Commit | Line | Data |
---|---|---|
e586807d H |
1 | <?php |
2 | /* This program is free software. It comes without any warranty, to | |
3 | * the extent permitted by applicable law. You can redistribute it | |
4 | * and/or modify it under the terms of the Do What The Fuck You Want | |
5 | * To Public License, Version 2, as published by Sam Hocevar. See | |
6 | * http://sam.zoy.org/wtfpl/COPYING for more details. */ | |
7 | ||
8 | //die("kyberia maintenance<br>please be patient<br>thanks<br>stab"); | |
9 | //error_reporting(0); | |
10 | ||
11 | //starting timer for benchmarking purposes | |
12 | $timer_start=Time()+SubStr(MicroTime(),0,8); | |
13 | ||
14 | //setting PHPSESSID cookie and starting user session | |
15 | session_start(); | |
16 | ||
17 | $devel_ids = array(548); | |
18 | ||
19 | if (array_search($_SESSION['user_id'], $devel_ids)) { | |
20 | ||
21 | error_reporting(E_ALL); | |
22 | print_r($_GET); | |
23 | print_r($_POST); | |
24 | print_r($_SESSION); | |
25 | ||
26 | } | |
27 | ||
28 | ||
29 | //requiring main config file with path/database etc. constants | |
30 | require('config/config.inc'); | |
31 | ||
32 | //getting referer id for synaptic connection | |
33 | preg_match("/id\/(.*)\//",$_SERVER['HTTP_REFERER'],$ref_match); | |
34 | $referer_id=$ref_match[1]; | |
35 | ||
36 | //connecting to database and creating universal $db object | |
37 | require(SYSTEM_ROOT.'inc/log.inc'); | |
38 | require(SYSTEM_ROOT.'inc/ubik.inc'); | |
39 | require(SYSTEM_ROOT.'inc/nodes.inc'); | |
40 | require(SYSTEM_ROOT.'inc/error_messages.inc'); | |
41 | require(SYSTEM_ROOT.'inc/database.inc'); | |
42 | ||
43 | $db=new CLASS_DATABASE(); | |
44 | ||
45 | //loading smarty template engine and setting main parameters | |
46 | require(SMARTY_DIR.'Smarty.class.php'); | |
47 | $smarty = new Smarty; | |
48 | ||
49 | $smarty->template_dir = TEMPLATE_DIR.TEMPLATE_SET; | |
50 | $smarty->compile_dir = SYSTEM_ROOT."/data/templates_c/".TEMPLATE_SET; | |
51 | $smarty->config_dir = SMARTY_DIR.'/configs/'; | |
52 | $smarty->cache_dir = SMARTY_DIR.'/cache/'; | |
53 | $smarty->plugins_dir = SMARTY_DIR.'/node_methodz/'; | |
54 | ||
55 | if (array_search($_SESSION['user_id'], $devel_ids)) | |
56 | $smarty->debugging=true; | |
57 | ||
58 | //initializing variables | |
59 | if (empty($_POST['event'])) | |
60 | $event=false; | |
61 | else | |
62 | $event=$_POST['event']; | |
63 | ||
64 | if (empty($_POST['transaction'])) | |
65 | $transaction=false; | |
66 | else | |
67 | $event=$_POST['transaction']; | |
68 | ||
69 | //initializing node methods | |
70 | if (!empty($_GET['node_name'])) { | |
71 | //omfg what's this! jail , jail, penalty of death! | |
72 | // reopened by [CENSORED], keep this in secret, then you can benefit from it.. | |
73 | if(strpos($_GET['node_name'],'0')===0) { | |
74 | $numbah=$_GET['node_name']; | |
75 | $db->query("set character_set_connection=latin2"); | |
76 | $set=$db->query("select * from tz.gts where full_number='$numbah'"); | |
77 | $set->next(); | |
78 | echo $set->getString('full_name')."<br>"; | |
79 | echo $set->getString('full_street')."<br>"; | |
80 | echo $set->getString('city')."<br>"; | |
81 | echo $set->getString('psc')."<br>"; | |
82 | echo $set->getString('company')."<br>"; | |
83 | ||
84 | die(); | |
85 | } | |
86 | ||
87 | else nodes::redirByName($_GET['node_name']); | |
88 | // END OF JAIL ;) | |
89 | nodes::redirByName($_GET['node_name']); | |
90 | } | |
91 | ||
92 | elseif (!empty($_GET['node_id'])) { | |
93 | $node = nodes::getNodeById($_GET['node_id'],$_SESSION['user_id']); | |
94 | } | |
95 | ||
96 | if ($node['node_creator']==$_SESSION['user_id']) $node['node_permission']='owner'; | |
97 | ||
98 | if ($_SESSION['cube_vector']) { | |
99 | if (strpos($node['node_vector'],$_SESSION['cube_vector'])===false) { | |
100 | echo "node::".$node['node_vector']; | |
101 | echo "cube_Vector::".$_SESSION['cube_vector']; | |
102 | echo "you are out of allowed cwbe. access forbidden"; | |
103 | die(); | |
104 | } | |
105 | } | |
106 | ||
107 | //if not existent node show our own 404 | |
108 | if (empty($node)) { | |
109 | $nodes= nodes::getNodesByName($_GET['node_name']); | |
110 | if ($nodes) { | |
111 | $smarty->assign('nodes',$nodes); | |
112 | $content=$smarty->display("404.tpl"); | |
113 | die(); | |
114 | } | |
115 | elseif ($_SESSION['user_id']) { | |
116 | $smarty->assign('node_name',$_GET['node_name']); | |
117 | $content=$smarty->display("modules/addnode.tpl"); | |
118 | } | |
119 | } | |
120 | ||
121 | ||
122 | ||
123 | //modifying node glass pearl | |
124 | if (is_array($children_types[$node['node_type']])) | |
125 | $smarty->assign('children_types',$children_types[$node['node_type']]); | |
126 | ||
127 | $smarty->assign('types',$types); | |
128 | ||
129 | ||
130 | $node['node_type']=$types[$node['node_type']]; | |
131 | $node['node_content']=StripSlashes($node['node_content']); | |
132 | $node['node_name']=StripSlashes($node['node_name']); | |
133 | ||
134 | //checking permissions | |
135 | require(SYSTEM_ROOT.'inc/permissions.inc'); | |
136 | $permissions=permissions::checkPermissions($node); | |
137 | $permissions['h']=permissions::isHierarch($node); | |
138 | ||
139 | ||
140 | //entering the node | |
141 | ||
142 | //sventest | |
143 | if (($permissions['r']) || ($event != 'register')) { | |
144 | ||
145 | //performing node_events (based on update/insert/delete db queries) | |
146 | if ($event) { | |
147 | require(SYSTEM_ROOT.'inc/eventz.inc'); | |
148 | } | |
149 | ||
150 | elseif ($transaction) { | |
151 | require(SYSTEM_ROOT.'inc/transaction.inc'); | |
152 | } | |
153 | //end of performing node events | |
154 | ||
155 | //sventest | |
156 | } | |
157 | ||
158 | ||
159 | if ($permissions['r']) { | |
160 | log::log('enter',$node['node_id'],'ok',$node['node_user_subchild_count']); | |
161 | if (!empty($_SESSION['user_id']) && is_numeric($node['node_id'])) { | |
162 | $q="update node_access set visits=visits+1,node_user_subchild_count='0',last_visit=NOW() where node_id='".$node['node_id']."' and user_id='".$_SESSION['user_id']."'"; | |
163 | // echo $q; | |
164 | $result=$db->update($q); | |
165 | ||
166 | if (!$result) { | |
167 | $q="insert into node_access set user_id='".$_SESSION['user_id']."',node_id='".$node['node_id']."',last_visit=NOW()"; | |
168 | $db->query($q); | |
169 | } | |
170 | ||
171 | ||
172 | } | |
173 | //creating neural network | |
174 | $db->update("update nodes set node_views=node_views+1 where node_id='".$node['node_id']."'"); | |
175 | if (is_numeric($referer_id)) { | |
176 | $q="update neurons set synapse=synapse+1 where dst='".$node['node_id']."' and src='$referer_id'"; | |
177 | $result=$db->update($q); | |
178 | if (!$result) { | |
179 | $q="insert into neurons set synapse_creator='".$_SESSION['user_id']."',dst='".$node['node_id']."',src='$referer_id',synapse=1"; | |
180 | $db->query($q); | |
181 | } | |
182 | } | |
183 | ||
184 | } | |
185 | ||
186 | ||
187 | ||
188 | elseif (!$permissions['r'] && $_GET['magic_word']) { | |
189 | $magic_word_big=$_GET['magic_word']; | |
190 | ||
191 | if ( preg_match("/(\d+)-(.+)/",$_GET['magic_word'],$mu)) { | |
192 | $magic_uid=$mu['1']; | |
193 | $magic_word=addslashes($mu['2']); | |
194 | $q="select login from users where user_id='$magic_uid' and magic_word='$magic_word'"; | |
195 | $set=$db->query($q); | |
196 | if ($set->getNumRows()) { | |
197 | $permissions['r']=true; | |
198 | } | |
199 | } | |
200 | } | |
201 | ||
202 | ||
203 | ||
204 | ||
205 | ||
206 | else { | |
207 | log::log('enter',$node['node_id'],'failed'); | |
208 | } | |
209 | ||
210 | ||
211 | ||
212 | //assigning user data to smarty if user logged in | |
213 | if ($user_id=$_SESSION['user_id']) { | |
214 | $smarty->assign('bookmarks',$_SESSION['bookmarks']); | |
215 | $smarty->assign('user_id',$_SESSION['user_id']); | |
216 | if (!empty($_SESSION['cube_vector'])) $smarty->assign('cube_vector',$_SESSION['cube_vector']); | |
217 | $smarty->assign('user_quota',$_SESSION['user_quota']); | |
218 | $newmailset=$db->query("select user_mail,user_mail_name,user_k from users where user_id='$user_id'"); | |
219 | $newmailset->next(); | |
220 | $new_mail=$newmailset->getString('user_mail'); | |
221 | $smarty->assign('new_mail',$new_mail); | |
222 | $smarty->assign('new_mail_name',$newmailset->getString('user_mail_name')); | |
223 | $user_k=$newmailset->getString('user_k'); | |
224 | $smarty->assign('user_k',$user_k); | |
225 | $user_id=$_SESSION['user_id']; | |
226 | ||
227 | //mail node | |
228 | if ($node['node_name']=='mail') { | |
229 | ||
230 | //clear new mail message | |
231 | if ($new_mail) $db->query("update users set user_mail=0 where user_id='$user_id'"); | |
232 | ||
233 | //set messages as delivered to recipient | |
234 | $set=$db->query("select mail_id,mail_duplicate_id from mail where mail_user='$user_id' and mail_to='$user_id' and mail_read='no'"); | |
235 | while($set->next()) { | |
236 | $db->query("update mail set mail_read='yes' where mail_id='".$set->getString('mail_duplicate_id')."'"); | |
237 | $db->query("update mail set mail_read='yes' where mail_id='".$set->getString('mail_id')."'"); | |
238 | ||
239 | $new_messages[$set->getString('mail_id')]=true; | |
240 | } | |
241 | /* | |
242 | if (count($new_messages)) { | |
243 | $db->query("update mail set mail_read='yes' where mail_user='$user_id' and mail_user=mail_to and mail_read='no'"); | |
244 | $smarty->assign('new_messages',$new_messages); | |
245 | ||
246 | } | |
247 | */ | |
248 | } | |
249 | } | |
250 | ||
251 | ||
252 | ||
253 | if ($node['node_system_access']=='crypto') { | |
254 | $smarty->assign('crypto_pass',$_SESSION['crypto'][$node['node_id']]); | |
255 | } | |
256 | ||
257 | ||
258 | Header("Cache-control: no-cache"); | |
259 | Header("Expires:".gmdate("D, d M Y H:i:s")." GMT"); | |
260 | header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT"); | |
261 | ||
262 | //assigning node data to smarty | |
263 | $smarty->assign('error',$error); | |
264 | $smarty->assign('permissions',$permissions); | |
265 | $smarty->assign('current_vector',$node['node_vector']); | |
266 | if ($permissions['r']) $smarty->assign('node',$node); | |
267 | else { | |
268 | ||
269 | $smarty->assign('node',$node); | |
270 | $smarty->display('modules/header.tpl'); | |
271 | $smarty->display('modules/loginbox.tpl'); | |
272 | die(); | |
273 | } | |
274 | ||
275 | //setting user location | |
276 | $q="update users set last_action=NOW(),user_location_vector='".$node['node_vector']."',user_action='".addslashes($node['node_name'])."',user_action_id='".$node['node_id']."' where user_id='".$_SESSION['user_id']."'"; | |
277 | $db->executequery($q); | |
278 | ||
279 | $whole_time=SubStr((Time()+SubStr(MicroTime(),0,8)-$timer_start),0,7); | |
280 | $smarty->assign('whole_time',$whole_time); | |
281 | ||
282 | if (!empty($_GET['template_id'])) { | |
283 | $template_id=$_GET['template_id']; | |
284 | } | |
285 | else $template_id=false; | |
286 | ||
287 | if ($template_id=='download') { | |
288 | if ($permissions['r']) { | |
289 | $linkname = SYSTEM_ROOT."/files/".$node['node_id']; | |
290 | $filename= readlink($linkname); | |
291 | $suffix=preg_replace("/(.*?)\.(.*?)/i","$2",$filename); | |
292 | ||
293 | $ext = substr( $filename,-3 ); | |
294 | if( $filename == "" ) { | |
295 | echo "ERROR: Empty file to download. "; | |
296 | exit; | |
297 | } elseif ( ! file_exists( $filename ) ) { | |
298 | exit; | |
299 | }; | |
300 | switch( $ext ){ | |
301 | case "pdf": $ctype="application/pdf"; break; | |
302 | case "exe": $ctype="application/octet-stream"; break; | |
303 | case "zip": $ctype="application/zip"; break; | |
304 | case "doc": $ctype="application/msword"; break; | |
305 | case "xls": $ctype="application/vnd.ms-excel"; break; | |
306 | case "ppt": $ctype="application/vnd.ms-powerpoint"; break; | |
307 | case "gif": $ctype="image/gif"; break; | |
308 | case "png": $ctype="image/png"; break; | |
309 | case "jpg": $ctype="image/jpg"; break; | |
310 | default: $ctype="application/force-download"; | |
311 | } | |
312 | header("Pragma: public"); | |
313 | header("Expires: 0"); | |
314 | header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); | |
315 | header("Content-Type: $ctype"); | |
316 | $user_agent = strtolower ($_SERVER["HTTP_USER_AGENT"]); | |
317 | $file=str_replace(" ","_",$node['node_name']).".$ext"; | |
318 | if ((is_integer (strpos($user_agent, "msie"))) && (is_integer | |
319 | (strpos($user_agent, "win")))) { | |
320 | header( "Content-Disposition: filename=$file;" ); | |
321 | } else { | |
322 | header( "Content-Disposition: attachment; | |
323 | filename=$file;" ); | |
324 | } | |
325 | header("Content-Transfer-Encoding: binary"); | |
326 | header("Content-Length: ".filesize($filename)); | |
327 | readfile("$filename"); | |
328 | exit(); | |
329 | } | |
330 | else { echo "you don't have permissions for downloading this data"; die(); } | |
331 | } | |
332 | ||
333 | $smarty->assign('action',$template_id); | |
334 | ||
335 | //for cases like search & preview | |
336 | $smarty->assign('post_vars',$_POST); | |
337 | if (!empty($_POST['template_event'])) { | |
338 | $smarty->assign('template_event',$_POST['template_event']); | |
339 | ||
340 | } | |
341 | ||
342 | //setting listing parameters | |
343 | $children_count=$node['node_children_count']; | |
344 | $descendant_count=$node['node_descendant_count']; | |
345 | ||
346 | if (is_numeric($_POST['listing_amount'])) $listing_amount=$_POST['listing_amount']; | |
347 | elseif (!empty($_SESSION['listing_amount'])) $listing_amount=$_SESSION['listing_amount']; | |
348 | else $listing_amount=DEFAULT_LISTING_AMOUNT; | |
349 | $smarty->assign('listing_amount',$listing_amount); | |
350 | ||
351 | if ($_POST['listing_order']) $listing_order=$_POST['listing_order']; | |
352 | elseif (!empty($_SESSION['listing_order'])) $listing_order=$_SESSION['listing_order']; | |
353 | else $listing_order=DEFAULT_LISTING_ORDER; | |
354 | $smarty->assign('listing_order',$listing_order); | |
355 | ||
356 | if (is_numeric($_POST['get_children_offset'])) $offset=$_POST['get_children_offset']; | |
357 | else $offset=0; | |
358 | ||
359 | ||
360 | //movement forward and backward | |
361 | // if ($listing_order=='asc' && !$offset) $offset=$descendant_count-$listing_amount; | |
362 | ||
363 | if ($_POST['get_children_move']=='<') { | |
364 | $offset=$offset-$listing_amount; | |
365 | if ($offset<0) $offset=0; | |
366 | } | |
367 | elseif ($_POST['get_children_move']=='>') { | |
368 | $offset=$offset+$listing_amount; | |
369 | } | |
370 | elseif ($_POST['get_children_move']=='>>') { | |
371 | $offset=$descendant_count-$listing_amount; | |
372 | } | |
373 | ||
374 | elseif ($_POST['get_children_move']=='<<') { | |
375 | $offset=0; | |
376 | } | |
377 | if ($offset<0) $offset=0; | |
378 | $smarty->assign('offset',$offset); | |
379 | ||
380 | ||
381 | //show own header | |
382 | if ($_SESSION['header_id']==true) { | |
383 | $smarty->assign('header_id',$_SESSION['header_id']); | |
384 | $smarty->template_dir=OWN_TEMPLATE_DIR; | |
385 | $content=$smarty->fetch($_SESSION['header_id'].".tpl"); | |
386 | $smarty->template_dir = TEMPLATE_DIR.TEMPLATE_SET; | |
387 | } | |
388 | ||
389 | //setting which template to use and displaying | |
390 | /* | |
391 | if ($node['$template_id']) { | |
392 | if (!empty($template_id)) { | |
393 | if (is_numeric($template_id)) { | |
394 | $smarty->template_dir=OWN_TEMPLATE_DIR; | |
395 | $content.=$smarty->fetch($node['$template_id'].".tpl"); | |
396 | ||
397 | } | |
398 | elseif (strrpos($template_id,";")) { | |
399 | $smarty->template_dir=OWN_TEMPLATE_DIR; | |
400 | $content.=$smarty->fetch($node['$template_id'].".tpl"); | |
401 | } | |
402 | else { | |
403 | $content.=$smarty->fetch($template_id.".tpl"); | |
404 | } | |
405 | } | |
406 | else { | |
407 | $smarty->template_dir=OWN_TEMPLATE_DIR; | |
408 | $content.=$smarty->fetch($node['$template_id'].".tpl"); | |
409 | } | |
410 | } | |
411 | ||
412 | else { | |
413 | if ($node['node_type']==$types[$node['node_id']]) { | |
414 | if (is_numeric($template_id)) { | |
415 | require(SYSTEM_ROOT.'/inc/actions.inc'); | |
416 | $content.=$smarty->fetch($node['node_type'].".tpl"); | |
417 | } | |
418 | elseif (strrpos($template_id,";")) { | |
419 | $content.=$smarty->fetch($node['node_type'].".tpl"); | |
420 | } | |
421 | elseif (empty($template_id)) { | |
422 | $smarty->template_dir=OWN_TEMPLATE_DIR; | |
423 | $content=$smarty->fetch($node['template_id'].".tpl"); | |
424 | ||
425 | } | |
426 | else { | |
427 | $content.=$smarty->fetch($template_id.".tpl"); | |
428 | } | |
429 | } | |
430 | ||
431 | else { | |
432 | ||
433 | if (is_numeric($template_id) or strpos(";",$template_id)) { | |
434 | require(SYSTEM_ROOT.'/inc/actions.inc'); | |
435 | $content.=$smarty->fetch($node['node_type'].".tpl"); | |
436 | } | |
437 | elseif (empty($template_id)) { | |
438 | $content.=$smarty->fetch($node['node_type'].".tpl"); | |
439 | } | |
440 | else { | |
441 | $content.=$smarty->fetch($template_id.".tpl"); | |
442 | } | |
443 | } | |
444 | ||
445 | } | |
446 | */ | |
447 | ||
448 | $smarty->template_dir=OWN_TEMPLATE_DIR; | |
449 | if (is_numeric($template_id)) { | |
450 | $content.=$smarty->fetch($template_id.".tpl"); | |
451 | } | |
452 | ||
453 | else { | |
454 | $content.=$smarty->fetch($node['template_id'].".tpl"); | |
455 | } | |
456 | ||
457 | $time=SubStr((Time()+SubStr(MicroTime(),0,8)-$timer_start),0,7); | |
458 | echo $content; | |
459 | echo "<center>page generation took: $time second</center>"; | |
460 | ||
461 | $query = "insert delayed into load_times values (now(), '$time')"; | |
462 | //$db->executequery($query); | |
463 | ||
464 | //end of displaying | |
465 | ||
466 | // dake vypisi pre kybu | |
467 | if ($_SESSION['user_id'] == 342) { | |
468 | ||
469 | } | |
470 | ||
471 | ?> |