gitlabFork/ISPConfig3.git - Solinfo Gitblit

old mode 100644 new mode 100755

			@@ -28,23 +28,33 @@
			EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
			*/

			//* Enable gzip compression for the interface
			ob_start('ob_gzhandler');

			//* Set timezone
			if(isset($conf['timezone']) && $conf['timezone'] != '') date_default_timezone_set($conf['timezone']);

			//* Set error reporting level when we are not on a developer system
			if(DEVSYSTEM == 0) {
			@ini_set('error_reporting', E_ALL & ~E_NOTICE & ~E_DEPRECATED);
			}

			/*
			Application Class
			*/

			ob_start('ob_gzhandler');

			class app {

			private $_language_inc = 0;
			private $_wb;
			private $_loaded_classes = array();
			private $_conf;
			private $_security_config;

			public $loaded_plugins = array();

			public function __construct()
			{
			public function __construct() {
			global $conf;


			if (isset($_REQUEST['GLOBALS']) \|\| isset($_FILES['GLOBALS']) \|\| isset($_REQUEST['s']) \|\| isset($_REQUEST['s_old']) \|\| isset($_REQUEST['conf'])) {
			die('Internal Error: var override attempt detected');
			}
			@@ -54,9 +64,45 @@
			$this->load('db_'.$this->_conf['db_type']);
			$this->db = new db;
			}


			//* Start the session
			if($this->_conf['start_session'] == true) {

			$this->uses('session');
			$sess_timeout = $this->conf('interface', 'session_timeout');
			$cookie_domain = (isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : $_SERVER['HTTP_HOST']);
			$cookie_secure = ($_SERVER["HTTPS"] == 'on')?true:false;
			if($sess_timeout) {
			/* check if user wants to stay logged in */
			if(isset($_POST['s_mod']) && isset($_POST['s_pg']) && $_POST['s_mod'] == 'login' && $_POST['s_pg'] == 'index' && isset($_POST['stay']) && $_POST['stay'] == '1') {
			/* check if staying logged in is allowed */
			$this->uses('ini_parser');
			$tmp = $this->db->queryOneRecord('SELECT config FROM sys_ini WHERE sysini_id = 1');
			$tmp = $this->ini_parser->parse_ini_string(stripslashes($tmp['config']));
			if(!isset($tmp['misc']['session_allow_endless']) \|\| $tmp['misc']['session_allow_endless'] != 'y') {
			$this->session->set_timeout($sess_timeout);
			session_set_cookie_params(3600 * 24 * 365,'/',$cookie_domain,$cookie_secure,true); // cookie timeout is never updated, so it must not be short
			} else {
			// we are doing login here, so we need to set the session data
			$this->session->set_permanent(true);
			$this->session->set_timeout(365 * 24 * 3600,'/',$cookie_domain,$cookie_secure,true); // one year
			session_set_cookie_params(3600 * 24 * 365,'/',$cookie_domain,$cookie_secure,true); // cookie timeout is never updated, so it must not be short
			}
			} else {
			$this->session->set_timeout($sess_timeout);
			session_set_cookie_params(3600 * 24 * 365,'/',$cookie_domain,$cookie_secure,true); // cookie timeout is never updated, so it must not be short
			}
			} else {
			session_set_cookie_params(0,'/',$cookie_domain,$cookie_secure,true); // until browser is closed
			}

			session_set_save_handler( array($this->session, 'open'),
			array($this->session, 'close'),
			array($this->session, 'read'),
			array($this->session, 'write'),
			array($this->session, 'destroy'),
			array($this->session, 'gc'));

			session_start();

			//* Initialize session variables
			@@ -64,19 +110,32 @@
			if(empty($_SESSION['s']['theme'])) $_SESSION['s']['theme'] = $conf['theme'];
			if(empty($_SESSION['s']['language'])) $_SESSION['s']['language'] = $conf['language'];
			}

			$this->uses('functions'); // we need this before all others!
			$this->uses('auth,plugin,ini_parser,getconf');

			$this->uses('auth,plugin');
			}

			public function uses($classes)
			{
			$cl = explode(',', $classes);
			public function __get($prop) {
			if(property_exists($this, $prop)) return $this->{$prop};

			$this->uses($prop);
			if(property_exists($this, $prop)) return $this->{$prop};
			else return null;
			}

			public function __destruct() {
			session_write_close();
			}

			public function uses($classes) {
			$cl = explode(',', $classes);
			if(is_array($cl)) {
			foreach($cl as $classname){
			foreach($cl as $classname) {
			$classname = trim($classname);
			//* Class is not loaded so load it
			if(!array_key_exists($classname, $this->_loaded_classes)){
			include_once(ISPC_CLASS_PATH."/$classname.inc.php");
			//* Class is not loaded so load it
			if(!array_key_exists($classname, $this->_loaded_classes) && is_file(ISPC_CLASS_PATH."/$classname.inc.php")) {
			include_once ISPC_CLASS_PATH."/$classname.inc.php";
			$this->$classname = new $classname();
			$this->_loaded_classes[$classname] = true;
			}
			@@ -84,28 +143,44 @@
			}
			}

			public function load($files)
			{
			public function load($files) {
			$fl = explode(',', $files);
			if(is_array($fl)) {
			foreach($fl as $file){
			foreach($fl as $file) {
			$file = trim($file);
			include_once(ISPC_CLASS_PATH."/$file.inc.php");
			include_once ISPC_CLASS_PATH."/$file.inc.php";
			}
			}
			}

			public function conf($plugin, $key, $value = null) {
			if(is_null($value)) {
			$tmpconf = $this->db->queryOneRecord("SELECT `value` FROM `sys_config` WHERE `group` = ? AND `name` = ?", $plugin, $key);
			if($tmpconf) return $tmpconf['value'];
			else return null;
			} else {
			if($value === false) {
			$this->db->query("DELETE FROM `sys_config` WHERE `group` = ? AND `name` = ?", $plugin, $key);
			return null;
			} else {
			$this->db->query("REPLACE INTO `sys_config` (`group`, `name`, `value`) VALUES (?, ?, ?)", $plugin, $key, $value);
			return $value;
			}
			}
			}

			/** Priority values are: 0 = DEBUG, 1 = WARNING, 2 = ERROR */
			public function log($msg, $priority = 0)
			{


			public function log($msg, $priority = 0) {
			global $conf;
			if($priority >= $this->_conf['log_priority']) {
			// $server_id = $conf["server_id"];
			$server_id = 0;
			$priority = intval($priority);
			$priority = $this->functions->intval($priority);
			$tstamp = time();
			$msg = $this->db->quote('[INTERFACE]: '.$msg);
			$this->db->query("INSERT INTO sys_log (server_id,datalog_id,loglevel,tstamp,message) VALUES ($server_id,0,$priority,$tstamp,'$msg')");
			$msg = '[INTERFACE]: '.$msg;
			$this->db->query("INSERT INTO sys_log (server_id,datalog_id,loglevel,tstamp,message) VALUES (?, 0, ?, ?, ?)", $server_id, $priority,$tstamp,$msg);
			/*
			if (is_writable($this->_conf['log_file'])) {
			if (!$fp = fopen ($this->_conf['log_file'], 'a')) {
			@@ -119,58 +194,53 @@
			$this->error('Unable to write to logfile.');
			}
			*/
			}
			}
			}
			}

			/** Priority values are: 0 = DEBUG, 1 = WARNING, 2 = ERROR */
			public function error($msg, $next_link = '', $stop = true, $priority = 1)
			{
			/** Priority values are: 0 = DEBUG, 1 = WARNING, 2 = ERROR */
			public function error($msg, $next_link = '', $stop = true, $priority = 1) {
			//$this->uses("error");
			//$this->error->message($msg, $priority);
			if($stop == true){
			$msg = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
			"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
			<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
			<head>
			<title>Error</title>
			<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
			<link href="../themes/default/css/central.css" rel="stylesheet" type="text/css" />
			</head>
			<body>
			<div class="uniForm">
			<div id="errorMsg">
			<h3>Error</h3>
			<ol>
			<li>'.$msg;
			if($stop == true) {
			/*
			* We always have a error. So it is better not to use any more objects like
			* the template or so, because we don't know why the error occours (it could be, that
			* the error occours in one of these objects..)
			*/
			/*
			* Use the template inside the user-template - Path. If it is not found, fallback to the
			* default-template (the "normal" behaviour of all template - files)
			*/
			if (file_exists(dirname(__FILE__) . '/../web/themes/' . $_SESSION['s']['theme'] . '/templates/error.tpl.htm')) {
			$content = file_get_contents(dirname(__FILE__) . '/../web/themes/' . $_SESSION['s']['theme'] . '/templates/error.tpl.htm');
			} else {
			$content = file_get_contents(dirname(__FILE__) . '/../web/themes/default/templates/error.tpl.htm');
			}
			if($next_link != '') $msg .= '<a href="'.$next_link.'">Next</a>';
			$msg .= '</li>
			</ol>
			</div>
			</div>
			</body>
			</html>';
			die($msg);
			$content = str_replace('###ERRORMSG###', $msg, $content);
			die($content);
			} else {
			echo $msg;
			if($next_link != '') echo "<a href='$next_link'>Next</a>";
			}
			}

			/** Translates strings in current language */
			public function lng($text)
			{
			/** Translates strings in current language */
			public function lng($text) {
			global $conf;
			if($this->_language_inc != 1) {
			$language = (isset($_SESSION['s']['language']))?$_SESSION['s']['language']:$conf['language'];
			//* loading global Wordbook
			$this->load_language_file('/lib/lang/'.$_SESSION['s']['language'].'.lng');
			$this->load_language_file('lib/lang/'.$language.'.lng');
			//* Load module wordbook, if it exists
			if(isset($_SESSION['s']['module']['name']) && isset($_SESSION['s']['language'])) {
			$lng_file = '/web/'.$_SESSION['s']['module']['name'].'/lib/lang/'.$_SESSION['s']['language'].'.lng';
			if(!file_exists(ISPC_ROOT_PATH.$lng_file)) $lng_file = '/web/'.$_SESSION['s']['module']['name'].'/lib/lang/en.lng';
			if(isset($_SESSION['s']['module']['name'])) {
			$lng_file = 'web/'.$_SESSION['s']['module']['name'].'/lib/lang/'.$language.'.lng';
			if(!file_exists(ISPC_ROOT_PATH.'/'.$lng_file)) $lng_file = '/web/'.$_SESSION['s']['module']['name'].'/lib/lang/en.lng';
			$this->load_language_file($lng_file);
			}
			$this->_language_inc = 1;
			}
			if(!empty($this->_wb[$text])) {
			}
			if(isset($this->_wb[$text]) && $this->wb[$text] !== '') {
			$text = $this->_wb[$text];
			} else {
			if($this->_conf['debug_language']) {
			@@ -179,16 +249,16 @@
			}
			return $text;
			}


			//** Helper function to load the language files.
			public function load_language_file($filename) {
			$filename = ISPC_ROOT_PATH.'/'.$filename;
			if(substr($filename,-4) != '.lng') $this->error('Language file has wrong extension.');
			if(substr($filename, -4) != '.lng') $this->error('Language file has wrong extension.');
			if(file_exists($filename)) {
			@include_once($filename);
			@include $filename;
			if(is_array($wb)) {
			if(is_array($this->_wb)) {
			$this->_wb = array_merge($this->_wb,$wb);
			$this->_wb = array_merge($this->_wb, $wb);
			} else {
			$this->_wb = $wb;
			}
			@@ -196,20 +266,28 @@
			}
			}

			public function tpl_defaults()
			{
			public function tpl_defaults() {
			$this->tpl->setVar('app_title', $this->_conf['app_title']);
			if(isset($_SESSION['s']['user'])) {
			$this->tpl->setVar('app_version', $this->_conf['app_version']);
			// get pending datalog changes
			$datalog = $this->db->datalogStatus();
			$this->tpl->setVar('datalog_changes_txt', $this->lng('datalog_changes_txt'));
			$this->tpl->setVar('datalog_changes_end_txt', $this->lng('datalog_changes_end_txt'));
			$this->tpl->setVar('datalog_changes_count', $datalog['count']);
			$this->tpl->setLoop('datalog_changes', $datalog['entries']);
			} else {
			$this->tpl->setVar('app_version', '');
			}
			$this->tpl->setVar('app_link', $this->_conf['app_link']);
			if(isset($this->_conf['app_logo']) && $this->_conf['app_logo'] != '' && @is_file($this->_conf['app_logo'])){
			/*
			if(isset($this->_conf['app_logo']) && $this->_conf['app_logo'] != '' && @is_file($this->_conf['app_logo'])) {
			$this->tpl->setVar('app_logo', '<img src="'.$this->_conf['app_logo'].'">');
			} else {
			$this->tpl->setVar('app_logo', ' ');
			}
			*/
			$this->tpl->setVar('app_logo', $this->_conf['logo']);

			$this->tpl->setVar('phpsessid', session_id());

			@@ -217,7 +295,7 @@
			$this->tpl->setVar('html_content_encoding', $this->_conf['html_content_encoding']);

			$this->tpl->setVar('delete_confirmation', $this->lng('delete_confirmation'));
			//print_r($_SESSION);
			//print_r($_SESSION);
			if(isset($_SESSION['s']['module']['name'])) {
			$this->tpl->setVar('app_module', $_SESSION['s']['module']['name']);
			}
			@@ -227,12 +305,39 @@
			if(isset($_SESSION['s']['user']) && $this->auth->has_clients($_SESSION['s']['user']['userid'])) {
			$this->tpl->setVar('is_reseller', 1);
			}
			}

			/* Show username */
			if(isset($_SESSION['s']['user'])) {
			$this->tpl->setVar('cpuser', $_SESSION['s']['user']['username']);
			$this->tpl->setVar('logout_txt', $this->lng('logout_txt'));
			/* Show search field only for normal users, not mail users */
			if(stristr($_SESSION['s']['user']['username'], '@')){
			$this->tpl->setVar('usertype', 'mailuser');
			} else {
			$this->tpl->setVar('usertype', 'normaluser');
			}
			}

			/* Global Search */
			$this->tpl->setVar('globalsearch_resultslimit_of_txt', $this->lng('globalsearch_resultslimit_of_txt'));
			$this->tpl->setVar('globalsearch_resultslimit_results_txt', $this->lng('globalsearch_resultslimit_results_txt'));
			$this->tpl->setVar('globalsearch_noresults_text_txt', $this->lng('globalsearch_noresults_text_txt'));
			$this->tpl->setVar('globalsearch_noresults_limit_txt', $this->lng('globalsearch_noresults_limit_txt'));
			$this->tpl->setVar('globalsearch_searchfield_watermark_txt', $this->lng('globalsearch_searchfield_watermark_txt'));
			}

			} // end class

			//** Initialize application (app) object
			//* possible future = new app($conf);
			$app = new app();

			?>
			// load and enable PHP Intrusion Detection System (PHPIDS)
			$ids_security_config = $app->getconf->get_security_config('ids');

			if(is_dir(ISPC_CLASS_PATH.'/IDS') && $ids_security_config['ids_enabled'] == 'yes') {
			$app->uses('ids');
			$app->ids->start();
			}
			unset($ids_security_config);

			?>