4 define(
'FOLLOW_REQUEST_SSL', 0);
5 define(
'ENFORCE_SSL', 1);
6 define(
'RELEASE_SSL', 2);
149 '/<script\s*?language\s*?=\s*?("|\')?\s*?php\s*("|\')?/iUsm'
164 static $theInstance = null;
181 $this->get_vars =
new stdClass();
185 if(is_readable($this->sslActionCacheFile))
187 require($this->sslActionCacheFile);
188 if(isset($sslActions))
190 $this->ssl_actions = $sslActions;
204 if(!isset(
$GLOBALS[
'HTTP_RAW_POST_DATA']) && version_compare(PHP_VERSION,
'5.6.0',
'>=') === TRUE)
206 $GLOBALS[
'HTTP_RAW_POST_DATA'] = file_get_contents(
"php://input");
209 if(!preg_match(
'/^[<\{\[]/',
$GLOBALS[
'HTTP_RAW_POST_DATA']) && strpos($_SERVER[
'CONTENT_TYPE'],
'json') === FALSE && strpos($_SERVER[
'HTTP_CONTENT_TYPE'],
'json') === FALSE)
211 unset(
$GLOBALS[
'HTTP_RAW_POST_DATA']);
216 $this->context = &
$GLOBALS[
'__Context__'];
217 $this->context->lang = &
$GLOBALS[
'lang'];
218 $this->context->_COOKIE = $_COOKIE;
231 if($this->db_info->use_sitelock ==
'Y')
233 if(is_array($this->db_info->sitelock_whitelist)) $whitelist = $this->db_info->sitelock_whitelist;
237 $title = ($this->db_info->sitelock_title) ? $this->db_info->sitelock_title :
'Maintenance in progress...';
238 $message = $this->db_info->sitelock_message;
240 define(
'_XE_SITELOCK_', TRUE);
241 define(
'_XE_SITELOCK_TITLE_', $title);
242 define(
'_XE_SITELOCK_MESSAGE_', $message);
244 header(
"HTTP/1.1 403 Forbidden");
247 include
_XE_PATH_ .
'common/tpl/sitelock.user.html';
251 include
_XE_PATH_ .
'common/tpl/sitelock.html';
258 if(self::isInstalled())
263 if(!isset($site_module_info))
265 $site_module_info =
new stdClass();
269 if($site_module_info->site_srl == 0 && $site_module_info->domain != $this->db_info->default_url)
271 $site_module_info->domain = $this->db_info->default_url;
274 $this->
set(
'site_module_info', $site_module_info);
275 if($site_module_info->site_srl &&
isSiteID($site_module_info->domain))
277 $this->
set(
'vid', $site_module_info->domain, TRUE);
280 if(!isset($this->db_info))
282 $this->db_info =
new stdClass();
285 $this->db_info->lang_type = $site_module_info->default_language;
286 if(!$this->db_info->lang_type)
288 $this->db_info->lang_type =
'en';
290 if(!$this->db_info->use_db_session)
292 $this->db_info->use_db_session =
'N';
300 if($this->lang_type = $this->
get(
'l'))
302 if($_COOKIE[
'lang_type'] != $this->lang_type)
304 setcookie(
'lang_type', $this->lang_type, $_SERVER[
'REQUEST_TIME'] + 3600 * 24 * 1000);
307 elseif($_COOKIE[
'lang_type'])
309 $this->lang_type = $_COOKIE[
'lang_type'];
313 if(!$this->lang_type)
315 $this->lang_type = $this->db_info->lang_type;
319 if(!$this->lang_type)
321 $this->lang_type =
'en';
323 if(is_array($lang_supported) && !isset($lang_supported[$this->lang_type]))
325 $this->lang_type =
'en';
328 $this->
set(
'lang_supported', $lang_supported);
335 if(self::isInstalled() && $this->db_info->use_db_session ==
'Y')
337 $oSessionModel =
getModel(
'session');
339 ini_set(
'session.serialize_handler',
'php');
340 session_set_save_handler(
341 array(&$oSessionController,
'open'), array(&$oSessionController,
'close'), array(&$oSessionModel,
'read'), array(&$oSessionController,
'write'), array(&$oSessionController,
'destroy'), array(&$oSessionController,
'gc')
345 if($sess = $_POST[session_name()]) session_id($sess);
349 if(self::isInstalled())
357 if($oMemberController && $oMemberModel)
360 if($oMemberModel->isLogged())
362 $oMemberController->setSessionInfo();
365 elseif($_COOKIE[
'xeak'])
367 $oMemberController->doAutologin();
370 $this->
set(
'is_logged', $oMemberModel->isLogged());
371 $this->
set(
'logged_info', $oMemberModel->getLoggedInfo());
380 $this->allow_rewrite = ($this->db_info->use_rewrite ==
'Y' ? TRUE : FALSE);
384 $current_url = self::getRequestUri();
385 if($_SERVER[
'REQUEST_METHOD'] ==
'GET')
390 foreach($this->get_vars as $key => $val)
392 if(is_array($val) && count($val) > 0)
394 foreach($val as $k => $v)
396 $url[] = $key .
'[' . $k .
']=' . urlencode($v);
401 $url[] = $key .
'=' . urlencode($val);
405 $current_url = self::getRequestUri();
406 if($url) $current_url .=
'?' . join(
'&', $url);
410 $current_url = $this->
getUrl();
415 $current_url = self::getRequestUri();
418 $this->
set(
'current_url', $current_url);
419 $this->
set(
'request_uri', self::getRequestUri());
421 if(strpos($current_url,
'xn--') !== FALSE)
423 $this->
set(
'current_url', self::decodeIdna($current_url));
426 if(strpos(self::getRequestUri(),
'xn--') !== FALSE)
428 $this->
set(
'request_uri', self::decodeIdna(self::getRequestUri()));
439 session_write_close();
449 $self = self::getInstance();
451 if(!$self->isInstalled())
457 include($self::getConfigFile());
479 if(isset(
$db_info->master_db[
"db_table_prefix"]) && substr_compare(
$db_info->master_db[
"db_table_prefix"],
'_', -1) !== 0)
481 $db_info->master_db[
"db_table_prefix"] .=
'_';
488 $oInstallController->makeConfigFile();
491 if(version_compare(PHP_VERSION,
'7.0',
'>='))
493 $db_info->master_db[
"db_type"] = preg_replace(
'/^mysql(_.+)?$/',
'mysqli$1',
$db_info->master_db[
"db_type"]);
494 foreach(
$db_info->slave_db as &$slave_db_info)
496 $slave_db_info[
"db_type"] = preg_replace(
'/^mysql(_.+)?$/',
'mysqli$1', $slave_db_info[
"db_type"]);
500 if(!
$db_info->use_prepared_statements)
502 $db_info->use_prepared_statements =
'Y';
509 if(
$db_info->qmail_compatibility !=
'Y')
510 $db_info->qmail_compatibility =
'N';
519 $self->set(
'_http_port', (
$db_info->http_port) ?
$db_info->http_port : NULL);
520 $self->set(
'_https_port', (
$db_info->https_port) ?
$db_info->https_port : NULL);
523 $db_info->sitelock_whitelist =
'127.0.0.1';
526 if(is_string(
$db_info->sitelock_whitelist)) {
540 $self = self::getInstance();
541 return $self->db_info->master_db[
"db_type"];
552 $self = self::getInstance();
563 $self = self::getInstance();
564 return $self->db_info;
574 $dbInfo = self::getDBInfo();
575 return $dbInfo->use_ssl;
596 static $lang_supported = null;
600 foreach($langs as $val)
602 list($lang_prefix, $lang_text) = explode(
',', $val);
603 $lang_text = trim($lang_text);
604 $lang_supported[$lang_prefix] = $lang_text;
607 return $lang_supported;
617 static $lang_selected = null;
620 $orig_lang_file =
_XE_PATH_ .
'common/lang/lang.info';
621 $selected_lang_file =
_XE_PATH_ .
'files/config/lang_selected.info';
624 $old_selected_lang_file =
_XE_PATH_ .
'files/cache/lang_selected.info';
632 $lang_selected = self::loadLangSupported();
636 $langs =
file($selected_lang_file);
637 foreach($langs as $val)
639 list($lang_prefix, $lang_text) = explode(
',', $val);
640 $lang_text = trim($lang_text);
641 $lang_selected[$lang_prefix] = $lang_text;
645 return $lang_selected;
656 if($this->db_info->use_sso !=
'Y' ||
isCrawler())
660 $checkActList = array(
'rss' => 1,
'atom' => 1);
661 if(self::getRequestMethod() !=
'GET' || !self::isInstalled() || isset($checkActList[self::get(
'act')]))
667 $default_url = trim($this->db_info->default_url);
673 if(substr_compare($default_url,
'/', -1) !== 0)
679 if($default_url == self::getRequestUri())
683 $url = base64_decode(self::get(
'url'));
684 $url_info = parse_url($url);
687 echo self::get(
'lang')->msg_invalid_request;
692 $domain = $url_info[
'host'] . $url_info[
'path'];
693 if(substr_compare($domain,
'/', -1) === 0) $domain = substr($domain, 0, -1);
696 if($site_info->site_srl)
698 $url_info[
'query'].= ($url_info[
'query'] ?
'&' :
'') .
'SSOID=' . urlencode(session_id()) .
'&sig=' . urlencode(
Password::createSignature(session_id()));
699 $redirect_url = sprintf(
'%s://%s%s%s?%s', $url_info[
'scheme'], $url_info[
'host'], $url_info[
'port'] ?
':' . $url_info[
'port'] :
'', $url_info[
'path'], $url_info[
'query']);
703 $redirect_url = $url;
705 header(
'location:' . $redirect_url);
714 if($session_name = self::get(
'SSOID'))
718 echo self::get(
'lang')->msg_invalid_request;
722 setcookie(session_name(), $session_name);
724 $url = preg_replace(
'/[\?\&]SSOID=.+$/',
'', self::getRequestUrl());
725 header(
'location:' . $url);
729 else if(!self::get(
'SSOID') && $_COOKIE[
'sso'] != md5(self::getRequestUri()))
731 setcookie(
'sso', md5(self::getRequestUri()));
732 $origin_url = self::getRequestUrl();
734 $url = sprintf(
"%s?url=%s&sig=%s", $default_url, urlencode(base64_encode($origin_url)), urlencode($origin_sig));
735 header(
'location:' . $url);
750 return file_exists(self::getFTPConfigFile());
760 $self = self::getInstance();
762 if(!$self->isFTPRegisted())
767 include($self->getFTPConfigFile());
784 $self = self::getInstance();
786 if($self->site_title)
808 $self = self::getInstance();
819 $self = self::getInstance();
824 return htmlspecialchars($self->site_title, ENT_COMPAT | ENT_HTML401,
'UTF-8', FALSE);
836 if(isset($moduleConfig->siteTitle))
838 return $moduleConfig->siteTitle;
862 $self = self::getInstance();
863 if(!$self->lang_type)
867 if(!is_object($lang))
869 $lang =
new stdClass;
872 if(!($filename = $self->_loadXmlLang(
$path)))
874 $filename = $self->_loadPhpLang(
$path);
877 if(!is_array($self->loaded_lang_files))
879 $self->loaded_lang_files = array();
881 if(in_array($filename, $self->loaded_lang_files))
886 if($filename && is_readable($filename))
888 $self->loaded_lang_files[] = $filename;
893 $self->_evalxmlLang(
$path);
909 $_path =
'eval://' .
$path;
911 if(in_array($_path, $this->loaded_lang_files))
916 if(substr_compare(
$path,
'/', -1) !== 0)
922 $content = $oXmlLangParser->getCompileContent();
926 $this->loaded_lang_files[] = $_path;
941 $oXmlLangParser =
new XmlLangParser(
$path . ((substr_compare(
$path,
'/', -1) !== 0) ?
'/' :
'') .
'lang.xml', $this->lang_type);
942 return $oXmlLangParser->compile();
955 if(substr_compare(
$path,
'/', -1) !== 0)
959 $path_tpl =
$path .
'%s.lang.php';
960 $file = sprintf($path_tpl, $this->lang_type);
962 $langs = array(
'ko',
'en');
963 while(!is_readable($file) && $langs[0])
965 $file = sprintf($path_tpl, array_shift($langs));
968 if(!is_readable($file))
983 $self = self::getInstance();
998 $self = self::getInstance();
999 return $self->lang_type;
1045 $charset_list = array(
1046 'UTF-8',
'EUC-KR',
'CP949',
'ISO8859-1',
'EUC-JP',
'SHIFT_JIS',
1047 'CP932',
'EUC-CN',
'HZ',
'GBK',
'GB18030',
'EUC-TW',
'BIG5',
1048 'CP950',
'BIG5-HKSCS',
'ISO8859-6',
'ISO8859-8',
'JOHAB',
'CP1255',
1049 'CP1256',
'CP862',
'ASCII',
'ISO8859-1',
'CP1250',
'CP1251',
1050 'CP1252',
'CP1253',
'CP1254',
'CP1257',
'CP850',
'CP866'
1053 $obj = clone $source_obj;
1055 foreach($charset_list as $charset)
1057 array_walk(
$obj,
'Context::checkConvertFlag',$charset);
1058 $flag = self::checkConvertFlag($flag = TRUE);
1061 if($charset ==
'UTF-8')
1065 array_walk(
$obj,
'Context::doConvertEncoding',$charset);
1083 static $flag = TRUE;
1087 array_walk($val,
'Context::checkConvertFlag',$charset);
1088 else if($val && iconv($charset,$charset,$val)!=$val) $flag = FALSE;
1112 array_walk($val,
'Context::doConvertEncoding',$charset);
1114 else $val = iconv($charset,
'UTF-8',$val);
1125 if(!$str)
return null;
1126 $obj =
new stdClass();
1128 $obj = self::convertEncoding(
$obj);
1134 if(strpos($domain,
'xn--') !== FALSE)
1136 require_once(
_XE_PATH_ .
'libs/idna_convert/idna_convert.class.php');
1138 $domain =
$IDN->decode($domain);
1152 $self = self::getInstance();
1154 $methods = array(
'HTML' => 1,
'XMLRPC' => 1,
'JSON' => 1,
'JS_CALLBACK' => 1);
1155 $self->response_method = isset($methods[$method]) ? $method :
'HTML';
1165 $self = self::getInstance();
1167 if($self->response_method)
1169 return $self->response_method;
1172 $method = $self->getRequestMethod();
1173 $methods = array(
'HTML' => 1,
'XMLRPC' => 1,
'JSON' => 1,
'JS_CALLBACK' => 1);
1175 return isset($methods[$method]) ? $method :
'HTML';
1186 $self = self::getInstance();
1188 $self->js_callback_func = $self->getJSCallbackFunc();
1190 ($type && $self->request_method = $type) or
1191 ((strpos($_SERVER[
'CONTENT_TYPE'],
'json') || strpos($_SERVER[
'HTTP_CONTENT_TYPE'],
'json')) && $self->request_method =
'JSON') or
1192 (
$GLOBALS[
'HTTP_RAW_POST_DATA'] && $self->request_method =
'XMLRPC') or
1193 ($self->js_callback_func && $self->request_method =
'JS_CALLBACK') or
1194 ($self->request_method = $_SERVER[
'REQUEST_METHOD']);
1204 $this->_recursiveCheckVar($_SERVER[
'HTTP_HOST']);
1206 $pattern =
"/[\,\"\'\{\}\[\]\(\);$]/";
1207 if(preg_match($pattern, $_SERVER[
'HTTP_HOST']))
1209 $this->isSuccessInit = FALSE;
1220 if(!count($_REQUEST))
1225 $requestMethod = $this->getRequestMethod();
1226 foreach($_REQUEST as $key => $val)
1228 if($val ===
'' || self::get($key))
1232 $key = htmlentities($key);
1233 $val = $this->_filterRequestVar($key, $val,
false, ($requestMethod ==
'GET'));
1235 if($requestMethod ==
'GET' && isset($_GET[$key]))
1237 $set_to_vars = TRUE;
1239 elseif($requestMethod ==
'POST' && isset($_POST[$key]))
1241 $set_to_vars = TRUE;
1243 elseif($requestMethod ==
'JS_CALLBACK' && (isset($_GET[$key]) || isset($_POST[$key])))
1245 $set_to_vars = TRUE;
1249 $set_to_vars = FALSE;
1254 $this->_recursiveCheckVar($val);
1257 $this->set($key, $val, $set_to_vars);
1265 foreach($this->patterns as $pattern)
1267 if(preg_match($pattern, $val))
1269 $this->isSuccessInit = FALSE;
1274 else if(is_array($val))
1276 foreach($val as $val2)
1278 $this->_recursiveCheckVar($val2);
1290 if($this->getRequestMethod() !=
'JSON')
1296 parse_str(
$GLOBALS[
'HTTP_RAW_POST_DATA'], $params);
1298 foreach($params as $key => $val)
1300 $key = htmlentities($key);
1301 $this->set($key, $this->_filterRequestVar($key, $val, 1), TRUE);
1312 if($this->getRequestMethod() !=
'XMLRPC')
1317 $xml =
$GLOBALS[
'HTTP_RAW_POST_DATA'];
1320 header(
"HTTP/1.0 400 Bad Request");
1325 $xml_obj = $oXml->parse($xml);
1327 $params = $xml_obj->methodcall->params;
1328 unset($params->node_name, $params->attrs, $params->body);
1330 if(!count(get_object_vars($params)))
1335 foreach($params as $key => $val)
1337 $this->set($key, $this->_filterXmlVars($key, $val), TRUE);
1353 foreach($val as $k => $v)
1355 $stack[$k] = $this->_filterXmlVars($k, $v);
1362 unset($val->node_name, $val->attrs, $val->body);
1363 if(!count(get_object_vars($val)))
1365 return $this->_filterRequestVar($key, $body, 0);
1368 $stack =
new stdClass();
1369 foreach($val as $k => $v)
1371 $output = $this->_filterXmlVars($k, $v);
1372 if(is_object($v) && $v->attrs->type ==
'array')
1376 if($k ==
'value' && (is_array($v) || $v->attrs->type ==
'array'))
1384 if(!count(get_object_vars($stack)))
1403 if(!($isArray = is_array($val)))
1409 foreach($val as $k => $v)
1411 if($remove_hack && !is_array($v)) {
1412 if(stripos($v,
'<script') || stripos($v,
'lt;script') || stripos($v,
'%3Cscript'))
1414 $result[$k] =
escape($v);
1419 $k = htmlentities($k);
1420 if($key ===
'page' || $key ===
'cpage' || substr_compare($key,
'srl', -3) === 0)
1422 $result[$k] = !preg_match(
'/^[0-9,]+$/', $v) ? (int) $v : $v;
1424 elseif(in_array($key, array(
'mid',
'search_keyword',
'search_target',
'xe_validator_id'))) {
1425 $result[$k] =
escape($v,
false);
1427 elseif($key ===
'vid')
1429 $result[$k] = urlencode($v);
1431 elseif(stripos($key,
'XE_VALIDATOR', 0) === 0)
1439 if($do_stripslashes && version_compare(PHP_VERSION,
'5.4.0',
'<') && get_magic_quotes_gpc())
1441 if (is_array($result[$k]))
1443 array_walk_recursive($result[$k],
function(&$val) { $val = stripslashes($val); });
1447 $result[$k] = stripslashes($result[$k]);
1451 if(is_array($result[$k]))
1453 array_walk_recursive($result[$k],
function(&$val) { $val = trim($val); });
1457 $result[$k] = trim($result[$k]);
1462 $result[$k] =
escape($result[$k],
false);
1467 return $isArray ? $result : $result[0];
1477 $self = self::getInstance();
1478 return $self->is_uploaded;
1488 if($_SERVER[
'REQUEST_METHOD'] !=
'POST' || !$_FILES || (stripos($_SERVER[
'CONTENT_TYPE'],
'multipart/form-data') === FALSE && stripos($_SERVER[
'HTTP_CONTENT_TYPE'],
'multipart/form-data') === FALSE))
1493 foreach($_FILES as $key => $val)
1495 $tmp_name = $val[
'tmp_name'];
1496 if(!is_array($tmp_name))
1502 $val[
'name'] = htmlspecialchars($val[
'name'], ENT_COMPAT | ENT_HTML401,
'UTF-8', FALSE);
1503 $this->set($key, $val, TRUE);
1504 $this->is_uploaded = TRUE;
1509 foreach ($tmp_name as $i => $j)
1514 unset($_FILES[$key]);
1518 $file[
'name'] = $val[
'name'][$i];
1519 $file[
'type'] = $val[
'type'][$i];
1520 $file[
'tmp_name'] = $val[
'tmp_name'][$i];
1521 $file[
'error'] = $val[
'error'][$i];
1522 $file[
'size'] = $val[
'size'][$i];
1527 self::set($key, $files,
true);
1539 $self = self::getInstance();
1540 return $self->request_method;
1552 $url = self::getRequestUri();
1553 if(count($_GET) > 0)
1555 foreach($_GET as $key => $val)
1557 $vars[] = $key .
'=' . ($val ? urlencode(self::convertEncodingStr($val)) :
'');
1559 $url .=
'?' . join(
'&', $vars);
1571 $self = self::getInstance();
1572 $js_callback_func = isset($_GET[
'xe_js_callback']) ? $_GET[
'xe_js_callback'] : $_POST[
'xe_js_callback'];
1574 if(!preg_match(
'/^[a-z0-9\.]+$/i', $js_callback_func))
1576 unset($js_callback_func);
1577 unset($_GET[
'xe_js_callback']);
1578 unset($_POST[
'xe_js_callback']);
1581 return $js_callback_func;
1594 function getUrl($num_args = 0, $args_list = array(), $domain = null, $encode = TRUE, $autoEncode = FALSE)
1596 static $site_module_info = null;
1597 static $current_info = null;
1599 $self = self::getInstance();
1602 if(is_null($site_module_info))
1604 $site_module_info = self::get(
'site_module_info');
1615 if(!$domain && !$vid)
1617 if($site_module_info->domain &&
isSiteID($site_module_info->domain))
1619 $vid = $site_module_info->domain;
1623 $domain = $site_module_info->domain;
1630 $domain_info = parse_url($domain);
1631 if(is_null($current_info))
1633 $current_info = parse_url(($_SERVER[
'HTTPS'] ==
'on' ?
'https' :
'http') .
'://' . $_SERVER[
'HTTP_HOST'] .
getScriptPath());
1635 if($domain_info[
'host'] . $domain_info[
'path'] == $current_info[
'host'] . $current_info[
'path'])
1641 $domain = preg_replace(
'/^(http|https):\/\//i',
'', trim($domain));
1642 if(substr_compare($domain,
'/', -1) !== 0)
1649 $get_vars = array();
1652 if(!$self->get_vars || $args_list[0] ==
'')
1655 if(is_array($args_list) && $args_list[0] ==
'')
1657 array_shift($args_list);
1660 elseif($_SERVER[
'REQUEST_METHOD'] ==
'GET')
1663 $get_vars = get_object_vars($self->get_vars);
1667 if(!!$self->get_vars->module) $get_vars[
'module'] = $self->get_vars->module;
1668 if(!!$self->get_vars->mid) $get_vars[
'mid'] = $self->get_vars->mid;
1669 if(!!$self->get_vars->act) $get_vars[
'act'] = $self->get_vars->act;
1670 if(!!$self->get_vars->page) $get_vars[
'page'] = $self->get_vars->page;
1671 if(!!$self->get_vars->search_target) $get_vars[
'search_target'] = $self->get_vars->search_target;
1672 if(!!$self->get_vars->search_keyword) $get_vars[
'search_keyword'] = $self->get_vars->search_keyword;
1673 if($get_vars[
'act'] ==
'IS')
1675 if(!!$self->get_vars->is_keyword) $get_vars[
'is_keyword'] = $self->get_vars->is_keyword;
1680 for($i = 0, $c = count($args_list); $i < $c; $i += 2)
1682 $key = $args_list[$i];
1683 $val = trim($args_list[$i + 1]);
1686 if(!isset($val) || !strlen($val))
1688 unset($get_vars[$key]);
1692 $get_vars[$key] = $val;
1696 unset($get_vars[
'rnd']);
1699 $get_vars[
'vid'] = $vid;
1703 unset($get_vars[
'vid']);
1707 $act = $get_vars[
'act'];
1709 'dispMemberFriend' =>
'dispCommunicationFriend',
1710 'dispMemberMessages' =>
'dispCommunicationMessages',
1711 'dispDocumentAdminManageDocument' =>
'dispDocumentManageDocument',
1712 'dispModuleAdminSelectList' =>
'dispModuleSelectList'
1714 if($act_alias[$act])
1716 $get_vars[
'act'] = $act_alias[$act];
1721 if(count($get_vars) > 0)
1724 if($self->allow_rewrite)
1726 $var_keys = array_keys($get_vars);
1729 $target = join(
'.', $var_keys);
1731 $act = $get_vars[
'act'];
1732 $vid = $get_vars[
'vid'];
1733 $mid = $get_vars[
'mid'];
1734 $key = $get_vars[
'key'];
1735 $srl = $get_vars[
'document_srl'];
1737 $tmpArray = array(
'rss' => 1,
'atom' => 1,
'api' => 1);
1738 $is_feed = isset($tmpArray[$act]);
1740 $target_map = array(
1743 'mid.vid' =>
"$vid/$mid",
1744 'entry.mid' =>
"$mid/entry/" . $get_vars[
'entry'],
1745 'entry.mid.vid' =>
"$vid/$mid/entry/" . $get_vars[
'entry'],
1746 'document_srl' => $srl,
1747 'document_srl.mid' =>
"$mid/$srl",
1748 'document_srl.vid' =>
"$vid/$srl",
1749 'document_srl.mid.vid' =>
"$vid/$mid/$srl",
1750 'act' => ($is_feed && $act !==
'api') ? $act :
'',
1751 'act.mid' => $is_feed ?
"$mid/$act" :
'',
1752 'act.mid.vid' => $is_feed ?
"$vid/$mid/$act" :
'',
1753 'act.document_srl.key' => ($act ==
'trackback') ?
"$srl/$key/$act" :
'',
1754 'act.document_srl.key.mid' => ($act ==
'trackback') ?
"$mid/$srl/$key/$act" :
'',
1755 'act.document_srl.key.vid' => ($act ==
'trackback') ?
"$vid/$srl/$key/$act" :
'',
1756 'act.document_srl.key.mid.vid' => ($act ==
'trackback') ?
"$vid/$mid/$srl/$key/$act" :
''
1759 $query = $target_map[$target];
1765 foreach($get_vars as $key => $val)
1767 if(is_array($val) && count($val) > 0)
1769 foreach($val as $k => $v)
1771 $queries[] = $key .
'[' . $k .
']=' . urlencode($v);
1774 elseif(!is_array($val))
1776 $queries[] = $key .
'=' . urlencode($val);
1779 if(count($queries) > 0)
1781 $query =
'index.php?' . join(
'&', $queries);
1787 $_use_ssl = $self->get(
'_use_ssl');
1788 if($_use_ssl ==
'always')
1790 $query = $self->getRequestUri(
ENFORCE_SSL, $domain) . $query;
1793 elseif($_use_ssl ==
'optional')
1795 $ssl_mode = (($self->get(
'module') ===
'admin') || ($get_vars[
'module'] ===
'admin') || (isset($get_vars[
'act']) && $self->isExistsSSLAction($get_vars[
'act']))) ?
ENFORCE_SSL :
RELEASE_SSL;
1796 $query = $self->getRequestUri($ssl_mode, $domain) . $query;
1802 if($_SERVER[
'HTTPS'] ==
'on')
1804 $query = $self->getRequestUri(
ENFORCE_SSL, $domain) . $query;
1823 return htmlspecialchars($query, ENT_COMPAT | ENT_HTML401,
'UTF-8', FALSE);
1827 $encode_queries = array();
1828 $parsedUrl = parse_url($query);
1829 parse_str($parsedUrl[
'query'],
$output);
1830 foreach(
$output as $key => $value)
1832 if(preg_match(
'/&([a-z]{2,}|#\d+);/', urldecode($value)))
1834 $value = urlencode(htmlspecialchars_decode(urldecode($value)));
1836 $encode_queries[] = $key .
'=' . $value;
1839 return htmlspecialchars($parsedUrl[
'path'] .
'?' . join(
'&', $encode_queries), ENT_COMPAT | ENT_HTML401,
'UTF-8', FALSE);
1851 static $url = array();
1854 if(!isset($_SERVER[
'SERVER_PROTOCOL']))
1859 if(self::get(
'_use_ssl') ==
'always')
1866 $domain_key = md5($domain);
1870 $domain_key =
'default';
1873 if(isset($url[$ssl_mode][$domain_key]))
1875 return $url[$ssl_mode][$domain_key];
1878 $current_use_ssl = ($_SERVER[
'HTTPS'] ==
'on');
1892 $target_url = trim($domain);
1893 if(substr_compare($target_url,
'/', -1) !== 0)
1903 $url_info = parse_url(
'http://' . $target_url);
1905 if($current_use_ssl != $use_ssl)
1907 unset($url_info[
'port']);
1912 $port = self::get(
'_https_port');
1913 if($port && $port != 443)
1915 $url_info[
'port'] = $port;
1917 elseif($url_info[
'port'] == 443)
1919 unset($url_info[
'port']);
1924 $port = self::get(
'_http_port');
1925 if($port && $port != 80)
1927 $url_info[
'port'] = $port;
1929 elseif($url_info[
'port'] == 80)
1931 unset($url_info[
'port']);
1935 $url[$ssl_mode][$domain_key] = sprintf(
'%s://%s%s%s', $use_ssl ?
'https' : $url_info[
'scheme'], $url_info[
'host'], $url_info[
'port'] && $url_info[
'port'] != 80 ?
':' . $url_info[
'port'] :
'', $url_info[
'path']);
1937 return $url[$ssl_mode][$domain_key];
1948 function set($key, $val, $set_to_get_vars = 0)
1950 $self = self::getInstance();
1951 $self->context->{$key} = $val;
1952 if($set_to_get_vars === FALSE)
1956 if($val === NULL || $val ===
'')
1958 unset($self->get_vars->{$key});
1961 if($set_to_get_vars || $self->get_vars->{$key})
1963 $self->get_vars->{$key} = $val;
1975 $self = self::getInstance();
1977 if(!isset($self->context->{$key}))
1981 return $self->context->{$key};
1991 $num_args = func_num_args();
1996 $self = self::getInstance();
1998 $args_list = func_get_args();
2000 foreach($args_list as $v)
2002 $output->{$v} = $self->get($v);
2014 $self = self::getInstance();
2015 return $self->context;
2025 $self = self::getInstance();
2028 return clone($self->get_vars);
2030 return new stdClass;
2041 $self = self::getInstance();
2043 if(!is_readable($self->sslActionCacheFile))
2045 $buff =
'<?php if(!defined("__XE__"))exit;';
2049 if(!isset($self->ssl_actions[$action]))
2051 $self->ssl_actions[$action] = 1;
2052 $sslActionCacheString = sprintf(
'$sslActions[\'%s\'] = 1;', $action);
2065 $self = self::getInstance();
2067 if(!is_readable($self->sslActionCacheFile))
2069 unset($self->ssl_actions);
2070 $buff =
'<?php if(!defined("__XE__"))exit;';
2074 foreach($action_array as $action)
2076 if(!isset($self->ssl_actions[$action]))
2078 $self->ssl_actions[$action] = 1;
2079 $sslActionCacheString = sprintf(
'$sslActions[\'%s\'] = 1;', $action);
2093 $self = self::getInstance();
2095 if($self->isExistsSSLAction($action))
2097 $sslActionCacheString = sprintf(
'$sslActions[\'%s\'] = 1;', $action);
2099 $buff = str_replace($sslActionCacheString,
'', $buff);
2111 $self = self::getInstance();
2112 if($self->getSslStatus() ==
'optional')
2114 return $self->ssl_actions;
2126 $self = self::getInstance();
2127 return isset($self->ssl_actions[$action]);
2139 if($file{0} !=
'/' && $file{0} !=
'.' && strpos($file,
'://') === FALSE)
2141 $file =
'./' . $file;
2143 $file = preg_replace(
'@/\./|(?<!:)\/\/@',
'/', $file);
2144 while(strpos($file,
'/../') !== FALSE)
2146 $file = preg_replace(
'/\/([^\/]+)\/\.\.\//s',
'/', $file, 1);
2161 $file = self::normalizeFilePath($file);
2163 if(strpos($file,
'./') === 0)
2165 $file = $script_path . substr($file, 2);
2167 elseif(strpos($file,
'../') === 0)
2169 $file = self::normalizeFilePath($script_path . $file);
2193 $self = self::getInstance();
2195 $self->oFrontEndFileHandler->loadFile(
$args);
2208 $self = self::getInstance();
2209 $self->oFrontEndFileHandler->unloadFile($file, $targetIe, $media);
2220 $self = self::getInstance();
2221 $self->oFrontEndFileHandler->unloadAllFiles($type);
2237 function addJsFile($file, $optimized = FALSE, $targetie =
'', $index = 0, $type =
'head', $isRuleset = FALSE, $autoPath = null)
2241 if(strpos($file,
'#') !== FALSE)
2243 $file = str_replace(
'#',
'', $file);
2244 if(!is_readable($file))
2250 $validator->setCacheDir(
'files/cache');
2251 $file = $validator->getJsPath();
2254 $self = self::getInstance();
2255 $self->oFrontEndFileHandler->loadFile(array($file, $type, $targetie, $index));
2269 $self = self::getInstance();
2270 $self->oFrontEndFileHandler->unloadFile($file, $targetie);
2280 $self = self::getInstance();
2281 $self->oFrontEndFileHandler->unloadAllFiles(
'js');
2293 $oXmlFilter =
new XmlJSFilter($path, $filename);
2294 $oXmlFilter->compile();
2307 $files = array_values($files);
2308 $filenames = array();
2309 for($i = 0, $c = count($files); $i < $c; ++$i)
2311 if(in_array($files[$i][
'file'], $filenames))
2315 $filenames[] = $files[$i][
'file'];
2329 $self = self::getInstance();
2330 return $self->oFrontEndFileHandler->getJsFileList($type);
2345 function addCSSFile($file, $optimized = FALSE, $media =
'all', $targetie =
'', $index = 0)
2347 $self = self::getInstance();
2348 $self->oFrontEndFileHandler->loadFile(array($file, $media, $targetie, $index));
2361 function unloadCSSFile($file, $optimized = FALSE, $media =
'all', $targetie =
'')
2363 $self = self::getInstance();
2364 $self->oFrontEndFileHandler->unloadFile($file, $targetie, $media);
2374 $self = self::getInstance();
2375 $self->oFrontEndFileHandler->unloadAllFiles(
'css');
2385 $self = self::getInstance();
2386 return $self->oFrontEndFileHandler->getCssFileList();
2396 if($plugin_name ==
'ui.datepicker')
2398 $plugin_name =
'ui';
2401 $plugin_path =
'./common/js/plugins/' . $pluginName .
'/';
2402 $info_file = $plugin_path .
'plugin.load';
2403 if(!is_readable($info_file))
2408 $list =
file($info_file);
2409 $result =
new stdClass();
2410 $result->jsList = array();
2411 $result->cssList = array();
2413 foreach($list as $filename)
2415 $filename = trim($filename);
2421 if(strncasecmp(
'./', $filename, 2) === 0)
2423 $filename = substr($filename, 2);
2426 if(substr_compare($filename,
'.js', -3) === 0)
2428 $result->jsList[] = $plugin_path . $filename;
2430 elseif(substr_compare($filename,
'.css', -4) === 0)
2432 $result->cssList[] = $plugin_path . $filename;
2436 if(is_dir($plugin_path .
'lang'))
2438 $result->langPath = $plugin_path .
'lang';
2451 static $loaded_plugins = array();
2453 $self = self::getInstance();
2454 if($plugin_name ==
'ui.datepicker')
2456 $plugin_name =
'ui';
2459 if($loaded_plugins[$plugin_name])
2463 $loaded_plugins[$plugin_name] = TRUE;
2465 $plugin_path =
'./common/js/plugins/' . $plugin_name .
'/';
2466 $info_file = $plugin_path .
'plugin.load';
2467 if(!is_readable($info_file))
2472 $list =
file($info_file);
2473 foreach($list as $filename)
2475 $filename = trim($filename);
2481 if(strncasecmp(
'./', $filename, 2) === 0)
2483 $filename = substr($filename, 2);
2485 if(substr_compare($filename,
'.js', -3) === 0)
2487 $self->loadFile(array($plugin_path . $filename,
'body',
'', 0), TRUE);
2489 if(substr_compare($filename,
'.css', -4) === 0)
2491 $self->loadFile(array($plugin_path . $filename,
'all',
'', 0), TRUE);
2495 if(is_dir($plugin_path .
'lang'))
2497 $self->loadLang($plugin_path .
'lang');
2509 $self = self::getInstance();
2510 $self->html_header .=
"\n" . $header;
2515 $self = self::getInstance();
2516 $self->html_header =
'';
2526 $self = self::getInstance();
2527 return $self->html_header;
2537 $self = self::getInstance();
2538 $self->body_class[] = $class_name;
2548 $self = self::getInstance();
2549 $self->body_class = array_unique($self->body_class);
2551 return (count($self->body_class) > 0) ? sprintf(
' class="%s"', join(
' ', $self->body_class)) :
'';
2561 $self = self::getInstance();
2562 $self->body_header .=
"\n" . $header;
2572 $self = self::getInstance();
2573 return $self->body_header;
2583 $self = self::getInstance();
2584 $self->html_footer .= ($self->Htmlfooter ?
"\n" :
'') . $footer;
2594 $self = self::getInstance();
2595 return $self->html_footer;
2605 return _XE_PATH_ .
'files/config/db.config.php';
2615 return _XE_PATH_ .
'files/config/ftp.config.php';
2659 $path = strtr($path,
"\\",
"/");
2661 $base_url = preg_replace(
'@^https?://[^/]+/?@',
'', self::getRequestUri());
2663 $_xe = explode(
'/', $xe);
2664 $_path = explode(
'/', $path);
2665 $_base = explode(
'/', $base_url);
2667 if(!$_base[count($_base) - 1])
2672 foreach($_xe as $idx => $dir)
2674 if($_path[0] != $dir)
2678 array_shift($_path);
2681 $idx = count($_xe) - $idx - 1;
2684 if(count($_base) > 0)
2686 array_shift($_base);
2690 array_unshift($_base,
'..');
2694 if(count($_base) > 0)
2696 array_unshift($_path, join(
'/', $_base));
2699 $path =
'/' . join(
'/', $_path);
2700 if(substr_compare($path,
'/', -1) !== 0)
2713 $self = self::getInstance();
2715 if(!is_array($self->meta_tags))
2717 $self->meta_tags = array();
2721 foreach($self->meta_tags as $key => $val)
2723 list($name, $is_http_equiv) = explode(
"\t", $key);
2724 $ret[] = array(
'name' => $name,
'is_http_equiv' => $is_http_equiv,
'content' => $val);
2740 $self = self::getInstance();
2741 $self->meta_tags[$name .
"\t" . ($is_http_equiv ?
'1' :
'0')] = $content;
getUrl($num_args=0, $args_list=array(), $domain=null, $encode=TRUE, $autoEncode=FALSE)
getController($module_name)
unloadFile($file, $targetIe= '', $media= 'all')
setRequestMethod($type= '')
if(file_exists(_XE_PATH_. 'config/config.user.inc.php')) if(!defined('__DEBUG__')) if(!defined('__DEBUG_OUTPUT__')) if(!defined('__DEBUG_PROTECT__')) if(!defined('__DEBUG_PROTECT_IP__')) if(!defined('__DEBUG_DB_OUTPUT__')) if(!defined('__LOG_SLOW_QUERY__')) if(!defined('__LOG_SLOW_TRIGGER__')) if(!defined('__LOG_SLOW_ADDON__')) if(!defined('__LOG_SLOW_WIDGET__')) if(!defined('__DEBUG_QUERY__')) if(!defined('__OB_GZHANDLER_ENABLE__')) if(!defined('__ENABLE_PHPUNIT_TEST__')) if(!defined('__PROXY_SERVER__')) if(!defined('__ERROR_LOG__')) if(!defined('__DISABLE_DEFAULT_CSS__')) if(!defined('__AUTO_OPCACHE_INVALIDATE__')) if((__DEBUG_OUTPUT__==2)&&version_compare(PHP_VERSION, '6.0.0')===-1) if(version_compare(PHP_VERSION, '5.3.0') >=0) $GLOBALS['__xe_autoload_file_map']
set($key, $val, $set_to_get_vars=0)
unloadCSSFile($file, $optimized=FALSE, $media= 'all', $targetie= '')
static checkSignature($string, $signature)
Check whether a signature is valid.
writeFile($filename, $buff, $mode="w")
_filterRequestVar($key, $val, $do_stripslashes=true, $remove_hack=false)
setBrowserTitle($site_title)
$oContext
Include the necessary configuration files.
filter($ip_list, $ip=NULL)
addSSLActions($action_array)
loadJavascriptPlugin($plugin_name)
checkConvertFlag(&$val, $key=null, $charset=null)
moveFile($source, $target)
subtractSSLAction($action)
setLangType($lang_type= 'ko')
addJsFile($file, $optimized=FALSE, $targetie= '', $index=0, $type= 'head', $isRuleset=FALSE, $autoPath=null)
addCSSFile($file, $optimized=FALSE, $media= 'all', $targetie= '', $index=0)
addBrowserTitle($site_title)
convertEncoding($source_obj)
getRequestUri($ssl_mode=FOLLOW_REQUEST_SSL, $domain=null)
getJavascriptPluginInfo($pluginName)
addBodyClass($class_name)
doConvertEncoding(&$val, $key=null, $charset)
_getUniqueFileList($files)
setResponseMethod($method= 'HTML')
addJsFilter($path, $filename)
_setJSONRequestArgument()
static createSignature($string)
Create a digital signature to verify the authenticity of a string.
_filterXmlVars($key, $val)
escape($str, $double_escape=true, $escape_defined_lang_code=false)
addMetaTag($name, $content, $is_http_equiv=FALSE)
unloadJsFile($file, $optimized=FALSE, $targetie= '')
static detectingXEE($xml)
check XML External Entity
static check($file, $filename=null)
isExistsSSLAction($action)
unloadAllFiles($type= 'all')