Here is the master.php file. It may run out to the right a bit.
<?php
/*
##################################################
#
# Filename..........: $RCSfile: master.php,v $
# Original Author...: Anthony L. Awtrey
# Version...........: $Revision: 0.1 $
# Last Modified By..: $Author: aawtrey $
# Last Modified.....: $Date: 2006/09/21 01:30:22 $
#
# Copyright 2006 Anthony Awtrey
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
*/
/*
* NOTE:
* This file initializes all the necessary components of the website. Please
* keep in mind when adding anything to this file as it is run by every
* single page.
*/
// Define constants
define("ADODB_PATH", "/usr/share/php/adodb/adodb.inc.php");
define("DB_HOST_NAME", "localhost");
define("DB_NAME", "worship");
define("DB_USER_NAME", "worship");
define("DB_USER_PASS", "organizer");
/*
* Php has a allows: http://site.com/this.php/this.php
* |SCRIPT |PATH_INFO
* The extra /this.php is passed through Apache as a 'PATH_INFO'
* environment variable and this code redirects the path back out.
* I've seen search engines thrash on a site without this protection.
*/
if (
array_key_exists('PATH_INFO', $_SERVER)
)
{
$tmp_reg = "/".str_replace('/','/',$_SERVER['PATH_INFO'])."$/";
$tmp_url = preg_replace($tmp_reg, '', $_SERVER['REQUEST_URI']);
header("HTTP/1.1 301 Moved Permanently");
header("Location: $tmp_url");
header("Connection: close");
exit;
}
/*
* Define the relative URL based on relpath and REQUEST_URI
* This may seem odd, but it enables moving files around without having to
* explicitly define an absolute path to the web root.
*/
define("RELPATH",$relpath);
$temp_uri = $_SERVER['SCRIPT_NAME'];
if (@preg_match("/?/",$temp_uri)) { $temp_uri = @preg_replace("/?.*$/","",$temp_uri); }
$temp_uri = @preg_replace("/index.php$/","",$temp_uri);
$temp_uri = @preg_replace("//$/","",$temp_uri);
$temp_uri = @preg_replace("/^//","",$temp_uri);
$uri_array = explode("/", $temp_uri);
if ( is_file($uri_array[count($uri_array)-1]) ) {
$relfile = array_pop($uri_array);
define("RELFILE",$relfile);
}
for ($i = 0; $i < strlen(RELPATH) / 3; $i++ ) {
array_pop($uri_array);
}
if ( is_array($uri_array) ) {
$temp_uri = "/" . implode("/",$uri_array) . "/";
$reluri = str_replace($temp_uri, "", $_SERVER['REQUEST_URI']);
if ( $reluri == '/' ) { $reluri = "./"; }
define("RELURI",$reluri);
}
// Block warnings/errors on live site
// Set E_ALL is for all errors, 0 is for none
//error_reporting(0);
//error_reporting(E_ALL);
error_reporting(E_ALL & ~E_NOTICE & ~E_WARNING);
// Start the session handler
session_start();
// Seed the randomizer
srand((double)microtime()*1000000);
/*
* Clean POST and GET input. This removes 'dangerous' characters from input
* data. Keep this in mind while coding, so user input may have to be
* translated back to html from the entities stored in the data.
* NOTE:
* The POST processing function also sends an email for every POST request
* to alert the site admin of suspicious activity that may need to be
* addressed. (crackers / spammers / etc.)
*/
if ( $_SERVER['REQUEST_METHOD']=='POST' ) {
foreach( $_POST as $key => $val) {
if (!is_array($val)) {
$val = stripslashes($val);
$val = @preg_replace('/|\/','',$val);
$val = @preg_replace("/'/","'",$val);
$val = str2htmlentity($val);
$_POST[$key] = $val;
${$key} = $val;
}
}
//sendEmailNotification('Someone Posted');
}
foreach( $_GET as $key => $val) {
if (!is_array($val)) {
$val = stripslashes($val);
$val = @preg_replace('/|\/','',$val);
$val = @preg_replace("/'/","'",$val);
$val = str2htmlentity($val);
$_GET[$key] = $val;
${$key} = $val;
}
}
/*
* Load / create various classes and functions
*/
require_once("Data.php"); # Initialize data class
require_once("Page.php"); # Initialize page class
/*
* This function will provide an email containing all session, POST and GET
* information when called (see form input cleaning function above)
*/
function sendEmailNotification($subject='Email From Website') {
$email_body = "This is the session data:nn";
foreach( $_SESSION as $key => $val) {
$email_body .= ' ' . $key . ': ' . $val . "n";
}
$email_body .= "n";
$email_body .= "This is the post data:nn";
foreach( $_POST as $key => $val) {
$email_body .= ' ' . $key . ': ' . $val . "n";
}
$email_body .= "n";
$email_body .= "This is the get data:nn";
foreach( $_GET as $key => $val) {
$email_body .= ' ' . $key . ': ' . $val . "n";
}
$email_body .= "n";
$email_body .= "This is the server, browser and connection information:nn";
foreach( $_SERVER as $key => $val) {
$email_body .= ' ' . $key . ': ' . $val . "n";
}
include_once('Email.php');
$email = new Email('[email protected]','[email protected]',$subject,$email_body);
$email->send();
}
/*
* Yes, I know PHP has a built-in function that does this. It has some oddness
* depending on the version of PHP amoung other issues. See the PHP Manual
* for lots of people offering their version of an entity conversion script.
* I just want the 4 items here converted, so I did just wrote a function that
* does only what I want it to do.
*/
function str2htmlentity($string) {
$string = @preg_replace('/"/', '"', $string);
$string = @preg_replace('/</', '<', $string);
$string = @preg_replace('/>/', '>', $string);
$string = @preg_replace('/&/', '&', $string);
return($string);
}
function htmlentity2str($string) {
$string = @preg_replace('/"/', '"', $string);
$string = @preg_replace('/</', '<', $string);
$string = @preg_replace('/>/', '>', $string);
$string = @preg_replace('/&/', '&', $string);
return($string);
}
/*
* Get the English suffix for a given day for calendars
*/
function get_day_suffix($dayOfTheMonth) {
$suffix = array(
1 => 'st',
2 => 'nd',
3 => 'rd',
21 => 'st',
22 => 'nd',
23 => 'rd',
31 => 'st'
);
return isset($suffix[$dayOfTheMonth]) ? $suffix[$dayOfTheMonth] : 'th';
}
/*
* Get the English name for a given number
*/
function get_number_name($number) {
$name = array(
1 => 'First',
2 => 'Second',
3 => 'Third',
4 => 'Fourth',
5 => 'Fifth',
6 => 'Sixth',
7 => 'Seventh',
8 => 'Seventh',
9 => 'Seventh'
);
return isset($name[$number]) ? $name[$number] : '';
}
/*
* This is a handy function that truncates a string of text at the first space
* character before the specified length.
*/
function truncate_string($string,$length='300') {
if ( strlen($string) > $length ) {
$string = preg_replace('/s+?(S+)?$/', '', substr($string, 0, $length+1));
return substr($string, 0, $length);
} else {
return $string;
}
}
/*
* Function to properly handle HTTP Location: redirects.
*/
function redirect($location='') {
if ( $location == '' ) { $location = RELPATH; }
header("HTTP/1.1 302 Moved Temporarily");
header("Location: $location");
header("Connection: close");
exit;
}
/*
* Site login function
*/
function login($inLogin,$inPassword) {
$account = new Data("account");
if ( $login = $account->return_array("SELECT * FROM account WHERE login='$inLogin' AND password='$inPassword'") )
{
$_SESSION['login'] = $login[0]['id'];
return true;
} else {
return false;
}
}
/*
* Site logout function
*/
function logout() {
if ($_SESSION['login']) {
$_SESSION = array();
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time()-42000, '/');
}
session_destroy();
}
}
/*
* Just like print_r but returns a string instead echoing directly to the browser
*/
function print_readable($pr_var, $pr_ret = false, $pr_level = 0)
{
$pr_prefix = str_repeat(" ", $pr_level * 4);
if ((is_array($pr_var)) or (is_object($pr_var))) {
if ($pr_level == 0) {
$pr_base = true;
if (is_array($pr_var)) { $pr_ret = $pr_prefix . "Arrayn"; } else { $pr_ret = $pr_prefix . get_class($pr_var) . " Objectn"; }
$pr_ret .= $pr_prefix . "(n";
$pr_level += 1; $pr_prefix = str_repeat(" ", ($pr_level) * 4);
} else {
$pr_base = false;
$pr_level += 1; $pr_prefix = str_repeat(" ", ($pr_level) * 4);
$pr_ret .= $pr_prefix . "(n";
$pr_level += 1; $pr_prefix = str_repeat(" ", ($pr_level) * 4);
}
foreach($pr_var as $pr_var_key=>$pr_var_value) {
$pr_ret .= $pr_prefix . '[' . $pr_var_key . "] => ";
if (is_array($pr_var_value)) {
$pr_ret .= "Arrayn";
$pr_ret .= print_readable($pr_var_value, $pr_print, $pr_level);
} elseif (is_object($pr_var_value)){
$pr_ret .= get_class($pr_var_value) . " Objectn";
$pr_ret .= print_readable($pr_var_value, $pr_print, $pr_level);
} else {
$pr_ret .= $pr_var_value."n";
}
}
$pr_level -= 1; $pr_prefix = str_repeat(" ", ($pr_level) * 4);
$pr_ret .= $pr_prefix . ")n";
if ($pr_base = false) $pr_level -= 1;
} else {
$pr_ret = $pr_prefix."$varn";
}
$pr_ret .= "n";
if (($level = 0) and ($ret == true)) {
return($pr_ret);
} else {
return($pr_ret);
}
}
?>