } } catch (Exception $e) { echo $e->getMessage(); //echo '<div style="border: 1 solid black; width: 500px; background: rgb(150,70,70); text-align: center; padding: 20px; margin: 15px auto;"><b> Fehler in Datei: tpl.' . $this->_page . '.php</b></div>'; } }
public function route($app, $action) { if (!empty(Core::$user->id)) { foreach (['edit', 'conf'] as $v) { if (isset($_REQUEST[$v]) && Core::$user->has($v)) { $_SESSION['pe_' . substr($v, 0, 1)] = !empty($_REQUEST[$v]); Http::redirect(); } } } if (Core::$core->app == 'login') { if (Core::$user->id) { Http::redirect('/'); } $A = 'admin'; if (Core::isTry() && !empty($_REQUEST['id'])) { if ($_REQUEST['id'] == $A && !empty(Core::$core->masterpasswd) && password_verify($_POST['pass'], Core::$core->masterpasswd)) { $_SESSION['pe_u']->id = -1; $_SESSION['pe_u']->name = $A; } else { Core::event("login", [$_REQUEST['id'], $_POST['pass']]); } if (!empty($_SESSION['pe_u']->id)) { Core::log('A', 'Login ' . $_SESSION['pe_u']->name, 'users'); Http::redirect(); } else { Core::error(L('Bad username or password'), 'id'); } } } elseif (Core::$core->app == 'logout') { $i = Core::$user->id; if ($i) { Core::log('A', 'Logout ' . Core::$user->name, 'users'); if ($i != -1) { Core::event("logout"); } } session_destroy(); Http::redirect('/'); } }
/** * Check that is a variable provided and that it is an array **/ private static function _check(&$array = false, $_doublebacktrace = false) { // if this is a call from _types show the method from two traces back $err = array('__METHOD' . (!$_doublebacktrace ? '-1' : '-2') . '__', '$array'); if (!$array) { Core::error('VARREQ', 'LIBTIT', $err); } if (!is_array($array)) { Core::error('ARRTYP', 'LIBTIT', $err); } }
/** * Save page meta information * * @param parameters * @param boolean new page */ static function savePageInfo($params, $new = false) { if (empty(Core::$user->id) || !Core::$user->has("siteadm|webadm")) { throw new \Exception(L('No user id')); } $rename = false; //! url checks if ($new) { if (!empty(DS::fetch("id", static::$_table, "id=? AND lang=?", "", "", [$params['id'], $params['lang']]))) { Core::error(L("A page already exists with this url!"), "page.id"); return false; } } else { //! if url changed if (!$new && !empty($params['pageid']) && $params['pageid'] != $params['id']) { $rename = true; DS::exec("UPDATE " . static::$_table . " SET id=? WHERE id=?", [$params['id'], $params['pageid']]); Core::log('A', sprintf("Page %s renamed to %s by %s", $params['pageid'], $params['id'], Core::$user->name), "cmsaudit"); } } //! create page object $page = new self($params['id']); $needsave = false; foreach ($params as $k => $v) { if (property_exists($page, $k) && $page->{$k} != $v) { Core::log('A', sprintf("Set page %s for %s by %s", $k, $params['id'], Core::$user->name) . (Core::$core->runlevel > 2 ? " '" . addslashes(strtr($page->{$k}, ["\n" => ""])) . "' -> '" . addslashes(strtr($v, ["\n" => ""])) . "'" : ""), "cmsaudit"); $page->{$k} = $v; $needsave = true; } } //! save it if ($needsave && !$page->save($new)) { Core::error(L("Unable to save page!")); return false; } elseif ($new || $rename) { //! on successful new add and renames, redirect user to the new page die("<html><script>window.parent.document.location.href='" . url($params['id']) . "';</script></html>"); } return true; }
/** * Handle image upload * * @param file array */ static function uploadImage($file) { if ($file['error'] == 4) { return; } if ($file['error'] != 0 || $file['size'] < 1) { Core::error(ucfirst(L('failed to upload file.'))); } elseif (substr($file['type'], 0, 5) != 'image') { Core::error(L('Only images allowed.')); } else { if (!is_dir("data/gallery")) { mkdir("data/gallery", 0750); } //! generate different image sizes $l = count(self::$sizes) - 1; foreach (self::$sizes as $k => $s) { if (!is_dir("data/gallery/" . $k)) { mkdir("data/gallery/" . $k, 0750); } View::picture($file['tmp_name'], "data/gallery/" . $k . "/" . preg_replace("/[^a-zA-Z0-9_\\.]/", "", basename($file['name'])), $s[0], $s[1], $k != $l, $s[0] < 256, self::$watermark, self::$maxSize, self::$minQuality); } } }
/** * INSTANTIATE DOMDocument * create or set a new Domdocument based upon a string or an already declared object **/ private static function _domxpath($path = false, $obj = false, $force = false, $create = false) { self::$_LDD = false; // check that DomDocument and DomXPath are available // we don't need to send an error since the Core::library will handle that. if (!class_exists('DomDocument') || !class_exists('DOMXPath')) { die; } // return if $_DOM is already declared and we're not forcing re-instantiation. if (self::$_DOM instanceof DomDocument && !$force) { return self::$_DOM; } // if no object is specified, instantiate a new one. if (!$obj) { self::$_DOM = new DomDocument(self::$_VER, self::$_CHR); self::$_DOM->preserveWhiteSpace = self::$_PWS; self::$_DOM->formatOutput = self::$_FOU; // if object provided is a valid instance, use it instead. } elseif ($obj instanceof DomDocument) { self::$_DOM = $obj; // we override force, so xpath will be reinstantiated again. $force = true; // if object isn't dom... show error. } else { Core::error('VARTYP', 'LIBTIT', array(__CLASS__, 'object', 'DomDocument')); } // if there's a path set it and load it. if ($path) { // we make sure the path is set correctly $path = self::path($path, $create, 3); // if the specified file doesn't exist, or the file exists // but it doesn't have a root element defined AND the function // needs a file to be created, do so. if ($create && (!file_exists($path) || !self::$_DOM->documentElement)) { self::$_DOM->appendChild(self::$_DOM->createElement('root')); self::save(false, false); self::$_LDD = true; // if we're not creating but the file already exists and has content on it, load it. } elseif (!$create && file_exists($path) && filesize($path) > 0) { self::$_DOM->load($path); self::$_LDD = true; } } // instantiate the domxpath object if (!self::$_XPT instanceof DOMXPath || $force) { self::$_XPT = new DOMXPath(self::$_DOM); } return self::$_DOM; }
public static function error($msg, $tit, $xtra = false) { // if debug is enabled show the error details if (self::$DBUG === true) { Core::error($msg, $tit, $xtra); } // or just send a plain error. Core::error(); }
/** * checks a database configuration array, and set its defaults. **/ private static function _checkconfig($dbname, $isdef = false) { // if not database name specified use array's name. if (!isset(self::$_DDB['name']) || !self::$_DDB['name']) { self::$_DDB['name'] = Arrays::key_first(self::$_DBS); } // if not hostname specified use localhost if (!isset(self::$_DDB['hostname']) || !self::$_DDB['hostname']) { self::$_DDB['hostname'] = 'localhost'; } // if not username or password is specified, send error. if (!isset(self::$_DDB['username']) || !self::$_DDB['username']) { Core::error('VARREQ', 'LIBTIT', array(__CLASS__, 'username')); } if (!isset(self::$_DDB['password']) || !self::$_DDB['password']) { Core::error('VARREQ', 'LIBTIT', array(__CLASS__, 'password')); } // self explanatory if (!isset(self::$_DDB['prefix'])) { self::$_DDB['prefix'] = ''; } if (!isset(self::$_DDB['driver']) || !self::$_DDB['driver']) { self::$_DDB['driver'] = 'mysql'; } if (!isset(self::$_DDB['pconnect']) || !is_bool(self::$_DDB['pconnect'])) { self::$_DDB['pconnect'] = true; } if (!isset(self::$_DDB['debug']) || !is_bool(self::$_DDB['debug'])) { self::$_DDB['debug'] = true; } if (!isset(self::$_DDB['cache']) || !is_bool(self::$_DDB['cache'])) { self::$_DDB['cache'] = false; } if (!isset(self::$_DDB['cachedir']) || !self::$_DDB['cachedir']) { self::$_DDB['cachedir'] = CACH; } if (!is_writable(self::$_DDB['cachedir'])) { Core::error('403DIR', 'LIBTIT', array(__CLASS__, 'cachedir')); } // detect charset and collation if necessary if (!isset(self::$_DDB['charset']) || !self::$_DDB['charset']) { self::$_DDB['charset'] = array_key_exists($chset, self::$_CHS) ? self::$_CHS[$chset][0] : ''; } if (!isset(self::$_DDB['collat']) || !self::$_DDB['collat']) { self::$_DDB['collat'] = array_key_exists($chset, self::$_CHS) ? self::$_CHS[$chset][1] : ''; } }
/** * Handle document upload * * @param file array */ static function uploadDocument($file) { if ($file['error'] == 4) { return; } if ($file['error'] != 0 || $file['size'] < 1) { Core::error(ucfirst(L('failed to upload file.'))); } else { move_uploaded_file($file['tmp_name'], "data/download/" . preg_replace("/[^a-zA-Z0-9_\\.]/", "", basename($file['name']))); } }
public function delete() { $id = Core::get_args(2) && is_int(intval(Core::get_args(2))) ? Core::get_args(2) : false; if ($id !== false) { $user_ctrl = Controller::load('user'); $auth = $user_ctrl->auth($this->name, 'delete'); /** Ensure the user is logged in */ if ($auth) { /** Load the model */ $model = Model::load($this->model); /** Retrieve the item the user wants to delete */ $item = $model->get(array('where' => array($model->getPrimaryKey() => $id))); if (is_array($item)) { $item = current($item); /** Attempt the delete operation */ if (isset($_GET['confirm']) && $_GET['confirm'] === 'true' && is_array($item)) { $result = $model->del(array('where' => array($model->getPrimaryKey() => $id))); if ($result) { Core::set_response($item); } else { Core::set_response(false); } } elseif (is_array($item)) { Core::set_response($item); } /** Display the result */ Core::display(); } else { /** Entry not found! */ Core::error('404'); } /** The user does not have permission to delete this entry. */ } else { Core::error('403'); } } else { Core::error('404'); } }
private static function _error($code, $var) { Core::error($code, 'LIBTIT', array(__CLASS__, $var)); }
/** * VALIDATE THE ROUTE * Validates the supplied segments. * Attempts to determine the path to the controller. **/ private static function _validate($segments = false) { // if no segments are specified we use the current class and method. if (!$segments) { $segments = array(self::$_CLS, self::$_MTD); } if (!is_array($segments)) { Core::error('ARRTYP', 'LIBTIT', array(__METHOD__, 'segments')); } // does the requested controller file exist? if (file_exists(CTRL . $segments[0] . EXT)) { return $segments; } // in a subfolder ? if (is_dir(CTRL . $segments[0])) { // Set the current dir and remove it from the array self::$_DIR = $segments[0]; $segments = array_slice($segments, 1); // does the requested controller file exists in subfolder? if (count($segments) > 0) { if (!file_exists(CTRL . self::$_DIR . '/' . $segments[0] . EXT)) { Core::error404(); } } else { if (!file_exists(CTRL . self::$_DIR . '/' . self::$_CTR . EXT)) { Core::error('RTRCTR', 'LIBTIT', __CLASS__); } // we set the default controller self::$_CLS = self::$_CTR; self::$_MTD = 'index'; } return $segments; } // if default controller doesn't exists throw an error instead of the 404. if (!file_exists(CTRL . self::$_CTR . EXT)) { Core::error('RTRCTR', 'LIBTIT', __CLASS__); } Core::error404(Uri::string()); }