Файл: admin/inc/common.php
Строк: 334
<?php
/**
* Common Setup File
*
* This file initializes up most variables for the site. It is also where most files
* are included from. It also reads and stores certain variables.
*
* @package GetSimple
* @subpackage init
*/
/**
* Headers
*/
// charset utf-8
header('content-type: text/html; charset=utf-8');
// headers for backend
if(!isset($base)){
// no-cache headers
$timestamp = gmdate("D, d M Y H:i:s") . " GMT";
header("Expires: " . $timestamp);
header("Last-Modified: " . $timestamp);
header("Pragma: no-cache");
header("Cache-Control: no-cache, must-revalidate");
}
define('IN_GS', TRUE); // GS enviroment flag
// GS Debugger
global $GS_debug; // GS debug trace array
if(!isset($GS_debug)) $GS_debug = array();
/**
* Debug Console Log
*
* @since 3.1
*
* @param $txt string
*/
function debugLog($txt = '') {
global $GS_debug;
array_push($GS_debug,$txt);
}
/**
* Set PHP enviroment
*/
if(function_exists('mb_internal_encoding')) mb_internal_encoding("UTF-8"); // set multibyte encoding
/**
* GSCONFIG definitions
*/
if(!defined('GSSTYLEWIDE')) define('GSSTYLEWIDE','wide'); // wide style sheet
if(!defined('GSSTYLE_SBFIXED')) define('GSSTYLE_SBFIXED','sbfixed'); // fixed sidebar
/**
* Bad stuff protection
*/
include_once('security_functions.php');
if (version_compare(PHP_VERSION, "5") >= 0) {
foreach ($_GET as &$xss) $xss = antixss($xss);
}
/**
* Basic file inclusions
*/
include('basic.php');
include('template_functions.php');
include('logging.class.php');
define('GSROOTPATH', get_root_path());
if(!is_frontend()){
if (file_exists(GSROOTPATH . 'gsconfig.php')) {
require_once(GSROOTPATH . 'gsconfig.php');
}
if (defined('GSADMIN')) {
$GSADMIN = GSADMIN;
} else {
$GSADMIN = 'admin';
}
}
if(getDef('GSNOFRAME',true) !== false){
// Adds X-Frame-Options to HTTP header, so that page can only be shown in an iframe of the same site.
header('X-Frame-Options: DENY'); // FF 3.6.9+ Chrome 4.1+ IE 8+ Safari 4+ Opera 10.5+
}
/**
* Define some constants
*/
define('GSADMINPATH', get_admin_path());
define('GSADMININCPATH', GSADMINPATH. 'inc/');
define('GSPLUGINPATH', GSROOTPATH. 'plugins/');
define('GSLANGPATH', GSADMINPATH. 'lang/');
define('GSDATAPATH', GSROOTPATH. 'data/');
define('GSDATAOTHERPATH', GSROOTPATH. 'data/other/');
define('GSDATAPAGESPATH', GSROOTPATH. 'data/pages/');
define('GSDATAUPLOADPATH', GSROOTPATH. 'data/uploads/');
define('GSTHUMBNAILPATH', GSROOTPATH. 'data/thumbs/');
define('GSBACKUPSPATH', GSROOTPATH. 'backups/');
define('GSTHEMESPATH', GSROOTPATH. 'theme/');
define('GSUSERSPATH', GSROOTPATH. 'data/users/');
define('GSBACKUSERSPATH', GSROOTPATH. 'backups/users/');
define('GSCACHEPATH', GSROOTPATH. 'data/cache/');
define('GSAUTOSAVEPATH', GSROOTPATH. 'data/pages/autosave/');
$reservedSlugs = array($GSADMIN,'data','theme','plugins','backups');
require_once(GSADMININCPATH.'configuration.php');
/**
* Debugging
*/
if ( isDebug() ) {
error_reporting(-1);
ini_set('display_errors', 1);
} else if( getDef('GSSUPPRESSERRORS',true) || getDef('SUPPRESSERRORS',true) ) {
error_reporting(0);
ini_set('display_errors', 0);
}
ini_set('log_errors', 1);
ini_set('error_log', GSDATAOTHERPATH .'logs/errorlog.txt');
/**
* Variable check to prevent debugging going off
* @todo some of these may not even be needed anymore
*/
$admin_relative = (isset($admin_relative)) ? $admin_relative : '';
$lang_relative = (isset($lang_relative)) ? $lang_relative : '';
$load['login'] = (isset($load['login'])) ? $load['login'] : '';
$load['plugin'] = (isset($load['plugin'])) ? $load['plugin'] : '';
/**
* Pull data from storage
*/
/** grab website data */
$thisfilew = GSDATAOTHERPATH .'website.xml';
if (file_exists($thisfilew)) {
$dataw = getXML($thisfilew);
$SITENAME = stripslashes($dataw->SITENAME);
$SITEURL = $dataw->SITEURL;
$TEMPLATE = $dataw->TEMPLATE;
$PRETTYURLS = $dataw->PRETTYURLS;
$PERMALINK = $dataw->PERMALINK;
} else {
$SITENAME = '';
$SITEURL = '';
}
/** grab user data */
if (isset($_COOKIE['GS_ADMIN_USERNAME'])) {
$cookie_user_id = _id($_COOKIE['GS_ADMIN_USERNAME']);
if (file_exists(GSUSERSPATH . $cookie_user_id.'.xml')) {
$datau = getXML(GSUSERSPATH . $cookie_user_id.'.xml');
$USR = stripslashes($datau->USR);
$HTMLEDITOR = $datau->HTMLEDITOR;
$TIMEZONE = $datau->TIMEZONE;
$LANG = $datau->LANG;
} else {
$USR = null;
}
} else {
$USR = null;
}
/**
* Language control
*/
if(!isset($LANG) || $LANG == '') {
$filenames = glob(GSLANGPATH.'*.php');
$cntlang = count($filenames);
if ($cntlang == 1) {
// assign lang to only existing file
$LANG = basename($filenames[0], ".php");
} elseif($cntlang > 1 && in_array(GSLANGPATH .'en_US.php',$filenames)) {
// fallback to en_US if it exists
$LANG = 'en_US';
} elseif(isset($filenames[0])) {
// fallback to first lang found
$LANG=basename($filenames[0], ".php");
}
}
i18n_merge(null); // load $LANG file into $i18n
// Merge in default lang to avoid empty lang tokens
// if GSMERGELANG is undefined or false merge en_US else merge custom
if(getDef('GSMERGELANG', true) !== false and !getDef('GSMERGELANG', true) ){
if($LANG !='en_US') i18n_merge(null,"en_US");
} else{
// merge GSMERGELANG defined lang if not the same as $LANG
if($LANG !=getDef('GSMERGELANG') ) i18n_merge(null,getDef('GSMERGELANG'));
}
/**
* Init Editor globals
* @uses $EDHEIGHT
* @uses $EDLANG
* @uses $EDTOOL js array string | php array | 'none' | ck toolbar_ name
* @uses $EDOPTIONS js obj param strings, comma delimited
*/
if (defined('GSEDITORHEIGHT')) { $EDHEIGHT = GSEDITORHEIGHT .'px'; } else { $EDHEIGHT = '500px'; }
if (defined('GSEDITORLANG')) { $EDLANG = GSEDITORLANG; } else { $EDLANG = i18n_r('CKEDITOR_LANG'); }
if (defined('GSEDITORTOOL') and !isset($EDTOOL)) { $EDTOOL = GSEDITORTOOL; }
if (defined('GSEDITOROPTIONS') and !isset($EDOPTIONS) && trim(GSEDITOROPTIONS)!="" ) $EDOPTIONS = GSEDITOROPTIONS;
if(!isset($EDTOOL)) $EDTOOL = 'basic'; // default gs toolbar
if($EDTOOL == "none") $EDTOOL = null; // toolbar to use cke default
$EDTOOL = returnJsArray($EDTOOL);
// if($EDTOOL === null) $EDTOOL = 'null'; // not supported in cke 3.x
// at this point $EDTOOL should always be a valid js nested array ([[ ]]) or escaped toolbar id ('toolbar_id')
/**
* Timezone setup
*/
// set defined timezone from config if not set on user
if( (!isset($TIMEZONE) || trim($TIMEZONE) == '' ) && defined('GSTIMEZONE') ){
$TIMEZONE = GSTIMEZONE;
}
if(isset($TIMEZONE) && function_exists('date_default_timezone_set') && ($TIMEZONE != "" || stripos($TIMEZONE, '--')) ) {
date_default_timezone_set($TIMEZONE);
}
/**
* Variable Globalization
*/
global $SITENAME, $SITEURL, $TEMPLATE, $TIMEZONE, $LANG, $SALT, $i18n, $USR, $PERMALINK, $GSADMIN, $components, $EDTOOL, $EDOPTIONS, $EDLANG, $EDHEIGHT;
/** grab authorization and security data */
if (defined('GSUSECUSTOMSALT')) {
// use GSUSECUSTOMSALT
$SALT = sha1(GSUSECUSTOMSALT);
}
else {
// use from authorization.xml
if (file_exists(GSDATAOTHERPATH .'authorization.xml')) {
$dataa = getXML(GSDATAOTHERPATH .'authorization.xml');
$SALT = stripslashes($dataa->apikey);
} else {
if($SITEURL !='' && get_filename_id() != 'install' && get_filename_id() != 'setup' && get_filename_id() != 'update' && get_filename_id() != 'style'){
die(i18n_r('KILL_CANT_CONTINUE')."<br/>".i18n_r('MISSING_FILE').": "."authorization.xml");
}
}
}
$SESSIONHASH = sha1($SALT . $SITENAME);
/**
* $base is if the site is being viewed from the front-end
*/
if(isset($base)) {
include_once(GSADMININCPATH.'theme_functions.php');
}
function serviceUnavailable(){
GLOBAL $base;
if(isset($base)){
header('HTTP/1.1 503 Service Temporarily Unavailable');
header('Status: 503 Service Temporarily Unavailable');
header('Retry-After: 7200'); // in seconds
i18n('SERVICE_UNAVAILABLE');
die();
}
}
/**
* Check to make sure site is already installed
*/
if (get_filename_id() != 'install' && get_filename_id() != 'setup' && get_filename_id() != 'update') {
$fullpath = suggest_site_path();
# if there is no SITEURL set, then it's a fresh install. Start installation process
# siteurl check is not good for pre 3.0 since it will be empty, so skip and run update first.
if ($SITEURL == '' && get_gs_version() >= 3.0) {
serviceUnavailable();
redirect($fullpath . $GSADMIN.'/install.php');
}
else {
# if an update file was included in the install package, redirect there first
if (file_exists(GSADMINPATH.'update.php') && !isset($_GET['updated']) && !getDef('GSDEBUGINSTALL')) {
serviceUnavailable();
redirect($fullpath . $GSADMIN.'/update.php');
}
}
if(!getDef('GSDEBUGINSTALL',true)){
# if you've made it this far, the site is already installed so remove the installation files
$filedeletionstatus=true;
if (file_exists(GSADMINPATH.'install.php')) {
$filedeletionstatus = unlink(GSADMINPATH.'install.php');
}
if (file_exists(GSADMINPATH.'setup.php')) {
$filedeletionstatus = unlink(GSADMINPATH.'setup.php');
}
if (file_exists(GSADMINPATH.'update.php')) {
$filedeletionstatus = unlink(GSADMINPATH.'update.php');
}
if (!$filedeletionstatus) {
$error = sprintf(i18n_r('ERR_CANNOT_DELETE'), '<code>/'.$GSADMIN.'/install.php</code>, <code>/'.$GSADMIN.'/setup.php</code> or <code>/'.$GSADMIN.'/update.php</code>');
}
}
}
/**
* Include other files depending if they are needed or not
*/
include_once(GSADMININCPATH.'cookie_functions.php');
if(isset($load['plugin']) && $load['plugin']){
# remove the pages.php plugin if it exists.
if (file_exists(GSPLUGINPATH.'pages.php')) {
unlink(GSPLUGINPATH.'pages.php');
}
include_once(GSADMININCPATH.'plugin_functions.php');
if(get_filename_id()=='settings' || get_filename_id()=='load') {
/* this core plugin only needs to be visible when you are viewing the
settings page since that is where its sidebar item is. */
if (defined('GSEXTAPI') && GSEXTAPI==1) {
include_once('api.plugin.php');
}
}
# include core plugin for page caching
include_once('caching_functions.php');
# main hook for common.php
exec_action('common');
}
if(isset($load['login']) && $load['login']){ include_once(GSADMININCPATH.'login_functions.php'); }
?>