API tools faq
paste
Advertisement
evgeniy-bublik

Untitled

evgeniy-bublik
Feb 19th, 2019
124
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 52.64 KB | None | 0 0
raw download clone embed print report
  1. <?
  2. // Author: $Author: cms $
  3. // Revision: $Revision: 1.72 $
  4. // Date: $Date: 2005/07/06 15:45:06 $
  5. /* Apache in cgi mode bugaround */
  6. if (isset($_GET["template"])&&$_GET["template"]=="error404"){
  7. $_tmp=parse_url($_SERVER["REQUEST_URI"]);
  8. if (isset($_tmp["path"])){
  9. $pathinfo=pathinfo($_tmp["path"]);
  10. if(isset($pathinfo["extension"]) && ($pathinfo["extension"]!="css" && $pathinfo["extension"]!="js" && $pathinfo["extension"]!="gif" && $pathinfo["extension"]!="png" && $pathinfo["extension"]!="jpg" && $pathinfo["extension"]!="htm" && $pathinfo["extension"]!="html")){
  11. die("File does not exist: ".@$_SERVER["REQUEST_URI"]);
  12. }
  13. }
  14. }
  15.  
  16. $GLOBALS["site_mode"]=1;
  17. if (isset($_SERVER["HTTP_HOST"])&&$_SERVER["HTTP_HOST"]=="dev.loc")
  18. $GLOBALS["dev_flag"]=1;
  19. else
  20. $GLOBALS["dev_flag"]=0;
  21. preg_match('/(.*)\?(.*)$/i',$_SERVER["REQUEST_URI"],$matches);
  22. $password_protected=0;
  23. if (isset($matches[1]))
  24. $_SERVER["PHP_SELF"]=$matches[1];
  25. else
  26. $_SERVER["PHP_SELF"]=$_SERVER["REQUEST_URI"];
  27. $cms_ns=0;$id=0;
  28. $found_handler="";
  29.  
  30. require_once('cms/.include/config.php');
  31.  
  32. if(isset($GLOBALS["cms"]["config"]["msg_files_encoding"]["convert_from"])
  33. && isset($GLOBALS["cms"]["config"]["msg_files_encoding"]["convert_to"])
  34. && $GLOBALS["cms"]["config"]["msg_files_encoding"]["convert_to"]
  35. && $GLOBALS["cms"]["config"]["msg_files_encoding"]["convert_from"]
  36. ){
  37. header("Content-Type: text/html; charset=".$GLOBALS["cms"]["config"]["msg_files_encoding"]["convert_to"]);
  38. }
  39. /*
  40. if(!isset($GLOBALS["cms"]["config"]["site"]["send_errors"]) || $GLOBALS["cms"]["config"]["site"]["send_errors"]==1){
  41. $old_error_handler = set_error_handler("error_handler");
  42. }
  43. */
  44. require_once('cms/.libs/'.$GLOBALS["cms"]["config"]["sql"]["dbtype"].'.php');
  45. db_connect();
  46. require_once('cms/.libs/common.php');
  47. $_SERVER['REMOTE_ADDR'] = $GLOBALS["cms_common"]->get_real_ip();
  48.  
  49. $GLOBALS["cms_common"]->load_modifiers("header_codes.lst");
  50. $GLOBALS["rewrite_mode"]=0;
  51. $GLOBALS["relative_path"]="../";
  52. /*if(empty($_SERVER['PATH_INFO']) && !empty($_SERVER['REDIRECT_URL'])){
  53. $_SERVER['PATH_INFO'] = $_SERVER['REDIRECT_URL'];
  54. parse_str(parse_url($_SERVER['REQUEST_URI'],PHP_URL_QUERY),$_GET);
  55.  
  56. }*/
  57.  
  58. if (!isset($GLOBALS["wrapper"])){
  59. if (isset($GLOBALS["cms"]["config"]["site"]["rewrite_urls"]) && $GLOBALS["cms"]["config"]["site"]["rewrite_urls"]==1){
  60. $GLOBALS["rewrite_mode"]=1;
  61. $temp=explode("/",$_SERVER["SCRIPT_NAME"]);
  62. unset($temp[count($temp)-1]);
  63. $_SERVER["SCRIPT_NAME"]=implode("/",$temp);
  64. if (!isset($_SERVER["PATH_INFO"])){
  65. if(isset($_SERVER["ORIG_PATH_INFO"]))
  66. $_SERVER["PATH_INFO"]=$_SERVER["ORIG_PATH_INFO"];
  67. //elseif(isset($_SERVER["REDIRECT_URL"])){
  68. //$_SERVER["PATH_INFO"]=$_SERVER["REDIRECT_URL"];
  69. else{
  70. if(!empty($_SERVER['REDIRECT_URL']))
  71. $_SERVER["PATH_INFO"]=$_SERVER['REDIRECT_URL'];
  72. else
  73. $_SERVER["PATH_INFO"]=$_SERVER['REQUEST_URI'];
  74. }
  75. }
  76. if (isset($_SERVER["PATH_INFO"])){
  77.  
  78. $GLOBALS["requested_page"]=$_SERVER["PATH_INFO"];
  79. if(preg_match("@^/site\.php(/.*)$@Uism",$GLOBALS["requested_page"],$temp)){
  80. $GLOBALS["requested_page"]=$temp[1];
  81. }
  82. if (isset($_GET["template"]) && $_GET["template"]=="error404"){
  83. if (isset($_SERVER["REQUEST_URI"]) && $_SERVER["REQUEST_URI"])
  84. $GLOBALS["requested_page"]=$_SERVER["REQUEST_URI"];
  85. }
  86.  
  87. if (substr($GLOBALS["requested_page"],0,1)=="/")
  88. $GLOBALS["requested_page"]=substr($GLOBALS["requested_page"],1,strlen($GLOBALS["requested_page"])-1);
  89. if(isset($_GET["template"])&& $_GET["template"]=="error404"){
  90. $requested_page_depth=0;
  91. $GLOBALS["relative_path"]="";
  92. }elseif (isset($_SERVER["REDIRECT_STATUS"]) && $_SERVER["REDIRECT_STATUS"]==404){
  93. if ($str=@strstr($_SERVER["REQUEST_URI"],($_SERVER["SCRIPT_NAME"]?$_SERVER["SCRIPT_NAME"]:"/"))){
  94. $temp=(substr($str,strlen($_SERVER["SCRIPT_NAME"])));
  95. if (substr($temp,0,1)=="/"){
  96. $temp=substr($temp,1,strlen($temp)-1);
  97. }
  98. }else{
  99. $temp=$_SERVER["REQUEST_URI"];
  100. if (substr($temp,0,1)=="/")
  101. $temp=substr($temp,1,strlen($temp)-1);
  102. }
  103. $temp=explode("/",$temp);
  104. $requested_page_depth=count($temp)-1;
  105. $GLOBALS["relative_path"]=str_repeat("../",$requested_page_depth);
  106. }else{
  107. $temp=explode("/",$GLOBALS["requested_page"]);
  108. $requested_page_depth=count($temp)-1;
  109. $GLOBALS["relative_path"]=str_repeat("../",$requested_page_depth);
  110. }
  111. require_once ("cms/.libs/pages.php");
  112. $cms_pages = new cms_pages;
  113. //if (trim($GLOBALS["requested_page"])){
  114. $temp=explode("/",$_SERVER["REQUEST_URI"]);
  115. for($i=0;$i<=$requested_page_depth;$i++){
  116. unset($temp[count($temp)-1]);
  117. }
  118. $GLOBALS["requested_path"]=implode("/",$temp);
  119. if (($temp[count($temp)-1]=="site" || $temp[count($temp)-1]=="site.php") && !preg_match("/forum_..\.php/",$GLOBALS["requested_page"])){
  120. unset($temp[count($temp)-1]);
  121. preg_match('/page([0-9]+).*\.html/',$GLOBALS["requested_page"],$matches);
  122. $alias=0;
  123. if (isset($matches[1])){
  124. $alias=$cms_pages->get_page_alias($matches[1]);
  125. }
  126. if ($alias)
  127. $redirected_page=implode("/",$temp)."/".$alias;
  128. else
  129. $redirected_page=implode("/",$temp)."/".$GLOBALS["requested_page"];
  130.  
  131. header("HTTP/1.1 301 Moved Permanently");
  132. header("Location:".$redirected_page);
  133. exit();
  134. }
  135. //}
  136. if ($GLOBALS["requested_page"]){
  137. if (isset($_GET["template"]) && $_GET["template"]=="error404"){
  138.  
  139. $_req_path=$GLOBALS["requested_path"];
  140. if (substr($_req_path,0,1)=="/")
  141. $_req_path=substr($_req_path,1);
  142. $_req_page=$GLOBALS["requested_page"];
  143. if (substr($_req_page,0,1)=="/")
  144. $_req_page=substr($_req_page,1);
  145. if (strpos($_req_page,$_req_path."/")===0){
  146. $GLOBALS["requested_page"]=substr($_req_page,strlen($_req_path."/"));
  147. }
  148. }
  149. if (!isset($GLOBALS["cms"]["config"]["site"]["url_handlers"]))
  150. $handlers=array("site");
  151. else
  152. $handlers=explode(",",$GLOBALS["cms"]["config"]["site"]["url_handlers"]);
  153. if (!in_array("site",$handlers))
  154. $handlers[]="site";
  155. if (is_array($handlers)){
  156. foreach ($handlers as $handler){
  157. if ($handler=="site"){
  158. $alias_id=$cms_pages->check_page_alias($GLOBALS["requested_page"]);
  159.  
  160. if ($alias_id && isset($_GET["template"]) && $_GET["template"]=="error404"){
  161. unset($_GET["template"]);
  162. }
  163. break;
  164. }else{
  165. if (is_file(".plugins/$handler/site/main.php")){
  166. require_once(".plugins/$handler/site/main.php");
  167. $class_name=$handler."_site";
  168. $handler_class=new $class_name;
  169. if (method_exists($handler_class,"check_url_handler") && $handler_class->check_url_handler($GLOBALS["requested_page"])){
  170. $found_handler=$handler_class;
  171. $alias_id=0;
  172. break;
  173. }
  174. }
  175. }
  176. }
  177. }
  178.  
  179. if (isset($alias_id)&&$alias_id){
  180. $id=$alias_id;
  181. }elseif(!is_object($found_handler)){
  182. preg_match('/^\/page([0-9]+).*\.html/',$_SERVER["PATH_INFO"],$matches);
  183. if (isset($matches[1]))
  184. $id=$matches[1];
  185. else
  186. $id=-1;
  187. }
  188. }else{
  189. $id=0;
  190. }
  191. }
  192.  
  193. //$_SERVER["REQUEST_URI"]=$_SERVER["REDIRECT_URL"];
  194.  
  195. }else{
  196. preg_match('/(.*\/)site.*\/page([0-9]+).*\.html/',$_SERVER["REQUEST_URI"],$matches);
  197. @$id=$matches[2];
  198. $GLOBALS["requested_path"]=preg_replace("/site(\.php)?$/i","",$_SERVER["SCRIPT_NAME"]);
  199. }
  200. }else{
  201. if (isset($GLOBALS["cms"]["config"]["site"]["rewrite_urls"]) && $GLOBALS["cms"]["config"]["site"]["rewrite_urls"]==1){
  202. $GLOBALS["rewrite_mode"]=1;
  203. }
  204. }
  205.  
  206. if (!isset($GLOBALS["cms"]["config"]["site"]["site_relative_url"])){
  207. $GLOBALS["cms"]["config"]["site"]["site_relative_url"]="/";
  208. }
  209. if (!isset($GLOBALS["wrapper"])){
  210. if (!$GLOBALS["cms"]["config"]["site"]["site_relative_url"])
  211. $GLOBALS["cms"]["config"]["site"]["site_relative_url"]="/";
  212. if (substr($GLOBALS["cms"]["config"]["site"]["site_relative_url"],strlen($GLOBALS["cms"]["config"]["site"]["site_relative_url"])-1)!="/")
  213. $GLOBALS["cms"]["config"]["site"]["site_relative_url"].="/";
  214. if (isset($GLOBALS["requested_path"])&&(!isset($_GET["template"])||$_GET["template"]!="error404")){
  215. if ($GLOBALS["requested_path"]."/"!=$GLOBALS["cms"]["config"]["site"]["site_relative_url"]){
  216. $GLOBALS["cms_common"]->http_redirect($GLOBALS["cms"]["config"]["site"]["site_relative_url"].$GLOBALS["requested_page"].(isset($_SERVER["QUERY_STRING"])&&$_SERVER["QUERY_STRING"]?"?".$_SERVER["QUERY_STRING"]:""));
  217. exit;
  218. }
  219.  
  220. }else{
  221. $GLOBALS["requested_path"]=$GLOBALS["cms"]["config"]["site"]["site_relative_url"];
  222. }
  223. }else{
  224. $GLOBALS["requested_path"]=$GLOBALS["cms"]["config"]["site"]["site_relative_url"];
  225. }
  226.  
  227. /*@$GLOBALS["MAIN_URL"]=$matches[1];
  228. if (!$GLOBALS["MAIN_URL"])
  229. $GLOBALS["MAIN_URL"]=$_SERVER["REQUEST_URI"];*/
  230. include('cms/.libs/sessions_mysql.php'); // Session SQL module
  231. if(isset($_SERVER["HTTP_USER_AGENT"])&&!preg_match("|StackRambler|i",$_SERVER["HTTP_USER_AGENT"])){
  232. session_name ("SESSID");
  233. session_start();
  234. session_set_cookie_params (0); // creating SESSID
  235. }
  236.  
  237. $cms_common->get_transit_query_string();
  238.  
  239. require_once('cms/.libs/pages.php');
  240. if(!isset($GLOBALS["wrapper"])){
  241. if(isset($_SESSION["page_authorized"])&&$_SESSION["page_authorized"]){
  242. if (isset($_GET["action"]) && $_GET["action"]=="logout"){
  243. unset($_SESSION["page_authorized"]);
  244. header("HTTP/1.1 302 Found");
  245. header("Location: ".$_SERVER["PHP_SELF"]);
  246. exit;
  247. }
  248. }
  249. if (isset($_SESSION["page_bad_authorized"]))
  250. unset($_SESSION["page_bad_authorized"]);
  251. if (isset($_SESSION["page_bad_password"]) && !(isset($_GET["action"]) && $_GET["action"]=="password_reminder"))
  252. unset($_SESSION["page_bad_password"]);
  253. if (isset($_SESSION["page_bad_auth"]))
  254. unset($_SESSION["page_bad_auth"]);
  255. if (isset($_SESSION["page_bad_active"]))
  256. unset($_SESSION["page_bad_active"]);
  257. if (isset($_POST["action"]) && $_POST["action"]=="page_authorization"){
  258. if(isset($_POST["register"])||isset($_POST["register_x"])){
  259. if(isset($GLOBALS["cms"]["config"]["site"]["register_packet_id"]) && $GLOBALS["cms"]["config"]["site"]["register_packet_id"]){
  260. $query="select id from pages where nested=0 and lang='{$_POST["lang"]}' and parent='{$GLOBALS["cms"]["config"]["site"]["register_packet_id"]}'";
  261. $_row=db_fetch_assoc(db_query($query));
  262. if(isset($_row["id"])){
  263. $GLOBALS["lang"]=$_POST["lang"];
  264. header("HTTP/1.1 302 Found");
  265. header("Location: ".$GLOBALS["relative_path"].$GLOBALS["cms_common"]->createsitelink(array("page"=>$_row["id"])));
  266. exit;
  267. }
  268. }elseif (isset($GLOBALS["cms"]["config"]["site"]["register_url"]) && $GLOBALS["cms"]["config"]["site"]["register_url"]){
  269. header("HTTP/1.1 302 Found");
  270. header("Location: ".$GLOBALS["cms"]["config"]["site"]["register_url"]);
  271. exit;
  272. }
  273. }
  274. if (trim($_POST["page_password"]) && trim($_POST["page_login"]) && !(isset($_POST["register"])||isset($_POST["register_x"]))){
  275. $query="select level,md5pass,email,active,ipaddresses,login,info,name from users where login='".trim($_POST["page_login"])."' limit 1";
  276. $result=db_query($query);
  277. $auth_row=db_fetch_assoc($result);
  278. if (db_affected_rows()>0){
  279. if ($auth_row["level"]==3 && isset($auth_row["active"])&&!$auth_row["active"]){
  280. $_SESSION["page_bad_authorized"]=1;
  281. //$_SESSION["page_bad_password"]=stripslashes($_POST["page_login"]);
  282. //$_SESSION["page_bad_email"]=$auth_row["email"];
  283. $_SESSION["page_bad_active"]=1;
  284. }elseif ($auth_row["md5pass"]==md5(trim($_POST["page_password"]))){
  285. if ($auth_row["ipaddresses"]){
  286. require_once("cms/.libs/login.php");
  287. $login_class= new cms_login();
  288. if($login_class->is_good_ip($auth_row["ipaddresses"])){
  289. $_SESSION["page_authorized"]=1;
  290. }else{
  291. $_SESSION["page_bad_authorized"]=1;
  292. $_SESSION["page_bad_ip"]=1;
  293. }
  294. unset($login_class);
  295. }else{
  296. $_SESSION["page_authorized"]=1;
  297. $_SESSION["auth_row"]=$auth_row;
  298. }
  299. }elseif ($auth_row["level"]==3){
  300. $_SESSION["page_bad_authorized"]=1;
  301. $_SESSION["page_bad_password"]=stripslashes($_POST["page_login"]);
  302. $_SESSION["page_bad_email"]=$auth_row["email"];
  303. }
  304. }else{
  305. $_SESSION["page_bad_authorized"]=1;
  306. }
  307. }else{
  308. $_SESSION["page_bad_authorized"]=1;
  309. }
  310. }
  311. }
  312.  
  313. if (isset($_COOKIE["site_edit_mode"]) && $_COOKIE["site_edit_mode"]==1){
  314. $GLOBALS["cms"]["config"]["site"]["enable_cache"]=0;// disable cache
  315. $_SESSION["site_edit_mode"]=1;
  316. }
  317.  
  318. $site_name="";
  319.  
  320. if (isset($GLOBALS["cms"]["config"]["site"]["multi_site"]) && $GLOBALS["cms"]["config"]["site"]["multi_site"]==1){
  321. list($site_name)=db_fetch_row(db_query("select name from cms_sites where domain='{$_SERVER["HTTP_HOST"]}'"));
  322. }elseif ($cms_common->getsitevar("site")!=FALSE){
  323. $result=db_query("SELECT db,langs from cms_sites WHERE name='".$cms_common->getsitevar("site")."'");
  324. list($site_name)=db_fetch_row($result);
  325. }
  326.  
  327.  
  328. $result=db_query("SELECT db,langs from cms_sites WHERE name='".($site_name?$site_name:"default")."'");
  329. if (db_affected_rows()==0) die("Unknown site"); // uknown site.
  330. list($site,$langs)=db_fetch_row($result);
  331. db_select_db($site);
  332.  
  333.  
  334. if(!isset($langs))
  335. {
  336. list($langs)=db_fetch_row(db_query("SELECT langs from ".$GLOBALS["cms"]["config"]["sql"]["database"].".cms_sites WHERE name='default'"));
  337. }
  338. $lngarray=explode(";",$langs);
  339. foreach ($lngarray as $v)
  340. {
  341. $GLOBALS["cms"]["sitelangs"][]=substr($v,0,2);
  342. $GLOBALS["cms"]["startpage"][substr($v,0,2)]=substr($v,3);
  343. }
  344. unset($langs);
  345. if(!isset($GLOBALS["wrapper"])){
  346. if (($id==-1 || $id==0) && !is_object($found_handler))
  347. {
  348.  
  349. if ($id==-1){
  350. if (isset($GLOBALS["requested_page"])&&is_file($GLOBALS["requested_page"])){
  351.  
  352. ob_start();
  353. @include($GLOBALS["requested_page"]);
  354. $content = ob_get_contents();
  355. ob_end_clean();
  356. echo $content;
  357. exit();
  358. }elseif(isset($GLOBALS["no_page_specified"]) && $GLOBALS["no_page_specified"]==1){
  359. if(!(substr($lngarray[0],3)==0 || substr($lngarray[0],3)==""))
  360. $id=substr($lngarray[0],3);
  361. }
  362. if ($id==-1)
  363. $_GET["template"]="error404";
  364. }
  365. /*if(isset($_GET["template"]) && $_GET["template"]=="error404"){
  366. $request=(isset($_GET["request"])?$_GET["request"]:$_SERVER["PHP_SELF"]);
  367. $template="?template=error404&request=".$request.($_SERVER["QUERY_STRING"]?"&".$_SERVER["QUERY_STRING"]:"");
  368. }else{
  369. $template=($_SERVER["QUERY_STRING"]?"?".$_SERVER["QUERY_STRING"]:"");
  370. }*/
  371. if (isset($_GET["lang"])){
  372. if(!isset($GLOBALS["cms"]["startpage"][$_GET["lang"]])) die("Default page is not assigned :(");
  373. //if(isset($GLOBALS["no_page_specified"]) && $GLOBALS["no_page_specified"]==1){
  374. $id=$GLOBALS["cms"]["startpage"][$_GET["lang"]];
  375. //}else{
  376. //$GLOBALS["cms_common"]->http_redirect($_SERVER["SCRIPT_NAME"].'/page'.$GLOBALS["cms"]["startpage"][$_GET["lang"]].'.html'.$template);
  377. //exit;
  378. //}
  379.  
  380. }else{
  381. if(substr($lngarray[0],3)==0 || substr($lngarray[0],3)=="") die("Default page is not assigned :(");
  382. //if(isset($GLOBALS["no_page_specified"]) && $GLOBALS["no_page_specified"]==1){
  383. $id=substr($lngarray[0],3);
  384. //}else{
  385. $id=substr($lngarray[0],3);
  386. //$GLOBALS["cms_common"]->http_redirect($_SERVER["SCRIPT_NAME"].'/page'.substr($lngarray[0],3).'.html'.$template);
  387. //exit;
  388. //}
  389. }
  390. }
  391.  
  392. if (isset($_GET['plugin']))
  393. $plugin=$_GET['plugin'];
  394. elseif(isset($_POST['plugin']))
  395. $plugin=$_POST['plugin'];
  396.  
  397. if(isset($_GET["mode"]) && $_GET["mode"]=="setflash"){
  398. $_SESSION["flash"]["version"]=$_GET["version"];
  399. $GLOBALS["cms_common"]->http_redirect($_SERVER["PHP_SELF"]);
  400. }
  401.  
  402. if (isset($GLOBALS["cms"]["config"]["site"]["flashdetect"]) && $GLOBALS["cms"]["config"]["site"]["flashdetect"]==1 && !isset($_SESSION["flash"]["version"])
  403. && !isset($_GET["flash"])){
  404. //echo $cms_common->detectflash();
  405. //exit;
  406. }
  407.  
  408. $site_closed=0;
  409. $site_closed_packet_id=0;
  410. if (file_exists(".plugins/site_closer/cms/main.php")){
  411. $query="select * from pl_site_closer";
  412. $res=db_query($query);
  413. $tmp_row=db_fetch_assoc($res);
  414. $site_closed=$tmp_row["closed"];
  415. $site_closed_packet_id=$tmp_row["packet_id"];
  416. }
  417.  
  418. if ((isset($plugin) || is_object($found_handler)) && !$site_closed){
  419. $id=0;$text="";
  420. if (!(isset($GLOBALS["lang"])&&$GLOBALS["lang"]))
  421. $lang=@$_REQUEST["lang"];
  422. else
  423. $lang=$GLOBALS["lang"];
  424. if (isset($lang) && is_file("language/".$lang."/msg.php")){
  425. $encoded_msg_file=$cms_common->get_encoded_msg_file("language/".$lang."/msg.php");
  426. require_once($encoded_msg_file);
  427. }
  428.  
  429. else die("can`t load lang resources");
  430.  
  431. if (is_file("language/common.php")){
  432. $encoded_msg_file=$cms_common->get_encoded_msg_file("language/common.php");
  433. require_once($encoded_msg_file);
  434. }
  435. if (isset($lang) && is_file("local/language/".$lang."/msg.php")){
  436. $encoded_msg_file=$cms_common->get_encoded_msg_file("local/language/".$lang."/msg.php");
  437. require_once($encoded_msg_file);
  438. }
  439. if (is_file("local/language/common.php")){
  440. $encoded_msg_file=$cms_common->get_encoded_msg_file("local/language/common.php");
  441. require_once($encoded_msg_file);
  442. }
  443. if (!is_object($found_handler)){
  444. require_once(".plugins/{$plugin}/site/main.php");
  445. eval('$init=new '.$plugin.'_site;');
  446. }else{
  447. $init=$found_handler;
  448. }
  449. $params=array();
  450. if (is_object($found_handler)){
  451. unset($params);
  452. $params["requested_page"]=$GLOBALS["requested_page"];
  453. }
  454. $content=$init->ProcessCommand("show_block",$params);
  455. $text=$content["text"];
  456. if(isset($content["headers"][1]))
  457. $content["headers"]["item_name"]=$content["headers"][1];
  458. if(isset($content["headers"][0]))
  459. $content["headers"]["item_parents"]=$content["headers"][0];
  460. //$menu["top1i"]=$menu["top1"]=(isset($content["headers"][0])?$content["headers"][0]:"");
  461. //$menu["top2"]=(isset($content["headers"][1])?$content["headers"][1]:"");
  462. $menu["bottom"]="&nbsp;";
  463. unset($init);
  464. }
  465. else{
  466.  
  467. $query="SELECT packets.type,pages.lang,pages.parent,packets.template,packets.id as pack_id,packets.protected,packets.copy_packet_id,packets.redirect,packets.disable_cache FROM packets,pages WHERE pages.nested=0 and pages.id='".$id."' AND pages.parent=packets.id";
  468. $result=db_query($query);
  469. if(db_affected_rows()==0) {
  470. if($GLOBALS["cms"]["config"]["cms"]["enable_acl"]==1){
  471. // trying to find it in the drafts
  472. $query="SELECT parent_page from cms_pages_drafts where id='$id'";
  473. $result=db_query($query);
  474. if (db_affected_rows()==0){
  475. $GLOBALS["cms_common"]->http_redirect('page0.html?'.($_SERVER["QUERY_STRING"]?$_SERVER["QUERY_STRING"]."&":"").'template=error404&request='.rawurlencode($_SERVER["PHP_SELF"]));
  476. }
  477. $GLOBALS["cms"]["config"]["site"]["enable_cache"]=0;// disable cache
  478. list($new_id)=db_fetch_row($result);
  479. $query="SELECT packets.type,pages.lang,pages.parent,packets.template,packets.id as pack_id,packets.protected,packets.copy_packet_id,packets.redirect,packets.disable_cache FROM packets,pages WHERE pages.id='".$new_id."' AND pages.parent=packets.id";
  480. $result=db_query($query);
  481. }else{
  482. if ($id!=substr($lngarray[0],3)){
  483. $GLOBALS["cms_common"]->http_redirect('page0.html?'.($_SERVER["QUERY_STRING"]?$_SERVER["QUERY_STRING"]."&":"").'template=error404&request='.rawurlencode($_SERVER["PHP_SELF"]));
  484. }
  485. }
  486. }
  487. $packet_data=db_fetch_assoc($result);
  488. list($type,$lang,$parentid,$tpl_id,$pack_id,$password_protected,$copy_packet_id)=array(
  489. isset($packet_data["type"])?$packet_data["type"]:"",
  490. isset($packet_data["lang"])?$packet_data["lang"]:"",
  491. isset($packet_data["parent"])?$packet_data["parent"]:"",
  492. isset($packet_data["template"])?$packet_data["template"]:"",
  493. isset($packet_data["pack_id"])?$packet_data["pack_id"]:"",
  494. isset($packet_data["protected"])?$packet_data["protected"]:"",
  495. isset($packet_data["copy_packet_id"])?$packet_data["copy_packet_id"]:"",
  496. isset($packet_data["redirect"])?$packet_data["redirect"]:"",
  497. );
  498. $page_removed=false;
  499. if (db_affected_rows()==0){
  500. $page_removed=true;
  501. }
  502. if($page_removed && $id==substr($lngarray[0],3)){
  503. if(isset($lngarray[0]))
  504. $lang=substr($lngarray[0],0,2);
  505. }
  506. if ($copy_packet_id){
  507. $query="select packets.type,pages.id from pages left join packets on (pages.parent=packets.id) where parent='$copy_packet_id' and lang='$lang'";
  508. $res=db_query($query);
  509. list($original_type,$original_page_id)=db_fetch_row($res);
  510. if (isset($packet_data["redirect"])&&$packet_data["redirect"]){
  511. $GLOBALS["cms_common"]->http_redirect($GLOBALS["relative_path"].$cms_common->createsitelink(array("page"=>$original_page_id)));
  512. exit;
  513. }
  514. }
  515. $encoded_msg_file=$cms_common->get_encoded_msg_file("language/".$lang."/msg.php");
  516. require_once($encoded_msg_file);
  517.  
  518. if (is_file("language/common.php")){
  519. $encoded_msg_file=$cms_common->get_encoded_msg_file("language/common.php");
  520. require_once($encoded_msg_file);
  521.  
  522. }
  523. if (is_file("local/language/".$lang."/msg.php")){
  524. $encoded_msg_file=$cms_common->get_encoded_msg_file("local/language/".$lang."/msg.php");
  525. require_once($encoded_msg_file);
  526. }
  527. if (is_file("local/language/common.php")){
  528. $encoded_msg_file=$cms_common->get_encoded_msg_file("local/language/common.php");
  529. require_once($encoded_msg_file);
  530. }
  531.  
  532. if($page_removed && $id==substr($lngarray[0],3)){
  533. $content['text']=$msg["default_page_does_not_exist"];
  534. }
  535. if($site_closed){
  536. if(!isset($_GET["template"]) || $_GET["template"]!="constr"){
  537. $GLOBALS["cms_common"]->http_redirect($GLOBALS["relative_path"].'page0.html?'.($_SERVER["QUERY_STRING"]?$_SERVER["QUERY_STRING"]."&":"").'template=constr');
  538. exit;
  539. }else{
  540. if ($site_closed_packet_id==0){
  541. $content['text']=$msg["site_closed"];
  542. $page_removed=true;
  543. }else{
  544. $query="select id from pages where parent='{$site_closed_packet_id}' and lang='$lang'";
  545. $res=db_query($query);
  546. $tmp_row=db_fetch_assoc($res);
  547. if(db_affected_rows()==0){
  548. $page_removed=true;
  549. $content['text']=$msg["site_closed"];
  550. }else{
  551.  
  552. $id=$tmp_row["id"];
  553. $page_removed=false;
  554. $query="SELECT packets.type,pages.lang,pages.parent,packets.template,packets.id as pack_id,packets.protected,packets.copy_packet_id FROM packets,pages WHERE pages.id='".$id."' AND pages.parent=packets.id";
  555. $result=db_query($query);
  556. list($type,$lang,$parentid,$tpl_id,$pack_id,$password_protected,$copy_packet_id)=db_fetch_row($result);
  557. }
  558. }
  559. }
  560.  
  561. }
  562.  
  563. if (!$page_removed){
  564. // fwrite ( int fp, string string [, int length])
  565. if ($GLOBALS["rewrite_mode"]==0){
  566. if (substr($_SERVER["PHP_SELF"],strlen($_SERVER["PHP_SELF"])-6,6)==".html/"){
  567. $GLOBALS["cms_common"]->http_redirect(substr($_SERVER["PHP_SELF"],0,strlen($_SERVER["PHP_SELF"])-1).(isset($_SERVER["QUERY_STRING"])&&trim($_SERVER["QUERY_STRING"])?"?".$_SERVER["QUERY_STRING"]:""));
  568. exit;
  569. }
  570. $fname=str_replace(array("*","?","\\","/",".."),"",substr(strrchr($_SERVER["PHP_SELF"], "/"), 1));
  571. if (!$fname)
  572. $fname="{$id}.html";
  573. }else{
  574. $fname=$GLOBALS["requested_page"];
  575. }
  576. $query="SELECT max(mtime) from pages where id=$id or parent='".$copy_packet_id."'";
  577. list($mtime)=db_fetch_row(db_query($query));
  578.  
  579. if (isset($packet_data["disable_cache"])&&$packet_data["disable_cache"]==1){
  580. $GLOBALS["cms"]["config"]["site"]["enable_cache"]=0;
  581. }
  582. require_once(".plugins/".($copy_packet_id?$original_type:$type)."/site/main.php");
  583. eval('$init=new '.($copy_packet_id?$original_type:$type).'_site;');
  584. if ($GLOBALS["cms"]["config"]["site"]["enable_cache"]==0) $nocache=1;
  585. else $nocache=0;
  586.  
  587. if ($_SERVER["QUERY_STRING"]!="" || $_SERVER["REQUEST_METHOD"]!="GET" || $mtime==1) $nocache=1;
  588.  
  589. if(false /*$password_protected==1 && (!isset($_SESSION["page_authorized"])||$_SESSION["page_authorized"]!=1)*/){
  590.  
  591. if (isset($_GET["action"]) && $_GET["action"]=="password_reminder"){
  592.  
  593. require_once("cms/.libs/db_common.php");
  594. require_once("cms/.libs/mail.php");
  595. $db_common=new db_common();
  596. $new_pass=$cms_common->genpassword(8);
  597. $sql=$db_common->make_update_sql("users",array(
  598. "md5pass"=>$new_pass,
  599. ),array("login"=>$_SESSION["page_bad_password"]),
  600. array("md5pass"=>"md5"));
  601. db_query($sql);
  602.  
  603. $cms_common->mail_to($_SESSION["page_bad_email"],$msg["remind_password_request"],"Login: ".$_SESSION["page_bad_password"]."\nPassword: $new_pass",array(),array("from"=>$GLOBALS["cms"]["config"]["site"]["admin_email"]));
  604. $GLOBALS["cms_common"]->http_redirect($_SERVER["PHP_SELF"]."?action=reminded");
  605. }elseif (isset($_GET["action"]) && $_GET["action"]=="reminded"){
  606. $content['text']='<p class="content-text">'.$msg["remind_password_text"].'</p>';
  607. $content['text'].='<p class="content-text"><a href="'.$_SERVER["PHP_SELF"].'">'.$msg["sign_in"].'</a></p>';
  608. }elseif (isset($_GET["action"]) && $_GET["action"]=="user_registered"){
  609. $content['text']='<p class="content-text">'.$msg["user_registered"].'</p>';
  610. }else{
  611. if (!(isset($_POST["register"])||isset($_POST["register_x"]))){
  612. $content['text']='<br><form name="page" action="'.$_SERVER["PHP_SELF"].'" method="POST">';
  613. if (isset($_SESSION["page_bad_authorized"]) && $_SESSION["page_bad_authorized"]==1 && !isset($_POST["register_sign_in"])){
  614. $content['text'].='<p class="content-text" align="center"><span class="form-error">'.$msg["authorization_error"].'!</span></p>';
  615. }
  616. //if (isset($GLOBALS["cms"]["config"]["site"]["register_url"]) && $GLOBALS["cms"]["config"]["site"]["register_url"]){
  617. if ($register_btn=glob("pics/auth/{$GLOBALS["lang"]}/register.*")){
  618. $register_text='<input type="image" name="register" value="'.$GLOBALS["msg"]["register"].'" src="'.$register_btn[0].'" id="btn-register" onMouseOver="SwapImage(\'btn-register\',1)" onMouseOut="SwapImage(\'btn-register\',0)">';
  619. //print_r($register_btn);die();
  620. }elseif($register_btn=glob("pics/auth/register.*")){
  621. $register_text='<input type="image" name="register" value="'.$GLOBALS["msg"]["register"].'" src="'.$register_btn[0].'" id="btn-register" onMouseOver="SwapImage(\'btn-register\',1)" onMouseOut="SwapImage(\'btn-register\',0)">';
  622. }else{
  623. $register_text='<input type="submit" name="register" value="'.$GLOBALS["msg"]["register"].'">';
  624. }
  625. //}
  626. $content['text'].='<center>';
  627. if (isset($_SESSION["page_bad_password"]) && $_SESSION["page_bad_password"]){
  628. $content['text'].='<p align="center"><span class="form-error">'.$GLOBALS["msg"]["invalid_password"].'</span></p>';
  629. }
  630. if (isset($_SESSION["page_bad_active"]) && $_SESSION["page_bad_active"]){
  631. $content['text'].='<p align="center"><span class="form-error">'.$GLOBALS["msg"]["login_is_not_active"].'</span></p>';
  632. }
  633. if (isset($_SESSION["page_bad_ip"]) && $_SESSION["page_bad_ip"]){
  634. $content['text'].='<p align="center"><span class="form-error">'.$GLOBALS["msg"]["bad_ip"].'</span></p>';
  635. }
  636. $content['text'].='<p class="content-text">'.$msg["authorization_required"].'.</p><br>';
  637. if ($sign_in_btn=glob("pics/auth/{$GLOBALS["lang"]}/login.*")){
  638. $sign_in_text='<input type="image" name="sign-in" value="'.$GLOBALS["msg"]["sign_in"].'" src="'.$sign_in_btn[0].'" id="btn-sign-in" onMouseOver="SwapImage(\'btn-sign-in\',1)" onMouseOut="SwapImage(\'btn-sign-in\',0)">';
  639. //print_r($register_btn);die();
  640. }elseif($sign_in_btn=glob("pics/auth/login.*")){
  641. $sign_in_text='<input type="image" name="sign-in" value="'.$GLOBALS["msg"]["sign_in"].'" src="'.$sign_in_btn[0].'" id="btn-sign-in" onMouseOver="SwapImage(\'btn-sign-in\',1)" onMouseOut="SwapImage(\'btn-sign-in\',0)">';
  642. }else{
  643. $sign_in_text='<input type="submit" name="sign-in" value="'.$GLOBALS["msg"]["sign_in"].'">';
  644. }
  645. $content['text'].='<table cellpadding="3" cellspacing="1" border="0" >';
  646. $content['text'].='<tr><td class="content-text">'.$msg["your_login"].':</td><td><input name="page_login" value="'.(isset($_POST["page_login"])?$_POST["page_login"]:"").'"></td></tr>';
  647. $content['text'].='<tr><td class="content-text">'.$msg["your_password"].':</td><td><input type="password" name="page_password"></td></tr>';
  648. $content['text'].='<tr><td align="center" colspan="2"><input type="hidden" name="action" value="page_authorization">'.$sign_in_text.'&nbsp'.(isset($register_text)&&$register_text?$register_text:"").'</td></tr>';
  649. $content['text'].='</table></form>';
  650. if (isset($_POST["action"]) && $_POST["action"]=="page_authorization" && isset($_SESSION["page_bad_password"]) && $_SESSION["page_bad_password"]){
  651. $content['text'].='<p><a class="content-link" href="'.$_SERVER["PHP_SELF"].'?action=password_reminder&login='.$_SESSION["page_bad_password"].'">'.$GLOBALS["msg"]["remind_password"].'</a></p>';
  652. }
  653. $content['text'].='</center>';
  654. }else{
  655. $content['text']='';
  656. if(isset($_POST["action"]) && $_POST["action"]=="user_registration"){
  657. if (!isset($_POST["desired_login"]) || !$_POST["desired_login"]){
  658. $content['text'].='<p class="content-text" align="center"><span class="form-error">'.$msg["enter_desired_login"].'!</span></p>';
  659. }elseif(!preg_replace("@[^a-zA-Z0-9_]@","",trim($_POST["desired_login"]))){
  660. $content['text'].='<p class="content-text" align="center"><span class="form-error">'.$msg["invalid_desired_login"].'!</span></p>';
  661. }elseif(isset($GLOBALS["cms"]["config"]["site"]["complex_registration"])&&$GLOBALS["cms"]["config"]["site"]["complex_registration"]==1&&(!isset($_POST["name"]) || !$_POST["name"])){
  662. $content['text'].='<p class="content-text" align="center"><span class="form-error">'.$msg["enter_name"].'!</span></p>';
  663. }elseif(!isset($_POST["email"]) || !$_POST["email"]){
  664. $content['text'].='<p class="content-text" align="center"><span class="form-error">'.$msg["enter_email"].'!</span></p>';
  665. }elseif(!$cms_common->valid_email($_POST["email"])){
  666. $content['text'].='<p class="content-text" align="center"><span class="form-error">'.$msg["email_invalid"].'!</span></p>';
  667. }elseif(isset($GLOBALS["cms"]["config"]["site"]["complex_registration"])&&$GLOBALS["cms"]["config"]["site"]["complex_registration"]==1&&(!isset($_POST["company"]) || !$_POST["company"])){
  668. $content['text'].='<p class="content-text" align="center"><span class="form-error">'.$msg["enter_company"].'!</span></p>';
  669. }else{
  670.  
  671. $query="select * from users where login = '".trim($_POST["desired_login"])."' or (level=3 and email='".trim($_POST["email"])."')";
  672. $res=db_query($query);
  673. if (db_affected_rows()>0){
  674. $_row=db_fetch_assoc($res);
  675. if ($_row["email"]==trim($_POST["email"])){
  676. $content['text'].='<p class="content-text" align="center"><span class="form-error">'.$msg["email_exists"].'!</span></p>';
  677. }else{
  678. $content['text'].='<p class="content-text" align="center"><span class="form-error">'.$msg["login_exists"].'!</span></p>';
  679. }
  680. }else{
  681.  
  682. require_once("cms/.libs/db_common.php");
  683. require_once("cms/.libs/mail.php");
  684. $db_common=new db_common();
  685. $new_pass=$cms_common->genpassword(8);
  686.  
  687. $sql=$db_common->make_insert_sql("users",array(
  688. "login"=>$_POST["desired_login"],
  689. "md5pass"=>$new_pass,
  690. "name"=>(isset($GLOBALS["cms"]["config"]["site"]["complex_registration"])&&$GLOBALS["cms"]["config"]["site"]["complex_registration"]==1?$_POST["name"]:""),
  691. "email"=>$_POST["email"],
  692. "info"=>(isset($GLOBALS["cms"]["config"]["site"]["complex_registration"])&&$GLOBALS["cms"]["config"]["site"]["complex_registration"]==1?$_POST["company"]:""),
  693. "level"=>3,
  694. "lang"=>$GLOBALS["lang"],
  695. "active"=>1 /*(isset($GLOBALS["cms"]["config"]["site"]["registration_approve_required"])&&$GLOBALS["cms"]["config"]["site"]["registration_approve_required"]==1?0:1)*/
  696. ),
  697. array("md5pass"=>"md5"));
  698. db_query($sql);
  699. $user_id=db_insert_id();
  700. if(isset($GLOBALS["cms"]["config"]["site"]["complex_registration"])&&$GLOBALS["cms"]["config"]["site"]["complex_registration"]==1)
  701. $msg["registration_mail_message"]=str_replace("<!--%name%-->",stripslashes($_POST["name"]),$msg["registration_mail_message"]);
  702. $msg["registration_mail_message"]=str_replace("<!--%login%-->",stripslashes($_POST["desired_login"]),$msg["registration_mail_message"]);
  703. $msg["registration_mail_message"]=str_replace("<!--%password%-->",$new_pass,$msg["registration_mail_message"]);
  704.  
  705. $cms_common->mail_to($_POST["email"],$msg["registration_on_site"]." ".$GLOBALS["main_title"],$msg["registration_mail_message"],array(),array("from"=>$GLOBALS["cms"]["config"]["site"]["admin_email"]));
  706.  
  707. $ip=$GLOBALS["cms_common"]->get_real_ip();
  708. if ($ip!=trim($_SERVER["REMOTE_ADDR"])){
  709. $proxy_ip=$_SERVER["REMOTE_ADDR"];
  710. $ip.="\nProxy IP: ".$proxy_ip;
  711. }
  712. $msg["registration_admin_message"]=str_replace("<!--%REFERER%-->",(isset($_SESSION["HTTP_REFERERS"])?implode(",\n",is_array($_SESSION["HTTP_REFERERS"])?$_SESSION["HTTP_REFERERS"]:array($_SESSION["HTTP_REFERERS"])):""),$msg["registration_admin_message"]);
  713. $msg["registration_admin_message"]=str_replace("<!--%IP%-->",@gethostbyaddr(stripslashes($ip)),$msg["registration_admin_message"]);
  714. if (isset($GLOBALS["cms"]["config"]["site"]["complex_registration"])&&$GLOBALS["cms"]["config"]["site"]["complex_registration"]==1)
  715. $msg["registration_admin_message"]=str_replace("<!--%name%-->",stripslashes($_POST["name"]),$msg["registration_admin_message"]);
  716. $msg["registration_admin_message"]=str_replace("<!--%login%-->",stripslashes($_POST["desired_login"]),$msg["registration_admin_message"]);
  717. $msg["registration_admin_message"]=str_replace("<!--%password%-->",$new_pass,$msg["registration_admin_message"]);
  718. if (isset($GLOBALS["cms"]["config"]["site"]["complex_registration"])&&$GLOBALS["cms"]["config"]["site"]["complex_registration"]==1)
  719. $msg["registration_admin_message"]=str_replace("<!--%company%-->",$_POST["company"],$msg["registration_admin_message"]);
  720. $msg["registration_admin_message"]=str_replace("<!--%email%-->",$_POST["email"],$msg["registration_admin_message"]);
  721. if (isset($GLOBALS["cms"]["config"]["site"]["registration_approve_required"])&&$GLOBALS["cms"]["config"]["site"]["registration_approve_required"]==1){
  722. $msg["registration_admin_message"]=str_replace("<!--%approve_link%-->","https://{$_SERVER["HTTP_HOST"]}".(isset($GLOBALS["requested_path"])?$GLOBALS["requested_path"]:"")."/cms/index.php?mode=settings&plugin=web_users&action=approve&user_id={$user_id}",$msg["registration_admin_message"]);
  723. $msg["registration_admin_message"]=str_replace("<!--%delete_link%-->","https://{$_SERVER["HTTP_HOST"]}".(isset($GLOBALS["requested_path"])?$GLOBALS["requested_path"]:"")."/cms/index.php?mode=settings&plugin=web_users&action=delete&user_id={$user_id}",$msg["registration_admin_message"]);
  724. }
  725. $cms_common->mail_to($GLOBALS["cms"]["config"]["site"]["admin_email"],$msg["registration_on_site"]." ".$GLOBALS["main_title"],$msg["registration_admin_message"],array(),array("from"=>$GLOBALS["cms"]["config"]["site"]["admin_email"]));
  726. $GLOBALS["cms_common"]->http_redirect($_SERVER["PHP_SELF"]."?action=user_registered");
  727. }
  728.  
  729. }
  730. }
  731.  
  732. $GLOBALS["cms_common"]->include_template_files(array(
  733. array(
  734. "type"=>"script",
  735. "src"=>"cms/js/site_js/tooltip.js",
  736. "dst"=>"jscripts/cms_tooltip.js",
  737. ),
  738. array(
  739. "type"=>"css",
  740. "src"=>"cms/styles/site_css/tooltip.css",
  741. "dst"=>"styles/cms_tooltip.css",
  742. ),
  743. ));
  744. $content['text'].=$msg["register_form_top_msg"];
  745. $content['text'].='<br><form name="page" action="'.$_SERVER["PHP_SELF"].'" method="POST">';
  746. $content['text'].='<center><table cellpadding="3" cellspacing="1" border="0" >';
  747. $content['text'].='<tr><td class="content-text">'.$msg["desired_login"].$GLOBALS["cms_common"]->add_tooltip_code($msg["allowed_characters"],"this",1).' <span class="req">*</span>:</td><td><input name="desired_login" value="'.(isset($_POST["desired_login"])?htmlspecialchars(stripslashes($_POST["desired_login"])):"").'"></td></tr>';
  748. if (isset($GLOBALS["cms"]["config"]["site"]["complex_registration"])&&$GLOBALS["cms"]["config"]["site"]["complex_registration"]==1)
  749. $content['text'].='<tr><td class="content-text">'.$msg["name"].' <span class="req">*</span>:</td><td><input name="name" value="'.(isset($_POST["name"])?htmlspecialchars(stripslashes($_POST["name"])):"").'"></td></tr>';
  750. $content['text'].='<tr><td class="content-text">'.site_mes("E-mail").' <span class="req">*</span>:</td><td><input name="email" value="'.(isset($_POST["email"])?htmlspecialchars(stripslashes($_POST["email"])):"").'"></td></tr>';
  751. if (isset($GLOBALS["cms"]["config"]["site"]["complex_registration"])&&$GLOBALS["cms"]["config"]["site"]["complex_registration"]==1)
  752. $content['text'].='<tr><td class="content-text">'.$msg["company"].' <span class="req">*</span>:</td><td><input name="company" value="'.(isset($_POST["company"])?htmlspecialchars(stripslashes($_POST["company"])):"").'"></td></tr>';
  753.  
  754. if ($register_btn=glob("pics/auth/{$GLOBALS["lang"]}/register.*")){
  755. $register_btn_html=' src="'.$register_btn[0].'" id="btn-register" onMouseOver="SwapImage(\'btn-register\',1)" onMouseOut="SwapImage(\'btn-register\',0)"';
  756. }elseif($register_btn=glob("pics/auth/register.*")){
  757. $register_btn_html=' src="'.$register_btn[0].'" id="btn-register" onMouseOver="SwapImage(\'btn-register\',1)" onMouseOut="SwapImage(\'btn-register\',0)"';
  758. }else{
  759. $register_btn_html="";
  760. }
  761. if ($sign_in_btn=glob("pics/auth/{$GLOBALS["lang"]}/login.*")){
  762. $register_signin_btn_html=' src="'.$sign_in_btn[0].'" id="btn-sign-in" onMouseOver="SwapImage(\'btn-sign-in\',1)" onMouseOut="SwapImage(\'btn-sign-in\',0)"';
  763. }elseif($sign_in_btn=glob("pics/auth/login.*")){
  764. $register_signin_btn_html=' src="'.$sign_in_btn[0].'" id="btn-sign-in" onMouseOver="SwapImage(\'btn-sign-in\',1)" onMouseOut="SwapImage(\'btn-sign-in\',0)"';
  765. }else{
  766. $register_signin_btn_html="";
  767. }
  768.  
  769. $content['text'].='<tr><td align="center" colspan="2"><input type="hidden" name="action" value="user_registration"><input '.($register_btn_html?'type="image"':'type="submit"').' name="register" value="'.$msg["register"].'"'.$register_btn_html.'> <!-- <input '.($register_signin_btn_html?'type="image"':'type="submit"').' name="register_sign_in" value="'.$msg["sign_in"].'"'.$register_signin_btn_html.'">--></td></tr>';
  770.  
  771. $content['text'].='</table></form>';
  772. $content['text'].='</center>';
  773. $content['text'].=$msg["register_form_bottom_msg"];
  774. }
  775. }
  776.  
  777. }elseif($nocache==0 && is_file("cache/".md5(($site_name?$site_name."/":"")."$fname")) && $mtime-filemtime("cache/".md5(($site_name?$site_name."/":"")."$fname"))<2) { /* bug around for dos like FS */
  778. $loaded_from_cache=true;
  779. $text=file_get_contents("cache/".md5(($site_name?$site_name."/":"")."$fname"));
  780. $content['text']=$text;
  781. }else{
  782.  
  783. $text=$init->ProcessCommand(($copy_packet_id && $original_page_id!=$id?$original_page_id:$id),"show_page");
  784. if (is_file(".plugins/auto_updater/cms/auto_updater_class.php")){//auto update
  785. if (preg_match("<%.*?%>",$text)){
  786. require_once(".plugins/auto_updater/cms/auto_updater_class.php");
  787. $text=$auto_updater_class->replace_codes($id,$text);
  788. }
  789. }
  790.  
  791. $content['text']=$text;
  792. if ($nocache==0 && !(isset($_SESSION["site_edit_mode"])&&$_SESSION["site_edit_mode"]==1)) {
  793. if ($mtime==0) {$mtime=time();db_query("UPDATE pages set mtime=$mtime where id=$id");}; // old base fix
  794. if (file_exists("cache/".md5(($site_name?$site_name."/":"")."$fname"))){
  795. @unlink("cache/".md5(($site_name?$site_name."/":"")."$fname"));
  796. }
  797.  
  798. $fp=fopen("cache/".md5(($site_name?$site_name."/":"")."$fname"),"w+");
  799. fwrite($fp,$text);
  800. fclose($fp);
  801. touch("cache/".md5(($site_name?$site_name."/":"")."$fname"),$mtime);
  802. }
  803. }
  804. $page_keywords=db_fetch_assoc($cms_common->get_page_meta(array("page"=>(isset($original_page_id)&&$original_page_id!=$id?$original_page_id:$id))));
  805. }
  806. }
  807. }else{ //end of !isset($GLOBALS["wrapper"])
  808.  
  809. if (isset($GLOBALS["wrapper"]["lang"])){
  810. $lang=$GLOBALS["wrapper"]["lang"];
  811.  
  812. $encoded_msg_file=$cms_common->get_encoded_msg_file("language/".$lang."/msg.php");
  813. require_once($encoded_msg_file);
  814.  
  815. if (is_file("language/common.php")){
  816. $encoded_msg_file=$cms_common->get_encoded_msg_file("language/common.php");
  817. require_once($encoded_msg_file);
  818.  
  819. }
  820. if (is_file("local/language/".$lang."/msg.php")){
  821. $encoded_msg_file=$cms_common->get_encoded_msg_file("local/language/".$lang."/msg.php");
  822. require_once($encoded_msg_file);
  823. }
  824. if (is_file("local/language/common.php")){
  825. $encoded_msg_file=$cms_common->get_encoded_msg_file("local/language/common.php");
  826. require_once($encoded_msg_file);
  827. }
  828. }
  829. $content["text"]=isset($GLOBALS["wrapper"]["content"])?$GLOBALS["wrapper"]["content"]:"";
  830. $GLOBALS["lang"]=isset($GLOBALS["wrapper"]["lang"])?$GLOBALS["wrapper"]["lang"]:(isset($GLOBALS["cms"]["sitelangs"][0])?$GLOBALS["cms"]["sitelangs"][0]:"");
  831. }
  832.  
  833. if (!isset($GLOBALS["wrapper"])){
  834. if(isset($_GET["mode"]) && $_GET["mode"]=="sendfile" && (!$password_protected || isset($_SESSION["page_authorized"]) && $_SESSION["page_authorized"]==1)){
  835. if(!$password_protected){
  836. $cms_common->SendFile($_GET["fileid"]); exit;
  837. }
  838. $file_data=$cms_common->GetFile($_GET["fileid"]);
  839. $query="select parent from pages where id='{$GLOBALS["id"]}'";
  840. $_res=db_query($query);
  841. $_row=db_fetch_assoc($_res);
  842.  
  843. $query="select id from pages where parent='{$_row["parent"]}'";
  844. $_res=db_query($query);
  845. while($_row=db_fetch_assoc($_res)){
  846. $_ids[]=$_row["id"];
  847. }
  848. if (in_array($file_data[3],$_ids)){
  849. $cms_common->SendFile($_GET["fileid"]); exit;
  850. }
  851. }
  852.  
  853. /* Process possible automatic values */
  854. if (isset($GLOBALS["cms"]["config"]["site"]["custom_automatic_values"]) && $GLOBALS["cms"]["config"]["site"]["custom_automatic_values"]){
  855. preg_match_all("/(<|&lt;)%=(\w+?)::(.+?)%(>|&gt;)/",$content["text"],$matches,PREG_SET_ORDER);
  856. if (count($matches)>0){
  857. foreach ($matches as $match){
  858. if (isset($match[2]) && isset($match[3])){
  859. if (is_file("./.plugins/".trim($match[2])."/site/main.php")){
  860. require_once("./.plugins/".trim($match[2])."/site/main.php");
  861. $module= trim($match[2])."_site";
  862. $init = new $module;
  863. if (method_exists($init,"get_code_value")){
  864. $text=$init->get_code_value(array("match"=>$match[3],"page_id"=>$id));
  865. }else{
  866. $text="";
  867. }
  868. $content["text"]=str_replace($match[0],$text,$content["text"]);
  869. }
  870. }
  871. }
  872. }
  873. }
  874. /* Process possible automatic values end */
  875.  
  876. /* correct path to local images */
  877. if (isset($content["text"])){
  878. $content["text"]=str_replace("https://".$_SERVER["HTTP_HOST"].$GLOBALS["requested_path"]."/images/","../images/",$content["text"]);
  879. preg_match_all('/<img([^>]+)src="(\.\.\/)?([^>"\']+)"([^>]*)>/msi',$content["text"],$matches,PREG_SET_ORDER);
  880. foreach($matches as $match){
  881. if (isset($match[3])){
  882. if (is_file($match[3])){
  883. //$imageinfo=getimagesize("images/".$match[2].".swf");
  884. $content["text"]=str_replace($match[0],'<img'.$match[1].'src="'.$GLOBALS["relative_path"].$match[3].'"'.$match[4].'>',$content["text"]);
  885. }
  886. }
  887. //die();
  888. }
  889. //$content["text"]=$text;
  890. }
  891. /* correct path to local images end*/
  892. }
  893.  
  894. if ((!isset($GLOBALS["cms"]["config"]["site"]["hide_signed_in_panel"])||!$GLOBALS["cms"]["config"]["site"]["hide_signed_in_panel"]) && isset($_SESSION["page_authorized"])&&$_SESSION["page_authorized"] && isset($_SESSION["auth_row"])){
  895. if (!isset($_GET['template'])||$_GET['template']!="popup")
  896. $content['text']='<p align="right">'."{$_SESSION["auth_row"]["login"]}".' [<a href="'.$_SERVER["PHP_SELF"].'?action=logout">'.$GLOBALS["msg"]["Logout"].'</a>]</p>'.$content['text'];
  897. }
  898. if(isset($plugin_folder) && is_file($plugin_folder."template.tpl")){
  899. ob_start();
  900. include($plugin_folder."template.tpl");
  901. $content['text']=ob_get_contents();
  902. ob_clean();
  903. }
  904. /* new template implementation */
  905.  
  906.  
  907. if(isset($_GET['template'])){
  908. $template_name=$_GET['template'];
  909. $query="select * from pl_template where template='$template_name'";
  910. $row=db_fetch_assoc(db_query($query));
  911. $tpl_id=$row['id'];
  912. }else{
  913. if (!isset($tpl_id)||!$tpl_id){
  914. $tpl_id=0;
  915. if (isset($GLOBALS["cms"]["config"]["site"]["menu_templates_enable"]) && $GLOBALS["cms"]["config"]["site"]["menu_templates_enable"]){
  916. $query="SELECT masterdiv FROM pages WHERE id=$id";
  917. $res=db_query($query);
  918. list($master_div)=db_fetch_row($res);
  919. if ($master_div>0)
  920. $query="select menu.template_id,menu.parent_id from menu where menu='$master_div'";
  921. else
  922. $query="select menu.template_id,menu.parent_id from menu where pageid='$id'";
  923.  
  924. $res=db_query($query);
  925. $row=db_fetch_assoc($res);
  926. /*$menu_template_id=$row["template_id"];
  927. $menu_parent=$row["parent"];*/
  928. while(!$row["template_id"] && $row["parent_id"]){
  929. $query="select menu.template_id,menu.parent_id from menu where id='{$row["parent_id"]}'";
  930. $res=db_query($query);
  931. $row=db_fetch_assoc($res);
  932. /*$menu_template_id=$row["template_id"];
  933. $menu_parent=$row["parent"];*/
  934. }
  935. if ($row["template_id"]){
  936. $tpl_id=$row["template_id"];
  937. }
  938. }
  939. }
  940. $query="select * from pl_template where id='$tpl_id'";
  941. $row=db_fetch_assoc(db_query($query));
  942. $GLOBALS["template_instance_name"]=$row["name"];
  943. $tpl_id=$row['id'];
  944. $template_name=$row['template'];
  945. }
  946.  
  947. if (isset($GLOBALS["wrapper"])){
  948. if(isset($GLOBALS["wrapper"]["template_name"])){
  949. $query="select * from pl_template where name='{$GLOBALS["wrapper"]["template_name"]}'";
  950. $row=db_fetch_assoc(db_query($query));
  951. if (isset($row["id"])){
  952. $GLOBALS["template_instance_name"]=$row["name"];
  953. $tpl_id=$row['id'];
  954. $template_name=$row['template'];
  955. }
  956. }
  957. }
  958. if(!isset($GLOBALS["template_instance_name"])){
  959. $GLOBALS["template_instance_name"]=isset($template_name)?$template_name:"";
  960. }
  961. if (!isset($GLOBALS["startpage_settings"])){
  962. if($template_name!="error404" && isset($GLOBALS["cms"]["startpage"][$GLOBALS["lang"]]) && $GLOBALS["cms"]["startpage"][$GLOBALS["lang"]]==$GLOBALS["id"])
  963. $GLOBALS["startpage_settings"]=1;
  964. else
  965. $GLOBALS["startpage_settings"]=0;
  966. }
  967.  
  968. if (!isset($GLOBALS["wrapper"]) && $template_name!="error404"){
  969. if (!(isset($loaded_from_cache)&&$loaded_from_cache)){
  970. $GLOBALS["content"]["text"]=$GLOBALS["cms_common"]->load_modifiers("rules.lst",$GLOBALS["content"]["text"]);
  971. }
  972. }
  973.  
  974.  
  975. if (!file_exists(".include/templates/".$template_name."/template.php")){
  976. if ($template_name=="error404"){
  977. $loaded_from_cache=false;
  978. if (isset($GLOBALS["error404_text"]))
  979. $content['text']=$GLOBALS["error404_text"];
  980. else
  981. $content['text']='
  982. <p><SPAN class="error">Error 404</SPAN> - <b>the page cannot be found</b></p>
  983. '.(isset($_GET["request"])
  984. ?'<p><a class="content-link" href="'.$_GET["request"].'">'.$_GET["request"].'</a>'
  985. :''
  986. ).'
  987. <br>
  988. The page you are looking for might have been removed, had its name changed, or is temporarily unavailable.<br>&nbsp;
  989.  
  990. <br>Please try the following:<ul>
  991.  
  992. <li>If you typed the page address in the Address bar, make sure that it is spelled correctly.
  993. </li><li>Open the <a class="content-link" href="../'.$cms_common->createsitelink(array("page"=>$GLOBALS["cms"]["startpage"][$GLOBALS["lang"]])).'" target="_top">'.$GLOBALS["cms"]["startpage"][$GLOBALS["lang"]].".html".'</a> home page, and then look for links to the information you want.
  994. </li><li>Click the <a class="content-link" href="javascript:history.back(1)">Back</a>, button to try another link.
  995. </li>
  996.  
  997. ';
  998. }
  999. if ($template_name!="popup"){
  1000. $template_name="default";
  1001. $tpl_id=0;
  1002. }
  1003. }
  1004.  
  1005. if(isset($GLOBALS["original_type"])){
  1006. $plugin_type=$GLOBALS["original_type"];
  1007. }elseif(isset($GLOBALS["type"])){
  1008. $plugin_type=$GLOBALS["type"];
  1009. }elseif(isset($GLOBALS["plugin"])){
  1010. $plugin_type=$GLOBALS["plugin"];
  1011. }elseif(is_object($found_handler)){
  1012. $plugin_type=$handler;
  1013. }
  1014.  
  1015. if(isset($plugin_type)){
  1016. $GLOBALS["cms_common"]->include_template_files(
  1017. array(
  1018. array(
  1019. "src"=>".plugins/{$plugin_type}/site/style.css",
  1020. "dst"=>"styles/{$plugin_type}.css",
  1021. "type"=>"css",
  1022. )
  1023. )
  1024. );
  1025. }
  1026. require_once("cms/.libs/template.php");
  1027. $tpl_class = new cms_template($template_name);
  1028. if (!isset($_GET['plugin'])){
  1029. /* TODO: if (!isset($content["headers"]["item_name"]) && isset($page_keywords["meta_name"]) && $page_keywords["meta_name"]){
  1030. $content["headers"]["item_name"]=stripslashes($page_keywords["meta_name"]);
  1031. $tpl_class->content=$content;
  1032. }*/
  1033. /*$menus_count=isset($GLOBALS["cms"]["config"]["site"]["menus"])?$GLOBALS["cms"]["config"]["site"]["menus"]:1;
  1034. for ($i=1;$i<=$menus_count;$i++){
  1035. if (!isset($menu["top1"]) || !$menu["top1"] || $menu["top1"]=="&nbsp;")
  1036. $menu["top1"]=strip_tags($tpl_class->show_block("menu".($i==1?"":$i)."::item_parents",$id));
  1037. if (!isset($menu["top2"]) || !$menu["top2"] || $menu["top2"]=="&nbsp;")
  1038. $menu["top2"]=$tpl_class->show_block("menu".($i==1?"":$i)."::item_name",$id);
  1039. }
  1040. if (!$menu["top2"])
  1041. $menu["top2"]=$menu["top1"];*/
  1042. }else{
  1043. //$menu["top1"]=(isset($content["headers"][1]))?$content["headers"][1]:"";
  1044. //$menu["top2"]=$content["headers"][0];
  1045. }
  1046. /*
  1047. if ($template_name=="popup"){
  1048. include(".include/header.php");
  1049. if (is_file(".include/popup_header.php")){
  1050. include(".include/popup_header.php");
  1051. }
  1052. echo $content['text'];
  1053. if (is_file(".include/popup_footer.php")){
  1054. include(".include/popup_footer.php");
  1055. }
  1056. include(".include/footer.php");
  1057. exit();
  1058. }
  1059. */
  1060. if ($template_name=="print"){
  1061. $GLOBALS["template_include_files"]["css"]["print.css"]="";
  1062. }
  1063.  
  1064. if (isset($content))
  1065. $tpl_class->content=$content;
  1066. if (!isset($pack_id))
  1067. $pack_id=0;
  1068. if (method_exists($cms_common,"get_fav_blocks")){
  1069. $menu_favblocks=$cms_common->get_menu_fav_blocks($GLOBALS["id"]);
  1070. if ($menu_favblocks["top"])
  1071. $tpl_class->content["text"]=$menu_favblocks["top"].$tpl_class->content["text"];
  1072. if ($menu_favblocks["bottom"])
  1073. $tpl_class->content["text"]=$tpl_class->content["text"].$menu_favblocks["bottom"];
  1074. }
  1075. $text=$tpl_class->load_template($tpl_id,$template_name,$id,$pack_id,$row["parent_id"]);
  1076.  
  1077. if (file_exists(".include/templates/".$template_name."/header.php")){
  1078. include(".include/templates/".$template_name."/header.php");
  1079. }else
  1080. include(".include/header.php");
  1081.  
  1082. //****** webstat ******
  1083. if (file_exists(".plugins/webstat/cms/webstat.class.php")){
  1084. chdir("cms");
  1085. if(is_file("../.plugins/webstat/settings.ini")) {
  1086. $GLOBALS["plugins"]["webstat"]["settings"]=parse_ini_file("../.plugins/webstat/settings.ini", TRUE);
  1087. }else{
  1088. $GLOBALS["plugins"]["webstat"]["settings"]["visitor_timeout"]=30;
  1089. $GLOBALS["plugins"]["webstat"]["settings"]["db_table_prefix"]="pl_webstat";
  1090. $GLOBALS["plugins"]["webstat"]["settings"]["country_ip_file"]=".plugins/webstat/data/ip-to-country.csv";
  1091. $GLOBALS["plugins"]["webstat"]["settings"]["query_string"]="mode=settings&plugin=webstat";
  1092. }
  1093. $GLOBALS["plugins"]["webstat"]["settings"]["page_name"]=isset($menu["top2"])?$menu["top2"]:"";
  1094. require_once("../.plugins/webstat/cms/webstat.class.php");
  1095. $webstat = new webstat_class("track",$GLOBALS["plugins"]["webstat"]["settings"]);
  1096. chdir("../");
  1097. unset($webstat);
  1098. }
  1099. //****** webstat ******
  1100.  
  1101. echo preg_replace(array('/^( |\t)+/m'),"",$text);
  1102. if (file_exists(".include/templates/".$template_name."/footer.php"))
  1103. include(".include/templates/".$template_name."/footer.php");
  1104. else
  1105. include(".include/footer.php");
  1106.  
  1107.  
  1108. function error_handler($errno, $errmsg, $filename, $linenum, $vars) {
  1109. if($errno == E_STRICT) return;
  1110. if(defined('E_DEPRECATED') && $errno == E_DEPRECATED) return;
  1111. $subject='Error on the site: '.$_SERVER["HTTP_HOST"];
  1112. $mailtext=$subject.'
  1113. ����: '.date("F j, Y, g:i a").'
  1114. ����� ������: '.$errno.'
  1115. ���������: '.stripslashes($errmsg).'
  1116. � �����: '.stripslashes($filename).'
  1117. ����� ������: '.stripslashes($linenum).'
  1118. ��������: https://'.$_SERVER["HTTP_HOST"]."/".$_SERVER["PHP_SELF"].(isset($_SERVER["QUERY_STRING"])?"?".$_SERVER["QUERY_STRING"]:"").'
  1119. '.(isset($_POST) && is_array($_POST)?"POST=".print_r($_POST,1):"").'
  1120. '.("_SERVER=".print_r($_SERVER,1)).'
  1121. ';
  1122. $headers = 'MIME-Version: 1.0' . "\n";
  1123. $headers .= 'Content-type: text/plain; charset=windows-1251' . "\n";
  1124. //$headers .= 'To: Jens <jkuest@gmail.com>' . "\n";
  1125. mail("jkuest@gmail.com",$subject,$mailtext,$headers);
  1126. if (!isset($GLOBALS["cms"]["config"]["site"]["show_errors"])||$GLOBALS["cms"]["config"]["site"]["show_errors"]==1)
  1127. return false;
  1128. //print $errmsg." in $filename:$linenum\n";
  1129. return true;
  1130. /*$fp=fopen("./log.txt","a+");
  1131. fputs($fp,$mailtext."\n");
  1132. fclose($fp);*/
  1133.  
  1134. }
  1135.  
  1136. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!