This file is part of dotProject.
dotProject is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
dotProject is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with dotProject; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
}}} */
// If you experience a 'white screen of death' or other problems,
// uncomment the following line of code:
//error_reporting(E_ALL);
$loginFromPage = 'index.php';
require_once 'base.php';
clearstatcache();
if (is_file(DP_BASE_DIR . '/includes/config.php')) {
require_once DP_BASE_DIR . '/includes/config.php';
} else {
echo ('
'
. 'Fatal Error. You haven\'t created a config file yet.
'
. 'Click Here To Start Installation and Create One!'
. ' (forwarded in 5 sec.)');
exit();
}
if (!(isset($GLOBALS['OS_WIN']))) {
$GLOBALS['OS_WIN'] = (mb_stristr(PHP_OS, 'WIN') !== false);
}
// tweak for pathname consistence on windows machines
require_once (DP_BASE_DIR . '/includes/main_functions.php');
require_once (DP_BASE_DIR . '/includes/db_adodb.php');
require_once (DP_BASE_DIR . '/includes/db_connect.php');
require_once (DP_BASE_DIR . '/classes/ui.class.php');
require_once (DP_BASE_DIR . '/classes/permissions.class.php');
require_once (DP_BASE_DIR . '/includes/session.php');
// don't output anything. Usefull for fileviewer.php, gantt.php, etc.
$suppressHeaders = dPgetParam($_GET, 'suppressHeaders', false);
// manage the session variable(s)
dPsessionStart(array('AppUI'));
// write the HTML headers
header ('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); //Date in the past
header ('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); //always modified
header ('Cache-Control: no-cache, must-revalidate, no-store, post-check=0, pre-check=0'); //HTTP/1.1
header ('Pragma: no-cache'); // HTTP/1.0
// check if session has previously been initialised
if (!(isset($_SESSION['AppUI'])) || isset($_GET['logout'])) {
if (isset($_GET['logout']) && isset($_SESSION['AppUI']->user_id)) {
$AppUI =& $_SESSION['AppUI'];
$AppUI->registerLogout($AppUI->user_id);
addHistory('login', $AppUI->user_id, 'logout',
($AppUI->user_first_name . ' ' . $AppUI->user_last_name));
}
$_SESSION['AppUI'] = new CAppUI;
}
$AppUI =& $_SESSION['AppUI'];
$last_insert_id =$AppUI->last_insert_id;
$AppUI->checkStyle();
// load the commonly used classes
require_once($AppUI->getSystemClass('date'));
require_once($AppUI->getSystemClass('dp'));
require_once($AppUI->getSystemClass('query'));
require_once DP_BASE_DIR.'/misc/debug.php';
//Function for update lost action in user_access_log
$AppUI->updateLastAction($last_insert_id);
// load default preferences if not logged in
if ($AppUI->doLogin()) {
$AppUI->loadPrefs(0);
}
// check is the user needs a new password
if (dPgetParam($_POST, 'lostpass', 0)) {
$uistyle = dPgetConfig('host_style');
$AppUI->setUserLocale();
@include_once (DP_BASE_DIR . '/locales/' . $AppUI->user_locale . '/locales.php');
@include_once (DP_BASE_DIR . '/locales/core.php');
setlocale(LC_TIME, $AppUI->user_lang);
if (dPgetParam($_REQUEST, 'sendpass', 0)) {
require (DP_BASE_DIR . '/includes/sendpass.php');
sendNewPass();
} else {
require (DP_BASE_DIR . '/style/' . $uistyle . '/lostpass.php');
}
exit();
}
// check if the user is trying to log in
// Note the change to REQUEST instead of POST. This is so that we can
// support alternative authentication methods such as the PostNuke
// and HTTP auth methods now supported.
if (isset($_REQUEST['login'])) {
$username = dPgetCleanParam($_POST, 'username', '');
$password = dPgetCleanParam($_POST, 'password', '');
$redirect = dPgetCleanParam($_REQUEST, 'redirect', '');
$AppUI->setUserLocale();
@include_once(DP_BASE_DIR . '/locales/' . $AppUI->user_locale . '/locales.php');
@include_once DP_BASE_DIR . '/locales/core.php';
$ok = $AppUI->login($username, $password);
if (!$ok) {
$AppUI->setMsg('Login Failed');
} else {
//Register login in user_acces_log
$AppUI->registerLogin();
}
addHistory('login', $AppUI->user_id, 'login',
($AppUI->user_first_name . ' ' . $AppUI->user_last_name));
$AppUI->redirect($redirect);
}
// supported since PHP 4.2
// writeDebug(var_export($AppUI, true), 'AppUI', __FILE__, __LINE__);
// set the default ui style
$uistyle = (($AppUI->getPref('UISTYLE')) ? $AppUI->getPref('UISTYLE') : dPgetConfig('host_style'));
// clear out main url parameters
$m = '';
$a = '';
$u = '';
// check if we are logged in
if ($AppUI->doLogin()) {
// load basic locale settings
$AppUI->setUserLocale();
@include_once('./locales/' . $AppUI->user_locale . '/locales.php');
@include_once('./locales/core.php');
setlocale(LC_TIME, $AppUI->user_lang);
$redirect = (($_SERVER['QUERY_STRING']) ? strip_tags($_SERVER['QUERY_STRING']) : '');
if (mb_strpos($redirect, 'logout') !== false) {
$redirect = '';
}
if (isset($locale_char_set)) {
header('Content-type: text/html;charset=' . $locale_char_set);
}
require (DP_BASE_DIR . '/style/' . $uistyle . '/login.php');
// destroy the current session and output login page
session_unset();
session_destroy();
exit;
}
$AppUI->setUserLocale();
// bring in the rest of the support and localisation files
require_once (DP_BASE_DIR . '/includes/permissions.php');
$def_a = 'index';
if (!(isset($_GET['m']) || empty($dPconfig['default_view_m']))) {
$m = $dPconfig['default_view_m'];
$def_a = ((!empty($dPconfig['default_view_a'])) ? $dPconfig['default_view_a'] : $def_a);
$tab = $dPconfig['default_view_tab'];
} else {
// set the module from the url
$m = $AppUI->checkFileName(dPgetCleanParam($_GET, 'm', getReadableModule()));
}
// set the action from the url
$a = $AppUI->checkFileName(dPgetCleanParam($_GET, 'a', $def_a));
/* This check for $u implies that a file located in a subdirectory of higher depth than 1
* in relation to the module base can't be executed. So it would'nt be possible to
* run for example the file module/directory1/directory2/file.php
* Also it won't be possible to run modules/module/abc.zyz.class.php for that dots are
* not allowed in the request parameters.
*/
$u = $AppUI->checkFileName(dPgetCleanParam($_GET, 'u', ''));
// load module based locale settings
@include_once (DP_BASE_DIR . '/locales/' . $AppUI->user_locale . '/locales.php');
@include_once (DP_BASE_DIR . '/locales/core.php');
setlocale(LC_TIME, $AppUI->user_lang);
$m_config = dPgetConfig($m);
@include_once (DP_BASE_DIR.'/functions/' . $m . '_func.php');
// TODO: canRead/Edit assignements should be moved into each file
// check overall module permissions
// these can be further modified by the included action files
$canAccess = getPermission($m, 'access');
$canRead = getPermission($m, 'view');
$canEdit = getPermission($m, 'edit');
$canAuthor = getPermission($m, 'add');
$canDelete = getPermission($m, 'delete');
if (!$suppressHeaders) {
// output the character set header
if (isset($locale_char_set)) {
header('Content-type: text/html;charset='.$locale_char_set);
}
}
// include the module class file - we use file_exists instead of @ so
// that any parse errors in the file are reported, rather than errors
// further down the track.
$modclass = $AppUI->getModuleClass($m);
if (file_exists($modclass)) {
include_once($modclass);
}
if ($u && file_exists(DP_BASE_DIR . '/modules/' . $m . '/' . $u . '/' . $u . '.class.php')) {
include_once (DP_BASE_DIR . '/modules/' . $m . '/' . $u . '/' . $u . '.class.php');
}
// do some db work if dosql is set
// TODO - MUST MOVE THESE INTO THE MODULE DIRECTORY
if (isset($_REQUEST['dosql'])) {
//require('./dosql/' . $_REQUEST['dosql'] . '.php');
require (DP_BASE_DIR . '/modules/' . $m . '/' . ($u ? ($u.'/') : '')
. $AppUI->checkFileName($_REQUEST['dosql']) . '.php');
}
// start output proper
include (DP_BASE_DIR . '/style/' . $uistyle . '/overrides.php');
ob_start();
if (!$suppressHeaders) {
require (DP_BASE_DIR . '/style/' . $uistyle . '/header.php');
}
if (!(isset($_SESSION['all_tabs'][$m]))) {
// For some reason on some systems if you don't set this up
// first you get recursive pointers to the all_tabs array, creating
// phantom tabs.
if (! isset($_SESSION['all_tabs'])) {
$_SESSION['all_tabs'] = array();
}
$_SESSION['all_tabs'][$m] = array();
$all_tabs =& $_SESSION['all_tabs'][$m];
foreach ($AppUI->getActiveModules() as $dir => $module) {
if (!(getPermission($dir, 'access'))) {
continue;
}
$modules_tabs = $AppUI->readFiles((DP_BASE_DIR . '/modules/' . $dir . '/'),
('^' . $m . '_tab.*\.php'));
foreach ($modules_tabs as $mod_tab) {
// Get the name as the subextension
// cut the module_tab. and the .php parts of the filename
// (begining and end)
$nameparts = explode('.', $mod_tab);
$filename = mb_substr($mod_tab, 0, -4);
if (count($nameparts) > 3) {
$file = $nameparts[1];
if (!(isset($all_tabs[$file]))) {
$all_tabs[$file] = array();
}
$arr =& $all_tabs[$file];
$name = $nameparts[2];
} else {
$arr =& $all_tabs;
$name = $nameparts[1];
}
$arr[] = array('name' => ucfirst(str_replace('_', ' ', $name)),
'file' => (DP_BASE_DIR . '/modules/' . $dir . '/' . $filename),
'module' => $dir);
/*
* Don't forget to unset $arr again! $arr is likely to be used in the sequel declaring
* any temporary array. This may lead to strange bugs with disappearing tabs(cf. #1767).
* @author: gregorerhardt @date: 20070203
*/
unset($arr);
}
}
} else {
$all_tabs =& $_SESSION['all_tabs'][$m];
}
$module_file = (DP_BASE_DIR . '/modules/' . $m . '/' . (($u) ? ($u.'/') : '') . $a . '.php');
if (file_exists($module_file)) {
require $module_file;
} else {
//TODO: make this part of the public module?
//TODO: internationalise the string.
$titleBlock = new CTitleBlock('Warning', 'log-error.gif');
$titleBlock->show();
echo $AppUI->_('Missing file. Possible Module "' . $m . '" missing!');
}
if (!$suppressHeaders) {
echo ('');
require (DP_BASE_DIR . '/style/' . $uistyle . '/footer.php');
}
ob_end_flush();
?>