2 require_once('config/config.inc'); //requiring main config file with path/database etc. constants
3 if(isset($realm) && isset($users)) require_once(INCLUDE_DIR
.'http_auth.php'); //Ask for auth if enabled...
4 //echo($_SERVER['PATH_INFO']."\n<pre>"); var_dump(preg_split('/\//', $_SERVER['PATH_INFO'])); die(); //PATH_INFO Debug (usefull when messing with mod_rewrite)
5 // output buffering forcing (mx)
6 if (!empty($_POST['FORCE_OB']) && $_POST['FORCE_OB'] == 'true') ob_start();
8 //header("Location: http://web.archive.org/web/20020925021139/http://kyberia.sk");
9 //echo "je to uz uplne v pici. vsetky data su stratene, prajem pekny den :)";
12 //starting timer for benchmarking purposes
13 $timer_start=Time()+
SubStr(MicroTime(),0,8);
14 //setting PHPSESSID cookie and starting user session
18 //$_SESSION['debugging']=1;
19 //unset($_SESSION['debugging']); //Well... we should make some event or JavaScript page to turning this on/off...
23 if ($_SESSION['debugging']) {
25 error_reporting(E_ALL
);
26 echo 'GET VARIABLES::<br/>';
28 echo 'POST VARIABLES::<br/>';
30 echo '<b>SESSION VARIABLES::</b><br/>';
34 @ini_set
('magic_quotes_gpc' , 'off');
35 if(get_magic_quotes_gpc()) die("Error: magic_quotes_gpc needs to be disabled! F00K!\n");
38 $smarty_resource = 'kyberia';
39 //$smarty_resource = ''; //same as 'file' (fallback)
40 /* I have moved old templates to DB using following lame script:
41 * for i in *.tpl; do j=$(echo "$i" | cut -d . -f 1); echo UPDATE nodes SET node_content = "'$(php -r "echo mysql_escape_string(file_get_contents('$i'));")'" WHERE node_id = "'$j'" COLLATE utf8_bin LIMIT '1;'; done | mysql --user=kyberia --password=PASSSSSSS kyberia
42 * In future we should have some mechanism for distributing templates because they are very important part of kyberia source...
45 //Path info (Experimental - this replaced most of mod_rewrites...)
46 @$PATH_INFO=trim($_SERVER[PATH_INFO
]);
47 if($PATH_INFO != '') {
48 $PATH_CHUNKS = preg_split('/\//', $PATH_INFO);
49 if(isset($PATH_CHUNKS[1])) switch($PATH_CHUNKS[1]) {
51 if(isset($PATH_CHUNKS[2]) && $PATH_CHUNKS[2] != '') $_GET['node_kid'] = $PATH_CHUNKS[2];
52 if(isset($PATH_CHUNKS[3]) && $PATH_CHUNKS[3] != '') $_GET['template_kid'] = $PATH_CHUNKS[3];
55 if(isset($PATH_CHUNKS[2]) && $PATH_CHUNKS[2] != '') $_GET['node_id'] = $PATH_CHUNKS[2];
56 if(isset($PATH_CHUNKS[3]) && $PATH_CHUNKS[3] != '') $_GET['template_id'] = $PATH_CHUNKS[3];
58 //Base36 fascism redirect
59 if($_GET['template_id'] == 'download') break; //Fix ugly download hack...
61 header('Location: /k/'.base_convert($_GET['node_id'], 10, 36).
62 (isset($_GET['template_id'])?
'/'.base_convert($_GET['template_id'], 10, 36):'')
64 die("Base36 fascism...\n"); //If you want to be a fascist you have to die imediatelly...
69 if($PATH_CHUNKS[1] != '') $_GET['node_name'] = $PATH_CHUNKS[1];
70 if(isset($PATH_CHUNKS[2]) && $PATH_CHUNKS[2] != '') $_GET['template_kid'] = $PATH_CHUNKS[2];
75 (!isset($_GET['node_kid']) ||
trim($_GET['node_kid']) == '') &&
76 (!isset($_GET['node_id']) ||
trim($_GET['node_id']) == '')
77 ) $_GET['node_kid'] = 1;
79 //Base36 http://en.wikipedia.org/wiki/Base_36 (Initial support only :-)
80 if(isset($_GET['node_kid'])) $_GET['node_id'] = base_convert($_GET['node_kid'], 36, 10);
81 if(isset($_GET['template_kid'])) $_GET['template_id'] = base_convert($_GET['template_kid'], 36, 10);
83 require(INCLUDE_DIR
.'senate.inc');
85 if (isset($_SERVER['HTTP_REFERER'])) {
86 preg_match('/(k|id)\/([0-9]*)\//',$_SERVER['HTTP_REFERER'],$ref_match);
87 $referer_id=$ref_match[1];
90 //connecting to database and creating universal $db object
91 require(INCLUDE_DIR
.'log.inc');
92 require(INCLUDE_DIR
.'ubik.inc');
93 require(INCLUDE_DIR
.'nodes.inc');
94 require(INCLUDE_DIR
.'error_messages.inc');
95 require(INCLUDE_DIR
.'database.inc');
97 $db = new CLASS_DATABASE();
99 if (!empty($_GET['template_id'])) {
100 $template_id=$_GET['template_id'];
105 //initializing node methods
106 if (!empty($_GET['node_name'])) {
107 $node = nodes
::redirByName($_GET['node_name']);
108 } elseif (!empty($_GET['node_id'])) {
109 $node = nodes
::getNodeById($_GET['node_id'],
110 (isset($_SESSION['user_id']))?
$_SESSION['user_id']:'');
113 //XXX Paths are wrong (!)
114 //loading smarty template engine and setting main parameters
115 require(SMARTY_DIR
.'Smarty.class.php');
116 $smarty = new Smarty
;
117 require(INCLUDE_DIR
.'smarty/resource.kyberia.php');
118 $smarty->default_resource_type
=$smarty_resource;
120 //$smarty->php_handling = SMARTY_PHP_REMOVE; //XXX
121 $smarty->template_dir
= TEMPLATE_DIR
;
122 //echo TEMPLATE_DIR.TEMPLATE_SET;
123 //echo $smarty->template_dir;
124 $smarty->compile_dir
= SYSTEM_DATA
.'templates_c/';
125 $smarty->config_dir
= SMARTY_DIR
.'configs/'; //XXX neexistuje
126 $smarty->cache_dir
= SMARTY_DIR
.'cache/';
127 $smarty->plugins_dir
= SMARTY_PLUGIN_DIR
;
128 if ($_SESSION['debugging']) $smarty->debugging
=true;
130 // initializing variables
131 // preg_replace prevents LFI
132 if (empty($_POST['event'])) $event=false;
133 else $event= preg_replace( "![^a-zA-Z0-9_]+!", "", $_POST['event']);
136 if ($_SESSION['debugging']) {
137 echo "<pre><b>NODE::";
142 if ((isset($_SESSION['user_id']) && ($node['node_creator']==$_SESSION['user_id']))) {
143 $node['node_permission']='owner';
146 if (isset($_SESSION['cube_vector']) && ($_SESSION['cube_vector'])) {
147 if (strpos($node['node_vector'],$_SESSION['cube_vector'])===false) {
148 echo "node::".$node['node_vector'];
149 echo "cube_Vector::".$_SESSION['cube_vector'];
150 echo "you are out of allowed cwbe. access forbidden";
155 //if not existent node show our own 404
157 $nodes= nodes
::getNodesByName($_GET['node_name']);
159 $smarty->assign('nodes',$nodes);
160 $content=$smarty->display('404.tpl');
163 elseif ($_SESSION['user_id']) {
164 $smarty->assign('node_name',$_GET['node_name']);
165 $content=$smarty->display("modules/addnode.tpl");
169 //modifying node glass pearl //XXX WTF
170 //if (is_array($children_types[$node['node_type']])) {
171 // $smarty->assign('children_types',$children_types[$node['node_type']]);
174 //smarty->assign('types',$types);
177 //$node['node_type']=$types[$node['node_type']];
178 /* This should NOT BE HANDLED HERE! This breaks things...
179 $node['node_content']= StripSlashes($node['node_content']);
180 $node['node_name']= StripSlashes($node['node_name']);
183 //checking permissions
184 function _checkPermissions()
186 global $permissions, $node;
188 require(INCLUDE_DIR
.'permissions.inc');
189 $permissions=permissions
::checkPermissions($node);
190 $permissions['h']=permissions
::isHierarch($node);
194 if ($template_id=='rss') //XXX WHAT?
196 $_feedType = "RSS0.91";
197 if (!is_numeric($_SESSION['user_id']))
199 if (!isset($_SERVER['PHP_AUTH_USER'])) {
200 header('WWW-Authenticate: Basic realm="Kyberia"');
201 header('HTTP/1.0 401 Unauthorized');
202 echo 'Cancel button';
207 require_once(EVENT_DIR
.'/login.inc');
208 $_POST['login'] = $_SERVER['PHP_AUTH_USER'];
209 $_POST['password'] = $_SERVER['PHP_AUTH_PW'];
210 $_POST['login_type'] = "name";
213 echo "Zle meno/heslo.";
222 if ($_GET['node_id']==='24' && $permissions['r'])
224 require_once(INCLUDE_DIR
.'/feedcreator.class.php');
226 $rss = new UniversalFeedCreator();
227 $rss->title
= "Kyberia mail";
228 $rss->description
= "";
229 $rss->link
= "https://". SYSTEM_URL
. "/id/24";
232 $query = "select date_format(mail.mail_timestamp,\"%e.%c. %k:%i:%s\") as cas,
233 userfrom.user_action as locationfrom_action,
234 userfrom.user_action_id as locationfrom_action_id,
235 userto.user_action as locationto_action,
236 userto.user_action_id as locationto_action_id,
237 userto.login as mail_to_name, userfrom.login as mail_from_name,
238 mail.* from mail left join users as userfrom on
239 mail_from=userfrom.user_id left join users as userto on mail_to=userto.user_id
240 where mail_user='$_SESSION[user_id]' and mail_to='$_SESSION[user_id]' order by mail_id desc limit 0,10";
242 $set = $db->query($query);
244 while($set->next()) {
245 $m = $set->getRecord();
246 if ($m['mail_to'] != $_SESSION['user_id'])
248 $item = new FeedItem();
249 $item->title
= $m['mail_from_name'];
250 $item->link
= "https://".SYSTEM_URL
."/id/24";
251 $item->description
= $m['mail_text'];
252 $rss->addItem($item);
256 elseif ($_GET['node_id']=='19' && $permissions['r'])
258 require_once(INCLUDE_DIR
.'/feedcreator.class.php');
260 $rss = new UniversalFeedCreator();
261 $rss->title
= "Kyberia bookmarks";
262 $rss->link
= "http://".SYSTEM_URL
."/id/19"; //XXX https ?
264 require_once(SMARTY_PLUGIN_DIR
.'/function.get_bookmarks.php');
265 smarty_function_get_bookmarks(array(), $smarty);
266 $_items = $smarty->get_template_vars('get_bookmarks');
267 foreach ($_items as $_item)
269 if (is_array($_item['children']))
270 foreach ($_item['children'] as $_b)
272 $item = new FeedItem();
273 $item->title
= $_b['node_name'];
274 $item->link
= "http://".SYSTEM_URL
."/id/".$_b['node_id']."/rss";
275 $rss->addItem($item);
280 elseif ($permissions['r'])
282 require_once(INCLUDE_DIR
.'/feedcreator.class.php');
284 $rss = new UniversalFeedCreator();
285 $rss->title
= $node['node_name'];
286 $rss->description
= "";
287 $rss->link
= "http://".SYSTEM_URL
."/id/".$node['node_id'];
290 if ($_GET['node_id']=='15')
292 require_once(SMARTY_PLUGIN_DIR
.'/function.get_k.php');
293 smarty_function_get_k(array(), $smarty);
294 $_items = $smarty->get_template_vars('get_k');
298 require_once(SMARTY_PLUGIN_DIR
.'/function.get_children.php');
299 smarty_function_get_children(
300 array('orderby' => 'desc', 'orderby_type' => 'time'), $smarty);
301 $_items = $smarty->get_template_vars('get_children');
304 foreach ($_items as $_item)
306 $item = new FeedItem();
307 $item->title
= $_item['node_name'];
308 $item->link
= "http://".SYSTEM_URL
."/id/".$_item['node_id'];
309 $item->description
= $_item['node_content'];
310 $rss->addItem($item);
314 if ($permissions['r']) $rss->showFeed($_feedType);
323 if (($permissions['r']) ||
($event != 'register')) {
325 //performing node_events (based on update/insert/delete db queries)
327 require(INCLUDE_DIR
.'eventz.inc');
330 elseif ($transaction) {
331 require(INCLUDE_DIR
.'transaction.inc');
333 //end of performing node events
339 if ($permissions['r']) {
341 // these 4 lines are not the source of kyberia lagging problems.
342 // leave them. started on the 10.4.
343 // data gained will be used for scientific purposes
345 // if (isset($_SESSION['user_id']) {
346 // log_levenshtein($_SESSION['user_id'],$node['node_id']);
349 if ((isset($_SESSION['user_id'])) && ($_SESSION['user_id'])) {
350 $q="insert delayed into levenshtein set user_id='".$_SESSION['user_id']."',node_id='".$node['node_id']."'";
356 if ($node['template_id']!='2019721'){
358 logger
::log('enter',$node['node_id'],'ok',$node['node_user_subchild_count']);
359 if (!empty($_SESSION['user_id']) && is_numeric($node['node_id'])) {
360 $q="update node_access set visits=visits+1,node_user_subchild_count='0',last_visit=NOW() where node_id='".$node['node_id']."' and user_id='".$_SESSION['user_id']."'";
362 $result=$db->update($q);
365 $q="insert into node_access set user_id='".$_SESSION['user_id']."',node_id='".$node['node_id']."',last_visit=NOW()";
368 }//end of if node os css
374 // if (isset($_SESSION['user_id']) {
375 // if (isset($referer_id)) {
376 // update_nodes($_SESSION['user_id'],$node['node_id'],$referer_id);
378 // update_nodes($_SESSION['user_id'],$node['node_id'],0);
382 // DO NOT MESS WITH THIS !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
383 //creating neural network
384 $db->update("update nodes set node_views=node_views+1 where node_id='".$node['node_id']."'");
385 if (isset($referer_id) && is_numeric($referer_id)) {
386 $q="update neurons set synapse=synapse+1 where dst='".$node['node_id']."' and src='$referer_id'";
387 $result=$db->update($q);
389 $q="insert into neurons set synapse_creator='".$_SESSION['user_id']."',dst='".$node['node_id']."',src='$referer_id',synapse=1";
395 elseif (!$permissions['r'] && $_GET['magic_word']) {
396 $magic_word_big=$_GET['magic_word'];
398 if ( preg_match("/(\d+)-(.+)/",$_GET['magic_word'],$mu)) {
400 $magic_word=addslashes($mu['2']);
401 // XXX WTF column magic_word does not exists
402 $q="select login from users where user_id='$magic_uid' and magic_word='$magic_word'";
404 if ($set->getNumRows()) {
405 $permissions['r']=true;
415 logger
::log('enter',$node['node_id'],'failed');
420 //assigning user data to smarty if user logged in
421 if (isset($_SESSION['user_id'])&&($user_id=$_SESSION['user_id'])) {
422 $smarty->assign('_POST',$_POST);
423 $smarty->assign('bookmarks',$_SESSION['bookmarks']);
424 $smarty->assign('ignore',$_SESSION['ignore']);
425 $smarty->assign('bookstyl',$_SESSION['bookstyl']);
426 $smarty->assign('fook',$_SESSION['fook']);
427 $smarty->assign('user_id',$_SESSION['user_id']);
428 if (!empty($_SESSION['cube_vector']))
429 $smarty->assign('cube_vector',$_SESSION['cube_vector']);
430 $smarty->assign('friends',$_SESSION['friends']); //req by freezy, done by darkaural
431 $smarty->assign('user_quota',$_SESSION['user_quota']);
434 $newmail_q = sprintf('select u.user_mail_id
438 , ms.user_id as mail_sender_id
439 , ms.login as mail_sender
441 left join users ms on ms.user_id = u.user_mail_id
442 where u.user_id = %d',
444 $newmailset = $db->query($newmail_q);
448 $new_mail=$newmailset->getString('user_mail');
450 $newmailset2 = $db->query("select users.user_mail_id,mailsender.login
451 from users left join users as mailsender on users.user_mail_id = mailsender.user_id where users.user_id = '$user_id'");
452 $newmailset2->next();
453 $smarty->assign('new_mail',$new_mail);
454 $smarty->assign('new_mail_name',$newmailset->getString('mail_sender'));
455 $smarty->assign('new_mail_name2',$newmailset2->getString('login'));
456 $user_k=$newmailset->getString('user_k');
457 $smarty->assign('user_k',$user_k);
458 $k_wallet=$newmailset->getString('k_wallet');
459 $smarty->assign('k_wallet',$k_wallet);
460 $user_id=$_SESSION['user_id'];
463 if ($node['node_name']=='mail') {
465 //clear new mail message
467 if ($new_mail) $db->query("update users set user_mail=0 where user_id='$user_id'");
469 //set messages as delivered to recipient
470 $set=$db->query("select mail_id,mail_duplicate_id from mail where mail_user='$user_id' and mail_to='$user_id' and mail_read='no'");
471 while($set->next()) {
472 $db->query("update mail set mail_read='yes' where mail_id='".$set->getString('mail_duplicate_id')."'");
473 $db->query("update mail set mail_read='yes' where mail_id='".$set->getString('mail_id')."'");
475 $new_messages[$set->getString('mail_id')]=true;
478 if (count($new_messages)) {
479 $db->query("update mail set mail_read='yes' where mail_user='$user_id' and mail_user=mail_to and mail_read='no'");
480 $smarty->assign('new_messages',$new_messages);
489 if ($node['node_system_access']=='crypto') {
490 $smarty->assign('crypto_pass',$_SESSION['crypto'][$node['node_id']]);
493 $smarty->assign('error',$error);
494 $smarty->assign('permissions',$permissions);
495 $smarty->assign('current_vector',$node['node_vector']);
496 if ($permissions['r']) {
497 $smarty->assign('node',$node);
498 $smarty->assign('node_json',json_encode($node));
502 $smarty->assign('node',$node);
503 //new templates by Dark matter
504 $smarty->template_dir
=OWN_TEMPLATE_DIR
;
506 $smarty->display('1549864.tpl');
507 $smarty->display('1549885.tpl');
508 $smarty->display('630526.tpl');
511 //redirect to mainpage
512 // looks like poeple totaly hate this redirect!
513 // header("Location: /id/1");
518 if (($node['template_id']!='2019721') && (isset($_SESSION['user_id']))){
519 //setting user location
520 $q="update users set last_action=NOW(),user_location_vector='".$node['node_vector']."',user_action='".addslashes($node['node_name'])."',user_action_id='".$node['node_id']."' where user_id='".$_SESSION['user_id']."'";
521 $db->executequery($q);
524 $whole_time=SubStr((Time()+
SubStr(MicroTime(),0,8)-$timer_start),0,7);
525 $smarty->assign('whole_time',$whole_time);
528 if ($template_id=='download' OR $template_id=='download.jpg') {
529 if ($permissions['r']) {
530 $linkname = SYSTEM_ROOT
."/files/".$node['node_id'];
531 $filename= readlink($linkname);
532 $suffix=preg_replace("/(.*?)\.(.*?)/i","$2",$filename);
534 $ext = substr( $filename,-3 );
535 if( $filename == "" ) {
536 echo "ERROR: Empty file to download. ";
538 } elseif ( ! file_exists( $filename ) ) {
541 switch( strtolower($ext) ){
542 case "pdf": $ctype="application/pdf"; break;
543 case "exe": $ctype="application/octet-stream"; break;
544 case "zip": $ctype="application/zip"; break;
545 case "doc": $ctype="application/msword"; break;
546 case "xls": $ctype="application/vnd.ms-excel"; break;
547 case "ppt": $ctype="application/vnd.ms-powerpoint"; break;
548 case "gif": $ctype="image/gif"; break;
549 case "png": $ctype="image/png"; break;
550 case "jpg": $ctype="image/jpg"; break;
551 default: $ctype="application/force-download";
553 $file=str_replace(" ","_",$node['node_name']).".$ext";
554 header("Pragma: public");
555 header("Expires: 0");
556 header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
557 header("Content-Type: $ctype");
558 $user_agent = strtolower ($_SERVER["HTTP_USER_AGENT"]);
559 if ((is_integer (strpos($user_agent, "msie"))) && (is_integer
560 (strpos($user_agent, "win")))) {
561 header( "Content-Disposition: filename=$file;" );
563 header( "Content-Disposition: attachment;
566 header("Content-Transfer-Encoding: binary");
567 header("Content-Length: ".filesize($filename));
568 readfile("$filename");
571 else { echo "you don't have permissions for downloading this data"; die(); }
574 if ($node['template_id']=='2019721'){
575 Header("Cache-control: max-age=3600");
577 Header("Cache-control: no-cache");
578 Header("Expires:".gmdate("D, d M Y H:i:s")." GMT");
579 header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
583 //for cases like search & preview
584 $smarty->assign('post_vars',$_POST);
585 if (!empty($_POST['template_event'])) {
586 $smarty->assign('template_event',$_POST['template_event']);
590 //setting listing parameters
591 $children_count=$node['node_children_count'];
592 $descendant_count=$node['node_descendant_count'];
594 if (isset($_POST['listing_amount']) && is_numeric($_POST['listing_amount'])) {
595 $listing_amount=mysql_real_escape_string($_POST['listing_amount']);
596 }elseif (!empty($_SESSION['listing_amount'])) $listing_amount=$_SESSION['listing_amount'];
597 else $listing_amount=DEFAULT_LISTING_AMOUNT
;
598 $smarty->assign('listing_amount',$listing_amount);
600 if (isset($_POST['listing_order']) && $_POST['listing_order']) {
601 $listing_order=mysql_real_escape_string($_POST['listing_order']);
602 } elseif (!empty($_SESSION['listing_order'])) $listing_order=$_SESSION['listing_order'];
603 else $listing_order=DEFAULT_LISTING_ORDER
;
604 $smarty->assign('listing_order',$listing_order);
606 if (isset ($_POST['get_children_offset']) && is_numeric($_POST['get_children_offset'])) {
607 $offset=$_POST['get_children_offset'];
608 } else { $offset=0; }
611 //movement forward and backward
612 // if ($listing_order=='asc' && !$offset) $offset=$descendant_count-$listing_amount;
614 if ($_POST['get_children_move']=='<') {
615 $offset=$offset-$listing_amount;
616 if ($offset<0) $offset=0;
618 elseif ($_POST['get_children_move']=='>') {
619 $offset=$offset+
$listing_amount;
621 elseif ($_POST['get_children_move']=='>>') {
622 $offset=$descendant_count-$listing_amount;
625 elseif ($_POST['get_children_move']=='<<') {
628 if ($offset<0) $offset=0;
629 $_POST['offset']=$offset;
630 $smarty->assign('offset',$offset);
633 if ($node['external_link']=='header://svg' && !is_numeric($template_id)) {
634 header("Content-Type: image/svg+xml");
638 elseif (isset($_SESSION['header_id']) && ($_SESSION['header_id']==true)) {
639 $smarty->assign('header_id',$_SESSION['header_id']);
640 $smarty->template_dir
=OWN_TEMPLATE_DIR
;
641 $content=$smarty->fetch($_SESSION['header_id'].".tpl");
642 $smarty->template_dir
= TEMPLATE_DIR
.TEMPLATE_SET
;
643 //not registered user
644 if ($_SESSION['header_id']==2091520) {
651 $smarty->template_dir
=OWN_TEMPLATE_DIR
;
653 if (is_numeric($template_id)) {
654 $content.=$smarty->fetch($template_id.".tpl");
658 $template_id=$node['template_id'];
659 $content.=$smarty->fetch($node['template_id'].".tpl");
662 if ($template_id=='2019721'){
663 $content=$smarty->fetch($template_id.".tpl");
666 $time=SubStr((Time()+
SubStr(MicroTime(),0,8)-$timer_start),0,7);
668 // echo "<center>page generation took: $time second</center>";
672 // output buffering forcing (mx)
673 if (!empty($_POST['FORCE_OB']) && $_POST['FORCE_OB'] == 'true') ob_end_flush();
This page took 3.670721 seconds and 4 git commands to generate.