2017-08-04 16:28:16 +02:00
|
|
|
<?php
|
2020-09-07 15:04:06 +02:00
|
|
|
/*
|
|
|
|
* OpenSTAManager: il software gestionale open source per l'assistenza tecnica e la fatturazione
|
2021-01-20 15:08:51 +01:00
|
|
|
* Copyright (C) DevCode s.r.l.
|
2020-09-07 15:04:06 +02:00
|
|
|
*
|
|
|
|
* This program is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
|
|
* (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
*/
|
2017-08-04 16:28:16 +02:00
|
|
|
|
2018-06-28 15:52:56 +02:00
|
|
|
// Rimozione header X-Powered-By
|
|
|
|
header_remove('X-Powered-By');
|
|
|
|
|
2017-08-04 16:28:16 +02:00
|
|
|
// Impostazioni di configurazione PHP
|
|
|
|
date_default_timezone_set('Europe/Rome');
|
|
|
|
|
2018-02-22 09:34:46 +01:00
|
|
|
// Controllo sulla versione PHP
|
2022-02-07 13:36:31 +01:00
|
|
|
$minimum = '7.2.0';
|
2018-02-22 09:34:46 +01:00
|
|
|
if (version_compare(phpversion(), $minimum) < 0) {
|
|
|
|
echo '
|
|
|
|
<p>Stai utilizzando la versione PHP '.phpversion().', non compatibile con OpenSTAManager.</p>
|
|
|
|
|
|
|
|
<p>Aggiorna PHP alla versione >= '.$minimum.'.</p>';
|
2020-12-31 16:13:28 +01:00
|
|
|
throw new \App\Exceptions\LegacyExitException;
|
|
|
|
|
2018-02-22 09:34:46 +01:00
|
|
|
}
|
|
|
|
|
2017-08-04 16:28:16 +02:00
|
|
|
// Caricamento delle impostazioni personalizzabili
|
|
|
|
if (file_exists(__DIR__.'/config.inc.php')) {
|
|
|
|
include_once __DIR__.'/config.inc.php';
|
|
|
|
}
|
|
|
|
|
2020-12-31 16:13:28 +01:00
|
|
|
/*
|
2020-10-16 17:58:31 +02:00
|
|
|
// Sicurezza della sessioni
|
2021-08-01 15:38:33 +02:00
|
|
|
ini_set('session.cookie_samesite', 'strict');
|
2020-10-16 17:58:31 +02:00
|
|
|
ini_set('session.use_trans_sid', '0');
|
|
|
|
ini_set('session.use_only_cookies', '1');
|
|
|
|
|
2020-12-31 16:13:28 +01:00
|
|
|
session_set_cookie_params(0, base_url(), null, isHTTPS(true));
|
|
|
|
session_start();*/
|
2020-10-16 17:58:31 +02:00
|
|
|
|
|
|
|
// Lettura della configurazione
|
2020-12-31 16:13:28 +01:00
|
|
|
$config = AppLegacy::getConfig();
|
2018-09-20 12:05:22 +02:00
|
|
|
|
2017-08-07 13:07:18 +02:00
|
|
|
// Redirect al percorso HTTPS se impostato nella configurazione
|
2018-09-20 12:05:22 +02:00
|
|
|
if (!empty($config['redirectHTTPS']) && !isHTTPS(true)) {
|
2017-08-07 13:07:18 +02:00
|
|
|
header('HTTP/1.1 301 Moved Permanently');
|
|
|
|
header('Location: https://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
|
2020-12-31 16:13:28 +01:00
|
|
|
throw new \App\Exceptions\LegacyExitException;
|
|
|
|
|
2017-08-07 13:07:18 +02:00
|
|
|
}
|
|
|
|
|
2018-12-28 08:07:56 +01:00
|
|
|
/* GESTIONE DEGLI ERRORI */
|
2017-08-04 16:28:16 +02:00
|
|
|
// Logger per la segnalazione degli errori
|
2017-09-15 16:37:19 +02:00
|
|
|
$logger = new Monolog\Logger('Logs');
|
2017-08-04 16:28:16 +02:00
|
|
|
$logger->pushProcessor(new Monolog\Processor\UidProcessor());
|
|
|
|
$logger->pushProcessor(new Monolog\Processor\WebProcessor());
|
|
|
|
|
2017-09-15 16:37:19 +02:00
|
|
|
// Registrazione globale del logger
|
|
|
|
Monolog\Registry::addLogger($logger, 'logs');
|
|
|
|
|
|
|
|
use Monolog\Handler\FilterHandler;
|
2017-08-04 16:28:16 +02:00
|
|
|
use Monolog\Handler\RotatingFileHandler;
|
2018-12-29 12:03:22 +01:00
|
|
|
use Monolog\Handler\StreamHandler;
|
2017-08-04 16:28:16 +02:00
|
|
|
|
|
|
|
$handlers = [];
|
2019-07-19 15:23:00 +02:00
|
|
|
if (!API\Response::isAPIRequest()) {
|
2019-01-11 12:02:11 +01:00
|
|
|
// File di log di base (logs/error.log, logs/setup.log)
|
2020-09-23 13:36:37 +02:00
|
|
|
$handlers[] = new StreamHandler(base_dir().'/logs/error.log', Monolog\Logger::ERROR);
|
|
|
|
$handlers[] = new StreamHandler(base_dir().'/logs/setup.log', Monolog\Logger::EMERGENCY);
|
2019-01-11 12:02:11 +01:00
|
|
|
|
|
|
|
// Messaggi grafici per l'utente
|
2019-01-06 14:18:48 +01:00
|
|
|
$handlers[] = new Extensions\MessageHandler(Monolog\Logger::ERROR);
|
2017-09-04 10:24:44 +02:00
|
|
|
|
2019-01-11 12:02:11 +01:00
|
|
|
// File di log ordinati in base alla data
|
2020-12-31 16:13:28 +01:00
|
|
|
if (AppLegacy::debug()) {
|
2020-09-23 13:36:37 +02:00
|
|
|
$handlers[] = new RotatingFileHandler(base_dir().'/logs/error.log', 0, Monolog\Logger::ERROR);
|
|
|
|
$handlers[] = new RotatingFileHandler(base_dir().'/logs/setup.log', 0, Monolog\Logger::EMERGENCY);
|
2019-01-11 12:02:11 +01:00
|
|
|
}
|
2017-08-04 16:28:16 +02:00
|
|
|
|
2019-01-11 12:02:11 +01:00
|
|
|
// Inizializzazione Whoops
|
|
|
|
$whoops = new Whoops\Run();
|
2017-08-04 16:28:16 +02:00
|
|
|
|
2020-12-31 16:13:28 +01:00
|
|
|
if (AppLegacy::debug()) {
|
2019-01-11 12:02:11 +01:00
|
|
|
$whoops->pushHandler(new Whoops\Handler\PrettyPageHandler());
|
|
|
|
}
|
2018-02-14 11:10:03 +01:00
|
|
|
|
2019-01-11 12:02:11 +01:00
|
|
|
// Abilita la gestione degli errori nel caso la richiesta sia di tipo AJAX
|
2019-01-15 19:01:25 +01:00
|
|
|
if (Whoops\Util\Misc::isAjaxRequest()) {
|
2019-01-11 12:02:11 +01:00
|
|
|
$whoops->pushHandler(new Whoops\Handler\JsonResponseHandler());
|
2017-08-04 16:28:16 +02:00
|
|
|
}
|
2019-01-11 12:02:11 +01:00
|
|
|
|
|
|
|
$whoops->register();
|
2019-02-15 10:42:39 +01:00
|
|
|
|
|
|
|
// Aggiunta di Monolog a Whoops
|
|
|
|
$whoops->pushHandler(function ($exception, $inspector, $run) use ($logger) {
|
|
|
|
$logger->addError($exception->getMessage(), [
|
|
|
|
'code' => $exception->getCode(),
|
|
|
|
'message' => $exception->getMessage(),
|
|
|
|
'file' => $exception->getFile(),
|
|
|
|
'line' => $exception->getLine(),
|
|
|
|
'trace' => $exception->getTraceAsString(),
|
|
|
|
]);
|
|
|
|
});
|
2017-08-04 16:28:16 +02:00
|
|
|
} else {
|
2020-09-23 13:36:37 +02:00
|
|
|
$handlers[] = new StreamHandler(base_dir().'/logs/api.log', Monolog\Logger::ERROR);
|
2017-09-04 10:24:44 +02:00
|
|
|
}
|
|
|
|
|
2019-01-11 12:02:11 +01:00
|
|
|
// Disabilita i messaggi nativi di PHP
|
|
|
|
ini_set('display_errors', 0);
|
|
|
|
// Ignora gli avvertimenti e le informazioni relative alla deprecazione di componenti
|
2019-11-12 16:48:06 +01:00
|
|
|
error_reporting(E_ALL & ~E_WARNING & ~E_CORE_WARNING & ~E_NOTICE & ~E_USER_DEPRECATED & ~E_STRICT);
|
2018-05-11 14:48:46 +02:00
|
|
|
|
2019-01-11 12:02:11 +01:00
|
|
|
$pattern = '[%datetime%] %channel%.%level_name%: %message% %context%'.PHP_EOL.'%extra% '.PHP_EOL;
|
2018-05-11 14:48:46 +02:00
|
|
|
$monologFormatter = new Monolog\Formatter\LineFormatter($pattern);
|
2020-12-31 16:13:28 +01:00
|
|
|
$monologFormatter->includeStacktraces(AppLegacy::debug());
|
2018-05-11 14:48:46 +02:00
|
|
|
|
2019-01-06 14:18:48 +01:00
|
|
|
// Filtra gli errori per livello preciso del gestore dedicato
|
2017-08-04 16:28:16 +02:00
|
|
|
foreach ($handlers as $handler) {
|
2017-09-15 16:37:19 +02:00
|
|
|
$handler->setFormatter($monologFormatter);
|
|
|
|
$logger->pushHandler(new FilterHandler($handler, [$handler->getLevel()]));
|
2017-08-04 16:28:16 +02:00
|
|
|
}
|
|
|
|
|
2017-09-04 10:24:44 +02:00
|
|
|
// Imposta Monolog come gestore degli errori
|
2021-07-28 15:17:56 +02:00
|
|
|
$handler = new Monolog\ErrorHandler($logger);
|
|
|
|
if (!API\Response::isAPIRequest()) {
|
|
|
|
$handler->registerErrorHandler([]);
|
|
|
|
$handler->registerExceptionHandler(Monolog\Logger::ERROR);
|
|
|
|
}
|
|
|
|
$handler->registerFatalHandler(Monolog\Logger::ERROR);
|
2017-08-04 16:28:16 +02:00
|
|
|
|
2018-08-10 17:14:09 +02:00
|
|
|
// Database
|
2018-09-20 12:05:22 +02:00
|
|
|
$dbo = $database = database();
|
2018-08-10 17:14:09 +02:00
|
|
|
|
2018-12-28 08:07:56 +01:00
|
|
|
/* INTERNAZIONALIZZAZIONE */
|
2017-08-07 13:07:18 +02:00
|
|
|
// Istanziamento del gestore delle traduzioni del progetto
|
2020-09-23 11:47:59 +02:00
|
|
|
$lang = !empty($config['lang']) ? $config['lang'] : (isset($_GET['lang']) ? $_GET['lang'] : null);
|
2018-09-20 12:05:22 +02:00
|
|
|
$formatter = !empty($config['formatter']) ? $config['formatter'] : [];
|
2020-12-31 16:13:28 +01:00
|
|
|
//$translator->addLocalePath(base_dir().'/locale');
|
|
|
|
//$translator->addLocalePath(base_dir().'/modules/*/locale');
|
|
|
|
//$translator->setLocale($lang, $formatter);
|
2017-08-04 16:28:16 +02:00
|
|
|
|
2017-08-07 13:07:18 +02:00
|
|
|
// Individuazione di versione e revisione del progetto
|
|
|
|
$version = Update::getVersion();
|
|
|
|
$revision = Update::getRevision();
|
2017-08-04 16:28:16 +02:00
|
|
|
|
2018-12-28 08:07:56 +01:00
|
|
|
/* ACCESSO E INSTALLAZIONE */
|
2017-08-07 13:07:18 +02:00
|
|
|
// Controllo sulla presenza dei permessi di accesso basilari
|
2020-12-31 16:13:28 +01:00
|
|
|
$continue = $dbo->isInstalled() && !Update::isUpdateAvailable() && (auth()->check() || API\Response::isAPIRequest());
|
2017-08-30 11:50:46 +02:00
|
|
|
|
2018-04-23 09:53:53 +02:00
|
|
|
if (!empty($skip_permissions)) {
|
|
|
|
Permissions::skip();
|
|
|
|
}
|
|
|
|
|
2020-12-31 16:13:28 +01:00
|
|
|
if (!$continue && getURLPath() != slashes(base_url().'/index.php') && !Permissions::getSkip()) {
|
|
|
|
if (auth()->check()) {
|
|
|
|
auth()->logout();
|
2017-09-11 18:12:41 +02:00
|
|
|
}
|
|
|
|
|
2020-12-31 16:13:28 +01:00
|
|
|
redirect_legacy(base_url().'/index.php');
|
|
|
|
throw new \App\Exceptions\LegacyExitException;
|
2017-08-04 16:28:16 +02:00
|
|
|
}
|
|
|
|
|
2018-12-28 08:07:56 +01:00
|
|
|
/* INIZIALIZZAZIONE GENERALE */
|
2017-08-07 13:07:18 +02:00
|
|
|
// Operazione aggiuntive (richieste non API)
|
2019-07-19 15:23:00 +02:00
|
|
|
if (!API\Response::isAPIRequest()) {
|
2018-06-28 15:23:52 +02:00
|
|
|
// Impostazioni di Content-Type e Charset Header
|
|
|
|
header('Content-Type: text/html; charset=UTF-8');
|
|
|
|
|
2017-08-07 13:07:18 +02:00
|
|
|
// Controllo CSRF
|
2018-09-21 15:50:42 +02:00
|
|
|
if (empty($config['disableCSRF'])) {
|
2020-12-31 16:13:28 +01:00
|
|
|
//csrfProtector::init();
|
2018-09-21 15:50:42 +02:00
|
|
|
}
|
2017-08-07 13:07:18 +02:00
|
|
|
|
|
|
|
// Aggiunta del wrapper personalizzato per la generazione degli input
|
2018-09-20 12:05:22 +02:00
|
|
|
if (!empty($config['HTMLWrapper'])) {
|
|
|
|
HTMLBuilder\HTMLBuilder::setWrapper($config['HTMLWrapper']);
|
2017-08-07 13:07:18 +02:00
|
|
|
}
|
2017-08-04 16:28:16 +02:00
|
|
|
|
2017-08-07 13:07:18 +02:00
|
|
|
// Aggiunta dei gestori personalizzati per la generazione degli input
|
2018-09-20 12:05:22 +02:00
|
|
|
foreach ((array) $config['HTMLHandlers'] as $key => $value) {
|
2017-08-07 13:07:18 +02:00
|
|
|
HTMLBuilder\HTMLBuilder::setHandler($key, $value);
|
|
|
|
}
|
2017-08-04 16:28:16 +02:00
|
|
|
|
2017-08-07 13:07:18 +02:00
|
|
|
// Aggiunta dei gestori per componenti personalizzate
|
2018-09-20 12:05:22 +02:00
|
|
|
foreach ((array) $config['HTMLManagers'] as $key => $value) {
|
2017-08-07 13:07:18 +02:00
|
|
|
HTMLBuilder\HTMLBuilder::setManager($key, $value);
|
|
|
|
}
|
2017-08-04 16:28:16 +02:00
|
|
|
|
2017-08-07 13:07:18 +02:00
|
|
|
// Registrazione globale del template per gli input HTML
|
2018-06-28 15:23:52 +02:00
|
|
|
ob_start();
|
2017-08-07 13:07:18 +02:00
|
|
|
|
2018-07-19 12:47:28 +02:00
|
|
|
// Retrocompatibilità
|
2020-12-31 16:13:28 +01:00
|
|
|
session(['infos' => isset($_SESSION['infos']) ? array_unique($_SESSION['infos']) : []]);
|
|
|
|
session(['warnings' => isset($_SESSION['warnings']) ? array_unique($_SESSION['warnings']) : []]);
|
|
|
|
session(['errors' => isset($_SESSION['errors']) ? array_unique($_SESSION['errors']) : []]);
|
2017-08-07 13:07:18 +02:00
|
|
|
|
|
|
|
// Impostazione del tema grafico di default
|
2018-09-20 12:05:22 +02:00
|
|
|
$theme = !empty($config['theme']) ? $config['theme'] : 'default';
|
2017-08-07 13:07:18 +02:00
|
|
|
|
|
|
|
if ($continue) {
|
2018-05-11 14:48:46 +02:00
|
|
|
// Periodo di visualizzazione dei record
|
|
|
|
// Personalizzato
|
|
|
|
if (!empty($_GET['period_start'])) {
|
2020-12-31 16:13:28 +01:00
|
|
|
session(['period_start' => $_GET['period_start']]);
|
|
|
|
session(['period_end' => $_GET['period_end']]);
|
2018-05-11 14:48:46 +02:00
|
|
|
}
|
|
|
|
// Dal 01-01-yyy al 31-12-yyyy
|
2020-12-31 16:13:28 +01:00
|
|
|
elseif (session('period_start') == null) {
|
|
|
|
session(['period_start' => date('Y').'-01-01']);
|
|
|
|
session(['period_end' => date('Y').'-12-31']);
|
2018-05-11 14:48:46 +02:00
|
|
|
}
|
|
|
|
|
2018-09-19 10:44:32 +02:00
|
|
|
$id_record = filter('id_record');
|
|
|
|
$id_parent = filter('id_parent');
|
2017-08-04 16:28:16 +02:00
|
|
|
|
2018-09-19 10:44:32 +02:00
|
|
|
Modules::setCurrent(filter('id_module'));
|
|
|
|
Plugins::setCurrent(filter('id_plugin'));
|
|
|
|
|
|
|
|
// Variabili fondamentali
|
|
|
|
$module = Modules::getCurrent();
|
|
|
|
$plugin = Plugins::getCurrent();
|
|
|
|
$structure = isset($plugin) ? $plugin : $module;
|
2017-08-04 16:28:16 +02:00
|
|
|
|
2020-09-22 20:28:37 +02:00
|
|
|
$id_module = $module ? $module['id'] : null;
|
|
|
|
$id_plugin = $plugin ? $plugin['id'] : null;
|
2017-08-07 13:07:18 +02:00
|
|
|
|
2020-12-31 16:13:28 +01:00
|
|
|
$user = auth()->user();
|
2018-09-19 10:44:32 +02:00
|
|
|
|
|
|
|
if (!empty($id_module)) {
|
2018-06-23 15:41:32 +02:00
|
|
|
// Segmenti
|
2018-07-19 09:58:28 +02:00
|
|
|
if (!isset($_SESSION['module_'.$id_module]['id_segment'])) {
|
2018-06-23 15:41:32 +02:00
|
|
|
$segments = Modules::getSegments($id_module);
|
2020-12-31 16:13:28 +01:00
|
|
|
session(['module_'.$id_module.'.id_segment' => isset($segments[0]['id']) ? $segments[0]['id'] : null]);
|
2018-06-23 15:41:32 +02:00
|
|
|
}
|
|
|
|
|
2017-08-07 13:07:18 +02:00
|
|
|
Permissions::addModule($id_module);
|
2017-08-04 16:28:16 +02:00
|
|
|
}
|
|
|
|
|
2017-08-07 13:07:18 +02:00
|
|
|
Permissions::check();
|
2017-08-04 16:28:16 +02:00
|
|
|
}
|
|
|
|
|
2018-07-19 15:33:32 +02:00
|
|
|
// Retrocompatibilità
|
2017-09-04 10:24:44 +02:00
|
|
|
$post = Filter::getPOST();
|
|
|
|
$get = Filter::getGET();
|
|
|
|
}
|
2019-01-11 12:02:11 +01:00
|
|
|
|
|
|
|
// Inclusione dei file modutil.php
|
|
|
|
// TODO: sostituire * con lista module dir {aggiornamenti,anagrafiche,articoli}
|
|
|
|
// TODO: sostituire tutte le funzioni dei moduli con classi Eloquent relative
|
|
|
|
$files = glob(__DIR__.'/{modules,plugins}/*/modutil.php', GLOB_BRACE);
|
|
|
|
$custom_files = glob(__DIR__.'/{modules,plugins}/*/custom/modutil.php', GLOB_BRACE);
|
|
|
|
foreach ($custom_files as $key => $value) {
|
|
|
|
$index = array_search(str_replace('custom/', '', $value), $files);
|
|
|
|
if ($index !== false) {
|
|
|
|
unset($files[$index]);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
$list = array_merge($files, $custom_files);
|
|
|
|
foreach ($list as $file) {
|
|
|
|
include_once $file;
|
|
|
|
}
|
2019-07-19 16:51:52 +02:00
|
|
|
|
|
|
|
// Inclusione dei file vendor/autoload.php di Composer
|
|
|
|
$files = glob(__DIR__.'/{modules,plugins}/*/vendor/autoload.php', GLOB_BRACE);
|
|
|
|
$custom_files = glob(__DIR__.'/{modules,plugins}/*/custom/vendor/autoload.php', GLOB_BRACE);
|
|
|
|
foreach ($custom_files as $key => $value) {
|
|
|
|
$index = array_search(str_replace('custom/', '', $value), $files);
|
|
|
|
if ($index !== false) {
|
|
|
|
unset($files[$index]);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
$list = array_merge($files, $custom_files);
|
|
|
|
foreach ($list as $file) {
|
|
|
|
include_once $file;
|
|
|
|
}
|