$v) { if (is_array($v)) { $arr[$k] = addslashes_array($v); } elseif (is_string($v)) { $arr[$k] = addslashes($v); } } } return $arr; } } // if magic quotes off then put them on if (!function_exists('get_magic_quotes_gpc') || !get_magic_quotes_gpc()) { $_GET = addslashes_array($_GET); $_POST = addslashes_array($_POST); } $starttime = gettimeofday(); $starttime = $starttime['sec'] * 1000000 + $starttime['usec']; if ($_GET['session_id']) session_id($_GET['session_id']); session_start(); if(!isset($GLOBALS['DBH'])) { require_once("config.php"); require_once($GLOBALS['cfgDirRoot'] . "backend/const.php"); $GLOBALS['googleMapKey'] = readOption('googlemaps_key', null, 4); } if ($GLOBALS['cfgWWWredirect'] && substr($_SERVER['HTTP_HOST'], 0, 4) != 'www.') { header("Location: http://www." . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], true, 301); die(); } profiler_add('Page ' . $_SERVER['REQUEST_URI'], 7); $outputpage = true; $ajaxrequest = false; $xmlrequest = false; $post_xml = null; $out_xml = null; $content_type = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : $_SERVER['HTTP_CONTENT_TYPE']; if ($_GET['_component'] && $_GET['_method']) { $outputpage = false; $ajaxrequest = true; $ajax_component_name = $_GET['_component']; $ajax_method = $_GET['_method']; } else if ($content_type) { $a = explode(';', $content_type); if (trim($a[0]) == 'text/xml') { require_once($GLOBALS['cfgDirRoot']."library/class.xmlnode.php"); $post_xml = new XMLNode(); $post_xml->loadFromString($HTTP_RAW_POST_DATA); if ($post_xml->name == 'request') { header('Content-Type: text/xml; charset=utf-8'); $xmlrequest = true; $outputpage = false; $out_xml = new XMLNode('response'); } } } $GLOBALS['outputpage'] = $outputpage; $GLOBALS['ajaxrequest'] = $ajaxrequest; $GLOBALS['ajax_component_name'] = $ajax_component_name; $GLOBALS['ajax_method'] = $ajax_method; $GLOBALS['xmlrequest'] = $xmlrequest; $GLOBALS['out_xml'] = $out_xml; $GLOBALS['post_xml'] = $post_xml; $force_template = $_GET['glo_template']; //Obtain the site_id and page_id by parsing the uri $url = parse_url($_SERVER['REQUEST_URI']); if((!$url['host'])or($_SERVER['REQUEST_URI']{0}=='/')) { $url = 'http://' . strtolower($_SERVER['HTTP_HOST']) . $_SERVER['REQUEST_URI']; $url = parse_url($url); //$url['host'] = strtolower($_SERVER['HTTP_HOST']); } $wap = false; if (preg_match("/^[\/]+wap$|^[\/]+wap\//",$url['path'])) { $wap = true; $url['path'] = preg_replace("/^[\/]+wap[\/]*/","/",$url['path']); } if ($out_xml) $out_xml->attribs['url'] = $url['path']; if(($GLOBALS['forced_site_id'])and($GLOBALS['forced_page_id'])) { $site_id = $GLOBALS['forced_site_id']; $page_id = $GLOBALS['forced_page_id']; }else { //Obtain site_id $row = sqlQueryRow("SELECT site_id, wapsite FROM sites WHERE domain='" . $url['host'] . "'"); $site_id = $row['site_id']; if ($row['wapsite']==1) $wap = 1; //!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! //TEMP UPGRADE DATABASE, REMOVE THIS BEFORE DISTRIBUTION //$row = sqlQueryRow("SELECT * FROM sites LIMIT 1"); //if(!isset($row['alias'])) //{ // sqlQuery("ALTER TABLE `sites` ADD `alias` VARCHAR( 250 ) NOT NULL AFTER `domain`"); //} if($GLOBALS['developmode']) { if(isset($_GET['site_id'])) { $row = sqlQueryRow("SELECT * FROM ".$_GET['site_id']."_pages LIMIT 1"); if(!isset($row['passprotect'])) { sqlQuery("ALTER TABLE `".$_GET['site_id']."_pages` ADD `passprotect` INT( 1 ) NOT NULL AFTER `visible`"); } sqlQuery("CREATE TABLE IF NOT EXISTS `" . $site_id . "_strings` ( `string_id` int(32) NOT NULL auto_increment, `page` int(32) NOT NULL default '0', `stringname` varchar(250) NOT NULL default '', `stringvalue` text NOT NULL, PRIMARY KEY (`string_id`), KEY `content_id` (`string_id`) )"); sqlQuery(" CREATE TABLE IF NOT EXISTS `".$site_id."_stats` ( `ID` int(10) unsigned NOT NULL auto_increment, `timestamp` varchar(20) default NULL, `page_id` int(11) default NULL, `IP` varchar(20) default NULL, `referrer` text, `user_agent` varchar(100) default NULL, `lang` varchar(5) default NULL, `is_proxy` int(1) NOT NULL default '0', PRIMARY KEY (`ID`), UNIQUE KEY `ID` (`ID`), UNIQUE KEY `ID_2` (`ID`) ) TYPE=MyISAM "); } sqlQuery("CREATE TABLE IF NOT EXISTS phrasenames ( phrasename_id int(32) NOT NULL auto_increment, name varchar(100) NOT NULL default '', PRIMARY KEY (phrasename_id) );"); sqlQuery("CREATE TABLE IF NOT EXISTS phrases ( phrase_id int(32) NOT NULL auto_increment, lang varchar(100) NOT NULL default '', phrasename int(32) NOT NULL default '0', phrase mediumtext NOT NULL, PRIMARY KEY (phrase_id) );"); $row = sqlQueryRow("SELECT * FROM sites LIMIT 1"); if (!isset($row['wapsite'])) { sqlQuery("ALTER TABLE `sites` ADD `wapsite` INT( 1 ) DEFAULT '0' NOT NULL"); } } //END OF TEMP UPGRADE if(!$site_id) { //check if site is in aliases $sites = sqlQueryData("SELECT site_id, alias FROM sites WHERE LOCATE('" . $url['host'] . "',alias)"); foreach($sites as $row) { $aliases = explode(";", $row['alias']); if(in_array($url['host'],$aliases) || in_array('*', $aliases)) { $site_id = $row['site_id']; } } } if(!$site_id) { Die ("Error 404 - page not found"); } $jslibsfile = getFilePathFromLink($site_id, '/scr/components/jslibs.php'); if (file_exists($jslibsfile)) $GLOBALS['js_libs'] = include($jslibsfile); //show history html page if (isset($_GET['pagehistory_id'])) { $pagehistory_id = $_GET['pagehistory_id']; $row = sqlQueryRow("SELECT * FROM ".$site_id."_pageshistory WHERE pagehistory_id=$pagehistory_id"); echo $row['html']; die; } //we have site_id $tryindex = false; if(substr($url['path'],strlen($url['path'])-1,1)=='/') { $tryindex = true; } //Obtain page_id $url['path'] = trim($url['path'], '/'); $path = explode("/", $url['path']); if(!$path[0]) { $path = Array(); $tryindex = true; } if (!$wap) { $page_id = '0'; $last_page_id = null; $last_parent = null; for($f=0; (($fgetProperty('visible') == 0) { if(!$obj->CanBeCompiled()) $canreplace = false; if((!$_GET['formatpageforsearch'])or(!$obj->getProperty('nosearch'))) { if ($GLOBALS['ajaxrequest']) { $method = 'ajax_'.$GLOBALS['ajax_method']; if (method_exists($obj, $method)) $obj->$method(); $html = ob_get_contents(); } else if ($xmlrequest) { $in_xml = null; foreach ($post_xml->children as $ch) { if ($ch->name == 'component' && $ch->attribs['type'] == $type && $ch->attribs['name'] == $name) { $in_xml = $ch; break; } } $xml = null; if ($in_xml) { $xml = new XMLNode('component'); $xml->attribs['type'] = $type; $xml->attribs['name'] = $name; $obj->xmlRequest($in_xml, $xml); } } else { $obj->Output(); $html = ob_get_contents(); } } }else { $html = ''; } profiler_add('Component ' . $type . ' ' . $name, 4); $GLOBALS['profiler_component'] = ''; ob_end_clean(); //mysql_query('INSERT INTO testus (t, te) VALUES ("' . (microtime_float() - $m) . '", "' . AddSlashes($type . ':' . $name) . '")'); return $xmlrequest ? $xml : $html;; } else { return ''; } } function DisplayPage($page_id, $site_id, &$encoding, $allowdisabled=false, $forcetemplate='', $authorize=false) { if (option('frontend_disabled', null, array('label' => 'Disable webpage', 'fieldparams' => array('type' => 'check') ) )) { header('Content-Type: text/html; charset=utf-8'); return 'Page is under construction'; } if(!$url) { $url = $GLOBALS['url']; } unset($pageData); $ppath = array(); do { $ppath[] = $pageData['page_id']; if($pageData['redirect']) { $page_id = $pageData['redirect']; $GLOBALS['page_id'] = $page_id; } if(!$page_id) //If page_id is null or zero { //Check if we have a page for 404 if($url['path']!='404') { $page_id = sqlQueryValue("SELECT page_id FROM " . $site_id . "_pages WHERE name='404' and parent=0"); $GLOBALS['page_id'] = $page_id; } if(!$page_id) return ("Error 404 - page not found"); } $pageData = sqlQueryRow("SELECT * FROM " . $site_id . "_pages LEFT JOIN " . $site_id . "_languages ON " . $site_id . "_languages.language_id=" . $site_id . "_pages.language WHERE " . $site_id . "_pages.page_id='$page_id'"); if (in_array($pageData['page_id'], $ppath)) break; }while(($pageData['redirect'])and($pageData['redirect']!=$page_id)); //dev page preview if (isset($_GET['showdevpage'])) { $pagedev_id = $_GET['showdevpage']; $GLOBALS['pagedev_id'] = $pagedev_id; $pageData = sqlQueryRow("SELECT * FROM " . $site_id . "_pagesdev LEFT JOIN " . $site_id . "_languages ON " . $site_id . "_languages.language_id=" . $site_id . "_pagesdev.language WHERE " . $site_id . "_pagesdev.pagedev_id='$pagedev_id'"); } if(MySql_Error()) { return ("Sorry, the page does not exist or database problems."); } $GLOBALS['pageData'] = $pageData; if((!$pageData['enabled'])and(!$allowdisabled)) { return("The page has been disabled."); } $GLOBALS['hasbeenauthorized'] = false; //ok we have got to the page now if($pageData['passprotect'] && $authorize) { $err = ''; $cms_username = ''; $cms_password = ''; $set_password = false; if ($_SESSION['cms_unprotect']) { $GLOBALS['hasbeenauthorized'] = true; } else if (!empty($_POST['username']) && !empty($_POST['password'])) { $cms_username = $_POST['username']; $cms_password = $_POST['password']; $set_password = true; } else if (!empty($_COOKIE['cms_username']) && !empty($_COOKIE['cms_password'])) { $cms_username = $_COOKIE['cms_username']; $cms_password = base64_decode($_COOKIE['cms_password']); } if (!empty($cms_username) && !empty($cms_password)) { if ((valid_login($cms_username, $cms_password, $_SERVER['REMOTE_ADDR'], true))and((!$GLOBALS['currentUserSiteID'])or($GLOBALS['currentUserSiteID'] == $site_id)) ) { $_SESSION['cms_unprotect'] = true; if ($set_password) { setcookie('cms_username', $_POST['username'], time()+30.5*86400, '/'); setcookie('cms_password', base64_encode($_POST['password']), time()+30.5*86400, '/'); } header('Location: '.$_SERVER['REQUEST_URI']); die; } else $err = 'Wrong username or password!'; } if (!$_SESSION['cms_unprotect']) { ?> Login
Username:
Password:
$row) { $s = explode('{%elsevisible' . $row[1] . '%}', $row[3]); $components = explode('|', $row[2]); $hidden = true; foreach($components as $component) { $hid = getProperty('visible', $component, '', $page_id, $site_id, $pageData['copypage']); if(!$hid) $hidden = false; } // echo "row2 = " . $row[2]; if(!$hidden) $body = str_replace($row[0], $s[0], $body); else $body = str_replace($row[0], $s[1], $body); } } //process ifdesign parts preg_match_all ( '/{%ifdesign([0-9]*?)%}(.*?){%fidesign\\1%}/s', $body, $matches, PREG_SET_ORDER); foreach($matches as $key => $row) { $s = explode('{%elsedesign' . $row[1] . '%}', $row[2]); $body = str_replace($row[0], $s[1], $body); } //process iflanguage parts preg_match_all ( '/{%iflanguage([0-9]*?):([a-zA-Z0-9|]*?)%}(.*?){%filanguage\\1%}/s', $body, $matches, PREG_SET_ORDER); foreach($matches as $key => $row) { $s = explode('{%elselanguage' . $row[1] . '%}', $row[3]); $languages = explode('|', $row[2]); $shortname = sqlQueryValue("SELECT shortname FROM " . $site_id . "_languages WHERE language_id=" . $pageData['language']); $hidden = true; foreach($languages as $l) { if($l == $shortname) $hidden = false; } if(!$hidden) $body = str_replace($row[0], $s[0], $body); else $body = str_replace($row[0], $s[1], $body); } $body = str_replace("{%title%}", $pageData['title'], $body); //update table with FlashPlayer's version using AJAX + PHP $body = str_replace("{%flash_detector%}", '', $body); //dev page strings if (isset($_GET['showdevpage'])) { $pagedev_id = $_GET['showdevpage']; //strings while (preg_match("/{%string:([a-zA-Z0-9_]+)%}/s", $body, $regs)) { $body = str_replace($regs[0], GetPageDevString($site_id, $pagedev_id, $regs[1]), $body); } } else { //strings while (preg_match("/{%string:([a-zA-Z0-9_]+)%}/s", $body, $regs)) { $body = str_replace($regs[0], GetPageString($site_id, $page_id, $regs[1]), $body); } } //languagestrings while (preg_match("/{%ls:([a-zA-Z0-9_]+)(:(([^%])*))?%}/s", $body, $regs)) { $ls = GetLanguageString($site_id, $regs[1], '', $pageData['language']); if(!$ls) $ls = $regs[3]; $body = str_replace($regs[0], $ls, $body); } //variables $body = str_replace("{%var:name%}", $pageData['name'], $body); $body = str_replace("{%var:site_id%}", $site_id, $body); $body = str_replace("{%var:page_id%}", $page_id, $body); $body = str_replace("{%var:template_id%}", $template_id, $body); //language, encodings $pos = strpos($body, '{%language:'); if($pageData['language']) { list($shortname, $fullname, $encoding) = sqlQueryRow("SELECT shortname, fullname, encoding FROM " . $site_id . "_languages WHERE language_id=" . $pageData['language']); }else { $shortname = ''; $fullname = ''; $encoding = 'UTF-8'; } if($pos) { $body = str_replace("{%language:shortname%}", $shortname, $body); $body = str_replace("{%language:fullname%}", $fullname, $body); $body = str_replace("{%language:encoding%}", $encoding, $body); } if($noctemplate) { $cbody = $body; } //dynamic stuff (that don't get compiled into ctemplate) goes here //gets and posts while (preg_match("/{%get:([a-zA-Z0-9]+)%}/s", $body, $regs)) { $body = str_replace($regs[0], $_GET[$regs[1]], $body); } while (preg_match("/{%getx:([a-zA-Z0-9]+)%}/s", $body, $regs)) { $getval = $_GET[$regs[1]]; $getval = strip_tags($getval); $body = str_replace($regs[0], $getval, $body); } while (preg_match("/{%post:([a-zA-Z0-9]+)%}/s", $body, $regs)) { $body = str_replace($regs[0], $_POST[$regs[1]], $body); } //variables that change dynamically $body = str_replace("{%url:host%}", $url['host'], $body); $body = str_replace("{%url:path%}", $url['path'], $body); $body = str_replace("{%url:query%}", $url['query'], $body); $domain = sqlQueryValue("SELECT domain FROM sites WHERE site_id='$site_id'"); $body = str_replace("{%var:sitedomain%}", $domain, $body); $body = str_replace("{%var:sessionid%}", session_id(), $body); $componentcount = preg_match_all("/{%component:([a-zA-Z0-9]+):([a-zA-Z0-9]+)(:[a-zA-Z0-9% \\.\\,\\\"\\\'\\#\\!-]+)?%}/s", $body, $matches, PREG_SET_ORDER); //initialize all page component objects $GLOBALS['page_components'] = Array(); if($componentcount) { foreach($matches as $match) { $component = Array( 'fulltag' => $match[0], 'type' => $match[1], 'name' => $match[2], 'params' => $match[3], ); $component['obj'] = initializeComponent($component['type'], $component['name']); if($component['obj']->service_name && !isset($GLOBALS['page_components'][$component['obj']->service_name])) { $component['service'] = $component['obj']->service_name; $GLOBALS['page_components'][$component['service']] = $component; }else { $GLOBALS['page_components'][] = $component; } } } foreach ($GLOBALS['page_components'] as $key => $component) { executeComponent($GLOBALS['page_components'][$key]['obj'], $component['type'], $component['name']); } //display all page components foreach ($GLOBALS['page_components'] as $component) { $comp = outputComponent($component['obj'], $component['type'], $component['name'], $canreplace); if ($GLOBALS['ajaxrequest']) { if ($GLOBALS['ajax_component_name'] == $component['name']) return $comp; } else if ($GLOBALS['xmlrequest']) { if ($comp) $GLOBALS['out_xml']->addChild($comp); } else if ($GLOBALS['outputpage']) { $body = str_replace_once($component['fulltag'], $comp, $body); if($noctemplate) { $cc = $comp;//outputCComponent($regs[1], $regs[2], $canreplace); if($canreplace) { $cbody = str_replace($regs[0], $cc, $cbody); } } } } //process ifset parts while(preg_match_all ( '/{%ifset([0-9]*?):([a-zA-Z0-9_-]*?)(?::([a-zA-Z0-9_-]*?))?%}(.*?){%fiset\\1%}/s', $body, $matches, PREG_SET_ORDER)) { foreach($matches as $key => $row) { $s = explode('{%elseset' . $row[1] . '%}', $row[4]); $flagname = $row[2]; $componentname = $row[3]; $hasflag = false; if($componentname) { if(isset($GLOBALS['component_flags'][$flagname][$componentname])) $hasflag = $GLOBALS['component_flags'][$flagname][$componentname]; } else if($GLOBALS['component_flags'][$flagname]) { foreach($GLOBALS['component_flags'][$flagname] as $flag) $hasflag = ($hasflag || $flag); } if($hasflag) $body = str_replace($row[0], $s[0], $body); else $body = str_replace($row[0], $s[1], $body); } } if ($GLOBALS['outputpage']) { // construct html header $header = ''; $optparams = array('use_pagecat' => 1, 'page_id' => $page_id); $meta_keywords = readOption('meta_keywords', $optparams, $site_id); $meta_keywords .= $GLOBALS['meta_keywords']; if (!empty($meta_keywords)) $header .= ' '."\n"; $meta_description = readOption('meta_description', $optparams, $site_id); $meta_description .= $GLOBALS['meta_description']; if (!empty($meta_description)) $header .= ' '."\n"; $ext_scripts = Array(); $ext_css = Array(); $script = ''; $css = ''; foreach ($GLOBALS['page_components'] as $cmp) { foreach ($cmp['obj']->ext_scripts as $path) { if (!in_array($path, $ext_scripts)) $ext_scripts[] = $path; } $script .= $cmp['obj']->script; foreach ($cmp['obj']->ext_css as $path) { if (!in_array($path, $ext_css)) $ext_css[] = $path; } $css .= $cmp['obj']->css; } foreach ($ext_css as $path) { $header .= ' '."\n"; } if ($css != '') $header .= " \n"; foreach ($ext_scripts as $path) { $header .= ' '."\n"; } if ($script != '') $header .= " \n"; //global variables (after processing components) while (preg_match("/{%var:glo:([a-zA-Z0-9_]+)%}/s", $body, $regs)) { $body = str_replace($regs[0], $GLOBALS[$regs[1]], $body); } //document links while (preg_match("/{%documentfile:([a-zA-Z0-9]+)%}/s", $body, $regs)) { $body = str_replace($regs[0], 'constructor.getfile/?file='.$regs[1], $body); } $body = str_replace("{%null%}", '', $body); $body = str_replace("{%header%}", $header, $body); $body = str_replace("{%visualeditjs%}", $header, $body); } //do not compile dev pages if($noctemplate && !isset($_GET['showdevpage']) && !$forcetemplate) { sqlQuery("DELETE FROM " . $site_id . "_ctemplates WHERE page_id=" . $page_id); $cbody = addSlashes($cbody); sqlQuery("INSERT INTO " . $site_id . "_ctemplates (body, template_id, page_id) VALUES ('$cbody', ".$pageData['template'].", $page_id)"); } if ($GLOBALS['outputpage']) { //index page for search if neccessary if($pageData['mustsearchindex']) { IndexPage($site_id, $page_id, $body); } //remove search indexing controller tags after indexing if(!$GLOBALS['search_leavesearchtags']) { $body = str_replace("{%nosearch%}", '', $body); $body = str_replace("{%onsearch%}", '', $body); } } if ($GLOBALS['xmlrequest']) $body = $GLOBALS['out_xml']->output(); return $body; } } if(!function_exists('executeComponent')) { function executeComponent(&$component, $type, $name) { if($component !== false) { $GLOBALS['component_name'] = $name; $GLOBALS['profiler_component'] = $name; profiler_add('Execute component ' . $type . ' ' . $name, 9); $component->Execute(); profiler_add('Execute component ' . $type . ' ' . $name, 10); $GLOBALS['profiler_component'] = ''; } } } #################### # wap pages output # #################### if(!function_exists('outputWapComponent')) { function outputWapComponent($type, $name, &$canreplace) { $canreplace = true; $filename = $GLOBALS['cfgDirRoot'] . "components/class.$type.php"; if(file_exists($filename)) { $GLOBALS['component_name'] = $name; ob_start(); include_once($filename); profiler_add('Wap component ' . $type . ' ' . $name, 4); $obj = new $type($name); addDefaultProperties($obj); $obj->dev = false; if($obj->getProperty('visible') == 0) { if(!$obj->CanBeCompiled()) $canreplace = false; if((!$_GET['formatpageforsearch'])or(!$obj->getProperty('nosearch'))) { $obj->Output(); $html = ob_get_contents(); } }else { $html = ''; } profiler_add('Wap component ' . $type . ' ' . $name, 4); ob_end_clean(); return $html; } else { return ''; } } /* function outputCComponent($type, $name, &$canreplace) { $canreplace = true; $filename = $GLOBALS['cfgDirRoot'] . "components/class.$type.php"; if(file_exists($filename)) { $GLOBALS['component_name'] = $name; ob_start(); include_once($filename); $obj = new $type($name); $html = ''; if($obj->getProperty('visible') == 0) { if($obj->CanBeCompiled()) { $obj->Output(); $html = ob_get_contents(); }else { $canreplace = false; } }else { $html = ''; } ob_end_clean(); return $html; } else { return ''; } } */ function DisplayWapPage($wappage_id, $site_id, &$encoding, $allowdisabled=false, $forcetemplate='', $authorize=false) { unset($pageData); do { if($pageData['redirect']) { $wappage_id = $pageData['redirect']; $GLOBALS['wappage_id'] = $wappage_id; } if(!$wappage_id) //If page_id is null or zero { //Check if we have a page for 404 if($url['path']!='404') { $wappage_id = sqlQueryValue("SELECT wappage_id FROM " . $site_id . "_wappages WHERE name='404' and parent=0"); $GLOBALS['wappage_id'] = $wappage_id; $GLOBALS['page_id'] = $wappage_id; } if(!$wappage_id) return ("Error 404 - page not found"); } $pageData = sqlQueryRow("SELECT * FROM " . $site_id . "_wappages WHERE wappage_id='$wappage_id'"); }while(($pageData['redirect'])and($pageData['redirect']!=$wappage_id)); if ($_GET['viewpagehistory']) { $pageData = sqlQueryRow("SELECT * FROM " . $site_id . "_wappagesdev WHERE wappagedev_id='".$_GET['viewpagehistory']."'"); } if ($_GET['inbrowser']==2) { $pageData = sqlQueryRow("SELECT * FROM " . $site_id . "_wappagesdev WHERE wappagedev_id='".$_GET['wappagedev_id']."'"); } if(MySql_Error()) { return ("Sorry, the page does not exist or database problems."); } $GLOBALS['pageData'] = $pageData; if((!$pageData['enabled'])and(!$allowdisabled)) { return("The page has been disabled."); } $GLOBALS['hasbeenauthorized'] = false; $bodyset = false; if($forcetemplate) { $template_id = sqlQueryValue("SELECT template_id FROM " . $site_id . "_waptemplates WHERE name='" . $forcetemplate . "'"); if($template_id) { $pageData['template'] = $template_id; } } if(!($pageData['template'])) { if ($_GET['viewpagehistory']) { $body = sqlQueryValue("SELECT propertyvalue FROM " . $site_id . "_wapcontentsdev WHERE wappagedev=".$_GET['viewpagehistory']." AND componentname='stdcontents'"); } else if ($_GET['inbrowser']==2) { $body = sqlQueryValue("SELECT propertyvalue FROM " . $site_id . "_wapcontentsdev WHERE wappagedev=".$_GET['wappagedev_id']." AND componentname='stdcontents'"); } else { $body = sqlQueryValue("SELECT propertyvalue FROM " . $site_id . "_wapcontents WHERE wappage=$wappage_id AND componentname='stdcontents'"); } $body = "

".str_replace("\n", "
", $body)."

"; $bodyset = true; //return ("The page currently has no template selected".$body); } if (!isset($_GET['viewpagehistory']) && $_GET['inbrowser']!=2) $templateData = sqlQueryRow("SELECT body FROM " . $site_id . "_wapctemplates WHERE wappage_id=".$wappage_id." AND template_id=".$pageData['template']); //$templateData = null; $noctemplate = false; if($templateData == null) { $templateData = sqlQueryRow("SELECT body, copybody FROM " . $site_id . "_waptemplates WHERE template_id=" . $pageData['template']); $noctemplate = true; } if(MySql_Error()) { return ("Sorry, database problems"); } $GLOBALS['copypage'] = $pageData['copypage']; if (!$bodyset) $body = $templateData['body']; $copybody = $templateData['copybody']; while($copybody) list($body, $copybody) = sqlQueryRow("SELECT body, copybody FROM " . $site_id . "_waptemplates WHERE template_id=$copybody"); $body = attachSubTemplates($body, $site_id); //process template language //process ifvisible parts preg_match_all ( '/{%ifvisible([0-9]*?):([a-zA-Z0-9|]*?)%}(.*?){%fivisible\\1%}/s', $body, $matches, PREG_SET_ORDER); foreach($matches as $key => $row) { $s = explode('{%elsevisible' . $row[1] . '%}', $row[3]); $components = explode('|', $row[2]); $hidden = true; foreach($components as $component) { $hid = getProperty('visible', $component, '', $wappage_id, $site_id, $pageData['copypage']); if(!$hid) $hidden = false; } // echo "row2 = " . $row[2]; if(!$hidden) $body = str_replace($row[0], $s[0], $body); else $body = str_replace($row[0], $s[1], $body); } //process ifdesign parts preg_match_all ( '/{%ifdesign([0-9]*?)%}(.*?){%fidesign\\1%}/s', $body, $matches, PREG_SET_ORDER); foreach($matches as $key => $row) { $s = explode('{%elsedesign' . $row[1] . '%}', $row[2]); $body = str_replace($row[0], $s[1], $body); } //process iflanguage parts preg_match_all ( '/{%iflanguage([0-9]*?):([a-zA-Z0-9|]*?)%}(.*?){%filanguage\\1%}/s', $body, $matches, PREG_SET_ORDER); foreach($matches as $key => $row) { $s = explode('{%elselanguage' . $row[1] . '%}', $row[3]); $languages = explode('|', $row[2]); $shortname = sqlQueryValue("SELECT shortname FROM " . $site_id . "_languages WHERE language_id=" . $pageData['language']); $hidden = true; foreach($languages as $l) { if($l == $shortname) $hidden = false; } if(!$hidden) $body = str_replace($row[0], $s[0], $body); else $body = str_replace($row[0], $s[1], $body); } $body = str_replace("{%title%}", $pageData['title'], $body); //strings while (preg_match("/{%string:([a-zA-Z0-9_]+)%}/s", $body, $regs)) { $body = str_replace($regs[0], GetPageString($site_id, $wappage_id, $regs[1]), $body); } //variables $body = str_replace("{%var:name%}", $pageData['name'], $body); $body = str_replace("{%var:site_id%}", $site_id, $body); $body = str_replace("{%var:page_id%}", $wappage_id, $body); $body = str_replace("{%var:template_id%}", $template_id, $body); //links preg_match_all("/{%link:([a-zA-Z0-9\/#]+):([a-zA-Z0-9<\/> \r\n]+)%}/",$body,$regs,PREG_SET_ORDER); for ($i=count($regs); $i>0; $i--) { $body = str_replace($regs[$i-1][0], "".$regs[$i-1][2]."", $body); } //language, encodings //$pos = strpos($body, '{%language:'); /*if($pageData['language']) { list($shortname, $fullname, $encoding) = sqlQueryRow("SELECT shortname, fullname, encoding FROM " . $site_id . "_languages WHERE language_id=" . $pageData['language']); }else {*/ $shortname = ''; $fullname = ''; $encoding = 'UTF-8'; //} /* if($pos) { $body = str_replace("{%language:shortname%}", $shortname, $body); $body = str_replace("{%language:fullname%}", $fullname, $body); $body = str_replace("{%language:encoding%}", $encoding, $body); }*/ if($noctemplate) { $cbody = $body; } //dynamic stuff (that don't get compiled into ctemplate) goes here //gets and posts while (preg_match("/{%get:([a-zA-Z0-9]+)%}/s", $body, $regs)) { $body = str_replace($regs[0], $_GET[$regs[1]], $body); } while (preg_match("/{%post:([a-zA-Z0-9]+)%}/s", $body, $regs)) { $body = str_replace($regs[0], $_POST[$regs[1]], $body); } //variables that change dynamically $body = str_replace("{%url:host%}", $url['host'], $body); $body = str_replace("{%url:path%}", $url['path'], $body); $body = str_replace("{%url:query%}", $url['query'], $body); $domain = sqlQueryValue("SELECT domain FROM sites WHERE site_id='$site_id'"); $body = str_replace("{%var:sitedomain%}", $domain, $body); $body = str_replace("{%var:sessionid%}", session_id(), $body); while (preg_match("/{%component:([a-zA-Z0-9]+):([a-zA-Z0-9]+)(:[a-zA-Z0-9% \\.\\,\\\"\\\'\\#\\!-]+)?%}/s", $body, $regs)) { $comp = outputWapComponent($regs[1], $regs[2], $canreplace); $body = str_replace($regs[0], $comp, $body); if($noctemplate) { $cc = $comp; //outputCComponent($regs[1], $regs[2], $canreplace); if($canreplace) { $cbody = str_replace($regs[0], $cc, $cbody); } } } $body = str_replace("{%null%}", '', $body); $body = str_replace("{%visualeditjs%}", '', $body); if($noctemplate) { sqlQuery("DELETE FROM " . $site_id . "_wapctemplates WHERE wappage_id=" . $wappage_id); $cbody = addSlashes($cbody); sqlQuery("INSERT INTO " . $site_id . "_wapctemplates (body, template_id, wappage_id) VALUES ('$cbody', ".$pageData['template'].", $wappage_id)"); } /* $body = ' '.$body.' '; */ $body = ' '.$body.' '; return $body; } } if(!function_exists('BrowserLanguage')) { //////////////////////////// // Detect Browser Language //////////////////////////// function BrowserLanguage(){ global $HTTP_SERVER_VARS; if(isset($HTTP_SERVER_VARS["HTTP_ACCEPT_LANGUAGE"])) { if(strpos($HTTP_SERVER_VARS["HTTP_ACCEPT_LANGUAGE"],"-") === false){ $browserlang = $HTTP_SERVER_VARS["HTTP_ACCEPT_LANGUAGE"]; }else { list($browserlang) = explode ("-", $HTTP_SERVER_VARS["HTTP_ACCEPT_LANGUAGE"]); } } return $browserlang; } // BrowserLanguage } $GLOBALS['runningfromfrontend'] = true; if (!$wap) { $GLOBALS['url'] = $url; $body = DisplayPage($page_id, $site_id, $encoding, false, $force_template, !$GLOBALS['dontneedauth']); } else { //get contents for the current deck function deck($parent, &$c_body, $site_id, $encoding) { if ($parent) $children = sqlQueryData("select * from ".$site_id."_wappages where parent=".$parent); foreach ($children as $child) { if ($child['is_card']) { deck($child['wappage_id'], $c_body, $site_id, $encoding); $c_body[] = array("contents" => DisplayWapPage($child['wappage_id'], $site_id, $encoding, false, '', !$GLOBALS['dontneedauth']), "wappage_id"=> $child['wappage_id']); } } return 1; } if ($page_id) $card = sqlQueryRow("select is_card, parent, wappage_id from ".$site_id."_wappages where wappage_id=".$page_id); $p_card = $card; while ($p_card['is_card']!=0 && $p_card['parent']!=0) { $p_card = sqlQueryRow("select is_card, parent, wappage_id from ".$site_id."_wappages where wappage_id=".$p_card['parent']); } $c_body = ''; //content of chirdern cards deck($p_card['wappage_id'], $c_body, $site_id, $encoding); //$body = DisplayWapPage($page_id, $site_id, $encoding, false, $force_template, !$GLOBALS['dontneedauth']); $body = DisplayWapPage($p_card['wappage_id'], $site_id, $encoding, false, $force_template, !$GLOBALS['dontneedauth']); foreach ($c_body as $key=>$c) { if ($c['wappage_id'] != $card['wappage_id']) { $body .= $c['contents']; } else { //active card must be moved to the top of the deck $a_key = $key; } } if (isset($a_key)) { $body = $c_body[$a_key]['contents'] . $body; } if ($wap && isset($_GET['inbrowser'])) $metaCharSet = ''; else $metaCharSet = ''; $body = ' '.$metaCharSet.' ' . $body .' '; } $GLOBALS['nocache'] = false; $GLOBALS['maincharset'] = $encoding; if (!$wap) require($GLOBALS['cfgDirRoot'] . "library/inc.http_headers.php"); //page generation time $endtime = gettimeofday(); $endtime = $endtime['sec'] * 1000000 + $endtime['usec']; $gentime = ($endtime - $starttime) / 1000000; $body = str_replace("{%gentime%}", $gentime, $body); if ($wap) { if ($_GET['inbrowser']!=1 && $_GET['inbrowser']!=2) header("Content-type: text/vnd.wap.wml"); header("Pragma: no-cache"); header("Cache-Control: no-store, no-cache"); } echo $body; //statistics /*if ($_SERVER["HTTP_X_FORWARDED_FOR"]) { if ($_SERVER["HTTP_CLIENT_IP"]) { $proxy = $_SERVER["HTTP_CLIENT_IP"]; } else { $proxy = $_SERVER["REMOTE_ADDR"]; } } $ip = $_SERVER["REMOTE_ADDR"]; if (isset($proxy)) $is_proxy = 1; else $is_proxy = 0; $is_refresh = 0; $is_refresh = sqlQueryValue("SELECT count(*) FROM ".$site_id."_stats where timestamp>".(time()-180)." AND page_id=".$page_id." AND IP='".$ip."'"); $entry = 0; if ($GLOBALS['cfgStatiscticsPaths']) { //if no referer then mark record as entry point if (!getenv("HTTP_REFERER")) $entry = 1; //if there are no pages visited by current user within last 10 minutes then mark record as entry point if (!sqlQueryValue("SELECT count(*) FROM ".$site_id."_stats WHERE timestamp>".(time()-600)." AND user_agent='".addslashes(getenv("HTTP_USER_AGENT"))."' AND IP='".$ip."'")) $entry = 1; } if (!$is_refresh) { $lang = BrowserLanguage(); sqlQuery("INSERT INTO ".$site_id."_stats (timestamp,page_id,IP,referrer,user_agent,lang,is_proxy,is_entry) " ."VALUES (".time().",".$page_id.", '".$ip."','" .addslashes(getenv("HTTP_REFERER"))."','".addslashes(getenv("HTTP_USER_AGENT"))."','".$lang."',".$is_proxy.",".$entry.")"); } //statictics maintenance if ($GLOBALS['cfgStatiscticsPeriod']==2) { $yr = mktime(date("H"), date("i"), date("s"), date("m") , date("d"), date("Y")-1); sqlQuery("delete from `".$site_id."_stats` where timestamp<'".$yr."'"); } else if ($GLOBALS['cfgStatiscticsPeriod']==1) { $m = mktime(date("H"), date("i"), date("s"), date("m")-1 , date("d"), date("Y")); sqlQuery("delete from `".$site_id."_stats` where timestamp<'".$m."'"); } else { $w = mktime(date("H"), date("i"), date("s"), date("m") , date("d")-7, date("Y")); sqlQuery("delete from `".$site_id."_stats` where timestamp<'".$w."'"); } */ //NEW STATS if (!$GLOBALS['cfgMini']) { if ($_SERVER["HTTP_X_FORWARDED_FOR"]) { if ($_SERVER["HTTP_CLIENT_IP"]) { $proxy = $_SERVER["HTTP_CLIENT_IP"]; } else { $proxy = $_SERVER["REMOTE_ADDR"]; } } else { unset($proxy); } $sm_id = sqlQueryValue("SELECT sm_id FROM ".$site_id."_stats_main WHERE session_id='" . session_id() . "'"); $ip = $_SERVER["REMOTE_ADDR"]; $page_path = $_SERVER['SCRIPT_URL'] . ( (substr($_SERVER["SCRIPT_URL"], -1) != "/") ? '/' : '' ); $is_proxy = intval(isset($proxy)); $user_agent = addslashes(getenv("HTTP_USER_AGENT")); $referrer = addslashes(getenv("HTTP_REFERER")); $lang = BrowserLanguage(); //if not new user store page data only if ($sm_id) { $last_visited = sqlQueryValue("SELECT page_path FROM ".$site_id."_stats_pages WHERE sm_id=$sm_id ORDER BY time DESC LIMIT 1"); //check if last visited page of user is not same as current page if ($page_path != $last_visited) { sqlQuery("INSERT INTO ".$site_id."_stats_pages (sm_id, time, page_path) VALUES ('$sm_id', " . time() . ", '$page_path')"); } } //store user data and current page data else { sqlQuery("INSERT INTO ".$site_id."_stats_main (session_id, ip, referrer, user_agent, lang, is_proxy, time) " . "VALUES ('".session_id()."', '$ip', '$referrer', '$user_agent', '$lang', $is_proxy, " . time() . ")"); $sm_id = sqlLastID(); sqlQuery("INSERT INTO ".$site_id."_stats_pages (sm_id, time, page_path) VALUES ('$sm_id', " . time() . ", '$page_path')"); } //delete old stats from DB if ($GLOBALS['cfgStatiscticsPeriod']==2) { $yr = mktime(date("H"), date("i"), date("s"), date("m") , date("d"), date("Y")-1); sqlQuery("DELETE FROM `".$site_id."_stats_main` WHERE time<'".$yr."'"); sqlQuery("DELETE FROM `".$site_id."_stats_pages` WHERE time<'".$yr."'"); } else if ($GLOBALS['cfgStatiscticsPeriod']==1) { $m = mktime(date("H"), date("i"), date("s"), date("m")-1 , date("d"), date("Y")); sqlQuery("DELETE FROM `".$site_id."_stats_main` WHERE time<'".$m."'"); sqlQuery("DELETE FROM `".$site_id."_stats_pages` WHERE time<'".$m."'"); } else { $w = mktime(date("H"), date("i"), date("s"), date("m") , date("d")-7, date("Y")); sqlQuery("DELETE FROM `".$site_id."_stats_main` WHERE time<'".$w."'"); sqlQuery("DELETE FROM `".$site_id."_stats_pages` WHERE time<'".$w."'"); } $ref = $_SERVER['HTTP_REFERER']; if (!empty($ref) && ($ref != $_SESSION['HTTP_LAST_REFERER'])) { $_SESSION['HTTP_LAST_REFERER'] = $ref; addReferer($ref); } } //END OF NEW STATS $GLOBALS['runningfromfrontend'] = false; profiler_add('Page ' . $_SERVER['REQUEST_URI'], 8); ?>