mirror of
https://github.com/kleeja-official/kleeja.git
synced 2025-12-14 20:19:43 +01:00
467 lines
14 KiB
PHP
Executable File
467 lines
14 KiB
PHP
Executable File
<?php
|
|
/**
|
|
*
|
|
* @package Kleeja
|
|
* @copyright (c) 2007 Kleeja.net
|
|
* @license ./docs/license.txt
|
|
*
|
|
*/
|
|
|
|
//not for directly open
|
|
if (! defined('IN_KLEEJA'))
|
|
{
|
|
exit();
|
|
}
|
|
|
|
//we are in the common file
|
|
define('IN_COMMON', true);
|
|
|
|
|
|
//filename of config.php
|
|
define('KLEEJA_CONFIG_FILE', 'config.php');
|
|
|
|
//plugins folder
|
|
define('KLEEJA_PLUGINS_FOLDER', 'plugins');
|
|
|
|
|
|
|
|
if (@extension_loaded('apc'))
|
|
{
|
|
define('APC_CACHE', true);
|
|
}
|
|
|
|
//path
|
|
if (! defined('PATH'))
|
|
{
|
|
define('PATH', str_replace(DIRECTORY_SEPARATOR . 'includes', '', __DIR__) . '/');
|
|
}
|
|
|
|
//no config
|
|
if (! file_exists(PATH . KLEEJA_CONFIG_FILE))
|
|
{
|
|
header('Location: ./install/index.php');
|
|
|
|
exit;
|
|
}
|
|
|
|
|
|
//there is a config
|
|
require_once PATH . KLEEJA_CONFIG_FILE;
|
|
$customadminpath = $customadminpath ?? 'admin';
|
|
|
|
|
|
//admin files path
|
|
define('ADM_FILES_PATH', PATH . 'includes/adm');
|
|
|
|
//Report all errors, except notices
|
|
error_reporting(defined('DEV_STAGE') ? E_ALL : E_ALL ^ E_NOTICE);
|
|
|
|
|
|
/**
|
|
* functions for start
|
|
* @param mixed $error_number
|
|
* @param mixed $error_string
|
|
* @param mixed $error_file
|
|
* @param mixed $error_line
|
|
*/
|
|
function kleeja_show_error($error_number, $error_string = '', $error_file = '', $error_line = '')
|
|
{
|
|
switch ($error_number)
|
|
{
|
|
case E_NOTICE: case E_WARNING: case E_USER_WARNING: case E_USER_NOTICE: case E_STRICT:
|
|
if (function_exists('kleeja_log'))
|
|
{
|
|
$error_name = [
|
|
2 => 'Warning', 8 => 'Notice', 512 => 'U_Warning', 1024 => 'U_Notice', 2048 => 'Strict'
|
|
][$error_number];
|
|
kleeja_log('[' . $error_name . '] ' . basename($error_file) . ':' . $error_line . ' ' . $error_string);
|
|
}
|
|
|
|
break;
|
|
|
|
default:
|
|
header('HTTP/1.1 503 Service Temporarily Unavailable');
|
|
echo '<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">' . "\n<head>\n";
|
|
echo '<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />' . "\n";
|
|
echo '<title>Kleeja Error</title>' . "\n" . '<style type="text/css">' . "\n\t";
|
|
echo '.error {color: #333;background:#ffebe8;float:left;width:73%;text-align:left;margin-top:10px;border: 1px solid #dd3c10; padding: 10px;font-family:tahoma,arial;font-size: 12px;}' . "\n";
|
|
echo "</style>\n</head>\n<body>\n\t" . '<div class="error">' . "\n\n\t\t<h2>Kleeja error : </h2><br />" . "\n";
|
|
echo "\n\t\t<strong> [ " . $error_number . ':' . basename($error_file) . ':' . $error_line . ' ] </strong><br /><br />' . "\n\t\t" . $error_string . "\n\t";
|
|
echo "\n\t\t" . '<br /><br /><small>Visit <a href="https://kleeja.net/" title="kleeja">Kleeja</a> Website for more details.</small>' . "\n\t";
|
|
echo "</div>\n</body>\n</html>";
|
|
global $SQL;
|
|
|
|
if (isset($SQL))
|
|
{
|
|
@$SQL->close();
|
|
}
|
|
|
|
exit;
|
|
|
|
break;
|
|
}
|
|
}
|
|
set_error_handler('kleeja_show_error');
|
|
|
|
//time of start and end and whatever
|
|
function get_microtime()
|
|
{
|
|
list($usec, $sec) = explode(' ', microtime());
|
|
return ((float) $usec + (float) $sec);
|
|
}
|
|
|
|
//is bot ?
|
|
function is_bot($bots = ['googlebot', 'bing' ,'msnbot'])
|
|
{
|
|
if (isset($_SERVER['HTTP_USER_AGENT']))
|
|
{
|
|
return preg_match('/(' . implode('|', $bots) . ')/i', ($_SERVER['HTTP_USER_AGENT'] ? $_SERVER['HTTP_USER_AGENT'] : @getenv('HTTP_USER_AGENT'))) ? true : false;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
$starttm = get_microtime();
|
|
|
|
|
|
if (! is_bot() && PHP_SESSION_ACTIVE !== session_status() && ! headers_sent())
|
|
{
|
|
if (function_exists('ini_set'))
|
|
{
|
|
ini_set('session.use_cookies', 1);
|
|
ini_set('session.lazy_write', 1);
|
|
ini_set('session.cache_expire', 0);
|
|
ini_set('session.cache_limiter', '');
|
|
ini_set('session.use_only_cookies', 1);
|
|
}
|
|
|
|
|
|
if (! session_start())
|
|
{
|
|
// big_error is not defined yet, and the file *function_display.php* is not included yet
|
|
kleeja_show_error('', 'Session Error!', 'There is a problem with PHP session. We can not start it.');
|
|
|
|
exit;
|
|
}
|
|
}
|
|
|
|
|
|
//no enough data
|
|
if ((empty($dbname) || empty($dbuser)) && ($dbtype !== 'sqlite'))
|
|
{
|
|
$install_file_url = (defined('IN_ADMIN') ? '.' : '') . './install/index.php';
|
|
|
|
if (file_exists(PATH . '/install/index.php'))
|
|
{
|
|
header("Location: {$install_file_url}");
|
|
|
|
exit;
|
|
}
|
|
|
|
kleeja_show_error(
|
|
'',
|
|
'There is no (install) folder, and the config file is not correct',
|
|
'includes/common.php',
|
|
__LINE__
|
|
);
|
|
|
|
exit;
|
|
}
|
|
|
|
// solutions for hosts running under suexec, add define('HAS_SUEXEC', true) to config.php.
|
|
define('K_FILE_CHMOD', defined('HAS_SUEXEC') ? (0644 & ~umask()) : 0644);
|
|
define('K_DIR_CHMOD', defined('HAS_SUEXEC') ? (0755 & ~umask()) : 0755);
|
|
|
|
include PATH . 'includes/functions_alternative.php';
|
|
include PATH . 'includes/version.php';
|
|
|
|
if (isset($dbtype) && $dbtype == 'sqlite')
|
|
{
|
|
include PATH . 'includes/sqlite.php';
|
|
}
|
|
else
|
|
{
|
|
include PATH . 'includes/mysqli.php';
|
|
}
|
|
|
|
include PATH . 'includes/style.php';
|
|
include PATH . 'includes/usr.php';
|
|
include PATH . 'includes/pager.php';
|
|
include PATH . 'includes/functions.php';
|
|
include PATH . 'includes/functions_display.php';
|
|
include PATH . 'includes/plugins.php';
|
|
include PATH . 'includes/FetchFile.php';
|
|
|
|
|
|
if (defined('IN_ADMIN'))
|
|
{
|
|
$currentDirectoryPath = dirname($_SERVER['PHP_SELF']);
|
|
$currentDirectoryPathParts = explode('/', $currentDirectoryPath);
|
|
$currentDir = array_pop($currentDirectoryPathParts);
|
|
$adminDirErrorMsg = '';
|
|
|
|
if ($customadminpath == 'admin' && $currentDir != $customadminpath)
|
|
{
|
|
$adminDirErrorMsg = 'You are trying to access the admin area through a directory that is not configured. Please either revert to the default admin directory name, or see our documentation for customizing the admin directory.';
|
|
}
|
|
else
|
|
{
|
|
if ($currentDir != $customadminpath)
|
|
{
|
|
$adminDirErrorMsg = 'You are trying to access the admin area through a directory different from the one configured. Please refer to the Customize Administrator\'s Guide documentation for instructions on how to update it.';
|
|
}
|
|
else
|
|
{
|
|
if ($customadminpath != 'admin' && is_dir(PATH . 'admin'))
|
|
{
|
|
$adminDirErrorMsg = 'You are trying to access the admin area through a custom directory, but we also detected that there is a default directory \'admin\'. This may indicate that files from a recent update were uploaded to the default admin path location instead of the custom location, resulting in these files becoming outdated. Please make sure your custom admin folder contains the latest files, and delete the default admin directory to continue.';
|
|
}
|
|
}
|
|
}
|
|
|
|
if ($adminDirErrorMsg)
|
|
{
|
|
kleeja_show_error('', 'Critical Error', $adminDirErrorMsg);
|
|
}
|
|
include PATH . 'includes/functions_adm.php';
|
|
}
|
|
|
|
|
|
//fix integration problems
|
|
if (empty($script_encoding))
|
|
{
|
|
$script_encoding = 'utf-8';
|
|
}
|
|
|
|
//start classes ..
|
|
$SQL = new KleejaDatabase($dbserver, $dbuser, $dbpass, $dbname, $dbprefix);
|
|
//no need after now
|
|
unset($dbpass);
|
|
|
|
|
|
|
|
$tpl = new kleeja_style;
|
|
$usrcp = new usrcp;
|
|
|
|
//then get caches
|
|
include PATH . 'includes/cache.php';
|
|
|
|
//getting dynamic configs
|
|
$query = [
|
|
'SELECT' => 'c.name, c.value',
|
|
'FROM' => "{$dbprefix}config c",
|
|
'WHERE' => 'c.dynamic = 1',
|
|
];
|
|
|
|
$result = $SQL->build($query);
|
|
|
|
while ($row=$SQL->fetch_array($result))
|
|
{
|
|
$config[$row['name']] = $row['value'];
|
|
}
|
|
|
|
|
|
$SQL->freeresult($result);
|
|
|
|
//check user or guest
|
|
$usrcp->kleeja_check_user();
|
|
|
|
//+ configs of the current group
|
|
$config = array_merge($config, (array) $d_groups[$usrcp->group_id()]['configs']);
|
|
|
|
|
|
//admin path
|
|
define('ADMIN_PATH', rtrim($config['siteurl'], '/') . '/' . $customadminpath . '/index.php');
|
|
|
|
|
|
//no tpl caching in dev stage
|
|
if (defined('DEV_STAGE') || defined('STOP_TPL_CACHE'))
|
|
{
|
|
$tpl->caching = false;
|
|
}
|
|
|
|
|
|
if (isset($config['foldername']))
|
|
{
|
|
$config['foldername'] = str_replace(
|
|
[
|
|
'{year}',
|
|
'{month}',
|
|
'{week}',
|
|
'{day}',
|
|
'{username}',
|
|
],
|
|
[
|
|
date('Y'),
|
|
date('m'),
|
|
date('W'),
|
|
date('d'),
|
|
$usrcp->name() ? preg_replace('/[^a-z0-9\._-]/', '', strtolower($usrcp->name())) : 'guest'
|
|
],
|
|
$config['foldername']
|
|
);
|
|
}
|
|
|
|
|
|
is_array($plugin_run_result = Plugins::getInstance()->run('boot_common', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
|
|
|
|
|
|
/**
|
|
* Set default time zone
|
|
* There is no time difference between Coordinated Universal Time (UTC) and Greenwich Mean Time (GMT).
|
|
* Kleeja supports the changing of time zone through the admin panel, see functions_display.php/kleeja_date()
|
|
*/
|
|
date_default_timezone_set('GMT');
|
|
|
|
//remove PHP version header
|
|
header_remove('X-Powered-By');
|
|
|
|
//kleeja session id
|
|
define('KJ_SESSION', preg_replace('/[^-,a-zA-Z0-9]/', '', session_id()));
|
|
|
|
//site url must end with /
|
|
$config['siteurl'] = rtrim($config['siteurl'], '/') . '/';
|
|
|
|
|
|
//check lang
|
|
if (! $config['language'] || empty($config['language']))
|
|
{
|
|
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) && strlen($_SERVER['HTTP_ACCEPT_LANGUAGE']) > 2)
|
|
{
|
|
$config['language'] = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2);
|
|
|
|
if (! file_exists(PATH . 'lang/' . $config['language'] . '/common.php'))
|
|
{
|
|
$config['language'] = 'en';
|
|
}
|
|
}
|
|
}
|
|
|
|
//check style
|
|
if (is_null($config['style']) || empty($config['style']))
|
|
{
|
|
$config['style'] = 'default';
|
|
}
|
|
|
|
//check h_kay, important for kleeja
|
|
if (empty($config['h_key']))
|
|
{
|
|
$h_k = sha1(microtime() . rand(0, 100));
|
|
|
|
if (! update_config('h_key', $h_k))
|
|
{
|
|
add_config('h_key', $h_k);
|
|
}
|
|
}
|
|
|
|
|
|
//current Kleeja admin style
|
|
define('ACP_STYLE_NAME', 'Masmak');
|
|
|
|
//path variables for Kleeja
|
|
$STYLE_PATH = $config['siteurl'] . 'styles/' . (trim($config['style_depend_on']) == '' ? $config['style'] : $config['style_depend_on']) . '/';
|
|
$THIS_STYLE_PATH = $config['siteurl'] . 'styles/' . $config['style'] . '/';
|
|
$THIS_STYLE_PATH_ABS = PATH . 'styles/' . $config['style'] . '/';
|
|
$STYLE_PATH_ADMIN = $config['siteurl'] . $customadminpath . '/' . (is_browser('mobile') || defined('IN_MOBILE') ? ACP_STYLE_NAME : ACP_STYLE_NAME) . '/';
|
|
$STYLE_PATH_ADMIN_ABS = PATH . $customadminpath . '/' . (is_browser('mobile') || defined('IN_MOBILE') ? ACP_STYLE_NAME . '/' : ACP_STYLE_NAME . '/');
|
|
$DEFAULT_PATH_ADMIN_ABS = PATH . $customadminpath . '/' . ACP_STYLE_NAME . '/';
|
|
$DEFAULT_PATH_ADMIN = $config['siteurl'] . $customadminpath . '/' . ACP_STYLE_NAME . '/';
|
|
|
|
|
|
//get languge of common
|
|
get_lang('common');
|
|
|
|
//run ban system
|
|
get_ban();
|
|
|
|
if (isset($_GET['go']) && $_GET['go'] == 'login')
|
|
{
|
|
define('IN_LOGIN', true);
|
|
}
|
|
|
|
//install.php exists
|
|
if (
|
|
file_exists(PATH . 'install') &&
|
|
! defined('IN_ADMIN') &&
|
|
! defined('IN_LOGIN') &&
|
|
! defined('DEV_STAGE') &&
|
|
! (defined('IN_GO') && in_array(g('go'), ['queue'])) &&
|
|
! (defined('IN_UCP') && in_array(g('go'), ['captcha', 'login']))
|
|
) {
|
|
//Different message for admins! delete install folder
|
|
kleeja_info((user_can('enter_acp') ? $lang['DELETE_INSTALL_FOLDER'] : $lang['WE_UPDATING_KLEEJA_NOW']), $lang['SITE_CLOSED']);
|
|
}
|
|
|
|
|
|
//is site close
|
|
$login_page = '';
|
|
|
|
if (
|
|
$config['siteclose'] == '1' &&
|
|
! user_can('enter_acp') &&
|
|
! defined('IN_LOGIN') &&
|
|
! defined('IN_ADMIN') &&
|
|
! (defined('IN_GO') && in_array(g('go'), ['queue'])) &&
|
|
! (defined('IN_UCP') && in_array(g('go'), ['captcha', 'login', 'register', 'logout']))
|
|
) {
|
|
//if download, images ?
|
|
if (
|
|
(defined('IN_DOWNLOAD') && (ig('img') || ig('thmb') || ig('thmbf') || ig('imgf')))
|
|
|| g('go', 'str', '') == 'queue'
|
|
) {
|
|
@$SQL->close();
|
|
$fullname = 'images/site_closed.jpg';
|
|
$filesize = filesize($fullname);
|
|
header("Content-length: $filesize");
|
|
header('Content-type: image/jpg');
|
|
readfile($fullname);
|
|
|
|
exit;
|
|
}
|
|
|
|
// Send a 503 HTTP response code to prevent search bots from indexing the maintenace message
|
|
header('HTTP/1.1 503 Service Temporarily Unavailable');
|
|
kleeja_info($config['closemsg'], $lang['SITE_CLOSED']);
|
|
}
|
|
|
|
//exceed total size
|
|
if (($stat_sizes >= ($config['total_size'] *(1048576))) && ! defined('IN_LOGIN') && ! defined('IN_ADMIN'))
|
|
{
|
|
// convert megabytes to bytes
|
|
// Send a 503 HTTP response code to prevent search bots from indexing the maintenace message
|
|
header('HTTP/1.1 503 Service Temporarily Unavailable');
|
|
kleeja_info($lang['SIZES_EXCCEDED'], $lang['STOP_FOR_SIZE']);
|
|
}
|
|
|
|
//detect bots and save stats
|
|
kleeja_detecting_bots();
|
|
|
|
//check for page number
|
|
if (empty($perpage) || intval($perpage) == 0)
|
|
{
|
|
$perpage = 14;
|
|
}
|
|
|
|
|
|
//captcha file
|
|
$captcha_file_path = $config['siteurl'] . 'ucp.php?go=captcha';
|
|
|
|
if (defined('STOP_CAPTCHA'))
|
|
{
|
|
$config['enable_captcha'] = 0;
|
|
}
|
|
|
|
is_array($plugin_run_result = Plugins::getInstance()->run('end_common', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
|
|
|
|
|
|
|
|
register_shutdown_function(function() {
|
|
session_write_close();
|
|
|
|
$err = error_get_last();
|
|
|
|
if (is_array($err) && ! empty($err['type']) && in_array($err['type'], [E_ERROR, E_PARSE]))
|
|
{
|
|
kleeja_log('[FATAL] ' . basename($err['file']) . ':' . $err['line'] . ' ' . $err['message']);
|
|
}
|
|
});
|