function initialize()
{
require_once "settings.php";
$settings = $GLOBALS['settings'];
# we define some preferences, later these could be
# user specific or stored in a cookie or something
$prefs = array('perpage' => 1000);
if (isset($settings['prefs'])) {
$prefs = array_merge($prefs, $settings['prefs']);
}
# if
# helper functions for passed variables
$req = new SpotReq();
$req->initialize();
# gather the current page
$GLOBALS['site']['page'] = $req->getDef('page', 'index');
if (array_search($GLOBALS['site']['page'], array('index', 'catsjson', 'getnzb', 'getspot')) === false) {
$GLOBALS['site']['page'] = 'index';
}
# if
# and put them in an encompassing site object
$GLOBALS['site']['req'] = $req;
$GLOBALS['site']['settings'] = $settings;
$GLOBALS['site']['prefs'] = $prefs;
$GLOBALS['site']['pagetitle'] = 'SpotWeb - ';
}
function escape($var, $escapeType)
{
if (is_array($var)) {
foreach ($var as $key => $value) {
$var[$key] = SpotReq::escape($value, $escapeType);
}
return $var;
} else {
// and start escaping
switch ($escapeType) {
case 'html':
return htmlspecialchars($var);
break;
default:
die('Unknown escape type: ' . $escapeType);
}
# switch
}
#else
}
} # foreach
$db->addSpot($mappedSpot, $mappedSpot);
} # while
$db->commitTransaction();
fclose($fp);
}
catch(Exception $x) {
die("Error importing data: " . $x->getMessage() . PHP_EOL);
} # catch
exit;
} # import
$req = new SpotReq();
$req->initialize();
if ($req->getDef('output', '') == 'xml') {
echo "<xml>";
} # if
try {
$db = new SpotDb($settings['db']);
$db->connect();
}
catch(Exception $x) {
die("Unable to connect to database: " . $x->getMessage() . PHP_EOL);
} # catch
## Als we forceren om de "already running" check te bypassen, doe dat dan
/**
* Instantiate an Request object
*
* @param Services_Settings_Container $settings
* @return SpotReq
*/
private function getSpotReq(Services_Settings_Container $settings)
{
$req = new SpotReq();
$req->initialize($settings);
return $req;
}
die("Unable to connect to database: " . $x->getMessage() . PHP_EOL);
}
# catch
# Controleer dat we niet een schema upgrade verwachten
if (!$db->schemaValid()) {
die("Database schema is gewijzigd, draai upgrade-db.php aub" . PHP_EOL);
}
# if
# Creer het settings object
$settings = SpotSettings::singleton($db, $settings);
# Controleer eerst of de settings versie nog wel geldig zijn
if (!$settings->settingsValid()) {
die("Globale settings zijn gewijzigd, draai upgrade-db.php aub" . PHP_EOL);
}
# if
$req = new SpotReq();
$req->initialize($settings);
# We willen alleen uitgevoerd worden door een user die dat mag als
# we via de browser aangeroepen worden. Via console halen we altijd
# het admin-account op
$spotUserSystem = new SpotUserSystem($db, $settings);
if (isset($_SERVER['SERVER_PROTOCOL'])) {
# Vraag de API key op die de gebruiker opgegeven heeft
$apiKey = $req->getDef('apikey', '');
$userSession = $spotUserSystem->verifyApi($apiKey);
if ($userSession == false || !$userSession['security']->allowed(SpotSecurity::spotsec_retrieve_spots, '')) {
die("Access denied");
}
# if
} else {
$userSession['user'] = $db->getUser(SPOTWEB_ADMIN_USERID);
die("Unable to connect to database: " . $x->getMessage() . PHP_EOL);
}
# catch
# Creer het settings object
$settings = SpotSettings::singleton($db, $settings);
# Controleer dat we niet een schema upgrade verwachten
if (!$settings->schemaValid()) {
die("Database schema has been changed, please run upgrade-db.php" . PHP_EOL);
}
# if
# Controleer eerst of de settings versie nog wel geldig zijn
if (!$settings->settingsValid()) {
die("Global settings have been changed, please run upgrade-db.php" . PHP_EOL);
}
# if
$req = new SpotReq();
$req->initialize($settings);
# We willen alleen uitgevoerd worden door een user die dat mag als
# we via de browser aangeroepen worden. Via console halen we altijd
# het admin-account op
$spotUserSystem = new SpotUserSystem($db, $settings);
if (!SpotCommandline::isCommandline()) {
# Vraag de API key op die de gebruiker opgegeven heeft
$apiKey = $req->getDef('apikey', '');
$userSession = $spotUserSystem->verifyApi($apiKey);
if ($userSession == false || !$userSession['security']->allowed(SpotSecurity::spotsec_retrieve_spots, '')) {
die("Access denied");
}
# if
# Add the user's ip addres, we need it for sending notifications
$userSession['session'] = array('ipaddr' => '');
require_once "lib/page/SpotPage_getnzbmobile.php";
require_once "lib/page/SpotPage_getspot.php";
require_once "lib/page/SpotPage_catsjson.php";
require_once "lib/page/SpotPage_erasedls.php";
require_once "lib/page/SpotPage_getimage.php";
require_once "lib/page/SpotPage_getspotmobile.php";
require_once "lib/page/SpotPage_markallasread.php";
require_once "lib/page/SpotPage_getimage.php";
require_once "lib/page/SpotPage_selecttemplate.php";
#- main() -#
try {
# database object
$db = new SpotDb($settings['db']);
$db->connect();
# helper functions for passed variables
$req = new SpotReq();
$req->initialize();
$page = $req->getDef('page', 'index');
if (array_search($page, array('index', 'catsjson', 'getnzb', 'getnzbmobile', 'getspotmobile', 'getspot', 'erasedls', 'markallasread', 'getimage', 'selecttemplate')) === false) {
$page = 'index';
}
# if
switch ($page) {
case 'getspot':
$page = new SpotPage_getspot($db, $settings, $settings['prefs'], $req->getDef('messageid', ''));
$page->render();
break;
# getspot
# getspot
case 'getnzb':
$page = new SpotPage_getnzb($db, $settings, $settings['prefs'], array('messageid' => $req->getDef('messageid', ''), 'action' => $req->getDef('action', 'display')));
require_once "lib/SpotDb.php";
require_once "lib/SpotReq.php";
require_once "SpotParser.php";
require_once "SpotNntp.php";
require_once "lib/retriever/SpotRetriever_Spots.php";
require_once "lib/retriever/SpotRetriever_Comments.php";
# in safe mode, max execution time cannot be set, warn the user
if (ini_get('safe_mode')) {
echo "WARNING: PHP safemode is enabled, maximum execution cannot be reset! Turn off safemode if this causes problems\r\n\r\n";
}
# if
if (!isset($settings['retrieve_increment'])) {
echo "WARNING: Parameter retrieve_increment is missing in settings.php, please add and run again.";
die;
}
$req = new SpotReq();
$req->initialize();
if ($req->getDef('output', '') == 'xml') {
echo "<xml>";
}
# if
try {
$db = new SpotDb($settings['db']);
$db->connect();
} catch (Exception $x) {
die("Unable to connect to database: " . $x->getMessage() . "\r\n");
}
# catch
## Als we forceren om de "already running" check te bypassen, doe dat dan
if ($argc > 1 && $argv[1] == '--force') {
$db->setRetrieverRunning($settings['nntp_hdr']['host'], false);
function setUserId($i)
{
self::$_userid = $i;
}
/*
* Because users are asked to modify ownsettings.php themselves, it is
* possible they create a mistake and accidentally create output from it.
*
* This output breaks a lot of stuff like download integration, image generation
* and more.
*
* We try to check if any output has been submitted, and if so, we refuse
* to continue to prevent all sorts of confusing bug reports
*/
if (headers_sent() || (int) ob_get_length() > 0) {
throw new OwnsettingsCreatedOutputException();
}
# if
# helper functions for passed variables
$req = new SpotReq();
$req->initialize($settings);
$page = $req->getDef('page', 'index');
# Retrieve the users object of the user which is logged on
SpotTiming::start('auth');
$spotUserSystem = new SpotUserSystem($db, $settings);
if ($req->doesExist('apikey')) {
$currentSession = $spotUserSystem->verifyApi($req->getDef('apikey', ''));
} else {
$currentSession = $spotUserSystem->useOrStartSession(false);
}
# if
/*
* If three is no user object, we don't have a security system
* either. Without a security system we cannot boot, so fatal
*/
if (!$settings->get('enable_timing')) {
SpotTiming::disable();
} # if
# Controleer eerst of het schema nog wel geldig is
if (!$db->schemaValid()) {
die("Database schema is gewijzigd, draai upgrade-db.php aub" . PHP_EOL);
} # if
# Controleer eerst of de settings versie nog wel geldig zijn
if (!$settings->settingsValid()) {
die("Globale settings zijn gewijzigd, draai upgrade-db.php aub" . PHP_EOL);
} # if
# helper functions for passed variables
$req = new SpotReq();
$req->initialize($settings);
$page = $req->getDef('page', 'index');
# Haal het userobject op dat 'ingelogged' is
SpotTiming::start('auth');
$spotUserSystem = new SpotUserSystem($db, $settings);
if ($req->doesExist('apikey')) {
$currentSession = $spotUserSystem->verifyApi($req->getDef('apikey', ''));
} else {
$currentSession = $spotUserSystem->useOrStartSession();
} # if
/* Zonder userobject ook geen security systeem, dus dit is altijd fatal */
if ($currentSession === false) {
} # catch
# Controleer dat we niet een schema upgrade verwachten
if (!$db->schemaValid()) {
die("Database schema is gewijzigd, draai upgrade-db.php aub" . PHP_EOL);
} # if
# Creer het settings object
$settings = SpotSettings::singleton($db, $settings);
# Controleer eerst of de settings versie nog wel geldig zijn
if (!$settings->settingsValid()) {
die("Globale settings zijn gewijzigd, draai upgrade-db.php aub" . PHP_EOL);
} # if
$req = new SpotReq();
$req->initialize($settings);
# We willen alleen uitgevoerd worden door een user die dat mag als
# we via de browser aangeroepen worden. Via console halen we altijd
# het admin-account op
$spotUserSystem = new SpotUserSystem($db, $settings);
if (isset($_SERVER['SERVER_PROTOCOL'])) {
# Vraag de API key op die de gebruiker opgegeven heeft
$apiKey = $req->getDef('apikey', '');
$userSession = $spotUserSystem->verifyApi($apiKey);
if (($userSession == false) || (!$userSession['security']->allowed(SpotSecurity::spotsec_retrieve_spots, ''))) {
die("Access denied");
} # if
function generateXsrfCookie($action)
{
return SpotReq::generateXsrfCookie($action);
}
# if
# Controleer eerst of de settings versie nog wel geldig zijn
if (!$settings->settingsValid()) {
die("Globale settings zijn gewijzigd, draai upgrade-db.php aub" . PHP_EOL);
}
# if
# Controleer dat er nergens iets mis staat in de ownsettings.php oid dat output
# genereerd. Als er output buffering toegepast wordt door PHP dan is deze check niet
# voldoende. ob_get_length() geeft false terug als er geen outputbuffering actief is,
# of anders 0 als er nog geen headers verstuurd zijn.
if (headers_sent() || (int) ob_get_length() > 0) {
die("ownsettings.php geeft al output, zorg dat je ownsettings.php niet afgesloten is met ?> en dat er niets staat voor de openingstag." . PHP_EOL);
}
# if
# helper functions for passed variables
$req = new SpotReq();
$req->initialize($settings);
$page = $req->getDef('page', 'index');
# Haal het userobject op dat 'ingelogged' is
SpotTiming::start('auth');
$spotUserSystem = new SpotUserSystem($db, $settings);
if ($req->doesExist('apikey')) {
$currentSession = $spotUserSystem->verifyApi($req->getDef('apikey', ''));
} else {
$currentSession = $spotUserSystem->useOrStartSession();
}
# if
/* Zonder userobject ook geen security systeem, dus dit is altijd fatal */
if ($currentSession === false) {
if ($req->doesExist('apikey')) {
throw new Exception("API Key Incorrect");
function initialize($settings) {
self::$_merged = array_merge($_POST, $_GET);
self::$_xsrfsecret = $settings->get('xsrfsecret');
self::$_settings = $settings;
}
