************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (!defined('__SECURITY')) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
// CFG: DEBUG-SQL (if enabled and DEBUG_MODE is enabled all SQL queries will be logged to debug.log)
define('DEBUG_SQL', false);
-// Load library
-require_once(PATH."inc/db/lib.php");
+// Non-database functions
+require("inc/functions.php");
+
+// Load more function libraries or includes
+foreach (array('request-functions', 'session-functions', 'config-functions', 'filters', 'mysql-manager', 'extensions', 'db/lib', 'handler', 'hooks', 'session') as $lib) {
+ // Load special functions
+ LOAD_INC_ONCE(sprintf("inc/%s.php", $lib));
+} // END - foreach
+
+// Set error handler
+set_error_handler('__errorHandler');
+
+// Register shutdown hook
+register_shutdown_function('__SHUTDOWN_HOOK');
// Check if the user setups his MySQL stuff...
-if ((empty($MySQL['login'])) && (!mxchange_installing) && (!isset($_GET['installing'])) && (mxchange_installed))
-{
+if ((empty($MySQL['login'])) && (!defined('mxchange_installing')) && (!REQUEST_ISSET_GET(('installing'))) && (isInstalled())) {
// No login entered and outside installation mode
- echo "<STRONG>".LANG_WARNING.":</STRONG> ";
- if (mxchange_installed)
- {
+ OUTPUT_HTML("<strong>{--LANG_WARNING--}:</strong> ");
+ if (isInstalled()) {
// You have changed my configuration file!
- die(DIE_CONFIG_CHANGED_YOU);
- }
- else
- {
+ mxchange_die("{--DIE_CONFIG_CHANGED_YOU--}");
+ } else {
// Please run the installation script (maybe again)
- die(DIE_RUN_INSTALL_MYSQL);
+ mxchange_die("{--DIE_RUN_INSTALL_MYSQL--}");
}
-}
- elseif ((!mxchange_installing) && (!isset($_GET['installing'])) && (empty($MySQL['password'])) && (warn_no_pass))
-{
+} elseif ((!isInstalling()) && (!REQUEST_ISSET_GET(('installing'))) && (empty($MySQL['password'])) && (isBooleanConstantAndTrue('warn_no_pass'))) {
// No database password entered!!!
- echo "<STRONG>".LANG_WARNING.":</STRONG> ".WARN_NULL_PASSWORD;
+ OUTPUT_HTML("<div>{--LANG_WARNING--}:</div> {--WARN_NULL_PASSWORD--}");
}
+// Set dummy config array
+initConfig();
+
+// Set important header_sent
+$GLOBALS['header_sent'] = 0;
+
+// Init fatal messages
+initFatalMessages();
+
// Check if this file is writeable or read-only and warn the user
-if ((!mxchange_installing) && (mxchange_installed))
-{
+if ((!isInstalling()) && (isInstalled())) {
// Check for write-permission for config.php and inc directory
+ if (empty($GLOBALS['module'])) $GLOBALS['module'] = REQUEST_GET('module');
if (empty($GLOBALS['module'])) $GLOBALS['module'] = "index";
- if (($GLOBALS['module'] != "admin") && (admin_registered))
- {
- if (is_INCWritable("config")) ADD_FATAL(FATAL_CONFIG_WRITABLE);
- if (is_INCWritable("dummy")) ADD_FATAL(FATAL_INC_WRITABLE);
- }
-
- // Init configuration arrays
- $_CONFIG = array(
- 'code_length' => 0
- );
- $EXT_CSS_FILES = array();
- // Load general stuff, like...
- require_once(PATH."inc/extensions.php"); // Extension management
- require_once(PATH."inc/functions.php"); // Non-database functions
- require_once(PATH."inc/databases.php"); // Several hard-coded databases (arrays, constants)
+ // CSS array
+ EXT_INIT_CSS_FILES();
if ((!empty($MySQL['host'])) && (!empty($MySQL['login'])) && (!empty($MySQL['password'])) && (!empty($MySQL['dbase']))) {
// Connect to DB
- $link = SQL_CONNECT($MySQL['host'], $MySQL['login'], $MySQL['password'], __FILE__, __LINE__);
+ SQL_CONNECT($MySQL['host'], $MySQL['login'], $MySQL['password'], __FILE__, __LINE__);
// Is the link valid?
- if (is_resource($link)) {
- // Choose the database
- $db = SQL_SELECT_DB($MySQL['dbase'], $link, __FILE__, __LINE__);
-
+ if (SQL_IS_LINK_UP()) {
// Is it a valid resource?
- if ($db === true) {
- // Load configuration stuff
- $result = SQL_QUERY("SELECT pass_len, points_register, points_ref, least_cats, check_double_email, check_double_pass, admin_notify, url_tlock, test_text, max_tlength, test_subj, autosend_active, max_send, url_blacklist, auto_purge, auto_purge_active, last_update, unconfirmed, profile_lock, online_timeout, mad_timestamp, mad_count, profile_update, send_prof_update, resend_profile_update, code_length, patch_level, patch_ctime, guest_stats, ref_payout, activate_xchange, order_multi_page, display_refid, ip_timeout, allow_direct_pay, config FROM "._MYSQL_PREFIX."_config WHERE config='0' LIMIT 1", __FILE__, __LINE__);
-
- if (SQL_NUMROWS($result) == 1) {
- // Load data when previous SQL query did not fail
- if (!$result) {
- // Something went wrong
- ADD_FATAL(FATAL_CANNOT_LOAD_CONFIG);
- return;
- }
+ if (SQL_SELECT_DB($MySQL['dbase'], __FILE__, __LINE__) === true) {
+ // This is required for extension 'optimize' to work
+ define('__DB_NAME', $MySQL['dbase']);
- // Load the configuration
- $_CONFIG = array_merge($_CONFIG, SQL_FETCHARRAY($result));
+ // Remove MySQL array from namespace
+ unset($MySQL);
- // Initialize include-file-pool
- $INC_POOL = array();
-
- // Load more include files
- require_once(PATH."inc/mysql-manager.php"); // Functions which interact with the database
-
- // Run daily reset
- if ((date("d", $_CONFIG['last_update']) != date("d", time()) || (DEBUG_MODE == true)) && (!mxchange_installing) && (mxchange_installed) && (admin_registered) && (!isset($_GET['register'])) && ($CSS != 1)) {
- // Do daily things in external PHP file but only when script is completely setup
- $INC_POOL[] = PATH."inc/reset/reset_daily.php";
+ // Load configuration stuff
+ loadConfiguration();
+
+ // Load "databases" aka static arrays
+ LOAD_INC_ONCE("inc/databases.php");
+
+ // Loading patching system is required here...
+ LOAD_INC_ONCE("inc/patch-system.php"); // Initialize patch system
+
+ // Run daily reset
+ LOAD_INC_ONCE("inc/check-reset.php");
+
+ // Load admin include file if he is admin
+ if (IS_ADMIN()) {
+ // Administrative functions
+ LOAD_INC_ONCE("inc/modules/admin/admin-inc.php");
+ } // END - if
+ //* DEBUG: */ ADD_POINTS_REFSYSTEM("test", 36, 1000);
+ //* DEBUG: */ die();
+
+ // Get all values
+ if (($GLOBALS['output_mode'] != 1) && ($GLOBALS['output_mode'] != -1)) {
+ if (empty($GLOBALS['module'])) $GLOBALS['module'] = "empty";
+ if (empty($GLOBALS['what'])) $GLOBALS['what'] = GET_WHAT($GLOBALS['module']);
+ if (empty($GLOBALS['action'])) $GLOBALS['action'] = GET_ACTION($GLOBALS['module'], $GLOBALS['what']);
+ } else {
+ // Set action/what to empty
+ $GLOBALS['action'] = "";
+ $GLOBALS['what'] = "";
+ }
- // Daily reset was run!
- define('__DAILY_RESET', "1");
+ // Run the init filter chain
+ runFilterChain('init');
+
+ // Set default 'what' value
+ //* DEBUG: */ OUTPUT_HTML("-".$GLOBALS['module']."/".$GLOBALS['what']."-<br />");
+ if ((empty($GLOBALS['what'])) && (empty($GLOBALS['action'])) && ($GLOBALS['output_mode'] != 1) && ($GLOBALS['output_mode'] != -1)) {
+ if ($GLOBALS['module'] == "admin") {
+ // Set 'action' value to 'login' in admin menu
+ $GLOBALS['action'] = GET_ACTION($GLOBALS['module'], $GLOBALS['what']);
+ } elseif (($GLOBALS['module'] == "index") || ($GLOBALS['module'] == "login")) {
+ // Set 'what' value to 'welcome' in guest and member menu
+ $GLOBALS['what'] = "welcome";
+ if (getConfig('index_home') != "") $GLOBALS['what'] = getConfig('index_home');
+ } else {
+ // Anything else like begging link
+ $GLOBALS['what'] = "";
}
+ } // END - if
- // Load all extensions
- require_once(PATH."inc/load_extensions.php");
-
- // Loading patching system is required here...
- require_once(PATH."inc/patch-system.php"); // Initialize patch system
+ // Update sending pool
+ if (($GLOBALS['output_mode'] != "1") && ($GLOBALS['output_mode'] != "-1")) LOAD_INC_ONCE("inc/pool-update.php"); // Sends out mails in configureable steps
- // Functions which are related to themes
- require_once(PATH."inc/theme-manager.php");
+ // Load all active extension including language files when not upgrading.
+ // Check module for testing and count one click
+ $dummy = checkModulePermissions($GLOBALS['module']);
+ if ($dummy == "done") countModuleHit($GLOBALS['module']);
+ unset($dummy);
- // Initialize session management
- require_once(PATH."inc/session.php");
-
- // Load admin include file if he is admin
- if (IS_ADMIN()) {
- // Administrative functions
- require_once(PATH."inc/modules/admin/admin-inc.php");
- }
+ // Shall we activate the exchange?
+ if (getConfig('activate_xchange') > 0) activateExchange();
- // Get all values
- if (($CSS != 1) && ($CSS != -1)) {
- if (empty($GLOBALS['module'])) $GLOBALS['module'] = "empty";
- if (empty($GLOBALS['what'])) $GLOBALS['what'] = GET_WHAT($GLOBALS['module']);
- if (empty($GLOBALS['action'])) $GLOBALS['action'] = GET_ACTION($GLOBALS['module'], $GLOBALS['what']);
+ // Is the extension sql_patches installed and at least 0.3.6?
+ if (GET_EXT_VERSION("sql_patches") >= "0.3.6") {
+ // Generate random number
+ if (isset($GLOBALS['userid'])) {
+ define('RAND_NUMBER', generateRandomCodde(10, mt_rand(10000,32766), $GLOBALS['userid'], ""));
} else {
- // Set action/what to empty
- $GLOBALS['action'] = "";
- $GLOBALS['what'] = "";
+ define('RAND_NUMBER', generateRandomCodde(10, mt_rand(10000,32766), 0, ""));
}
-
- // Secure and validate user ID from cookie
- UPDATE_LOGIN_DATA();
-
- // Get session ID
- if (empty($_SESSION['PHPSESSID'])) $_SESSION['PHPSESSID'] = session_id();
-
- // Update online list
- UPDATE_ONLINE_LIST($_SESSION['PHPSESSID'], $GLOBALS['module'], $GLOBALS['action'], $GLOBALS['what']);
-
- // Load theme name
- $CurrTheme = GET_CURR_THEME();
-
- // Set default 'what' value
- //* DEBUG */ echo "-".$GLOBALS['module']."/".$GLOBALS['what']."-<br />\n";
- if ((empty($GLOBALS['what'])) && (empty($GLOBALS['action'])) && ($CSS != 1) && ($CSS != -1)) {
- if ($GLOBALS['module'] == "admin") {
- // Set 'action' value to 'login' in admin menu
- $GLOBALS['action'] = GET_ACTION($GLOBALS['module'], $GLOBALS['what']);
- } elseif (($GLOBALS['module'] == "index") || ($GLOBALS['module'] == "login")) {
- // Set 'what' value to 'welcome' in guest and member menu
- $GLOBALS['what'] = "welcome";
- if (!empty($_CONFIG['index_home'])) $GLOBALS['what'] = $_CONFIG['index_home'];
- } else {
- // Anything else like begging link
- $GLOBALS['what'] = "";
- }
- }
-
- // Update sending pool
- if (($CSS != "1") && ($CSS != "-1")) require_once(PATH."inc/pool-update.php"); // Sends out mails in configureable steps
-
- // Load all active extension including language files when not upgrading.
- // Check module for testing and count one click
- $dummy = CHECK_MODULE($GLOBALS['module']);
- if ($dummy == "done") COUNT_MODULE($GLOBALS['module']);
- unset($dummy);
- if ($_CONFIG['activate_xchange'] > 0) activateExchange();
} else {
- // If you will read following error message you probably need to contact me (webmaster@mxchange.org)
- // and download the sql-upgrades extension from my server. Please ask me which SQL file(s) you need to
- // import *BEFORE* you import them!
- ADD_FATAL(FATAL_CANNOT_LOAD_CONFIG);
+ // Generate weak (!!!) code
+ define('RAND_NUMBER', mt_rand(1000000, 9999999));
}
-
- // Free memory
- SQL_FREERESULT($result);
} else {
// Wrong database?
- ADD_FATAL(WRONG_DB_SELECTED);
+ addFatalMessage(__FILE__, __LINE__, getMessage('WRONG_DB_SELECTED'));
}
} else {
// No link to database!
- ADD_FATAL(NO_DB_LINK);
- $db = false;
+ addFatalMessage(__FILE__, __LINE__, getMessage('NO_DB_LINK'));
}
} else {
// Maybe you forgot to enter your MySQL data?
- ADD_FATAL(MYSQL_DATA_MISSING);
+ addFatalMessage(__FILE__, __LINE__, getMessage('MYSQL_DATA_MISSING'));
}
} else {
///////////////////////////////////////////////////
// Include neccessary functions for installation //
///////////////////////////////////////////////////
- // Set CONFIG array
- $_CONFIG = array(
- 'code_length' => 0
- );
-
// Set other missing variables
- $link = false; // No database link by default
+ if (!isset($GLOBALS['output_mode'])) $GLOBALS['output_mode'] = "0";
- // Include required files
- require_once(PATH."inc/databases.php");
- require_once(PATH."inc/extensions.php");
- require_once(PATH."inc/theme-manager.php");
- require_once(PATH."inc/load_extensions.php");
- require_once(PATH."inc/session.php");
+ // Include databases.php
+ LOAD_INC_ONCE("inc/databases.php");
// Check if we are in installation routine
- $installPhp = basename($_SERVER['PHP_SELF']);
- if (($installPhp != "install.php") && ($CSS != "1") && ($CSS != -1)) {
+ if ((basename($_SERVER['PHP_SELF']) != "install.php") && ($GLOBALS['output_mode'] != "1") && ($GLOBALS['output_mode'] != -1)) {
// Redirect to the installation system
LOAD_URL("install.php");
- }
+ } // END - if
// Double-check installation mode
- if ((!mxchange_installed) || (!admin_registered)) {
+ if ((!isInstalled()) || (!isAdminRegistered())) {
// Check for file permissions
- if (!is_INCWritable("config")) {
- ADD_FATAL(CONFIG_IS_WRITE_PROTECTED);
- }
- if (!is_INCWritable("dummy")) {
- ADD_FATAL(DUMMY_IS_WRITE_PROTECTED);
- }
- if (!is_INCWritable(".secret/dummy")) {
- ADD_FATAL(SECRET_IS_WRITE_PROTECTED);
- }
- }
+ if (!IS_INC_WRITEABLE("config")) {
+ addFatalMessage(__FILE__, __LINE__, getMessage('CONFIG_IS_WRITE_PROTECTED'));
+ } // END - if
+ if (!IS_INC_WRITEABLE("dummy")) {
+ addFatalMessage(__FILE__, __LINE__, getMessage('DUMMY_IS_WRITE_PROTECTED'));
+ } // END - if
+ if (!IS_INC_WRITEABLE(".secret/dummy")) {
+ addFatalMessage(__FILE__, __LINE__, getMessage('SECRET_IS_WRITE_PROTECTED'));
+ } // END - if
+ } // END - if
+
+ // Run the init filter chain
+ runFilterChain('init');
}
-// Any fatal messages?
-if (!is_array($FATAL)) $FATAL = array();
-if (((sizeof($FATAL) > 0) || (!empty($FATAL[0]))) && (mxchange_installed) && (!mxchange_installing) && ($CSS != "1"))
-{
+if ((getTotalFatalErrors() > 0) && (isInstalled()) && (!defined('mxchange_installing')) && ($GLOBALS['output_mode'] != "1")) {
// One or more fatal error(s) occur during connect...
- include (PATH."inc/header.php");
- include (PATH."inc/fatal_errors.php");
- unset($FATAL);
- include (PATH."inc/footer.php");
- exit;
-}
+ LOAD_INC_ONCE("inc/header.php");
+ LOAD_INC_ONCE("inc/fatal_errors.php");
+ LOAD_INC_ONCE("inc/footer.php");
+} // END - if
//
?>