/*
Amberdms Billing System
(c) Copyright 2014 Amberdms Ltd
www.amberdms.com/billing
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License version 3
only as published by the Free Software Foundation.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see .
*/
/*
Include configuration + libraries
*/
include("include/config.php");
include("include/amberphplib/main.php");
log_debug("index", "Starting index.php");
/*
Enforce HTTPS
*/
if (empty($_SERVER["HTTPS"]))
{
header("Location: https://". $_SERVER["HTTP_HOST"] .$_SERVER["PHP_SELF"]);
exit(0);
}
/*
Fetch the page name to display, and perform security checks
*/
// get the page to display
if (!empty($_GET["page"]))
{
$page = $_GET["page"];
}
else
{
$page = "home.php";
}
// perform security checks on the page
// security_localphp prevents any nasties, and then we check the the page exists.
$page_valid = 0;
if (!security_localphp($page))
{
log_write("error", "index", "Sorry, the requested page could not be found - please check your URL.");
}
else
{
if (!@file_exists($page))
{
log_write("error", "index", "Sorry, the requested page could not be found - please check your URL.");
}
else
{
/*
Load the page
*/
log_debug("index", "Loading page $page");
// include PHP code
include($page);
// create new page object
$page_obj = New page_output;
// page is valid
$page_valid = 1;
}
}
/*
Check if a custom theme has been selected and set the path variable accordingly.
*/
if (isset($_SESSION["user"]["theme"]))
{
$folder = sql_get_singlevalue("SELECT theme_name AS value FROM themes WHERE id = '". $_SESSION["user"]["theme"] ."'");
}
else
{
$folder = sql_get_singlevalue("SELECT t.theme_name AS value FROM themes t, config c WHERE c.name = 'THEME_DEFAULT' AND c.value = t.id");
}
// create path
$theme_path = "themes/".$folder."/";
?>
Amberdms Billing System//include standard CSS file
print "\n";
print "\n";
// include theme's CSS files
print "\n";
// include page-specific css files
if (isset($page_obj->requires["css"]))
{
foreach ($page_obj->requires["css"] as $includefile)
{
// we check if the file exists in the theme, if it does we use that, otherwise
// we fall back to default location.
//
// this allows people to write themes changing most of the application, without
// going to levels as crazy as trying to tweaks ever single weird use case and special pages.
if (file_exists($theme_path . $includefile))
{
log_write("debug", "main", "Including additional CSS file $theme_path$includefile instead of $includefile");
print "\n";
}
else
{
log_write("debug", "main", "Including additional CSS file from $includefile");
print "\n";
}
}
}
?>
// include page-specific javascript files
if (isset($page_obj->requires["javascript"]))
{
foreach ($page_obj->requires["javascript"] as $includefile)
{
log_write("debug", "main", "Including additional javascript file from $includefile");
print "\n";
}
}
?>
/*
If installed, include the translation tools
(the translation tools have their own functions for processing the request)
*/
if (file_exists("language/translate.php"));
{
include_once("language/translate.php");
}
?>
<?php print " | ![]() | if (user_online()) { print " logged on as ". $_SESSION["user"]["name"] ." | options | logout ";//if in translation mode, print short explanation and button to form if (isset($_SESSION["user"]["translation"]) && ($_SESSION["user"]["translation"]=="show_all_translatable_fields" || $_SESSION["user"]["translation"]=="show_only_non-translated_fields")) { print " ";} } ?> |
/*
Draw the main page menu
*/
if (user_online())
{
if ($page_valid == 1)
{
print "
";$obj_menu= New menu_main;
$obj_menu->page= $page;
if ($obj_menu->load_data())
{
$obj_menu->render_menu_standard();
}
print "
";}
}
/*
Check permissions, requirements and execute page
*/
if ($page_valid == 1)
{
// check permissions
if ($page_obj->check_permissions())
{
/*
Draw navigiation menu
*/
if (!empty($page_obj->obj_menu_nav))
{
print "
";$page_obj->obj_menu_nav->render_html();
print "
";}
/*
Check data
*/
$page_valid = $page_obj->check_requirements();
/*
Run page logic, provided that the data was valid
*/
if ($page_valid)
{
$page_obj->execute();
}
}
else
{
// user has no valid permissions
$page_valid = 0;
error_render_noperms();
}
}
/*
Draw messages
*/
if (!empty($_SESSION["error"]["message"]))
{
print "
";log_error_render();
print "
";}
else
{
if (!empty($_SESSION["notification"]["message"]))
{
print "
";log_notification_render();
print "
";}
}
/*
Draw page data
*/
if ($page_valid)
{
// HTML-formatted output
print "
";print "
print "
";$page_obj->render_html();
print "
";print "
";print "
";}
else
{
// padding
print "
";print "
print "
";print "
";print "
";print "
";}
// save query string, so the user can return here if they login. (providing none of the pages are in the user/ folder, as that will break some stuff otherwise.)
if (!preg_match('/^user/', $page))
{
$_SESSION["login"]["previouspage"] = $_SERVER["QUERY_STRING"];
}
?>
if (!empty($_SESSION["user"]["log_debug"]))
{
print "
";print "
";log_debug_render();
print "
";print "
";}
?>
// erase error and notification arrays
$_SESSION["user"]["log_debug"] = array();
$_SESSION["error"] = array();
$_SESSION["notification"] = array();
?>
一键复制
编辑
Web IDE
原始数据
按行查看
历史