[mirrors/Kyberia-bloodline.git] / wwwroot / nodes.php

<?php
//requiring main config file with path/database etc. constants
require_once('config/config.inc'); 

//Ask for auth if enabled...
//if(isset($realm) && isset($users)) require_once(INCLUDE_DIR.'http_auth.php'); 

//starting timer for benchmarking purposes
$timer_start=Time()+SubStr(MicroTime(),0,8);
//setting PHPSESSID cookie and starting user session

//error reporting has to be before session_start
error_reporting(-1);
ini_set('display_errors','On');
session_start();

@ini_set('magic_quotes_gpc' , 'off');
if(get_magic_quotes_gpc()) {
	die("Error: magic_quotes_gpc needs to be disabled! F00K!\n");
}

//Smarty from DB
$smarty_resource = 'kyberia';

//connecting to database and creating universal $db object
//require_once(INCLUDE_DIR.'senate.inc'); // in config already
require_once(INCLUDE_DIR.'log.inc');
require_once(INCLUDE_DIR.'ubik.inc');
require_once(INCLUDE_DIR.'nodes.inc');
require_once(INCLUDE_DIR.'error_messages.inc');
require_once(INCLUDE_DIR.'database.inc');
require_once(INCLUDE_DIR.'transports.inc');

$db = new CLASS_DATABASE();

switch(true) {
	case preg_match('/id\/([0-9]+)(?:\/([a-zA-Z0-9]+)\/?)?/',$_SERVER['PATH_INFO'],$match):
		$_GET['node_id']=$match[1];
		if (!empty($match[2])) {
			$_GET['template_id']=$match[2];
		}
		//Base36
/*
		if(!count($_POST) && !(isset($_GET['template_id']) && $_GET['template_id'] == 'download')) { //Fix ugly download hack...
			header('Location: /k/'.base_convert($_GET['node_id'], 10, 36).
				(isset($_GET['template_id'])?'/'.base_convert($_GET['template_id'], 10, 36):'')
			);
			die("Die!!! All Fascists Are Bastards...\n")
		}
*/
		break;

	case preg_match('/k\/([a-z0-9]{1,7})(?:\/([a-z0-9]+))?/',$_SERVER['PATH_INFO'],$match):
		$_GET['node_id']=base_convert($match[1], 36, 10);
		if (!empty($match[2])) {
			$_GET['template_id']=$match[2];
		}
		break;
	case preg_match('/name\/(.*?)\/?$/',$_SERVER['PATH_INFO'],$match):
		$_GET['node_id']  = nodes::getNodeIdByName($match[1]);
		break;
	case preg_match('/search\/(.*?)\/?$/',$_SERVER['PATH_INFO'],$match):
		//$query  = nodes::getNodeIdByName($match[1]);
		//XXX TODO: Predat searchi az bude fungovat
		break;
	case preg_match('/\/(.+)\/?$/',$_SERVER['PATH_INFO'],$match):
		$_GET['node_id']  = nodes::getNodeIdByName($match[1]);
		break;
	default:
		$_GET['node_id']=1; //WELCOME_NODE
		break;
}


if (!empty($_GET['template_id'])) {
	$template_id=$_GET['template_id'];
} else {
	$template_id=false;
}

error_reporting(E_ALL);
//use wwwroot/debugswitch.php (from Your browser) to switch debugging on/off 
if(isset($_SESSION['debugging']) && $_SESSION['debugging']) {
    ini_set('display_errors','On');
    echo 'GET VARIABLES::<br/>';
    print_r($_GET);
    echo 'POST VARIABLES::<br/>';
    print_r($_POST);
    echo 'FILES VARIABLES::<br/>';
    print_r($_FILES);    
    echo '<b>SESSION VARIABLES::</b><br/>';
    print_r($_SESSION);
} else {
	$_SESSION['debugging']=false;
	set_error_handler('logger::error_handler');
}

require_once(INCLUDE_DIR.'logout_idle.inc'); //Logout when idle

//initializing node
$node = nodes::getNodeById($_GET['node_id'],(isset($_SESSION['user_id']))?$_SESSION['user_id']:'');

//XXX Paths are wrong (!)
//loading smarty template engine and setting main parameters
require(SMARTY_DIR.'Smarty.class.php');
$smarty = new Smarty;
require(INCLUDE_DIR.'smarty/resource.kyberia.php');
$smarty->default_resource_type=$smarty_resource;

//$smarty->php_handling = SMARTY_PHP_REMOVE; //XXX
$smarty->template_dir = TEMPLATE_DIR;
//echo TEMPLATE_DIR.TEMPLATE_SET;
//echo $smarty->template_dir;
$smarty->compile_dir = SYSTEM_DATA.'templates_c/';
$smarty->config_dir = SMARTY_DIR.'configs/'; //XXX neexistuje
$smarty->cache_dir = SMARTY_DIR.'cache/';
$smarty->plugins_dir = SMARTY_PLUGIN_DIR ;
if (isset($_SESSION['debugging']) && $_SESSION['debugging']) $smarty->debugging=true;

// initializing variables
// preg_replace prevents LFI
if (empty($_POST['event'])) $event='display';
else $event= preg_replace( "![^a-zA-Z0-9_]+!", "", $_POST['event']);


if (isset($_SESSION['debugging']) && $_SESSION['debugging']) {
	echo "<pre><b>NODE::";
	print_r($node);
	echo "</pre>";
}

if ((isset($_SESSION['user_id']) && ($node['node_creator']==$_SESSION['user_id']))) {
	$node['node_permission']='owner';
}

if (isset($_SESSION['cube_vector']) && ($_SESSION['cube_vector'])) {
	if (strpos($node['node_vector'],$_SESSION['cube_vector'])===false) {
		echo "node::".$node['node_vector'];
		echo "cube_Vector::".$_SESSION['cube_vector'];
		echo "you are out of allowed cwbe. access forbidden";
		die();
	}
}

#@include_once(INCLUDE_DIR.'mail_rss.inc'); //haluz...

//checking permissions
include_once(BACKEND_DIR.'/'.DB_TYPE.'/permissions.inc');
$permissions=permissions::checkPerms($node);
if (!empty($_SESSION['debugging']) && $_SESSION['debugging']) {
	print_r($permissions);
}


// DO NOT MESS WITH THIS !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
//creating neural network
if  (preg_match('/id\/(\d+)/',isset($_SERVER['HTTP_REFERER'])? $_SERVER['HTTP_REFERER'] : "",$match)) {
	$referer_id=$match[1];
} elseif (preg_match('/k\/([a-z0-9]{1,7})/',isset($_SERVER['HTTP_REFERER'])? $_SERVER['HTTP_REFERER'] : "",$match)) {
	$referer_id=base_convert($match[1], 36, 10);
} elseif (preg_match('/name\/(.*?)\/?$/',isset($_SERVER['HTTP_REFERER'])? $_SERVER['HTTP_REFERER'] : "",$match)) {
	$referer_id  = nodes::getNodeIdByName($match[1]);
}

$db->update("update nodes set node_views=node_views+1 where node_id='".$node['node_id']."'");
if (isset($referer_id) && is_numeric($referer_id)) {
	$q="update neurons set synapse=synapse+1 where dst='".$node['node_id']."' and src='$referer_id'";
	$result=$db->update($q);
	if (!$result) {
		$q="insert into neurons set synapse_creator='".$_SESSION['user_id']."',dst='".$node['node_id']."',src='$referer_id',synapse=1";
		$db->query($q);
		}
} else {
	logger::log('enter',$node['node_id'],'failed');
}


//entering the node (executing the eventz)
if (($permissions['r']) || ($event != 'register')) {
	//performing node_events (based on update/insert/delete db queries)
	if ($event) {
		require(INCLUDE_DIR.'eventz.inc');
	}
}

?>
Commit	Line	Data
	1	<?php
	2	//requiring main config file with path/database etc. constants
	3	require_once('config/config.inc');
	4
	5	//Ask for auth if enabled...
	6	//if(isset($realm) && isset($users)) require_once(INCLUDE_DIR.'http_auth.php');
	7
	8	//starting timer for benchmarking purposes
	9	$timer_start=Time()+SubStr(MicroTime(),0,8);
	10	//setting PHPSESSID cookie and starting user session
	11
	12	//error reporting has to be before session_start
	13	error_reporting(-1);
	14	ini_set('display_errors','On');
	15	session_start();
	16
	17	@ini_set('magic_quotes_gpc' , 'off');
	18	if(get_magic_quotes_gpc()) {
	19	die("Error: magic_quotes_gpc needs to be disabled! F00K!\n");
	20	}
	21
	22	//Smarty from DB
	23	$smarty_resource = 'kyberia';
	24
	25	//connecting to database and creating universal $db object
	26	//require_once(INCLUDE_DIR.'senate.inc'); // in config already
	27	require_once(INCLUDE_DIR.'log.inc');
	28	require_once(INCLUDE_DIR.'ubik.inc');
	29	require_once(INCLUDE_DIR.'nodes.inc');
	30	require_once(INCLUDE_DIR.'error_messages.inc');
	31	require_once(INCLUDE_DIR.'database.inc');
	32	require_once(INCLUDE_DIR.'transports.inc');
	33
	34	$db = new CLASS_DATABASE();
	35
	36	switch(true) {
	37	case preg_match('/id\/([0-9]+)(?:\/([a-zA-Z0-9]+)\/?)?/',$_SERVER['PATH_INFO'],$match):
	38	$_GET['node_id']=$match[1];
	39	if (!empty($match[2])) {
	40	$_GET['template_id']=$match[2];
	41	}
	42	//Base36
	43	/*
	44	if(!count($_POST) && !(isset($_GET['template_id']) && $_GET['template_id'] == 'download')) { //Fix ugly download hack...
	45	header('Location: /k/'.base_convert($_GET['node_id'], 10, 36).
	46	(isset($_GET['template_id'])?'/'.base_convert($_GET['template_id'], 10, 36):'')
	47	);
	48	die("Die!!! All Fascists Are Bastards...\n")
	49	}
	50	*/
	51	break;
	52
	53	case preg_match('/k\/([a-z0-9]{1,7})(?:\/([a-z0-9]+))?/',$_SERVER['PATH_INFO'],$match):
	54	$_GET['node_id']=base_convert($match[1], 36, 10);
	55	if (!empty($match[2])) {
	56	$_GET['template_id']=$match[2];
	57	}
	58	break;
	59	case preg_match('/name\/(.*?)\/?$/',$_SERVER['PATH_INFO'],$match):
	60	$_GET['node_id'] = nodes::getNodeIdByName($match[1]);
	61	break;
	62	case preg_match('/search\/(.*?)\/?$/',$_SERVER['PATH_INFO'],$match):
	63	//$query = nodes::getNodeIdByName($match[1]);
	64	//XXX TODO: Predat searchi az bude fungovat
	65	break;
	66	case preg_match('/\/(.+)\/?$/',$_SERVER['PATH_INFO'],$match):
	67	$_GET['node_id'] = nodes::getNodeIdByName($match[1]);
	68	break;
	69	default:
	70	$_GET['node_id']=1; //WELCOME_NODE
	71	break;
	72	}
	73
	74
	75
	76	if (!empty($_GET['template_id'])) {
	77	$template_id=$_GET['template_id'];
	78	} else {
	79	$template_id=false;
	80	}
	81
	82	error_reporting(E_ALL);
	83	//use wwwroot/debugswitch.php (from Your browser) to switch debugging on/off
	84	if(isset($_SESSION['debugging']) && $_SESSION['debugging']) {
	85	ini_set('display_errors','On');
	86	echo 'GET VARIABLES::<br/>';
	87	print_r($_GET);
	88	echo 'POST VARIABLES::<br/>';
	89	print_r($_POST);
	90	echo 'FILES VARIABLES::<br/>';
	91	print_r($_FILES);
	92	echo '<b>SESSION VARIABLES::</b><br/>';
	93	print_r($_SESSION);
	94	} else {
	95	$_SESSION['debugging']=false;
	96	set_error_handler('logger::error_handler');
	97	}
	98
	99	require_once(INCLUDE_DIR.'logout_idle.inc'); //Logout when idle
	100
	101	//initializing node
	102	$node = nodes::getNodeById($_GET['node_id'],(isset($_SESSION['user_id']))?$_SESSION['user_id']:'');
	103
	104	//XXX Paths are wrong (!)
	105	//loading smarty template engine and setting main parameters
	106	require(SMARTY_DIR.'Smarty.class.php');
	107	$smarty = new Smarty;
	108	require(INCLUDE_DIR.'smarty/resource.kyberia.php');
	109	$smarty->default_resource_type=$smarty_resource;
	110
	111	//$smarty->php_handling = SMARTY_PHP_REMOVE; //XXX
	112	$smarty->template_dir = TEMPLATE_DIR;
	113	//echo TEMPLATE_DIR.TEMPLATE_SET;
	114	//echo $smarty->template_dir;
	115	$smarty->compile_dir = SYSTEM_DATA.'templates_c/';
	116	$smarty->config_dir = SMARTY_DIR.'configs/'; //XXX neexistuje
	117	$smarty->cache_dir = SMARTY_DIR.'cache/';
	118	$smarty->plugins_dir = SMARTY_PLUGIN_DIR ;
	119	if (isset($_SESSION['debugging']) && $_SESSION['debugging']) $smarty->debugging=true;
	120
	121	// initializing variables
	122	// preg_replace prevents LFI
	123	if (empty($_POST['event'])) $event='display';
	124	else $event= preg_replace( "![^a-zA-Z0-9_]+!", "", $_POST['event']);
	125
	126
	127	if (isset($_SESSION['debugging']) && $_SESSION['debugging']) {
	128	echo "<pre><b>NODE::";
	129	print_r($node);
	130	echo "</pre>";
	131	}
	132
	133	if ((isset($_SESSION['user_id']) && ($node['node_creator']==$_SESSION['user_id']))) {
	134	$node['node_permission']='owner';
	135	}
	136
	137	if (isset($_SESSION['cube_vector']) && ($_SESSION['cube_vector'])) {
	138	if (strpos($node['node_vector'],$_SESSION['cube_vector'])===false) {
	139	echo "node::".$node['node_vector'];
	140	echo "cube_Vector::".$_SESSION['cube_vector'];
	141	echo "you are out of allowed cwbe. access forbidden";
	142	die();
	143	}
	144	}
	145
	146	#@include_once(INCLUDE_DIR.'mail_rss.inc'); //haluz...
	147
	148	//checking permissions
	149	include_once(BACKEND_DIR.'/'.DB_TYPE.'/permissions.inc');
	150	$permissions=permissions::checkPerms($node);
	151	if (!empty($_SESSION['debugging']) && $_SESSION['debugging']) {
	152	print_r($permissions);
	153	}
	154
	155
	156
	157	// DO NOT MESS WITH THIS !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
	158	//creating neural network
	159	if (preg_match('/id\/(\d+)/',isset($_SERVER['HTTP_REFERER'])? $_SERVER['HTTP_REFERER'] : "",$match)) {
	160	$referer_id=$match[1];
	161	} elseif (preg_match('/k\/([a-z0-9]{1,7})/',isset($_SERVER['HTTP_REFERER'])? $_SERVER['HTTP_REFERER'] : "",$match)) {
	162	$referer_id=base_convert($match[1], 36, 10);
	163	} elseif (preg_match('/name\/(.*?)\/?$/',isset($_SERVER['HTTP_REFERER'])? $_SERVER['HTTP_REFERER'] : "",$match)) {
	164	$referer_id = nodes::getNodeIdByName($match[1]);
	165	}
	166
	167	$db->update("update nodes set node_views=node_views+1 where node_id='".$node['node_id']."'");
	168	if (isset($referer_id) && is_numeric($referer_id)) {
	169	$q="update neurons set synapse=synapse+1 where dst='".$node['node_id']."' and src='$referer_id'";
	170	$result=$db->update($q);
	171	if (!$result) {
	172	$q="insert into neurons set synapse_creator='".$_SESSION['user_id']."',dst='".$node['node_id']."',src='$referer_id',synapse=1";
	173	$db->query($q);
	174	}
	175	} else {
	176	logger::log('enter',$node['node_id'],'failed');
	177	}
	178
	179
	180
	181	//entering the node (executing the eventz)
	182	if (($permissions['r']) \|\| ($event != 'register')) {
	183	//performing node_events (based on update/insert/delete db queries)
	184	if ($event) {
	185	require(INCLUDE_DIR.'eventz.inc');
	186	}
	187	}
	188
	189	?>