0) and ($server_load > $set['cache_max_server_load'])))) { if (isset($set['cache_use_gzip']) and ($set['cache_use_gzip'])){ ob_start('ob_gzhandler'); } $set['identify_cached_pages'] = isset($set['identify_cached_pages'])? $set['identify_cached_pages']: 1; if (isset($_GET['fmt']) and ($_GET['fmt'] == 'rss')){ $set['identify_cached_pages'] = 0; header("Content-type: text/xml; charset=utf-8"); } else{ header('Content-Type:text/html; charset=UTF-8'); } @readfile($cachefile); if ($set['identify_cached_pages']){ print ''; } exit(); } else{ //cache expired, generate new cache if (!$ignore_page){ $set['cache_output'] = 1; } } } } } if ( ($set['max_server_load_bots'] > 0) and $user_is_bot){ //show load too heavy only for bots if ($server_load > $set['max_server_load_bots']){ header( 'HTTP/1.0 503 Service Unavailable' ); header( "Retry-After: 60" ); header( 'Connection: close' ); header( 'Content-Type: text/html' ); echo "

Server under undue load, please retry in a few minutes."; exit; } } require 'code/constants.php'; require 'code/compat.php'; if ($set['mysqli']) { require 'code/db_mysqli.php'; } else{ require 'code/db_mysql.php'; } require 'core.php'; require 'code/perms.php'; require 'code/modifiers.php'; require 'code/mailer.php'; require 'code/articlems.php'; require 'code/articles.php'; require 'code/users.php'; require 'code/amsplugin.php'; require 'code/php-captcha.inc.php'; require 'lib/safehtml/safehtml.php'; if (!$set['installed']) { header('Location: ./install/index.php'); } $articlems = new articlems(); $articlems->pre = $set['db_pre']; $articlems->db_settings = $set; $articlems->server_load = $server_load; $articlems->user_is_bot = $user_is_bot; $articlems->db = new database($articlems->db_settings['db_host'], $articlems->db_settings['db_user'], $articlems->db_settings['db_pass'], $articlems->db_settings['db_name'], $articlems->db_settings['db_port'], $articlems->db_settings['db_socket']); if (!$articlems->db->connection) { exit('A connection to the database could not be established: '.mysql_error()); } $articlems->db->ams = &$articlems; $row_settings = $articlems->db->fetch("SELECT * from {$articlems->pre}amssettings"); $testsettings = unserialize($row_settings['settings_settings']); if (!$testsettings['site_enabled']){ $output = ' '.$testsettings['sitename'].'

'.($testsettings['disabled_message']? $testsettings['disabled_message']: '

We are upgrading to the latest version of ArticleMS, please be patient.

If you are an administrator, you can login here.'). '
'; echo $output; exit; } //---Setup $_GET and $_POST etc with mysql_real_escape_string instead of addslashes or magic_quotes_gpc function stripslashes_deep($value){ return (is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value)); } if (get_magic_quotes_gpc()){ $_GET = is_array($_GET)? array_map('stripslashes_deep', $_GET): array(); $_POST =is_array($_POST)? array_map('stripslashes_deep', $_POST): array(); $_COOKIE = is_array($_COOKIE)? array_map('stripslashes_deep', $_COOKIE): array(); $_ENV = is_array($_ENV)? array_map('stripslashes_deep', $_ENV): array(); $_SERVER = is_array($_SERVER)? array_map('stripslashes_deep', $_SERVER): array(); $_REQUEST = is_array($_REQUEST)? array_map('stripslashes_deep', $_REQUEST): array(); $HTTP_SERVER_VARS = is_array($HTTP_SERVER_VARS)? array_map('stripslashes_deep', $HTTP_SERVER_VARS): array(); $HTTP_GET_VARS = is_array($HTTP_GET_VARS)? array_map('stripslashes_deep', $HTTP_GET_VARS): array(); $HTTP_POST_VARS = is_array($HTTP_POST_VARS)? array_map('stripslashes_deep', $HTTP_POST_VARS): array(); $HTTP_COOKIE_VARS = is_array($HTTP_COOKIE_VARS)? array_map('stripslashes_deep', $HTTP_COOKIE_VARS): array(); $HTTP_POST_FILES = is_array($HTTP_POST_FILES)? array_map('stripslashes_deep', $HTTP_POST_FILES): array(); $HTTP_ENV_VARS = is_array($HTTP_ENV_VARS)? array_map('stripslashes_deep', $HTTP_ENV_VARS): array(); if (isset($_SESSION)) { $_SESSION = is_array($_SESSION)? array_map('stripslashes_deep', $_SESSION): array(); $HTTP_SESSION_VARS = is_array($HTTP_SESSION_VARS)? array_map('stripslashes_deep', $HTTP_SESSION_VARS): array(); } } //An replacement for addslashes() to prevent mysql injection function real_addslashes($s){ global $articlems; if ($articlems->db_settings['mysqli']) { $s = mysqli_real_escape_string($articlems->db->connection, $s); $s = str_replace('\r\n',"\n",$s); //this makes it possible to unescape.. } elseif(phpversion() >= '4.3.0') { $s = mysql_real_escape_string($s, $articlems->db->connection); $s = str_replace('\r\n',"\n",$s); //this makes it possible to unescape.. } else{ $s = addslashes($s); } return $s; } function addslashes_deep($value){ if (phpversion() >= '4.3.0') { return (is_array($value) ? array_map('addslashes_deep', $value) : real_addslashes($value)); } else{ return (is_array($value) ? array_map('addslashes_deep', $value) : addslashes($value)); } } $_GET = is_array($_GET)? array_map('addslashes_deep', $_GET): array(); $_POST = is_array($_POST)? array_map('addslashes_deep', $_POST): array(); $_COOKIE = is_array($_COOKIE)? array_map('addslashes_deep', $_COOKIE): array(); $_ENV = is_array($_ENV)? array_map('addslashes_deep', $_ENV): array(); $_SERVER = is_array($_SERVER)? array_map('addslashes_deep', $_SERVER): array(); $_REQUEST = is_array($_REQUEST)? array_map('addslashes_deep', $_REQUEST): array(); $HTTP_SERVER_VARS = is_array($HTTP_SERVER_VARS)? array_map('addslashes_deep', $HTTP_SERVER_VARS): array(); $HTTP_GET_VARS = is_array($HTTP_GET_VARS)? array_map('addslashes_deep', $HTTP_GET_VARS): array(); $HTTP_POST_VARS = is_array($HTTP_POST_VARS)? array_map('addslashes_deep', $HTTP_POST_VARS): array(); $HTTP_COOKIE_VARS = is_array($HTTP_COOKIE_VARS)? array_map('addslashes_deep', $HTTP_COOKIE_VARS): array(); $HTTP_POST_FILES = is_array($HTTP_POST_FILES)? array_map('addslashes_deep', $HTTP_POST_FILES): array(); $HTTP_ENV_VARS = is_array($HTTP_ENV_VARS)? array_map('addslashes_deep', $HTTP_ENV_VARS): array(); if (isset($_SESSION)) { $_SESSION = is_array($_SESSION)? array_map('addslashes_deep', $_SESSION): array(); $HTTP_SESSION_VARS = is_array($HTTP_SESSION_VARS)? array_map('addslashes_deep', $HTTP_SESSION_VARS): array(); } //------------------------------------------------ $articlems->safehtml =& new safehtml(); $articlems->loadSettings($row_settings); $articlems->hooks = array(); $articlems->Plugins = new baseclass(); $articlems->Pagination = new baseclass(); $articlems->Pagination->pages = array(); $articlems->Pagination->page_count = 0; $articlems->Pagination->current_page = 1; $articlems->setupGetVariables(); $articlems->session['id'] = session_id(); $articlems->perms = new permissions; $articlems->perms->ams = &$articlems; $articlems->perms->db = &$articlems->db; $articlems->perms->pre = &$articlems->pre; $articlems->load_skin(); $articlems->load_section(-1); $articlems->title = $articlems->sitename; $articlems->output = ''; $articlems->url = $_SERVER['REQUEST_URI']; $articlems->url_abs = $articlems->settings['site_location'].$articlems->url; $articlems->user = $articlems->login_from_cookie(); $articlems->User = new userclass($articlems); $articlems->_getUser($articlems->user, $articlems->User); //TODO: separate permissions for different sections $articlems->perms->load_perms($articlems->user['user_amsgroup'], $articlems->User); $articlems->active = $articlems->updateActiveUsers(); $articlems->Active = new baseclass(); $articlems->Active->guests = $articlems->active['guests']; $articlems->Active->members = $articlems->active['members']; $articlems->Active->total = $articlems->active['total']; if (!$articlems->Stats->article_count){ $articlems->refresh_stats(); } $articlems->load_plugins(); $Email = new mailer($articlems); if (!$articlems->settings['use_cron']){ $Email->process_queue(); } //---------------------- $articlems->executeInit(); $articlems->Modifiers = new modifiers($articlems); $Email = new mailer($articlems); $articlems->sep = $articlems->settings['mod_rewrite']? '?' : '&'; $articlems->module = ''; $subsection = ($articlems->section_id > 1); if (isset($articlems->get['a'])){ if ($articlems->get['a'] == $articlems->settings['url_login'] and !$subsection){ $articlems->module = 'login'; $articlems->executeLogin($articlems->get['a']); } elseif ($articlems->get['a'] == $articlems->settings['url_pwreset'] and !$subsection){ $articlems->module = 'pwreset'; $articlems->executePwreset(); } elseif ($articlems->get['a'] == $articlems->settings['url_profile']){ $articlems->module = 'profile'; $articlems->executeProfile(); } elseif ($articlems->get['a'] == $articlems->settings['url_usercp']){ $articlems->module = 'usercp'; $articlems->executeUserCP(); } elseif ($articlems->get['a'] == $articlems->settings['url_userpreferences']){ $articlems->module = 'userpreferences'; $articlems->executeUserPreferences(); } elseif ($articlems->get['a'] == $articlems->settings['url_register'] and !$subsection){ $articlems->module = 'register'; $articlems->executeRegister(); } elseif ($articlems->get['a'] == $articlems->settings['url_submit']){ $articlems->module = 'submit'; $articlems->executeSubmitArticle(); } elseif ($articlems->get['a'] == $articlems->settings['url_edit_article']){ $articlems->module = 'edit'; $articlems->executeSubmitArticle(); } elseif ($articlems->get['a'] == $articlems->settings['url_memberlist']){ $articlems->module = 'members'; $articlems->executeMemberList(); } elseif ($articlems->get['a'] == $articlems->settings['url_search']){ $articlems->module = 'search'; $articlems->executeSearch(); } elseif ($articlems->get['a'] == $articlems->settings['url_tags']){ $articlems->module = 'tags'; $articlems->executeTags(); } elseif ($articlems->get['a'] == $articlems->settings['url_verification'] and !$subsection){ $articlems->module = 'verification'; $articlems->executeVerification(); } elseif ($articlems->get['a'] == $articlems->settings['url_articleview']){ $articlems->module = 'articleview'; $articlems->executeArticles(); } elseif ($articlems->get['a'] == $articlems->settings['url_comment_feeds']){ $articlems->module = 'comment_feeds'; $articlems->executeCommentFeeds(); } elseif ($articlems->get['a'] == $articlems->settings['url_media']){ $articlems->module = 'media'; $articlems->executeMediaLibrary(); } elseif ($articlems->get['a'] == $articlems->settings['url_email_unsubscribe']){ $articlems->module = 'unsubscribe'; $articlems->executeEmailUnsubscribe(); } else{ //possibly part of article category, or standalone plugin $result = $articlems->db->query("SELECT category_urltitle FROM {$articlems->pre_section}categories WHERE category_urltitle = '".real_addslashes(urlencode(stripslashes($articlems->get['a'])))."' AND category_parent_id = 0"); if ($row = $articlems->db->nqfetch($result)){ $articlems->module = 'articles'; $articlems->executeArticles(); } else{ //not part of article or category, might be standalone plugin $result = $articlems->db->query("SELECT block_name, block_display_name, block_set FROM {$articlems->pre}blocks WHERE block_url = '".$articlems->get['a']."' AND block_active = 1 AND (block_set = 'standalone' OR block_set='browse') AND block_owner = '{$articlems->skin}'"); if ($row = $articlems->db->nqfetch($result)){ $articlems->navblock = $row['block_displayname']; if ($row['block_set'] == 'standalone'){ $articlems->module = 'standalone'; $articlems->executeStandalone($row['block_name']); } else{ $articlems->module = 'browse'; $articlems->executeBrowse($row['block_name']); } } else{ //not standalone block, might be plugin $found = false; $result = $articlems->db->query("SELECT block_name, block_owner, block_display_name, block_set FROM {$articlems->pre}blocks WHERE block_url = '".$articlems->get['a']."' AND block_active = 1 AND (block_set = 'standalone' OR block_set='browse') AND block_owner LIKE '_plugin_s{$articlems->section_id}_%'"); while ($row = $articlems->db->nqfetch($result)){ $plugin_name = str_replace("_plugin_s{$articlems->section_id}_",'',$row['block_owner']); if ($articlems->plugins[$plugin_name]){ $articlems->module = 'plugin'; $articlems->executePlugin($plugin_name, $row['block_set'], $row['block_name']); $found = true; break; } } if (!$found){ //not found $articlems->module = 'notfound'; $articlems->executeDefault('notfound'); } } } } } elseif ((isset($articlems->get['p']))){ $articlems->module = 'p'; $articlems->executePage(); } else{ //homepage $articlems->module = ''; $articlems->executeDefault(); } ?>