2008-07-14 21:54:50 +08:00
|
|
|
<?php
|
|
|
|
//
|
|
|
|
// ZoneMinder main web interface file, $Date$, $Revision$
|
2008-07-25 17:48:16 +08:00
|
|
|
// Copyright (C) 2001-2008 Philip Coombes
|
2008-07-14 21:54:50 +08:00
|
|
|
//
|
|
|
|
// This program is free software; you can redistribute it and/or
|
|
|
|
// modify it under the terms of the GNU General Public License
|
|
|
|
// as published by the Free Software Foundation; either version 2
|
|
|
|
// of the License, or (at your option) any later version.
|
|
|
|
//
|
|
|
|
// This program is distributed in the hope that it will be useful,
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
// GNU General Public License for more details.
|
|
|
|
//
|
|
|
|
// You should have received a copy of the GNU General Public License
|
|
|
|
// along with this program; if not, write to the Free Software
|
|
|
|
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
|
|
//
|
|
|
|
|
|
|
|
error_reporting( E_ALL );
|
|
|
|
|
|
|
|
$debug = false;
|
|
|
|
if ( $debug )
|
|
|
|
{
|
|
|
|
// Use these for debugging, though not both at once!
|
|
|
|
phpinfo( INFO_VARIABLES );
|
|
|
|
//error_reporting( E_ALL );
|
|
|
|
}
|
|
|
|
|
|
|
|
// Use new style autoglobals where possible
|
|
|
|
if ( version_compare( phpversion(), "4.1.0", "<") )
|
|
|
|
{
|
|
|
|
$_SESSION = &$HTTP_SESSION_VARS;
|
|
|
|
$_SERVER = &$HTTP_SERVER_VARS;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Useful debugging lines for mobile devices
|
|
|
|
if ( false )
|
|
|
|
{
|
|
|
|
ob_start();
|
|
|
|
phpinfo( INFO_VARIABLES );
|
|
|
|
$fp = fopen( "/tmp/env.html", "w" );
|
|
|
|
fwrite( $fp, ob_get_contents() );
|
|
|
|
fclose( $fp );
|
|
|
|
ob_end_clean();
|
|
|
|
}
|
|
|
|
|
2015-01-05 00:50:24 +08:00
|
|
|
require_once( 'includes/config.php' );
|
|
|
|
require_once( 'includes/logger.php' );
|
|
|
|
|
2008-07-14 21:54:50 +08:00
|
|
|
if ( isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == 'on' )
|
|
|
|
{
|
|
|
|
$protocol = 'https';
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
$protocol = 'http';
|
|
|
|
}
|
|
|
|
define( "ZM_BASE_URL", $protocol.'://'.$_SERVER['HTTP_HOST'] );
|
|
|
|
|
|
|
|
if ( isset($_GET['skin']) )
|
|
|
|
$skin = $_GET['skin'];
|
|
|
|
elseif ( isset($_COOKIE['zmSkin']) )
|
|
|
|
$skin = $_COOKIE['zmSkin'];
|
2015-02-20 05:04:06 +08:00
|
|
|
elseif ( defined(ZM_SKIN_DEFAULT) )
|
2014-12-18 05:45:41 +08:00
|
|
|
$skin = ZM_SKIN_DEFAULT;
|
2008-07-14 21:54:50 +08:00
|
|
|
else
|
|
|
|
$skin = "classic";
|
|
|
|
|
2015-02-20 03:17:33 +08:00
|
|
|
$skins = array_map( 'basename', glob('skins/*',GLOB_ONLYDIR) );
|
|
|
|
if ( ! in_array( $skin, $skins ) ) {
|
2015-02-20 04:57:37 +08:00
|
|
|
Error( "Invalid skin '$skin'" );
|
2015-02-20 03:17:33 +08:00
|
|
|
$skin = 'classic';
|
|
|
|
}
|
|
|
|
|
2014-11-27 00:26:29 +08:00
|
|
|
if ( isset($_GET['css']) )
|
|
|
|
$css = $_GET['css'];
|
|
|
|
elseif ( isset($_COOKIE['zmCSS']) )
|
|
|
|
$css = $_COOKIE['zmCSS'];
|
2015-02-20 03:17:33 +08:00
|
|
|
elseif (defined(ZM_CSS_DEFAULT))
|
2014-12-18 05:45:41 +08:00
|
|
|
$css = ZM_CSS_DEFAULT;
|
2014-11-27 00:26:29 +08:00
|
|
|
else
|
|
|
|
$css = "classic";
|
|
|
|
|
2015-02-20 03:17:33 +08:00
|
|
|
$css_skins = array_map( 'basename', glob('skins/'.$skin.'/css/*',GLOB_ONLYDIR) );
|
|
|
|
if ( ! in_array( $css, $css_skins ) ) {
|
2015-02-20 04:57:37 +08:00
|
|
|
Error( "Invalid skin css '$css'" );
|
2015-02-20 03:17:33 +08:00
|
|
|
$css = 'classic';
|
|
|
|
}
|
|
|
|
|
2008-07-16 21:23:32 +08:00
|
|
|
define( "ZM_BASE_PATH", dirname( $_SERVER['REQUEST_URI'] ) );
|
2008-07-14 21:54:50 +08:00
|
|
|
define( "ZM_SKIN_PATH", "skins/$skin" );
|
|
|
|
|
2008-07-23 17:57:11 +08:00
|
|
|
$skinBase = array(); // To allow for inheritance of skins
|
2008-07-14 21:54:50 +08:00
|
|
|
if ( !file_exists( ZM_SKIN_PATH ) )
|
2011-06-21 17:19:10 +08:00
|
|
|
Fatal( "Invalid skin '$skin'" );
|
2008-07-14 21:54:50 +08:00
|
|
|
require_once( ZM_SKIN_PATH.'/includes/init.php' );
|
2008-07-23 17:57:11 +08:00
|
|
|
$skinBase[] = $skin;
|
2008-07-14 21:54:50 +08:00
|
|
|
|
|
|
|
ini_set( "session.name", "ZMSESSID" );
|
|
|
|
|
|
|
|
session_start();
|
|
|
|
|
|
|
|
if ( !isset($_SESSION['skin']) || isset($_REQUEST['skin']) )
|
|
|
|
{
|
|
|
|
$_SESSION['skin'] = $skin;
|
2014-05-01 15:53:45 +08:00
|
|
|
setcookie( "zmSkin", $skin, time()+3600*24*30*12*10 );
|
2008-07-14 21:54:50 +08:00
|
|
|
}
|
|
|
|
|
2014-11-27 00:26:29 +08:00
|
|
|
if ( !isset($_SESSION['css']) || isset($_REQUEST['css']) ) {
|
|
|
|
$_SESSION['css'] = $css;
|
|
|
|
setcookie( "zmCSS", $css, time()+3600*24*30*12*10 );
|
|
|
|
}
|
|
|
|
|
2008-07-14 21:54:50 +08:00
|
|
|
if ( ZM_OPT_USE_AUTH )
|
|
|
|
if ( isset( $_SESSION['user'] ) )
|
|
|
|
$user = $_SESSION['user'];
|
|
|
|
else
|
|
|
|
unset( $user );
|
|
|
|
else
|
2008-07-16 16:42:28 +08:00
|
|
|
$user = $defaultUser;
|
2008-07-14 21:54:50 +08:00
|
|
|
|
|
|
|
require_once( 'includes/lang.php' );
|
|
|
|
require_once( 'includes/functions.php' );
|
2008-09-26 17:47:20 +08:00
|
|
|
|
|
|
|
if ( isset($_REQUEST['view']) )
|
2011-07-22 16:37:01 +08:00
|
|
|
$view = detaintPath($_REQUEST['view']);
|
|
|
|
|
|
|
|
if ( isset($_REQUEST['request']) )
|
|
|
|
$request = detaintPath($_REQUEST['request']);
|
2008-09-26 17:47:20 +08:00
|
|
|
|
|
|
|
if ( isset($_REQUEST['action']) )
|
2011-07-22 16:37:01 +08:00
|
|
|
$action = detaintPath($_REQUEST['action']);
|
2008-09-26 17:47:20 +08:00
|
|
|
|
2008-07-14 21:54:50 +08:00
|
|
|
foreach ( getSkinIncludes( 'skin.php' ) as $includeFile )
|
|
|
|
require_once $includeFile;
|
|
|
|
|
2014-01-04 07:33:01 +08:00
|
|
|
require_once( 'includes/actions.php' );
|
|
|
|
|
2014-12-12 22:38:54 +08:00
|
|
|
# If I put this here, it protects all views and popups, but it has to go after actions.php because actions.php does the actual logging in.
|
|
|
|
if ( ZM_OPT_USE_AUTH && ! isset($user) && $view != 'login' ) {
|
|
|
|
$view = 'login';
|
|
|
|
}
|
|
|
|
|
2015-04-21 01:06:34 +08:00
|
|
|
# Only one request can open the session file at a time, so let's close the session here to improve concurrency.
|
|
|
|
# Any file/page that uses the session must re-open it.
|
|
|
|
session_write_close();
|
|
|
|
|
2008-07-14 21:54:50 +08:00
|
|
|
if ( isset( $_REQUEST['request'] ) )
|
|
|
|
{
|
2008-09-26 17:47:20 +08:00
|
|
|
foreach ( getSkinIncludes( 'ajax/'.$request.'.php', true, true ) as $includeFile )
|
|
|
|
{
|
|
|
|
if ( !file_exists( $includeFile ) )
|
2011-06-21 17:19:10 +08:00
|
|
|
Fatal( "Request '$request' does not exist" );
|
2008-07-14 21:54:50 +08:00
|
|
|
require_once $includeFile;
|
2008-09-26 17:47:20 +08:00
|
|
|
}
|
2008-08-03 23:05:33 +08:00
|
|
|
return;
|
2008-07-14 21:54:50 +08:00
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
2008-09-26 17:47:20 +08:00
|
|
|
if ( $includeFiles = getSkinIncludes( 'views/'.$view.'.php', true, true ) )
|
2008-07-14 21:54:50 +08:00
|
|
|
{
|
|
|
|
foreach ( $includeFiles as $includeFile )
|
2008-09-26 17:47:20 +08:00
|
|
|
{
|
|
|
|
if ( !file_exists( $includeFile ) )
|
2011-06-21 17:19:10 +08:00
|
|
|
Fatal( "View '$view' does not exist" );
|
2008-07-14 21:54:50 +08:00
|
|
|
require_once $includeFile;
|
2008-09-26 17:47:20 +08:00
|
|
|
}
|
2014-12-16 06:17:03 +08:00
|
|
|
// If the view overrides $view to 'error', and the user is not logged in, then the
|
|
|
|
// issue is probably resolvable by logging in, so provide the opportunity to do so.
|
|
|
|
// The login view should handle redirecting to the correct location afterward.
|
|
|
|
if ( $view == 'error' && !isset($user) )
|
|
|
|
{
|
|
|
|
$view = 'login';
|
|
|
|
foreach ( getSkinIncludes( 'views/login.php', true, true ) as $includeFile )
|
|
|
|
require_once $includeFile;
|
|
|
|
}
|
2008-07-14 21:54:50 +08:00
|
|
|
}
|
2014-12-16 06:17:03 +08:00
|
|
|
// If the view is missing or the view still returned error with the user logged in,
|
|
|
|
// then it is not recoverable.
|
2008-09-26 17:47:20 +08:00
|
|
|
if ( !$includeFiles || $view == 'error' )
|
2008-07-14 21:54:50 +08:00
|
|
|
{
|
|
|
|
foreach ( getSkinIncludes( 'views/error.php', true, true ) as $includeFile )
|
|
|
|
require_once $includeFile;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
?>
|