root/trunk/dotnode-action.php

Revision 10, 2.4 kB (checked in by alexx, 3 years ago)

* remove last "domain dependency" (hard coded domain)
* replace hard coded IP or login (for debug/administration purpose) by configuration array $configadmin_login? and $configadmin_ip?
* replace hard coded email by $configemail?
* manage smarty var by $_SMARTY (that will be assigned on time at the end of script), dotnode-*.php from the root has been modified
* fixe gettext file to reflect change into terms that contain an hard coded email
* some minor change

Line 
1 <?php
2 /****************************************************** Open .node ***
3  * Description:   
4  * Status:        Stable.
5  * Author:        Alexandre Dath <alexandre@dotnode.com>
6  * $Id$
7  *
8  * Copyright (C) 2005 Alexandre Dath <alexandre@dotnode.com>
9  *
10  * This program is free software; you can redistribute it and/or modify
11  * it under the terms of the GNU General Public License as published by
12  * the Free Software Foundation; either version 2 of the License, or
13  * (at your option) any later version.
14  *
15  * This program is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18  * GNU General Public License for more details.
19  *
20  * You should have received a copy of the GNU General Public License
21  * along with this program; if not, write to the Free Software Foundation,
22  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
23  ******************** http://opensource.ikse.net/projects/dotnode ***/
24
25 include ('../includes/includes.inc.php');
26 include ('../includes/config/global.inc.php');
27
28 session_start();
29
30 $token = retreive_url_info($_SERVER["PHP_SELF"]);
31
32 if(strlen($token[1]) == 32)
33     list($url_id) = array_splice($token, 1,1);
34
35 if(($_SESSION['my_id'] && $_SESSION['SecID'] == $_COOKIE['SecID'] /*$_SESSION['my_ip'] == $_SERVER['REMOTE_ADDR']*/) || $token[1] == "select_language" || $token[1] == "login" || $token[1] == "sendpassword"  )
36 {
37     error_log($_SERVER['HTTP_HOST'].' | '.$_SERVER['PHP_SELF'].' | '.$_SESSION['my_login']);
38
39     $db =& DB::connect($dsn);
40     if (DB::isError($db))
41     {
42         print "Can't connect to DB\n";
43         error_log($_SERVER['HTTP_HOST'].' | '.__FILE__.' | Connexion SQL impossible : '.$db->getMessage()) and exit;
44     }
45     $db->setFetchMode(DB_FETCHMODE_ASSOC);
46
47     for($idx=(count($token)-1); $idx>=0; $idx--)
48     {
49         $action = "";
50         for($level=1; $level<=$idx; $level++)
51             $action .= $token[$level].'/';
52         $action = substr($action,0,-1).'.action.php';
53         error_log($_SERVER['HTTP_HOST'].' | Include action : '.ACTIONSPATH.'/'.$action);
54         if(file_exists(ACTIONSPATH.'/'.$action))
55             break;
56     }
57
58     if(file_exists(ACTIONSPATH.'/'.$action) )
59         include(ACTIONSPATH.'/'.$action);
60     else
61     {
62         header("HTTP/1.1 403 Forbidden");
63         print $_SERVER["PHP_SELF"].": Action forbidden<br />\n";
64         if($_SERVER['REMOTE_ADDR'] == $config['admin_ip'])
65             print ACTIONSPATH.'/'.$action;
66     }
67
68     $db->disconnect();
69 }
70 else
71     header('Location: /');
72 ?>
73
Note: See TracBrowser for help on using the browser.