2009-08-27 12:48:09 +00:00
|
|
|
<?php
|
2010-02-10 11:27:44 +00:00
|
|
|
/*
|
|
|
|
|
This file is part of myTinyTodo.
|
2020-08-13 18:41:44 +00:00
|
|
|
(C) Copyright 2009-2010,2020 Max Pozdeev <maxpozdeev@gmail.com>
|
2014-01-28 12:38:06 +00:00
|
|
|
Licensed under the GNU GPL v2 license. See file COPYRIGHT for details.
|
2010-02-10 11:27:44 +00:00
|
|
|
*/
|
2009-08-27 12:48:09 +00:00
|
|
|
|
2020-08-19 18:24:25 +00:00
|
|
|
define('MTT_VERSION', '@VERSION');
|
|
|
|
|
|
2021-07-26 18:57:30 +00:00
|
|
|
##### MyTinyTodo requires php 7.0 and above! #####
|
|
|
|
|
if (version_compare(PHP_VERSION, '7.0.0') < 0) {
|
|
|
|
|
die("PHP 7.0+ is required");
|
2020-08-13 18:41:44 +00:00
|
|
|
}
|
|
|
|
|
|
2010-02-06 17:35:39 +00:00
|
|
|
if(!defined('MTTPATH')) define('MTTPATH', dirname(__FILE__) .'/');
|
2020-09-04 11:26:28 +00:00
|
|
|
if(!defined('MTTINC')) define('MTTINC', MTTPATH. 'includes/');
|
2020-09-18 20:02:45 +00:00
|
|
|
if(!defined('MTTCONTENT')) define('MTTCONTENT', MTTPATH. 'content/');
|
|
|
|
|
if(!defined('MTTLANG')) define('MTTLANG', MTTCONTENT. 'lang/');
|
2020-09-18 20:10:39 +00:00
|
|
|
if(!defined('MTTTHEMES')) define('MTTTHEMES', MTTCONTENT. 'themes/');
|
2010-02-06 17:35:39 +00:00
|
|
|
|
2021-07-24 15:16:16 +00:00
|
|
|
if (getenv('MTT_ENABLE_DEBUG') == 'YES') {
|
|
|
|
|
define('MTT_DEBUG', true);
|
|
|
|
|
error_reporting(E_ALL);
|
|
|
|
|
ini_set('display_errors', '1');
|
|
|
|
|
ini_set('log_errors', '1');
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
//ini_set('display_errors', '0');
|
|
|
|
|
//ini_set('log_errors', '1');
|
|
|
|
|
define('MTT_DEBUG', false);
|
|
|
|
|
}
|
|
|
|
|
|
2020-09-04 11:45:24 +00:00
|
|
|
require_once(MTTINC. 'common.php');
|
2021-07-25 16:20:24 +00:00
|
|
|
require_once(MTTINC. 'class.config.php');
|
2010-02-06 17:35:39 +00:00
|
|
|
require_once(MTTPATH. 'db/config.php');
|
2009-08-27 12:48:09 +00:00
|
|
|
|
2009-11-30 17:59:16 +00:00
|
|
|
if(!isset($config)) global $config;
|
|
|
|
|
Config::loadConfig($config);
|
|
|
|
|
unset($config);
|
|
|
|
|
|
2010-10-25 06:45:04 +00:00
|
|
|
date_default_timezone_set(Config::get('timezone'));
|
|
|
|
|
|
2009-08-27 12:48:09 +00:00
|
|
|
# MySQL Database Connection
|
2021-07-24 21:10:27 +00:00
|
|
|
if (Config::get('db') == 'mysql')
|
2009-08-27 12:48:09 +00:00
|
|
|
{
|
2021-07-24 21:10:27 +00:00
|
|
|
if (Config::get('mysqli')) require_once(MTTINC. 'class.db.mysqli.php');
|
|
|
|
|
else require_once(MTTINC. 'class.db.mysql.php');
|
2010-10-25 06:45:04 +00:00
|
|
|
$db = DBConnection::init(new Database_Mysql);
|
2019-06-29 16:01:40 +00:00
|
|
|
try {
|
2021-07-26 16:13:57 +00:00
|
|
|
$db->connect( array(
|
|
|
|
|
'host' => Config::get('mysql.host'),
|
|
|
|
|
'user' => Config::get('mysql.user'),
|
|
|
|
|
'password' => Config::get('mysql.password'),
|
|
|
|
|
'db' => Config::get('mysql.db')
|
|
|
|
|
));
|
2019-06-29 16:01:40 +00:00
|
|
|
}
|
|
|
|
|
catch(Exception $e) {
|
2021-07-24 15:16:16 +00:00
|
|
|
logAndDie("Failed to connect to mysql database: ". $e->getMessage());
|
2019-06-29 16:01:40 +00:00
|
|
|
}
|
2009-08-27 12:48:09 +00:00
|
|
|
$db->dq("SET NAMES utf8");
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-26 14:34:48 +00:00
|
|
|
# SQLite3 Database
|
2010-04-29 09:38:08 +00:00
|
|
|
elseif(Config::get('db') == 'sqlite')
|
2009-08-27 12:48:09 +00:00
|
|
|
{
|
2020-09-04 11:42:07 +00:00
|
|
|
require_once(MTTINC. 'class.db.sqlite3.php');
|
2010-10-25 06:45:04 +00:00
|
|
|
$db = DBConnection::init(new Database_Sqlite3);
|
2021-07-26 16:13:57 +00:00
|
|
|
$db->connect( array( 'filename' => MTTPATH. 'db/todolist.db' ) );
|
2009-08-27 12:48:09 +00:00
|
|
|
}
|
2010-04-29 09:38:08 +00:00
|
|
|
else {
|
|
|
|
|
# It seems not installed
|
|
|
|
|
die("Not installed. Run <a href=setup.php>setup.php</a> first.");
|
|
|
|
|
}
|
2021-07-26 14:34:48 +00:00
|
|
|
DBConnection::setPrefix(Config::get('prefix'));
|
2009-08-27 12:48:09 +00:00
|
|
|
|
2020-09-20 13:46:07 +00:00
|
|
|
//User can override language setting by cookies or query
|
|
|
|
|
$forceLang = '';
|
|
|
|
|
if( isset($_COOKIE['lang']) ) $forceLang = $_COOKIE['lang'];
|
2020-09-24 16:21:13 +00:00
|
|
|
//else if ( isset($_GET['lang']) ) $forceLang = $_GET['lang'];
|
2020-09-20 13:46:07 +00:00
|
|
|
|
2020-09-24 16:21:13 +00:00
|
|
|
if ( $forceLang != '' && preg_match("/^[a-z-]+$/i", $forceLang) ) {
|
|
|
|
|
Config::set('lang', $forceLang); //TODO: special for demo, do not change config
|
2011-05-30 14:44:56 +00:00
|
|
|
}
|
|
|
|
|
|
2020-09-04 11:26:28 +00:00
|
|
|
require_once(MTTINC. 'class.lang.php');
|
2020-09-24 16:21:13 +00:00
|
|
|
Lang::loadLang( Config::get('lang') );
|
2009-08-27 12:48:09 +00:00
|
|
|
|
2010-02-10 11:27:44 +00:00
|
|
|
$_mttinfo = array();
|
|
|
|
|
|
2020-09-08 11:37:29 +00:00
|
|
|
if (need_auth() && !isset($dontStartSession))
|
2009-08-27 12:48:09 +00:00
|
|
|
{
|
2009-11-30 17:59:16 +00:00
|
|
|
if(Config::get('session') == 'files')
|
2009-08-27 12:48:09 +00:00
|
|
|
{
|
2010-06-08 14:34:58 +00:00
|
|
|
session_save_path(MTTPATH. 'tmp/sessions');
|
2009-08-27 12:48:09 +00:00
|
|
|
ini_set('session.gc_maxlifetime', '1209600'); # 14 days session file minimum lifetime
|
|
|
|
|
ini_set('session.gc_probability', 1);
|
|
|
|
|
ini_set('session.gc_divisor', 10);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ini_set('session.use_cookies', true);
|
|
|
|
|
ini_set('session.use_only_cookies', true);
|
2020-09-12 14:02:15 +00:00
|
|
|
session_set_cookie_params(1209600, url_dir(Config::get('url')=='' ? getRequestUri() : Config::getUrl('url'))); # 14 days session cookie lifetime
|
2010-02-07 13:26:11 +00:00
|
|
|
session_name('mtt-session');
|
2009-08-27 12:48:09 +00:00
|
|
|
session_start();
|
|
|
|
|
}
|
|
|
|
|
|
2020-09-08 11:37:29 +00:00
|
|
|
function need_auth()
|
|
|
|
|
{
|
|
|
|
|
return (Config::get('password') != '') ? 1 : 0;
|
|
|
|
|
}
|
|
|
|
|
|
2009-08-27 12:48:09 +00:00
|
|
|
function is_logged()
|
|
|
|
|
{
|
2020-09-08 11:37:29 +00:00
|
|
|
if ( !need_auth() ) return true;
|
|
|
|
|
if ( isset($_SESSION['logged']) && $_SESSION['logged'] ) return true;
|
|
|
|
|
return false;
|
2009-08-27 12:48:09 +00:00
|
|
|
}
|
|
|
|
|
|
2010-12-15 11:50:04 +00:00
|
|
|
function is_readonly()
|
|
|
|
|
{
|
2020-09-08 11:50:06 +00:00
|
|
|
if ( !is_logged() ) return true;
|
2010-12-15 11:50:04 +00:00
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2010-10-25 06:45:04 +00:00
|
|
|
function timestampToDatetime($timestamp)
|
2009-11-13 12:38:55 +00:00
|
|
|
{
|
2009-11-30 17:59:16 +00:00
|
|
|
$format = Config::get('dateformat') .' '. (Config::get('clock') == 12 ? 'g:i A' : 'H:i');
|
2010-10-25 06:45:04 +00:00
|
|
|
return formatTime($format, $timestamp);
|
2009-12-15 14:49:32 +00:00
|
|
|
}
|
|
|
|
|
|
2010-10-25 06:45:04 +00:00
|
|
|
function formatTime($format, $timestamp=0)
|
2009-12-15 14:49:32 +00:00
|
|
|
{
|
2010-02-07 13:26:11 +00:00
|
|
|
$lang = Lang::instance();
|
2009-12-15 14:49:32 +00:00
|
|
|
if($timestamp == 0) $timestamp = time();
|
2009-11-13 12:38:55 +00:00
|
|
|
$newformat = strtr($format, array('F'=>'%1', 'M'=>'%2'));
|
2010-10-25 06:45:04 +00:00
|
|
|
$adate = explode(',', date('n,'.$newformat, $timestamp), 2);
|
2009-11-13 12:38:55 +00:00
|
|
|
$s = $adate[1];
|
|
|
|
|
if($newformat != $format)
|
|
|
|
|
{
|
|
|
|
|
$am = (int)$adate[0];
|
|
|
|
|
$ml = $lang->get('months_long');
|
|
|
|
|
$ms = $lang->get('months_short');
|
|
|
|
|
$F = $ml[$am-1];
|
|
|
|
|
$M = $ms[$am-1];
|
|
|
|
|
$s = strtr($s, array('%1'=>$F, '%2'=>$M));
|
|
|
|
|
}
|
|
|
|
|
return $s;
|
|
|
|
|
}
|
|
|
|
|
|
2010-02-10 11:27:44 +00:00
|
|
|
function _e($s)
|
|
|
|
|
{
|
|
|
|
|
echo Lang::instance()->get($s);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function __($s)
|
|
|
|
|
{
|
|
|
|
|
return Lang::instance()->get($s);
|
|
|
|
|
}
|
|
|
|
|
|
2020-09-12 14:02:15 +00:00
|
|
|
function mttinfo($v, $escape = true)
|
2010-02-10 11:27:44 +00:00
|
|
|
{
|
2020-09-12 14:02:15 +00:00
|
|
|
echo $escape ? get_mttinfo($v) : get_unsafe_mttinfo($v);
|
2010-02-10 11:27:44 +00:00
|
|
|
}
|
|
|
|
|
|
2020-09-12 14:02:15 +00:00
|
|
|
/*
|
|
|
|
|
* Returned values from get_unsafe_mttinfo() can be unsafe for html.
|
|
|
|
|
* But '\r' and '\n' in URLs taken from config are removed.
|
|
|
|
|
*/
|
|
|
|
|
function get_unsafe_mttinfo($v)
|
2010-02-10 11:27:44 +00:00
|
|
|
{
|
2010-07-18 17:28:21 +00:00
|
|
|
global $_mttinfo;
|
2020-08-19 07:42:31 +00:00
|
|
|
if (isset($_mttinfo[$v])) {
|
|
|
|
|
return $_mttinfo[$v];
|
|
|
|
|
}
|
2010-02-10 11:27:44 +00:00
|
|
|
switch($v)
|
|
|
|
|
{
|
|
|
|
|
case 'template_url':
|
2020-09-18 20:10:39 +00:00
|
|
|
$_mttinfo['template_url'] = get_unsafe_mttinfo('mtt_url'). 'content/themes/'. Config::get('template') . '/';
|
2010-02-10 11:27:44 +00:00
|
|
|
return $_mttinfo['template_url'];
|
2020-09-04 12:01:10 +00:00
|
|
|
case 'includes_url':
|
2020-09-12 14:02:15 +00:00
|
|
|
$_mttinfo['includes_url'] = get_unsafe_mttinfo('mtt_url'). 'includes/';
|
2020-09-04 12:01:10 +00:00
|
|
|
return $_mttinfo['includes_url'];
|
2010-02-10 11:27:44 +00:00
|
|
|
case 'url':
|
2020-10-05 15:16:20 +00:00
|
|
|
/* full url to homepage: directory with root index.php or custom index file in the root. */
|
|
|
|
|
/* ex: http://my.site/mytinytodo/ or https://my.site/mytinytodo/home_for_2nd_theme.php */
|
|
|
|
|
/* Should not contain a query string. Have to be set in config if custom port is used or wrong detection. */
|
|
|
|
|
$_mttinfo['url'] = Config::getUrl('url');
|
2020-08-19 07:42:31 +00:00
|
|
|
if ($_mttinfo['url'] == '') {
|
2020-09-30 18:24:28 +00:00
|
|
|
$is_https = (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') ? true : false;
|
|
|
|
|
$_mttinfo['url'] = ($is_https ? 'https://' : 'http://'). $_SERVER['HTTP_HOST']. url_dir(getRequestUri());
|
2020-08-19 07:42:31 +00:00
|
|
|
}
|
2010-02-10 11:27:44 +00:00
|
|
|
return $_mttinfo['url'];
|
|
|
|
|
case 'mtt_url':
|
2020-10-05 15:16:20 +00:00
|
|
|
/* Directory with ajax.php. No need to set if you use default directory structure. */
|
2020-09-12 14:02:15 +00:00
|
|
|
$_mttinfo['mtt_url'] = Config::getUrl('mtt_url'); // need to have a trailing slash
|
2020-08-19 07:42:31 +00:00
|
|
|
if ($_mttinfo['mtt_url'] == '') {
|
2020-10-05 15:16:20 +00:00
|
|
|
$_mttinfo['mtt_url'] = url_dir( get_unsafe_mttinfo('url'), 0 );
|
2020-08-19 07:42:31 +00:00
|
|
|
}
|
2010-02-10 11:27:44 +00:00
|
|
|
return $_mttinfo['mtt_url'];
|
|
|
|
|
case 'title':
|
2020-09-12 14:02:15 +00:00
|
|
|
$_mttinfo['title'] = (Config::get('title') != '') ? Config::get('title') : __('My Tiny Todolist');
|
2010-02-10 11:27:44 +00:00
|
|
|
return $_mttinfo['title'];
|
2020-08-19 18:24:25 +00:00
|
|
|
case 'version':
|
2020-09-27 15:38:33 +00:00
|
|
|
if (MTT_VERSION != '@'.'VERSION') {
|
2020-08-19 18:24:25 +00:00
|
|
|
$_mttinfo['version'] = MTT_VERSION;
|
|
|
|
|
return $_mttinfo['version'];
|
|
|
|
|
}
|
2020-08-21 12:58:10 +00:00
|
|
|
return time(); //force no-cache for dev needs
|
2010-02-10 11:27:44 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-09-12 14:02:15 +00:00
|
|
|
function get_mttinfo($v)
|
|
|
|
|
{
|
|
|
|
|
return htmlspecialchars( get_unsafe_mttinfo($v) );
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-05 15:16:20 +00:00
|
|
|
function reset_mttinfo($key)
|
|
|
|
|
{
|
|
|
|
|
global $_mttinfo;
|
|
|
|
|
unset( $_mttinfo[$key] );
|
|
|
|
|
}
|
|
|
|
|
|
2020-09-12 13:17:43 +00:00
|
|
|
function getRequestUri()
|
|
|
|
|
{
|
|
|
|
|
// Do not use HTTP_X_REWRITE_URL due to CVE-2018-14773
|
|
|
|
|
// SCRIPT_NAME or PATH_INFO ?
|
|
|
|
|
if (isset($_SERVER['REQUEST_URI'])) {
|
|
|
|
|
return $_SERVER['REQUEST_URI'];
|
|
|
|
|
}
|
|
|
|
|
else if (isset($_SERVER['ORIG_PATH_INFO'])) // IIS 5.0 CGI
|
|
|
|
|
{
|
|
|
|
|
$uri = $_SERVER['ORIG_PATH_INFO']; //has no query
|
|
|
|
|
if (!empty($_SERVER['QUERY_STRING'])) $uri .= '?'. $_SERVER['QUERY_STRING'];
|
|
|
|
|
return $uri;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2011-03-02 12:40:29 +00:00
|
|
|
function jsonExit($data)
|
|
|
|
|
{
|
|
|
|
|
header('Content-type: application/json; charset=utf-8');
|
|
|
|
|
echo json_encode($data);
|
|
|
|
|
exit;
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-24 15:16:16 +00:00
|
|
|
function logAndDie($userText, $errText = null)
|
2019-06-29 16:05:48 +00:00
|
|
|
{
|
|
|
|
|
$errText === null ? error_log($userText) : error_log($errText);
|
2021-07-24 15:16:16 +00:00
|
|
|
if (ini_get('display_errors')) {
|
|
|
|
|
echo $userText;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
echo "Error! See details in error log.";
|
|
|
|
|
}
|
2019-06-29 16:05:48 +00:00
|
|
|
exit(1);
|
|
|
|
|
}
|
|
|
|
|
|
2009-08-27 12:48:09 +00:00
|
|
|
?>
|