connected) {
system_unavailable();
}
unset($db_host, $db_port, $db_user, $db_pass, $db_data, $db_type);
/*
* Load configs from db. Overwrite configs from .htconfig.php
*/
load_config('system');
load_config('feature');
App::$session = new Session();
App::$session->init();
App::$sys_channel = Channel::get_system();
Hook::load();
/**
* @hooks 'startup'
*/
$arr = [];
Hook::call('startup',$arr);
}
}
function startup() {
error_reporting(E_ERROR | E_PARSE);
// Some hosting providers block/disable this
@set_time_limit(0);
if (function_exists ('ini_set')) {
// This has to be quite large
@ini_set('pcre.backtrack_limit', 5000000);
// Use cookies to store the session ID on the client side
@ini_set('session.use_only_cookies', 1);
// Disable transparent Session ID support
@ini_set('session.use_trans_sid', 0);
}
}
/**
* class: App
*
* @brief Our main application structure for the life of this page.
*
* Primarily deals with the URL that got us here
* and tries to make some sense of it, and
* stores our page contents and config storage
* and anything else that might need to be passed around
* before we spit the page out.
*
*/
class App {
public static $install = false; // true if we are installing the software
public static $account = null; // account record of the logged-in account
public static $channel = null; // channel record of the current channel of the logged-in account
public static $observer = null; // xchan record of the page observer
public static $profile_uid = 0; // If applicable, the channel_id of the "page owner"
public static $sys_channel = null; // cache sys channel lookups here
public static $poi = null; // "person of interest", generally a referenced connection or directory entry
private static $oauth_key = null; // consumer_id of oauth request, if used
public static $layout = []; // Comanche parsed template
public static $pdl = null; // Comanche page description
private static $perms = null; // observer permissions
private static $widgets = []; // widgets for this page
public static $config = []; // config cache
public static $icon = '';
public static $override_intltext_templates = [];
public static $override_markup_templates = [];
public static $override_templateroot = null;
public static $session = null;
public static $language;
public static $langsave;
public static $rtl = false;
public static $addons_admin;
public static $module_loaded = false;
public static $query_string;
public static $page;
public static $profile;
public static $user;
public static $cid;
public static $contact;
public static $contacts;
public static $content;
public static $data = [];
public static $error = false;
public static $cmd;
public static $argv;
public static $argc;
public static $module;
public static $pager;
public static $strings;
public static $stringsave; // used in push_lang() and pop_lang()
public static $hooks;
public static $interactive = true;
public static $addons;
public static $identities;
public static $css_sources = [];
public static $js_sources = [];
public static $linkrel = [];
public static $theme_info = [];
public static $is_sys = false;
public static $nav_sel;
public static $comanche;
public static $httpheaders = null;
public static $httpsig = null;
public static $channel_links;
public static $category;
// Allow themes to control internal parameters
// by changing App values in theme.php
public static $sourcename = '';
public static $videowidth = 425;
public static $videoheight = 350;
public static $meta;
/**
* @brief An array for all theme-controllable parameters
*
* Mostly unimplemented yet. Only options 'template_engine' and
* beyond are used.
*/
private static $theme = [
'sourcename' => '',
'videowidth' => 425,
'videoheight' => 350,
'force_max_items' => 0,
'thread_allow' => true,
'stylesheet' => '',
'template_engine' => 'smarty3',
];
/**
* @brief An array of registered template engines ('name'=>'class name')
*/
public static $template_engines = [];
/**
* @brief An array of instanced template engines ('name'=>'instance')
*/
public static $template_engine_instance = [];
private static $ldelim = [
'internal' => '',
'smarty3' => '{{'
];
private static $rdelim = [
'internal' => '',
'smarty3' => '}}'
];
// These represent the URL which was used to access the page
private static $scheme;
private static $hostname;
private static $path;
// This is our standardised URL - regardless of what was used
// to access the page
private static $baseurl;
/**
* App constructor.
*/
public static function init() {
// Optional startup file for situations which require system
// configuration before anything is executed.
if (file_exists('.htstartup.php')) {
/** @noinspection PhpIncludeInspection */
include('.htstartup.php');
}
// we'll reset this after we read our config file
date_default_timezone_set('UTC');
self::$config = [
'system' => []
];
self::$page = [];
self::$pager= [];
self::$query_string = '';
startup();
set_include_path(
'include' . PATH_SEPARATOR
. 'library' . PATH_SEPARATOR
. '.'
);
// normally self::$hostname (also scheme and port) will be filled in during startup.
// Set it manually from $_SERVER variables only if it wasn't.
if (! self::$hostname) {
self::$hostname = punify(get_host());
self::$scheme = 'http';
if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']) {
self::$scheme = 'https';
}
elseif (isset($_SERVER['SERVER_PORT']) && (intval($_SERVER['SERVER_PORT']) === 443)) {
self::$scheme = 'https';
}
if (isset($_SERVER['SERVER_PORT']) && intval($_SERVER['SERVER_PORT']) !== 80 && intval($_SERVER['SERVER_PORT']) !== 443) {
self::$hostname .= ':' . $_SERVER['SERVER_PORT'];
}
}
/*
* Figure out if we are running at the top of a domain
* or in a subdirectory and adjust accordingly
*/
$path = trim(dirname($_SERVER['SCRIPT_NAME']),'/\\');
if (strlen($path) && ($path != self::$path)) {
self::$path = $path;
}
// Rewrite rules on the server will convert incoming paths to a request parameter.
// Strip this path information from our stored copy of the query_string, in case
// we need to re-use the rest of the original query.
if (isset($_SERVER['QUERY_STRING']) && str_starts_with($_SERVER['QUERY_STRING'], "req=")) {
self::$query_string = str_replace(['<','>'],['<','>'],substr($_SERVER['QUERY_STRING'], 4));
// removing leading '/' - maybe a nginx problem
if (str_starts_with(self::$query_string, "/")) {
self::$query_string = substr(self::$query_string, 1);
}
// change the first & to ?
self::$query_string = preg_replace('/&/','?',self::$query_string,1);
}
// Here is where start breaking out the URL path information to both route the
// web request based on the leading path component, and also to use remaining
// path components as C-style arguments to our individual controller modules.
if (isset($_GET['req'])) {
self::$cmd = escape_tags(trim($_GET['req'],'/\\'));
}
// support both unix and fediverse style "homedir"
if ((str_starts_with(self::$cmd, '~')) || (str_starts_with(self::$cmd, '@'))) {
self::$cmd = 'channel/' . substr(self::$cmd, 1);
}
/*
* Break the URL path into C style argc/argv style arguments for our
* modules. Given "http://example.com/module/arg1/arg2", self::$argc
* will be 3 (integer) and self::$argv will contain:
* [0] => 'module'
* [1] => 'arg1'
* [2] => 'arg2'
*
* There will always be one argument. If provided a naked domain
* URL, self::$argv[0] is set to "home".
*
* If $argv[0] has a period in it, for example foo.json; rewrite
* to module = 'foo' and set $_REQUEST['module_format'] = 'json';
*
* As a result, say you offered a feed for member bob. Most applications
* would address it as /feed/bob.xml or /feed/bob.json
* We would address it as /feed.xml/bob and /feed.json/bob because
* you're altering the output format of the feed module, and bob is
* just an identifier or variable.
*/
self::$argv = explode('/', self::$cmd);
self::$argc = count(self::$argv);
if ((array_key_exists('0', self::$argv)) && strlen(self::$argv[0])) {
if(strpos(self::$argv[0],'.')) {
$_REQUEST['module_format'] = substr(self::$argv[0],strpos(self::$argv[0],'.')+1);
self::$argv[0] = substr(self::$argv[0],0,strpos(self::$argv[0],'.'));
}
self::$module = str_replace(".", "_", self::$argv[0]);
self::$module = str_replace("-", "_", self::$module);
if(str_starts_with(self::$module, '_'))
self::$module = substr(self::$module,1);
} else {
self::$argc = 1;
self::$argv = ['home'];
self::$module = 'home';
}
/*
* See if there is any page number information, and initialise
* pagination
*/
self::$pager['unset'] = !array_key_exists('page', $_REQUEST);
self::$pager['page'] = ((x($_GET,'page') && intval($_GET['page']) > 0) ? intval($_GET['page']) : 1);
self::$pager['itemspage'] = 60;
self::$pager['start'] = (self::$pager['page'] * self::$pager['itemspage']) - self::$pager['itemspage'];
self::$pager['total'] = 0;
if (self::$pager['start'] < 0) {
self::$pager['start'] = 0;
}
self::$meta = new HttpMeta();
/*
* register template engines (probably just smarty, but this can be extended)
*/
self::register_template_engine(get_class(new SmartyTemplate()));
}
public static function get_baseurl() {
if(is_array(self::$config)
&& array_key_exists('system',self::$config)
&& is_array(self::$config['system'])
&& array_key_exists('baseurl',self::$config['system'])
&& strlen(self::$config['system']['baseurl'])) {
$url = self::$config['system']['baseurl'];
return trim($url,'\\/');
}
$scheme = self::$scheme;
self::$baseurl = $scheme . "://" . punify(self::$hostname) . ((isset(self::$path) && strlen(self::$path)) ? '/' . self::$path : '' );
return self::$baseurl;
}
public static function set_baseurl($url) {
if(is_array(self::$config)
&& array_key_exists('system',self::$config)
&& is_array(self::$config['system'])
&& array_key_exists('baseurl',self::$config['system'])
&& strlen(self::$config['system']['baseurl'])) {
$url = punify(self::$config['system']['baseurl']);
$url = trim($url,'\\/');
}
$parsed = @parse_url($url);
self::$baseurl = $url;
if($parsed !== false) {
self::$scheme = $parsed['scheme'];
self::$hostname = punify($parsed['host']);
if(x($parsed,'port'))
self::$hostname .= ':' . $parsed['port'];
if(x($parsed,'path'))
self::$path = trim($parsed['path'],'\\/');
}
}
public static function get_scheme() {
return self::$scheme;
}
public static function get_hostname() {
return self::$hostname;
}
public static function set_hostname($h) {
self::$hostname = $h;
}
public static function set_path($p) {
self::$path = trim(trim($p), '/');
}
public static function get_path() {
return self::$path;
}
public static function get_channel_links_header() {
$s = '';
$x = self::$channel_links;
if ($x && is_array($x) && count($x)) {
foreach ($x as $y) {
if ($s) {
$s .= ',';
}
$s .= '<' . $y['href'] . '>; rel="' . $y['rel'] . '"; type="' . $y['type'] . '"';
}
}
return $s;
}
public static function set_account($acct) {
self::$account = $acct;
}
public static function get_account() {
return self::$account;
}
public static function set_channel($channel) {
self::$channel = $channel;
}
public static function get_channel(): mixed
{
return self::$channel;
}
public static function set_observer($xchan) {
self::$observer = $xchan;
}
public static function get_observer(): mixed
{
return self::$observer;
}
public static function set_perms($perms) {
self::$perms = $perms;
}
public static function get_perms() {
return self::$perms;
}
public static function set_oauth_key($consumer_id) {
self::$oauth_key = $consumer_id;
}
public static function get_oauth_key() {
return self::$oauth_key;
}
public static function set_pager_total($n) {
self::$pager['total'] = intval($n);
}
public static function set_pager_itemspage($n) {
self::$pager['itemspage'] = ((intval($n) > 0) ? intval($n) : 0);
self::$pager['start'] = (self::$pager['page'] * self::$pager['itemspage']) - self::$pager['itemspage'];
}
public static function build_pagehead() {
$user_scalable = ((local_channel()) ? get_pconfig(local_channel(),'system','user_scalable', 0) : 0);
$preload_images = ((local_channel()) ? get_pconfig(local_channel(),'system','preload_images',0) : 0);
$interval = ((local_channel()) ? get_pconfig(local_channel(),'system','update_interval', 30000) : 30000);
if ($interval < 15000) {
$interval = 15000;
}
$alerts_interval = intval(get_config('system','alerts_interval',10000));
if ($alerts_interval < 5000) {
$alerts_interval = 5000;
}
if (! x(self::$page,'title')) {
self::$page['title'] = ucfirst(App::$module) . ' | ' . ((array_path_exists('system/sitename',self::$config)) ? self::$config['system']['sitename'] : REPOSITORY_ID);
}
if (! self::$meta->get_field('og:title')) {
self::$meta->set('og:title',self::$page['title']);
}
// webmanifest
Head::add_link( [ 'rel' => 'manifest', 'href' => z_root() . '/manifest.webmanifest' ] );
self::$meta->set('application-name', System::get_project_name() );
self::$meta->set('generator', System::get_project_name());
$i = head_get_icon();
if (! $i) {
$i = System::get_site_icon();
}
if ($i) {
// normalise the sizes if possible.
$i = str_replace('/s/','/l/',$i);
$i = str_replace('/m/','/l/',$i);
Head::add_link(['rel' => 'shortcut icon', 'href' => str_replace('/l/','/32/',$i) ]);
Head::add_link(['rel' => 'icon', 'sizes' => '64x64', 'href' => str_replace('/l/','/64/', $i) ]);
Head::add_link(['rel' => 'icon', 'sizes' => '192x192', 'href' => str_replace('/l/','/192/', $i) ]);
}
if (! Config::Get('system','block_public_search')) {
Head::add_link([
'rel' => 'search',
'href' => z_root() . '/opensearch',
'type' => 'application/opensearchdescription+xml',
'title' => sprintf(t('Search %1$s (%2$s)', 'opensearch'),
System::get_site_name(),
App::get_hostname()),
]);
}
$x = [ 'header' => '' ];
/**
* @hooks build_pagehead
* Called when creating the HTML page header.
* * \e string \b header - Return the HTML header which should be added
*/
Hook::call('build_pagehead', $x);
/* put the head template at the beginning of page['htmlhead']
* since the code added by the modules frequently depends on it
* being first
*/
if (! isset(self::$page['htmlhead'])) {
self::$page['htmlhead'] = EMPTY_STR; // needed to silence warning
}
self::$page['htmlhead'] = replace_macros(Theme::get_template('head.tpl'),
[
'$preload_images' => $preload_images,
'$user_scalable' => $user_scalable,
'$query' => urlencode(self::$query_string),
'$baseurl' => self::get_baseurl(),
'$local_channel' => local_channel(),
'$metas' => self::$meta->get(),
'$plugins' => $x['header'],
'$update_interval' => $interval,
'$alerts_interval' => $alerts_interval,
'$head_css' => Head::get_css(),
'$head_js' => Head::get_js(),
'$linkrel' => Head::get_links(),
'$js_strings' => Stringsjs::strings(),
'$zid' => Channel::get_my_address(),
'$channel_id' => ((isset(self::$profile) && is_array(self::$profile) && array_key_exists('uid',self::$profile)) ? self::$profile['uid'] : '')
]
) . self::$page['htmlhead'];
// always put main.js at the end
self::$page['htmlhead'] .= Head::get_main_js();
}
/**
* @brief Register template engine class.
*
* If $name is "", is used class static property $class::$name.
*
* @param string $class
* @param string $name
*/
public static function register_template_engine($class, $name = '') {
if (! $name) {
$v = get_class_vars($class);
if (x($v, "name")) {
$name = $v['name'];
}
}
if (! $name) {
echo "template engine $class cannot be registered without a name.\n";
killme();
}
self::$template_engines[$name] = $class;
}
/**
* @brief Return template engine instance.
*
* If $name is not defined, return engine defined by theme, or default.
*
* @param string $name Template engine name
*
* @return mixed
* @noinspection PhpInconsistentReturnPointsInspection
*/
public static function template_engine($name = '') {
if ($name !== '') {
$template_engine = $name;
}
else {
$template_engine = 'smarty3';
if (x(self::$theme, 'template_engine')) {
$template_engine = self::$theme['template_engine'];
}
}
if (isset(self::$template_engines[$template_engine])) {
if (isset(self::$template_engine_instance[$template_engine])) {
return self::$template_engine_instance[$template_engine];
}
else {
$class = self::$template_engines[$template_engine];
$obj = new $class();
self::$template_engine_instance[$template_engine] = $obj;
return $obj;
}
}
// If we fell through to this step, it is considered fatal.
echo "template engine $template_engine is not registered!\n";
killme();
}
/**
* @brief Returns the active template engine.
*
* @return string
*/
public static function get_template_engine() {
return self::$theme['template_engine'];
}
public static function set_template_engine($engine = 'smarty3') {
self::$theme['template_engine'] = $engine;
}
public static function get_template_ldelim($engine = 'smarty3') {
return self::$ldelim[$engine];
}
public static function get_template_rdelim($engine = 'smarty3') {
return self::$rdelim[$engine];
}
public static function head_set_icon($icon) {
self::$icon = $icon;
}
public static function head_get_icon() {
$icon = self::$icon;
if ($icon && ! strpos($icon,'://')) {
$icon = z_root() . $icon;
}
return $icon;
}
} // End App class
/**
* @brief Multipurpose function to check variable state.
*
* Usage: x($var) or x($array, 'key')
*
* returns false if variable/key is not set
* if variable is set, returns 1 if variable contains 'truthy' value, otherwise returns 0.
* e.g. x('') or x(0) returns 0;
*
* @param string|array $s variable to check
* @param string $k key inside the array to check
*
* @return bool|int
*/
function x($s, $k = null) {
if($k != null) {
if((is_array($s)) && (array_key_exists($k, $s))) {
if($s[$k])
return (int) 1;
return (int) 0;
}
return false;
}
else {
if(isset($s)) {
if($s) {
return (int) 1;
}
return (int) 0;
}
return false;
}
}
/**
* @brief Called from db initialisation if db is dead.
*
* @ref include/system_unavailable.php will handle everything further.
*/
function system_unavailable() {
include('include/system_unavailable.php');
system_down();
killme();
}
function clean_urls() {
// if(App::$config['system']['clean_urls'])
return true;
// return false;
}
function z_path() {
$base = z_root();
if(! clean_urls())
$base .= '/?req=';
return $base;
}
/**
* @brief Returns the baseurl.
*
* @see App::get_baseurl()
*
* @return string
*/
function z_root() {
return App::get_baseurl();
}
/**
* @brief Return absolute URL for given $path.
*
* @param string $path
*
* @return string
*/
function absurl($path) {
if (str_starts_with($path, '/')) {
return z_path() . $path;
}
return $path;
}
/**
* @brief Recursively delete a directory.
*
* @param string $path
* @return bool
*/
function rrmdir($path) {
if (is_dir($path) === true) {
$files = array_diff(scandir($path), ['.', '..']);
foreach ($files as $file) {
rrmdir(realpath($path) . '/' . $file);
}
return rmdir($path);
}
elseif (is_file($path) === true) {
return unlink($path);
}
return false;
}
/**
* @brief Function to check if request was an AJAX (xmlhttprequest) request.
*
* @return bool
*/
function is_ajax() {
return (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest');
}
function killme_if_ajax() {
if (is_ajax()) {
killme();
}
}
/**
* Primarily involved with database upgrade, but also sets the
* base url for use in cmdline programs which don't have
* $_SERVER variables, and synchronising the state of installed plugins.
*/
function check_config() {
$saved = get_config('system','urlverify');
if (! $saved) {
set_config('system','urlverify', bin2hex(z_root()));
}
if(($saved) && ($saved != bin2hex(z_root()))) {
// our URL changed. Do something.
$oldurl = hex2bin($saved);
logger('Baseurl changed!');
$oldhost = substr($oldurl, strpos($oldurl, '//') + 2);
$host = substr(z_root(), strpos(z_root(), '//') + 2);
$is_ip_addr = (bool)preg_match("/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/", $host);
$was_ip_addr = (bool)preg_match("/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/", $oldhost);
// only change the url to an ip address if it was already an ip and not a dns name
if((! $is_ip_addr) || ($is_ip_addr && $was_ip_addr)) {
fix_system_urls($oldurl,z_root());
set_config('system', 'urlverify', bin2hex(z_root()));
}
else
logger('Attempt to change baseurl from a DNS name to an IP address was refused.');
}
// This will actually set the url to the one stored in .htconfig, and ignore what
// we're passing - unless we are installing, and it has never been set.
App::set_baseurl(z_root());
// Ensure the site has a system channel and that it has been upgraded.
// This function will only do work if work is required.
Channel::create_system();
/** @noinspection PhpUnusedLocalVariableInspection */
$x = new DB_Upgrade(DB_UPDATE_VERSION);
Hook::load();
check_cron_broken();
// Ensure the site has a vapid (push-notification) keypair
$vapid = Config::Get('system','vapid');
if (!$vapid) {
$vapid = System::getVapidKey();
if ($vapid) {
Config::Set('system', 'vapid', $vapid);
}
}
}
function fix_system_urls($oldurl, $newurl) {
logger('fix_system_urls: renaming ' . $oldurl . ' to ' . $newurl);
// Basically a site rename, but this can happen if you change from http to https for instance - even if the site name didn't change
// This should fix URL changes on our site, but other sites will end up with orphan hublocs which they will try to contact and will
// cause wasted communications.
// What we need to do after fixing this up is to send a revocation of the old URL to every other site that we communicate with so
// that they can clean up their hubloc tables (this includes directories).
// It's a very expensive operation, so you don't want to have to do it often or after your site gets to be large.
$r = q("select xchan.*, hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_url like '%s' and hublod_deleted = 0",
dbesc($oldurl . '%')
);
if($r) {
foreach($r as $rv) {
$channel_address = substr($rv['hubloc_addr'],0,strpos($rv['hubloc_addr'],'@'));
// get the associated channel. If we don't have a local channel, do nothing for this entry.
$c = q("select * from channel where channel_hash = '%s' limit 1",
dbesc($rv['hubloc_hash'])
);
if(! $c)
continue;
$parsed = @parse_url($newurl);
if(! $parsed)
continue;
$newhost = $parsed['host'];
// sometimes parse_url returns unexpected results.
if(str_contains($newhost, '/'))
$newhost = substr($newhost,0,strpos($newhost,'/'));
$rhs = $newhost . (($parsed['port']) ? ':' . $parsed['port'] : '');
// paths aren't going to work. You have to be at the (sub)domain root
// . (($parsed['path']) ? $parsed['path'] : '');
// The xchan_url might point to another nomadic identity clone
$replace_xchan_url = str_contains($rv['xchan_url'], $oldurl);
q("update xchan set xchan_addr = '%s', xchan_url = '%s', xchan_connurl = '%s', xchan_follow = '%s', xchan_connpage = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_date = '%s' where xchan_hash = '%s'",
dbesc($channel_address . '@' . $rhs),
dbesc(($replace_xchan_url) ? str_replace($oldurl,$newurl,$rv['xchan_url']) : $rv['xchan_url']),
dbesc(str_replace($oldurl,$newurl,$rv['xchan_connurl'])),
dbesc(str_replace($oldurl,$newurl,$rv['xchan_follow'])),
dbesc(str_replace($oldurl,$newurl,$rv['xchan_connpage'])),
dbesc(str_replace($oldurl,$newurl,$rv['xchan_photo_l'])),
dbesc(str_replace($oldurl,$newurl,$rv['xchan_photo_m'])),
dbesc(str_replace($oldurl,$newurl,$rv['xchan_photo_s'])),
dbesc(datetime_convert()),
dbesc($rv['xchan_hash'])
);
q("update hubloc set hubloc_addr = '%s', hubloc_url = '%s', hubloc_id_url = '%s', hubloc_url_sig = '%s', hubloc_site_id = '%s', hubloc_host = '%s', hubloc_callback = '%s' where hubloc_hash = '%s' and hubloc_url = '%s'",
dbesc($channel_address . '@' . $rhs),
dbesc($newurl),
dbesc(str_replace($oldurl,$newurl,$rv['hubloc_id_url'])),
dbesc(Libzot::sign($newurl,$c[0]['channel_prvkey'])),
dbesc(Libzot::make_xchan_hash($newurl,Config::Get('system','pubkey'))),
dbesc($newhost),
dbesc($newurl . '/post'),
dbesc($rv['xchan_hash']),
dbesc($oldurl)
);
q("update profile set photo = '%s', thumb = '%s' where uid = %d",
dbesc(str_replace($oldurl,$newurl,$rv['xchan_photo_l'])),
dbesc(str_replace($oldurl,$newurl,$rv['xchan_photo_m'])),
intval($c[0]['channel_id'])
);
$m = q("select abook_id, abook_instance from abook where abook_instance like '%s' and abook_channel = %d",
dbesc('%' . $oldurl . '%'),
intval($c[0]['channel_id'])
);
if($m) {
foreach($m as $mm) {
q("update abook set abook_instance = '%s' where abook_id = %d",
dbesc(str_replace($oldurl,$newurl,$mm['abook_instance'])),
intval($mm['abook_id'])
);
}
}
Run::Summon( [ 'Notifier', 'refresh_all', $c[0]['channel_id'] ]);
}
}
// fix links in apps
$a = q("select id, app_url, app_photo from app where app_url like '%s' OR app_photo like '%s'",
dbesc('%' . $oldurl . '%'),
dbesc('%' . $oldurl . '%')
);
if($a) {
foreach($a as $aa) {
q("update app set app_url = '%s', app_photo = '%s' where id = %d",
dbesc(str_replace($oldurl,$newurl,$aa['app_url'])),
dbesc(str_replace($oldurl,$newurl,$aa['app_photo'])),
intval($aa['id'])
);
}
}
// now replace any remote xchans whose photos are stored locally (which will be most if not all remote xchans)
$r = q("select * from xchan where xchan_photo_l like '%s'",
dbesc($oldurl . '%')
);
if($r) {
foreach($r as $rv) {
$x = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s' where xchan_hash = '%s'",
dbesc(str_replace($oldurl,$newurl,$rv['xchan_photo_l'])),
dbesc(str_replace($oldurl,$newurl,$rv['xchan_photo_m'])),
dbesc(str_replace($oldurl,$newurl,$rv['xchan_photo_s'])),
dbesc($rv['xchan_hash'])
);
}
}
}
/**
* @brief Wrapper for adding a login box.
*
* If $register == true provide a registration link. This will most always depend
* on the value of App::$config['system']['register_policy'].
* Returns the complete html for inserting into the page
*
* @param bool $register (optional) default false
* @param string $form_id (optional) default \e main-login
* @param bool $hiddens (optional) default false
* @param bool $login_page (optional) default true
* @return string Parsed HTML code.
*/
function login($register = false, $form_id = 'main-login', $hiddens = false, $login_page = true) {
$o = '';
$reg = null;
// Here's the current description of how the register link works (2018-05-15)
// Register links are enabled on the site home page and login page and navbar.
// They are not shown by default on other pages which may require login.
// system.register_link can over-ride the default behaviour and redirect to an arbitrary
// webpage for paid/custom or organisational registrations, regardless of whether
// registration is allowed.
// system.register_link may or may not be the same destination as system.sellpage
// system.sellpage is the destination linked from the /pubsites page on other sites. If
// system.sellpage is not set, the 'register' link in /pubsites will go to 'register' on your
// site.
// If system.register_link is set to the word 'none', no registration link will be shown on
// your site.
// If the site supports SSL and this isn't a secure connection, reload the page using https
if ((empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === 'off') && str_contains(z_root(), 'https://')) {
goaway(z_root() . '/' . App::$query_string);
}
$register_policy = get_config('system','register_policy');
$reglink = get_config('system', 'register_link', z_root() . '/register');
if($reglink !== 'none') {
$reg = [
'title' => t('Create an account to access services and applications'),
'desc' => t('Register'),
'link' => $reglink
];
}
$dest_url = z_root() . '/' . App::$query_string;
if(local_channel()) {
$tpl = Theme::get_template('logout.tpl');
}
else {
$tpl = Theme::get_template('login.tpl');
if(strlen(App::$query_string))
$_SESSION['login_return_url'] = App::$query_string;
}
$o .= replace_macros($tpl, [
'$dest_url' => $dest_url,
'$login_page' => $login_page,
'$logout' => t('Logout'),
'$login' => t('Login'),
'$remote_login' => t('Remote Authentication'),
'$form_id' => $form_id,
'$lname' => [ 'username', t('Login/Email') , '', '' ],
'$lpassword' => [ 'password', t('Password'), '', '' ],
'$remember_me' => [ (($login_page) ? 'remember' : 'remember_me'), t('Remember me'), '', '', [ t('No'),t('Yes') ] ],
'$hiddens' => $hiddens,
'$register' => $reg,
'$lostpass' => t('Forgot your password?'),
'$lostlink' => t('Password Reset'),
]);
/**
* @hooks login_hook
* Called when generating the login form.
* * \e string with parsed HTML
*/
Hook::call('login_hook', $o);
return $o;
}
/**
* @brief Used to end the current process, after saving session state.
*/
function killme() {
register_shutdown_function('shutdown');
exit;
}
/**
* @brief Redirect to another URL and terminate this process.
*/
function goaway($s) {
header("Location: $s");
killme();
}
function shutdown() {
}
/**
* @brief Returns the entity id of locally logged in account or false.
*
* Returns numeric account_id if authenticated or false. It is possible to be
* authenticated and not connected to a channel.
*
* @return int|bool account_id or false
*/
function get_account_id() {
if(isset($_SESSION['account_id']) && intval($_SESSION['account_id']))
return intval($_SESSION['account_id']);
if(App::$account)
return intval(App::$account['account_id']);
return false;
}
/**
* @brief Returns the entity id (channel_id) of locally logged in channel or false.
*
* Returns authenticated numeric channel_id if authenticated and connected to
* a channel or 0. Sometimes referred to as $uid in the code.
*
* Before 2.1 this function was called local_user().
*
* @since 2.1
* @return int|bool channel_id or false
*/
function local_channel() {
if(session_id()
&& array_key_exists('authenticated',$_SESSION) && $_SESSION['authenticated']
&& array_key_exists('uid',$_SESSION) && intval($_SESSION['uid']))
return intval($_SESSION['uid']);
return false;
}
/**
* @brief Returns a xchan_hash (visitor_id) of remote authenticated visitor
* or false.
*
* Returns authenticated string hash of Red global identifier (xchan_hash), if
* authenticated via remote auth, or an empty string.
*
* Before 2.1 this function was called remote_user().
*
* @since 2.1
* @return string|bool visitor_id or false
*/
function remote_channel() {
if(session_id()
&& array_key_exists('authenticated',$_SESSION) && $_SESSION['authenticated']
&& array_key_exists('visitor_id',$_SESSION) && $_SESSION['visitor_id'])
return $_SESSION['visitor_id'];
return false;
}
function can_view_public_stream() {
if (! (intval(get_config('system','open_pubstream',0)))) {
if (! local_channel()) {
return false;
}
}
$public_stream_mode = intval(get_config('system','public_stream_mode',PUBLIC_STREAM_NONE));
return (bool)$public_stream_mode;
}
/**
* @brief Show an error or alert text on next page load.
*
* Contents of $s are displayed prominently on the page the next time
* a page is loaded. Usually used for errors or alerts.
*
* For informational text use info().
*
* @param string $s Text to display
*/
function notice($s) {
if (! session_id()) {
return;
}
if (! x($_SESSION, 'sysmsg')) {
$_SESSION['sysmsg'] = [];
}
// ignore duplicated error messages which haven't yet been displayed
// - typically seen as multiple 'permission denied' messages
// as a result of auto-reloading a protected page with &JS=1
if (in_array($s, $_SESSION['sysmsg'])) {
return;
}
if (App::$interactive) {
$_SESSION['sysmsg'][] = $s;
}
}
/**
* @brief Show an information text on next page load.
*
* Contents of $s are displayed prominently on the page the next time a page is
* loaded. Usually used for information.
*
* For error and alerts use notice().
*
* @param string $s Text to display
*/
function info($s) {
if (! session_id()) {
return;
}
if (! x($_SESSION, 'sysmsg_info')) {
$_SESSION['sysmsg_info'] = [];
}
if (in_array($s, $_SESSION['sysmsg_info'])) {
return;
}
if (App::$interactive) {
$_SESSION['sysmsg_info'][] = $s;
}
}
/**
* @brief Wrapper around config to limit the text length of an incoming message.
*
* @return int
*/
function get_max_import_size() {
return(intval(get_config('system', 'max_import_size')));
}
/**
* @brief Wrap calls to proc_close(proc_open()) and call hook
* so plugins can take part in process :)
*
* args:
* $cmd program to run
* next args are passed as $cmd command line
*
* e.g.:
* @code{.php}proc_run("ls", "-la", "/tmp");@endcode
*
* $cmd and string args are surrounded with ""
*/
function proc_run() {
$args = func_get_args();
if (! count($args))
return;
$args = flatten_array_recursive($args);
$arr = [
'args' => $args,
'run_cmd' => true
];
/**
* @hooks proc_run
* Called when invoking PHP sub processes.
* * \e array \b args
* * \e boolean \b run_cmd
*/
Hook::call('proc_run', $arr);
if (! $arr['run_cmd']) {
return;
}
if (count($args) > 1 && $args[0] === 'php') {
/** @noinspection PhpUnhandledExceptionInspection */
$php = check_php_cli();
if (! $php) {
return;
}
$args[0] = $php;
}
$args = array_map('escapeshellarg',$args);
$cmdline = implode(' ', $args);
exec($cmdline . ' > /dev/null &');
}
function check_php_cli() {
$cfg = (isset(App::$config['system']['php_path']))
? App::$config['system']['php_path']
: NULL;
if (isset($cfg) && is_executable($cfg)) {
return $cfg;
}
$path = shell_exec('which php');
if ($path && is_executable(trim($path))) {
return trim($path);
}
logger('PHP command line interpreter not found.');
/** @noinspection PhpUnhandledExceptionInspection */
throw new Exception('interpreter not found.');
}
/**
* @brief Check if current user has admin role.
*
* Check if the current user has ACCOUNT_ROLE_ADMIN.
*
* @return bool true if user is an admin
*/
function is_site_admin() {
if(! session_id())
return false;
if(isset($_SESSION['delegate']))
return false;
if(isset($_SESSION['authenticated']) && intval($_SESSION['authenticated'])) {
if (is_array(App::$account) && (App::$account['account_roles'] & ACCOUNT_ROLE_ADMIN)) {
return true;
}
// the system channel is by definition an administrator
if (isset(App::$sys_channel) && is_array(App::$sys_channel) && array_key_exists('channel_id', (array) App::$sys_channel) && intval(App::$sys_channel['channel_id']) === local_channel()) {
return true;
}
}
return false;
}
/**
* @brief Check if current user has developer role.
*
* Check if the current user has ACCOUNT_ROLE_DEVELOPER.
*
* @return bool true if user is a developer
*/
function is_developer() {
if(! session_id())
return false;
if(isset($_SESSION['authenticated'])
&& (intval($_SESSION['authenticated']))
&& (is_array(App::$account))
&& (App::$account['account_roles'] & ACCOUNT_ROLE_DEVELOPER))
return true;
return false;
}
function load_contact_links($uid) {
$ret = [];
if (! $uid || x(App::$contacts,'empty'))
return;
// logger('load_contact_links');
$r = q("SELECT abook_id, abook_flags, abook_self, abook_incl, abook_excl, xchan_hash, xchan_photo_m, xchan_name, xchan_url, xchan_addr, xchan_network, xchan_type from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d ",
intval($uid)
);
if ($r) {
foreach ($r as $rv) {
$ret[$rv['xchan_hash']] = $rv;
}
}
else {
$ret['empty'] = true;
}
App::$contacts = $ret;
}
/**
* @brief Returns querystring as string from a mapped array.
*
* @param array $params mapped array with query parameters
* @param string $name of parameter, default null
*
* @return string
*/
function build_querystring($params, $name = null) {
$ret = '';
foreach($params as $key => $val) {
if(is_array($val)) {
if($name === null) {
$ret .= build_querystring($val, $key);
} else {
$ret .= build_querystring($val, $name . "[$key]");
}
} else {
$val = urlencode($val);
if($name != null) {
$ret .= $name . "[$key]" . "=$val&";
} else {
$ret .= "$key=$val&";
}
}
}
return $ret;
}
/**
* @brief Much better way of dealing with c-style args.
*/
function argc() {
return App::$argc;
}
function argv($x) {
if(array_key_exists($x,App::$argv))
return App::$argv[$x];
return '';
}
/**
* @brief Returns xchan_hash from the observer.
*
* Observer can be a local or remote channel.
*
* @return string xchan_hash from observer, otherwise empty string if no observer
*/
function get_observer_hash() {
$observer = App::get_observer();
if (is_array($observer)) {
return $observer['xchan_hash'];
}
return '';
}
/**
* @brief Returns the complete URL of the current page, e.g.: http(s)://something.com/network
*
* Taken from http://webcheatsheet.com/php/get_current_page_url.php
*
* @return string
*/
function curPageURL() {
$pageURL = 'http';
if ($_SERVER["HTTPS"] == "on") {
$pageURL .= "s";
}
$pageURL .= "://";
if ($_SERVER["SERVER_PORT"] != "80" && $_SERVER["SERVER_PORT"] != "443") {
$pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
} else {
$pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
}
return $pageURL;
}
/**
* @brief Returns a custom navigation by name???
*
* If no $navname provided load default page['nav']
*
* @todo not fully implemented yet
*
* @param string $navname
*
* @return mixed
*/
function get_custom_nav($navname) {
if (! $navname)
return App::$page['nav'];
// load custom nav menu by name here
return EMPTY_STR;
}
/**
* @brief Loads a page definition file for a module.
*
* If there is no parsed Comanche template already load a module's pdl file
* and parse it with Comanche.
*
*/
function load_pdl() {
App::$comanche = new Comanche();
if (! count(App::$layout)) {
$arr = [
'module' => App::$module,
'layout' => ''
];
/**
* @hooks load_pdl
* Called when we load a PDL file or description.
* * \e string \b module
* * \e string \b layout
*/
Hook::call('load_pdl', $arr);
$layout = $arr['layout'];
$n = 'mod_' . App::$module . '.pdl' ;
$u = App::$comanche->get_channel_id();
if($u)
$s = get_pconfig($u, 'system', $n);
if(! (isset($s) && $s))
$s = $layout;
if((! $s) && (($p = Theme::include($n)) != ''))
$s = @file_get_contents($p);
elseif(file_exists('addon/'. App::$module . '/' . $n))
$s = @file_get_contents('addon/'. App::$module . '/' . $n);
$arr = [
'module' => App::$module,
'layout' => $s
];
Hook::call('alter_pdl',$arr);
$s = $arr['layout'];
if($s) {
App::$comanche->parse($s);
App::$pdl = $s;
}
}
}
function exec_pdl() {
if(App::$pdl) {
App::$comanche->parse(App::$pdl,1);
}
}
/**
* @brief build the page.
*
* Build the page - now that we have all the components
*
*/
function construct_page() {
Hook::call('page_end', App::$page['content']);
exec_pdl();
$comanche = isset(App::$layout) && is_array(App::$layout) && count(App::$layout);
require_once(Theme::include('theme_init.php'));
$installing = false;
$uid = ((App::$profile_uid) ?: local_channel());
$navbar = get_config('system','navbar','default');
if($uid) {
$navbar = get_pconfig($uid,'system','navbar',$navbar);
}
if($comanche && isset(App::$layout['navbar'])) {
$navbar = App::$layout['navbar'];
}
if (App::$module == 'setup') {
$installing = true;
}
else {
Navbar::render($navbar);
}
$current_theme = Theme::current();
if (($p = Theme::include($current_theme[0] . '.js')) != '')
Head::add_js('/' . $p);
if (($p = Theme::include('mod_' . App::$module . '.php')) != '')
require_once($p);
if (isset(App::$page['template_style']))
Head::add_css(App::$page['template_style'] . '.css');
else
Head::add_css(((isset(App::$page['template'])) ? App::$page['template'] : 'default' ) . '.css');
if (($p = Theme::include('mod_' . App::$module . '.css')) != '')
Head::add_css('mod_' . App::$module . '.css');
Head::add_css(Theme::url($installing));
if (($p = Theme::include('mod_' . App::$module . '.js')) != '')
Head::add_js('mod_' . App::$module . '.js');
App::build_pagehead();
if (isset(App::$page['pdl_content']) && App::$page['pdl_content']) {
App::$page['content'] = App::$comanche->region(App::$page['content']);
}
// Let's say we have a comanche declaration '[region=nav][/region][region=content]$nav $content[/region]'.
// The text 'region=' identifies a section of the layout by that name. So what we want to do here is leave
// App::$page['nav'] empty and put the default content from App::$page['nav'] and App::$page['section']
// into a new region called App::$data['content']. It is presumed that the chosen layout file for this comanche page
// has a '' element instead of a ''.
// This way the Comanche layout can include any existing content, alter the layout by adding stuff around it or changing the
// layout completely with a new layout definition, or replace/remove existing content.
if ($comanche) {
$arr = [
'module' => App::$module,
'layout' => App::$layout
];
/**
* @hooks construct_page
* General purpose hook to provide content to certain page regions.
* Called when constructing the Comanche page.
* * \e string \b module
* * \e string \b layout
*/
Hook::call('construct_page', $arr);
App::$layout = ((isset($arr['layout']) && is_array($arr['layout'])) ? $arr['layout'] : []);
foreach(App::$layout as $k => $v) {
if((str_starts_with($k, 'region_')) && strlen($v)) {
if(str_contains($v, '$region_')) {
$v = preg_replace_callback('/\$region_([a-zA-Z0-9]+)/ism', [App::$comanche,'replace_region'], $v);
}
// And a couple of convenience macros
if(str_contains($v, '$htmlhead')) {
$v = str_replace('$htmlhead', App::$page['htmlhead'], $v);
}
if(str_contains($v, '$nav')) {
$v = str_replace('$nav', App::$page['nav'], $v);
}
if(str_contains($v, '$content')) {
$v = str_replace('$content', App::$page['content'], $v);
}
App::$page[substr($k, 7)] = $v;
}
}
}
$page = App::$page;
$profile = App::$profile;
// There's some experimental support for right-to-left text in the view/php/default.php page template.
// There is a direction preference in the per language strings.php file
// This requires somebody with fluency in RTL languages to make happen
$page['direction'] = (bool) App::$rtl;
header("Content-type: text/html; charset=utf-8");
// security headers - see https://securityheaders.io
if (App::get_scheme() === 'https' && isset(App::$config['system']['transport_security_header']) && App::$config['system']['transport_security_header']) {
header("Strict-Transport-Security: max-age=31536000");
}
if (isset(App::$config['system']['content_security_policy']) && App::$config['system']['content_security_policy']) {
$cspsettings = [
'script-src' => ["'self'","'unsafe-inline'","'unsafe-eval'"],
'style-src' => ["'self'","'unsafe-inline'"]
];
Hook::call('content_security_policy',$cspsettings);
// Legitimate CSP directives (cxref: https://content-security-policy.com/)
$validcspdirectives= [
"default-src", "script-src", "style-src",
"img-src", "connect-src", "font-src",
"object-src", "media-src", 'frame-src',
'sandbox', 'report-uri', 'child-src',
'form-action', 'frame-ancestors', 'plugin-types'
];
$cspheader = "Content-Security-Policy:";
foreach ($cspsettings as $cspdirective => $csp) {
if (! in_array($cspdirective,$validcspdirectives)) {
logger("INVALID CSP DIRECTIVE: ".$cspdirective,LOGGER_DEBUG);
continue;
}
$cspsettingsarray = array_unique($csp);
$cspsetpolicy = implode(' ',$cspsettingsarray);
if ($cspsetpolicy) {
$cspheader .= " $cspdirective $cspsetpolicy;";
}
}
header($cspheader);
}
if (isset(App::$config['system']['x_security_headers']) && App::$config['system']['x-security_headers']) {
header("X-Frame-Options: SAMEORIGIN");
header("X-Xss-Protection: 1; mode=block;");
header("X-Content-Type-Options: nosniff");
}
if (isset(App::$config['system']['perm_policy_header']) && App::$config['system']['perm_policy_header']) {
header("Permissions-Policy: " . App::$config['system']['perm_policy_header']);
}
else {
// opt-out this site from federated browser surveillance
header("Permissions-Policy: interest-cohort=()");
}
if (isset(App::$config['system']['public_key_pins']) && App::$config['system']['public_key_pins']) {
header("Public-Key-Pins: " . App::$config['system']['public_key_pins']);
}
require_once(Theme::include(
((isset(App::$page['template']) && App::$page['template']) ? App::$page['template'] : 'default' ) . '.php' )
);
}
/**
* @brief Set a pageicon.
*
* @param string $icon
*/
function head_set_icon($icon) {
App::$icon = $icon;
}
/**
* @brief Get the pageicon.
*
* @return string absolute path to pageicon
*/
function head_get_icon() {
$icon = ((App::$icon) ?: EMPTY_STR);
if($icon && ! strpos($icon, '://'))
$icon = z_root() . $icon;
return $icon;
}
/**
* @brief Check if server certificate is valid.
*
* Notify admin if not.
*/
function z_check_cert() {
if(str_contains(z_root(), 'https://')) {
$x = Url::get(z_root() . '/api/z/1.0/version');
if(! $x['success']) {
$y = Url::get(z_root() . '/api/z/1.0/version', ['novalidate' => true]);
if($y['success'])
cert_bad_email();
}
}
}
/**
* @brief Send email to admin if server has an invalid certificate.
*
* If a hub is available over https it must have a publicly valid certificate.
*/
function cert_bad_email() {
return z_mail(
[
'toEmail' => App::$config['system']['admin_email'],
'messageSubject' => sprintf(t('[$Projectname] Website SSL error for %s'), App::get_hostname()),
'textVersion' => replace_macros(Theme::get_email_template('cert_bad_eml.tpl'),
[
'$sitename' => App::$config['system']['sitename'],
'$siteurl' => z_root(),
'$error' => t('Website SSL certificate is not valid. Please correct.')
]
)
]
);
}
/**
* @brief Send warnings every 3-5 days if cron is not running.
*/
function check_cron_broken() {
$d = get_config('system', 'lastcron');
if((! $d) || ($d < datetime_convert(datetime: 'now - 4 hours'))) {
Run::Summon( [ 'Cron' ] );
set_config('system', 'lastcron', datetime_convert());
}
$t = get_config('system', 'lastcroncheck');
if(! $t) {
// never checked before. Start the timer.
set_config('system', 'lastcroncheck', datetime_convert());
return true;
}
if($t > datetime_convert(datetime: 'now - 3 days')) {
// Wait for 3 days before we do anything so as not to swamp the admin with messages
return true;
}
set_config('system', 'lastcroncheck', datetime_convert());
if(($d) && ($d > datetime_convert(datetime: 'now - 3 days'))) {
// Scheduled tasks have run successfully in the last 3 days.
return true;
}
return z_mail(
[
'toEmail' => App::$config['system']['admin_email'],
'messageSubject' => sprintf(t('[$Projectname] Cron tasks not running on %s'), App::get_hostname()),
'textVersion' => replace_macros(Theme::get_email_template('cron_bad_eml.tpl'),
[
'$sitename' => App::$config['system']['sitename'],
'$siteurl' => z_root(),
'$error' => t('Cron/Scheduled tasks not running.'),
'$lastdate' => (($d)?: t('never'))
]
)
]
);
}
function get_safemode() {
if (! array_key_exists('safemode', $_SESSION)) {
$_SESSION['safemode'] = 1;
}
return intval($_SESSION['safemode']);
}
function supported_imagetype($x) {
return in_array($x, [ IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_PNG, IMAGETYPE_WEBP ]);
}
function get_host() {
if ($host = ((isset($_SERVER['HTTP_X_FORWARDED_HOST']) && $_SERVER['HTTP_X_FORWARDED_HOST']) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : EMPTY_STR)) {
$elements = explode(',', $host);
$host = trim(end($elements));
}
else {
if (! $host = ((isset($_SERVER['HTTP_HOST']) && $_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : EMPTY_STR)) {
if (! $host = ((isset($_SERVER['SERVER_NAME']) && $_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : EMPTY_STR)) {
$host = ((isset($_SERVER['SERVER_ADDR']) && $_SERVER['SERVER_ADDR']) ? $_SERVER['SERVER_ADDR'] : '');
}
}
}
// Remove port number from host
if (str_contains($host, ':')) {
$host = substr($host,0,strpos($host,':'));
}
return trim($host);
}
function get_loadtime($module) {
$n = 'loadtime_' . $module;
if (isset($_SESSION[$n])) {
return $_SESSION[$n];
}
if (local_channel()) {
$x = PConfig::Get(local_channel(),'system', $n);
if ($x) {
return ($x);
}
}
return datetime_convert();
}