WebSVN – oidplus – Blame – /trunk/includes/classes/OIDplus.class.php

Rev	Author	Line No.	Line
2	daniel-mar	1	<?php
		2
		3	/*
		4	* OIDplus 2.0
778	daniel-mar	5	* Copyright 2019 - 2022 Daniel Marschall, ViaThinkSoft
2	daniel-mar	6	*
		7	* Licensed under the Apache License, Version 2.0 (the "License");
		8	* you may not use this file except in compliance with the License.
		9	* You may obtain a copy of the License at
		10	*
		11	* http://www.apache.org/licenses/LICENSE-2.0
		12	*
		13	* Unless required by applicable law or agreed to in writing, software
		14	* distributed under the License is distributed on an "AS IS" BASIS,
		15	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
		16	* See the License for the specific language governing permissions and
		17	* limitations under the License.
		18	*/
		19
1050	daniel-mar	20	namespace ViaThinkSoft\OIDplus;
511	daniel-mar	21
730	daniel-mar	22	class OIDplus extends OIDplusBaseClass {
281	daniel-mar	23	private static /OIDplusPagePlugin[]/ $pagePlugins = array();
		24	private static /OIDplusAuthPlugin[]/ $authPlugins = array();
289	daniel-mar	25	private static /OIDplusLoggerPlugin[]/ $loggerPlugins = array();
227	daniel-mar	26	private static /OIDplusObjectTypePlugin[]/ $objectTypePlugins = array();
		27	private static /string[]/ $enabledObjectTypes = array();
		28	private static /string[]/ $disabledObjectTypes = array();
		29	private static /OIDplusDatabasePlugin[]/ $dbPlugins = array();
702	daniel-mar	30	private static /OIDplusCaptchaPlugin[]/ $captchaPlugins = array();
274	daniel-mar	31	private static /OIDplusSqlSlangPlugin[]/ $sqlSlangPlugins = array();
355	daniel-mar	32	private static /OIDplusLanguagePlugin[]/ $languagePlugins = array();
449	daniel-mar	33	private static /OIDplusDesignPlugin[]/ $designPlugins = array();
2	daniel-mar	34
280	daniel-mar	35	protected static $html = true;
236	daniel-mar	36
812	daniel-mar	37	/public/ const PATH_RELATIVE = 1; // e.g. "../"
		38	/public/ const PATH_ABSOLUTE = 2; // e.g. "http://www.example.com/oidplus/"
		39	/public/ const PATH_ABSOLUTE_CANONICAL = 3; // e.g. "http://www.example.org/oidplus/" (if baseconfig CANONICAL_SYSTEM_URL is set)
		40	/public/ const PATH_RELATIVE_TO_ROOT = 4; // e.g. "/oidplus/"
		41	/public/ const PATH_RELATIVE_TO_ROOT_CANONICAL = 5; // e.g. "/oidplus/" (if baseconfig CANONICAL_SYSTEM_URL is set)
801	daniel-mar	42
778	daniel-mar	43	// These plugin types can contain HTML code and therefore may
		44	// emit (non-setup) CSS/JS code via their manifest.
		45	/public/ const INTERACTIVE_PLUGIN_TYPES = array(
		46	'publicPages',
		47	'raPages',
		48	'adminPages',
		49	'objectTypes',
		50	'captcha'
		51	);
		52
2	daniel-mar	53	private function __construct() {
		54	}
295	daniel-mar	55
1068	daniel-mar	56	private static function insideSetup(): bool {
		57	if (PHP_SAPI == 'cli') return false;
		58	if (!isset($_SERVER['REQUEST_URI'])) return false;
1055	daniel-mar	59	return (strpos($_SERVER['REQUEST_URI'], OIDplus::webpath(null,OIDplus::PATH_RELATIVE_TO_ROOT).'setup/') === 0);
		60	}
		61
1050	daniel-mar	62	// --- Static classes
274	daniel-mar	63
263	daniel-mar	64	private static $baseConfig = null;
1050	daniel-mar	65	private static $oldConfigFormatLoaded = false;
261	daniel-mar	66	public static function baseConfig() {
263	daniel-mar	67	$first_init = false;
274	daniel-mar	68
263	daniel-mar	69	if ($first_init = is_null(self::$baseConfig)) {
		70	self::$baseConfig = new OIDplusBaseConfig();
261	daniel-mar	71	}
		72
1055	daniel-mar	73	if (self::insideSetup()) return self::$baseConfig;
		74	if ((basename($_SERVER['SCRIPT_NAME']) === 'oidplus.min.js.php') && isset($_REQUEST['noBaseConfig']) && ($_REQUEST['noBaseConfig'] == '1')) return self::$baseConfig;
		75	if ((basename($_SERVER['SCRIPT_NAME']) === 'oidplus.min.css.php') && isset($_REQUEST['noBaseConfig']) && ($_REQUEST['noBaseConfig'] == '1')) return self::$baseConfig;
		76
263	daniel-mar	77	if ($first_init) {
261	daniel-mar	78	// Include a file containing various size/depth limitations of OIDs
294	daniel-mar	79	// It is important to include it before userdata/baseconfig/config.inc.php was included,
		80	// so we can give userdata/baseconfig/config.inc.php the chance to override the values.
261	daniel-mar	81
496	daniel-mar	82	include OIDplus::localpath().'includes/oidplus_limits.inc.php';
261	daniel-mar	83
		84	// Include config file
295	daniel-mar	85
496	daniel-mar	86	$config_file = OIDplus::localpath() . 'userdata/baseconfig/config.inc.php';
		87	$config_file_old = OIDplus::localpath() . 'includes/config.inc.php'; // backwards compatibility
295	daniel-mar	88
294	daniel-mar	89	if (!file_exists($config_file) && file_exists($config_file_old)) {
		90	$config_file = $config_file_old;
		91	}
261	daniel-mar	92
294	daniel-mar	93	if (file_exists($config_file)) {
1050	daniel-mar	94	if (self::$oldConfigFormatLoaded) {
263	daniel-mar	95	// Note: We may only include it once due to backwards compatibility,
		96	// since in version 2.0, the configuration was defined using define() statements
		97	// Attention: This does mean that a full re-init (e.g. for test cases) is not possible
		98	// if a version 2.0 config is used!
1050	daniel-mar	99
		100	// We need to do this, because define() cannot be undone
		101	// Note: This can only happen in very special cases (e.g. test cases) where you call init() twice
		102	throw new OIDplusConfigInitializationException(_L('A full re-initialization is not possible if a version 2.0 config file (containing "defines") is used. Please update to a config 2.1 file by running setup again.'));
263	daniel-mar	103	} else {
1050	daniel-mar	104	$tmp = file_get_contents($config_file);
		105	$ns = "ViaThinkSoft\OIDplus\OIDplus";
		106	$uses = "use $ns;";
		107	if ((strpos($tmp,'OIDplus::') !== false) && (strpos($tmp,$uses) === false)) {
		108	// Migrate config file to namespace class names
		109	// Note: Only config files version 2.1 are affected. Not 2.0 ones
		110
		111	$tmp = "<?php\r\n\r\n$uses /* Automatically added by migration procedure */\r\n?>$tmp";
		112	$tmp = str_replace('?><?php', '', $tmp);
		113
		114	$tmp = str_replace("\$ns\OIDplusCaptchaPluginRecaptcha::", "OIDplusCaptchaPluginRecaptcha::", $tmp);
		115	$tmp = str_replace("OIDplusCaptchaPluginRecaptcha::", "\$ns\OIDplusCaptchaPluginRecaptcha::", $tmp);
		116
		117	$tmp = str_replace('DISABLE_PLUGIN_OIDplusPagePublicRdap',
		118	'DISABLE_PLUGIN_Frdlweb\OIDplus\OIDplusPagePublicRdap', $tmp);
		119	$tmp = str_replace('DISABLE_PLUGIN_OIDplusPagePublicAltIds',
		120	'DISABLE_PLUGIN_Frdlweb\OIDplus\OIDplusPagePublicAltIds', $tmp);
1051	daniel-mar	121	$tmp = str_replace('DISABLE_PLUGIN_OIDplusPagePublicUITweaks',
		122	'DISABLE_PLUGIN_TushevOrg\OIDplus\OIDplusPagePublicUITweaks', $tmp);
1050	daniel-mar	123	$tmp = str_replace('DISABLE_PLUGIN_OIDplus',
		124	'DISABLE_PLUGIN_ViaThinkSoft\OIDplus\OIDplus', $tmp);
		125
		126	if (@file_put_contents($config_file, $tmp) === false) {
		127	eval('?>'.$tmp);
		128	} else {
		129	include $config_file;
		130	}
		131	} else {
		132	include $config_file;
		133	}
263	daniel-mar	134	}
261	daniel-mar	135
1055	daniel-mar	136	// Backwards compatibility 2.0 => 2.1
261	daniel-mar	137	if (defined('OIDPLUS_CONFIG_VERSION') && (OIDPLUS_CONFIG_VERSION == 2.0)) {
1050	daniel-mar	138	self::$oldConfigFormatLoaded = true;
261	daniel-mar	139	foreach (get_defined_constants(true)['user'] as $name => $value) {
		140	$name = str_replace('OIDPLUS_', '', $name);
		141	if ($name == 'SESSION_SECRET') $name = 'SERVER_SECRET';
		142	if ($name == 'MYSQL_QUERYLOG') $name = 'QUERY_LOGFILE';
1050	daniel-mar	143	$name = str_replace('DISABLE_PLUGIN_OIDplusPagePublicRdap',
		144	'DISABLE_PLUGIN_Frdlweb\OIDplus\OIDplusPagePublicRdap', $name);
		145	$name = str_replace('DISABLE_PLUGIN_OIDplusPagePublicAltIds',
		146	'DISABLE_PLUGIN_Frdlweb\OIDplus\OIDplusPagePublicAltIds', $name);
1051	daniel-mar	147	$name = str_replace('DISABLE_PLUGIN_OIDplusPagePublicUITweaks',
		148	'DISABLE_PLUGIN_TushevOrg\OIDplus\OIDplusPagePublicUITweaks', $name);
1050	daniel-mar	149	$name = str_replace('DISABLE_PLUGIN_OIDplus',
		150	'DISABLE_PLUGIN_ViaThinkSoft\OIDplus\OIDplus', $name);
1055	daniel-mar	151	if ($name == 'CONFIG_VERSION') {
		152	$value = 2.1;
		153	} else if (($name == 'MYSQL_PASSWORD') \|\| ($name == 'ODBC_PASSWORD') \|\| ($name == 'PDO_PASSWORD') \|\| ($name == 'PGSQL_PASSWORD')) {
		154	$value = base64_decode($value);
261	daniel-mar	155	}
1055	daniel-mar	156	self::$baseConfig->setValue($name, $value);
261	daniel-mar	157	}
		158	}
		159	} else {
496	daniel-mar	160	if (!is_dir(OIDplus::localpath().'setup')) {
1050	daniel-mar	161	throw new OIDplusConfigInitializationException(_L('File %1 is missing, but setup can\'t be started because its directory missing.',$config_file));
261	daniel-mar	162	} else {
280	daniel-mar	163	if (self::$html) {
1055	daniel-mar	164	if (!self::insideSetup()) {
801	daniel-mar	165	header('Location:'.OIDplus::webpath(null,OIDplus::PATH_RELATIVE).'setup/');
360	daniel-mar	166	die(_L('Redirecting to setup...'));
349	daniel-mar	167	} else {
		168	return self::$baseConfig;
		169	}
261	daniel-mar	170	} else {
		171	// This can be displayed in e.g. ajax.php
1050	daniel-mar	172	throw new OIDplusConfigInitializationException(_L('File %1 is missing. Please run setup again.',$config_file));
261	daniel-mar	173	}
		174	}
		175	}
		176
		177	// Check important config settings
		178
263	daniel-mar	179	if (self::$baseConfig->getValue('CONFIG_VERSION') != 2.1) {
801	daniel-mar	180	if (strpos($_SERVER['REQUEST_URI'], OIDplus::webpath(null,OIDplus::PATH_RELATIVE).'setup/') !== 0) {
503	daniel-mar	181	throw new OIDplusConfigInitializationException(_L("The information located in %1 is outdated.",realpath($config_file)));
		182	}
261	daniel-mar	183	}
		184
263	daniel-mar	185	if (self::$baseConfig->getValue('SERVER_SECRET', '') === '') {
801	daniel-mar	186	if (strpos($_SERVER['REQUEST_URI'], OIDplus::webpath(null,OIDplus::PATH_RELATIVE).'setup/') !== 0) {
503	daniel-mar	187	throw new OIDplusConfigInitializationException(_L("You must set a value for SERVER_SECRET in %1 for the system to operate secure.",realpath($config_file)));
		188	}
261	daniel-mar	189	}
		190	}
		191
263	daniel-mar	192	return self::$baseConfig;
261	daniel-mar	193	}
		194
263	daniel-mar	195	private static $config = null;
2	daniel-mar	196	public static function config() {
263	daniel-mar	197	if ($first_init = is_null(self::$config)) {
		198	self::$config = new OIDplusConfig();
2	daniel-mar	199	}
263	daniel-mar	200
		201	if ($first_init) {
		202	// These are important settings for base functionalities and therefore are not inside plugins
		203	self::$config->prepareConfigKey('system_title', 'What is the name of your RA?', 'OIDplus 2.0', OIDplusConfig::PROTECTION_EDITABLE, function($value) {
		204	if (empty($value)) {
360	daniel-mar	205	throw new OIDplusException(_L('Please enter a value for the system title.'));
263	daniel-mar	206	}
		207	});
		208	self::$config->prepareConfigKey('admin_email', 'E-Mail address of the system administrator', '', OIDplusConfig::PROTECTION_EDITABLE, function($value) {
		209	if (!empty($value) && !OIDplus::mailUtils()->validMailAddress($value)) {
360	daniel-mar	210	throw new OIDplusException(_L('This is not a correct email address'));
263	daniel-mar	211	}
		212	});
875	daniel-mar	213	self::$config->prepareConfigKey('global_cc', 'Global CC for all outgoing emails?', '', OIDplusConfig::PROTECTION_EDITABLE, function(&$value) {
		214	$value = trim($value);
		215	if ($value === '') return;
		216	$addrs = explode(';', $value);
		217	foreach ($addrs as $addr) {
		218	$addr = trim($addr);
		219	if (!empty($addr) && !OIDplus::mailUtils()->validMailAddress($addr)) {
		220	throw new OIDplusException(_L('%1 is not a correct email address',$addr));
		221	}
263	daniel-mar	222	}
		223	});
875	daniel-mar	224	self::$config->prepareConfigKey('global_bcc', 'Global BCC for all outgoing emails?', '', OIDplusConfig::PROTECTION_EDITABLE, function(&$value) {
		225	$value = trim($value);
		226	if ($value === '') return;
		227	$addrs = explode(';', $value);
		228	foreach ($addrs as $addr) {
		229	$addr = trim($addr);
		230	if (!empty($addr) && !OIDplus::mailUtils()->validMailAddress($addr)) {
		231	throw new OIDplusException(_L('%1 is not a correct email address',$addr));
		232	}
		233	}
		234	});
263	daniel-mar	235	self::$config->prepareConfigKey('objecttypes_initialized', 'List of object type plugins that were initialized once', '', OIDplusConfig::PROTECTION_READONLY, function($value) {
		236	// Nothing here yet
		237	});
		238	self::$config->prepareConfigKey('objecttypes_enabled', 'Enabled object types and their order, separated with a semicolon (please reload the page so that the change is applied)', '', OIDplusConfig::PROTECTION_EDITABLE, function($value) {
1050	daniel-mar	239	// TODO: when objecttypes_enabled is changed at the admin control panel, we need to do a reload of the page, so that jsTree will be updated. Is there anything we can do?
263	daniel-mar	240
		241	$ary = explode(';',$value);
		242	$uniq_ary = array_unique($ary);
		243
		244	if (count($ary) != count($uniq_ary)) {
360	daniel-mar	245	throw new OIDplusException(_L('Please check your input. Some object types are double.'));
263	daniel-mar	246	}
		247
		248	foreach ($ary as $ot_check) {
		249	$ns_found = false;
		250	foreach (OIDplus::getEnabledObjectTypes() as $ot) {
		251	if ($ot::ns() == $ot_check) {
		252	$ns_found = true;
		253	break;
		254	}
		255	}
		256	foreach (OIDplus::getDisabledObjectTypes() as $ot) {
		257	if ($ot::ns() == $ot_check) {
		258	$ns_found = true;
		259	break;
		260	}
		261	}
		262	if (!$ns_found) {
360	daniel-mar	263	throw new OIDplusException(_L('Please check your input. Namespace "%1" is not found',$ot_check));
263	daniel-mar	264	}
		265	}
		266	});
		267	self::$config->prepareConfigKey('oidplus_private_key', 'Private key for this system', '', OIDplusConfig::PROTECTION_HIDDEN, function($value) {
		268	// Nothing here yet
		269	});
		270	self::$config->prepareConfigKey('oidplus_public_key', 'Public key for this system. If you "clone" your system, you must delete this key (e.g. using phpMyAdmin), so that a new one is created.', '', OIDplusConfig::PROTECTION_READONLY, function($value) {
		271	// Nothing here yet
		272	});
324	daniel-mar	273	self::$config->prepareConfigKey('last_known_system_url', 'Last known System URL', '', OIDplusConfig::PROTECTION_HIDDEN, function($value) {
		274	// Nothing here yet
		275	});
412	daniel-mar	276	self::$config->prepareConfigKey('last_known_version', 'Last known OIDplus Version', '', OIDplusConfig::PROTECTION_HIDDEN, function($value) {
		277	// Nothing here yet
		278	});
635	daniel-mar	279	self::$config->prepareConfigKey('default_ra_auth_method', 'Default auth method used for generating password of RAs (must exist in plugins/[vendorname]/auth/)?', 'A3_bcrypt', OIDplusConfig::PROTECTION_EDITABLE, function($value) {
453	daniel-mar	280	$good = true;
		281	if (strpos($value,'/') !== false) $good = false;
		282	if (strpos($value,'\\') !== false) $good = false;
		283	if (strpos($value,'..') !== false) $good = false;
		284	if (!$good) {
		285	throw new OIDplusException(_L('Invalid auth plugin folder name. Do only enter a folder name, not an absolute or relative path'));
		286	}
		287
926	daniel-mar	288	if (!wildcard_is_dir(OIDplus::localpath().'plugins/'.'*'.'/auth/'.$value)) {
635	daniel-mar	289	throw new OIDplusException(_L('The auth plugin "%1" does not exist in plugin directory %2',$value,'plugins/[vendorname]/auth/'));
453	daniel-mar	290	}
		291	});
263	daniel-mar	292	}
		293
		294	return self::$config;
2	daniel-mar	295	}
		296
263	daniel-mar	297	private static $gui = null;
2	daniel-mar	298	public static function gui() {
263	daniel-mar	299	if (is_null(self::$gui)) {
		300	self::$gui = new OIDplusGui();
86	daniel-mar	301	}
263	daniel-mar	302	return self::$gui;
2	daniel-mar	303	}
		304
263	daniel-mar	305	private static $authUtils = null;
2	daniel-mar	306	public static function authUtils() {
263	daniel-mar	307	if (is_null(self::$authUtils)) {
		308	self::$authUtils = new OIDplusAuthUtils();
86	daniel-mar	309	}
263	daniel-mar	310	return self::$authUtils;
2	daniel-mar	311	}
		312
263	daniel-mar	313	private static $mailUtils = null;
250	daniel-mar	314	public static function mailUtils() {
263	daniel-mar	315	if (is_null(self::$mailUtils)) {
		316	self::$mailUtils = new OIDplusMailUtils();
250	daniel-mar	317	}
263	daniel-mar	318	return self::$mailUtils;
250	daniel-mar	319	}
		320
557	daniel-mar	321	private static $cookieUtils = null;
		322	public static function cookieUtils() {
		323	if (is_null(self::$cookieUtils)) {
		324	self::$cookieUtils = new OIDplusCookieUtils();
		325	}
		326	return self::$cookieUtils;
		327	}
		328
263	daniel-mar	329	private static $menuUtils = null;
250	daniel-mar	330	public static function menuUtils() {
263	daniel-mar	331	if (is_null(self::$menuUtils)) {
		332	self::$menuUtils = new OIDplusMenuUtils();
250	daniel-mar	333	}
263	daniel-mar	334	return self::$menuUtils;
250	daniel-mar	335	}
		336
263	daniel-mar	337	private static $logger = null;
115	daniel-mar	338	public static function logger() {
263	daniel-mar	339	if (is_null(self::$logger)) {
		340	self::$logger = new OIDplusLogger();
115	daniel-mar	341	}
263	daniel-mar	342	return self::$logger;
115	daniel-mar	343	}
		344
1050	daniel-mar	345	// --- SQL slang plugin
274	daniel-mar	346
		347	private static function registerSqlSlangPlugin(OIDplusSqlSlangPlugin $plugin) {
		348	$name = $plugin::id();
591	daniel-mar	349	if ($name === '') return false;
274	daniel-mar	350
449	daniel-mar	351	if (isset(self::$sqlSlangPlugins[$name])) {
451	daniel-mar	352	$plugintype_hf = _L('SQL slang');
592	daniel-mar	353	throw new OIDplusException(_L('Multiple %1 plugins use the ID %2', $plugintype_hf, $name));
449	daniel-mar	354	}
		355
274	daniel-mar	356	self::$sqlSlangPlugins[$name] = $plugin;
		357
		358	return true;
		359	}
		360
		361	public static function getSqlSlangPlugins() {
		362	return self::$sqlSlangPlugins;
		363	}
		364
318	daniel-mar	365	public static function getSqlSlangPlugin($id)/: ?OIDplusSqlSlangPlugin/ {
		366	if (isset(self::$sqlSlangPlugins[$id])) {
		367	return self::$sqlSlangPlugins[$id];
		368	} else {
		369	return null;
		370	}
		371	}
		372
1050	daniel-mar	373	// --- Database plugin
74	daniel-mar	374
227	daniel-mar	375	private static function registerDatabasePlugin(OIDplusDatabasePlugin $plugin) {
275	daniel-mar	376	$name = $plugin::id();
591	daniel-mar	377	if ($name === '') return false;
150	daniel-mar	378
449	daniel-mar	379	if (isset(self::$dbPlugins[$name])) {
		380	$plugintype_hf = _L('Database');
592	daniel-mar	381	throw new OIDplusException(_L('Multiple %1 plugins use the ID %2', $plugintype_hf, $name));
449	daniel-mar	382	}
		383
150	daniel-mar	384	self::$dbPlugins[$name] = $plugin;
		385
		386	return true;
		387	}
		388
		389	public static function getDatabasePlugins() {
		390	return self::$dbPlugins;
		391	}
		392
295	daniel-mar	393	public static function getActiveDatabasePlugin() {
702	daniel-mar	394	$db_plugin_name = OIDplus::baseConfig()->getValue('DATABASE_PLUGIN','');
		395	if ($db_plugin_name === '') {
360	daniel-mar	396	throw new OIDplusConfigInitializationException(_L('No database plugin selected in config file'));
260	daniel-mar	397	}
1016	daniel-mar	398	foreach (self::$dbPlugins as $name => $plugin) {
		399	if (strtolower($name) == strtolower($db_plugin_name)) {
		400	return $plugin;
		401	}
227	daniel-mar	402	}
1016	daniel-mar	403	throw new OIDplusConfigInitializationException(_L('Database plugin "%1" not found',$db_plugin_name));
227	daniel-mar	404	}
		405
295	daniel-mar	406	private static $dbMainSession = null;
		407	public static function db() {
		408	if (is_null(self::$dbMainSession)) {
		409	self::$dbMainSession = self::getActiveDatabasePlugin()->newConnection();
		410	}
		411	if (!self::$dbMainSession->isConnected()) self::$dbMainSession->connect();
		412	return self::$dbMainSession;
		413	}
		414
		415	private static $dbIsolatedSession = null;
		416	public static function dbIsolated() {
		417	if (is_null(self::$dbIsolatedSession)) {
		418	self::$dbIsolatedSession = self::getActiveDatabasePlugin()->newConnection();
		419	}
		420	if (!self::$dbIsolatedSession->isConnected()) self::$dbIsolatedSession->connect();
		421	return self::$dbIsolatedSession;
		422	}
		423
1050	daniel-mar	424	// --- CAPTCHA plugin
702	daniel-mar	425
		426	private static function registerCaptchaPlugin(OIDplusCaptchaPlugin $plugin) {
		427	$name = $plugin::id();
		428	if ($name === '') return false;
		429
		430	if (isset(self::$captchaPlugins[$name])) {
		431	$plugintype_hf = _L('CAPTCHA');
		432	throw new OIDplusException(_L('Multiple %1 plugins use the ID %2', $plugintype_hf, $name));
		433	}
		434
		435	self::$captchaPlugins[$name] = $plugin;
		436
		437	return true;
		438	}
		439
		440	public static function getCaptchaPlugins() {
		441	return self::$captchaPlugins;
		442	}
		443
704	daniel-mar	444	public static function getActiveCaptchaPluginId() {
702	daniel-mar	445	$captcha_plugin_name = OIDplus::baseConfig()->getValue('CAPTCHA_PLUGIN', '');
		446
		447	if (OIDplus::baseConfig()->getValue('RECAPTCHA_ENABLED', false) && ($captcha_plugin_name === '')) {
		448	// Legacy config file support!
1016	daniel-mar	449	$captcha_plugin_name = 'reCAPTCHA';
702	daniel-mar	450	}
		451
704	daniel-mar	452	if ($captcha_plugin_name === '') $captcha_plugin_name = 'None'; // the "None" plugin is a must-have!
702	daniel-mar	453
704	daniel-mar	454	return $captcha_plugin_name;
		455	}
		456
		457	public static function getActiveCaptchaPlugin() {
		458	$captcha_plugin_name = OIDplus::getActiveCaptchaPluginId();
1016	daniel-mar	459	foreach (self::$captchaPlugins as $name => $plugin) {
		460	if (strtolower($name) == strtolower($captcha_plugin_name)) {
		461	return $plugin;
		462	}
702	daniel-mar	463	}
1016	daniel-mar	464	throw new OIDplusConfigInitializationException(_L('CAPTCHA plugin "%1" not found',$captcha_plugin_name));
702	daniel-mar	465	}
		466
1050	daniel-mar	467	// --- Page plugin
227	daniel-mar	468
224	daniel-mar	469	private static function registerPagePlugin(OIDplusPagePlugin $plugin) {
281	daniel-mar	470	self::$pagePlugins[] = $plugin;
61	daniel-mar	471
		472	return true;
		473	}
		474
281	daniel-mar	475	public static function getPagePlugins() {
		476	return self::$pagePlugins;
61	daniel-mar	477	}
		478
1050	daniel-mar	479	// --- Auth plugin
227	daniel-mar	480
		481	private static function registerAuthPlugin(OIDplusAuthPlugin $plugin) {
456	daniel-mar	482	if (OIDplus::baseConfig()->getValue('DEBUG')) {
		483	$password = generateRandomString(25);
459	daniel-mar	484
461	daniel-mar	485	try {
		486	$authInfo = $plugin->generate($password);
		487	} catch (OIDplusException $e) {
		488	// This can happen when the AuthKey or Salt is too long
		489	throw new OIDplusException(_L('Auth plugin "%1" is erroneous: %2',basename($plugin->getPluginDirectory()),$e->getMessage()));
		490	}
459	daniel-mar	491	$salt = $authInfo->getSalt();
461	daniel-mar	492	$authKey = $authInfo->getAuthKey();
459	daniel-mar	493
461	daniel-mar	494	$authInfo_SaltDiff = clone $authInfo;
		495	$authInfo_SaltDiff->setSalt(strrev($authInfo_SaltDiff->getSalt()));
		496
		497	$authInfo_AuthKeyDiff = clone $authInfo;
		498	$authInfo_AuthKeyDiff->setAuthKey(strrev($authInfo_AuthKeyDiff->getAuthKey()));
		499
		500	if ((!$plugin->verify($authInfo,$password)) \|\|
		501	(!empty($salt) && $plugin->verify($authInfo_SaltDiff,$password)) \|\|
		502	($plugin->verify($authInfo_AuthKeyDiff,$password)) \|\|
		503	($plugin->verify($authInfo,$password.'x'))) {
456	daniel-mar	504	throw new OIDplusException(_L('Auth plugin "%1" is erroneous: Generate/Verify self test failed',basename($plugin->getPluginDirectory())));
		505	}
453	daniel-mar	506	}
		507
227	daniel-mar	508	self::$authPlugins[] = $plugin;
		509	return true;
		510	}
		511
221	daniel-mar	512	public static function getAuthPlugins() {
		513	return self::$authPlugins;
		514	}
		515
1050	daniel-mar	516	// --- Language plugin
355	daniel-mar	517
		518	private static function registerLanguagePlugin(OIDplusLanguagePlugin $plugin) {
		519	self::$languagePlugins[] = $plugin;
		520	return true;
		521	}
		522
		523	public static function getLanguagePlugins() {
		524	return self::$languagePlugins;
		525	}
		526
1050	daniel-mar	527	// --- Design plugin
449	daniel-mar	528
		529	private static function registerDesignPlugin(OIDplusDesignPlugin $plugin) {
		530	self::$designPlugins[] = $plugin;
		531	return true;
		532	}
		533
		534	public static function getDesignPlugins() {
		535	return self::$designPlugins;
		536	}
		537
819	daniel-mar	538	public static function getActiveDesignPlugin() {
		539	$plugins = OIDplus::getDesignPlugins();
		540	foreach ($plugins as $plugin) {
		541	if ((basename($plugin->getPluginDirectory())) == OIDplus::config()->getValue('design','default')) {
		542	return $plugin;
		543	}
		544	}
		545	return null;
		546	}
		547
1050	daniel-mar	548	// --- Logger plugin
289	daniel-mar	549
		550	private static function registerLoggerPlugin(OIDplusLoggerPlugin $plugin) {
		551	self::$loggerPlugins[] = $plugin;
		552	return true;
		553	}
		554
		555	public static function getLoggerPlugins() {
		556	return self::$loggerPlugins;
		557	}
		558
1050	daniel-mar	559	// --- Object type plugin
227	daniel-mar	560
		561	private static function registerObjectTypePlugin(OIDplusObjectTypePlugin $plugin) {
		562	self::$objectTypePlugins[] = $plugin;
		563
		564	$ot = $plugin::getObjectTypeClassName();
		565	self::registerObjectType($ot);
		566
		567	return true;
		568	}
		569
224	daniel-mar	570	private static function registerObjectType($ot) {
66	daniel-mar	571	$ns = $ot::ns();
860	daniel-mar	572	if (empty($ns)) throw new OIDplusException(_L('ObjectType plugin %1 is erroneous: Namespace must not be empty',$ot));
66	daniel-mar	573
860	daniel-mar	574	// Currently, we must enforce that namespaces in objectType plugins are lowercase, because prefilterQuery() makes all namespaces lowercase and the DBMS should be case-sensitive
		575	if ($ns != strtolower($ns)) throw new OIDplusException(_L('ObjectType plugin %1 is erroneous: Namespace %2 must be lower-case',$ot,$ns));
66	daniel-mar	576
860	daniel-mar	577	$root = $ot::root();
		578	if (!str_starts_with($root,$ns.':')) throw new OIDplusException(_L('ObjectType plugin %1 is erroneous: Root node (%2) is in wrong namespace (needs starts with %3)!',$ot,$root,$ns.':'));
		579
66	daniel-mar	580	$ns_found = false;
227	daniel-mar	581	foreach (array_merge(OIDplus::getEnabledObjectTypes(), OIDplus::getDisabledObjectTypes()) as $test_ot) {
66	daniel-mar	582	if ($test_ot::ns() == $ns) {
		583	$ns_found = true;
		584	break;
		585	}
		586	}
		587	if ($ns_found) {
360	daniel-mar	588	throw new OIDplusException(_L('Attention: Two objectType plugins use the same namespace "%1"!',$ns));
66	daniel-mar	589	}
		590
		591	$init = OIDplus::config()->getValue("objecttypes_initialized");
		592	$init_ary = empty($init) ? array() : explode(';', $init);
70	daniel-mar	593	$init_ary = array_map('trim', $init_ary);
66	daniel-mar	594
		595	$enabled = OIDplus::config()->getValue("objecttypes_enabled");
		596	$enabled_ary = empty($enabled) ? array() : explode(';', $enabled);
70	daniel-mar	597	$enabled_ary = array_map('trim', $enabled_ary);
66	daniel-mar	598
79	daniel-mar	599	$do_enable = false;
		600	if (in_array($ns, $enabled_ary)) {
447	daniel-mar	601	// If it is in the list of enabled object types, it is enabled (obviously)
79	daniel-mar	602	$do_enable = true;
		603	} else {
447	daniel-mar	604	if (!OIDplus::config()->getValue('oobe_objects_done')) {
		605	// If the OOBE wizard is NOT done, then just enable the "oid" object type by default
79	daniel-mar	606	$do_enable = $ns == 'oid';
		607	} else {
447	daniel-mar	608	// If the OOBE wizard was done (once), then
		609	// we will enable all object types which were never initialized
		610	// (i.e. a plugin folder was freshly added)
79	daniel-mar	611	$do_enable = !in_array($ns, $init_ary);
		612	}
		613	}
		614
		615	if ($do_enable) {
227	daniel-mar	616	self::$enabledObjectTypes[] = $ot;
		617	usort(self::$enabledObjectTypes, function($a, $b) {
66	daniel-mar	618	$enabled = OIDplus::config()->getValue("objecttypes_enabled");
		619	$enabled_ary = explode(';', $enabled);
		620
		621	$idx_a = array_search($a::ns(), $enabled_ary);
		622	$idx_b = array_search($b::ns(), $enabled_ary);
		623
		624	if ($idx_a == $idx_b) {
		625	return 0;
		626	}
		627	return ($idx_a > $idx_b) ? +1 : -1;
		628	});
74	daniel-mar	629	} else {
		630	self::$disabledObjectTypes[] = $ot;
66	daniel-mar	631	}
		632
		633	if (!in_array($ns, $init_ary)) {
		634	// Was never initialized before, so we add it to the list of enabled object types once
		635
79	daniel-mar	636	if ($do_enable) {
		637	$enabled_ary[] = $ns;
672	daniel-mar	638	// Important: Don't validate the input, because the other object types might not be initialized yet! So use setValueNoCallback() instead setValue().
		639	OIDplus::config()->setValueNoCallback("objecttypes_enabled", implode(';', $enabled_ary));
79	daniel-mar	640	}
66	daniel-mar	641
		642	$init_ary[] = $ns;
		643	OIDplus::config()->setValue("objecttypes_initialized", implode(';', $init_ary));
		644	}
61	daniel-mar	645	}
		646
227	daniel-mar	647	public static function getObjectTypePlugins() {
		648	return self::$objectTypePlugins;
61	daniel-mar	649	}
		650
227	daniel-mar	651	public static function getObjectTypePluginsEnabled() {
		652	$res = array();
		653	foreach (self::$objectTypePlugins as $plugin) {
		654	$ot = $plugin::getObjectTypeClassName();
		655	if (in_array($ot, self::$enabledObjectTypes)) $res[] = $plugin;
		656	}
		657	return $res;
74	daniel-mar	658	}
		659
227	daniel-mar	660	public static function getObjectTypePluginsDisabled() {
		661	$res = array();
		662	foreach (self::$objectTypePlugins as $plugin) {
		663	$ot = $plugin::getObjectTypeClassName();
		664	if (in_array($ot, self::$disabledObjectTypes)) $res[] = $plugin;
74	daniel-mar	665	}
227	daniel-mar	666	return $res;
74	daniel-mar	667	}
		668
227	daniel-mar	669	public static function getEnabledObjectTypes() {
		670	return self::$enabledObjectTypes;
		671	}
74	daniel-mar	672
227	daniel-mar	673	public static function getDisabledObjectTypes() {
		674	return self::$disabledObjectTypes;
		675	}
74	daniel-mar	676
1050	daniel-mar	677	// --- Plugin handling functions
277	daniel-mar	678
320	daniel-mar	679	public static function getAllPlugins()/: array/ {
		680	$res = array();
		681	$res = array_merge($res, self::$pagePlugins);
		682	$res = array_merge($res, self::$authPlugins);
		683	$res = array_merge($res, self::$loggerPlugins);
		684	$res = array_merge($res, self::$objectTypePlugins);
		685	$res = array_merge($res, self::$dbPlugins);
702	daniel-mar	686	$res = array_merge($res, self::$captchaPlugins);
320	daniel-mar	687	$res = array_merge($res, self::$sqlSlangPlugins);
355	daniel-mar	688	$res = array_merge($res, self::$languagePlugins);
449	daniel-mar	689	$res = array_merge($res, self::$designPlugins);
320	daniel-mar	690	return $res;
		691	}
		692
321	daniel-mar	693	public static function getPluginByOid($oid)/: ?OIDplusPlugin/ {
320	daniel-mar	694	$plugins = self::getAllPlugins();
321	daniel-mar	695	foreach ($plugins as $plugin) {
		696	if (oid_dotnotation_equal($plugin->getManifest()->getOid(), $oid)) {
		697	return $plugin;
320	daniel-mar	698	}
		699	}
		700	return null;
		701	}
		702
380	daniel-mar	703	public static function getPluginByClassName($classname)/: ?OIDplusPlugin/ {
		704	$plugins = self::getAllPlugins();
		705	foreach ($plugins as $plugin) {
		706	if (get_class($plugin) === $classname) {
		707	return $plugin;
		708	}
		709	}
		710	return null;
277	daniel-mar	711	}
		712
594	daniel-mar	713	/**
1050	daniel-mar	714	* Checks if the plugin is disabled
		715	* @return boolean true if plugin is enabled, false if plugin is disabled
		716	* @throws OIDplusException if the class name or config file (disabled setting) does not contain a namespace
		717	*/
		718	private static function pluginCheckDisabled($class_name): bool {
		719	$path = explode('\\', $class_name);
		720
		721	if (count($path) == 1) {
		722	throw new OIDplusException(_L('Plugin "%1" is erroneous',$class_name).': '._L('The plugin uses no namespaces. The new version of OIDplus requires plugin class files to be in a namespace. Please notify your plugin author and ask for an update.'));
		723	}
		724
		725	$class_end = end($path);
		726	if (OIDplus::baseConfig()->getValue('DISABLE_PLUGIN_'.$class_end, false)) {
		727	throw new OIDplusConfigInitializationException(_L('Your base configuration file is outdated. Please change "%1" to "%2".','DISABLE_PLUGIN_'.$class_end,'DISABLE_PLUGIN_'.$class_name));
		728	}
		729
		730	if (OIDplus::baseConfig()->getValue('DISABLE_PLUGIN_'.$class_name, false)) {
		731	return false;
		732	}
		733
		734	return true;
		735	}
		736
		737	/**
594	daniel-mar	738	* @return array<OIDplusPluginManifest>\|array<string,array<string,OIDplusPluginManifest>>
		739	*/
693	daniel-mar	740	public static function getAllPluginManifests($pluginFolderMasks='*', $flat=true): array {
277	daniel-mar	741	$out = array();
279	daniel-mar	742	// Note: glob() will sort by default, so we do not need a page priority attribute.
		743	// So you just need to use a numeric plugin directory prefix (padded).
693	daniel-mar	744	$ary = array();
		745	foreach (explode(',',$pluginFolderMasks) as $pluginFolderMask) {
		746	$ary = array_merge($ary,glob(OIDplus::localpath().'plugins/'.''.'/'.$pluginFolderMask.'/'.''.'/manifest.xml'));
		747	}
646	daniel-mar	748
		749	// Sort the plugins by their type and name, as if they would be in a single vendor-folder!
		750	uasort($ary, function($a,$b) {
		751	if ($a == $b) return 0;
		752
		753	$ary = explode('/',$a);
		754	$bry = explode('/',$b);
		755
		756	// First sort by type (publicPage, auth, database, language, ...)
		757	$a_type = $ary[count($ary)-1-2];
		758	$b_type = $bry[count($bry)-1-2];
		759	if ($a_type < $b_type) return -1;
		760	if ($a_type > $b_type) return 1;
		761
		762	// Then sort by name (090_login, 100_whois, etc.)
		763	$a_name = $ary[count($ary)-1-1];
		764	$b_name = $bry[count($bry)-1-1];
		765	if ($a_name < $b_name) return -1;
		766	if ($a_name > $b_name) return 1;
		767
		768	// If it is still equal, then finally sort by vendorname
		769	$a_vendor = $ary[count($ary)-1-3];
		770	$b_vendor = $bry[count($bry)-1-3];
		771	if ($a_vendor < $b_vendor) return -1;
		772	if ($a_vendor > $b_vendor) return 1;
		773	return 0;
		774	});
		775
277	daniel-mar	776	foreach ($ary as $ini) {
		777	if (!file_exists($ini)) continue;
		778
307	daniel-mar	779	$manifest = new OIDplusPluginManifest();
		780	$manifest->loadManifest($ini);
277	daniel-mar	781
473	daniel-mar	782	$class_name = $manifest->getPhpMainClass();
1050	daniel-mar	783	if ($class_name) if (!self::pluginCheckDisabled($class_name)) continue;
473	daniel-mar	784
307	daniel-mar	785	if ($flat) {
		786	$out[] = $manifest;
		787	} else {
		788	$plugintype_folder = basename(dirname(dirname($ini)));
		789	$pluginname_folder = basename(dirname($ini));
		790
		791	if (!isset($out[$plugintype_folder])) $out[$plugintype_folder] = array();
		792	if (!isset($out[$plugintype_folder][$pluginname_folder])) $out[$plugintype_folder][$pluginname_folder] = array();
		793	$out[$plugintype_folder][$pluginname_folder] = $manifest;
		794	}
277	daniel-mar	795	}
		796	return $out;
		797	}
		798
594	daniel-mar	799	/**
		800	* @return array<string>
		801	*/
277	daniel-mar	802	public static function registerAllPlugins($pluginDirName, $expectedPluginClass, $registerCallback): array {
		803	$out = array();
525	daniel-mar	804	if (is_array($pluginDirName)) {
		805	$ary = array();
		806	foreach ($pluginDirName as $pluginDirName_) {
		807	$ary = array_merge($ary, self::getAllPluginManifests($pluginDirName_, false));
		808	}
		809	} else {
		810	$ary = self::getAllPluginManifests($pluginDirName, false);
		811	}
320	daniel-mar	812	$known_plugin_oids = array();
456	daniel-mar	813	if (OIDplus::baseConfig()->getValue('DEBUG')) {
		814	$fake_feature = uuid_to_oid(gen_uuid());
588	daniel-mar	815	} else {
		816	$fake_feature = null;
456	daniel-mar	817	}
277	daniel-mar	818	foreach ($ary as $plugintype_folder => $bry) {
438	daniel-mar	819	foreach ($bry as $pluginname_folder => $manifest) {
		820	$class_name = $manifest->getPhpMainClass();
		821
		822	// Before we load the plugin, we want to make some checks to confirm
		823	// that the plugin is working correctly.
		824
307	daniel-mar	825	if (!$class_name) {
1050	daniel-mar	826	throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Manifest does not declare a PHP main class'));
277	daniel-mar	827	}
1050	daniel-mar	828	if (!self::pluginCheckDisabled($class_name)) {
		829	continue; // Plugin is disabled
297	daniel-mar	830	}
292	daniel-mar	831	if (!class_exists($class_name)) {
1050	daniel-mar	832	throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Manifest declares PHP main class as "%1", but it could not be found',$class_name));
292	daniel-mar	833	}
279	daniel-mar	834	if (!is_subclass_of($class_name, $expectedPluginClass)) {
1050	daniel-mar	835	throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Plugin main class "%1" is expected to be a subclass of "%2"',$class_name,$expectedPluginClass));
279	daniel-mar	836	}
438	daniel-mar	837	if (($class_name!=$manifest->getTypeClass()) && (!is_subclass_of($class_name,$manifest->getTypeClass()))) {
1050	daniel-mar	838	throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Plugin main class "%1" is expected to be a subclass of "%2", according to type declared in manifest',$class_name,$manifest->getTypeClass()));
308	daniel-mar	839	}
438	daniel-mar	840	if (($manifest->getTypeClass()!=$expectedPluginClass) && (!is_subclass_of($manifest->getTypeClass(),$expectedPluginClass))) {
1050	daniel-mar	841	throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Class declared in manifest is "%1" does not fit expected class for this plugin type "%2"',$manifest->getTypeClass(),$expectedPluginClass));
308	daniel-mar	842	}
		843
438	daniel-mar	844	$plugin_oid = $manifest->getOid();
320	daniel-mar	845	if (!$plugin_oid) {
1050	daniel-mar	846	throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Does not have an OID'));
320	daniel-mar	847	}
		848	if (!oid_valid_dotnotation($plugin_oid, false, false, 2)) {
1050	daniel-mar	849	throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Plugin OID "%1" is invalid (needs to be valid dot-notation)',$plugin_oid));
320	daniel-mar	850	}
		851	if (isset($known_plugin_oids[$plugin_oid])) {
1050	daniel-mar	852	throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('The OID "%1" is already used by the plugin "%2"',$plugin_oid,$known_plugin_oids[$plugin_oid]));
320	daniel-mar	853	}
646	daniel-mar	854
632	daniel-mar	855	$full_plugin_dir = dirname($manifest->getManifestFile());
		856	$full_plugin_dir = substr($full_plugin_dir, strlen(OIDplus::localpath()));
988	daniel-mar	857
		858	$dir_is_viathinksoft = str_starts_with($full_plugin_dir, 'plugins/viathinksoft/') \|\| str_starts_with($full_plugin_dir, 'plugins\\viathinksoft\\');
		859	$oid_is_viathinksoft = str_starts_with($plugin_oid, '1.3.6.1.4.1.37476.2.5.2.4.'); // { iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) 37476 products(2) oidplus(5) v2(2) plugins(4) }
1050	daniel-mar	860	$class_is_viathinksoft = str_starts_with($class_name, 'ViaThinkSoft\\');
988	daniel-mar	861	if ($dir_is_viathinksoft != $oid_is_viathinksoft) {
1050	daniel-mar	862	throw new OIDplusException(_L('Plugin "%1" is misplaced',$plugintype_folder.'/'.$pluginname_folder).': '._L('The plugin is in the wrong folder. The folder %1 can only be used by official ViaThinkSoft plugins','plugins/viathinksoft/'));
632	daniel-mar	863	}
1050	daniel-mar	864	if ($dir_is_viathinksoft != $class_is_viathinksoft) {
		865	throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('Third-party plugins must not use the ViaThinkSoft PHP namespace. Please use your own vendor namespace.'));
		866	}
320	daniel-mar	867
632	daniel-mar	868	$known_plugin_oids[$plugin_oid] = $plugintype_folder.'/'.$pluginname_folder;
		869
438	daniel-mar	870	$obj = new $class_name();
456	daniel-mar	871
		872	if (OIDplus::baseConfig()->getValue('DEBUG')) {
		873	if ($obj->implementsFeature($fake_feature)) {
		874	// see https://devblogs.microsoft.com/oldnewthing/20040211-00/?p=40663
1050	daniel-mar	875	throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('implementsFeature() always returns true'));
456	daniel-mar	876	}
438	daniel-mar	877	}
		878
778	daniel-mar	879	// TODO: Maybe as additional plugin-test, we should also check if plugins are allowed to define CSS/JS, i.e. the plugin type is element of OIDplus::INTERACTIVE_PLUGIN_TYPES
988	daniel-mar	880	$tmp = $manifest->getManifestLinkedFiles();
438	daniel-mar	881	foreach ($tmp as $file) {
		882	if (!file_exists($file)) {
1050	daniel-mar	883	throw new OIDplusException(_L('Plugin "%1" is erroneous',$plugintype_folder.'/'.$pluginname_folder).': '._L('File %1 was defined in manifest, but it is not existing',$file));
438	daniel-mar	884	}
		885	}
		886
		887	// Now we can continue
		888
279	daniel-mar	889	$out[] = $class_name;
		890	if (!is_null($registerCallback)) {
438	daniel-mar	891	call_user_func($registerCallback, $obj);
444	daniel-mar	892
		893	// Alternative approaches:
		894	//$registerCallback[0]::{$registerCallback[1]}($obj);
		895	// or:
		896	//forward_static_call($registerCallback, $obj);
279	daniel-mar	897	}
277	daniel-mar	898	}
		899
		900	}
		901	return $out;
		902	}
		903
1050	daniel-mar	904	// --- Initialization of OIDplus
206	daniel-mar	905
374	daniel-mar	906	public static function init($html=true, $keepBaseConfig=true) {
236	daniel-mar	907	self::$html = $html;
		908
263	daniel-mar	909	// Reset internal state, so we can re-init verything if required
274	daniel-mar	910
263	daniel-mar	911	self::$config = null;
374	daniel-mar	912	if (!$keepBaseConfig) self::$baseConfig = null; // for test cases we need to be able to control base config and setting values manually, so $keepBaseConfig needs to be true
263	daniel-mar	913	self::$gui = null;
		914	self::$authUtils = null;
		915	self::$mailUtils = null;
		916	self::$menuUtils = null;
		917	self::$logger = null;
295	daniel-mar	918	self::$dbMainSession = null;
		919	self::$dbIsolatedSession = null;
263	daniel-mar	920	self::$pagePlugins = array();
		921	self::$authPlugins = array();
289	daniel-mar	922	self::$loggerPlugins = array();
263	daniel-mar	923	self::$objectTypePlugins = array();
		924	self::$enabledObjectTypes = array();
		925	self::$disabledObjectTypes = array();
		926	self::$dbPlugins = array();
702	daniel-mar	927	self::$captchaPlugins = array();
274	daniel-mar	928	self::$sqlSlangPlugins = array();
355	daniel-mar	929	self::$languagePlugins = array();
449	daniel-mar	930	self::$designPlugins = array();
263	daniel-mar	931	self::$system_id_cache = null;
		932	self::$sslAvailableCache = null;
468	daniel-mar	933	self::$translationArray = array();
74	daniel-mar	934
263	daniel-mar	935	// Continue...
		936
294	daniel-mar	937	OIDplus::baseConfig(); // this loads the base configuration located in userdata/baseconfig/config.inc.php (once!)
263	daniel-mar	938	// You can do changes to the configuration afterwards using OIDplus::baseConfig()->...
		939
150	daniel-mar	940	// Register database types (highest priority)
		941
274	daniel-mar	942	// SQL slangs
		943
1050	daniel-mar	944	self::registerAllPlugins('sqlSlang', OIDplusSqlSlangPlugin::class, array(OIDplus::class,'registerSqlSlangPlugin'));
274	daniel-mar	945	foreach (OIDplus::getSqlSlangPlugins() as $plugin) {
		946	$plugin->init($html);
		947	}
		948
		949	// Database providers
		950
1050	daniel-mar	951	self::registerAllPlugins('database', OIDplusDatabasePlugin::class, array(OIDplus::class,'registerDatabasePlugin'));
237	daniel-mar	952	foreach (OIDplus::getDatabasePlugins() as $plugin) {
		953	$plugin->init($html);
		954	}
		955
42	daniel-mar	956	// Do redirect stuff etc.
74	daniel-mar	957
230	daniel-mar	958	self::isSslAvailable(); // This function does automatic redirects
61	daniel-mar	959
263	daniel-mar	960	// Construct the configuration manager
66	daniel-mar	961
263	daniel-mar	962	OIDplus::config(); // During the construction, various system settings are prepared if required
66	daniel-mar	963
74	daniel-mar	964	// Initialize public / private keys
		965
227	daniel-mar	966	OIDplus::getPkiStatus(true);
74	daniel-mar	967
237	daniel-mar	968	// Register non-DB plugins
74	daniel-mar	969
1050	daniel-mar	970	self::registerAllPlugins(array('publicPages', 'raPages', 'adminPages'), OIDplusPagePlugin::class, array(OIDplus::class,'registerPagePlugin'));
		971	self::registerAllPlugins('auth', OIDplusAuthPlugin::class, array(OIDplus::class,'registerAuthPlugin'));
		972	self::registerAllPlugins('logger', OIDplusLoggerPlugin::class, array(OIDplus::class,'registerLoggerPlugin'));
825	daniel-mar	973	OIDplusLogger::reLogMissing(); // Some previous plugins might have tried to log. Repeat that now.
1050	daniel-mar	974	self::registerAllPlugins('objectTypes', OIDplusObjectTypePlugin::class, array(OIDplus::class,'registerObjectTypePlugin'));
		975	self::registerAllPlugins('language', OIDplusLanguagePlugin::class, array(OIDplus::class,'registerLanguagePlugin'));
		976	self::registerAllPlugins('design', OIDplusDesignPlugin::class, array(OIDplus::class,'registerDesignPlugin'));
		977	self::registerAllPlugins('captcha', OIDplusCaptchaPlugin::class, array(OIDplus::class,'registerCaptchaPlugin'));
150	daniel-mar	978
237	daniel-mar	979	// Initialize non-DB plugins
224	daniel-mar	980
281	daniel-mar	981	foreach (OIDplus::getPagePlugins() as $plugin) {
74	daniel-mar	982	$plugin->init($html);
		983	}
230	daniel-mar	984	foreach (OIDplus::getAuthPlugins() as $plugin) {
		985	$plugin->init($html);
		986	}
289	daniel-mar	987	foreach (OIDplus::getLoggerPlugins() as $plugin) {
		988	$plugin->init($html);
		989	}
230	daniel-mar	990	foreach (OIDplus::getObjectTypePlugins() as $plugin) {
		991	$plugin->init($html);
		992	}
355	daniel-mar	993	foreach (OIDplus::getLanguagePlugins() as $plugin) {
		994	$plugin->init($html);
		995	}
449	daniel-mar	996	foreach (OIDplus::getDesignPlugins() as $plugin) {
		997	$plugin->init($html);
		998	}
778	daniel-mar	999	foreach (OIDplus::getCaptchaPlugins() as $plugin) {
		1000	$plugin->init($html);
		1001	}
412	daniel-mar	1002
778	daniel-mar	1003	if (PHP_SAPI != 'cli') {
		1004
		1005	// Prepare some security related response headers (default values)
		1006
		1007	$content_language =
		1008	strtolower(substr(OIDplus::getCurrentLang(),0,2)) . '-' .
		1009	strtoupper(substr(OIDplus::getCurrentLang(),2,2)); // e.g. 'en-US'
		1010
		1011	$http_headers = array(
		1012	"X-Content-Type-Options" => "nosniff",
		1013	"X-XSS-Protection" => "1; mode=block",
		1014	"X-Frame-Options" => "SAMEORIGIN",
		1015	"Referrer-Policy" => array(
		1016	"no-referrer-when-downgrade"
		1017	),
		1018	"Cache-Control" => array(
		1019	"no-cache",
		1020	"no-store",
		1021	"must-revalidate"
		1022	),
		1023	"Pragma" => "no-cache",
		1024	"Content-Language" => $content_language,
		1025	"Expires" => "0",
		1026	"Content-Security-Policy" => array(
1001	daniel-mar	1027	// see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
		1028
		1029	// --- Fetch directives ---
		1030	"child-src" => array(
		1031	"'self'",
		1032	"blob:"
		1033	),
		1034	"connect-src" => array(
		1035	"'self'",
		1036	"blob:"
		1037	),
778	daniel-mar	1038	"default-src" => array(
		1039	"'self'",
		1040	"blob:",
		1041	"https://cdnjs.cloudflare.com/"
		1042	),
1001	daniel-mar	1043	"font-src" => array(
778	daniel-mar	1044	"'self'",
1001	daniel-mar	1045	"blob:"
778	daniel-mar	1046	),
1001	daniel-mar	1047	"frame-src" => array(
		1048	"'self'",
		1049	"blob:"
		1050	),
778	daniel-mar	1051	"img-src" => array(
1001	daniel-mar	1052	"blob:",
778	daniel-mar	1053	"data:",
		1054	"http:",
		1055	"https:"
		1056	),
1001	daniel-mar	1057	"manifest-src" => array(
		1058	"'self'",
		1059	"blob:"
		1060	),
		1061	"media-src" => array(
		1062	"'self'",
		1063	"blob:"
		1064	),
		1065	"object-src" => array(
		1066	"'none'"
		1067	),
		1068	"prefetch-src" => array(
		1069	"'self'",
		1070	"blob:"
		1071	),
778	daniel-mar	1072	"script-src" => array(
		1073	"'self'",
		1074	"'unsafe-inline'",
		1075	"'unsafe-eval'",
		1076	"blob:",
		1077	"https://cdnjs.cloudflare.com/",
		1078	"https://polyfill.io/"
		1079	),
1001	daniel-mar	1080	// script-src-elem not used
		1081	// script-src-attr not used
		1082	"style-src" => array(
		1083	"'self'",
		1084	"'unsafe-inline'",
		1085	"https://cdnjs.cloudflare.com/"
		1086	),
		1087	// style-src-elem not used
		1088	// style-src-attr not used
		1089	"worker-src" => array(
		1090	"'self'",
		1091	"blob:"
		1092	),
		1093
		1094	// --- Navigation directives ---
778	daniel-mar	1095	"frame-ancestors" => array(
		1096	"'none'"
		1097	),
		1098	)
		1099	);
		1100
780	daniel-mar	1101	// Give plugins the opportunity to manipulate/extend the headers
778	daniel-mar	1102
		1103	foreach (OIDplus::getSqlSlangPlugins() as $plugin) {
		1104	$plugin->httpHeaderCheck($http_headers);
		1105	}
1015	daniel-mar	1106	//foreach (OIDplus::getDatabasePlugins() as $plugin) {
		1107	if ($plugin = OIDplus::getActiveDatabasePlugin()) {
778	daniel-mar	1108	$plugin->httpHeaderCheck($http_headers);
		1109	}
		1110	foreach (OIDplus::getPagePlugins() as $plugin) {
		1111	$plugin->httpHeaderCheck($http_headers);
		1112	}
		1113	foreach (OIDplus::getAuthPlugins() as $plugin) {
		1114	$plugin->httpHeaderCheck($http_headers);
		1115	}
		1116	foreach (OIDplus::getLoggerPlugins() as $plugin) {
		1117	$plugin->httpHeaderCheck($http_headers);
		1118	}
		1119	foreach (OIDplus::getObjectTypePlugins() as $plugin) {
		1120	$plugin->httpHeaderCheck($http_headers);
		1121	}
		1122	foreach (OIDplus::getLanguagePlugins() as $plugin) {
		1123	$plugin->httpHeaderCheck($http_headers);
		1124	}
		1125	foreach (OIDplus::getDesignPlugins() as $plugin) {
		1126	$plugin->httpHeaderCheck($http_headers);
		1127	}
1015	daniel-mar	1128	//foreach (OIDplus::getCaptchaPlugins() as $plugin) {
		1129	if ($plugin = OIDplus::getActiveCaptchaPlugin()) {
778	daniel-mar	1130	$plugin->httpHeaderCheck($http_headers);
		1131	}
		1132
		1133	// Prepare to send the headers to the client
		1134	// The headers are sent automatically when the first output comes or the script ends
		1135
		1136	foreach ($http_headers as $name => $val) {
		1137
		1138	// Plugins can remove standard OIDplus headers by setting the value to null.
		1139	if (is_null($val)) continue; /** @phpstan-ignore-line */
		1140
		1141	// Some headers can be written as arrays to make it easier for plugin authors
		1142	// to manipulate/extend the contents.
		1143	if (is_array($val)) {
		1144	if ((strtolower($name) == 'cache-control') \|\|
		1145	(strtolower($name) == 'referrer-policy'))
		1146	{
		1147	if (count($val) == 0) continue;
		1148	$val = implode(', ', $val);
		1149	} else if (strtolower($name) == 'content-security-policy') {
		1150	if (count($val) == 0) continue;
780	daniel-mar	1151	foreach ($val as $tmp1 => &$tmp2) {
		1152	$tmp2 = array_unique($tmp2);
		1153	$tmp2 = $tmp1.' '.implode(' ', $tmp2);
		1154	}
778	daniel-mar	1155	$val = implode('; ', $val);
		1156	} else {
779	daniel-mar	1157	throw new OIDplusException(_L('HTTP header "%1" cannot be written as array. A newly installed plugin is probably misusing the method "%2".',$name,'httpHeaderCheck'));
778	daniel-mar	1158	}
		1159	}
		1160
		1161	if (is_string($val)) {
		1162	header("$name: $val");
		1163	}
		1164	}
		1165
		1166	} // endif (PHP_SAPI != 'cli')
		1167
412	daniel-mar	1168	// Initialize other stuff (i.e. things which require the logger!)
		1169
		1170	OIDplus::recognizeSystemUrl(); // Make sure "last_known_system_url" is set
		1171	OIDplus::recognizeVersion(); // Make sure "last_known_version" is set and a log entry is created
2	daniel-mar	1172	}
42	daniel-mar	1173
1050	daniel-mar	1174	// --- System URL, System ID, PKI, and other functions
227	daniel-mar	1175
412	daniel-mar	1176	private static function recognizeSystemUrl() {
		1177	try {
801	daniel-mar	1178	$url = OIDplus::webpath(null,self::PATH_ABSOLUTE_CANONICAL); // TODO: canonical or not?
412	daniel-mar	1179	OIDplus::config()->setValue('last_known_system_url', $url);
1050	daniel-mar	1180	} catch (\Exception $e) {
412	daniel-mar	1181	}
		1182	}
497	daniel-mar	1183
496	daniel-mar	1184	private static function getExecutingScriptPathDepth() {
		1185	if (PHP_SAPI == 'cli') {
		1186	global $argv;
		1187	$test_dir = dirname(realpath($argv[0]));
		1188	} else {
		1189	if (!isset($_SERVER["SCRIPT_FILENAME"])) return false;
		1190	$test_dir = dirname($_SERVER['SCRIPT_FILENAME']);
		1191	}
		1192	$test_dir = str_replace('\\', '/', $test_dir);
		1193	$steps_up = 0;
928	daniel-mar	1194	while (!file_exists($test_dir.'/oidplus.min.css.php')) { // We just assume that only the OIDplus base directory contains "oidplus.min.css.php" and not any subordinate directory!
496	daniel-mar	1195	$test_dir = dirname($test_dir);
		1196	$steps_up++;
		1197	if ($steps_up == 1000) return false; // to make sure there will never be an infinite loop
		1198	}
		1199	return $steps_up;
		1200	}
632	daniel-mar	1201
580	daniel-mar	1202	public static function isSSL() {
		1203	return isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] === 'on');
		1204	}
412	daniel-mar	1205
806	daniel-mar	1206	/**
		1207	* Returns the URL of the system.
		1208	* @param int $mode If true or OIDplus::PATH_RELATIVE, the returning path is relative to the currently executed
		1209	* PHP script (i.e. index.php , not the plugin PHP script!). False or OIDplus::PATH_ABSOLUTE is
		1210	* results in an absolute URL. OIDplus::PATH_ABSOLUTE_CANONICAL is an absolute URL,
		1211	* but a canonical path (set by base config setting CANONICAL_SYSTEM_URL) is preferred.
		1212	* @return string\|false The URL, with guaranteed trailing path delimiter for directories
		1213	*/
801	daniel-mar	1214	private static function getSystemUrl($mode) {
806	daniel-mar	1215	if ($mode === self::PATH_RELATIVE) {
778	daniel-mar	1216	$steps_up = self::getExecutingScriptPathDepth();
		1217	if ($steps_up === false) {
		1218	return false;
		1219	} else {
		1220	return str_repeat('../', $steps_up);
		1221	}
		1222	} else {
806	daniel-mar	1223	if ($mode === self::PATH_ABSOLUTE_CANONICAL) {
		1224	$tmp = OIDplus::baseConfig()->getValue('CANONICAL_SYSTEM_URL', '');
		1225	if ($tmp) {
		1226	return rtrim($tmp,'/').'/';
		1227	}
326	daniel-mar	1228	}
778	daniel-mar	1229
495	daniel-mar	1230	if (PHP_SAPI == 'cli') {
494	daniel-mar	1231	try {
		1232	return OIDplus::config()->getValue('last_known_system_url', false);
1050	daniel-mar	1233	} catch (\Exception $e) {
494	daniel-mar	1234	return false;
		1235	}
778	daniel-mar	1236	} else {
		1237	// First, try to find out how many levels we need to go up
		1238	$steps_up = self::getExecutingScriptPathDepth();
326	daniel-mar	1239
778	daniel-mar	1240	// Then go up these amount of levels, based on SCRIPT_NAME/argv[0]
		1241	$res = dirname($_SERVER['SCRIPT_NAME'].'index.php'); // This fake 'index.php' ensures that SCRIPT_NAME does not end with '/', which would make dirname() fail
		1242	for ($i=0; $i<$steps_up; $i++) {
		1243	$res = dirname($res);
		1244	}
		1245	$res = str_replace('\\', '/', $res);
		1246	if ($res == '/') $res = '';
227	daniel-mar	1247
778	daniel-mar	1248	// Add protocol and hostname
580	daniel-mar	1249	$is_ssl = self::isSSL();
495	daniel-mar	1250	$protocol = $is_ssl ? 'https' : 'http'; // do not translate
		1251	$host = $_SERVER['HTTP_HOST']; // includes port if it is not 80/443
778	daniel-mar	1252
		1253	return $protocol.'://'.$host.$res.'/';
495	daniel-mar	1254	}
227	daniel-mar	1255	}
		1256	}
		1257
827	daniel-mar	1258	private static function getSystemIdFromPubKey($pubKey) {
		1259	$m = array();
		1260	if (preg_match('@BEGIN PUBLIC KEY\-+(.+)\-+END PUBLIC KEY@ismU', $pubKey, $m)) {
		1261	return smallhash(base64_decode($m[1]));
		1262	}
		1263	return false;
		1264	}
		1265
227	daniel-mar	1266	private static $system_id_cache = null;
		1267	public static function getSystemId($oid=false) {
		1268	if (!is_null(self::$system_id_cache)) {
		1269	$out = self::$system_id_cache;
		1270	} else {
		1271	$out = false;
		1272
		1273	if (self::getPkiStatus(true)) {
830	daniel-mar	1274	$pubKey = OIDplus::getSystemPublicKey();
827	daniel-mar	1275	$out = self::getSystemIdFromPubKey($pubKey);
227	daniel-mar	1276	}
		1277	self::$system_id_cache = $out;
		1278	}
350	daniel-mar	1279	if (!$out) return false;
291	daniel-mar	1280	return ($oid ? '1.3.6.1.4.1.37476.30.9.' : '').$out;
227	daniel-mar	1281	}
		1282
825	daniel-mar	1283	public static function getOpenSslCnf() {
		1284	// The following functions need a config file, otherway they don't work
		1285	// - openssl_csr_new
		1286	// - openssl_csr_sign
		1287	// - openssl_pkey_export
		1288	// - openssl_pkey_export_to_file
		1289	// - openssl_pkey_new
		1290	$tmp = @getenv('OPENSSL_CONF');
		1291	if ($tmp && file_exists($tmp)) return $tmp;
		1292
		1293	// OpenSSL in XAMPP does not work OOBE, since the OPENSSL_CONF is
		1294	// C:/xampp/apache/bin/openssl.cnf and not C:/xampp/apache/conf/openssl.cnf
		1295	// Bug reports are more than 10 years old and nobody cares...
		1296	// Use our own config file
		1297	return __DIR__.'/../../vendor/phpseclib/phpseclib/phpseclib/openssl.cnf';
		1298	}
		1299
830	daniel-mar	1300	private static function getPrivKeyPassphraseFilename() {
		1301	return OIDplus::localpath() . 'userdata/privkey_secret.php';
		1302	}
227	daniel-mar	1303
830	daniel-mar	1304	private static function tryCreatePrivKeyPassphrase() {
		1305	$file = self::getPrivKeyPassphraseFilename();
827	daniel-mar	1306
830	daniel-mar	1307	$passphrase = generateRandomString(64);
		1308	$cont = "<?php\n";
		1309	$cont .= "// ATTENTION! This file was automatically generated by OIDplus to encrypt the private key\n";
		1310	$cont .= "// that is located in your database configuration table. DO NOT ALTER OR DELETE THIS FILE,\n";
		1311	$cont .= "// otherwise you will lose your OIDplus System-ID and all services connected with it!\n";
831	daniel-mar	1312	$cont .= "// If multiple systems access the same database, then this file must be synchronous\n";
		1313	$cont .= "// between all systems, otherwise you will lose your system ID, too!\n";
830	daniel-mar	1314	$cont .= "\$passphrase = '$passphrase';\n";
		1315	$cont .= "// End of file\n";
		1316
		1317	@file_put_contents($file, $cont);
		1318	}
		1319
		1320	private static function getPrivKeyPassphrase() {
		1321	$file = self::getPrivKeyPassphraseFilename();
		1322	if (!file_exists($file)) return false;
		1323	$cont = file_get_contents($file);
		1324	$m = array();
		1325	if (!preg_match("@'(.+)'@isU", $cont, $m)) return false;
		1326	return $m[1];
		1327	}
		1328
		1329	public static function getSystemPrivateKey() {
227	daniel-mar	1330	$privKey = OIDplus::config()->getValue('oidplus_private_key');
830	daniel-mar	1331	if ($privKey == '') return false;
		1332
		1333	$passphrase = self::getPrivKeyPassphrase();
		1334	if ($passphrase !== false) {
		1335	$privKey = decrypt_private_key($privKey, $passphrase);
		1336	}
		1337
		1338	if (is_privatekey_encrypted($privKey)) {
		1339	// This can happen if the key file has vanished
		1340	return false;
		1341	}
		1342
		1343	return $privKey;
		1344	}
		1345
		1346	public static function getSystemPublicKey() {
227	daniel-mar	1347	$pubKey = OIDplus::config()->getValue('oidplus_public_key');
830	daniel-mar	1348	if ($pubKey == '') return false;
		1349	return $pubKey;
		1350	}
227	daniel-mar	1351
830	daniel-mar	1352	public static function getPkiStatus($try_generate=false) {
		1353	if (!function_exists('openssl_pkey_new')) return false;
227	daniel-mar	1354
830	daniel-mar	1355	if ($try_generate) {
		1356	// For debug purposes: Invalidate current key once:
		1357	//OIDplus::config()->setValue('oidplus_private_key', '');
256	daniel-mar	1358
830	daniel-mar	1359	$privKey = OIDplus::getSystemPrivateKey();
		1360	$pubKey = OIDplus::getSystemPublicKey();
		1361	if (!verify_private_public_key($privKey, $pubKey)) {
		1362	if ($pubKey) {
		1363	OIDplus::logger()->log("[WARN]A!", "The private/public key-pair is broken. A new key-pair will now be generated for your system. Your System-ID will change.");
		1364	}
227	daniel-mar	1365
830	daniel-mar	1366	$pkey_config = array(
		1367	"digest_alg" => "sha512",
		1368	"private_key_bits" => defined('OPENSSL_SUPPLEMENT') ? 1024 : 2048, // openssl_supplement.inc.php is based on phpseclib, which is very slow. So we use 1024 bits instead of 2048 bits
		1369	"private_key_type" => OPENSSL_KEYTYPE_RSA,
		1370	"config" => OIDplus::getOpenSslCnf()
		1371	);
227	daniel-mar	1372
830	daniel-mar	1373	// Create the private and public key
		1374	$res = openssl_pkey_new($pkey_config);
		1375	if ($res === false) return false;
239	daniel-mar	1376
830	daniel-mar	1377	// Extract the private key from $res to $privKey
		1378	if (openssl_pkey_export($res, $privKey, null, $pkey_config) === false) return false;
227	daniel-mar	1379
830	daniel-mar	1380	// Extract the public key from $res to $pubKey
		1381	$tmp = openssl_pkey_get_details($res);
		1382	if ($tmp === false) return false;
		1383	$pubKey = $tmp["key"];
		1384
		1385	// encrypt new keys using a passphrase stored in a secret file
		1386	self::tryCreatePrivKeyPassphrase(); // try (re)generate this file
		1387	$passphrase = self::getPrivKeyPassphrase();
		1388	if ($passphrase !== false) {
		1389	$privKey = encrypt_private_key($privKey, $passphrase);
		1390	}
		1391
		1392	// Calculate the system ID from the public key
		1393	$system_id = self::getSystemIdFromPubKey($pubKey);
		1394	if ($system_id !== false) {
		1395	// Save the key pair to database
		1396	OIDplus::config()->setValue('oidplus_private_key', $privKey);
		1397	OIDplus::config()->setValue('oidplus_public_key', $pubKey);
		1398
		1399	// Log the new system ID
		1400	OIDplus::logger()->log("[INFO]A!", "A new private/public key-pair for your system had been generated. Your SystemID is now $system_id");
		1401	}
		1402	} else {
		1403	$passphrase = self::getPrivKeyPassphrase();
831	daniel-mar	1404	$rawPrivKey = OIDplus::config()->getValue('oidplus_private_key');
		1405	if (($passphrase === false) \|\| !is_privatekey_encrypted($rawPrivKey)) {
830	daniel-mar	1406	// Upgrade to new encrypted keys
		1407	self::tryCreatePrivKeyPassphrase(); // try generate this file
		1408	$passphrase = self::getPrivKeyPassphrase();
		1409	if ($passphrase !== false) {
		1410	$privKey = encrypt_private_key($privKey, $passphrase);
		1411	OIDplus::logger()->log("[INFO]A!", "The private/public key-pair has been upgraded to an encrypted key-pair. The key is saved in ".self::getPrivKeyPassphraseFilename());
		1412	OIDplus::config()->setValue('oidplus_private_key', $privKey);
		1413	}
		1414	}
227	daniel-mar	1415	}
		1416	}
		1417
830	daniel-mar	1418	$privKey = OIDplus::getSystemPrivateKey();
		1419	$pubKey = OIDplus::getSystemPublicKey();
227	daniel-mar	1420	return verify_private_public_key($privKey, $pubKey);
		1421	}
		1422
170	daniel-mar	1423	public static function getInstallType() {
486	daniel-mar	1424	$counter = 0;
		1425
661	daniel-mar	1426	if ($new_version_file_exists = file_exists(OIDplus::localpath().'.version.php')) {
486	daniel-mar	1427	$counter++;
591	daniel-mar	1428	}
661	daniel-mar	1429	if ($old_version_file_exists = file_exists(OIDplus::localpath().'oidplus_version.txt')) {
		1430	$counter++;
		1431	}
		1432	$version_file_exists = $old_version_file_exists \| $new_version_file_exists;
681	daniel-mar	1433	if ($svn_dir_exists = (is_dir(OIDplus::localpath().'.svn') \|\|
		1434	is_dir(OIDplus::localpath().'../.svn'))) { // in case we checked out the root instead of the "trunk"
486	daniel-mar	1435	$counter++;
591	daniel-mar	1436	}
681	daniel-mar	1437	// if ($git_dir_exists = is_dir(OIDplus::localpath().'.git')) {
698	daniel-mar	1438	if ($git_dir_exists = (OIDplus::findGitFolder() !== false)) {
486	daniel-mar	1439	$counter++;
591	daniel-mar	1440	}
486	daniel-mar	1441
		1442	if ($counter === 0) {
360	daniel-mar	1443	return 'unknown'; // do not translate
170	daniel-mar	1444	}
591	daniel-mar	1445	else if ($counter > 1) {
360	daniel-mar	1446	return 'ambigous'; // do not translate
170	daniel-mar	1447	}
591	daniel-mar	1448	else if ($svn_dir_exists) {
360	daniel-mar	1449	return 'svn-wc'; // do not translate
170	daniel-mar	1450	}
591	daniel-mar	1451	else if ($git_dir_exists) {
486	daniel-mar	1452	return 'git-wc'; // do not translate
		1453	}
591	daniel-mar	1454	else if ($version_file_exists) {
360	daniel-mar	1455	return 'svn-snapshot'; // do not translate
170	daniel-mar	1456	}
		1457	}
		1458
412	daniel-mar	1459	private static function recognizeVersion() {
		1460	try {
		1461	$ver_prev = OIDplus::config()->getValue("last_known_version");
		1462	$ver_now = OIDplus::getVersion();
		1463	if (($ver_now != '') && ($ver_prev != '') && ($ver_now != $ver_prev)) {
455	daniel-mar	1464	// TODO: Problem: When the system was updated using SVN, then the IP address of the next random visitor of the website is logged!
412	daniel-mar	1465	OIDplus::logger()->log("[INFO]A!", "System version changed from '$ver_prev' to '$ver_now'");
856	daniel-mar	1466
		1467	// Just to be sure, recanonize objects (we don't do it at every page visit due to performance reasons)
857	daniel-mar	1468	self::recanonizeObjects();
412	daniel-mar	1469	}
		1470	OIDplus::config()->setValue("last_known_version", $ver_now);
1050	daniel-mar	1471	} catch (\Exception $e) {
412	daniel-mar	1472	}
		1473	}
		1474
111	daniel-mar	1475	public static function getVersion() {
412	daniel-mar	1476	static $cachedVersion = null;
		1477	if (!is_null($cachedVersion)) {
		1478	return $cachedVersion;
		1479	}
		1480
486	daniel-mar	1481	$installType = OIDplus::getInstallType();
		1482
		1483	if ($installType === 'svn-wc') {
496	daniel-mar	1484	$ver = get_svn_revision(OIDplus::localpath());
486	daniel-mar	1485	if ($ver)
		1486	return ($cachedVersion = 'svn-'.$ver);
558	daniel-mar	1487	$ver = get_svn_revision(OIDplus::localpath().'../'); // in case we checked out the root instead of the "trunk"
		1488	if ($ver)
		1489	return ($cachedVersion = 'svn-'.$ver);
111	daniel-mar	1490	}
162	daniel-mar	1491
486	daniel-mar	1492	if ($installType === 'git-wc') {
698	daniel-mar	1493	$ver = OIDplus::getGitsvnRevision(OIDplus::localpath());
486	daniel-mar	1494	if ($ver)
		1495	return ($cachedVersion = 'svn-'.$ver);
162	daniel-mar	1496	}
		1497
486	daniel-mar	1498	if ($installType === 'svn-snapshot') {
661	daniel-mar	1499	$cont = '';
		1500	if (file_exists($filename = OIDplus::localpath().'oidplus_version.txt'))
		1501	$cont = file_get_contents($filename);
		1502	if (file_exists($filename = OIDplus::localpath().'.version.php'))
		1503	$cont = file_get_contents($filename);
386	daniel-mar	1504	$m = array();
360	daniel-mar	1505	if (preg_match('@Revision (\d+)@', $cont, $m)) // do not translate
412	daniel-mar	1506	return ($cachedVersion = 'svn-'.$m[1]); // do not translate
162	daniel-mar	1507	}
		1508
486	daniel-mar	1509	return ($cachedVersion = false); // version ambigous or unknown
111	daniel-mar	1510	}
		1511
974	daniel-mar	1512	const ENFORCE_SSL_NO = 0;
		1513	const ENFORCE_SSL_YES = 1;
		1514	const ENFORCE_SSL_AUTO = 2;
230	daniel-mar	1515	private static $sslAvailableCache = null;
		1516	public static function isSslAvailable() {
		1517	if (!is_null(self::$sslAvailableCache)) return self::$sslAvailableCache;
256	daniel-mar	1518
495	daniel-mar	1519	if (PHP_SAPI == 'cli') {
230	daniel-mar	1520	self::$sslAvailableCache = false;
		1521	return false;
		1522	}
		1523
49	daniel-mar	1524	$timeout = 2;
580	daniel-mar	1525	$already_ssl = self::isSSL();
80	daniel-mar	1526	$ssl_port = 443;
1059	daniel-mar	1527	$host_with_port = $_SERVER['HTTP_HOST'];
		1528	$host_no_port = explode(':',$host_with_port)[0];
		1529	$host_ssl = $host_no_port . ($ssl_port != 443 ? ':'.$ssl_port : '');
42	daniel-mar	1530
974	daniel-mar	1531	if ($already_ssl) {
1059	daniel-mar	1532	OIDplus::cookieUtils()->setcookie('SSL_CHECK', '1', 0, true/allowJS/, null/samesite/, true/forceInsecure/);
974	daniel-mar	1533	self::$sslAvailableCache = true;
		1534	return true;
		1535	} else {
		1536	if (isset($_COOKIE['SSL_CHECK']) && ($_COOKIE['SSL_CHECK'] == '1')) {
		1537	// The cookie "SSL_CHECK" is set once a website was loaded with HTTPS.
		1538	// It forces subsequent HTTP calls to redirect to HTTPS (like HSTS).
		1539	// The reason is the following problem:
		1540	// If you open the page with HTTPS first, then the CSRF token cookies will get the "secure" flag
		1541	// If you open the page then with HTTP, the HTTP cannot access the secure CSRF cookies,
		1542	// Chrome will then block "Set-Cookie" since the HTTP cookie would overwrite the HTTPS cookie.
1059	daniel-mar	1543	// So we MUST redirect, even if the Mode is ENFORCE_SSL_NO.
974	daniel-mar	1544	// Note: SSL_CHECK is NOT a replacement for HSTS! You should use HSTS,
1059	daniel-mar	1545	// because on there your browser ensures that HTTPS is called, before the server
		1546	// is even contacted (and therefore, no HTTP connection can be hacked).
974	daniel-mar	1547	$mode = OIDplus::ENFORCE_SSL_YES;
		1548	} else {
		1549	$mode = OIDplus::baseConfig()->getValue('ENFORCE_SSL', OIDplus::ENFORCE_SSL_AUTO);
		1550	}
261	daniel-mar	1551
974	daniel-mar	1552	if ($mode == OIDplus::ENFORCE_SSL_NO) {
		1553	// No SSL available
		1554	self::$sslAvailableCache = false;
		1555	return false;
		1556	} else if ($mode == OIDplus::ENFORCE_SSL_YES) {
		1557	// Force SSL
1059	daniel-mar	1558	$location = 'https://' . $host_ssl . $_SERVER['REQUEST_URI'];
80	daniel-mar	1559	header('Location:'.$location);
360	daniel-mar	1560	die(_L('Redirecting to HTTPS...'));
974	daniel-mar	1561	} else if ($mode == OIDplus::ENFORCE_SSL_AUTO) {
		1562	// Automatic SSL detection
80	daniel-mar	1563	if (isset($_COOKIE['SSL_CHECK'])) {
		1564	// We already had the HTTPS detection done before.
974	daniel-mar	1565	if ($_COOKIE['SSL_CHECK'] == '1') {
80	daniel-mar	1566	// HTTPS was detected before, but we are HTTP. Redirect now
1059	daniel-mar	1567	$location = 'https://' . $host_ssl . $_SERVER['REQUEST_URI'];
80	daniel-mar	1568	header('Location:'.$location);
360	daniel-mar	1569	die(_L('Redirecting to HTTPS...'));
80	daniel-mar	1570	} else {
		1571	// No HTTPS available. Do nothing.
230	daniel-mar	1572	self::$sslAvailableCache = false;
80	daniel-mar	1573	return false;
		1574	}
49	daniel-mar	1575	} else {
80	daniel-mar	1576	// This is our first check (or the browser didn't accept the SSL_CHECK cookie)
386	daniel-mar	1577	$errno = -1;
		1578	$errstr = '';
1059	daniel-mar	1579	if (@fsockopen($host_no_port, $ssl_port, $errno, $errstr, $timeout)) {
80	daniel-mar	1580	// HTTPS detected. Redirect now, and remember that we had detected HTTPS
1059	daniel-mar	1581	OIDplus::cookieUtils()->setcookie('SSL_CHECK', '1', 0, true/allowJS/, null/samesite/, true/forceInsecure/);
		1582	$location = 'https://' . $host_ssl . $_SERVER['REQUEST_URI'];
80	daniel-mar	1583	header('Location:'.$location);
360	daniel-mar	1584	die(_L('Redirecting to HTTPS...'));
80	daniel-mar	1585	} else {
		1586	// No HTTPS detected. Do nothing, and next time, don't try to detect HTTPS again.
1059	daniel-mar	1587	OIDplus::cookieUtils()->setcookie('SSL_CHECK', '0', 0, true/allowJS/, null/samesite/, true/forceInsecure/);
230	daniel-mar	1588	self::$sslAvailableCache = false;
80	daniel-mar	1589	return false;
		1590	}
49	daniel-mar	1591	}
42	daniel-mar	1592	}
		1593	}
		1594	}
497	daniel-mar	1595
496	daniel-mar	1596	/**
		1597	* Gets a local path pointing to a resource
		1598	* @param string $target Target resource (file or directory must exist), or null to get the OIDplus base directory
		1599	* @param boolean $relative If true, the returning path is relative to the currently executed PHP file (not the CLI working directory)
590	daniel-mar	1600	* @return string\|false The local path, with guaranteed trailing path delimiter for directories
496	daniel-mar	1601	*/
		1602	public static function localpath($target=null, $relative=false) {
		1603	if (is_null($target)) {
		1604	$target = __DIR__.'/../../';
		1605	}
241	daniel-mar	1606
496	daniel-mar	1607	if ($relative) {
		1608	// First, try to find out how many levels we need to go up
		1609	$steps_up = self::getExecutingScriptPathDepth();
		1610	if ($steps_up === false) return false;
497	daniel-mar	1611
496	daniel-mar	1612	// Virtually go back from the executing PHP script to the OIDplus base path
		1613	$res = str_repeat('../',$steps_up);
497	daniel-mar	1614
496	daniel-mar	1615	// Then go to the desired location
		1616	$basedir = realpath(__DIR__.'/../../');
		1617	$target = realpath($target);
500	daniel-mar	1618	if ($target === false) return false;
496	daniel-mar	1619	$res .= substr($target, strlen($basedir)+1);
		1620	$res = rtrim($res,'/'); // avoid '..//' for localpath(null,true)
		1621	} else {
		1622	$res = realpath($target);
241	daniel-mar	1623	}
497	daniel-mar	1624
801	daniel-mar	1625	if (is_dir($target)) $res .= '/';
497	daniel-mar	1626
801	daniel-mar	1627	$res = str_replace('/', DIRECTORY_SEPARATOR, $res);
		1628
496	daniel-mar	1629	return $res;
241	daniel-mar	1630	}
355	daniel-mar	1631
496	daniel-mar	1632	/**
		1633	* Gets a URL pointing to a resource
		1634	* @param string $target Target resource (file or directory must exist), or null to get the OIDplus base directory
806	daniel-mar	1635	* @param int\|boolean $mode If true or OIDplus::PATH_RELATIVE, the returning path is relative to the currently executed
		1636	* PHP script (i.e. index.php , not the plugin PHP script!). False or OIDplus::PATH_ABSOLUTE is
		1637	* results in an absolute URL. OIDplus::PATH_ABSOLUTE_CANONICAL is an absolute URL,
		1638	* but a canonical path (set by base config setting CANONICAL_SYSTEM_URL) is preferred.
590	daniel-mar	1639	* @return string\|false The URL, with guaranteed trailing path delimiter for directories
496	daniel-mar	1640	*/
806	daniel-mar	1641	public static function webpath($target=null, $mode=self::PATH_ABSOLUTE_CANONICAL) {
801	daniel-mar	1642	// backwards compatibility
		1643	if ($mode === true) $mode = self::PATH_RELATIVE;
		1644	if ($mode === false) $mode = self::PATH_ABSOLUTE;
		1645
811	daniel-mar	1646	if ($mode == OIDplus::PATH_RELATIVE_TO_ROOT) {
812	daniel-mar	1647	$tmp = OIDplus::webpath($target,OIDplus::PATH_ABSOLUTE);
		1648	if ($tmp === false) return false;
		1649	$tmp = parse_url($tmp);
		1650	if ($tmp === false) return false;
		1651	if (!isset($tmp['path'])) return false;
		1652	return $tmp['path'];
811	daniel-mar	1653	}
		1654
812	daniel-mar	1655	if ($mode == OIDplus::PATH_RELATIVE_TO_ROOT_CANONICAL) {
		1656	$tmp = OIDplus::webpath($target,OIDplus::PATH_ABSOLUTE_CANONICAL);
		1657	if ($tmp === false) return false;
		1658	$tmp = parse_url($tmp);
		1659	if ($tmp === false) return false;
		1660	if (!isset($tmp['path'])) return false;
		1661	return $tmp['path'];
		1662	}
		1663
801	daniel-mar	1664	$res = self::getSystemUrl($mode); // Note: already contains a trailing path delimiter
778	daniel-mar	1665	if ($res === false) return false;
497	daniel-mar	1666
496	daniel-mar	1667	if (!is_null($target)) {
		1668	$basedir = realpath(__DIR__.'/../../');
		1669	$target = realpath($target);
500	daniel-mar	1670	if ($target === false) return false;
496	daniel-mar	1671	$tmp = substr($target, strlen($basedir)+1);
500	daniel-mar	1672	$res .= str_replace(DIRECTORY_SEPARATOR,'/',$tmp); // remove OS specific path delimiters introduced by realpath()
497	daniel-mar	1673	if (is_dir($target)) $res .= '/';
496	daniel-mar	1674	}
497	daniel-mar	1675
496	daniel-mar	1676	return $res;
		1677	}
497	daniel-mar	1678
778	daniel-mar	1679	public static function canonicalURL() {
		1680	// First part: OIDplus system URL (or canonical system URL)
801	daniel-mar	1681	$sysurl = OIDplus::getSystemUrl(self::PATH_ABSOLUTE_CANONICAL);
778	daniel-mar	1682
		1683	// Second part: Directory
		1684	$basedir = realpath(__DIR__.'/../../');
		1685	$target = realpath('.');
		1686	if ($target === false) return false;
		1687	$tmp = substr($target, strlen($basedir)+1);
		1688	$res = str_replace(DIRECTORY_SEPARATOR,'/',$tmp); // remove OS specific path delimiters introduced by realpath()
780	daniel-mar	1689	if (is_dir($target) && ($res != '')) $res .= '/';
778	daniel-mar	1690
		1691	// Third part: File name
		1692	$tmp = explode('/',$_SERVER['SCRIPT_NAME']);
		1693	$tmp = end($tmp);
		1694
		1695	// Fourth part: Query string (ordered)
		1696	$tmp2 = getSortedQuery();
		1697	if ($tmp2 != '') $tmp2 = '?'.$tmp2;
		1698
		1699	return $sysurl.$res.$tmp.$tmp2;
		1700	}
		1701
639	daniel-mar	1702	private static $shutdown_functions = array();
		1703	public static function register_shutdown_function($func) {
		1704	self::$shutdown_functions[] = $func;
		1705	}
		1706
		1707	public static function invoke_shutdown() {
		1708	foreach (self::$shutdown_functions as $func) {
		1709	$func();
		1710	}
		1711	}
		1712
360	daniel-mar	1713	public static function getAvailableLangs() {
		1714	$langs = array();
		1715	foreach (OIDplus::getAllPluginManifests('language') as $pluginManifest) {
389	daniel-mar	1716	$code = $pluginManifest->getLanguageCode();
360	daniel-mar	1717	$langs[] = $code;
		1718	}
		1719	return $langs;
		1720	}
		1721
1041	daniel-mar	1722	public static function getDefaultLang() {
		1723	static $thrownOnce = false; // avoid endless loop inside OIDplusConfigInitializationException
		1724
1049	daniel-mar	1725	$lang = self::baseConfig()->getValue('DEFAULT_LANGUAGE', 'enus');
1041	daniel-mar	1726
		1727	if (!in_array($lang,self::getAvailableLangs())) {
		1728	if (!$thrownOnce) {
		1729	$thrownOnce = true;
1048	daniel-mar	1730	throw new OIDplusConfigInitializationException(_L('DEFAULT_LANGUAGE points to an invalid language plugin. (Consider setting to "enus" = "English USA".)'));
1041	daniel-mar	1731	} else {
		1732	return 'enus';
		1733	}
		1734	}
		1735
		1736	return $lang;
		1737	}
		1738
355	daniel-mar	1739	public static function getCurrentLang() {
360	daniel-mar	1740	if (isset($_GET['lang'])) {
		1741	$lang = $_GET['lang'];
		1742	} else if (isset($_POST['lang'])) {
		1743	$lang = $_POST['lang'];
		1744	} else if (isset($_COOKIE['LANGUAGE'])) {
		1745	$lang = $_COOKIE['LANGUAGE'];
		1746	} else {
1041	daniel-mar	1747	$lang = self::getDefaultLang();
360	daniel-mar	1748	}
		1749	$lang = substr(preg_replace('@[^a-z]@ismU', '', $lang),0,4); // sanitize
355	daniel-mar	1750	return $lang;
		1751	}
		1752
362	daniel-mar	1753	public static function handleLangArgument() {
		1754	if (isset($_GET['lang'])) {
		1755	// The "?lang=" argument is only for NoScript-Browsers/SearchEngines
		1756	// In case someone who has JavaScript clicks a ?lang= link, they should get
		1757	// the page in that language, but the cookie must be set, otherwise
		1758	// the menu and other stuff would be in their cookie-based-language and not the
		1759	// argument-based-language.
557	daniel-mar	1760	OIDplus::cookieUtils()->setcookie('LANGUAGE', $_GET['lang'], 0, true/HttpOnly off, because JavaScript also needs translation/);
362	daniel-mar	1761	} else if (isset($_POST['lang'])) {
557	daniel-mar	1762	OIDplus::cookieUtils()->setcookie('LANGUAGE', $_POST['lang'], 0, true/HttpOnly off, because JavaScript also needs translation/);
362	daniel-mar	1763	}
		1764	}
		1765
468	daniel-mar	1766	private static $translationArray = array();
469	daniel-mar	1767	protected static function getTranslationFileContents($translation_file) {
		1768	// First, try the cache
481	daniel-mar	1769	$cache_file = __DIR__ . '/../../userdata/cache/translation_'.md5($translation_file).'.ser';
469	daniel-mar	1770	if (file_exists($cache_file) && (filemtime($cache_file) == filemtime($translation_file))) {
		1771	$cac = @unserialize(file_get_contents($cache_file));
		1772	if ($cac) return $cac;
		1773	}
481	daniel-mar	1774
469	daniel-mar	1775	// If not successful, then load the XML file
		1776	$xml = @simplexml_load_string(file_get_contents($translation_file));
		1777	if (!$xml) return array(); // if there is an UTF-8 or parsing error, don't output any errors, otherwise the JavaScript is corrupt and the page won't render correctly
		1778	$cac = array();
		1779	foreach ($xml->message as $msg) {
		1780	$src = trim($msg->source->__toString());
		1781	$dst = trim($msg->target->__toString());
		1782	$cac[$src] = $dst;
		1783	}
		1784	@file_put_contents($cache_file,serialize($cac));
		1785	@touch($cache_file,filemtime($translation_file));
		1786	return $cac;
		1787	}
468	daniel-mar	1788	public static function getTranslationArray($requested_lang='*') {
362	daniel-mar	1789	foreach (OIDplus::getAllPluginManifests('language') as $pluginManifest) {
389	daniel-mar	1790	$lang = $pluginManifest->getLanguageCode();
362	daniel-mar	1791	if (strpos($lang,'/') !== false) continue; // just to be sure
		1792	if (strpos($lang,'\\') !== false) continue; // just to be sure
		1793	if (strpos($lang,'..') !== false) continue; // just to be sure
401	daniel-mar	1794
468	daniel-mar	1795	if (($requested_lang != '*') && ($lang != $requested_lang)) continue;
401	daniel-mar	1796
468	daniel-mar	1797	if (!isset(self::$translationArray[$lang])) {
		1798	self::$translationArray[$lang] = array();
		1799
		1800	$wildcard = $pluginManifest->getLanguageMessages();
		1801	if (strpos($wildcard,'/') !== false) continue; // just to be sure
		1802	if (strpos($wildcard,'\\') !== false) continue; // just to be sure
		1803	if (strpos($wildcard,'..') !== false) continue; // just to be sure
		1804
635	daniel-mar	1805	$translation_files = glob(__DIR__.'/../../plugins/'.'*'.'/language/'.$lang.'/'.$wildcard);
468	daniel-mar	1806	sort($translation_files);
		1807	foreach ($translation_files as $translation_file) {
		1808	if (!file_exists($translation_file)) continue;
469	daniel-mar	1809	$cac = self::getTranslationFileContents($translation_file);
		1810	foreach ($cac as $src => $dst) {
		1811	self::$translationArray[$lang][$src] = $dst;
468	daniel-mar	1812	}
401	daniel-mar	1813	}
362	daniel-mar	1814	}
		1815	}
468	daniel-mar	1816	return self::$translationArray;
362	daniel-mar	1817	}
		1818
699	daniel-mar	1819	public static function getEditionInfo() {
		1820	return @parse_ini_file(__DIR__.'/../edition.ini', true)['Edition'];
		1821	}
		1822
698	daniel-mar	1823	public static function findGitFolder() {
		1824	// Git command line saves git information in folder ".git"
		1825	// Plesk git saves git information in folder "../../../git/oidplus/" (or similar)
727	daniel-mar	1826	$dir = OIDplus::localpath();
698	daniel-mar	1827	if (is_dir($dir.'/.git')) return $dir.'/.git';
		1828	$i = 0;
		1829	do {
		1830	if (is_dir($dir.'/git')) {
719	daniel-mar	1831	$confs = @glob($dir.'/git/'.'*'.'/config');
		1832	if ($confs) foreach ($confs as $conf) {
698	daniel-mar	1833	$cont = file_get_contents($conf);
699	daniel-mar	1834	if (isset(OIDplus::getEditionInfo()['gitrepo']) && (OIDplus::getEditionInfo()['gitrepo'] != '') && (strpos($cont, OIDplus::getEditionInfo()['gitrepo']) !== false)) {
698	daniel-mar	1835	return dirname($conf);
		1836	}
		1837	}
		1838	}
		1839	$i++;
719	daniel-mar	1840	} while (($i<100) && ($dir != ($new_dir = @realpath($dir.'/../'))) && ($dir = $new_dir));
698	daniel-mar	1841	return false;
		1842	}
		1843
		1844	public static function getGitsvnRevision($dir='') {
		1845	try {
		1846	// tries command line and binary parsing
699	daniel-mar	1847	// requires vendor/danielmarschall/git_utils.inc.php
698	daniel-mar	1848	$git_dir = OIDplus::findGitFolder();
		1849	if ($git_dir === false) return false;
		1850	$commit_msg = git_get_latest_commit_message($git_dir);
1050	daniel-mar	1851	} catch (\Exception $e) {
698	daniel-mar	1852	return false;
		1853	}
		1854
		1855	$m = array();
		1856	if (preg_match('%git-svn-id: (.+)@(\\d+) %ismU', $commit_msg, $m)) {
		1857	return $m[2];
		1858	} else {
		1859	return false;
		1860	}
		1861	}
		1862
775	daniel-mar	1863	public static function prefilterQuery($static_node_id, $throw_exception) {
		1864	// Let namespace be case-insensitive
		1865	$ary = explode(':', $static_node_id, 2);
		1866	$ary[0] = strtolower($ary[0]);
		1867	$static_node_id = implode(':', $ary);
		1868
889	daniel-mar	1869	// Ask plugins if they want to change the node id
		1870	foreach (OIDplus::getObjectTypePluginsEnabled() as $plugin) {
		1871	$static_node_id = $plugin->prefilterQuery($static_node_id, $throw_exception);
775	daniel-mar	1872	}
		1873
		1874	return $static_node_id;
		1875	}
849	daniel-mar	1876
		1877	public static function isCronjob() {
		1878	return explode('.',basename($_SERVER['SCRIPT_NAME']))[0] === 'cron';
		1879	}
856	daniel-mar	1880
857	daniel-mar	1881	private static function recanonizeObjects() {
1050	daniel-mar	1882	//
		1883	// Since OIDplus svn-184, entries in the database need to have a canonical ID
		1884	// If the ID is not canonical (e.g. GUIDs missing hyphens), the object cannot be opened in OIDplus
		1885	// This script re-canonizes the object IDs if required.
		1886	// In SVN Rev 856, the canonization for GUID, IPv4 and IPv6 have changed, requiring another
		1887	// re-canonization
		1888	//
856	daniel-mar	1889	$res = OIDplus::db()->query("select id from ###objects");
		1890	while ($row = $res->fetch_array()) {
		1891	$ida = $row['id'];
857	daniel-mar	1892	$obj = OIDplusObject::parse($ida);
		1893	if (!$obj) continue;
		1894	$idb = $obj->nodeId();
856	daniel-mar	1895	if (($idb) && ($ida != $idb)) {
		1896	OIDplus::db()->transaction_begin();
		1897	OIDplus::db()->query("update ###objects set id = ? where id = ?", array($idb, $ida));
		1898	OIDplus::db()->query("update ###asn1id set oid = ? where oid = ?", array($idb, $ida));
		1899	OIDplus::db()->query("update ###iri set oid = ? where oid = ?", array($idb, $ida));
		1900	OIDplus::db()->query("update ###log_object set id = ? where id = ?", array($idb, $ida));
		1901	OIDplus::logger()->log("[INFO]A!", "Object name '$ida' has been changed to '$idb' during re-canonization");
		1902	OIDplus::db()->transaction_commit();
978	daniel-mar	1903	OIDplusObject::resetObjectInformationCache();
856	daniel-mar	1904	}
		1905	}
		1906	}
		1907
374	daniel-mar	1908	}

Subversion Repositories oidplus

oidplus/trunk/includes/classes/OIDplus.class.php @ 1127 – Rev 1068