Commit | Line | Data |
---|---|---|
51ff3226 | 1 | <?php |
2bfe7a1f H |
2 | require_once('config/config.inc'); //requiring main config file with path/database etc. constants |
3 | if(isset($realm) && isset($users)) require_once(INCLUDE_DIR.'http_auth.php'); //Ask for auth if enabled... | |
a81e2af2 | 4 | //echo($_SERVER['PATH_INFO']."\n<pre>"); var_dump(preg_split('/\//', $_SERVER['PATH_INFO'])); die(); //PATH_INFO Debug (usefull when messing with mod_rewrite) |
51ff3226 | 5 | // output buffering forcing (mx) |
6 | if (!empty($_POST['FORCE_OB']) && $_POST['FORCE_OB'] == 'true') ob_start(); | |
7 | ||
51ff3226 | 8 | //header("Location: http://web.archive.org/web/20020925021139/http://kyberia.sk"); |
51ff3226 | 9 | //echo "je to uz uplne v pici. vsetky data su stratene, prajem pekny den :)"; |
10 | //exit; | |
ab8ec5e5 | 11 | |
51ff3226 | 12 | //starting timer for benchmarking purposes |
13 | $timer_start=Time()+SubStr(MicroTime(),0,8); | |
51ff3226 | 14 | //setting PHPSESSID cookie and starting user session |
15 | session_start(); | |
16 | ||
45a1b870 | 17 | error_reporting(1); |
cb4300b2 | 18 | //$_SESSION['debugging']=1; |
88698052 | 19 | //unset($_SESSION['debugging']); //Well... we should make some event or JavaScript page to turning this on/off... |
45a1b870 | 20 | //exit; |
21 | ||
51ff3226 | 22 | |
23 | if ($_SESSION['debugging']) { | |
24 | ||
25 | error_reporting(E_ALL); | |
a81e2af2 | 26 | echo 'GET VARIABLES::<br/>'; |
51ff3226 | 27 | print_r($_GET); |
a81e2af2 | 28 | echo 'POST VARIABLES::<br/>'; |
51ff3226 | 29 | print_r($_POST); |
a81e2af2 | 30 | echo '<b>SESSION VARIABLES::</b><br/>'; |
51ff3226 | 31 | print_r($_SESSION); |
32 | } | |
33 | ||
5c9aff9f H |
34 | @ini_set('magic_quotes_gpc' , 'off'); |
35 | if(get_magic_quotes_gpc()) die("Error: magic_quotes_gpc needs to be disabled! F00K!\n"); | |
36 | ||
4dd26acd | 37 | //Smarty from DB |
00be2b5c H |
38 | $smarty_resource = 'kyberia'; |
39 | //$smarty_resource = ''; //same as 'file' (fallback) | |
40 | /* I have moved old templates to DB using following lame script: | |
41 | * for i in *.tpl; do j=$(echo "$i" | cut -d . -f 1); echo UPDATE nodes SET node_content = "'$(php -r "echo mysql_escape_string(file_get_contents('$i'));")'" WHERE node_id = "'$j'" COLLATE utf8_bin LIMIT '1;'; done | mysql --user=kyberia --password=PASSSSSSS kyberia | |
42 | * In future we should have some mechanism for distributing templates because they are very important part of kyberia source... | |
43 | */ | |
822594dc | 44 | |
a81e2af2 | 45 | //Path info (Experimental - this replaced most of mod_rewrites...) |
822594dc H |
46 | @$PATH_INFO=trim($_SERVER[PATH_INFO]); |
47 | if($PATH_INFO != '') { | |
a81e2af2 | 48 | $PATH_CHUNKS = preg_split('/\//', $PATH_INFO); |
20b73641 | 49 | if(isset($PATH_CHUNKS[1])) switch($PATH_CHUNKS[1]) { |
822594dc H |
50 | case 'k': |
51 | if(isset($PATH_CHUNKS[2]) && $PATH_CHUNKS[2] != '') $_GET['node_kid'] = $PATH_CHUNKS[2]; | |
52 | if(isset($PATH_CHUNKS[3]) && $PATH_CHUNKS[3] != '') $_GET['template_kid'] = $PATH_CHUNKS[3]; | |
53 | break; | |
54 | case 'id': | |
55 | if(isset($PATH_CHUNKS[2]) && $PATH_CHUNKS[2] != '') $_GET['node_id'] = $PATH_CHUNKS[2]; | |
56 | if(isset($PATH_CHUNKS[3]) && $PATH_CHUNKS[3] != '') $_GET['template_id'] = $PATH_CHUNKS[3]; | |
692f2b82 H |
57 | |
58 | //Base36 fascism redirect | |
93748c08 | 59 | if($_GET['template_id'] == 'download') break; //Fix ugly download hack... |
692f2b82 H |
60 | if(!count($_POST)) { |
61 | header('Location: /k/'.base_convert($_GET['node_id'], 10, 36). | |
62 | (isset($_GET['template_id'])?'/'.base_convert($_GET['template_id'], 10, 36):'') | |
63 | ); | |
64 | die("Base36 fascism...\n"); //If you want to be a fascist you have to die imediatelly... | |
65 | } | |
66 | ||
822594dc | 67 | break; |
20b73641 H |
68 | default: |
69 | if($PATH_CHUNKS[1] != '') $_GET['node_name'] = $PATH_CHUNKS[1]; | |
70 | if(isset($PATH_CHUNKS[2]) && $PATH_CHUNKS[2] != '') $_GET['template_kid'] = $PATH_CHUNKS[2]; | |
71 | break; | |
822594dc H |
72 | } |
73 | } | |
15de3e32 H |
74 | if( |
75 | (!isset($_GET['node_kid']) || trim($_GET['node_kid']) == '') && | |
76 | (!isset($_GET['node_id']) || trim($_GET['node_id']) == '') | |
77 | ) $_GET['node_kid'] = 1; | |
822594dc | 78 | |
96a2b554 H |
79 | //Base36 http://en.wikipedia.org/wiki/Base_36 (Initial support only :-) |
80 | if(isset($_GET['node_kid'])) $_GET['node_id'] = base_convert($_GET['node_kid'], 36, 10); | |
81 | if(isset($_GET['template_kid'])) $_GET['template_id'] = base_convert($_GET['template_kid'], 36, 10); | |
82 | ||
1dbcd100 | 83 | require_once(INCLUDE_DIR.'senate.inc'); |
51ff3226 | 84 | |
2bcd35a6 | 85 | if (isset($_SERVER['HTTP_REFERER'])) { |
a81e2af2 | 86 | preg_match('/(k|id)\/([0-9]*)\//',$_SERVER['HTTP_REFERER'],$ref_match); |
2bcd35a6 | 87 | $referer_id=$ref_match[1]; |
88 | } | |
51ff3226 | 89 | |
90 | //connecting to database and creating universal $db object | |
cb5cd120 H |
91 | require_once(INCLUDE_DIR.'log.inc'); |
92 | require_once(INCLUDE_DIR.'ubik.inc'); | |
93 | require_once(INCLUDE_DIR.'nodes.inc'); | |
94 | require_once(INCLUDE_DIR.'error_messages.inc'); | |
95 | require_once(INCLUDE_DIR.'database.inc'); | |
96 | require_once(INCLUDE_DIR.'transports.inc'); | |
51ff3226 | 97 | |
e23557a6 | 98 | $db = new CLASS_DATABASE(); |
51ff3226 | 99 | |
100 | if (!empty($_GET['template_id'])) { | |
101 | $template_id=$_GET['template_id']; | |
5b9c0808 | 102 | } else { |
103 | $template_id=false; | |
51ff3226 | 104 | } |
51ff3226 | 105 | |
106 | //initializing node methods | |
107 | if (!empty($_GET['node_name'])) { | |
51ff3226 | 108 | $node = nodes::redirByName($_GET['node_name']); |
5b9c0808 | 109 | } elseif (!empty($_GET['node_id'])) { |
110 | $node = nodes::getNodeById($_GET['node_id'], | |
111 | (isset($_SESSION['user_id']))?$_SESSION['user_id']:''); | |
51ff3226 | 112 | } |
113 | ||
065440d5 | 114 | //XXX Paths are wrong (!) |
51ff3226 | 115 | //loading smarty template engine and setting main parameters |
116 | require(SMARTY_DIR.'Smarty.class.php'); | |
117 | $smarty = new Smarty; | |
6a967e24 | 118 | require(INCLUDE_DIR.'smarty/resource.kyberia.php'); |
00be2b5c | 119 | $smarty->default_resource_type=$smarty_resource; |
51ff3226 | 120 | |
065440d5 | 121 | //$smarty->php_handling = SMARTY_PHP_REMOVE; //XXX |
39244cfc | 122 | $smarty->template_dir = TEMPLATE_DIR; |
51ff3226 | 123 | //echo TEMPLATE_DIR.TEMPLATE_SET; |
124 | //echo $smarty->template_dir; | |
a81e2af2 | 125 | $smarty->compile_dir = SYSTEM_DATA.'templates_c/'; |
175043f4 | 126 | $smarty->config_dir = SMARTY_DIR.'configs/'; //XXX neexistuje |
51ff3226 | 127 | $smarty->cache_dir = SMARTY_DIR.'cache/'; |
128 | $smarty->plugins_dir = SMARTY_PLUGIN_DIR ; | |
129 | if ($_SESSION['debugging']) $smarty->debugging=true; | |
130 | ||
9850bdc4 | 131 | // initializing variables |
132 | // preg_replace prevents LFI | |
65c78def | 133 | if (empty($_POST['event'])) $event='display'; |
9850bdc4 | 134 | else $event= preg_replace( "![^a-zA-Z0-9_]+!", "", $_POST['event']); |
51ff3226 | 135 | |
136 | ||
137 | if ($_SESSION['debugging']) { | |
138 | echo "<pre><b>NODE::"; | |
139 | print_r($node); | |
140 | echo "</pre>"; | |
141 | } | |
142 | ||
12425f11 | 143 | if ((isset($_SESSION['user_id']) && ($node['node_creator']==$_SESSION['user_id']))) { |
006bd683 | 144 | $node['node_permission']='owner'; |
145 | } | |
51ff3226 | 146 | |
006bd683 | 147 | if (isset($_SESSION['cube_vector']) && ($_SESSION['cube_vector'])) { |
51ff3226 | 148 | if (strpos($node['node_vector'],$_SESSION['cube_vector'])===false) { |
149 | echo "node::".$node['node_vector']; | |
150 | echo "cube_Vector::".$_SESSION['cube_vector']; | |
151 | echo "you are out of allowed cwbe. access forbidden"; | |
152 | die(); | |
153 | } | |
154 | } | |
155 | ||
156 | //if not existent node show our own 404 | |
157 | if (empty($node)) { | |
158 | $nodes= nodes::getNodesByName($_GET['node_name']); | |
159 | if ($nodes) { | |
160 | $smarty->assign('nodes',$nodes); | |
00be2b5c | 161 | $content=$smarty->display('404.tpl'); |
51ff3226 | 162 | die(); |
163 | } | |
164 | elseif ($_SESSION['user_id']) { | |
165 | $smarty->assign('node_name',$_GET['node_name']); | |
166 | $content=$smarty->display("modules/addnode.tpl"); | |
167 | } | |
168 | } | |
169 | ||
006bd683 | 170 | //modifying node glass pearl //XXX WTF |
09f0f2fa | 171 | //if (is_array($children_types[$node['node_type']])) { |
172 | // $smarty->assign('children_types',$children_types[$node['node_type']]); | |
173 | //} | |
174 | ||
ac6dff25 | 175 | //smarty->assign('types',$types); |
51ff3226 | 176 | |
177 | ||
178 | //$node['node_type']=$types[$node['node_type']]; | |
5c9aff9f | 179 | /* This should NOT BE HANDLED HERE! This breaks things... |
006bd683 | 180 | $node['node_content']= StripSlashes($node['node_content']); |
181 | $node['node_name']= StripSlashes($node['node_name']); | |
5c9aff9f | 182 | */ |
51ff3226 | 183 | |
184 | //checking permissions | |
185 | function _checkPermissions() | |
186 | { | |
187 | global $permissions, $node; | |
188 | ||
e909f81b | 189 | require(INCLUDE_DIR.'permissions.inc'); |
51ff3226 | 190 | $permissions=permissions::checkPermissions($node); |
191 | $permissions['h']=permissions::isHierarch($node); | |
192 | } | |
193 | ||
194 | // mail rss | |
5b9c0808 | 195 | if ($template_id=='rss') //XXX WHAT? |
51ff3226 | 196 | { |
197 | $_feedType = "RSS0.91"; | |
198 | if (!is_numeric($_SESSION['user_id'])) | |
199 | { | |
200 | if (!isset($_SERVER['PHP_AUTH_USER'])) { | |
201 | header('WWW-Authenticate: Basic realm="Kyberia"'); | |
202 | header('HTTP/1.0 401 Unauthorized'); | |
203 | echo 'Cancel button'; | |
204 | exit; | |
205 | } | |
206 | else | |
207 | { | |
208 | require_once(EVENT_DIR.'/login.inc'); | |
209 | $_POST['login'] = $_SERVER['PHP_AUTH_USER']; | |
210 | $_POST['password'] = $_SERVER['PHP_AUTH_PW']; | |
211 | $_POST['login_type'] = "name"; | |
212 | if (!login()) | |
213 | { | |
214 | echo "Zle meno/heslo."; | |
215 | exit(); | |
216 | } | |
217 | } | |
218 | } | |
219 | ||
220 | _checkPermissions(); | |
221 | ||
222 | ||
223 | if ($_GET['node_id']==='24' && $permissions['r']) | |
224 | { | |
225 | require_once(INCLUDE_DIR.'/feedcreator.class.php'); | |
226 | ||
82765da6 | 227 | $rss = new UniversalFeedCreator(); |
51ff3226 | 228 | $rss->title = "Kyberia mail"; |
229 | $rss->description = ""; | |
b6e35197 | 230 | $rss->link = "https://". SYSTEM_URL . "/id/24"; |
51ff3226 | 231 | |
5b9c0808 | 232 | //XXX into function |
51ff3226 | 233 | $query = "select date_format(mail.mail_timestamp,\"%e.%c. %k:%i:%s\") as cas, |
234 | userfrom.user_action as locationfrom_action, | |
235 | userfrom.user_action_id as locationfrom_action_id, | |
236 | userto.user_action as locationto_action, | |
237 | userto.user_action_id as locationto_action_id, | |
238 | userto.login as mail_to_name, userfrom.login as mail_from_name, | |
239 | mail.* from mail left join users as userfrom on | |
240 | mail_from=userfrom.user_id left join users as userto on mail_to=userto.user_id | |
241 | where mail_user='$_SESSION[user_id]' and mail_to='$_SESSION[user_id]' order by mail_id desc limit 0,10"; | |
242 | ||
243 | $set = $db->query($query); | |
244 | ||
245 | while($set->next()) { | |
246 | $m = $set->getRecord(); | |
247 | if ($m['mail_to'] != $_SESSION['user_id']) | |
248 | continue; | |
82765da6 | 249 | $item = new FeedItem(); |
51ff3226 | 250 | $item->title = $m['mail_from_name']; |
b6e35197 | 251 | $item->link = "https://".SYSTEM_URL."/id/24"; |
51ff3226 | 252 | $item->description = $m['mail_text']; |
253 | $rss->addItem($item); | |
254 | } | |
255 | } | |
256 | // bookmarks | |
257 | elseif ($_GET['node_id']=='19' && $permissions['r']) | |
258 | { | |
259 | require_once(INCLUDE_DIR.'/feedcreator.class.php'); | |
260 | ||
82765da6 | 261 | $rss = new UniversalFeedCreator(); |
51ff3226 | 262 | $rss->title = "Kyberia bookmarks"; |
5b9c0808 | 263 | $rss->link = "http://".SYSTEM_URL."/id/19"; //XXX https ? |
51ff3226 | 264 | |
265 | require_once(SMARTY_PLUGIN_DIR.'/function.get_bookmarks.php'); | |
266 | smarty_function_get_bookmarks(array(), $smarty); | |
267 | $_items = $smarty->get_template_vars('get_bookmarks'); | |
268 | foreach ($_items as $_item) | |
269 | { | |
270 | if (is_array($_item['children'])) | |
271 | foreach ($_item['children'] as $_b) | |
272 | { | |
82765da6 | 273 | $item = new FeedItem(); |
51ff3226 | 274 | $item->title = $_b['node_name']; |
b6e35197 | 275 | $item->link = "http://".SYSTEM_URL."/id/".$_b['node_id']."/rss"; |
51ff3226 | 276 | $rss->addItem($item); |
277 | } | |
278 | } | |
279 | $_feedType = 'OPML'; | |
280 | } | |
281 | elseif ($permissions['r']) | |
282 | { | |
283 | require_once(INCLUDE_DIR.'/feedcreator.class.php'); | |
284 | ||
82765da6 | 285 | $rss = new UniversalFeedCreator(); |
51ff3226 | 286 | $rss->title = $node['node_name']; |
287 | $rss->description = ""; | |
b6e35197 | 288 | $rss->link = "http://".SYSTEM_URL."/id/".$node['node_id']; |
51ff3226 | 289 | |
290 | // K list | |
291 | if ($_GET['node_id']=='15') | |
292 | { | |
293 | require_once(SMARTY_PLUGIN_DIR.'/function.get_k.php'); | |
294 | smarty_function_get_k(array(), $smarty); | |
295 | $_items = $smarty->get_template_vars('get_k'); | |
296 | } | |
297 | else | |
298 | { | |
299 | require_once(SMARTY_PLUGIN_DIR.'/function.get_children.php'); | |
300 | smarty_function_get_children( | |
301 | array('orderby' => 'desc', 'orderby_type' => 'time'), $smarty); | |
302 | $_items = $smarty->get_template_vars('get_children'); | |
303 | } | |
304 | ||
305 | foreach ($_items as $_item) | |
306 | { | |
82765da6 | 307 | $item = new FeedItem(); |
51ff3226 | 308 | $item->title = $_item['node_name']; |
b6e35197 | 309 | $item->link = "http://".SYSTEM_URL."/id/".$_item['node_id']; |
51ff3226 | 310 | $item->description = $_item['node_content']; |
311 | $rss->addItem($item); | |
312 | } | |
313 | } | |
314 | ||
315 | if ($permissions['r']) $rss->showFeed($_feedType); | |
316 | exit(); | |
317 | } | |
318 | ||
65c78def | 319 | |
51ff3226 | 320 | _checkPermissions(); |
321 | ||
322 | //entering the node | |
323 | ||
51ff3226 | 324 | if (($permissions['r']) || ($event != 'register')) { |
325 | ||
5b9c0808 | 326 | //performing node_events (based on update/insert/delete db queries) |
327 | if ($event) { | |
328 | require(INCLUDE_DIR.'eventz.inc'); | |
329 | } | |
51ff3226 | 330 | |
5b9c0808 | 331 | //end of performing node events |
51ff3226 | 332 | } |
333 | ||
51ff3226 | 334 | |
335 | // output buffering forcing (mx) | |
336 | if (!empty($_POST['FORCE_OB']) && $_POST['FORCE_OB'] == 'true') ob_end_flush(); | |
337 | ||
338 | ?> |