root/trunk/dotnode-action.php

Revision 10, 2.4 KB (checked in by alexx, 7 years ago)

* remove last "domain dependency" (hard coded domain)
* replace hard coded IP or login (for debug/administration purpose) by configuration array $configadmin_login? and $configadmin_ip?
* replace hard coded email by $configemail?
* manage smarty var by $_SMARTY (that will be assigned on time at the end of script), dotnode-*.php from the root has been modified
* fixe gettext file to reflect change into terms that contain an hard coded email
* some minor change
Line 
1<?php
2/****************************************************** Open .node ***
3 * Description:   
4 * Status:        Stable.
5 * Author:        Alexandre Dath <alexandre@dotnode.com>
6 * $Id$
7 *
8 * Copyright (C) 2005 Alexandre Dath <alexandre@dotnode.com>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software Foundation,
22 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
23 ******************** http://opensource.ikse.net/projects/dotnode ***/
24
25include ('../includes/includes.inc.php');
26include ('../includes/config/global.inc.php');
27
28session_start();
29
30$token = retreive_url_info($_SERVER["PHP_SELF"]);
31
32if(strlen($token[1]) == 32)
33    list($url_id) = array_splice($token, 1,1);
34
35if(($_SESSION['my_id'] && $_SESSION['SecID'] == $_COOKIE['SecID'] /*$_SESSION['my_ip'] == $_SERVER['REMOTE_ADDR']*/) || $token[1] == "select_language" || $token[1] == "login" || $token[1] == "sendpassword"  )
36{
37    error_log($_SERVER['HTTP_HOST'].' | '.$_SERVER['PHP_SELF'].' | '.$_SESSION['my_login']);
38
39    $db =& DB::connect($dsn);
40    if (DB::isError($db))
41    {
42        print "Can't connect to DB\n";
43        error_log($_SERVER['HTTP_HOST'].' | '.__FILE__.' | Connexion SQL impossible : '.$db->getMessage()) and exit;
44    }
45    $db->setFetchMode(DB_FETCHMODE_ASSOC);
46
47    for($idx=(count($token)-1); $idx>=0; $idx--)
48    {
49        $action = "";
50        for($level=1; $level<=$idx; $level++)
51            $action .= $token[$level].'/';
52        $action = substr($action,0,-1).'.action.php';
53        error_log($_SERVER['HTTP_HOST'].' | Include action : '.ACTIONSPATH.'/'.$action);
54        if(file_exists(ACTIONSPATH.'/'.$action))
55            break;
56    }
57
58    if(file_exists(ACTIONSPATH.'/'.$action) )
59        include(ACTIONSPATH.'/'.$action);
60    else
61    {
62        header("HTTP/1.1 403 Forbidden");
63        print $_SERVER["PHP_SELF"].": Action forbidden<br />\n";
64        if($_SERVER['REMOTE_ADDR'] == $config['admin_ip'])
65            print ACTIONSPATH.'/'.$action;
66    }
67
68    $db->disconnect();
69}
70else
71    header('Location: /');
72?>
Note: See TracBrowser for help on using the browser.