[ Index ]

PHP Cross Reference of Documentation Magento

title

Body

[close]

/ -> get.php (source)

   1  <?php
   2  
   3  /**
   4   * Magento
   5   *
   6   * NOTICE OF LICENSE
   7   *
   8   * This source file is subject to the Open Software License (OSL 3.0)
   9   * that is bundled with this package in the file LICENSE.txt.
  10   * It is also available through the world-wide-web at this URL:
  11   * http://opensource.org/licenses/osl-3.0.php
  12   * If you did not receive a copy of the license and are unable to
  13   * obtain it through the world-wide-web, please send an email
  14   * to license@magentocommerce.com so we can send you a copy immediately.
  15   *
  16   * DISCLAIMER
  17   *
  18   * Do not edit or add to this file if you wish to upgrade Magento to newer
  19   * versions in the future. If you wish to customize Magento for your
  20   * needs please refer to http://www.magentocommerce.com for more information.
  21   *
  22   * @category   Mage
  23   * @package    Mage
  24   * @copyright  Copyright (c) 2008 Irubin Consulting Inc. DBA Varien (http://www.varien.com)
  25   * @license    http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
  26   */
  27  if (version_compare(phpversion(), '5.2.0', '<')===true) {
  28      echo  '<div style="font:12px/1.35em arial, helvetica, sans-serif;"><div style="margin:0 0 25px 0; '
  29          . 'border-bottom:1px solid #ccc;"><h3 style="margin:0; font-size:1.7em; font-weight:normal; '
  30          . 'text-transform:none; text-align:left; color:#2f2f2f;">Whoops, it looks like you have an invalid PHP version.'
  31          . '</h3></div><p>Magento supports PHP 5.2.0 or newer. <a href="http://www.magentocommerce.com/install" '
  32          . 'target="">Find out</a> how to install</a> Magento using PHP-CGI as a work-around.</p></div>';
  33      exit;
  34  }
  35  $start = microtime(true);
  36  /**
  37   * Error reporting
  38   */
  39  error_reporting(E_ALL | E_STRICT);
  40  ini_set('display_errors', 1);
  41  
  42  $ds = DIRECTORY_SEPARATOR;
  43  $ps = PATH_SEPARATOR;
  44  $bp = dirname(__FILE__);
  45  
  46  /**
  47   * Set include path
  48   */
  49  
  50  $paths[] = $bp . $ds . 'app' . $ds . 'code' . $ds . 'local';
  51  $paths[] = $bp . $ds . 'app' . $ds . 'code' . $ds . 'community';
  52  $paths[] = $bp . $ds . 'app' . $ds . 'code' . $ds . 'core';
  53  $paths[] = $bp . $ds . 'lib';
  54  
  55  $appPath = implode($ps, $paths);
  56  set_include_path($appPath . $ps . get_include_path());
  57  
  58  include_once 'Mage/Core/functions.php';
  59  include_once 'Varien/Autoload.php';
  60  
  61  Varien_Autoload::register();
  62  
  63  $varDirectory = $bp . $ds . Mage_Core_Model_Config_Options::VAR_DIRECTORY;
  64  
  65  $configCacheFile = $varDirectory . $ds . 'resource_config.json';
  66  
  67  $mediaDirectory = null;
  68  $allowedResources = array();
  69  
  70  if (file_exists($configCacheFile) && is_readable($configCacheFile)) {
  71      $config = json_decode(file_get_contents($configCacheFile), true);
  72  
  73      //checking update time
  74      if (filemtime($configCacheFile) + $config['update_time'] > time()) {
  75          $mediaDirectory = trim(str_replace($bp . $ds, '', $config['media_directory']), $ds);
  76          $allowedResources = array_merge($allowedResources, $config['allowed_resources']);
  77      }
  78  }
  79  
  80  $request = new Zend_Controller_Request_Http();
  81  
  82  $pathInfo = str_replace('..', '', ltrim($request->getPathInfo(), '/'));
  83  
  84  $filePath = str_replace('/', $ds, rtrim($bp, $ds) . $ds . $pathInfo);
  85  
  86  if ($mediaDirectory) {
  87      if (0 !== stripos($pathInfo, $mediaDirectory . '/') || is_dir($filePath)) {
  88          sendNotFoundPage();
  89      }
  90  
  91      $relativeFilename = str_replace($mediaDirectory . '/', '', $pathInfo);
  92      checkResource($relativeFilename, $allowedResources);
  93      sendFile($filePath);
  94  }
  95  
  96  $mageFilename = 'app/Mage.php';
  97  
  98  if (!file_exists($mageFilename)) {
  99      echo $mageFilename . ' was not found';
 100  }
 101  
 102  require_once $mageFilename;
 103  
 104  umask(0);
 105  
 106  /* Store or website code */
 107  $mageRunCode = isset($_SERVER['MAGE_RUN_CODE']) ? $_SERVER['MAGE_RUN_CODE'] : '';
 108  
 109  /* Run store or run website */
 110  $mageRunType = isset($_SERVER['MAGE_RUN_TYPE']) ? $_SERVER['MAGE_RUN_TYPE'] : 'store';
 111  
 112  if (empty($mediaDirectory)) {
 113      Mage::init($mageRunCode, $mageRunType);
 114  } else {
 115      Mage::init(
 116          $mageRunCode,
 117          $mageRunType,
 118          array('cache' => array('disallow_save' => true)),
 119          array('Mage_Core')
 120      );
 121  }
 122  
 123  if (!$mediaDirectory) {
 124      $config = Mage_Core_Model_File_Storage::getScriptConfig();
 125      $mediaDirectory = str_replace($bp . $ds, '', $config['media_directory']);
 126      $allowedResources = array_merge($allowedResources, $config['allowed_resources']);
 127  
 128      $relativeFilename = str_replace($mediaDirectory . '/', '', $pathInfo);
 129  
 130      $fp = fopen($configCacheFile, 'w');
 131      if (flock($fp, LOCK_EX | LOCK_NB)) {
 132          ftruncate($fp, 0);
 133          fwrite($fp, json_encode($config));
 134      }
 135      flock($fp, LOCK_UN);
 136      fclose($fp);
 137  
 138      checkResource($relativeFilename, $allowedResources);
 139  }
 140  
 141  if (0 !== stripos($pathInfo, $mediaDirectory . '/')) {
 142      sendNotFoundPage();
 143  }
 144  
 145  try {
 146      $databaseFileSotrage = Mage::getModel('core/file_storage_database');
 147      $databaseFileSotrage->loadByFilename($relativeFilename);
 148  } catch (Exception $e) {
 149  }
 150  if ($databaseFileSotrage->getId()) {
 151      $directory = dirname($filePath);
 152      if (!is_dir($directory)) {
 153          mkdir($directory, 0777, true);
 154      }
 155  
 156      $fp = fopen($filePath, 'w');
 157      if (flock($fp, LOCK_EX | LOCK_NB)) {
 158          ftruncate($fp, 0);
 159          fwrite($fp, $databaseFileSotrage->getContent());
 160      }
 161      flock($fp, LOCK_UN);
 162      fclose($fp);
 163  }
 164  
 165  sendFile($filePath);
 166  sendNotFoundPage();
 167  
 168  /**
 169   * Send 404
 170   */
 171  function sendNotFoundPage()
 172  {
 173      header('HTTP/1.0 404 Not Found');
 174      exit;
 175  }
 176  
 177  /**
 178   * Check resource by whitelist
 179   *
 180   * @param string $resource
 181   * @param array $allowedResources
 182   */
 183  function checkResource($resource, array $allowedResources)
 184  {
 185      $isResourceAllowed = false;
 186      foreach ($allowedResources as $allowedResource) {
 187          if (0 === stripos($resource, $allowedResource)) {
 188              $isResourceAllowed = true;
 189          }
 190      }
 191  
 192      if (!$isResourceAllowed) {
 193          sendNotFoundPage();
 194      }
 195  }
 196  /**
 197   * Send file to browser
 198   *
 199   * @param string $file
 200   */
 201  function sendFile($file)
 202  {
 203      if (file_exists($file) || is_readable($file)) {
 204          $transfer = new Varien_File_Transfer_Adapter_Http();
 205          $transfer->send($file);
 206          exit;
 207      }
 208  }


Développement Magento e-commerce Montréal
Generated: Thu Feb 21 16:42:07 2013 Cross-referenced by PHPXref 0.7.1