Startsida Utforska Hjälp
Logga in
yosoyhendrix
/
OGP-Website
spegling av https://github.com/OpenGamePanel/OGP-Website
1
0
Fork 0
Filer Ärenden 0 Wiki
Träd: 507346bec6
Grenar Taggar
OGP-Website
/
includes
/
navig.php

navig.php 4.1 KB
Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131 
  1. <?php
    2. 

  2. /*
    3. 

  3.  *
    4. 

  4.  * OGP - Open Game Panel
    5. 

  5.  * Copyright (C) Copyright (C) 2008 - 2013 The OGP Development Team
    6. 

  6.  *
    7. 

  7.  * http://www.opengamepanel.org/
    8. 

  8.  *
    9. 

  9.  * This program is free software; you can redistribute it and/or
    10. 

  10.  * modify it under the terms of the GNU General Public License
    11. 

  11.  * as published by the Free Software Foundation; either version 2
    12. 

  12.  * of the License, or any later version.
    13. 

  13.  *
    14. 

  14.  * This program is distributed in the hope that it will be useful,
    15. 

  15.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    16. 

  16.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    17. 

  17.  * GNU General Public License for more details.
    18. 

  18.  *
    19. 

  19.  * You should have received a copy of the GNU General Public License
    20. 

  20.  * along with this program; if not, write to the Free Software
    21. 

  21.  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
    22. 

  22.  *
    23. 

  23.  */
    24. 

  24. 

  25. require_once('includes/helpers.php');
    26. 

  26. 

  27. navigation();
    28. 

  28. 

  29. function navigation() {
    30. 

  30. 

  31.     global $db;
    32. 

  32. 

  33.     if ( isset($_REQUEST['m']) )
    34. 

  34.     {
    35. 

  35.         if ( preg_match('[/|\\|;|\.]',$_REQUEST['m']) !== 0 )
    36. 

  36.         {
    37. 

  37.             // Unallowed characters found.
    38. 

  38.             print_failure("Unallowed characters found from m.");
    39. 

  39.             return;
    40. 

  40.         }
    41. 

  41.         // If module is not installed we must not allow access.
    42. 

  42.         if ( $db->isModuleInstalled($_REQUEST['m']) === FALSE )
    43. 

  43.         {
    44. 

  44.             print_failure(get_lang('module_not_installed'));
    45. 

  45.             return;
    46. 

  46.         }
    47. 

  47.         // If module dir does not exist there has been some error...
    48. 

  48.         if ( !is_dir( MODULES.$_REQUEST['m'] ) )
    49. 

  49.         {
    50. 

  50.             print_failure("Invalid module ".$_REQUEST['m'].".");
    51. 

  51.             return;
    52. 

  52.         }
    53. 

  53.         // There is navigation.xml file lets parse the information.
    54. 

  54.         if ( is_file( MODULES.$_REQUEST['m'].'/navigation.xml') )
    55. 

  55.         {
    56. 

  56.             $xml_navig = simplexml_load_file( MODULES.$_REQUEST['m'].'/navigation.xml' );
    57. 

  57.             if ( $xml_navig === FALSE )
    58. 

  58.             {
    59. 

  59.                 print_failure("Invalid XML navigation file.");
    60. 

  60.                 return;
    61. 

  61.             }
    62. 

  62. 

  63.             // If the subpage is not defined we use the default page.
    64. 

  64.             $wanted_page = isset($_REQUEST['p']) ? $_REQUEST['p'] : "default";
    65. 

  65.             
    66. 

  66.             foreach ( $xml_navig->page as $page )
    67. 

  67.             {
    68. 

  68.                 if ( $page["key"] != $wanted_page )
    69. 

  69.                     continue;
    70. 

  70. 

  71.                 $access_groups = explode(",",$page['access']);
    72. 

  72. 

  73.                 if ( basename($_SERVER['PHP_SELF']) != "index.php"  )
    74. 

  74.                 {
    75. 

  75.                     if( array_search($_SESSION['users_group'], $access_groups) === FALSE )
    76. 

  76. 					{
    77. 

  77. 						print_failure(get_lang('no_rights') );
    78. 

  78. 						return;
    79. 

  79. 					}
    80. 

  80.                 }
    81. 

  81. 				else
    82. 

  82. 				{
    83. 

  83.                     if( array_search("guest", $access_groups) === FALSE )
    84. 

  84. 					{
    85. 

  85. 						print_failure(get_lang('no_rights') );
    86. 

  86. 						return;
    87. 

  87. 					}
    88. 

  88.                 }
    89. 

  89. 

  90.                 $include_file = MODULES.$_REQUEST['m'].'/'.$page['file'];
    91. 

  91. 

  92.                 if ( !is_file( $include_file ) )
    93. 

  93.                 {
    94. 

  94.                     print_failure("File (".$include_file.") missing from module.");
    95. 

  95.                     return;
    96. 

  96.                 }
    97. 

  97. 

  98.                 include_once( $include_file );
    99. 

  99. 

  100.                 if ( !function_exists( 'exec_ogp_module' ) )
    101. 

  101.                 {
    102. 

  102.                     print_failure("Missing module execute function.");
    103. 

  103.                     return;
    104. 

  104.                 }
    105. 

  105. 

  106.                 exec_ogp_module();
    107. 

  107.                 return;
    108. 

  108.             }
    109. 

  109.             print_failure("Invalid subpage given.");
    110. 

  110.             return;
    111. 

  111.         }
    112. 

  112.         // If no navigation file then we load file with same filename than the module.
    113. 

  113.         else if ( is_file( MODULES.$_REQUEST['m'].'/'.$_REQUEST['m'].'.php') )
    114. 

  114.         {
    115. 

  115.             include( MODULES.$_REQUEST['m'].'/'.$_REQUEST['m'].'.php');
    116. 

  116.             if ( !function_exists( 'exec_ogp_module' ) )
    117. 

  117.             {
    118. 

  118.                 print_failure("Missing module execute function.");
    119. 

  119.                 return;
    120. 

  120.             }
    121. 

  121.             exec_ogp_module();
    122. 

  122.         }
    123. 

  123.         // If files above are not found then we print an error.
    124. 

  124.         else
    125. 

  125.         {
    126. 

  126.             print_failure("Invalid module ".$_REQUEST['m'].".");
    127. 

  127.             return;
    128. 

  128.         }
    129. 

  129.     }
    130. 

  130. }
    131. 

  131. ?>
    132.