2017-08-04 16:28:16 +02:00
< ? php
// Impostazioni per la corretta interpretazione di UTF-8
header ( 'Content-Type: text/html; charset=UTF-8' );
2017-09-07 16:51:14 +02:00
ob_start ();
2017-08-04 16:28:16 +02:00
// Impostazioni di configurazione PHP
date_default_timezone_set ( 'Europe/Rome' );
// Caricamento delle impostazioni personalizzabili
if ( file_exists ( __DIR__ . '/config.inc.php' )) {
include_once __DIR__ . '/config.inc.php' ;
}
// Individuazione dei percorsi di base
$docroot = __DIR__ ;
$rootdir = substr ( $_SERVER [ 'SCRIPT_NAME' ], 0 , strrpos ( $_SERVER [ 'SCRIPT_NAME' ], '/' ));
if ( strrpos ( $rootdir , '/' . basename ( $docroot ) . '/' ) !== false ) {
$rootdir = substr ( $rootdir , 0 , strrpos ( $rootdir , '/' . basename ( $docroot ) . '/' )) . '/' . basename ( $docroot );
}
$rootdir = str_replace ( '%2F' , '/' , rawurlencode ( $rootdir ));
// Aggiunta delle variabili globali
define ( 'DOCROOT' , $docroot );
define ( 'ROOTDIR' , $rootdir );
// Caricamento delle dipendenze e delle librerie del progetto
require_once __DIR__ . '/vendor/autoload.php' ;
2017-08-07 13:07:18 +02:00
// Redirect al percorso HTTPS se impostato nella configurazione
if ( ! empty ( $redirectHTTPS ) && ! isHTTPS ( true )) {
header ( 'HTTP/1.1 301 Moved Permanently' );
header ( 'Location: https://' . $_SERVER [ 'HTTP_HOST' ] . $_SERVER [ 'REQUEST_URI' ]);
exit ();
}
2017-08-04 16:28:16 +02:00
// Forzamento del debug
// $debug = true;
// Logger per la segnalazione degli errori
2017-09-04 12:02:29 +02:00
$logger = new Monolog\Logger ( tr ( 'OpenSTAManager' ));
2017-08-04 16:28:16 +02:00
$logger -> pushProcessor ( new Monolog\Processor\UidProcessor ());
$logger -> pushProcessor ( new Monolog\Processor\WebProcessor ());
use Monolog\Handler\StreamHandler ;
use Monolog\Handler\RotatingFileHandler ;
$handlers = [];
2017-09-04 10:24:44 +02:00
if ( ! API :: isAPIRequest ()) {
// File di log di base (logs/error.log)
$handlers [] = new StreamHandler ( __DIR__ . '/logs/error.log' , Monolog\Logger :: ERROR );
$handlers [] = new StreamHandler ( __DIR__ . '/logs/setup.log' , Monolog\Logger :: EMERGENCY );
// Impostazioni di debug
if ( ! empty ( $debug )) {
// Ignoramento degli avvertimenti e delle informazioni relative alla deprecazione di componenti
if ( empty ( $strict )) {
error_reporting ( E_ALL & ~ E_NOTICE & ~ E_USER_DEPRECATED );
}
2017-08-04 16:28:16 +02:00
2017-09-04 10:24:44 +02:00
// File di log ordinato in base alla data
$handlers [] = new RotatingFileHandler ( __DIR__ . '/logs/error.log' , 0 , Monolog\Logger :: ERROR );
$handlers [] = new RotatingFileHandler ( __DIR__ . '/logs/setup.log' , 0 , Monolog\Logger :: EMERGENCY );
2017-08-04 16:28:16 +02:00
2017-09-04 10:24:44 +02:00
if ( version_compare ( PHP_VERSION , '5.5.9' ) >= 0 ) {
$prettyPageHandler = new Whoops\Handler\PrettyPageHandler ();
2017-08-04 16:28:16 +02:00
2017-09-04 10:24:44 +02:00
// Imposta Whoops come gestore delle eccezioni di default
$whoops = new Whoops\Run ();
$whoops -> pushHandler ( $prettyPageHandler );
2017-08-04 16:28:16 +02:00
2017-09-04 10:24:44 +02:00
// Abilita la gestione degli errori nel caso la richiesta sia di tipo AJAX
if ( Whoops\Util\Misc :: isAjaxRequest ()) {
$whoops -> pushHandler ( new Whoops\Handler\JsonResponseHandler ());
}
2017-08-04 16:28:16 +02:00
2017-09-04 10:24:44 +02:00
$whoops -> register ();
}
2017-08-04 16:28:16 +02:00
}
} else {
2017-09-04 10:24:44 +02:00
$handlers [] = new StreamHandler ( __DIR__ . '/logs/api.log' , Monolog\Logger :: ERROR );
}
// Disabilita la segnalazione degli errori (se il debug è disabilitato)
if ( empty ( $debug )) {
2017-08-04 16:28:16 +02:00
error_reporting ( 0 );
}
// Imposta il formato di salvataggio dei log
$monologFormatter = new Monolog\Formatter\LineFormatter ( '[%datetime%] %channel%.%level_name%: %message% %extra%' . PHP_EOL );
foreach ( $handlers as $handler ) {
$logger -> pushHandler ( $handler -> setFormatter ( $monologFormatter ));
}
2017-09-04 10:24:44 +02:00
// Imposta Monolog come gestore degli errori
2017-08-04 16:28:16 +02:00
Monolog\ErrorHandler :: register ( $logger );
// Istanziamento della gestione di date e numeri
$formatter = ! empty ( $formatter ) ? $formatter : [];
Translator :: setLocaleFormatter ( $formatter );
2017-08-07 13:07:18 +02:00
// Istanziamento del gestore delle traduzioni del progetto
$lang = ! empty ( $lang ) ? $lang : 'it' ;
2017-09-04 12:59:03 +02:00
$translator = Translator :: getInstance ();
2017-08-07 13:07:18 +02:00
$translator -> addLocalePath ( $docroot . '/locale' );
$translator -> addLocalePath ( $docroot . '/modules/*/locale' );
2017-09-04 12:59:03 +02:00
$translator -> setLocale ( $lang );
2017-08-04 16:28:16 +02:00
2017-08-07 13:07:18 +02:00
// Individuazione di versione e revisione del progetto
$version = Update :: getVersion ();
$revision = Update :: getRevision ();
2017-08-04 16:28:16 +02:00
2017-09-04 10:24:44 +02:00
// Inizializzazione della sessione
2017-08-07 13:07:18 +02:00
if ( ! API :: isAPIRequest ()) {
session_set_cookie_params ( 0 , $rootdir );
session_start ();
2017-08-04 16:28:16 +02:00
}
2017-08-07 13:07:18 +02:00
$dbo = Database :: getConnection ();
2017-08-04 16:28:16 +02:00
2017-08-07 13:07:18 +02:00
// Controllo sulla presenza dei permessi di accesso basilari
2017-08-30 11:50:46 +02:00
$continue = $dbo -> isInstalled () && ! Update :: isUpdateAvailable () && ( Auth :: check () || API :: isAPIRequest ());
2017-08-07 13:07:18 +02:00
if ( ! $continue && slashes ( $_SERVER [ 'SCRIPT_FILENAME' ]) != slashes ( DOCROOT . '/index.php' )) {
redirect ( ROOTDIR . '/index.php?op=logout' );
2017-08-04 16:28:16 +02:00
exit ();
}
2017-08-07 13:07:18 +02:00
// Operazione aggiuntive (richieste non API)
if ( ! API :: isAPIRequest ()) {
/*
// Controllo CSRF
if ( ! CSRF :: getInstance () -> validate ()){
2017-09-04 12:02:29 +02:00
die ( tr ( 'Constrollo CSRF fallito!' ));
2017-08-07 13:07:18 +02:00
} */
// Aggiunta del wrapper personalizzato per la generazione degli input
if ( ! empty ( $HTMLWrapper )) {
HTMLBuilder\HTMLBuilder :: setWrapper ( $HTMLWrapper );
}
2017-08-04 16:28:16 +02:00
2017-08-07 13:07:18 +02:00
// Aggiunta dei gestori personalizzati per la generazione degli input
foreach (( array ) $HTMLHandlers as $key => $value ) {
HTMLBuilder\HTMLBuilder :: setHandler ( $key , $value );
}
2017-08-04 16:28:16 +02:00
2017-08-07 13:07:18 +02:00
// Aggiunta dei gestori per componenti personalizzate
foreach (( array ) $HTMLManagers as $key => $value ) {
HTMLBuilder\HTMLBuilder :: setManager ( $key , $value );
}
2017-08-04 16:28:16 +02:00
2017-08-07 13:07:18 +02:00
// Registrazione globale del template per gli input HTML
register_shutdown_function ( 'translateTemplate' );
// Impostazione della sessione di base
2017-08-08 14:04:46 +02:00
$_SESSION [ 'infos' ] = ( array ) $_SESSION [ 'infos' ];
$_SESSION [ 'warnings' ] = ( array ) $_SESSION [ 'warnings' ];
2017-08-07 13:07:18 +02:00
$_SESSION [ 'errors' ] = ( array ) $_SESSION [ 'errors' ];
// Imposto il periodo di visualizzazione dei record dal 01-01-yyy al 31-12-yyyy
if ( ! empty ( $_GET [ 'period_start' ])) {
$_SESSION [ 'period_start' ] = $_GET [ 'period_start' ];
$_SESSION [ 'period_end' ] = $_GET [ 'period_end' ];
} elseif ( ! isset ( $_SESSION [ 'period_start' ])) {
$_SESSION [ 'period_start' ] = date ( 'Y' ) . '-01-01' ;
$_SESSION [ 'period_end' ] = date ( 'Y' ) . '-12-31' ;
}
2017-08-04 16:28:16 +02:00
2017-08-07 13:07:18 +02:00
// Impostazione del tema grafico di default
$theme = ! empty ( $theme ) ? $theme : 'default' ;
$assets = $rootdir . '/assets/dist' ;
$css = $assets . '/css' ;
$js = $assets . '/js' ;
$img = $assets . '/img' ;
// CSS di base del progetto
$css_modules = [];
$css_modules [] = $css . '/app.min.css' ;
$css_modules [] = $css . '/style.min.css' ;
$css_modules [] = $css . '/themes.min.css' ;
$css_modules [] = [
'href' => $css . '/print.min.css' ,
'media' => 'print' ,
];
// JS di base del progetto
$jscript_modules = [];
$jscript_modules [] = $js . '/app.min.js' ;
$jscript_modules [] = $js . '/custom.min.js' ;
$jscript_modules [] = $js . '/i18n/parsleyjs/' . $lang . '.min.js' ;
$jscript_modules [] = $js . '/i18n/select2/' . $lang . '.min.js' ;
$jscript_modules [] = $js . '/i18n/moment/' . $lang . '.min.js' ;
$jscript_modules [] = $js . '/i18n/fullcalendar/' . $lang . '.min.js' ;
if ( Auth :: check ()) {
$jscript_modules [] = $rootdir . '/lib/functions.js' ;
$jscript_modules [] = $rootdir . '/lib/init.js' ;
}
2017-08-04 16:28:16 +02:00
2017-08-07 13:07:18 +02:00
if ( $continue ) {
2017-09-04 10:24:44 +02:00
// Istanziamento della barra di debug
if ( ! empty ( $debug )) {
$debugbar = new DebugBar\StandardDebugBar ();
$debugbar -> addCollector ( new DebugBar\Bridge\MonologCollector ( $logger ));
2017-08-07 13:07:18 +02:00
$debugbar -> addCollector ( new DebugBar\DataCollector\PDO\PDOCollector ( $dbo -> getPDO ()));
}
2017-08-04 16:28:16 +02:00
2017-08-07 13:07:18 +02:00
$id_module = filter ( 'id_module' );
$id_record = filter ( 'id_record' );
$id_plugin = filter ( 'id_plugin' );
$id_parent = filter ( 'id_parent' );
2017-08-04 16:28:16 +02:00
2017-08-07 13:07:18 +02:00
$user = Auth :: user ();
2017-08-04 16:28:16 +02:00
2017-08-07 13:07:18 +02:00
if ( ! empty ( $id_module )) {
$module = Modules :: getModule ( $id_module );
2017-08-04 16:28:16 +02:00
2017-08-07 13:07:18 +02:00
$pageTitle = $module [ 'title' ];
Permissions :: addModule ( $id_module );
2017-08-04 16:28:16 +02:00
}
2017-08-07 13:07:18 +02:00
if ( ! empty ( $skip_permissions )) {
Permissions :: skip ();
}
2017-08-04 16:28:16 +02:00
2017-08-07 13:07:18 +02:00
Permissions :: check ();
2017-08-04 16:28:16 +02:00
2017-08-07 13:07:18 +02:00
// Retrocompatibilità
$user_idanagrafica = $user [ 'idanagrafica' ];
2017-08-04 16:28:16 +02:00
2017-09-04 10:24:44 +02:00
$rs = $dbo -> fetchArray ( 'SELECT * FROM `zz_modules` LEFT JOIN (SELECT `idmodule`, `permessi` FROM `zz_permissions` WHERE `idgruppo`=(SELECT `idgruppo` FROM `zz_users` WHERE `id`=' . prepare ( $_SESSION [ 'id_utente' ]) . ')) AS `zz_permissions` ON `zz_modules`.`id`=`zz_permissions`.`idmodule` LEFT JOIN (SELECT `idmodule`, `clause` FROM `zz_group_module` WHERE `idgruppo`=(SELECT `idgruppo` FROM `zz_users` WHERE `id`=' . prepare ( $_SESSION [ 'id_utente' ]) . ')) AS `zz_group_module` ON `zz_modules`.`id`=`zz_group_module`.`idmodule`' );
2017-08-04 16:28:16 +02:00
2017-08-07 13:07:18 +02:00
$modules_info = [];
for ( $i = 0 ; $i < count ( $rs ); ++ $i ) {
foreach ( $rs [ $i ] as $name => $value ) {
if ( $name == 'permessi' && ( Auth :: admin () || $value == null )) {
if ( Auth :: admin ()) {
$value = 'rw' ;
} else {
$value = '-' ;
}
}
if ( $name != 'idmodule' && $name != 'updated_at' && $name != 'created_at' && $name != 'clause' ) {
$modules_info [ $rs [ $i ][ 'name' ]][ $name ] = $value ;
} elseif ( $name == 'clause' ) {
$additional_where [ $rs [ $i ][ 'name' ]] = ! empty ( $value ) ? ' AND ' . $value : $value ;
}
}
2017-08-04 16:28:16 +02:00
2017-08-07 13:07:18 +02:00
$modules_info [ $rs [ $i ][ 'id' ]][ 'name' ] = $rs [ $i ][ 'name' ];
}
2017-08-04 16:28:16 +02:00
}
2017-08-07 13:07:18 +02:00
// Istanziamento di HTMLHelper (retrocompatibilità)
$html = new HTMLHelper ();
2017-08-04 16:28:16 +02:00
2017-09-04 10:24:44 +02:00
// Variabili GET e POST
$post = Filter :: getPOST ();
$get = Filter :: getGET ();
}