PageRenderTime 70ms CodeModel.GetById 14ms RepoModel.GetById 1ms app.codeStats 0ms

/phpmyfaq/index.php

http://github.com/thorsten/phpMyFAQ
PHP | 769 lines | 568 code | 62 blank | 139 comment | 123 complexity | 36518cff4169a7b1b85a0f619a718c0b MD5 | raw file
Possible License(s): MPL-2.0-no-copyleft-exception, LGPL-2.1, LGPL-3.0 
    

  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * This is the main public frontend page of phpMyFAQ. It detects the browser's
    5. 

  5.  * language, gets and sets all cookie, post and get information and includes
    6. 

  6.  * the templates we need and set all internal variables to the template
    7. 

  7.  * variables. That's all.
    8. 

  8.  *
    9. 

  9.  * This Source Code Form is subject to the terms of the Mozilla Public License,
    10. 

  10.  * v. 2.0. If a copy of the MPL was not distributed with this file, You can
    11. 

  11.  * obtain one at http://mozilla.org/MPL/2.0/.
    12. 

  12.  *
    13. 

  13.  * @package phpMyFAQ
    14. 

  14.  * @author Thorsten Rinne <thorsten@phpmyfaq.de>
    15. 

  15.  * @author Lars Tiedemann <php@larstiedemann.de>
    16. 

  16.  * @author Matteo Scaramuccia <matteo@phpmyfaq.de>
    17. 

  17.  * @copyright 2001-2021 phpMyFAQ Team
    18. 

  18.  * @license http://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0
    19. 

  19.  * @link https://www.phpmyfaq.de
    20. 

  20.  * @since 2001-02-12
    21. 

  21.  */
    22. 

  22. 

  23. use phpMyFAQ\Attachment\AttachmentFactory;
    24. 

  24. use phpMyFAQ\Auth\AuthLdap as AuthLdap;
    25. 

  25. use phpMyFAQ\Auth\AuthSso as AuthSso;
    26. 

  26. use phpMyFAQ\Category;
    27. 

  27. use phpMyFAQ\Category\CategoryRelation;
    28. 

  28. use phpMyFAQ\Core\Exception;
    29. 

  29. use phpMyFAQ\Faq;
    30. 

  30. use phpMyFAQ\Filter;
    31. 

  31. use phpMyFAQ\Helper\CategoryHelper as HelperCategory;
    32. 

  32. use phpMyFAQ\Helper\HttpHelper as HelperHttp;
    33. 

  33. use phpMyFAQ\Helper\LanguageHelper;
    34. 

  34. use phpMyFAQ\Language;
    35. 

  35. use phpMyFAQ\Language\Plurals;
    36. 

  36. use phpMyFAQ\Link;
    37. 

  37. use phpMyFAQ\Permission\MediumPermission;
    38. 

  38. use phpMyFAQ\Seo;
    39. 

  39. use phpMyFAQ\Session;
    40. 

  40. use phpMyFAQ\Strings;
    41. 

  41. use phpMyFAQ\System;
    42. 

  42. use phpMyFAQ\Tags;
    43. 

  43. use phpMyFAQ\Template;
    44. 

  44. use phpMyFAQ\Template\TemplateHelper;
    45. 

  45. use phpMyFAQ\User\CurrentUser;
    46. 

  46. use phpMyFAQ\Utils;
    47. 

  47. 

  48. //
    49. 

  49. // Define the named constant used as a check by any included PHP file
    50. 

  50. //
    51. 

  51. const IS_VALID_PHPMYFAQ = null;
    52. 

  52. 

  53. //
    54. 

  54. // Bootstrapping
    55. 

  55. //
    56. 

  56. require __DIR__ . '/src/Bootstrap.php';
    57. 

  57. 

  58. //
    59. 

  59. // HTTP Helper
    60. 

  60. //
    61. 

  61. $http = new HelperHttp();
    62. 

  62. 

  63. //
    64. 

  64. // Get language (default: english)
    65. 

  65. //
    66. 

  66. $Language = new Language($faqConfig);
    67. 

  67. $faqLangCode = $Language->setLanguage($faqConfig->get('main.languageDetection'), $faqConfig->get('main.language'));
    68. 

  68. // Preload English strings
    69. 

  69. require_once 'lang/language_en.php';
    70. 

  70. $faqConfig->setLanguage($Language);
    71. 

  71. 

  72. $showCaptcha = Filter::filterInput(INPUT_GET, 'gen', FILTER_UNSAFE_RAW);
    73. 

  73. if (isset($faqLangCode) && Language::isASupportedLanguage($faqLangCode) && is_null($showCaptcha)) {
    74. 

  74.     // Overwrite English strings with the ones we have in the current language,
    75. 

  75.     // but don't include UTF-8 encoded files, these will break the captcha images
    76. 

  76.     if (!file_exists('lang/language_' . $faqLangCode . '.php')) {
    77. 

  77.         $faqLangCode = 'en';
    78. 

  78.     }
    79. 

  79.     require_once 'lang/language_' . $faqLangCode . '.php';
    80. 

  80. } else {
    81. 

  81.     $faqLangCode = 'en';
    82. 

  82. }
    83. 

  83. 

  84. //Load plurals support for selected language
    85. 

  85. $plr = new Plurals($PMF_LANG);
    86. 

  86. 

  87. //
    88. 

  88. // Initializing static string wrapper
    89. 

  89. //
    90. 

  90. Strings::init($faqLangCode);
    91. 

  91. 

  92. /*
    93. 

  93.  * Initialize attachment factory
    94. 

  94.  */
    95. 

  95. AttachmentFactory::init(
    96. 

  96.     $faqConfig->get('records.attachmentsStorageType'),
    97. 

  97.     $faqConfig->get('records.defaultAttachmentEncKey'),
    98. 

  98.     $faqConfig->get('records.enableAttachmentEncryption')
    99. 

  99. );
    100. 

  100. 

  101. //
    102. 

  102. // Get user action
    103. 

  103. //
    104. 

  104. $action = Filter::filterInput(INPUT_GET, 'action', FILTER_UNSAFE_RAW);
    105. 

  105. 

  106. //
    107. 

  107. // Authenticate current user
    108. 

  108. //
    109. 

  109. $auth = $error = null;
    110. 

  110. $loginVisibility = 'hidden';
    111. 

  111. 

  112. $faqusername = Filter::filterInput(INPUT_POST, 'faqusername', FILTER_UNSAFE_RAW);
    113. 

  113. $faqpassword = Filter::filterInput(INPUT_POST, 'faqpassword', FILTER_UNSAFE_RAW, FILTER_FLAG_NO_ENCODE_QUOTES);
    114. 

  114. $faqaction = Filter::filterInput(INPUT_POST, 'faqloginaction', FILTER_UNSAFE_RAW);
    115. 

  115. $rememberMe = Filter::filterInput(INPUT_POST, 'faqrememberme', FILTER_UNSAFE_RAW);
    116. 

  116. 

  117. // Set username via SSO
    118. 

  118. if ($faqConfig->get('security.ssoSupport') && isset($_SERVER['REMOTE_USER'])) {
    119. 

  119.     $faqusername = trim($_SERVER['REMOTE_USER']);
    120. 

  120.     $faqpassword = '';
    121. 

  121. }
    122. 

  122. 

  123. // Login via local DB or LDAP or SSO
    124. 

  124. if (!is_null($faqusername) && !is_null($faqpassword)) {
    125. 

  125.     $user = new CurrentUser($faqConfig);
    126. 

  126.     if (!is_null($rememberMe) && 'rememberMe' === $rememberMe) {
    127. 

  127.         $user->enableRememberMe();
    128. 

  128.     }
    129. 

  129.     if ($faqConfig->get('ldap.ldapSupport') && function_exists('ldap_connect')) {
    130. 

  130.         try {
    131. 

  131.             $authLdap = new AuthLdap($faqConfig);
    132. 

  132.             $user->addAuth($authLdap, 'ldap');
    133. 

  133.         } catch (Exception $e) {
    134. 

  134.             $error = $e->getMessage() . '<br>';
    135. 

  135.         }
    136. 

  136.     }
    137. 

  137.     if ($faqConfig->get('security.ssoSupport')) {
    138. 

  138.         $authSso = new AuthSso($faqConfig);
    139. 

  139.         $user->addAuth($authSso, 'sso');
    140. 

  140.     }
    141. 

  141. 

  142.     if ($user->login($faqusername, $faqpassword)) {
    143. 

  143.         if ($user->getStatus() != 'blocked') {
    144. 

  144.             $auth = true;
    145. 

  145.             if (empty($action)) {
    146. 

  146.                 $action = $faqaction; // SSO logins don't have $faqaction
    147. 

  147.             }
    148. 

  148.         } else {
    149. 

  149.             $error = $error . $PMF_LANG['ad_auth_fail'] . ' (' . $faqusername . ')';
    150. 

  150.             $loginVisibility = '';
    151. 

  151.             $action = 'password' === $action ? 'password' : 'login';
    152. 

  152.         }
    153. 

  153.     } else {
    154. 

  154.         // error
    155. 

  155.         $error = $error . $PMF_LANG['ad_auth_fail'];
    156. 

  156.         $loginVisibility = '';
    157. 

  157.         $action = 'password' === $action ? 'password' : 'login';
    158. 

  158.     }
    159. 

  159. } else {
    160. 

  160.     // Try to authenticate with cookie information
    161. 

  161.     $user = CurrentUser::getFromCookie($faqConfig);
    162. 

  162. 

  163.     // authenticate with session information
    164. 

  164.     if (!$user instanceof CurrentUser) {
    165. 

  165.         $user = CurrentUser::getFromSession($faqConfig);
    166. 

  166.     }
    167. 

  167. 

  168.     if ($user instanceof CurrentUser) {
    169. 

  169.         $auth = true;
    170. 

  170.     } else {
    171. 

  171.         $user = new CurrentUser($faqConfig);
    172. 

  172.     }
    173. 

  173. }
    174. 

  174. 

  175. //
    176. 

  176. // Logout
    177. 

  177. //
    178. 

  178. if ('logout' === $action && isset($auth)) {
    179. 

  179.     $user->deleteFromSession(true);
    180. 

  180.     $auth = null;
    181. 

  181.     $action = 'main';
    182. 

  182.     $ssoLogout = $faqConfig->get('security.ssoLogoutRedirect');
    183. 

  183.     if ($faqConfig->get('security.ssoSupport') && !empty($ssoLogout)) {
    184. 

  184.         header('Location: ' . $ssoLogout);
    185. 

  185.     } else {
    186. 

  186.         header('Location: ' . $faqConfig->getDefaultUrl());
    187. 

  187.     }
    188. 

  188. }
    189. 

  189. 

  190. //
    191. 

  191. // Get current user and group id - default: -1
    192. 

  192. //
    193. 

  193. if (!is_null($user) && $user instanceof CurrentUser) {
    194. 

  194.     $currentUser = $user->getUserId();
    195. 

  195.     if ($user->perm instanceof MediumPermission) {
    196. 

  196.         $currentGroups = $user->perm->getUserGroups($currentUser);
    197. 

  197.     } else {
    198. 

  198.         $currentGroups = [-1];
    199. 

  199.     }
    200. 

  200.     if (0 == count($currentGroups)) {
    201. 

  201.         $currentGroups = [-1];
    202. 

  202.     }
    203. 

  203. } else {
    204. 

  204.     $currentUser = -1;
    205. 

  205.     $currentGroups = [-1];
    206. 

  206. }
    207. 

  207. 

  208. //
    209. 

  209. // Use mbstring extension if available and when possible
    210. 

  210. //
    211. 

  211. $validMbStrings = ['ja', 'en', 'uni'];
    212. 

  212. $mbLanguage = ($PMF_LANG['metaLanguage'] != 'ja') ? 'uni' : $PMF_LANG['metaLanguage'];
    213. 

  213. if (function_exists('mb_language') && in_array($mbLanguage, $validMbStrings)) {
    214. 

  214.     mb_language($mbLanguage);
    215. 

  215.     mb_internal_encoding('utf-8');
    216. 

  216. }
    217. 

  217. 

  218. //
    219. 

  219. // Found a session ID in _GET or _COOKIE?
    220. 

  220. //
    221. 

  221. $sidGet = Filter::filterInput(INPUT_GET, PMF_GET_KEY_NAME_SESSIONID, FILTER_VALIDATE_INT);
    222. 

  222. $sidCookie = Filter::filterInput(INPUT_COOKIE, Session::PMF_COOKIE_NAME_SESSIONID, FILTER_VALIDATE_INT);
    223. 

  223. $faqSession = new Session($faqConfig);
    224. 

  224. $faqSession->setCurrentUser($user);
    225. 

  225. // Note: do not track internal calls
    226. 

  226. $internal = false;
    227. 

  227. if (isset($_SERVER['HTTP_USER_AGENT'])) {
    228. 

  228.     $internal = (strpos($_SERVER['HTTP_USER_AGENT'], 'phpMyFAQ%2F') === 0);
    229. 

  229. }
    230. 

  230. if (!$internal) {
    231. 

  231.     if (is_null($sidGet) && is_null($sidCookie)) {
    232. 

  232.         // Create a per-site unique SID
    233. 

  233.         try {
    234. 

  234.             $faqSession->userTracking('new_session', 0);
    235. 

  235.         } catch (Exception $e) {
    236. 

  236.             $pmfExceptions[] = $e->getMessage();
    237. 

  237.         }
    238. 

  238.     } elseif (!is_null($sidCookie)) {
    239. 

  239.             $faqSession->checkSessionId($sidCookie, $_SERVER['REMOTE_ADDR']);
    240. 

  240.     } else {
    241. 

  241.         $faqSession->checkSessionId($sidGet, $_SERVER['REMOTE_ADDR']);
    242. 

  242.     }
    243. 

  243. }
    244. 

  244. 

  245. //
    246. 

  246. // Is user tracking activated?
    247. 

  247. //
    248. 

  248. $sids = '';
    249. 

  249. if ($faqConfig->get('main.enableUserTracking')) {
    250. 

  250.     if ($faqSession->getCurrentSessionId() > 0) {
    251. 

  251.         $faqSession->setCookie(Session::PMF_COOKIE_NAME_SESSIONID, $faqSession->getCurrentSessionId());
    252. 

  252.         if (is_null($sidCookie)) {
    253. 

  253.             $sids = sprintf('sid=%d&amp;lang=%s&amp;', $faqSession->getCurrentSessionId(), $faqLangCode);
    254. 

  254.         }
    255. 

  255.     } elseif (is_null($sidGet) || is_null($sidCookie)) {
    256. 

  256.         if (is_null($sidCookie)) {
    257. 

  257.             if (!is_null($sidGet)) {
    258. 

  258.                 $sids = sprintf('sid=%d&amp;lang=%s&amp;', $sidGet, $faqLangCode);
    259. 

  259.             }
    260. 

  260.         }
    261. 

  261.     }
    262. 

  262. } elseif (
    263. 

  263.     !$faqSession->setCookie(
    264. 

  264.         Session::PMF_COOKIE_NAME_SESSIONID,
    265. 

  265.         $faqSession->getCurrentSessionId(),
    266. 

  266.         $_SERVER['REQUEST_TIME'] + PMF_LANGUAGE_EXPIRED_TIME
    267. 

  267.     )
    268. 

  268. ) {
    269. 

  269.     $sids = sprintf('lang=%s&amp;', $faqLangCode);
    270. 

  270. }
    271. 

  271. 

  272. //
    273. 

  273. // Found a article language?
    274. 

  274. //
    275. 

  275. $lang = Filter::filterInput(INPUT_POST, 'artlang', FILTER_UNSAFE_RAW);
    276. 

  276. if (is_null($lang) && !Language::isASupportedLanguage($lang)) {
    277. 

  277.     $lang = Filter::filterInput(INPUT_GET, 'artlang', FILTER_UNSAFE_RAW);
    278. 

  278.     if (is_null($lang) && !Language::isASupportedLanguage($lang)) {
    279. 

  279.         $lang = $faqLangCode;
    280. 

  280.     }
    281. 

  281. }
    282. 

  282. 

  283. //
    284. 

  284. // Found a search string?
    285. 

  285. //
    286. 

  286. $searchTerm = Filter::filterInput(INPUT_GET, 'search', FILTER_UNSAFE_RAW);
    287. 

  287. 

  288. //
    289. 

  289. // Create a new FAQ object
    290. 

  290. //
    291. 

  291. $faq = new Faq($faqConfig);
    292. 

  292. $faq->setUser($currentUser)
    293. 

  293.     ->setGroups($currentGroups);
    294. 

  294. 

  295. //
    296. 

  296. // Create a new Category object
    297. 

  297. //
    298. 

  298. $category = new Category($faqConfig, $currentGroups, true);
    299. 

  299. $category->setUser($currentUser)
    300. 

  300.     ->setGroups($currentGroups);
    301. 

  301. 

  302. //
    303. 

  303. // Create a new Tags object
    304. 

  304. //
    305. 

  305. $oTag = new Tags($faqConfig);
    306. 

  306. 

  307. //
    308. 

  308. // Create URL
    309. 

  309. //
    310. 

  310. $faqSystem = new System();
    311. 

  311. $faqLink = new Link($faqSystem->getSystemUri($faqConfig), $faqConfig);
    312. 

  312. $currentPageUrl = $faqLink->getCurrentUrl();
    313. 

  313. 

  314. //
    315. 

  315. // Found a record ID?
    316. 

  316. //
    317. 

  317. $id = Filter::filterInput(INPUT_GET, 'id', FILTER_VALIDATE_INT);
    318. 

  318. if (!is_null($id)) {
    319. 

  319.     $faq->getRecord($id);
    320. 

  320.     $title = ' - ' . $faq->faqRecord['title'];
    321. 

  321.     $keywords = ',' . $faq->faqRecord['keywords'];
    322. 

  322.     $metaDescription = str_replace('"', '', strip_tags($faq->getRecordPreview($id)));
    323. 

  323.     $url = sprintf(
    324. 

  324.         '%sindex.php?%saction=faq&cat=%d&id=%d&artlang=%s',
    325. 

  325.         $faqConfig->getDefaultUrl(),
    326. 

  326.         $sids,
    327. 

  327.         $category->getCategoryIdFromFaq($id),
    328. 

  328.         $id,
    329. 

  329.         $lang
    330. 

  330.     );
    331. 

  331.     $faqLink = new Link($url, $faqConfig);
    332. 

  332.     $faqLink->itemTitle = $faq->faqRecord['title'];
    333. 

  333.     $currentPageUrl = $faqLink->toString(true);
    334. 

  334. } else {
    335. 

  335.     $id = '';
    336. 

  336.     $title = ' - powered by phpMyFAQ ' . $faqConfig->getVersion();
    337. 

  337.     $keywords = '';
    338. 

  338.     $metaDescription = str_replace('"', '', $faqConfig->get('main.metaDescription'));
    339. 

  339. }
    340. 

  340. 

  341. //
    342. 

  342. // found a solution ID?
    343. 

  343. //
    344. 

  344. $solutionId = Filter::filterInput(INPUT_GET, 'solution_id', FILTER_VALIDATE_INT);
    345. 

  345. if (!is_null($solutionId)) {
    346. 

  346.     $title = ' -  powered by phpMyFAQ ' . $faqConfig->getVersion();
    347. 

  347.     $keywords = '';
    348. 

  348.     $faqData = $faq->getIdFromSolutionId($solutionId);
    349. 

  349.     if (is_array($faqData)) {
    350. 

  350.         $id = $faqData['id'];
    351. 

  351.         $lang = $faqData['lang'];
    352. 

  352.         $title = ' - ' . $faq->getRecordTitle($id);
    353. 

  353.         $keywords = ',' . $faq->getRecordKeywords($id);
    354. 

  354.         $metaDescription = str_replace('"', '', Utils::makeShorterText(strip_tags($faqData['content']), 12));
    355. 

  355.         $url = sprintf(
    356. 

  356.             '%sindex.php?%saction=faq&cat=%d&id=%d&artlang=%s',
    357. 

  357.             $faqConfig->getDefaultUrl(),
    358. 

  358.             $sids,
    359. 

  359.             $faqData['category_id'],
    360. 

  360.             $id,
    361. 

  361.             $lang
    362. 

  362.         );
    363. 

  363.         $faqLink = new Link($url, $faqConfig);
    364. 

  364.         $faqLink->itemTitle = $faqData['question'];
    365. 

  365.         $currentPageUrl = $faqLink->toString(true);
    366. 

  366.     }
    367. 

  367. }
    368. 

  368. 

  369. //
    370. 

  370. // Handle the Tagging ID
    371. 

  371. //
    372. 

  372. $tag_id = Filter::filterInput(INPUT_GET, 'tagging_id', FILTER_VALIDATE_INT);
    373. 

  373. if (!is_null($tag_id)) {
    374. 

  374.     $title = ' - ' . $oTag->getTagNameById($tag_id);
    375. 

  375.     $keywords = '';
    376. 

  376. }
    377. 

  377. 

  378. //
    379. 

  379. // Handle the SiteMap
    380. 

  380. //
    381. 

  381. $letter = Filter::filterInput(INPUT_GET, 'letter', FILTER_UNSAFE_RAW);
    382. 

  382. if (!is_null($letter) && (1 == Strings::strlen($letter))) {
    383. 

  383.     $title = ' - ' . $letter . '...';
    384. 

  384.     $keywords = $letter;
    385. 

  385. }
    386. 

  386. 

  387. //
    388. 

  388. // Found a category ID?
    389. 

  389. //
    390. 

  390. $cat = Filter::filterInput(INPUT_GET, 'cat', FILTER_VALIDATE_INT, 0);
    391. 

  391. $categoryFromId = -1;
    392. 

  392. if (is_numeric($id) && $id > 0) {
    393. 

  393.     $categoryFromId = $category->getCategoryIdFromFaq($id);
    394. 

  394. }
    395. 

  395. if ($categoryFromId != -1 && $cat == 0) {
    396. 

  396.     $cat = $categoryFromId;
    397. 

  397. }
    398. 

  398. $category->transform(0);
    399. 

  399. $category->collapseAll();
    400. 

  400. if ($cat != 0) {
    401. 

  401.     $category->expandTo($cat);
    402. 

  402. }
    403. 

  403. if (isset($cat) && ($cat != 0) && ($id == '') && isset($category->categoryName[$cat]['name'])) {
    404. 

  404.     $title = ' - ' . $category->categoryName[$cat]['name'];
    405. 

  405.     $metaDescription = $category->categoryName[$cat]['description'];
    406. 

  406. }
    407. 

  407. 

  408. //
    409. 

  409. // Found an action request?
    410. 

  410. //
    411. 

  411. if (!isset(Link::$allowedActionParameters[$action])) {
    412. 

  412.     $action = 'main';
    413. 

  413. }
    414. 

  414. 

  415. //
    416. 

  416. // Select the template for the requested page
    417. 

  417. //
    418. 

  418. if ($action !== 'main') {
    419. 

  419.     $includeTemplate = $action . '.html';
    420. 

  420.     $includePhp = $action . '.php';
    421. 

  421.     $renderUri = '?sid=' . $faqSession->getCurrentSessionId();
    422. 

  422. } else {
    423. 

  423.     if (isset($solutionId) && is_numeric($solutionId)) {
    424. 

  424.         // show the record with the solution ID
    425. 

  425.         $includeTemplate = 'faq.html';
    426. 

  426.         $includePhp = 'faq.php';
    427. 

  427.     } else {
    428. 

  428.         $includeTemplate = 'startpage.html';
    429. 

  429.         $includePhp = 'startpage.php';
    430. 

  430.     }
    431. 

  431.     $renderUri = '?sid=' . $faqSession->getCurrentSessionId();
    432. 

  432. }
    433. 

  433. 

  434. //
    435. 

  435. // Set sidebar column
    436. 

  436. //
    437. 

  437. if (($action === 'faq') || ($action === 'show') || ($action === 'main')) {
    438. 

  438.     $sidebarTemplate = 'sidebar-tagcloud.html';
    439. 

  439. } else {
    440. 

  440.     $sidebarTemplate = 'sidebar-empty.html';
    441. 

  441. }
    442. 

  442. 

  443. //
    444. 

  444. // Check if FAQ should be secured
    445. 

  445. //
    446. 

  446. if ($faqConfig->get('security.enableLoginOnly')) {
    447. 

  447.     if ($auth) {
    448. 

  448.         $indexSet = 'index.html';
    449. 

  449.     } else {
    450. 

  450.         switch ($action) {
    451. 

  451.             case 'register':
    452. 

  452.             case 'thankyou':
    453. 

  453.                 $indexSet = 'new-user.page.html';
    454. 

  454.                 break;
    455. 

  455.             case 'password':
    456. 

  456.                 $indexSet = 'password.page.html';
    457. 

  457.                 break;
    458. 

  458.             default:
    459. 

  459.                 $indexSet = 'login.page.html';
    460. 

  460.                 break;
    461. 

  461.         }
    462. 

  462.     }
    463. 

  463. } else {
    464. 

  464.     $indexSet = 'index.html';
    465. 

  465. }
    466. 

  466. 

  467. //
    468. 

  468. // phpMyFAQ installation is in maintenance mode
    469. 

  469. //
    470. 

  470. if ($faqConfig->get('main.maintenanceMode')) {
    471. 

  471.     $indexSet = 'maintenance.page.html';
    472. 

  472. }
    473. 

  473. 

  474. //
    475. 

  475. // Load template files and set template variables
    476. 

  476. //
    477. 

  477. $template = new Template(
    478. 

  478.     [
    479. 

  479.         'index' => $indexSet,
    480. 

  480.         'sidebar' => $sidebarTemplate,
    481. 

  481.         'mainPageContent' => $includeTemplate,
    482. 

  482.     ],
    483. 

  483.     new TemplateHelper($faqConfig),
    484. 

  484.     $faqConfig->get('main.templateSet')
    485. 

  485. );
    486. 

  486. 

  487. $categoryRelation = new CategoryRelation($faqConfig);
    488. 

  488. 

  489. $categoryHelper = new HelperCategory();
    490. 

  490. $categoryHelper->setCategory($category);
    491. 

  491. $categoryHelper->setConfiguration($faqConfig);
    492. 

  492. $categoryHelper->setCategoryRelation($categoryRelation);
    493. 

  493. 

  494. $keywordsArray = array_merge(explode(',', $keywords), explode(',', $faqConfig->get('main.metaKeywords')));
    495. 

  495. $keywordsArray = array_filter($keywordsArray, 'strlen');
    496. 

  496. shuffle($keywordsArray);
    497. 

  497. $keywords = implode(',', $keywordsArray);
    498. 

  498. 

  499. if (!is_null($error)) {
    500. 

  500.     $loginMessage = '<p class="error">' . $error . '</p>';
    501. 

  501. } else {
    502. 

  502.     $loginMessage = '';
    503. 

  503. }
    504. 

  504. 

  505. $faqSeo = new Seo($faqConfig);
    506. 

  506. 

  507. $tplMainPage = [
    508. 

  508.     'msgLoginUser' => $user->isLoggedIn() ? $user->getUserData('display_name') : $PMF_LANG['msgLoginUser'],
    509. 

  509.     'title' => Strings::htmlspecialchars($faqConfig->getTitle() . $title),
    510. 

  510.     'baseHref' => $faqSystem->getSystemUri($faqConfig),
    511. 

  511.     'version' => $faqConfig->getVersion(),
    512. 

  512.     'header' => Strings::htmlspecialchars(str_replace('"', '', $faqConfig->getTitle())),
    513. 

  513.     'metaTitle' => Strings::htmlspecialchars(str_replace('"', '', $faqConfig->getTitle() . $title)),
    514. 

  514.     'metaDescription' => Strings::htmlspecialchars($metaDescription),
    515. 

  515.     'metaKeywords' => Strings::htmlspecialchars($keywords),
    516. 

  516.     'metaPublisher' => $faqConfig->get('main.metaPublisher'),
    517. 

  517.     'metaLanguage' => $PMF_LANG['metaLanguage'],
    518. 

  518.     'metaRobots' => $faqSeo->getMetaRobots($action),
    519. 

  519.     'phpmyfaqversion' => $faqConfig->getVersion(),
    520. 

  520.     'stylesheet' => $PMF_LANG['dir'] == 'rtl' ? 'style.rtl' : 'style',
    521. 

  521.     'currentPageUrl' => $currentPageUrl,
    522. 

  522.     'action' => $action,
    523. 

  523.     'dir' => $PMF_LANG['dir'],
    524. 

  524.     'writeSendAdress' => '?' . $sids . 'action=search',
    525. 

  525.     'searchBox' => $PMF_LANG['msgSearch'],
    526. 

  526.     'searchTerm' => $searchTerm,
    527. 

  527.     'categoryId' => ($cat === 0) ? '%' : (int)$cat,
    528. 

  528.     'headerCategories' => $PMF_LANG['msgFullCategories'],
    529. 

  529.     'msgCategory' => $PMF_LANG['msgCategory'],
    530. 

  530.     'showCategories' => $categoryHelper->renderNavigation($cat),
    531. 

  531.     'topCategories' => $categoryHelper->renderMainCategories(),
    532. 

  532.     'msgExportAllFaqs' => $PMF_LANG['msgExportAllFaqs'],
    533. 

  533.     'languageBox' => $PMF_LANG['msgLanguageSubmit'],
    534. 

  534.     'renderUri' => $renderUri,
    535. 

  535.     'switchLanguages' => LanguageHelper::renderSelectLanguage($faqLangCode, true),
    536. 

  536.     'copyright' => 'powered with ❤️ and ☕️ by <a href="https://www.phpmyfaq.de" target="_blank">phpMyFAQ</a> ' .
    537. 

  537.         $faqConfig->getVersion(),
    538. 

  538.     'registerUser' => $faqConfig->get('security.enableRegistration') ? '<a href="?action=register">' .
    539. 

  539.         $PMF_LANG['msgRegistration'] . '</a>' : '',
    540. 

  540.     'sendPassword' => '<a href="?action=password">' . $PMF_LANG['lostPassword'] . '</a>',
    541. 

  541.     'msgFullName' => $PMF_LANG['ad_user_loggedin'] . $user->getLogin(),
    542. 

  542.     'msgLoginName' => $user->getUserData('display_name'),
    543. 

  543.     'loginHeader' => $PMF_LANG['msgLoginUser'],
    544. 

  544.     'loginMessage' => $loginMessage,
    545. 

  545.     'writeLoginPath' => $faqSystem->getSystemUri($faqConfig) . '?' . Filter::getFilteredQueryString(),
    546. 

  546.     'faqloginaction' => $action,
    547. 

  547.     'login' => $PMF_LANG['ad_auth_ok'],
    548. 

  548.     'username' => $PMF_LANG['ad_auth_user'],
    549. 

  549.     'password' => $PMF_LANG['ad_auth_passwd'],
    550. 

  550.     'rememberMe' => $PMF_LANG['rememberMe'],
    551. 

  551.     'headerChangePassword' => $PMF_LANG['ad_passwd_cop'],
    552. 

  552.     'msgUsername' => $PMF_LANG['ad_auth_user'],
    553. 

  553.     'msgEmail' => $PMF_LANG['ad_entry_email'],
    554. 

  554.     'msgSubmit' => $PMF_LANG['msgNewContentSubmit'],
    555. 

  555.     'loginPageMessage' => $PMF_LANG['loginPageMessage'],
    556. 

  556.     'msgAdvancedSearch' => $PMF_LANG['msgAdvancedSearch']
    557. 

  557. ];
    558. 

  558. 

  559. $template->parseBlock(
    560. 

  560.     'index',
    561. 

  561.     'categoryListSection',
    562. 

  562.     [
    563. 

  563.         'showCategories' => $categoryHelper->renderNavigation($cat),
    564. 

  564.         'categoryDropDown' => $categoryHelper->renderCategoryDropDown(),
    565. 

  565.     ]
    566. 

  566. );
    567. 

  567. 

  568. if ('main' == $action || 'show' == $action) {
    569. 

  569.     $template->parseBlock(
    570. 

  570.         'index',
    571. 

  571.         'globalSearchBox',
    572. 

  572.         [
    573. 

  573.             'writeSendAdress' => '?' . $sids . 'action=search',
    574. 

  574.             'searchBox' => $PMF_LANG['msgSearch'],
    575. 

  575.             'categoryId' => ($cat === 0) ? '%' : (int)$cat,
    576. 

  576.             'msgSearch' => sprintf(
    577. 

  577.                 '<a class="help" href="./index.php?action=search">%s</a>',
    578. 

  578.                 $PMF_LANG['msgAdvancedSearch']
    579. 

  579.             ),
    580. 

  580.         ]
    581. 

  581.     );
    582. 

  582. }
    583. 

  583. 

  584. if ($faqConfig->get('main.enableRewriteRules')) {
    585. 

  585.     $tplNavigation = [
    586. 

  586.         'msgSearch' => '<a class="nav-link" href="./search.html">' . $PMF_LANG['msgAdvancedSearch'] . '</a>',
    587. 

  587.         'msgAddContent' => '<a class="nav-link" href="' . $faqSystem->getSystemUri($faqConfig) . 'addcontent.html">' .
    588. 

  588.             $PMF_LANG['msgAddContent'] . '</a>',
    589. 

  589.         'msgQuestion' => '<a class="nav-link" href="./ask.html">' . $PMF_LANG['msgQuestion'] . '</a>',
    590. 

  590.         'msgOpenQuestions' => '<a class="nav-link" href="./open-questions.html">' . $PMF_LANG['msgOpenQuestions'] .
    591. 

  591.             '</a>',
    592. 

  592.         'msgContact' => '<a href="./contact.html">' . $PMF_LANG['msgContact'] . '</a>',
    593. 

  593.         'msgGlossary' => '<a href="./glossary.html">' . $PMF_LANG['ad_menu_glossary'] . '</a>',
    594. 

  594.         'privacyLink' => sprintf(
    595. 

  595.             '<a target="_blank" href="%s">%s</a>',
    596. 

  596.             $faqConfig->get('main.privacyURL'),
    597. 

  597.             $PMF_LANG['msgPrivacyNote']
    598. 

  598.         ),
    599. 

  599.         'backToHome' => '<a href="./index.html">' . $PMF_LANG['msgHome'] . '</a>',
    600. 

  600.         'allCategories' => '<a class="nav-link" href="./showcat.html">' . $PMF_LANG['msgShowAllCategories'] . '</a>',
    601. 

  601.         'faqOverview' => '<a href="./overview.html">' . $PMF_LANG['faqOverview'] . '</a>',
    602. 

  602.         'showSitemap' => '<a href="./sitemap/A/' . $faqLangCode . '.html">' . $PMF_LANG['msgSitemap'] . '</a>',
    603. 

  603.         'msgUserRemoval' => '<a href="./request-removal.html">' . $PMF_LANG['msgUserRemoval'] . '</a>'
    604. 

  604.     ];
    605. 

  605. } else {
    606. 

  606.     $tplNavigation = [
    607. 

  607.         'msgSearch' => '<a class="nav-link" href="index.php?' . $sids . 'action=search">' .
    608. 

  608.             $PMF_LANG['msgAdvancedSearch'] . '</a>',
    609. 

  609.         'msgAddContent' => '<a class="nav-link" href="index.php?' . $sids . 'action=add&cat=' . $cat . '">' .
    610. 

  610.             $PMF_LANG['msgAddContent'] . '</a>',
    611. 

  611.         'msgQuestion' => '<a class="nav-link" href="index.php?' . $sids . 'action=ask&category_id=' . $cat . '">' .
    612. 

  612.             $PMF_LANG['msgQuestion'] . '</a>',
    613. 

  613.         'msgOpenQuestions' => '<a class="nav-link" href="index.php?' . $sids . 'action=open-questions">' .
    614. 

  614.             $PMF_LANG['msgOpenQuestions'] . '</a>',
    615. 

  615.         'msgContact' => '<a href="index.php?' . $sids . 'action=contact">' . $PMF_LANG['msgContact'] . '</a>',
    616. 

  616.         'msgGlossary' => '<a href="index.php?' . $sids . 'action=glossary">' . $PMF_LANG['ad_menu_glossary'] . '</a>',
    617. 

  617.         'privacyLink' => sprintf(
    618. 

  618.             '<a target="_blank" href="%s">%s</a>',
    619. 

  619.             $faqConfig->get('main.privacyURL'),
    620. 

  620.             $PMF_LANG['msgPrivacyNote']
    621. 

  621.         ),
    622. 

  622.         'allCategories' => '<a class="nav-link" href="index.php?' . $sids . 'action=show">' .
    623. 

  623.             $PMF_LANG['msgShowAllCategories'] . '</a>',
    624. 

  624.         'faqOverview' => '<a href="index.php?' . $sids . 'action=overview">' . $PMF_LANG['faqOverview'] . '</a>',
    625. 

  625.         'backToHome' => '<a href="index.php?' . $sids . '">' . $PMF_LANG['msgHome'] . '</a>',
    626. 

  626.         'showSitemap' => '<a href="index.php?' . $sids . 'action=sitemap&amp;lang=' . $faqLangCode . '">' .
    627. 

  627.             $PMF_LANG['msgSitemap'] . '</a>',
    628. 

  628.         'msgUserRemoval' => '<a href="index.php?' . $sids . 'action=request-removal">' . $PMF_LANG['msgUserRemoval'] .
    629. 

  629.             '</a>',
    630. 

  630.     ];
    631. 

  631. }
    632. 

  632. 

  633. $tplNavigation['faqHome'] = $faqConfig->getDefaultUrl();
    634. 

  634. $tplNavigation['activeSearch'] = ('search' == $action) ? 'active' : '';
    635. 

  635. $tplNavigation['activeAllCategories'] = ('show' == $action) ? 'active' : '';
    636. 

  636. $tplNavigation['activeAddContent'] = ('add' == $action) ? 'active' : '';
    637. 

  637. $tplNavigation['activeAddQuestion'] = ('ask' == $action) ? 'active' : '';
    638. 

  638. $tplNavigation['activeOpenQuestions'] = ('open-questions' == $action) ? 'active' : '';
    639. 

  639. $tplNavigation['activeLogin'] = ('login' == $action) ? 'active' : '';
    640. 

  640. 

  641. //
    642. 

  642. // Show login box or logged-in user information
    643. 

  643. //
    644. 

  644. if (isset($auth)) {
    645. 

  645.     if ($user->perm->hasPermission($user->getUserId(), 'viewadminlink') || $user->isSuperAdmin()) {
    646. 

  646.         $adminSection = sprintf(
    647. 

  647.             '<a class="dropdown-item" href="./admin/index.php">%s</a>',
    648. 

  648.             $PMF_LANG['adminSection']
    649. 

  649.         );
    650. 

  650.     } else {
    651. 

  651.         $adminSection = '';
    652. 

  652.     }
    653. 

  653. 

  654.     if ($faqConfig->get('ldap.ldapSupport')) {
    655. 

  655.         $userControlDropdown = '';
    656. 

  656.     } else {
    657. 

  657.         $userControlDropdown = '<a class="dropdown-item" href="?action=ucp">' . $PMF_LANG['headerUserControlPanel'] .
    658. 

  658.             '</a>';
    659. 

  659.     }
    660. 

  660. 

  661.     $template->parseBlock(
    662. 

  662.         'index',
    663. 

  663.         'userloggedIn',
    664. 

  664.         [
    665. 

  665.             'msgUserControl' => $adminSection,
    666. 

  666.             'msgLoginName' => $user->getUserData('display_name'), // @deprecated
    667. 

  667.             'msgUserControlDropDown' => $userControlDropdown,
    668. 

  668.             'msgUserRemoval' => '<a class="dropdown-item" href="?action=request-removal">' .
    669. 

  669.                 $PMF_LANG['ad_menu_RequestRemove'] . '</a>',
    670. 

  670.             'msgLogoutUser' => '<a class="dropdown-item" href="?action=logout">' . $PMF_LANG['ad_menu_logout'] . '</a>',
    671. 

  671.             'activeUserControl' => ('ucp' == $action) ? 'active' : ''
    672. 

  672.         ]
    673. 

  673.     );
    674. 

  674. } else {
    675. 

  675.     if ($faqConfig->get('main.maintenanceMode')) {
    676. 

  676.         $msgLoginUser = '<a class="dropdown-item" href="./admin/">%s</a>';
    677. 

  677.     } else {
    678. 

  678.         $msgLoginUser = '<a class="dropdown-item" href="?action=login">%s</a>';
    679. 

  679.     }
    680. 

  680.     $template->parseBlock(
    681. 

  681.         'index',
    682. 

  682.         'notLoggedIn',
    683. 

  683.         [
    684. 

  684.             'msgRegisterUser' => $faqConfig->get('security.enableRegistration')
    685. 

  685.                 ?
    686. 

  686.                 '<a class="dropdown-item" href="?action=register">' . $PMF_LANG['msgRegisterUser'] . '</a>'
    687. 

  687.                 :
    688. 

  688.                 '',
    689. 

  689.             'msgLoginUser' => sprintf($msgLoginUser, $PMF_LANG['msgLoginUser']),
    690. 

  690.             'activeRegister' => ('register' == $action) ? 'active' : '',
    691. 

  691.             'activeLogin' => ('login' == $action) ? 'active' : '',
    692. 

  692.         ]
    693. 

  693.     );
    694. 

  694. }
    695. 

  695. 

  696. $template->parse(
    697. 

  697.     'sidebar',
    698. 

  698.     [
    699. 

  699.         'writeTagCloudHeader' => $PMF_LANG['msg_tags'],
    700. 

  700.         'writeTags' => $oTag->renderTagCloud(),
    701. 

  701.         'msgAllCatArticles' => $PMF_LANG['msgAllCatArticles'],
    702. 

  702.         'allCatArticles' => $faq->getRecordsWithoutPagingByCategoryId($cat)
    703. 

  703.     ]
    704. 

  704. );
    705. 

  705. 

  706. if (DEBUG) {
    707. 

  707.     $template->parseBlock(
    708. 

  708.         'index',
    709. 

  709.         'debugMode',
    710. 

  710.         [
    711. 

  711.             'debugQueries' => $faqConfig->getDb()->log(),
    712. 

  712.         ]
    713. 

  713.     );
    714. 

  714. }
    715. 

  715. 

  716. //
    717. 

  717. // Redirect old "action=artikel" URLs via 301 to new location
    718. 

  718. //
    719. 

  719. if ('artikel' === $action) {
    720. 

  720.     $url = sprintf(
    721. 

  721.         '%sindex.php?action=faq&cat=%d&id=%d&artlang=%s',
    722. 

  722.         $faqConfig->getDefaultUrl(),
    723. 

  723.         $category->getCategoryIdFromFaq($id),
    724. 

  724.         $id,
    725. 

  725.         $lang
    726. 

  726.     );
    727. 

  727.     $http->setStatus(301);
    728. 

  728.     $http->redirect($url);
    729. 

  729.     exit();
    730. 

  730. }
    731. 

  731. 

  732. //
    733. 

  733. // Include requested PHP file
    734. 

  734. //
    735. 

  735. require $includePhp;
    736. 

  736. 

  737. //
    738. 

  738. // Get main template, set main variables
    739. 

  739. //
    740. 

  740. $template->parse('index', array_merge($tplMainPage, $tplNavigation));
    741. 

  741. $template->merge('sidebar', 'index');
    742. 

  742. $template->merge('mainPageContent', 'index');
    743. 

  743. 

  744. //
    745. 

  745. // Send headers and print template
    746. 

  746. //
    747. 

  747. $http->setConfiguration($faqConfig);
    748. 

  748. $http->setContentType('text/html');
    749. 

  749. $http->addHeader();
    750. 

  750. $http->startCompression();
    751. 

  751. 

  752. //
    753. 

  753. // Check for 404 HTTP status code
    754. 

  754. //
    755. 

  755. if ($http->getStatusCode() === 404 || $action === '404') {
    756. 

  756.     $template = new Template(
    757. 

  757.         [
    758. 

  758.             'index' => '404.html',
    759. 

  759.             'mainPageContent' => ''
    760. 

  760.         ],
    761. 

  761.         new TemplateHelper($faqConfig),
    762. 

  762.         $faqConfig->get('main.templateSet')
    763. 

  763.     );
    764. 

  764.     $template->parse('index', array_merge($tplMainPage, $tplNavigation));
    765. 

  765. }
    766. 

  766. 

  767. $template->render();
    768. 

  768. 

  769. $faqConfig->getDb()->close();
    770. 

  770.