Location: PHPKode > projects > QuickSilver Forum > quicksilverforums-1.5.1/admincp/index.php
<?php
/**
 * Quicksilver Forums
 * Copyright (c) 2005-2011 The Quicksilver Forums Development Team
 *  http://code.google.com/p/quicksilverforums/
 * 
 * Based on MercuryBoard
 * Copyright (c) 2001-2005 The Mercury Development Team
 *  http://www.mercuryboard.com/
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 **/

define('QUICKSILVERFORUMS', true);
define('QSF_ADMIN', true);
define('ADMINCP_TIMEOUT', 900 ); // 15 mins of inactivity logs a user out.

$time_now   = explode(' ', microtime());
$time_start = $time_now[1] + $time_now[0];

require '../settings.php';
$set['include_path'] = '..';
require_once $set['include_path'] . '/defaultutils.php';

if (!$set['installed']) {
	header('Location: ../install/index.php');
	exit();
}

ob_start('ob_gzhandler');

header( 'P3P: CP="CAO PSA OUR"' );
session_start();

set_error_handler('error');

error_reporting(E_ALL);

// Check for any addons available
include_addons($set['include_path'] . '/addons/');

/*
 * Logic here:
 * If 'a' is not set, but some other query is, it's a bogus request for this software.
 * If 'a' is set, but the module doesn't exist, it's either a malformed URL or a bogus request.
 * Otherwise $missing remains false and no error is generated later.
 */
$missing = false;
if (!isset($_GET['a']) ) {
	$module = $modules['default_admin_module'];
	if( isset($_SERVER['QUERY_STRING']) && !empty($_SERVER['QUERY_STRING']) )
		$missing = true;
} elseif ( !file_exists( 'sources/' . $_GET['a'] . '.php' ) ) {
	$module = $modules['default_admin_module'];

	$missing = true;
} else {
	$module = $_GET['a'];
}

if ( strstr($module, '/') || strstr($module, '\\') ) {
	header('HTTP/1.0 403 Forbidden');
	exit( 'You have been banned from this site.' );
}

require './sources/' . $module . '.php';

$db = new $modules['database']($set['db_host'], $set['db_user'], $set['db_pass'], $set['db_name'], $set['db_port'], $set['db_socket'], $set['prefix']);

if (!$db->connection) {
	exit('<center><font face="verdana" size="4" color="#000000"><b>A connection to the database could not be established and/or the specified database could not be found.</font></center>');
}

$admin = new $module($db);

$admin->get['a'] = $module;
$admin->pre      = $set['prefix'];
$admin->sets     = $admin->get_settings($set);
$admin->modules  = $modules;
$admin->user_cl  = new $admin->modules['user']($admin);
$admin->user     = $admin->user_cl->login();
$admin->lang     = $admin->get_lang($admin->user['user_language'], $admin->get['a']);
$server_load     = $admin->get_load();

// on every module other than login, restrict
if ( 'alogin' != $module )
{
	// check last visit time is set and delta does not exceed ADMINCP_TIMEOUT
	if ( !array_key_exists( 'admincp_timeout', $_SESSION ) 
		|| (time() - $_SESSION['admincp_timeout']) > ADMINCP_TIMEOUT )
	{
		header('Location: ./?a=alogin');
		exit();
	} else {
		$_SESSION['admincp_timeout'] = time();
	}
}

if (!isset($admin->get['skin'])) {
	$admin->skin = $admin->user['skin_dir'];
} else {
	$admin->skin = $admin->get['skin'];
}

$admin->init();

$output = $admin->execute();

$title = isset($qsf->title) ? $qsf->title : $admin->name .' Admin CP';

$time_now  = explode(' ', microtime());
$time_exec = round(($time_now[1] + $time_now[0]) - $time_start, 4);

if (!$admin->nohtml) {
	$admin_main = $output . eval($admin->template('ADMIN_COPYRIGHT'));
	echo eval($admin->template('ADMIN_INDEX'));
} else {
	echo $output;
}
@ob_end_flush();
@flush();

// Close the DB connection.
$admin->db->close();
?>
Return current item: QuickSilver Forum