web/public_php/ams/index.php

   1 <?php
   2 /**
   3  * Core that runs the entire system.
   4  * The index.php page handles:
   5  * -# checks what page to load
   6  * -# if a $_POST['function'] is set try to execute that function in the matching php file located in the func folder.
   7  * -# else load the inc's folder matching function related to the page
   8  * -# set the permission and other smarty related settings
   9  * -# call the helper function to load the page.
  10  *
  11  * @author Daan Janssens, mentored by Matthew Lagoe
  12  */
  13
  14 // load required pages and turn error reporting on/off
  15 error_reporting( E_ALL );
  16 ini_set( 'display_errors', 'on' );
  17
  18 class SystemExit extends Exception {}
  19 try {
  20
  21 if (!file_exists('../role_support')) {
  22         header("Cache-Control: max-age=1");
  23         header('Location: ../setup?reason=no_role_support&from=ams', true, 303);
  24         throw new SystemExit();
  25 }
  26
  27 require( '../config.php' );
  28
  29 if ($NEL_SETUP_VERSION_CONFIGURED < $NEL_SETUP_VERSION) {
  30         header("Cache-Control: max-age=1");
  31         header('Location: ../setup?reason=upgrade&from=ams', true, 303);
  32         throw new SystemExit();
  33 }
  34
  35 require_once( $AMS_LIB . '/libinclude.php' );
  36 session_cache_limiter('nocache');
  37 session_start();
  38 header("Expires: Mon, 01 May 2000 06:00:00 GMT");
  39 header("Last-Modified: ". gmdate("D, d M Y H:i:s") ." GMT");
  40 header("Cache-Control: max-age=1");
  41 header("Cache-Control: no-store, no-cache, must-revalidate");
  42 header("Cache-Control: post-check=0, pre-check=0", false);
  43 header("Pragma: no-cache");
  44
  45 // Running Cron
  46 if ( isset( $_GET["cron"] ) ) {
  47     if ( $_GET["cron"] == "true" ) {
  48         Sync :: syncdata( false );
  49          }
  50     }
  51
  52 // Always try to sync on page load, ie "lazy" cron
  53 Sync :: syncdata( false );
  54
  55 // Decide what page to load
  56 if ( ! isset( $_GET["page"] ) ) {
  57
  58     if ( isset( $_SESSION['user'] ) ) {
  59         if ( Ticket_User :: isMod( unserialize( $_SESSION['ticket_user'] ) ) ) {
  60             $page = 'dashboard';
  61              } else {
  62             $page = 'show_user';
  63              }
  64         } else {
  65         // default page
  66         $page = 'login';
  67          }
  68     } else {
  69         // if the session exists load page with $_GET requests
  70     if ( isset( $_SESSION['user'] ) ) {
  71         $page = $_GET["page"];
  72          } else {
  73         switch ( $_GET["page"] ) {
  74         case 'register':
  75              $page = 'register';
  76              break;
  77          case 'forgot_password':
  78              $page = 'forgot_password';
  79              break;
  80          case 'reset_password':
  81              $page = 'reset_password';
  82              break;
  83          case 'error':
  84              $page = 'error';
  85              break;
  86          default:
  87              $page = 'login';
  88              break;
  89              }
  90         }
  91     }
  92
  93 // check if ingame & page= register
  94 // this is needed because the ingame register can't send a hidden $_POST["function"]
  95 if ( Helpers :: check_if_game_client() && ( $page == "register" ) ) {
  96     require( "func/add_user.php" );
  97      $return = add_user();
  98     }
  99
 100 // perform an action in case one is specified
 101 // else check if a php page is included in the inc folder, else just set page to the get param
 102 if ( isset( $_POST["function"] ) ) {
 103     require( "func/" . $_POST["function"] . ".php" );
 104      $return = $_POST["function"]();
 105     } else if ( isset( $_GET["action"] ) ) {
 106     require( "func/" . $_GET["action"] . ".php" );
 107      $return = $_GET["action"]();
 108     } else {
 109     $filename = 'inc/' . $page . '.php';
 110      //check if this  is a file
 111      if ( is_file( $filename ) ) {
 112         require_once( $filename );
 113          $return = $page();
 114          }
 115     }
 116
 117 // add username to the return array in case logged in.
 118 if ( isset( $_SESSION['user'] ) ) {
 119     $return['username'] = $_SESSION['user'];
 120     }
 121
 122 // Set permission
 123 if ( isset( $_SESSION['ticket_user'] ) ) {
 124     $return['permission'] = unserialize( $_SESSION['ticket_user'] ) -> getPermission();
 125     } else {
 126     // default permission
 127     $return['permission'] = 0;
 128     }
 129
 130 // hide sidebar + topbar in case of login/register
 131 if ( $page == 'login' || $page == 'register' || $page == 'logout' || $page == 'forgot_password' || $page == 'reset_password' ) {
 132     $return['no_visible_elements'] = 'TRUE';
 133     } else {
 134     $return['no_visible_elements'] = 'FALSE';
 135     }
 136
 137 // handle error page
 138 if ( $page == 'error' ) {
 139     $return['permission'] = 0;
 140      $return['no_visible_elements'] = 'FALSE';
 141     }
 142
 143 // call to load hooks for the active plugins
 144 $hook_content = Plugincache :: loadHooks();
 145 foreach( $hook_content as $key => $value )
 146  {
 147     $return[$key] = $value;
 148      }
 149
 150 // load the template with the variables in the $return array
 151 helpers :: loadTemplate( $page , $return );
 152
 153 }
 154 catch (SystemExit $e) { /* do nothing */ }