2 /************************************************************************
\r
3 * MXChange v0.2.1 Start: 11/16/2003 *
\r
4 * =============== Last change: 12/13/2004 *
\r
6 * -------------------------------------------------------------------- *
\r
7 * File : mysql-connect.php *
\r
8 * -------------------------------------------------------------------- *
\r
9 * Short description : Connects to your database *
\r
10 * -------------------------------------------------------------------- *
\r
11 * Kurzbeschreibung : Verbindet zu Ihrer Datenbank *
\r
12 * -------------------------------------------------------------------- *
\r
14 * -------------------------------------------------------------------- *
\r
15 * Copyright (c) 2003 - 2007 by Roland Haeder *
\r
16 * For more information visit: http://www.mxchange.org *
\r
18 * This program is free software; you can redistribute it and/or modify *
\r
19 * it under the terms of the GNU General Public License as published by *
\r
20 * the Free Software Foundation; either version 2 of the License, or *
\r
21 * (at your option) any later version. *
\r
23 * This program is distributed in the hope that it will be useful, *
\r
24 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
\r
25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
\r
26 * GNU General Public License for more details. *
\r
28 * You should have received a copy of the GNU General Public License *
\r
29 * along with this program; if not, write to the Free Software *
\r
30 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
\r
31 * MA 02110-1301 USA *
\r
32 ************************************************************************/
\r
34 // Some security stuff...
\r
35 if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
\r
37 $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";
\r
41 // CFG: DEBUG-SQL (if enabled and DEBUG_MODE is enabled all SQL queries will be logged to debug.log)
\r
42 define('DEBUG_SQL', false);
\r
45 require_once(PATH."inc/db/lib.php");
\r
47 // Check if the user setups his MySQL stuff...
\r
48 if ((empty($MySQL['login'])) && (!mxchange_installing) && (!isset($_GET['installing'])) && (mxchange_installed))
\r
50 // No login entered and outside installation mode
\r
51 echo "<STRONG>".LANG_WARNING.":</STRONG> ";
\r
52 if (mxchange_installed)
\r
54 // You have changed my configuration file!
\r
55 die(DIE_CONFIG_CHANGED_YOU);
\r
59 // Please run the installation script (maybe again)
\r
60 die(DIE_RUN_INSTALL_MYSQL);
\r
63 elseif ((!mxchange_installing) && (!isset($_GET['installing'])) && (empty($MySQL['password'])) && (warn_no_pass))
\r
65 // No database password entered!!!
\r
66 echo "<STRONG>".LANG_WARNING.":</STRONG> ".WARN_NULL_PASSWORD;
\r
69 // Check if this file is writeable or read-only and warn the user
\r
70 if ((!mxchange_installing) && (mxchange_installed))
\r
72 // Check for write-permission for config.php and inc directory
\r
73 if (empty($GLOBALS['module'])) $GLOBALS['module'] = "index";
\r
74 if (($GLOBALS['module'] != "admin") && (admin_registered))
\r
76 if (is_INCWritable("config")) ADD_FATAL(FATAL_CONFIG_WRITABLE);
\r
77 if (is_INCWritable("dummy")) ADD_FATAL(FATAL_INC_WRITABLE);
\r
80 // Init configuration arrays
\r
84 $EXT_CSS_FILES = array();
\r
86 // Load general stuff, like...
\r
87 require_once(PATH."inc/extensions.php"); // Extension management
\r
88 require_once(PATH."inc/functions.php"); // Non-database functions
\r
89 require_once(PATH."inc/databases.php"); // Several hard-coded databases (arrays, constants)
\r
91 if ((!empty($MySQL['host'])) && (!empty($MySQL['login'])) && (!empty($MySQL['password'])) && (!empty($MySQL['dbase'])))
\r
94 $link = SQL_CONNECT($MySQL['host'], $MySQL['login'], $MySQL['password'], __FILE__, __LINE__);
\r
97 $db = SQL_SELECT_DB($MySQL['dbase'], $link, __FILE__, __LINE__);
\r
100 // Load configuration stuff 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34
\r
101 $result = SQL_QUERY("SELECT pass_len, points_register, points_ref, least_cats, check_double_email, check_double_pass, admin_notify, url_tlock, test_text, max_tlength, test_subj, autosend_active, max_send, url_blacklist, auto_purge, auto_purge_active, last_update, unconfirmed, profile_lock, online_timeout, mad_timestamp, mad_count, profile_update, send_prof_update, resend_profile_update, code_length, patch_level, patch_ctime, guest_stats, ref_payout, activate_xchange, order_multi_page, display_refid, ip_timeout, allow_direct_pay, config FROM "._MYSQL_PREFIX."_config WHERE config='0' LIMIT 1", __FILE__, __LINE__);
\r
103 if (SQL_NUMROWS($result) == 1)
\r
105 // Load data when previous SQL query did not fail
\r
106 if ($result) $DUMMY = SQL_FETCHROW($result);
\r
108 // We copy the fetched data to the CONFIG array (or can you remember which number is for which config value??? ;-) )
\r
110 'pass_len' => $DUMMY[0], // Minimum password length
\r
111 'points_register' => $DUMMY[1], // How many points the new member gets on registration
\r
112 'points_ref' => $DUMMY[2], // How many points a members gets on direct referral
\r
113 'least_cats' => $DUMMY[3], // Minimum number of categories to be selected
\r
114 'dbl_email' => $DUMMY[4], // Shall we check if the email address is already in out database?
\r
115 'dbl_pass' => $DUMMY[5], // Shall we - silencly - check if another user is using the same password?
\r
116 'admin_notify' => $DUMMY[6], // Shall I notify the admin if a member has changed his profile?
\r
117 'url_tlock' => $DUMMY[7], // Time in seconds to lock same ordered URL
\r
118 'test_text' => $DUMMY[8], // Shall I test the text against URLs?
\r
119 'max_tlength' => $DUMMY[9], // How long shall the ordered text be?
\r
120 'test_subj' => $DUMMY[10], // Shall I test the subject against URLs?
\r
121 'autosend_active' => $DUMMY[11], // Active / Deactive auto-send feature? (currently disabled feature)
\r
122 'max_send' => $DUMMY[12], // How many shall I send in one time from the pool?
\r
123 'url_blacklist' => $DUMMY[13], // Shall I enable or disable the URL black-list feature?
\r
124 'auto_purge' => $DUMMY[14], // How many days shall mails stay in stats table? (disabled!)
\r
125 'ap_active' => $DUMMY[15], // Shall auto-purge be enabled or disbaled? (disabled!)
\r
126 'last_update' => $DUMMY[16], // Last update when reset on database was
\r
127 'unconfirmed' => $DUMMY[17], // How many unconfirmed mails shall I allow to order new mails?
\r
128 'profile_lock' => $DUMMY[18], // Time in seconds to keep a member's profile write-protected after he changes something
\r
129 'online_timeout' => $DUMMY[19], // Session expiration in online list
\r
130 'profile_update' => $DUMMY[22], // How many seconds between profile update notification?
\r
131 'send_update' => $DUMMY[23], // Shall I send profile update notifications to your members?
\r
132 'prof_reupdate' => $DUMMY[24], // Seconds between re-notifications for profile update?
\r
133 'code_length' => $DUMMY[25], // Length of the code the member has to re-type
\r
134 'patch_level' => $DUMMY[26], // Installed patch level in database
\r
135 'patch_ctime' => $DUMMY[27], // Latest patch file
\r
136 'gstats_mode' => $DUMMY[28], // Guest statistics mode: About your members, module clicks or inactive
\r
137 'ref_payout' => $DUMMY[29], // After how many confirmed mails shall the referral bonus be paid? (0 = disable feature)
\r
138 'activate_system' => $DUMMY[30], // Automatic activation of your exchange after x days (0 = disable feature)
\r
139 'order_multi' => $DUMMY[31], // Shall I activate multiple pages in order form? This will enable sending by ZIP code
\r
140 'display_refid' => $DUMMY[32], // Shall I display the refid in registration form or not?
\r
141 'ip_timeout' => $DUMMY[33], // Timeout for same IP number in registration form
\r
142 'direct_pay' => $DUMMY[34], // Shall I pay "clicked" points directly or not? Not is default.
\r
146 // Initialize include-file-pool
\r
147 $INC_POOL = array();
\r
149 // Load more include files
\r
150 require_once(PATH."inc/mysql-manager.php"); // Functions which interact with the database
\r
153 if ((date("d", $CONFIG['last_update']) != date("d", time()) || (DEBUG_MODE == true)) && (!mxchange_installing) && (mxchange_installed) && (admin_registered) && (!isset($_GET['register'])) && ($CSS != 1))
\r
155 // Do daily things in external PHP file but only when script is completely setup
\r
156 $INC_POOL[] = PATH."inc/reset/reset_daily.php";
\r
158 // Daily reset was run!
\r
159 define('__DAILY_RESET', "1");
\r
162 // Load all extensions
\r
163 require_once(PATH."inc/load_extensions.php");
\r
165 // Loading patching system is required here...
\r
166 require_once(PATH."inc/patch-system.php"); // Initialize patch system
\r
168 // Functions which are related to themes
\r
169 require_once(PATH."inc/theme-manager.php");
\r
171 // Initialize session management
\r
172 require_once(PATH."inc/session.php");
\r
174 // Load admin include file if he is admin
\r
177 // Administrative functions
\r
178 require_once(PATH."inc/modules/admin/admin-inc.php");
\r
182 if (($CSS != 1) && ($CSS != -1))
\r
184 if (empty($GLOBALS['module'])) $GLOBALS['module'] = "empty";
\r
185 if (empty($GLOBALS['what'])) $GLOBALS['what'] = GET_WHAT($GLOBALS['module']);
\r
186 if (empty($GLOBALS['action'])) $GLOBALS['action'] = GET_ACTION($GLOBALS['module'], $GLOBALS['what']);
\r
190 // Set action/what to empty
\r
191 $GLOBALS['action'] = "";
\r
192 $GLOBALS['what'] = "";
\r
195 // Secure and validate user ID from cookie
\r
196 UPDATE_LOGIN_DATA();
\r
199 if (empty($_COOKIE['PHPSESSID'])) $_COOKIE['PHPSESSID'] = session_id();
\r
201 // Update online list
\r
202 UPDATE_ONLINE_LIST($_COOKIE['PHPSESSID'], $GLOBALS['module'], $GLOBALS['action'], $GLOBALS['what']);
\r
205 $CurrTheme = GET_CURR_THEME();
\r
207 // Set default 'what' value
\r
208 //* DEBUG */ echo "-".$GLOBALS['module']."/".$GLOBALS['what']."-<br />\n";
\r
209 if ((empty($GLOBALS['what'])) && (empty($GLOBALS['action'])) && ($CSS != 1) && ($CSS != -1))
\r
211 if ($GLOBALS['module'] == "admin")
\r
213 // Set 'action' value to 'login' in admin menu
\r
214 $GLOBALS['action'] = GET_ACTION($GLOBALS['module'], $GLOBALS['what']);
\r
216 elseif (($GLOBALS['module'] == "index") || ($GLOBALS['module'] == "login"))
\r
218 // Set 'what' value to 'welcome' in guest and member menu
\r
219 $GLOBALS['what'] = "welcome";
\r
220 if (!empty($CONFIG['index_home'])) $GLOBALS['what'] = $CONFIG['index_home'];
\r
224 // Anything else like begging link
\r
225 $GLOBALS['what'] = "";
\r
229 // Update sending pool
\r
230 if (($CSS != "1") && ($CSS != "-1")) require_once(PATH."inc/pool-update.php"); // Sends out mails in configureable steps
\r
232 // Load all active extension including language files when not upgrading.
\r
233 // Check module for testing and count one click
\r
234 $dummy = CHECK_MODULE($GLOBALS['module']);
\r
235 if ($dummy == "done") COUNT_MODULE($GLOBALS['module']);
\r
237 if ($CONFIG['activate_system'] > 0) ACTIVATE_EXCHANGE();
\r
241 // If you will read following error message you probably need to contact me (webmaster@mxchange.org)
\r
242 // and download the sql-upgrades extension from my server. Please ask me which SQL file(s) you need to
\r
243 // import *BEFORE* you import them!
\r
244 ADD_FATAL(FATAL_CANNOT_LOAD_CONFIG);
\r
248 SQL_FREERESULT($result);
\r
253 ADD_FATAL(WRONG_DB_SELECTED);
\r
258 // No link to database!
\r
259 ADD_FATAL(NO_DB_LINK);
\r
265 // Maybe you forgot to enter your MySQL data?
\r
266 ADD_FATAL(MYSQL_DATA_MISSING);
\r
271 ///////////////////////////////////////////////////
\r
272 // Include neccessary functions for installation //
\r
273 ///////////////////////////////////////////////////
\r
275 // Set CONFIG array
\r
280 // Set other missing variables
\r
281 $link = false; // No database link by default
\r
283 // Include required files
\r
284 require_once(PATH."inc/databases.php");
\r
285 require_once(PATH."inc/extensions.php");
\r
286 require_once(PATH."inc/theme-manager.php");
\r
287 require_once(PATH."inc/load_extensions.php");
\r
288 require_once(PATH."inc/session.php");
\r
290 // Check if we are in installation routine
\r
291 $installPhp = basename($_SERVER['PHP_SELF']);
\r
292 if (($installPhp != "install.php") && ($CSS != "1") && ($CSS != -1)) {
\r
293 // Redirect to the installation system
\r
294 LOAD_URL(URL."/install.php");
\r
297 // Double-check installation mode
\r
298 if ((!mxchange_installed) || (!admin_registered)) {
\r
299 // Check for file permissions
\r
300 if (!is_INCWritable("config")) {
\r
301 ADD_FATAL(CONFIG_IS_WRITE_PROTECTED);
\r
303 if (!is_INCWritable("dummy")) {
\r
304 ADD_FATAL(DUMMY_IS_WRITE_PROTECTED);
\r
306 if (!is_INCWritable(".secret/dummy")) {
\r
307 ADD_FATAL(SECRET_IS_WRITE_PROTECTED);
\r
312 // Any fatal messages?
\r
313 if (!is_array($FATAL)) $FATAL = array();
\r
314 if (((sizeof($FATAL) > 0) || (!empty($FATAL[0]))) && (mxchange_installed) && (!mxchange_installing) && ($CSS != "1"))
\r
316 // One or more fatal error(s) occur during connect...
\r
317 include (PATH."inc/header.php");
\r
318 include (PATH."inc/fatal_errors.php");
\r
320 include (PATH."inc/footer.php");
\r