/** * Take the specified parameters, and try to find the corresponding page, then execute a function to load the page (load_html_page/load_comcode_page). * * @param ID_TEXT The codename of the page to load * @param boolean Whether it is required for this page to exist (shows an error if it doesn't) -- otherwise, it will just return NULL * @param ?ID_TEXT The zone the page is being loaded in (NULL: as shown by access URL) * @param ?ID_TEXT The type of page - for if you know it (NULL: don't know it) * @param boolean Whether the page is being included from another * @param boolean Whether to not check for redirects (normally you would) * @return ?tempcode The page (NULL: no page) */ function request_page($codename, $required, $zone = NULL, $page_type = NULL, $being_included = false, $no_redirect_check = false) { global $SITE_INFO; if ($zone === NULL) { $zone = get_zone_name(); } global $REQUEST_PAGE_NEST_LEVEL; $REQUEST_PAGE_NEST_LEVEL++; if ($REQUEST_PAGE_NEST_LEVEL > 20) { $REQUEST_PAGE_NEST_LEVEL = 0; attach_message(do_lang_tempcode('STOPPED_RECURSIVE_RESOURCE_INCLUDE', $codename), 'warn'); return new ocp_tempcode(); } $details = persistant_cache_get(array('PAGE_INFO', $codename, $required, $zone)); if ($details === NULL || $details === false) { $details = _request_page($codename, $zone, $page_type, NULL, $no_redirect_check); persistant_cache_set(array('PAGE_INFO', $codename, $required, $zone), $details); } //if (rand(0,10)==1) @exit('!'.$zone.':'.$codename.'!'.$REQUEST_PAGE_NEST_LEVEL.chr(10)); // Run hooks, if any exist $hooks = find_all_hooks('systems', 'upon_page_load'); foreach (array_keys($hooks) as $hook) { require_code('hooks/systems/upon_page_load/' . filter_naughty($hook)); $ob = object_factory('upon_page_load' . filter_naughty($hook), true); if ($ob === NULL) { continue; } $ob->run($codename, $required, $zone, $page_type, $being_included, $details); } if ($details === false) { if ($required) { require_code('site2'); $ret = page_not_found($codename, $zone); $REQUEST_PAGE_NEST_LEVEL--; return $ret; } $REQUEST_PAGE_NEST_LEVEL--; return new ocp_tempcode(); } switch ($details[0]) { case 'MODULES_CUSTOM': $path = isset($details[3]) ? $details[3] : zone_black_magic_filterer($details[1] . ($details[1] == '' ? '' : '/') . 'pages/modules_custom/' . $details[2] . '.php', true); $ret = load_module_page($path, $details[2]); $REQUEST_PAGE_NEST_LEVEL--; return $ret; case 'MODULES': $path = isset($details[3]) ? $details[3] : zone_black_magic_filterer($details[1] . ($details[1] == '' ? '' : '/') . 'pages/modules/' . $details[2] . '.php', true); $ret = load_module_page($path, $details[2]); $REQUEST_PAGE_NEST_LEVEL--; return $ret; case 'COMCODE_CUSTOM': $path = isset($details[4]) ? $details[4] : zone_black_magic_filterer($details[1] . ($details[1] == '' ? '' : '/') . 'pages/comcode_custom/' . $details[3] . '/' . $details[2] . '.txt', true); if (isset($SITE_INFO['no_disk_sanity_checks']) && $SITE_INFO['no_disk_sanity_checks'] == '1' && get_custom_file_base() == get_file_base() || is_file(get_custom_file_base() . '/' . $path)) { $ret = load_comcode_page($path, $details[1], $details[2], get_custom_file_base(), $being_included); $REQUEST_PAGE_NEST_LEVEL--; return $ret; } // else roll on, as probably been deleted since persistent cache was filled // else roll on, as probably been deleted since persistent cache was filled case 'COMCODE_CUSTOM_PURE': $path = isset($details[4]) ? $details[4] : zone_black_magic_filterer($details[1] . ($details[1] == '' ? '' : '/') . 'pages/comcode_custom/' . $details[3] . '/' . $details[2] . '.txt', true); if (isset($SITE_INFO['no_disk_sanity_checks']) && $SITE_INFO['no_disk_sanity_checks'] == '1' || is_file(get_file_base() . '/' . $path)) { $ret = load_comcode_page($path, $details[1], $details[2], get_file_base(), $being_included); $REQUEST_PAGE_NEST_LEVEL--; return $ret; } // else roll on, as probably been deleted since persistent cache was filled // else roll on, as probably been deleted since persistent cache was filled case 'COMCODE': $path = isset($details[4]) ? $details[4] : zone_black_magic_filterer($details[1] . ($details[1] == '' ? '' : '/') . 'pages/comcode/' . $details[3] . '/' . $details[2] . '.txt', true); if (isset($SITE_INFO['no_disk_sanity_checks']) && $SITE_INFO['no_disk_sanity_checks'] == '1' || is_file(get_file_base() . '/' . $path)) { $ret = load_comcode_page($path, $details[1], $details[2], NULL, $being_included); $REQUEST_PAGE_NEST_LEVEL--; return $ret; } // else roll on, as probably been deleted since persistent cache was filled // else roll on, as probably been deleted since persistent cache was filled case 'HTML_CUSTOM': require_code('site_html_pages'); $path = isset($details[4]) ? $details[4] : zone_black_magic_filterer($details[1] . ($details[1] == '' ? '' : '/') . 'pages/html_custom/' . $details[3] . '/' . $details[2] . '.htm', true); $ret = make_string_tempcode(load_html_page($path)); $REQUEST_PAGE_NEST_LEVEL--; return $ret; case 'HTML': require_code('site_html_pages'); $path = isset($details[4]) ? $details[4] : zone_black_magic_filterer($details[1] . ($details[1] == '' ? '' : '/') . 'pages/html/' . $details[3] . '/' . $details[2] . '.htm', true); $ret = make_string_tempcode(load_html_page($path)); $REQUEST_PAGE_NEST_LEVEL--; return $ret; case 'MINIMODULES_CUSTOM': $path = isset($details[3]) ? $details[3] : zone_black_magic_filterer($details[1] . ($details[1] == '' ? '' : '/') . 'pages/minimodules_custom/' . $codename . '.php', true); $ret = load_minimodule_page($path); $REQUEST_PAGE_NEST_LEVEL--; return $ret; case 'MINIMODULES': $path = isset($details[3]) ? $details[3] : zone_black_magic_filterer($details[1] . ($details[1] == '' ? '' : '/') . 'pages/minimodules/' . $codename . '.php', true); $ret = load_minimodule_page($path); $REQUEST_PAGE_NEST_LEVEL--; return $ret; case 'REDIRECT': $redirect = $details[1]; if ($required) { global $REDIRECTED_TO; $REDIRECTED_TO = $redirect; } if (strpos($redirect['r_to_page'], ':') !== false) { $bits = page_link_decode($redirect['r_to_zone'] . ':' . $redirect['r_to_page']); } else { $bits = array($redirect['r_to_zone'], array('page' => $redirect['r_to_page'])); } // Transparent redirection? if ($redirect['r_is_transparent'] == 1) { if ($being_included && !has_page_access(get_member(), $redirect['r_to_page'], $redirect['r_to_zone'], true)) { access_denied('PAGE_ACCESS'); } foreach ($bits[1] as $key => $val) { if ($key != 'page') { $_GET[$key] = get_magic_quotes_gpc() ? addslashes($val) : $val; } } if ($redirect['r_to_page'] != $codename || $redirect['r_to_zone'] != $zone) { $ret = request_page($redirect['r_to_page'], $required, $redirect['r_to_zone'], NULL, $being_included, $redirect['r_is_transparent'] == 1); $REQUEST_PAGE_NEST_LEVEL--; return $ret; } } else { $title = get_page_title('REDIRECTING'); $url = build_url($bits[1], $redirect['r_to_zone'], NULL, true); header('HTTP/1.1 301 Moved Permanently'); $ret = redirect_screen($title, $url, do_lang_tempcode('REDIRECTED_LINK'), true); $REQUEST_PAGE_NEST_LEVEL--; return $ret; } } $REQUEST_PAGE_NEST_LEVEL--; return new ocp_tempcode(); // should never get here }
/** * Show a helpful access-denied page. Has a login ability if it senses that logging in could curtail the error. * * @param ID_TEXT The class of error (e.g. SPECIFIC_PERMISSION) * @param string The parameteter given to the error message * @param boolean Force the user to login (even if perhaps they are logged in already) */ function _access_denied($class, $param, $force_login) { $GLOBALS['HTTP_STATUS_CODE'] = '401'; if (!headers_sent()) { if (!browser_matches('ie') && strpos(ocp_srv('SERVER_SOFTWARE'), 'IIS') === false) { header('HTTP/1.0 401 Unauthorized'); } // Stop spiders ever storing the URL that caused this } require_lang('permissions'); require_lang('ocf_config'); $match_keys = $GLOBALS['SITE_DB']->query_select('match_key_messages', array('k_message', 'k_match_key')); global $M_SORT_KEY; $M_SORT_KEY = 'k_match_key'; usort($match_keys, 'strlen_sort'); $match_keys = array_reverse($match_keys); $message = NULL; foreach ($match_keys as $match_key) { if (match_key_match($match_key['k_match_key'])) { $message = get_translated_tempcode($match_key['k_message']); } } if (is_null($message)) { if (strpos($class, ' ') !== false) { $message = make_string_tempcode($class); } else { if ($class == 'SPECIFIC_PERMISSION') { $param = do_lang('PT_' . $param); } $message = do_lang_tempcode('ACCESS_DENIED__' . $class, escape_html($GLOBALS['FORUM_DRIVER']->get_username(get_member())), escape_html($param)); } } // Run hooks, if any exist $hooks = find_all_hooks('systems', 'upon_access_denied'); foreach (array_keys($hooks) as $hook) { require_code('hooks/systems/upon_access_denied/' . filter_naughty($hook)); $ob = object_factory('Hook_upon_access_denied_' . filter_naughty($hook), true); if (is_null($ob)) { continue; } $ob->run($class, $param, $force_login); } require_code('site'); log_stats('/access_denied', 0); if (is_guest() && (running_script('attachment') || running_script('dload') || $GLOBALS['NON_PAGE_SCRIPT'] == 0) || $force_login) { @ob_end_clean(); $redirect = get_self_url(true, true, array('page' => get_param('page', ''))); // We have to pass in 'page' because an access-denied situation tells get_page_name() (which get_self_url() relies on) that we are on page ''. $_GET['redirect'] = $redirect; $_GET['page'] = 'login'; $_GET['type'] = 'misc'; global $PAGE_NAME_CACHE; $PAGE_NAME_CACHE = 'login'; $middle = load_module_page(_get_module_path('', 'login'), 'login'); require_code('site'); attach_message($message, 'warn'); $echo = globalise($middle, NULL, '', true); $echo->evaluate_echo(); exit; } //if ($GLOBALS['FORUM_DRIVER']->is_super_admin(get_member())) fatal_exit($message); warn_exit($message); }