* Set to 0 to not match with IP address */ define('CVG_IP_MATCH', 1); require_once '../../initdata.php'; //=========================================================================== // MAIN PROGRAM //=========================================================================== define('IPS_CLASS_PATH', IPS_ROOT_PATH . 'sources/classes/'); require_once IPS_ROOT_PATH . 'sources/base/ipsRegistry.php'; require_once IPS_ROOT_PATH . 'sources/base/ipsController.php'; //----------------------------------------- // Set up cookie stuff //----------------------------------------- $registry = ipsRegistry::instance(); $registry->init(); IPSCookie::$sensitive_cookies = array('session_id', 'ipb_admin_session_id', 'member_id', 'pass_hash'); //-------------------------------- // Set up our vars //-------------------------------- $registry->DB()->obj['use_shutdown'] = 0; //-------------------------------- // Set debug mode //-------------------------------- $registry->DB()->setDebugMode(ipsRegistry::$settings['sql_debug'] == 1 ? intval($_GET['debug']) : 0); //=========================================================================== // Create the XML-RPC Server //=========================================================================== require_once IPS_KERNEL_PATH . 'classApiServer.php'; $server = new classApiServer(); $api = $server->decodeRequest(); //===========================================================================
/** * Initiate the registry * * @return mixed false or void */ public static function init() { $INFO = array(); $_ipsPowerSettings = array(); if (self::$initiated === TRUE) { return FALSE; } self::$initiated = TRUE; /* Load static classes */ require IPS_ROOT_PATH . "sources/base/core.php"; /*noLibHook*/ require IPS_ROOT_PATH . "sources/base/ipsMember.php"; /*noLibHook*/ /* Debugging notices? */ if (defined('IPS_ERROR_CAPTURE') and IPS_ERROR_CAPTURE !== FALSE) { @error_reporting(E_ALL | E_NOTICE); @set_error_handler("IPSDebug::errorHandler"); } /* Load core variables */ self::_loadCoreVariables(); /* Load config file */ if (is_file(DOC_IPS_ROOT_PATH . 'conf_global.php')) { require DOC_IPS_ROOT_PATH . 'conf_global.php'; /*noLibHook*/ if (is_array($INFO)) { foreach ($INFO as $key => $val) { ipsRegistry::$settings[$key] = str_replace('\', '\\', $val); } } } /* Load secret sauce */ if (is_array($_ipsPowerSettings)) { ipsRegistry::$settings = array_merge($_ipsPowerSettings, ipsRegistry::$settings); } /* Make sure we're installed */ if (empty($INFO['sql_database'])) { /* Quick PHP version check */ if (!version_compare(MIN_PHP_VERS, PHP_VERSION, '<=')) { print "You must be using PHP " . MIN_PHP_VERS . " or better. You are currently using: " . PHP_VERSION; exit; } $host = $_SERVER['HTTP_HOST'] ? $_SERVER['HTTP_HOST'] : @getenv('HTTP_HOST'); $self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : @getenv('PHP_SELF'); if (IPS_AREA == 'admin') { @header("Location: http://" . $host . rtrim(dirname($self), '/\\') . "/install/index.php"); } else { if (!defined('CP_DIRECTORY')) { define('CP_DIRECTORY', 'admin'); } @header("Location: http://" . $host . rtrim(dirname($self), '/\\') . "/" . CP_DIRECTORY . "/install/index.php"); } } /* Switch off dev mode you idjit */ if (!defined('IN_DEV')) { define('IN_DEV', 0); } /* Shell defined? */ if (!defined('IPS_IS_SHELL')) { define('IPS_IS_SHELL', FALSE); } /* If this wasn't defined in the gateway file... */ if (!defined('ALLOW_FURLS')) { define('ALLOW_FURLS', ipsRegistry::$settings['use_friendly_urls'] ? TRUE : FALSE); } if (!defined('IPS_IS_MOBILE_APP')) { define('IPS_IS_MOBILE_APP', false); } /** * File and folder permissions */ if (!defined('IPS_FILE_PERMISSION')) { define('IPS_FILE_PERMISSION', 0777); } if (!defined('IPS_FOLDER_PERMISSION')) { define('IPS_FOLDER_PERMISSION', 0777); } /* Set it again incase a gateway turned it off */ ipsRegistry::$settings['use_friendly_urls'] = ALLOW_FURLS; /* Start timer */ IPSDebug::startTimer(); /* Cookies... */ IPSCookie::$sensitive_cookies = array('session_id', 'admin_session_id', 'member_id', 'pass_hash'); /* INIT DB */ self::$handles['db'] = ips_DBRegistry::instance(); /* Set DB */ self::$handles['db']->setDB(ipsRegistry::$settings['sql_driver']); /* Input set up... */ if (is_array($_POST) and count($_POST)) { foreach ($_POST as $key => $value) { # Skip post arrays if (!is_array($value)) { $_POST[$key] = IPSText::stripslashes($value); } } } //----------------------------------------- // Clean globals, first. //----------------------------------------- IPSLib::cleanGlobals($_GET); IPSLib::cleanGlobals($_POST); IPSLib::cleanGlobals($_COOKIE); IPSLib::cleanGlobals($_REQUEST); # GET first $input = IPSLib::parseIncomingRecursively($_GET, array()); # Then overwrite with POST self::$request = IPSLib::parseIncomingRecursively($_POST, $input); # Fix some notices if (!isset(self::$request['module'])) { self::$request['module'] = ''; } if (!isset(self::$request['section'])) { self::$request['section'] = ''; } # Assign request method self::$request['request_method'] = strtolower(my_getenv('REQUEST_METHOD')); /* Define some constants */ define('IPS_IS_TASK', (isset(self::$request['module']) and self::$request['module'] == 'task' and self::$request['app'] == 'core') ? TRUE : FALSE); define('IPS_IS_AJAX', (isset(self::$request['module']) and self::$request['module'] == 'ajax') ? TRUE : FALSE); /* First pass of app set up. Needs to be BEFORE caches and member are set up */ self::_fUrlInit(); self::_manageIncomingURLs(); /* _manageIncomingURLs MUST be called first!!! */ self::_setUpAppData(); /* Load app / coreVariables.. must be called after app Data */ self::_loadAppCoreVariables(IPS_APP_COMPONENT); /* Must be called after _manageIncomingURLs */ self::$handles['db']->getDB()->setDebugMode(IPS_SQL_DEBUG_MODE ? isset($_GET['debug']) ? intval($_GET['debug']) : 0 : 0); /* Get caches */ self::$handles['caches'] = ips_CacheRegistry::instance(); /* Make sure all is well before we proceed */ try { self::instance()->setUpSettings(); } catch (Exception $e) { print file_get_contents(IPS_CACHE_PATH . 'cache/skin_cache/settingsEmpty.html'); exit; } /* Reset database log file paths to cache path */ self::$handles['db']->resetLogPaths(); /* Just in case they copy a space in the license... */ ipsRegistry::$settings['ipb_reg_number'] = trim(ipsRegistry::$settings['ipb_reg_number']); /* Bah, now let's go over any input cleaning routines that have settings *sighs* */ self::$request = IPSLib::postParseIncomingRecursively(self::$request); /* Set up dummy member class to prevent errors if cache rebuild required */ self::$handles['member'] = ips_MemberRegistryDummy::instance(); /* Build module and application caches */ self::instance()->checkCaches(); /* Set up app specific redirects. Must be called before member/sessions setup */ self::_parseAppResets(); /* Re-assign member */ unset(self::$handles['member']); self::$handles['member'] = ips_MemberRegistry::instance(); /* Load other classes */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/class_localization.php', 'class_localization'); self::instance()->setClass('class_localization', new $classToLoad(self::instance())); $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/class_public_permissions.php', 'classPublicPermissions'); self::instance()->setClass('permissions', new $classToLoad(self::instance())); /* Must be called before output initiated */ self::getAppClass(IPS_APP_COMPONENT); if (IPS_AREA == 'admin') { require_once IPS_ROOT_PATH . 'sources/classes/output/publicOutput.php'; /*noLibHook*/ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/output/adminOutput.php', 'adminOutput'); self::instance()->setClass('output', new $classToLoad(self::instance())); $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . "sources/classes/class_admin_functions.php", 'adminFunctions'); self::instance()->setClass('adminFunctions', new $classToLoad(self::instance())); $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/class_permissions.php', 'class_permissions'); self::instance()->setClass('class_permissions', new $classToLoad(self::instance())); /* Do stuff that needs both adminFunctions and output initiated */ self::instance()->getClass('adminFunctions')->postOutputInit(); } else { $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/output/publicOutput.php', 'output'); self::instance()->setClass('output', new $classToLoad(self::instance(), TRUE)); register_shutdown_function(array('ipsRegistry', '__myDestruct')); } /* Post member processing */ self::$handles['member']->postOutput(); /* Add SEO templates to the output system */ self::instance()->getClass('output')->seoTemplates = self::$_seoTemplates; //----------------------------------------- // Sort out report center early, so counts // and cache is right //----------------------------------------- $memberData =& self::$handles['member']->fetchMemberData(); $memberData['showReportCenter'] = false; $member_group_ids = array($memberData['member_group_id']); $member_group_ids = array_diff(array_merge($member_group_ids, explode(',', $memberData['mgroup_others'])), array('')); $report_center = array_diff(explode(',', ipsRegistry::$settings['report_mod_group_access']), array('')); foreach ($report_center as $groupId) { if (in_array($groupId, $member_group_ids)) { $memberData['showReportCenter'] = true; break; } } if ($memberData['showReportCenter']) { $memberData['access_report_center'] = true; $memberCache = $memberData['_cache']; $reportsCache = self::$handles['caches']->getCache('report_cache'); if (!$memberCache['report_last_updated'] || $memberCache['report_last_updated'] < $reportsCache['last_updated']) { $classToLoad = IPSLib::loadLibrary(IPSLib::getAppDir('core') . '/sources/classes/reportLibrary.php', 'reportLibrary'); $reports = new $classToLoad(ipsRegistry::instance()); $totalReports = $reports->rebuildMemberCacheArray(); $memberCache['report_num'] = $totalReports; $memberData['_cache'] = $memberCache; } } /* More set up */ self::_finalizeAppData(); /* Finish fURL stuffs */ self::_fUrlComplete(); self::instance()->getClass('class_localization')->loadLanguageFile(array('public_global'), 'core'); if (IPS_AREA == 'admin') { $validationStatus = self::member()->sessionClass()->getStatus(); $validationMessage = self::member()->sessionClass()->getMessage(); if (ipsRegistry::$request['module'] != 'login' and !$validationStatus) { //----------------------------------------- // Force log in //----------------------------------------- if (ipsRegistry::$request['module'] == 'ajax') { @header("Content-type: application/json;charset=" . IPS_DOC_CHAR_SET); print json_encode(array('error' => self::instance()->getClass('class_localization')->words['acp_sessiontimeout'], '__session__expired__log__out__' => 1)); exit; } elseif (ipsRegistry::$settings['logins_over_https'] && (empty($_SERVER['HTTPS']) or $_SERVER['HTTPS'] != 'on')) { /* Bug 38301 */ ipsRegistry::getClass('output')->silentRedirect(str_replace('http://', 'https://', ipsRegistry::$settings['this_url'])); return; } else { ipsRegistry::$request['module'] = 'login'; ipsRegistry::$request['core'] = 'login'; $classToLoad = IPSLib::loadActionOverloader(IPSLib::getAppDir('core') . "/modules_admin/login/manualResolver.php", 'admin_core_login_manualResolver'); $runme = new $classToLoad(self::instance()); $runme->doExecute(self::instance()); exit; } } } else { if (IPS_AREA == 'public') { /* Set up member */ self::$handles['member']->finalizePublicMember(); /* Proper no cache key <update:1> */ ipsRegistry::$settings['noCacheKey'] = md5('$Rev: 12261 $'); /* Are we banned: Via IP Address? */ if (IPSMember::isBanned('ipAddress', self::$handles['member']->ip_address) === TRUE) { self::instance()->getClass('output')->showError('you_are_banned', 2000, true, null, 403); } /* Are we banned: By DB */ if (self::$handles['member']->getProperty('member_banned') == 1 or self::$handles['member']->getProperty('temp_ban')) { /* Don't show this message if we're viewing the warn log */ if (ipsRegistry::$request['module'] != 'ajax' or ipsRegistry::$request['section'] != 'warnings') { self::getClass('class_localization')->loadLanguageFile('public_error', 'core'); $message = ''; if (self::$handles['member']->getProperty('member_banned')) { $message = self::getClass('class_localization')->words['no_view_board_b']; } else { $ban_arr = IPSMember::processBanEntry(self::$handles['member']->getProperty('temp_ban')); /* No longer banned */ if (time() >= $ban_arr['date_end']) { self::DB()->update('members', array('temp_ban' => ''), 'member_id=' . self::$handles['member']->getProperty('member_id')); } else { $message = sprintf(self::getClass('class_localization')->words['account_susp'], self::getClass('class_localization')->getDate($ban_arr['date_end'], 'LONG', 1)); } } /* Get anything? */ if ($message) { $warn = ipsRegistry::DB()->buildAndFetch(array('select' => '*', 'from' => 'members_warn_logs', 'where' => 'wl_member=' . self::$handles['member']->getProperty('member_id') . ' AND wl_suspend<>0 AND wl_suspend<>-2', 'order' => 'wl_date DESC', 'limit' => 1)); if ($warn['wl_id'] and ipsRegistry::$settings['warn_show_own']) { $moredetails = "<a href='javascript:void(0);' onclick='warningPopup( this, {$warn['wl_id']} );'>" . self::getClass('class_localization')->words['warnings_moreinfo'] . "</a>"; } self::instance()->getClass('output')->showError("{$message} {$moredetails}", 1001, true, null, 403); } } } /* Check server load */ if (ipsRegistry::$settings['load_limit'] > 0) { $server_load = IPSDebug::getServerLoad(); if ($server_load) { $loadinfo = explode("-", $server_load); if (count($loadinfo)) { self::$server_load = $loadinfo[0]; if (self::$server_load > ipsRegistry::$settings['load_limit']) { self::instance()->getClass('output')->showError('server_too_busy', 2001); } } } } /* Specific Ajax Check */ if (IPS_IS_AJAX and ipsRegistry::$request['section'] != 'warnings') { if (self::$handles['member']->getProperty('g_view_board') != 1 || ipsRegistry::$settings['board_offline'] && !self::$handles['member']->getProperty('g_access_offline')) { @header("Content-type: application/json;charset=" . IPS_DOC_CHAR_SET); print json_encode(array('error' => 'no_permission', '__board_offline__' => 1)); exit; } } /* Other public check */ if (IPB_THIS_SCRIPT == 'public' and IPS_ENFORCE_ACCESS === FALSE and (ipsRegistry::$request['section'] != 'login' and ipsRegistry::$request['section'] != 'lostpass' and IPS_IS_AJAX === FALSE and ipsRegistry::$request['section'] != 'rss' and ipsRegistry::$request['section'] != 'attach' and ipsRegistry::$request['module'] != 'task' and ipsRegistry::$request['section'] != 'captcha')) { //----------------------------------------- // Permission to see the board? //----------------------------------------- if (self::$handles['member']->getProperty('g_view_board') != 1) { self::getClass('output')->showError('no_view_board', 1000, null, null, 403); } //-------------------------------- // Is the board offline? //-------------------------------- if (ipsRegistry::$settings['board_offline'] == 1 and !IPS_IS_SHELL) { if (self::$handles['member']->getProperty('g_access_offline') != 1) { ipsRegistry::$settings['no_reg'] = 1; self::getClass('output')->showBoardOffline(); } } //----------------------------------------- // Do we have a display name? //----------------------------------------- if (!(ipsRegistry::$request['section'] == 'register' and (ipsRegistry::$request['do'] == 'complete_login' or ipsRegistry::$request['do'] == 'complete_login_do'))) { if (!self::$handles['member']->getProperty('members_display_name')) { $pmember = self::DB()->buildAndFetch(array('select' => '*', 'from' => 'members_partial', 'where' => "partial_member_id=" . self::$handles['member']->getProperty('member_id'))); if (!$pmember['partial_member_id']) { $pmember = array('partial_member_id' => self::$handles['member']->getProperty('member_id'), 'partial_date' => time(), 'partial_email_ok' => self::$handles['member']->getProperty('email') == self::$handles['member']->getProperty('name') . '@' . self::$handles['member']->getProperty('joined') ? 0 : 1); self::DB()->insert('members_partial', $pmember); $pmember['partial_id'] = self::DB()->getInsertId(); } self::instance()->getClass('output')->silentRedirect(ipsRegistry::$settings['base_url'] . 'app=core&module=global§ion=register&do=complete_login&mid=' . self::$handles['member']->getProperty('member_id') . '&key=' . $pmember['partial_date']); } } //-------------------------------- // Is log in enforced? //-------------------------------- if (!(defined('IPS_IS_SHELL') && IPS_IS_SHELL === TRUE) && (!IPS_IS_MOBILE_APP && self::$handles['member']->getProperty('member_group_id') == ipsRegistry::$settings['guest_group'] and ipsRegistry::$settings['force_login'] == 1 && !in_array(ipsRegistry::$request['section'], array('register', 'privacy', 'unsubscribe')))) { if (ipsRegistry::$settings['logins_over_https'] and (!$_SERVER['HTTPS'] or $_SERVER['HTTPS'] != 'on')) { //----------------------------------------- // Set referrer //----------------------------------------- if (!my_getenv('HTTP_REFERER') or stripos(my_getenv('HTTP_REFERER'), ipsRegistry::$settings['board_url']) === false) { $http_referrer = (strtolower($_SERVER['HTTPS']) == 'on' ? "https://" : "http://") . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; } else { $http_referrer = my_getenv('HTTP_REFERER'); } self::instance()->getClass('output')->silentRedirect(str_replace('http://', 'https://', ipsRegistry::$settings['base_url']) . 'app=core&module=global§ion=login&referer=' . urlencode($http_referrer)); } ipsRegistry::$request['app'] = 'core'; ipsRegistry::$request['module'] = 'login'; ipsRegistry::$request['core'] = 'login'; ipsRegistry::$request['referer'] = ipsRegistry::$request['referer'] ? ipsRegistry::$request['referer'] : (strtolower($_SERVER['HTTPS']) == 'on' ? "https://" : "http://") . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; if (is_file(DOC_IPS_ROOT_PATH . '/' . PUBLIC_DIRECTORY . '/style_css/' . ipsRegistry::getClass('output')->skin['_csscacheid'] . '/ipb_login_register.css')) { ipsRegistry::getClass('output')->addToDocumentHead('importcss', ipsRegistry::$settings['css_base_url'] . 'style_css/' . ipsRegistry::getClass('output')->skin['_csscacheid'] . '/ipb_login_register.css'); } $classToLoad = IPSLib::loadActionOverloader(IPSLib::getAppDir('core') . "/modules_public/global/login.php", 'public_core_global_login'); $runme = new $classToLoad(self::instance()); $runme->doExecute(self::instance()); exit; } } /* Have we entered an incorrect FURL that has no match? */ if (ipsRegistry::$settings['use_friendly_urls'] and self::$_noFurlMatch === true) { self::getClass('output')->showError('incorrect_furl', 404, null, null, 404); } else { if (isset(ipsRegistry::$request['act']) and ipsRegistry::$request['act'] == 'rssout') { self::getClass('output')->showError('incorrect_furl', 404, null, null, 404); } } /* Track search engine visits */ if (!IPS_IS_TASK and $_SERVER['HTTP_REFERER']) { seoTracker::track($_SERVER['HTTP_REFERER'], self::$settings['query_string_real'], self::$handles['member']->getProperty('member_id')); } } } IPSDebug::setMemoryDebugFlag("Registry initialized"); }