WebSVN – oidplus – Blame – /trunk/includes/classes/OIDplus.class.php

Rev	Author	Line No.	Line
2	daniel-mar	1	<?php
		2
		3	/*
		4	* OIDplus 2.0
778	daniel-mar	5	* Copyright 2019 - 2022 Daniel Marschall, ViaThinkSoft
2	daniel-mar	6	*
		7	* Licensed under the Apache License, Version 2.0 (the "License");
		8	* you may not use this file except in compliance with the License.
		9	* You may obtain a copy of the License at
		10	*
		11	* http://www.apache.org/licenses/LICENSE-2.0
		12	*
		13	* Unless required by applicable law or agreed to in writing, software
		14	* distributed under the License is distributed on an "AS IS" BASIS,
		15	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
		16	* See the License for the specific language governing permissions and
		17	* limitations under the License.
		18	*/
		19
511	daniel-mar	20	if (!defined('INSIDE_OIDPLUS')) die();
		21
730	daniel-mar	22	class OIDplus extends OIDplusBaseClass {
281	daniel-mar	23	private static /OIDplusPagePlugin[]/ $pagePlugins = array();
		24	private static /OIDplusAuthPlugin[]/ $authPlugins = array();
289	daniel-mar	25	private static /OIDplusLoggerPlugin[]/ $loggerPlugins = array();
227	daniel-mar	26	private static /OIDplusObjectTypePlugin[]/ $objectTypePlugins = array();
		27	private static /string[]/ $enabledObjectTypes = array();
		28	private static /string[]/ $disabledObjectTypes = array();
		29	private static /OIDplusDatabasePlugin[]/ $dbPlugins = array();
702	daniel-mar	30	private static /OIDplusCaptchaPlugin[]/ $captchaPlugins = array();
274	daniel-mar	31	private static /OIDplusSqlSlangPlugin[]/ $sqlSlangPlugins = array();
355	daniel-mar	32	private static /OIDplusLanguagePlugin[]/ $languagePlugins = array();
449	daniel-mar	33	private static /OIDplusDesignPlugin[]/ $designPlugins = array();
2	daniel-mar	34
280	daniel-mar	35	protected static $html = true;
236	daniel-mar	36
362	daniel-mar	37	/public/ const DEFAULT_LANGUAGE = 'enus'; // the language of the source code
355	daniel-mar	38
812	daniel-mar	39	/public/ const PATH_RELATIVE = 1; // e.g. "../"
		40	/public/ const PATH_ABSOLUTE = 2; // e.g. "http://www.example.com/oidplus/"
		41	/public/ const PATH_ABSOLUTE_CANONICAL = 3; // e.g. "http://www.example.org/oidplus/" (if baseconfig CANONICAL_SYSTEM_URL is set)
		42	/public/ const PATH_RELATIVE_TO_ROOT = 4; // e.g. "/oidplus/"
		43	/public/ const PATH_RELATIVE_TO_ROOT_CANONICAL = 5; // e.g. "/oidplus/" (if baseconfig CANONICAL_SYSTEM_URL is set)
801	daniel-mar	44
778	daniel-mar	45	// These plugin types can contain HTML code and therefore may
		46	// emit (non-setup) CSS/JS code via their manifest.
		47	/public/ const INTERACTIVE_PLUGIN_TYPES = array(
		48	'publicPages',
		49	'raPages',
		50	'adminPages',
		51	'objectTypes',
		52	'captcha'
		53	);
		54
2	daniel-mar	55	private function __construct() {
		56	}
295	daniel-mar	57
263	daniel-mar	58	# --- Static classes
274	daniel-mar	59
263	daniel-mar	60	private static $baseConfig = null;
		61	private static $old_config_format = false;
261	daniel-mar	62	public static function baseConfig() {
263	daniel-mar	63	$first_init = false;
274	daniel-mar	64
263	daniel-mar	65	if ($first_init = is_null(self::$baseConfig)) {
		66	self::$baseConfig = new OIDplusBaseConfig();
261	daniel-mar	67	}
		68
263	daniel-mar	69	if ($first_init) {
261	daniel-mar	70	// Include a file containing various size/depth limitations of OIDs
294	daniel-mar	71	// It is important to include it before userdata/baseconfig/config.inc.php was included,
		72	// so we can give userdata/baseconfig/config.inc.php the chance to override the values.
261	daniel-mar	73
496	daniel-mar	74	include OIDplus::localpath().'includes/oidplus_limits.inc.php';
261	daniel-mar	75
		76	// Include config file
295	daniel-mar	77
496	daniel-mar	78	$config_file = OIDplus::localpath() . 'userdata/baseconfig/config.inc.php';
		79	$config_file_old = OIDplus::localpath() . 'includes/config.inc.php'; // backwards compatibility
295	daniel-mar	80
294	daniel-mar	81	if (!file_exists($config_file) && file_exists($config_file_old)) {
		82	$config_file = $config_file_old;
		83	}
261	daniel-mar	84
294	daniel-mar	85	if (file_exists($config_file)) {
263	daniel-mar	86	if (self::$old_config_format) {
		87	// Note: We may only include it once due to backwards compatibility,
		88	// since in version 2.0, the configuration was defined using define() statements
		89	// Attention: This does mean that a full re-init (e.g. for test cases) is not possible
		90	// if a version 2.0 config is used!
294	daniel-mar	91	include_once $config_file;
263	daniel-mar	92	} else {
294	daniel-mar	93	include $config_file;
263	daniel-mar	94	}
261	daniel-mar	95
		96	if (defined('OIDPLUS_CONFIG_VERSION') && (OIDPLUS_CONFIG_VERSION == 2.0)) {
263	daniel-mar	97	self::$old_config_format = true;
274	daniel-mar	98
261	daniel-mar	99	// Backwards compatibility 2.0 => 2.1
		100	foreach (get_defined_constants(true)['user'] as $name => $value) {
		101	$name = str_replace('OIDPLUS_', '', $name);
		102	if ($name == 'SESSION_SECRET') $name = 'SERVER_SECRET';
		103	if ($name == 'MYSQL_QUERYLOG') $name = 'QUERY_LOGFILE';
		104	if (($name == 'MYSQL_PASSWORD') \|\| ($name == 'ODBC_PASSWORD') \|\| ($name == 'PDO_PASSWORD') \|\| ($name == 'PGSQL_PASSWORD')) {
263	daniel-mar	105	self::$baseConfig->setValue($name, base64_decode($value));
261	daniel-mar	106	} else {
		107	if ($name == 'CONFIG_VERSION') $value = 2.1;
263	daniel-mar	108	self::$baseConfig->setValue($name, $value);
261	daniel-mar	109	}
		110	}
		111	}
		112	} else {
496	daniel-mar	113	if (!is_dir(OIDplus::localpath().'setup')) {
360	daniel-mar	114	throw new OIDplusConfigInitializationException(_L('File %1 is missing, but setup can\'t be started because its directory missing.','userdata/baseconfig/config.inc.php'));
261	daniel-mar	115	} else {
280	daniel-mar	116	if (self::$html) {
811	daniel-mar	117	if (strpos($_SERVER['REQUEST_URI'], OIDplus::webpath(null,OIDplus::PATH_RELATIVE_TO_ROOT).'setup/') !== 0) {
801	daniel-mar	118	header('Location:'.OIDplus::webpath(null,OIDplus::PATH_RELATIVE).'setup/');
360	daniel-mar	119	die(_L('Redirecting to setup...'));
349	daniel-mar	120	} else {
		121	return self::$baseConfig;
		122	}
261	daniel-mar	123	} else {
		124	// This can be displayed in e.g. ajax.php
360	daniel-mar	125	throw new OIDplusConfigInitializationException(_L('File %1 is missing. Please run setup again.','userdata/baseconfig/config.inc.php'));
261	daniel-mar	126	}
		127	}
		128	}
		129
		130	// Check important config settings
		131
263	daniel-mar	132	if (self::$baseConfig->getValue('CONFIG_VERSION') != 2.1) {
801	daniel-mar	133	if (strpos($_SERVER['REQUEST_URI'], OIDplus::webpath(null,OIDplus::PATH_RELATIVE).'setup/') !== 0) {
503	daniel-mar	134	throw new OIDplusConfigInitializationException(_L("The information located in %1 is outdated.",realpath($config_file)));
		135	}
261	daniel-mar	136	}
		137
263	daniel-mar	138	if (self::$baseConfig->getValue('SERVER_SECRET', '') === '') {
801	daniel-mar	139	if (strpos($_SERVER['REQUEST_URI'], OIDplus::webpath(null,OIDplus::PATH_RELATIVE).'setup/') !== 0) {
503	daniel-mar	140	throw new OIDplusConfigInitializationException(_L("You must set a value for SERVER_SECRET in %1 for the system to operate secure.",realpath($config_file)));
		141	}
261	daniel-mar	142	}
		143	}
		144
263	daniel-mar	145	return self::$baseConfig;
261	daniel-mar	146	}
		147
263	daniel-mar	148	private static $config = null;
2	daniel-mar	149	public static function config() {
263	daniel-mar	150	if ($first_init = is_null(self::$config)) {
		151	self::$config = new OIDplusConfig();
2	daniel-mar	152	}
263	daniel-mar	153
		154	if ($first_init) {
		155	// These are important settings for base functionalities and therefore are not inside plugins
		156	self::$config->prepareConfigKey('system_title', 'What is the name of your RA?', 'OIDplus 2.0', OIDplusConfig::PROTECTION_EDITABLE, function($value) {
		157	if (empty($value)) {
360	daniel-mar	158	throw new OIDplusException(_L('Please enter a value for the system title.'));
263	daniel-mar	159	}
		160	});
		161	self::$config->prepareConfigKey('admin_email', 'E-Mail address of the system administrator', '', OIDplusConfig::PROTECTION_EDITABLE, function($value) {
		162	if (!empty($value) && !OIDplus::mailUtils()->validMailAddress($value)) {
360	daniel-mar	163	throw new OIDplusException(_L('This is not a correct email address'));
263	daniel-mar	164	}
		165	});
		166	self::$config->prepareConfigKey('global_cc', 'Global CC for all outgoing emails?', '', OIDplusConfig::PROTECTION_EDITABLE, function($value) {
		167	if (!empty($value) && !OIDplus::mailUtils()->validMailAddress($value)) {
360	daniel-mar	168	throw new OIDplusException(_L('This is not a correct email address'));
263	daniel-mar	169	}
		170	});
		171	self::$config->prepareConfigKey('objecttypes_initialized', 'List of object type plugins that were initialized once', '', OIDplusConfig::PROTECTION_READONLY, function($value) {
		172	// Nothing here yet
		173	});
		174	self::$config->prepareConfigKey('objecttypes_enabled', 'Enabled object types and their order, separated with a semicolon (please reload the page so that the change is applied)', '', OIDplusConfig::PROTECTION_EDITABLE, function($value) {
		175	# TODO: when objecttypes_enabled is changed at the admin control panel, we need to do a reload of the page, so that jsTree will be updated. Is there anything we can do?
		176
		177	$ary = explode(';',$value);
		178	$uniq_ary = array_unique($ary);
		179
		180	if (count($ary) != count($uniq_ary)) {
360	daniel-mar	181	throw new OIDplusException(_L('Please check your input. Some object types are double.'));
263	daniel-mar	182	}
		183
		184	foreach ($ary as $ot_check) {
		185	$ns_found = false;
		186	foreach (OIDplus::getEnabledObjectTypes() as $ot) {
		187	if ($ot::ns() == $ot_check) {
		188	$ns_found = true;
		189	break;
		190	}
		191	}
		192	foreach (OIDplus::getDisabledObjectTypes() as $ot) {
		193	if ($ot::ns() == $ot_check) {
		194	$ns_found = true;
		195	break;
		196	}
		197	}
		198	if (!$ns_found) {
360	daniel-mar	199	throw new OIDplusException(_L('Please check your input. Namespace "%1" is not found',$ot_check));
263	daniel-mar	200	}
		201	}
		202	});
		203	self::$config->prepareConfigKey('oidplus_private_key', 'Private key for this system', '', OIDplusConfig::PROTECTION_HIDDEN, function($value) {
		204	// Nothing here yet
		205	});
		206	self::$config->prepareConfigKey('oidplus_public_key', 'Public key for this system. If you "clone" your system, you must delete this key (e.g. using phpMyAdmin), so that a new one is created.', '', OIDplusConfig::PROTECTION_READONLY, function($value) {
		207	// Nothing here yet
		208	});
324	daniel-mar	209	self::$config->prepareConfigKey('last_known_system_url', 'Last known System URL', '', OIDplusConfig::PROTECTION_HIDDEN, function($value) {
		210	// Nothing here yet
		211	});
412	daniel-mar	212	self::$config->prepareConfigKey('last_known_version', 'Last known OIDplus Version', '', OIDplusConfig::PROTECTION_HIDDEN, function($value) {
		213	// Nothing here yet
		214	});
635	daniel-mar	215	self::$config->prepareConfigKey('default_ra_auth_method', 'Default auth method used for generating password of RAs (must exist in plugins/[vendorname]/auth/)?', 'A3_bcrypt', OIDplusConfig::PROTECTION_EDITABLE, function($value) {
453	daniel-mar	216	$good = true;
		217	if (strpos($value,'/') !== false) $good = false;
		218	if (strpos($value,'\\') !== false) $good = false;
		219	if (strpos($value,'..') !== false) $good = false;
		220	if (!$good) {
		221	throw new OIDplusException(_L('Invalid auth plugin folder name. Do only enter a folder name, not an absolute or relative path'));
		222	}
		223
635	daniel-mar	224	if (!rec_is_dir(OIDplus::localpath().'plugins/'.'*'.'/auth/'.$value)) {
		225	throw new OIDplusException(_L('The auth plugin "%1" does not exist in plugin directory %2',$value,'plugins/[vendorname]/auth/'));
453	daniel-mar	226	}
		227	});
263	daniel-mar	228	}
		229
		230	return self::$config;
2	daniel-mar	231	}
		232
263	daniel-mar	233	private static $gui = null;
2	daniel-mar	234	public static function gui() {
263	daniel-mar	235	if (is_null(self::$gui)) {
		236	self::$gui = new OIDplusGui();
86	daniel-mar	237	}
263	daniel-mar	238	return self::$gui;
2	daniel-mar	239	}
		240
263	daniel-mar	241	private static $authUtils = null;
2	daniel-mar	242	public static function authUtils() {
263	daniel-mar	243	if (is_null(self::$authUtils)) {
		244	self::$authUtils = new OIDplusAuthUtils();
86	daniel-mar	245	}
263	daniel-mar	246	return self::$authUtils;
2	daniel-mar	247	}
		248
263	daniel-mar	249	private static $mailUtils = null;
250	daniel-mar	250	public static function mailUtils() {
263	daniel-mar	251	if (is_null(self::$mailUtils)) {
		252	self::$mailUtils = new OIDplusMailUtils();
250	daniel-mar	253	}
263	daniel-mar	254	return self::$mailUtils;
250	daniel-mar	255	}
		256
557	daniel-mar	257	private static $cookieUtils = null;
		258	public static function cookieUtils() {
		259	if (is_null(self::$cookieUtils)) {
		260	self::$cookieUtils = new OIDplusCookieUtils();
		261	}
		262	return self::$cookieUtils;
		263	}
		264
263	daniel-mar	265	private static $menuUtils = null;
250	daniel-mar	266	public static function menuUtils() {
263	daniel-mar	267	if (is_null(self::$menuUtils)) {
		268	self::$menuUtils = new OIDplusMenuUtils();
250	daniel-mar	269	}
263	daniel-mar	270	return self::$menuUtils;
250	daniel-mar	271	}
		272
263	daniel-mar	273	private static $logger = null;
115	daniel-mar	274	public static function logger() {
263	daniel-mar	275	if (is_null(self::$logger)) {
		276	self::$logger = new OIDplusLogger();
115	daniel-mar	277	}
263	daniel-mar	278	return self::$logger;
115	daniel-mar	279	}
		280
274	daniel-mar	281	# --- SQL slang plugin
		282
		283	private static function registerSqlSlangPlugin(OIDplusSqlSlangPlugin $plugin) {
		284	$name = $plugin::id();
591	daniel-mar	285	if ($name === '') return false;
274	daniel-mar	286
449	daniel-mar	287	if (isset(self::$sqlSlangPlugins[$name])) {
451	daniel-mar	288	$plugintype_hf = _L('SQL slang');
592	daniel-mar	289	throw new OIDplusException(_L('Multiple %1 plugins use the ID %2', $plugintype_hf, $name));
449	daniel-mar	290	}
		291
274	daniel-mar	292	self::$sqlSlangPlugins[$name] = $plugin;
		293
		294	return true;
		295	}
		296
		297	public static function getSqlSlangPlugins() {
		298	return self::$sqlSlangPlugins;
		299	}
		300
318	daniel-mar	301	public static function getSqlSlangPlugin($id)/: ?OIDplusSqlSlangPlugin/ {
		302	if (isset(self::$sqlSlangPlugins[$id])) {
		303	return self::$sqlSlangPlugins[$id];
		304	} else {
		305	return null;
		306	}
		307	}
		308
230	daniel-mar	309	# --- Database plugin
74	daniel-mar	310
227	daniel-mar	311	private static function registerDatabasePlugin(OIDplusDatabasePlugin $plugin) {
275	daniel-mar	312	$name = $plugin::id();
591	daniel-mar	313	if ($name === '') return false;
150	daniel-mar	314
449	daniel-mar	315	if (isset(self::$dbPlugins[$name])) {
		316	$plugintype_hf = _L('Database');
592	daniel-mar	317	throw new OIDplusException(_L('Multiple %1 plugins use the ID %2', $plugintype_hf, $name));
449	daniel-mar	318	}
		319
150	daniel-mar	320	self::$dbPlugins[$name] = $plugin;
		321
		322	return true;
		323	}
		324
		325	public static function getDatabasePlugins() {
		326	return self::$dbPlugins;
		327	}
		328
295	daniel-mar	329	public static function getActiveDatabasePlugin() {
702	daniel-mar	330	$db_plugin_name = OIDplus::baseConfig()->getValue('DATABASE_PLUGIN','');
		331	if ($db_plugin_name === '') {
360	daniel-mar	332	throw new OIDplusConfigInitializationException(_L('No database plugin selected in config file'));
260	daniel-mar	333	}
702	daniel-mar	334	if (!isset(self::$dbPlugins[$db_plugin_name])) {
360	daniel-mar	335	throw new OIDplusConfigInitializationException(_L('Database plugin "%1" not found',$db_plugin_name));
227	daniel-mar	336	}
702	daniel-mar	337	return self::$dbPlugins[$db_plugin_name];
227	daniel-mar	338	}
		339
295	daniel-mar	340	private static $dbMainSession = null;
		341	public static function db() {
		342	if (is_null(self::$dbMainSession)) {
		343	self::$dbMainSession = self::getActiveDatabasePlugin()->newConnection();
		344	}
		345	if (!self::$dbMainSession->isConnected()) self::$dbMainSession->connect();
		346	return self::$dbMainSession;
		347	}
		348
		349	private static $dbIsolatedSession = null;
		350	public static function dbIsolated() {
		351	if (is_null(self::$dbIsolatedSession)) {
		352	self::$dbIsolatedSession = self::getActiveDatabasePlugin()->newConnection();
		353	}
		354	if (!self::$dbIsolatedSession->isConnected()) self::$dbIsolatedSession->connect();
		355	return self::$dbIsolatedSession;
		356	}
		357
702	daniel-mar	358	# --- CAPTCHA plugin
		359
		360	private static function registerCaptchaPlugin(OIDplusCaptchaPlugin $plugin) {
		361	$name = $plugin::id();
		362	if ($name === '') return false;
		363
		364	if (isset(self::$captchaPlugins[$name])) {
		365	$plugintype_hf = _L('CAPTCHA');
		366	throw new OIDplusException(_L('Multiple %1 plugins use the ID %2', $plugintype_hf, $name));
		367	}
		368
		369	self::$captchaPlugins[$name] = $plugin;
		370
		371	return true;
		372	}
		373
		374	public static function getCaptchaPlugins() {
		375	return self::$captchaPlugins;
		376	}
		377
704	daniel-mar	378	public static function getActiveCaptchaPluginId() {
702	daniel-mar	379	$captcha_plugin_name = OIDplus::baseConfig()->getValue('CAPTCHA_PLUGIN', '');
		380
		381	if (OIDplus::baseConfig()->getValue('RECAPTCHA_ENABLED', false) && ($captcha_plugin_name === '')) {
		382	// Legacy config file support!
		383	$captcha_plugin_name = 'ReCAPTCHA';
		384	}
		385
704	daniel-mar	386	if ($captcha_plugin_name === '') $captcha_plugin_name = 'None'; // the "None" plugin is a must-have!
702	daniel-mar	387
704	daniel-mar	388	return $captcha_plugin_name;
		389	}
		390
		391	public static function getActiveCaptchaPlugin() {
		392	$captcha_plugin_name = OIDplus::getActiveCaptchaPluginId();
		393
702	daniel-mar	394	if (!isset(self::$captchaPlugins[$captcha_plugin_name])) {
		395	throw new OIDplusConfigInitializationException(_L('CAPTCHA plugin "%1" not found',$captcha_plugin_name));
		396	}
		397	return self::$captchaPlugins[$captcha_plugin_name];
		398	}
		399
227	daniel-mar	400	# --- Page plugin
		401
224	daniel-mar	402	private static function registerPagePlugin(OIDplusPagePlugin $plugin) {
281	daniel-mar	403	self::$pagePlugins[] = $plugin;
61	daniel-mar	404
		405	return true;
		406	}
		407
281	daniel-mar	408	public static function getPagePlugins() {
		409	return self::$pagePlugins;
61	daniel-mar	410	}
		411
227	daniel-mar	412	# --- Auth plugin
		413
		414	private static function registerAuthPlugin(OIDplusAuthPlugin $plugin) {
456	daniel-mar	415	if (OIDplus::baseConfig()->getValue('DEBUG')) {
		416	$password = generateRandomString(25);
459	daniel-mar	417
461	daniel-mar	418	try {
		419	$authInfo = $plugin->generate($password);
		420	} catch (OIDplusException $e) {
		421	// This can happen when the AuthKey or Salt is too long
		422	throw new OIDplusException(_L('Auth plugin "%1" is erroneous: %2',basename($plugin->getPluginDirectory()),$e->getMessage()));
		423	}
459	daniel-mar	424	$salt = $authInfo->getSalt();
461	daniel-mar	425	$authKey = $authInfo->getAuthKey();
459	daniel-mar	426
461	daniel-mar	427	$authInfo_SaltDiff = clone $authInfo;
		428	$authInfo_SaltDiff->setSalt(strrev($authInfo_SaltDiff->getSalt()));
		429
		430	$authInfo_AuthKeyDiff = clone $authInfo;
		431	$authInfo_AuthKeyDiff->setAuthKey(strrev($authInfo_AuthKeyDiff->getAuthKey()));
		432
		433	if ((!$plugin->verify($authInfo,$password)) \|\|
		434	(!empty($salt) && $plugin->verify($authInfo_SaltDiff,$password)) \|\|
		435	($plugin->verify($authInfo_AuthKeyDiff,$password)) \|\|
		436	($plugin->verify($authInfo,$password.'x'))) {
456	daniel-mar	437	throw new OIDplusException(_L('Auth plugin "%1" is erroneous: Generate/Verify self test failed',basename($plugin->getPluginDirectory())));
		438	}
453	daniel-mar	439	}
		440
227	daniel-mar	441	self::$authPlugins[] = $plugin;
		442	return true;
		443	}
		444
221	daniel-mar	445	public static function getAuthPlugins() {
		446	return self::$authPlugins;
		447	}
		448
355	daniel-mar	449	# --- Language plugin
		450
		451	private static function registerLanguagePlugin(OIDplusLanguagePlugin $plugin) {
		452	self::$languagePlugins[] = $plugin;
		453	return true;
		454	}
		455
		456	public static function getLanguagePlugins() {
		457	return self::$languagePlugins;
		458	}
		459
449	daniel-mar	460	# --- Design plugin
		461
		462	private static function registerDesignPlugin(OIDplusDesignPlugin $plugin) {
		463	self::$designPlugins[] = $plugin;
		464	return true;
		465	}
		466
		467	public static function getDesignPlugins() {
		468	return self::$designPlugins;
		469	}
		470
819	daniel-mar	471	public static function getActiveDesignPlugin() {
		472	$plugins = OIDplus::getDesignPlugins();
		473	foreach ($plugins as $plugin) {
		474	if ((basename($plugin->getPluginDirectory())) == OIDplus::config()->getValue('design','default')) {
		475	return $plugin;
		476	}
		477	}
		478	return null;
		479	}
		480
289	daniel-mar	481	# --- Logger plugin
		482
		483	private static function registerLoggerPlugin(OIDplusLoggerPlugin $plugin) {
		484	self::$loggerPlugins[] = $plugin;
		485	return true;
		486	}
		487
		488	public static function getLoggerPlugins() {
		489	return self::$loggerPlugins;
		490	}
		491
227	daniel-mar	492	# --- Object type plugin
		493
		494	private static function registerObjectTypePlugin(OIDplusObjectTypePlugin $plugin) {
		495	self::$objectTypePlugins[] = $plugin;
		496
		497	$ot = $plugin::getObjectTypeClassName();
		498	self::registerObjectType($ot);
		499
		500	return true;
		501	}
		502
224	daniel-mar	503	private static function registerObjectType($ot) {
66	daniel-mar	504	$ns = $ot::ns();
		505
360	daniel-mar	506	if (empty($ns)) throw new OIDplusException(_L('Attention: Empty NS at %1',$ot));
66	daniel-mar	507
		508	$ns_found = false;
227	daniel-mar	509	foreach (array_merge(OIDplus::getEnabledObjectTypes(), OIDplus::getDisabledObjectTypes()) as $test_ot) {
66	daniel-mar	510	if ($test_ot::ns() == $ns) {
		511	$ns_found = true;
		512	break;
		513	}
		514	}
		515	if ($ns_found) {
360	daniel-mar	516	throw new OIDplusException(_L('Attention: Two objectType plugins use the same namespace "%1"!',$ns));
66	daniel-mar	517	}
		518
		519	$init = OIDplus::config()->getValue("objecttypes_initialized");
		520	$init_ary = empty($init) ? array() : explode(';', $init);
70	daniel-mar	521	$init_ary = array_map('trim', $init_ary);
66	daniel-mar	522
		523	$enabled = OIDplus::config()->getValue("objecttypes_enabled");
		524	$enabled_ary = empty($enabled) ? array() : explode(';', $enabled);
70	daniel-mar	525	$enabled_ary = array_map('trim', $enabled_ary);
66	daniel-mar	526
79	daniel-mar	527	$do_enable = false;
		528	if (in_array($ns, $enabled_ary)) {
447	daniel-mar	529	// If it is in the list of enabled object types, it is enabled (obviously)
79	daniel-mar	530	$do_enable = true;
		531	} else {
447	daniel-mar	532	if (!OIDplus::config()->getValue('oobe_objects_done')) {
		533	// If the OOBE wizard is NOT done, then just enable the "oid" object type by default
79	daniel-mar	534	$do_enable = $ns == 'oid';
		535	} else {
447	daniel-mar	536	// If the OOBE wizard was done (once), then
		537	// we will enable all object types which were never initialized
		538	// (i.e. a plugin folder was freshly added)
79	daniel-mar	539	$do_enable = !in_array($ns, $init_ary);
		540	}
		541	}
		542
		543	if ($do_enable) {
227	daniel-mar	544	self::$enabledObjectTypes[] = $ot;
		545	usort(self::$enabledObjectTypes, function($a, $b) {
66	daniel-mar	546	$enabled = OIDplus::config()->getValue("objecttypes_enabled");
		547	$enabled_ary = explode(';', $enabled);
		548
		549	$idx_a = array_search($a::ns(), $enabled_ary);
		550	$idx_b = array_search($b::ns(), $enabled_ary);
		551
		552	if ($idx_a == $idx_b) {
		553	return 0;
		554	}
		555	return ($idx_a > $idx_b) ? +1 : -1;
		556	});
74	daniel-mar	557	} else {
		558	self::$disabledObjectTypes[] = $ot;
66	daniel-mar	559	}
		560
		561	if (!in_array($ns, $init_ary)) {
		562	// Was never initialized before, so we add it to the list of enabled object types once
		563
79	daniel-mar	564	if ($do_enable) {
		565	$enabled_ary[] = $ns;
672	daniel-mar	566	// Important: Don't validate the input, because the other object types might not be initialized yet! So use setValueNoCallback() instead setValue().
		567	OIDplus::config()->setValueNoCallback("objecttypes_enabled", implode(';', $enabled_ary));
79	daniel-mar	568	}
66	daniel-mar	569
		570	$init_ary[] = $ns;
		571	OIDplus::config()->setValue("objecttypes_initialized", implode(';', $init_ary));
		572	}
61	daniel-mar	573	}
		574
227	daniel-mar	575	public static function getObjectTypePlugins() {
		576	return self::$objectTypePlugins;
61	daniel-mar	577	}
		578
227	daniel-mar	579	public static function getObjectTypePluginsEnabled() {
		580	$res = array();
		581	foreach (self::$objectTypePlugins as $plugin) {
		582	$ot = $plugin::getObjectTypeClassName();
		583	if (in_array($ot, self::$enabledObjectTypes)) $res[] = $plugin;
		584	}
		585	return $res;
74	daniel-mar	586	}
		587
227	daniel-mar	588	public static function getObjectTypePluginsDisabled() {
		589	$res = array();
		590	foreach (self::$objectTypePlugins as $plugin) {
		591	$ot = $plugin::getObjectTypeClassName();
		592	if (in_array($ot, self::$disabledObjectTypes)) $res[] = $plugin;
74	daniel-mar	593	}
227	daniel-mar	594	return $res;
74	daniel-mar	595	}
		596
227	daniel-mar	597	public static function getEnabledObjectTypes() {
		598	return self::$enabledObjectTypes;
		599	}
74	daniel-mar	600
227	daniel-mar	601	public static function getDisabledObjectTypes() {
		602	return self::$disabledObjectTypes;
		603	}
74	daniel-mar	604
277	daniel-mar	605	# --- Plugin handling functions
		606
320	daniel-mar	607	public static function getAllPlugins()/: array/ {
		608	$res = array();
		609	$res = array_merge($res, self::$pagePlugins);
		610	$res = array_merge($res, self::$authPlugins);
		611	$res = array_merge($res, self::$loggerPlugins);
		612	$res = array_merge($res, self::$objectTypePlugins);
		613	$res = array_merge($res, self::$dbPlugins);
702	daniel-mar	614	$res = array_merge($res, self::$captchaPlugins);
320	daniel-mar	615	$res = array_merge($res, self::$sqlSlangPlugins);
355	daniel-mar	616	$res = array_merge($res, self::$languagePlugins);
449	daniel-mar	617	$res = array_merge($res, self::$designPlugins);
320	daniel-mar	618	return $res;
		619	}
		620
321	daniel-mar	621	public static function getPluginByOid($oid)/: ?OIDplusPlugin/ {
320	daniel-mar	622	$plugins = self::getAllPlugins();
321	daniel-mar	623	foreach ($plugins as $plugin) {
		624	if (oid_dotnotation_equal($plugin->getManifest()->getOid(), $oid)) {
		625	return $plugin;
320	daniel-mar	626	}
		627	}
		628	return null;
		629	}
		630
380	daniel-mar	631	public static function getPluginByClassName($classname)/: ?OIDplusPlugin/ {
		632	$plugins = self::getAllPlugins();
		633	foreach ($plugins as $plugin) {
		634	if (get_class($plugin) === $classname) {
		635	return $plugin;
		636	}
		637	}
		638	return null;
277	daniel-mar	639	}
		640
594	daniel-mar	641	/**
		642	* @return array<OIDplusPluginManifest>\|array<string,array<string,OIDplusPluginManifest>>
		643	*/
693	daniel-mar	644	public static function getAllPluginManifests($pluginFolderMasks='*', $flat=true): array {
277	daniel-mar	645	$out = array();
279	daniel-mar	646	// Note: glob() will sort by default, so we do not need a page priority attribute.
		647	// So you just need to use a numeric plugin directory prefix (padded).
693	daniel-mar	648	$ary = array();
		649	foreach (explode(',',$pluginFolderMasks) as $pluginFolderMask) {
		650	$ary = array_merge($ary,glob(OIDplus::localpath().'plugins/'.''.'/'.$pluginFolderMask.'/'.''.'/manifest.xml'));
		651	}
646	daniel-mar	652
		653	// Sort the plugins by their type and name, as if they would be in a single vendor-folder!
		654	uasort($ary, function($a,$b) {
		655	if ($a == $b) return 0;
		656
		657	$ary = explode('/',$a);
		658	$bry = explode('/',$b);
		659
		660	// First sort by type (publicPage, auth, database, language, ...)
		661	$a_type = $ary[count($ary)-1-2];
		662	$b_type = $bry[count($bry)-1-2];
		663	if ($a_type < $b_type) return -1;
		664	if ($a_type > $b_type) return 1;
		665
		666	// Then sort by name (090_login, 100_whois, etc.)
		667	$a_name = $ary[count($ary)-1-1];
		668	$b_name = $bry[count($bry)-1-1];
		669	if ($a_name < $b_name) return -1;
		670	if ($a_name > $b_name) return 1;
		671
		672	// If it is still equal, then finally sort by vendorname
		673	$a_vendor = $ary[count($ary)-1-3];
		674	$b_vendor = $bry[count($bry)-1-3];
		675	if ($a_vendor < $b_vendor) return -1;
		676	if ($a_vendor > $b_vendor) return 1;
		677	return 0;
		678	});
		679
277	daniel-mar	680	foreach ($ary as $ini) {
		681	if (!file_exists($ini)) continue;
		682
307	daniel-mar	683	$manifest = new OIDplusPluginManifest();
		684	$manifest->loadManifest($ini);
277	daniel-mar	685
473	daniel-mar	686	$class_name = $manifest->getPhpMainClass();
		687	if (OIDplus::baseConfig()->getValue('DISABLE_PLUGIN_'.$class_name, false)) {
		688	continue;
		689	}
		690
307	daniel-mar	691	if ($flat) {
		692	$out[] = $manifest;
		693	} else {
		694	$plugintype_folder = basename(dirname(dirname($ini)));
		695	$pluginname_folder = basename(dirname($ini));
		696
		697	if (!isset($out[$plugintype_folder])) $out[$plugintype_folder] = array();
		698	if (!isset($out[$plugintype_folder][$pluginname_folder])) $out[$plugintype_folder][$pluginname_folder] = array();
		699	$out[$plugintype_folder][$pluginname_folder] = $manifest;
		700	}
277	daniel-mar	701	}
		702	return $out;
		703	}
		704
594	daniel-mar	705	/**
		706	* @return array<string>
		707	*/
277	daniel-mar	708	public static function registerAllPlugins($pluginDirName, $expectedPluginClass, $registerCallback): array {
		709	$out = array();
525	daniel-mar	710	if (is_array($pluginDirName)) {
		711	$ary = array();
		712	foreach ($pluginDirName as $pluginDirName_) {
		713	$ary = array_merge($ary, self::getAllPluginManifests($pluginDirName_, false));
		714	}
		715	} else {
		716	$ary = self::getAllPluginManifests($pluginDirName, false);
		717	}
320	daniel-mar	718	$known_plugin_oids = array();
456	daniel-mar	719	if (OIDplus::baseConfig()->getValue('DEBUG')) {
		720	$fake_feature = uuid_to_oid(gen_uuid());
588	daniel-mar	721	} else {
		722	$fake_feature = null;
456	daniel-mar	723	}
277	daniel-mar	724	foreach ($ary as $plugintype_folder => $bry) {
438	daniel-mar	725	foreach ($bry as $pluginname_folder => $manifest) {
		726	$class_name = $manifest->getPhpMainClass();
		727
		728	// Before we load the plugin, we want to make some checks to confirm
		729	// that the plugin is working correctly.
		730
307	daniel-mar	731	if (!$class_name) {
438	daniel-mar	732	throw new OIDplusException(_L('Plugin "%1/%2" is erroneous',$plugintype_folder,$pluginname_folder).': '._L('Manifest does not declare a PHP main class'));
277	daniel-mar	733	}
297	daniel-mar	734	if (OIDplus::baseConfig()->getValue('DISABLE_PLUGIN_'.$class_name, false)) {
		735	continue;
		736	}
292	daniel-mar	737	if (!class_exists($class_name)) {
438	daniel-mar	738	throw new OIDplusException(_L('Plugin "%1/%2" is erroneous',$plugintype_folder,$pluginname_folder).': '._L('Manifest declares PHP main class as "%1", but it could not be found',$class_name));
292	daniel-mar	739	}
279	daniel-mar	740	if (!is_subclass_of($class_name, $expectedPluginClass)) {
438	daniel-mar	741	throw new OIDplusException(_L('Plugin "%1/%2" is erroneous',$plugintype_folder,$pluginname_folder).': '._L('Plugin main class "%1" is expected to be a subclass of "%2"',$class_name,$expectedPluginClass));
279	daniel-mar	742	}
438	daniel-mar	743	if (($class_name!=$manifest->getTypeClass()) && (!is_subclass_of($class_name,$manifest->getTypeClass()))) {
		744	throw new OIDplusException(_L('Plugin "%1/%2" is erroneous',$plugintype_folder,$pluginname_folder).': '._L('Plugin main class "%1" is expected to be a subclass of "%2", according to type declared in manifest',$class_name,$manifest->getTypeClass()));
308	daniel-mar	745	}
438	daniel-mar	746	if (($manifest->getTypeClass()!=$expectedPluginClass) && (!is_subclass_of($manifest->getTypeClass(),$expectedPluginClass))) {
		747	throw new OIDplusException(_L('Plugin "%1/%2" is erroneous',$plugintype_folder,$pluginname_folder).': '._L('Class declared in manifest is "%1" does not fit expected class for this plugin type "%2"',$manifest->getTypeClass(),$expectedPluginClass));
308	daniel-mar	748	}
		749
438	daniel-mar	750	$plugin_oid = $manifest->getOid();
320	daniel-mar	751	if (!$plugin_oid) {
438	daniel-mar	752	throw new OIDplusException(_L('Plugin "%1/%2" is erroneous',$plugintype_folder,$pluginname_folder).': '._L('Does not have an OID'));
320	daniel-mar	753	}
		754	if (!oid_valid_dotnotation($plugin_oid, false, false, 2)) {
438	daniel-mar	755	throw new OIDplusException(_L('Plugin "%1/%2" is erroneous',$plugintype_folder,$pluginname_folder).': '._L('Plugin OID "%1" is invalid (needs to be valid dot-notation)',$plugin_oid));
320	daniel-mar	756	}
		757	if (isset($known_plugin_oids[$plugin_oid])) {
438	daniel-mar	758	throw new OIDplusException(_L('Plugin "%1/%2" is erroneous',$plugintype_folder,$pluginname_folder).': '._L('The OID "%1" is already used by the plugin "%2"',$plugin_oid,$known_plugin_oids[$plugin_oid]));
320	daniel-mar	759	}
646	daniel-mar	760
632	daniel-mar	761	$full_plugin_dir = dirname($manifest->getManifestFile());
		762	$full_plugin_dir = substr($full_plugin_dir, strlen(OIDplus::localpath()));
633	daniel-mar	763	// { iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) 37476 products(2) oidplus(5) v2(2) plugins(4) }
635	daniel-mar	764	if (str_starts_with($full_plugin_dir, 'plugins/viathinksoft/') != str_starts_with($plugin_oid, '1.3.6.1.4.1.37476.2.5.2.4.')) {
		765	throw new OIDplusException(_L('Plugin "%1/%2" is misplaced',$plugintype_folder,$pluginname_folder).': '._L('The plugin is in the wrong folder. The folder %1 can only be used by official ViaThinkSoft plugins','plugins/viathinksoft/'));
632	daniel-mar	766	}
320	daniel-mar	767
632	daniel-mar	768	$known_plugin_oids[$plugin_oid] = $plugintype_folder.'/'.$pluginname_folder;
		769
438	daniel-mar	770	$obj = new $class_name();
456	daniel-mar	771
		772	if (OIDplus::baseConfig()->getValue('DEBUG')) {
		773	if ($obj->implementsFeature($fake_feature)) {
		774	// see https://devblogs.microsoft.com/oldnewthing/20040211-00/?p=40663
		775	throw new OIDplusException(_L('Plugin "%1/%2" is erroneous',$plugintype_folder,$pluginname_folder).': '._L('implementsFeature() always returns true'));
		776	}
438	daniel-mar	777	}
		778
778	daniel-mar	779	// TODO: Maybe as additional plugin-test, we should also check if plugins are allowed to define CSS/JS, i.e. the plugin type is element of OIDplus::INTERACTIVE_PLUGIN_TYPES
438	daniel-mar	780	$tmp = array_merge(
		781	$manifest->getJSFiles(),
		782	$manifest->getCSSFiles(),
		783	$manifest->getJSFilesSetup(),
		784	$manifest->getCSSFilesSetup()
		785	);
		786	foreach ($tmp as $file) {
		787	if (!file_exists($file)) {
		788	throw new OIDplusException(_L('Plugin "%1/%2" is erroneous',$plugintype_folder,$pluginname_folder).': '._L('File %1 was defined in manifest, but it is not existing',$file));
		789	}
		790	}
		791
		792	// Now we can continue
		793
279	daniel-mar	794	$out[] = $class_name;
		795	if (!is_null($registerCallback)) {
438	daniel-mar	796	call_user_func($registerCallback, $obj);
444	daniel-mar	797
		798	// Alternative approaches:
		799	//$registerCallback[0]::{$registerCallback[1]}($obj);
		800	// or:
		801	//forward_static_call($registerCallback, $obj);
279	daniel-mar	802	}
277	daniel-mar	803	}
		804
		805	}
		806	return $out;
		807	}
		808
227	daniel-mar	809	# --- Initialization of OIDplus
206	daniel-mar	810
374	daniel-mar	811	public static function init($html=true, $keepBaseConfig=true) {
236	daniel-mar	812	self::$html = $html;
		813
263	daniel-mar	814	// Reset internal state, so we can re-init verything if required
274	daniel-mar	815
263	daniel-mar	816	if (self::$old_config_format) {
778	daniel-mar	817	// We need to do this, because define() cannot be undone
263	daniel-mar	818	// Note: This can only happen in very special cases (e.g. test cases) where you call init() twice
360	daniel-mar	819	throw new OIDplusConfigInitializationException(_L('A full re-initialization is not possible if a version 2.0 config file (containing "defines") is used. Please update to a config 2.1 file by running setup again.'));
263	daniel-mar	820	}
274	daniel-mar	821
263	daniel-mar	822	self::$config = null;
374	daniel-mar	823	if (!$keepBaseConfig) self::$baseConfig = null; // for test cases we need to be able to control base config and setting values manually, so $keepBaseConfig needs to be true
263	daniel-mar	824	self::$gui = null;
		825	self::$authUtils = null;
		826	self::$mailUtils = null;
		827	self::$menuUtils = null;
		828	self::$logger = null;
295	daniel-mar	829	self::$dbMainSession = null;
		830	self::$dbIsolatedSession = null;
263	daniel-mar	831	self::$pagePlugins = array();
		832	self::$authPlugins = array();
289	daniel-mar	833	self::$loggerPlugins = array();
263	daniel-mar	834	self::$objectTypePlugins = array();
		835	self::$enabledObjectTypes = array();
		836	self::$disabledObjectTypes = array();
		837	self::$dbPlugins = array();
702	daniel-mar	838	self::$captchaPlugins = array();
274	daniel-mar	839	self::$sqlSlangPlugins = array();
355	daniel-mar	840	self::$languagePlugins = array();
449	daniel-mar	841	self::$designPlugins = array();
263	daniel-mar	842	self::$system_id_cache = null;
		843	self::$sslAvailableCache = null;
468	daniel-mar	844	self::$translationArray = array();
74	daniel-mar	845
263	daniel-mar	846	// Continue...
		847
294	daniel-mar	848	OIDplus::baseConfig(); // this loads the base configuration located in userdata/baseconfig/config.inc.php (once!)
263	daniel-mar	849	// You can do changes to the configuration afterwards using OIDplus::baseConfig()->...
		850
150	daniel-mar	851	// Register database types (highest priority)
		852
274	daniel-mar	853	// SQL slangs
		854
294	daniel-mar	855	self::registerAllPlugins('sqlSlang', 'OIDplusSqlSlangPlugin', array('OIDplus','registerSqlSlangPlugin'));
274	daniel-mar	856	foreach (OIDplus::getSqlSlangPlugins() as $plugin) {
		857	$plugin->init($html);
		858	}
		859
		860	// Database providers
		861
277	daniel-mar	862	self::registerAllPlugins('database', 'OIDplusDatabasePlugin', array('OIDplus','registerDatabasePlugin'));
237	daniel-mar	863	foreach (OIDplus::getDatabasePlugins() as $plugin) {
		864	$plugin->init($html);
		865	}
		866
42	daniel-mar	867	// Do redirect stuff etc.
74	daniel-mar	868
230	daniel-mar	869	self::isSslAvailable(); // This function does automatic redirects
61	daniel-mar	870
263	daniel-mar	871	// Construct the configuration manager
66	daniel-mar	872
263	daniel-mar	873	OIDplus::config(); // During the construction, various system settings are prepared if required
66	daniel-mar	874
74	daniel-mar	875	// Initialize public / private keys
		876
227	daniel-mar	877	OIDplus::getPkiStatus(true);
74	daniel-mar	878
237	daniel-mar	879	// Register non-DB plugins
74	daniel-mar	880
525	daniel-mar	881	self::registerAllPlugins(array('publicPages', 'raPages', 'adminPages'), 'OIDplusPagePlugin', array('OIDplus','registerPagePlugin'));
277	daniel-mar	882	self::registerAllPlugins('auth', 'OIDplusAuthPlugin', array('OIDplus','registerAuthPlugin'));
289	daniel-mar	883	self::registerAllPlugins('logger', 'OIDplusLoggerPlugin', array('OIDplus','registerLoggerPlugin'));
277	daniel-mar	884	self::registerAllPlugins('objectTypes', 'OIDplusObjectTypePlugin', array('OIDplus','registerObjectTypePlugin'));
355	daniel-mar	885	self::registerAllPlugins('language', 'OIDplusLanguagePlugin', array('OIDplus','registerLanguagePlugin'));
449	daniel-mar	886	self::registerAllPlugins('design', 'OIDplusDesignPlugin', array('OIDplus','registerDesignPlugin'));
778	daniel-mar	887	self::registerAllPlugins('captcha', 'OIDplusCaptchaPlugin', array('OIDplus','registerCaptchaPlugin'));
150	daniel-mar	888
237	daniel-mar	889	// Initialize non-DB plugins
224	daniel-mar	890
281	daniel-mar	891	foreach (OIDplus::getPagePlugins() as $plugin) {
74	daniel-mar	892	$plugin->init($html);
		893	}
230	daniel-mar	894	foreach (OIDplus::getAuthPlugins() as $plugin) {
		895	$plugin->init($html);
		896	}
289	daniel-mar	897	foreach (OIDplus::getLoggerPlugins() as $plugin) {
		898	$plugin->init($html);
		899	}
230	daniel-mar	900	foreach (OIDplus::getObjectTypePlugins() as $plugin) {
		901	$plugin->init($html);
		902	}
355	daniel-mar	903	foreach (OIDplus::getLanguagePlugins() as $plugin) {
		904	$plugin->init($html);
		905	}
449	daniel-mar	906	foreach (OIDplus::getDesignPlugins() as $plugin) {
		907	$plugin->init($html);
		908	}
778	daniel-mar	909	foreach (OIDplus::getCaptchaPlugins() as $plugin) {
		910	$plugin->init($html);
		911	}
412	daniel-mar	912
778	daniel-mar	913	if (PHP_SAPI != 'cli') {
		914
		915	// Prepare some security related response headers (default values)
		916
		917	$content_language =
		918	strtolower(substr(OIDplus::getCurrentLang(),0,2)) . '-' .
		919	strtoupper(substr(OIDplus::getCurrentLang(),2,2)); // e.g. 'en-US'
		920
		921	$http_headers = array(
		922	"X-Content-Type-Options" => "nosniff",
		923	"X-XSS-Protection" => "1; mode=block",
		924	"X-Frame-Options" => "SAMEORIGIN",
		925	"Referrer-Policy" => array(
		926	"no-referrer-when-downgrade"
		927	),
		928	"Cache-Control" => array(
		929	"no-cache",
		930	"no-store",
		931	"must-revalidate"
		932	),
		933	"Pragma" => "no-cache",
		934	"Content-Language" => $content_language,
		935	"Expires" => "0",
		936	"Content-Security-Policy" => array(
		937	"default-src" => array(
		938	"'self'",
		939	"blob:",
		940	"https://fonts.gstatic.com",
		941	"https://www.google.com/",
		942	"https://www.gstatic.com/",
		943	"https://cdnjs.cloudflare.com/"
		944	),
		945	"style-src" => array(
		946	"'self'",
		947	"'unsafe-inline'",
		948	"https://cdnjs.cloudflare.com/"
		949	),
		950	"img-src" => array(
		951	"blob:",
		952	"data:",
		953	"http:",
		954	"https:"
		955	),
		956	"script-src" => array(
		957	"'self'",
		958	"'unsafe-inline'",
		959	"'unsafe-eval'",
		960	"blob:",
		961	"https://www.google.com/",
		962	"https://www.gstatic.com/",
		963	"https://cdnjs.cloudflare.com/",
		964	"https://polyfill.io/"
		965	),
		966	"frame-ancestors" => array(
		967	"'none'"
		968	),
		969	"object-src" => array(
		970	"'none'"
		971	)
		972	)
		973	);
		974
780	daniel-mar	975	// Give plugins the opportunity to manipulate/extend the headers
778	daniel-mar	976
		977	foreach (OIDplus::getSqlSlangPlugins() as $plugin) {
		978	$plugin->httpHeaderCheck($http_headers);
		979	}
		980	foreach (OIDplus::getDatabasePlugins() as $plugin) {
		981	$plugin->httpHeaderCheck($http_headers);
		982	}
		983	foreach (OIDplus::getPagePlugins() as $plugin) {
		984	$plugin->httpHeaderCheck($http_headers);
		985	}
		986	foreach (OIDplus::getAuthPlugins() as $plugin) {
		987	$plugin->httpHeaderCheck($http_headers);
		988	}
		989	foreach (OIDplus::getLoggerPlugins() as $plugin) {
		990	$plugin->httpHeaderCheck($http_headers);
		991	}
		992	foreach (OIDplus::getObjectTypePlugins() as $plugin) {
		993	$plugin->httpHeaderCheck($http_headers);
		994	}
		995	foreach (OIDplus::getLanguagePlugins() as $plugin) {
		996	$plugin->httpHeaderCheck($http_headers);
		997	}
		998	foreach (OIDplus::getDesignPlugins() as $plugin) {
		999	$plugin->httpHeaderCheck($http_headers);
		1000	}
		1001	foreach (OIDplus::getCaptchaPlugins() as $plugin) {
		1002	$plugin->httpHeaderCheck($http_headers);
		1003	}
		1004
		1005	// Prepare to send the headers to the client
		1006	// The headers are sent automatically when the first output comes or the script ends
		1007
		1008	foreach ($http_headers as $name => $val) {
		1009
		1010	// Plugins can remove standard OIDplus headers by setting the value to null.
		1011	if (is_null($val)) continue; /** @phpstan-ignore-line */
		1012
		1013	// Some headers can be written as arrays to make it easier for plugin authors
		1014	// to manipulate/extend the contents.
		1015	if (is_array($val)) {
		1016	if ((strtolower($name) == 'cache-control') \|\|
		1017	(strtolower($name) == 'referrer-policy'))
		1018	{
		1019	if (count($val) == 0) continue;
		1020	$val = implode(', ', $val);
		1021	} else if (strtolower($name) == 'content-security-policy') {
		1022	if (count($val) == 0) continue;
780	daniel-mar	1023	foreach ($val as $tmp1 => &$tmp2) {
		1024	$tmp2 = array_unique($tmp2);
		1025	$tmp2 = $tmp1.' '.implode(' ', $tmp2);
		1026	}
778	daniel-mar	1027	$val = implode('; ', $val);
		1028	} else {
779	daniel-mar	1029	throw new OIDplusException(_L('HTTP header "%1" cannot be written as array. A newly installed plugin is probably misusing the method "%2".',$name,'httpHeaderCheck'));
778	daniel-mar	1030	}
		1031	}
		1032
		1033	if (is_string($val)) {
		1034	header("$name: $val");
		1035	}
		1036	}
		1037
		1038	} // endif (PHP_SAPI != 'cli')
		1039
412	daniel-mar	1040	// Initialize other stuff (i.e. things which require the logger!)
		1041
		1042	OIDplus::recognizeSystemUrl(); // Make sure "last_known_system_url" is set
		1043	OIDplus::recognizeVersion(); // Make sure "last_known_version" is set and a log entry is created
2	daniel-mar	1044	}
42	daniel-mar	1045
227	daniel-mar	1046	# --- System URL, System ID, PKI, and other functions
		1047
412	daniel-mar	1048	private static function recognizeSystemUrl() {
		1049	try {
801	daniel-mar	1050	$url = OIDplus::webpath(null,self::PATH_ABSOLUTE_CANONICAL); // TODO: canonical or not?
412	daniel-mar	1051	OIDplus::config()->setValue('last_known_system_url', $url);
		1052	} catch (Exception $e) {
		1053	}
		1054	}
497	daniel-mar	1055
496	daniel-mar	1056	private static function getExecutingScriptPathDepth() {
		1057	if (PHP_SAPI == 'cli') {
		1058	global $argv;
		1059	$test_dir = dirname(realpath($argv[0]));
		1060	} else {
		1061	if (!isset($_SERVER["SCRIPT_FILENAME"])) return false;
		1062	$test_dir = dirname($_SERVER['SCRIPT_FILENAME']);
		1063	}
		1064	$test_dir = str_replace('\\', '/', $test_dir);
		1065	$steps_up = 0;
		1066	while (!file_exists($test_dir.'/oidplus.min.css.php')) { // We just assume that only the OIDplus base directory contains "oidplus.min.css.php" and not any subsequent directory!
		1067	$test_dir = dirname($test_dir);
		1068	$steps_up++;
		1069	if ($steps_up == 1000) return false; // to make sure there will never be an infinite loop
		1070	}
		1071	return $steps_up;
		1072	}
632	daniel-mar	1073
580	daniel-mar	1074	public static function isSSL() {
		1075	return isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] === 'on');
		1076	}
412	daniel-mar	1077
806	daniel-mar	1078	/**
		1079	* Returns the URL of the system.
		1080	* @param int $mode If true or OIDplus::PATH_RELATIVE, the returning path is relative to the currently executed
		1081	* PHP script (i.e. index.php , not the plugin PHP script!). False or OIDplus::PATH_ABSOLUTE is
		1082	* results in an absolute URL. OIDplus::PATH_ABSOLUTE_CANONICAL is an absolute URL,
		1083	* but a canonical path (set by base config setting CANONICAL_SYSTEM_URL) is preferred.
		1084	* @return string\|false The URL, with guaranteed trailing path delimiter for directories
		1085	*/
801	daniel-mar	1086	private static function getSystemUrl($mode) {
806	daniel-mar	1087	if ($mode === self::PATH_RELATIVE) {
778	daniel-mar	1088	$steps_up = self::getExecutingScriptPathDepth();
		1089	if ($steps_up === false) {
		1090	return false;
		1091	} else {
		1092	return str_repeat('../', $steps_up);
		1093	}
		1094	} else {
806	daniel-mar	1095	if ($mode === self::PATH_ABSOLUTE_CANONICAL) {
		1096	$tmp = OIDplus::baseConfig()->getValue('CANONICAL_SYSTEM_URL', '');
		1097	if ($tmp) {
		1098	return rtrim($tmp,'/').'/';
		1099	}
326	daniel-mar	1100	}
778	daniel-mar	1101
495	daniel-mar	1102	if (PHP_SAPI == 'cli') {
494	daniel-mar	1103	try {
		1104	return OIDplus::config()->getValue('last_known_system_url', false);
		1105	} catch (Exception $e) {
		1106	return false;
		1107	}
778	daniel-mar	1108	} else {
		1109	// First, try to find out how many levels we need to go up
		1110	$steps_up = self::getExecutingScriptPathDepth();
326	daniel-mar	1111
778	daniel-mar	1112	// Then go up these amount of levels, based on SCRIPT_NAME/argv[0]
		1113	$res = dirname($_SERVER['SCRIPT_NAME'].'index.php'); // This fake 'index.php' ensures that SCRIPT_NAME does not end with '/', which would make dirname() fail
		1114	for ($i=0; $i<$steps_up; $i++) {
		1115	$res = dirname($res);
		1116	}
		1117	$res = str_replace('\\', '/', $res);
		1118	if ($res == '/') $res = '';
227	daniel-mar	1119
778	daniel-mar	1120	// Add protocol and hostname
580	daniel-mar	1121	$is_ssl = self::isSSL();
495	daniel-mar	1122	$protocol = $is_ssl ? 'https' : 'http'; // do not translate
		1123	$host = $_SERVER['HTTP_HOST']; // includes port if it is not 80/443
778	daniel-mar	1124
		1125	return $protocol.'://'.$host.$res.'/';
495	daniel-mar	1126	}
227	daniel-mar	1127	}
		1128	}
		1129
		1130	private static $system_id_cache = null;
		1131	public static function getSystemId($oid=false) {
		1132	if (!is_null(self::$system_id_cache)) {
		1133	$out = self::$system_id_cache;
		1134	} else {
		1135	$out = false;
		1136
		1137	if (self::getPkiStatus(true)) {
		1138	$pubKey = OIDplus::config()->getValue('oidplus_public_key');
386	daniel-mar	1139	$m = array();
227	daniel-mar	1140	if (preg_match('@BEGIN PUBLIC KEY\-+(.+)\-+END PUBLIC KEY@ismU', $pubKey, $m)) {
		1141	$out = smallhash(base64_decode($m[1]));
		1142	}
		1143	}
		1144	self::$system_id_cache = $out;
		1145	}
350	daniel-mar	1146	if (!$out) return false;
291	daniel-mar	1147	return ($oid ? '1.3.6.1.4.1.37476.30.9.' : '').$out;
227	daniel-mar	1148	}
		1149
		1150	public static function getPkiStatus($try_generate=true) {
		1151	if (!function_exists('openssl_pkey_new')) return false;
		1152
		1153	$privKey = OIDplus::config()->getValue('oidplus_private_key');
		1154	$pubKey = OIDplus::config()->getValue('oidplus_public_key');
		1155
		1156	if ($try_generate && !verify_private_public_key($privKey, $pubKey)) {
263	daniel-mar	1157	$pkey_config = array(
227	daniel-mar	1158	"digest_alg" => "sha512",
		1159	"private_key_bits" => 2048,
		1160	"private_key_type" => OPENSSL_KEYTYPE_RSA,
		1161	);
		1162
		1163	// Create the private and public key
263	daniel-mar	1164	$res = openssl_pkey_new($pkey_config);
256	daniel-mar	1165
239	daniel-mar	1166	if (!$res) return false;
227	daniel-mar	1167
		1168	// Extract the private key from $res to $privKey
		1169	openssl_pkey_export($res, $privKey);
		1170
		1171	// Extract the public key from $res to $pubKey
		1172	$pubKey = openssl_pkey_get_details($res)["key"];
		1173
239	daniel-mar	1174	// Log
288	daniel-mar	1175	OIDplus::logger()->log("[INFO]A!", "Generating new SystemID using a new key pair");
239	daniel-mar	1176
227	daniel-mar	1177	// Save the key pair to database
		1178	OIDplus::config()->setValue('oidplus_private_key', $privKey);
		1179	OIDplus::config()->setValue('oidplus_public_key', $pubKey);
		1180
		1181	// Log the new system ID
386	daniel-mar	1182	$m = array();
227	daniel-mar	1183	if (preg_match('@BEGIN PUBLIC KEY\-+(.+)\-+END PUBLIC KEY@ismU', $pubKey, $m)) {
		1184	$system_id = smallhash(base64_decode($m[1]));
288	daniel-mar	1185	OIDplus::logger()->log("[INFO]A!", "Your SystemID is now $system_id");
227	daniel-mar	1186	}
		1187	}
		1188
		1189	return verify_private_public_key($privKey, $pubKey);
		1190	}
		1191
170	daniel-mar	1192	public static function getInstallType() {
486	daniel-mar	1193	$counter = 0;
		1194
661	daniel-mar	1195	if ($new_version_file_exists = file_exists(OIDplus::localpath().'.version.php')) {
486	daniel-mar	1196	$counter++;
591	daniel-mar	1197	}
661	daniel-mar	1198	if ($old_version_file_exists = file_exists(OIDplus::localpath().'oidplus_version.txt')) {
		1199	$counter++;
		1200	}
		1201	$version_file_exists = $old_version_file_exists \| $new_version_file_exists;
681	daniel-mar	1202	if ($svn_dir_exists = (is_dir(OIDplus::localpath().'.svn') \|\|
		1203	is_dir(OIDplus::localpath().'../.svn'))) { // in case we checked out the root instead of the "trunk"
486	daniel-mar	1204	$counter++;
591	daniel-mar	1205	}
681	daniel-mar	1206	// if ($git_dir_exists = is_dir(OIDplus::localpath().'.git')) {
698	daniel-mar	1207	if ($git_dir_exists = (OIDplus::findGitFolder() !== false)) {
486	daniel-mar	1208	$counter++;
591	daniel-mar	1209	}
486	daniel-mar	1210
		1211	if ($counter === 0) {
360	daniel-mar	1212	return 'unknown'; // do not translate
170	daniel-mar	1213	}
591	daniel-mar	1214	else if ($counter > 1) {
360	daniel-mar	1215	return 'ambigous'; // do not translate
170	daniel-mar	1216	}
591	daniel-mar	1217	else if ($svn_dir_exists) {
360	daniel-mar	1218	return 'svn-wc'; // do not translate
170	daniel-mar	1219	}
591	daniel-mar	1220	else if ($git_dir_exists) {
486	daniel-mar	1221	return 'git-wc'; // do not translate
		1222	}
591	daniel-mar	1223	else if ($version_file_exists) {
360	daniel-mar	1224	return 'svn-snapshot'; // do not translate
170	daniel-mar	1225	}
		1226	}
		1227
412	daniel-mar	1228	private static function recognizeVersion() {
		1229	try {
		1230	$ver_prev = OIDplus::config()->getValue("last_known_version");
		1231	$ver_now = OIDplus::getVersion();
		1232	if (($ver_now != '') && ($ver_prev != '') && ($ver_now != $ver_prev)) {
455	daniel-mar	1233	// TODO: Problem: When the system was updated using SVN, then the IP address of the next random visitor of the website is logged!
412	daniel-mar	1234	OIDplus::logger()->log("[INFO]A!", "System version changed from '$ver_prev' to '$ver_now'");
		1235	}
		1236	OIDplus::config()->setValue("last_known_version", $ver_now);
		1237	} catch (Exception $e) {
		1238	}
		1239	}
		1240
111	daniel-mar	1241	public static function getVersion() {
412	daniel-mar	1242	static $cachedVersion = null;
		1243	if (!is_null($cachedVersion)) {
		1244	return $cachedVersion;
		1245	}
		1246
486	daniel-mar	1247	$installType = OIDplus::getInstallType();
		1248
		1249	if ($installType === 'svn-wc') {
496	daniel-mar	1250	$ver = get_svn_revision(OIDplus::localpath());
486	daniel-mar	1251	if ($ver)
		1252	return ($cachedVersion = 'svn-'.$ver);
558	daniel-mar	1253	$ver = get_svn_revision(OIDplus::localpath().'../'); // in case we checked out the root instead of the "trunk"
		1254	if ($ver)
		1255	return ($cachedVersion = 'svn-'.$ver);
111	daniel-mar	1256	}
162	daniel-mar	1257
486	daniel-mar	1258	if ($installType === 'git-wc') {
698	daniel-mar	1259	$ver = OIDplus::getGitsvnRevision(OIDplus::localpath());
486	daniel-mar	1260	if ($ver)
		1261	return ($cachedVersion = 'svn-'.$ver);
162	daniel-mar	1262	}
		1263
486	daniel-mar	1264	if ($installType === 'svn-snapshot') {
661	daniel-mar	1265	$cont = '';
		1266	if (file_exists($filename = OIDplus::localpath().'oidplus_version.txt'))
		1267	$cont = file_get_contents($filename);
		1268	if (file_exists($filename = OIDplus::localpath().'.version.php'))
		1269	$cont = file_get_contents($filename);
386	daniel-mar	1270	$m = array();
360	daniel-mar	1271	if (preg_match('@Revision (\d+)@', $cont, $m)) // do not translate
412	daniel-mar	1272	return ($cachedVersion = 'svn-'.$m[1]); // do not translate
162	daniel-mar	1273	}
		1274
486	daniel-mar	1275	return ($cachedVersion = false); // version ambigous or unknown
111	daniel-mar	1276	}
		1277
230	daniel-mar	1278	private static $sslAvailableCache = null;
		1279	public static function isSslAvailable() {
		1280	if (!is_null(self::$sslAvailableCache)) return self::$sslAvailableCache;
256	daniel-mar	1281
495	daniel-mar	1282	if (PHP_SAPI == 'cli') {
230	daniel-mar	1283	self::$sslAvailableCache = false;
		1284	return false;
		1285	}
		1286
49	daniel-mar	1287	$timeout = 2;
580	daniel-mar	1288	$already_ssl = self::isSSL();
80	daniel-mar	1289	$ssl_port = 443;
42	daniel-mar	1290
801	daniel-mar	1291	// TODO: Instead of 0, 1, 2, maybe make OIDplus:: constants
261	daniel-mar	1292	$mode = OIDplus::baseConfig()->getValue('ENFORCE_SSL', 2/auto/);
		1293
		1294	if ($mode == 0) {
80	daniel-mar	1295	// No SSL available
230	daniel-mar	1296	self::$sslAvailableCache = $already_ssl;
80	daniel-mar	1297	return $already_ssl;
		1298	}
		1299
261	daniel-mar	1300	if ($mode == 1) {
80	daniel-mar	1301	// Force SSL
		1302	if ($already_ssl) {
230	daniel-mar	1303	self::$sslAvailableCache = true;
80	daniel-mar	1304	return true;
42	daniel-mar	1305	} else {
80	daniel-mar	1306	$location = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
		1307	header('Location:'.$location);
360	daniel-mar	1308	die(_L('Redirecting to HTTPS...'));
591	daniel-mar	1309	#self::$sslAvailableCache = true;
		1310	#return true;
80	daniel-mar	1311	}
		1312	}
		1313
261	daniel-mar	1314	if ($mode == 2) {
80	daniel-mar	1315	// Automatic SSL detection
		1316
		1317	if ($already_ssl) {
		1318	// we are already on HTTPS
557	daniel-mar	1319	OIDplus::cookieUtils()->setcookie('SSL_CHECK', '1', 0, false);
230	daniel-mar	1320	self::$sslAvailableCache = true;
80	daniel-mar	1321	return true;
		1322	} else {
		1323	if (isset($_COOKIE['SSL_CHECK'])) {
		1324	// We already had the HTTPS detection done before.
		1325	if ($_COOKIE['SSL_CHECK']) {
		1326	// HTTPS was detected before, but we are HTTP. Redirect now
		1327	$location = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
		1328	header('Location:'.$location);
360	daniel-mar	1329	die(_L('Redirecting to HTTPS...'));
591	daniel-mar	1330	#self::$sslAvailableCache = true;
		1331	#return true;
80	daniel-mar	1332	} else {
		1333	// No HTTPS available. Do nothing.
230	daniel-mar	1334	self::$sslAvailableCache = false;
80	daniel-mar	1335	return false;
		1336	}
49	daniel-mar	1337	} else {
80	daniel-mar	1338	// This is our first check (or the browser didn't accept the SSL_CHECK cookie)
386	daniel-mar	1339	$errno = -1;
		1340	$errstr = '';
80	daniel-mar	1341	if (@fsockopen($_SERVER['HTTP_HOST'], $ssl_port, $errno, $errstr, $timeout)) {
		1342	// HTTPS detected. Redirect now, and remember that we had detected HTTPS
557	daniel-mar	1343	OIDplus::cookieUtils()->setcookie('SSL_CHECK', '1', 0, false);
80	daniel-mar	1344	$location = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
		1345	header('Location:'.$location);
360	daniel-mar	1346	die(_L('Redirecting to HTTPS...'));
591	daniel-mar	1347	#self::$sslAvailableCache = true;
		1348	#return true;
80	daniel-mar	1349	} else {
		1350	// No HTTPS detected. Do nothing, and next time, don't try to detect HTTPS again.
557	daniel-mar	1351	OIDplus::cookieUtils()->setcookie('SSL_CHECK', '0', 0, false);
230	daniel-mar	1352	self::$sslAvailableCache = false;
80	daniel-mar	1353	return false;
		1354	}
49	daniel-mar	1355	}
42	daniel-mar	1356	}
		1357	}
		1358	}
497	daniel-mar	1359
496	daniel-mar	1360	/**
		1361	* Gets a local path pointing to a resource
		1362	* @param string $target Target resource (file or directory must exist), or null to get the OIDplus base directory
		1363	* @param boolean $relative If true, the returning path is relative to the currently executed PHP file (not the CLI working directory)
590	daniel-mar	1364	* @return string\|false The local path, with guaranteed trailing path delimiter for directories
496	daniel-mar	1365	*/
		1366	public static function localpath($target=null, $relative=false) {
		1367	if (is_null($target)) {
		1368	$target = __DIR__.'/../../';
		1369	}
241	daniel-mar	1370
496	daniel-mar	1371	if ($relative) {
		1372	// First, try to find out how many levels we need to go up
		1373	$steps_up = self::getExecutingScriptPathDepth();
		1374	if ($steps_up === false) return false;
497	daniel-mar	1375
496	daniel-mar	1376	// Virtually go back from the executing PHP script to the OIDplus base path
		1377	$res = str_repeat('../',$steps_up);
497	daniel-mar	1378
496	daniel-mar	1379	// Then go to the desired location
		1380	$basedir = realpath(__DIR__.'/../../');
		1381	$target = realpath($target);
500	daniel-mar	1382	if ($target === false) return false;
496	daniel-mar	1383	$res .= substr($target, strlen($basedir)+1);
		1384	$res = rtrim($res,'/'); // avoid '..//' for localpath(null,true)
		1385	} else {
		1386	$res = realpath($target);
241	daniel-mar	1387	}
497	daniel-mar	1388
801	daniel-mar	1389	if (is_dir($target)) $res .= '/';
497	daniel-mar	1390
801	daniel-mar	1391	$res = str_replace('/', DIRECTORY_SEPARATOR, $res);
		1392
496	daniel-mar	1393	return $res;
241	daniel-mar	1394	}
355	daniel-mar	1395
496	daniel-mar	1396	/**
		1397	* Gets a URL pointing to a resource
		1398	* @param string $target Target resource (file or directory must exist), or null to get the OIDplus base directory
806	daniel-mar	1399	* @param int\|boolean $mode If true or OIDplus::PATH_RELATIVE, the returning path is relative to the currently executed
		1400	* PHP script (i.e. index.php , not the plugin PHP script!). False or OIDplus::PATH_ABSOLUTE is
		1401	* results in an absolute URL. OIDplus::PATH_ABSOLUTE_CANONICAL is an absolute URL,
		1402	* but a canonical path (set by base config setting CANONICAL_SYSTEM_URL) is preferred.
590	daniel-mar	1403	* @return string\|false The URL, with guaranteed trailing path delimiter for directories
496	daniel-mar	1404	*/
806	daniel-mar	1405	public static function webpath($target=null, $mode=self::PATH_ABSOLUTE_CANONICAL) {
801	daniel-mar	1406	// backwards compatibility
		1407	if ($mode === true) $mode = self::PATH_RELATIVE;
		1408	if ($mode === false) $mode = self::PATH_ABSOLUTE;
		1409
811	daniel-mar	1410	if ($mode == OIDplus::PATH_RELATIVE_TO_ROOT) {
812	daniel-mar	1411	$tmp = OIDplus::webpath($target,OIDplus::PATH_ABSOLUTE);
		1412	if ($tmp === false) return false;
		1413	$tmp = parse_url($tmp);
		1414	if ($tmp === false) return false;
		1415	if (!isset($tmp['path'])) return false;
		1416	return $tmp['path'];
811	daniel-mar	1417	}
		1418
812	daniel-mar	1419	if ($mode == OIDplus::PATH_RELATIVE_TO_ROOT_CANONICAL) {
		1420	$tmp = OIDplus::webpath($target,OIDplus::PATH_ABSOLUTE_CANONICAL);
		1421	if ($tmp === false) return false;
		1422	$tmp = parse_url($tmp);
		1423	if ($tmp === false) return false;
		1424	if (!isset($tmp['path'])) return false;
		1425	return $tmp['path'];
		1426	}
		1427
801	daniel-mar	1428	$res = self::getSystemUrl($mode); // Note: already contains a trailing path delimiter
778	daniel-mar	1429	if ($res === false) return false;
497	daniel-mar	1430
496	daniel-mar	1431	if (!is_null($target)) {
		1432	$basedir = realpath(__DIR__.'/../../');
		1433	$target = realpath($target);
500	daniel-mar	1434	if ($target === false) return false;
496	daniel-mar	1435	$tmp = substr($target, strlen($basedir)+1);
500	daniel-mar	1436	$res .= str_replace(DIRECTORY_SEPARATOR,'/',$tmp); // remove OS specific path delimiters introduced by realpath()
497	daniel-mar	1437	if (is_dir($target)) $res .= '/';
496	daniel-mar	1438	}
497	daniel-mar	1439
496	daniel-mar	1440	return $res;
		1441	}
497	daniel-mar	1442
778	daniel-mar	1443	public static function canonicalURL() {
		1444	// First part: OIDplus system URL (or canonical system URL)
801	daniel-mar	1445	$sysurl = OIDplus::getSystemUrl(self::PATH_ABSOLUTE_CANONICAL);
778	daniel-mar	1446
		1447	// Second part: Directory
		1448	$basedir = realpath(__DIR__.'/../../');
		1449	$target = realpath('.');
		1450	if ($target === false) return false;
		1451	$tmp = substr($target, strlen($basedir)+1);
		1452	$res = str_replace(DIRECTORY_SEPARATOR,'/',$tmp); // remove OS specific path delimiters introduced by realpath()
780	daniel-mar	1453	if (is_dir($target) && ($res != '')) $res .= '/';
778	daniel-mar	1454
		1455	// Third part: File name
		1456	$tmp = explode('/',$_SERVER['SCRIPT_NAME']);
		1457	$tmp = end($tmp);
		1458
		1459	// Fourth part: Query string (ordered)
		1460	$tmp2 = getSortedQuery();
		1461	if ($tmp2 != '') $tmp2 = '?'.$tmp2;
		1462
		1463	return $sysurl.$res.$tmp.$tmp2;
		1464	}
		1465
639	daniel-mar	1466	private static $shutdown_functions = array();
		1467	public static function register_shutdown_function($func) {
		1468	self::$shutdown_functions[] = $func;
		1469	}
		1470
		1471	public static function invoke_shutdown() {
		1472	foreach (self::$shutdown_functions as $func) {
		1473	$func();
		1474	}
		1475	}
		1476
360	daniel-mar	1477	public static function getAvailableLangs() {
		1478	$langs = array();
		1479	foreach (OIDplus::getAllPluginManifests('language') as $pluginManifest) {
389	daniel-mar	1480	$code = $pluginManifest->getLanguageCode();
360	daniel-mar	1481	$langs[] = $code;
		1482	}
		1483	return $langs;
		1484	}
		1485
355	daniel-mar	1486	public static function getCurrentLang() {
360	daniel-mar	1487	if (isset($_GET['lang'])) {
		1488	$lang = $_GET['lang'];
		1489	} else if (isset($_POST['lang'])) {
		1490	$lang = $_POST['lang'];
		1491	} else if (isset($_COOKIE['LANGUAGE'])) {
		1492	$lang = $_COOKIE['LANGUAGE'];
		1493	} else {
		1494	$lang = self::DEFAULT_LANGUAGE;
		1495	}
		1496	$lang = substr(preg_replace('@[^a-z]@ismU', '', $lang),0,4); // sanitize
355	daniel-mar	1497	return $lang;
		1498	}
		1499
362	daniel-mar	1500	public static function handleLangArgument() {
		1501	if (isset($_GET['lang'])) {
		1502	// The "?lang=" argument is only for NoScript-Browsers/SearchEngines
		1503	// In case someone who has JavaScript clicks a ?lang= link, they should get
		1504	// the page in that language, but the cookie must be set, otherwise
		1505	// the menu and other stuff would be in their cookie-based-language and not the
		1506	// argument-based-language.
557	daniel-mar	1507	OIDplus::cookieUtils()->setcookie('LANGUAGE', $_GET['lang'], 0, true/HttpOnly off, because JavaScript also needs translation/);
362	daniel-mar	1508	} else if (isset($_POST['lang'])) {
557	daniel-mar	1509	OIDplus::cookieUtils()->setcookie('LANGUAGE', $_POST['lang'], 0, true/HttpOnly off, because JavaScript also needs translation/);
362	daniel-mar	1510	}
		1511	}
		1512
468	daniel-mar	1513	private static $translationArray = array();
469	daniel-mar	1514	protected static function getTranslationFileContents($translation_file) {
		1515	// First, try the cache
481	daniel-mar	1516	$cache_file = __DIR__ . '/../../userdata/cache/translation_'.md5($translation_file).'.ser';
469	daniel-mar	1517	if (file_exists($cache_file) && (filemtime($cache_file) == filemtime($translation_file))) {
		1518	$cac = @unserialize(file_get_contents($cache_file));
		1519	if ($cac) return $cac;
		1520	}
481	daniel-mar	1521
469	daniel-mar	1522	// If not successful, then load the XML file
		1523	$xml = @simplexml_load_string(file_get_contents($translation_file));
		1524	if (!$xml) return array(); // if there is an UTF-8 or parsing error, don't output any errors, otherwise the JavaScript is corrupt and the page won't render correctly
		1525	$cac = array();
		1526	foreach ($xml->message as $msg) {
		1527	$src = trim($msg->source->__toString());
		1528	$dst = trim($msg->target->__toString());
		1529	$cac[$src] = $dst;
		1530	}
		1531	@file_put_contents($cache_file,serialize($cac));
		1532	@touch($cache_file,filemtime($translation_file));
		1533	return $cac;
		1534	}
468	daniel-mar	1535	public static function getTranslationArray($requested_lang='*') {
362	daniel-mar	1536	foreach (OIDplus::getAllPluginManifests('language') as $pluginManifest) {
389	daniel-mar	1537	$lang = $pluginManifest->getLanguageCode();
362	daniel-mar	1538	if (strpos($lang,'/') !== false) continue; // just to be sure
		1539	if (strpos($lang,'\\') !== false) continue; // just to be sure
		1540	if (strpos($lang,'..') !== false) continue; // just to be sure
401	daniel-mar	1541
468	daniel-mar	1542	if (($requested_lang != '*') && ($lang != $requested_lang)) continue;
401	daniel-mar	1543
468	daniel-mar	1544	if (!isset(self::$translationArray[$lang])) {
		1545	self::$translationArray[$lang] = array();
		1546
		1547	$wildcard = $pluginManifest->getLanguageMessages();
		1548	if (strpos($wildcard,'/') !== false) continue; // just to be sure
		1549	if (strpos($wildcard,'\\') !== false) continue; // just to be sure
		1550	if (strpos($wildcard,'..') !== false) continue; // just to be sure
		1551
635	daniel-mar	1552	$translation_files = glob(__DIR__.'/../../plugins/'.'*'.'/language/'.$lang.'/'.$wildcard);
468	daniel-mar	1553	sort($translation_files);
		1554	foreach ($translation_files as $translation_file) {
		1555	if (!file_exists($translation_file)) continue;
469	daniel-mar	1556	$cac = self::getTranslationFileContents($translation_file);
		1557	foreach ($cac as $src => $dst) {
		1558	self::$translationArray[$lang][$src] = $dst;
468	daniel-mar	1559	}
401	daniel-mar	1560	}
362	daniel-mar	1561	}
		1562	}
468	daniel-mar	1563	return self::$translationArray;
362	daniel-mar	1564	}
		1565
699	daniel-mar	1566	public static function getEditionInfo() {
		1567	return @parse_ini_file(__DIR__.'/../edition.ini', true)['Edition'];
		1568	}
		1569
698	daniel-mar	1570	public static function findGitFolder() {
		1571	// Git command line saves git information in folder ".git"
		1572	// Plesk git saves git information in folder "../../../git/oidplus/" (or similar)
727	daniel-mar	1573	$dir = OIDplus::localpath();
698	daniel-mar	1574	if (is_dir($dir.'/.git')) return $dir.'/.git';
		1575	$i = 0;
		1576	do {
		1577	if (is_dir($dir.'/git')) {
719	daniel-mar	1578	$confs = @glob($dir.'/git/'.'*'.'/config');
		1579	if ($confs) foreach ($confs as $conf) {
698	daniel-mar	1580	$cont = file_get_contents($conf);
699	daniel-mar	1581	if (isset(OIDplus::getEditionInfo()['gitrepo']) && (OIDplus::getEditionInfo()['gitrepo'] != '') && (strpos($cont, OIDplus::getEditionInfo()['gitrepo']) !== false)) {
698	daniel-mar	1582	return dirname($conf);
		1583	}
		1584	}
		1585	}
		1586	$i++;
719	daniel-mar	1587	} while (($i<100) && ($dir != ($new_dir = @realpath($dir.'/../'))) && ($dir = $new_dir));
698	daniel-mar	1588	return false;
		1589	}
		1590
		1591	public static function getGitsvnRevision($dir='') {
		1592	try {
		1593	// tries command line and binary parsing
699	daniel-mar	1594	// requires vendor/danielmarschall/git_utils.inc.php
698	daniel-mar	1595	$git_dir = OIDplus::findGitFolder();
		1596	if ($git_dir === false) return false;
		1597	$commit_msg = git_get_latest_commit_message($git_dir);
		1598	} catch (Exception $e) {
		1599	return false;
		1600	}
		1601
		1602	$m = array();
		1603	if (preg_match('%git-svn-id: (.+)@(\\d+) %ismU', $commit_msg, $m)) {
		1604	return $m[2];
		1605	} else {
		1606	return false;
		1607	}
		1608	}
		1609
775	daniel-mar	1610	public static function prefilterQuery($static_node_id, $throw_exception) {
		1611	// Let namespace be case-insensitive
		1612	$ary = explode(':', $static_node_id, 2);
		1613	$ary[0] = strtolower($ary[0]);
		1614	$static_node_id = implode(':', $ary);
		1615
		1616	// Convert WEID to OID
		1617	if ((substr($static_node_id,0,5) == 'weid:') && class_exists('WeidOidConverter')) {
		1618	$ary = explode('$', $static_node_id, 2);
		1619	$weid = $ary[0];
		1620	$oid = WeidOidConverter::weid2oid($weid);
		1621	if ($oid === false) {
		1622	if ($throw_exception) throw new OIDplusException('This is not a valid WEID');
		1623	} else {
		1624	$ary[0] = $oid;
		1625	$static_node_id = 'oid:'.implode('$', $ary);
		1626	}
		1627	}
		1628
		1629	return $static_node_id;
		1630	}
374	daniel-mar	1631	}

Subversion Repositories oidplus

oidplus/trunk/includes/classes/OIDplus.class.php @ 1127 – Rev 819