function initialize() { require_once "settings.php"; $settings = $GLOBALS['settings']; # we define some preferences, later these could be # user specific or stored in a cookie or something $prefs = array('perpage' => 1000); if (isset($settings['prefs'])) { $prefs = array_merge($prefs, $settings['prefs']); } # if # helper functions for passed variables $req = new SpotReq(); $req->initialize(); # gather the current page $GLOBALS['site']['page'] = $req->getDef('page', 'index'); if (array_search($GLOBALS['site']['page'], array('index', 'catsjson', 'getnzb', 'getspot')) === false) { $GLOBALS['site']['page'] = 'index'; } # if # and put them in an encompassing site object $GLOBALS['site']['req'] = $req; $GLOBALS['site']['settings'] = $settings; $GLOBALS['site']['prefs'] = $prefs; $GLOBALS['site']['pagetitle'] = 'SpotWeb - '; }
} # while $db->commitTransaction(); fclose($fp); } catch(Exception $x) { die("Error importing data: " . $x->getMessage() . PHP_EOL); } # catch exit; } # import $req = new SpotReq(); $req->initialize(); if ($req->getDef('output', '') == 'xml') { echo "<xml>"; } # if try { $db = new SpotDb($settings['db']); $db->connect(); } catch(Exception $x) { die("Unable to connect to database: " . $x->getMessage() . PHP_EOL); } # catch ## Als we forceren om de "already running" check te bypassen, doe dat dan if ((isset($argc)) && ($argc > 1) && ($argv[1] == '--force')) { $db->setRetrieverRunning($settings['nntp_hdr']['host'], false); } # if
# Creer het settings object $settings = SpotSettings::singleton($db, $settings); # Controleer eerst of de settings versie nog wel geldig zijn if (!$settings->settingsValid()) { die("Globale settings zijn gewijzigd, draai upgrade-db.php aub" . PHP_EOL); } # if $req = new SpotReq(); $req->initialize($settings); # We willen alleen uitgevoerd worden door een user die dat mag als # we via de browser aangeroepen worden. Via console halen we altijd # het admin-account op $spotUserSystem = new SpotUserSystem($db, $settings); if (isset($_SERVER['SERVER_PROTOCOL'])) { # Vraag de API key op die de gebruiker opgegeven heeft $apiKey = $req->getDef('apikey', ''); $userSession = $spotUserSystem->verifyApi($apiKey); if ($userSession == false || !$userSession['security']->allowed(SpotSecurity::spotsec_retrieve_spots, '')) { die("Access denied"); } # if } else { $userSession['user'] = $db->getUser(SPOTWEB_ADMIN_USERID); $userSession['security'] = new SpotSecurity($db, $settings, $userSession['user']); } # if if ($req->getDef('output', '') == 'xml') { echo "<xml>"; } # if # We vragen de nntp_hdr settings alvast op
} # if # Controleer eerst of de settings versie nog wel geldig zijn if (!$settings->settingsValid()) { die("Global settings have been changed, please run upgrade-db.php" . PHP_EOL); } # if $req = new SpotReq(); $req->initialize($settings); # We willen alleen uitgevoerd worden door een user die dat mag als # we via de browser aangeroepen worden. Via console halen we altijd # het admin-account op $spotUserSystem = new SpotUserSystem($db, $settings); if (!SpotCommandline::isCommandline()) { # Vraag de API key op die de gebruiker opgegeven heeft $apiKey = $req->getDef('apikey', ''); $userSession = $spotUserSystem->verifyApi($apiKey); if ($userSession == false || !$userSession['security']->allowed(SpotSecurity::spotsec_retrieve_spots, '')) { die("Access denied"); } # if # Add the user's ip addres, we need it for sending notifications $userSession['session'] = array('ipaddr' => ''); } else { $userSession['user'] = $db->getUser(SPOTWEB_ADMIN_USERID); $userSession['security'] = new SpotSecurity($db, $settings, $userSession['user'], ''); $userSession['session'] = array('ipaddr' => ''); } # if if ($req->getDef('output', '') == 'xml') { echo "<xml>";
require_once "lib/page/SpotPage_catsjson.php"; require_once "lib/page/SpotPage_erasedls.php"; require_once "lib/page/SpotPage_getimage.php"; require_once "lib/page/SpotPage_getspotmobile.php"; require_once "lib/page/SpotPage_markallasread.php"; require_once "lib/page/SpotPage_getimage.php"; require_once "lib/page/SpotPage_selecttemplate.php"; #- main() -# try { # database object $db = new SpotDb($settings['db']); $db->connect(); # helper functions for passed variables $req = new SpotReq(); $req->initialize(); $page = $req->getDef('page', 'index'); if (array_search($page, array('index', 'catsjson', 'getnzb', 'getnzbmobile', 'getspotmobile', 'getspot', 'erasedls', 'markallasread', 'getimage', 'selecttemplate')) === false) { $page = 'index'; } # if switch ($page) { case 'getspot': $page = new SpotPage_getspot($db, $settings, $settings['prefs'], $req->getDef('messageid', '')); $page->render(); break; # getspot # getspot case 'getnzb': $page = new SpotPage_getnzb($db, $settings, $settings['prefs'], array('messageid' => $req->getDef('messageid', ''), 'action' => $req->getDef('action', 'display'))); $page->render(); break;
require_once "SpotParser.php"; require_once "SpotNntp.php"; require_once "lib/retriever/SpotRetriever_Spots.php"; require_once "lib/retriever/SpotRetriever_Comments.php"; # in safe mode, max execution time cannot be set, warn the user if (ini_get('safe_mode')) { echo "WARNING: PHP safemode is enabled, maximum execution cannot be reset! Turn off safemode if this causes problems\r\n\r\n"; } # if if (!isset($settings['retrieve_increment'])) { echo "WARNING: Parameter retrieve_increment is missing in settings.php, please add and run again."; die; } $req = new SpotReq(); $req->initialize(); if ($req->getDef('output', '') == 'xml') { echo "<xml>"; } # if try { $db = new SpotDb($settings['db']); $db->connect(); } catch (Exception $x) { die("Unable to connect to database: " . $x->getMessage() . "\r\n"); } # catch ## Als we forceren om de "already running" check te bypassen, doe dat dan if ($argc > 1 && $argv[1] == '--force') { $db->setRetrieverRunning($settings['nntp_hdr']['host'], false); } # if
* possible they create a mistake and accidentally create output from it. * * This output breaks a lot of stuff like download integration, image generation * and more. * * We try to check if any output has been submitted, and if so, we refuse * to continue to prevent all sorts of confusing bug reports */ if (headers_sent() || (int) ob_get_length() > 0) { throw new OwnsettingsCreatedOutputException(); } # if # helper functions for passed variables $req = new SpotReq(); $req->initialize($settings); $page = $req->getDef('page', 'index'); # Retrieve the users object of the user which is logged on SpotTiming::start('auth'); $spotUserSystem = new SpotUserSystem($db, $settings); if ($req->doesExist('apikey')) { $currentSession = $spotUserSystem->verifyApi($req->getDef('apikey', '')); } else { $currentSession = $spotUserSystem->useOrStartSession(false); } # if /* * If three is no user object, we don't have a security system * either. Without a security system we cannot boot, so fatal */ if ($currentSession === false) { if ($req->doesExist('apikey')) {
# Controleer eerst of het schema nog wel geldig is if (!$db->schemaValid()) { die("Database schema is gewijzigd, draai upgrade-db.php aub" . PHP_EOL); } # if # Controleer eerst of de settings versie nog wel geldig zijn if (!$settings->settingsValid()) { die("Globale settings zijn gewijzigd, draai upgrade-db.php aub" . PHP_EOL); } # if # helper functions for passed variables $req = new SpotReq(); $req->initialize($settings); $page = $req->getDef('page', 'index'); # Haal het userobject op dat 'ingelogged' is SpotTiming::start('auth'); $spotUserSystem = new SpotUserSystem($db, $settings); if ($req->doesExist('apikey')) { $currentSession = $spotUserSystem->verifyApi($req->getDef('apikey', '')); } else { $currentSession = $spotUserSystem->useOrStartSession(); } # if /* Zonder userobject ook geen security systeem, dus dit is altijd fatal */ if ($currentSession === false) { if ($req->doesExist('apikey')) { throw new Exception("API Key Incorrect"); } else {
# Controleer eerst of de settings versie nog wel geldig zijn if (!$settings->settingsValid()) { die("Globale settings zijn gewijzigd, draai upgrade-db.php aub" . PHP_EOL); } # if $req = new SpotReq(); $req->initialize($settings); # We willen alleen uitgevoerd worden door een user die dat mag als # we via de browser aangeroepen worden. Via console halen we altijd # het admin-account op $spotUserSystem = new SpotUserSystem($db, $settings); if (isset($_SERVER['SERVER_PROTOCOL'])) { # Vraag de API key op die de gebruiker opgegeven heeft $apiKey = $req->getDef('apikey', ''); $userSession = $spotUserSystem->verifyApi($apiKey); if (($userSession == false) || (!$userSession['security']->allowed(SpotSecurity::spotsec_retrieve_spots, ''))) { die("Access denied"); } # if } else { $userSession['user'] = $db->getUser(SPOTWEB_ADMIN_USERID); $userSession['security'] = new SpotSecurity($db, $settings, $userSession['user']); } # if if ($req->getDef('output', '') == 'xml') { echo "<xml>"; } # if
if (!$settings->settingsValid()) { die("Globale settings zijn gewijzigd, draai upgrade-db.php aub" . PHP_EOL); } # if # Controleer dat er nergens iets mis staat in de ownsettings.php oid dat output # genereerd. Als er output buffering toegepast wordt door PHP dan is deze check niet # voldoende. ob_get_length() geeft false terug als er geen outputbuffering actief is, # of anders 0 als er nog geen headers verstuurd zijn. if (headers_sent() || (int) ob_get_length() > 0) { die("ownsettings.php geeft al output, zorg dat je ownsettings.php niet afgesloten is met ?> en dat er niets staat voor de openingstag." . PHP_EOL); } # if # helper functions for passed variables $req = new SpotReq(); $req->initialize($settings); $page = $req->getDef('page', 'index'); # Haal het userobject op dat 'ingelogged' is SpotTiming::start('auth'); $spotUserSystem = new SpotUserSystem($db, $settings); if ($req->doesExist('apikey')) { $currentSession = $spotUserSystem->verifyApi($req->getDef('apikey', '')); } else { $currentSession = $spotUserSystem->useOrStartSession(); } # if /* Zonder userobject ook geen security systeem, dus dit is altijd fatal */ if ($currentSession === false) { if ($req->doesExist('apikey')) { throw new Exception("API Key Incorrect"); } else { throw new Exception("Unable to create session");