updateConfigCreateDate(); } // On mismatch of settings file to system, rename to .old and reload If ($ICEcoderUserSettings["versionNo"] != $ICEcoderSettings["versionNo"]) { rename(dirname(__FILE__) . "/../data/" . $settingsFile, dirname(__FILE__) . "/../data/" . str_replace(".php", ".old", $settingsFile)); header("Location: settings.php"); echo ""; die('Found old settings file, reloading...'); } // Join ICEcoder settings and user settings together to make our final ICEcoder array $ICEcoder = $ICEcoderSettings + $ICEcoderUserSettings; // Include language file // Load base first as foundation include dirname(__FILE__) . "/../lang/" . basename($ICEcoder['languageBase']); $baseText = $text; // Load chosen language ontop to replace base include dirname(__FILE__) . "/../lang/" . basename($ICEcoder['languageUser']); $text = array_replace_recursive($baseText, $text); $_SESSION['text'] = $text; // Login not required or we're in demo mode and have password set in our settings, log us straight in if ((false === $ICEcoder['loginRequired'] || true === $ICEcoder['demoMode']) && "" !== $ICEcoder['password']) { $_SESSION['loggedIn'] = true; }; $demoMode = $ICEcoder['demoMode']; // Update this config file? include dirname(__FILE__) . "/settings-update.php"; // Set loggedIn and username to false if not set as yet if (false === isset($_SESSION['loggedIn'])) {$_SESSION['loggedIn'] = false;}; if (false === isset($_SESSION['username'])) {$_SESSION['username'] = "";}; // Attempt a login with password if (true === isset($_POST['submit']) && "login" === $setPWorLogin) { // On success, set username if multiUser, loggedIn to true and redirect if (verifyHash($_POST['password'], $ICEcoder["password"]) === $ICEcoder["password"]) { session_regenerate_id(); if ($ICEcoder["multiUser"]) { $_SESSION['username'] = $_POST['username']; } $_SESSION['loggedIn'] = true; $extraProcesses = new ExtraProcesses(); $extraProcesses->onUserLogin($_SESSION['username'] ?? ""); header('Location: ../'); echo ""; die('Logging you in...'); } else { $extraProcesses = new ExtraProcesses(); $extraProcesses->onUserLoginFail($_SESSION['username'] ?? ""); } }; // Re-establish our loggedIn state and username $_SESSION['loggedIn'] = $_SESSION['loggedIn']; $_SESSION['username'] = $_SESSION['username']; // Define the serverType, docRoot & iceRoot $serverType = stristr($_SERVER['SERVER_SOFTWARE'], "win") ? "Windows" : "Linux"; $docRoot = rtrim(str_replace("\\", "/", $ICEcoder['docRoot'])); $iceRoot = rtrim(str_replace("\\", "/", $ICEcoder["root"])); if ($_SESSION['loggedIn'] && "index.php" === basename($_SERVER['SCRIPT_NAME'])) { echo ""; } // Establish the dir ICEcoders running from $ICEcoderDirFullPath = rtrim(str_replace("\\", "/", dirname($_SERVER['SCRIPT_FILENAME'])), "/lib"); $rootPrefix = '/' . str_replace("/", "\/", preg_quote(str_replace("\\", "/", $docRoot))) . '/'; $ICEcoderDir = preg_replace($rootPrefix, '', $ICEcoderDirFullPath, 1); // Setup our file security vars $settingsArray = array("findFilesExclude", "bannedFiles", "allowedIPs"); for ($i = 0; $i < count($settingsArray); $i++) { if (false === isset($_SESSION[$settingsArray[$i]])) { $_SESSION[$settingsArray[$i]] = $ICEcoder[$settingsArray[$i]]; } } // Check IP permissions if (false === in_array(getUserIP(), $_SESSION['allowedIPs']) && false === in_array("*", $_SESSION['allowedIPs'])) { header('Location: /'); $reqsPassed = false; $reqsFailures = ["systemIPRestriction"]; include(dirname(__FILE__) . "/requirements.php"); exit; }; // Establish any FTP site to use if (true === isset($_SESSION['ftpSiteRef']) && false !== $_SESSION['ftpSiteRef']) { $ftpSiteArray = $ICEcoder['ftpSites'][$_SESSION['ftpSiteRef']]; $ftpSite = $ftpSiteArray['site']; // FTP site domain, eg http://yourdomain.com $ftpHost = $ftpSiteArray['host']; // FTP host, eg ftp.yourdomain.com $ftpUser = $ftpSiteArray['user']; // FTP username $ftpPass = $ftpSiteArray['pass']; // FTP password $ftpPasv = $ftpSiteArray['pasv']; // FTP account requires PASV mode? $ftpMode = $ftpSiteArray['mode'] == "FTP_ASCII" ? FTP_ASCII : FTP_BINARY; // FTP transfer mode, FTP_ASCII or FTP_BINARY $ftpRoot = $ftpSiteArray['root']; // FTP root dir to use as base, eg /htdocs } // Save currently opened files in previousFiles and last10Files arrays include(dirname(__FILE__) . "/settings-save-current-files.php"); // Display the plugins include(dirname(__FILE__) . "/plugins-display.php"); // If loggedIn is false or we don't have a password set yet and we're not on login screen, boot user to that if (false === isset($_POST['password']) && (!$_SESSION['loggedIn'] || "" === $ICEcoder["password"]) && false === strpos($_SERVER['SCRIPT_NAME'], "lib/login.php")) { if (file_exists('lib/login.php')) { header('Location: ' . rtrim($_SERVER['REQUEST_URI'], "/") . '/lib/login.php'); echo ""; } else { header('Location: login.php'); echo ""; } die('Redirecting to login...'); // If we are on the login screen and not logged in } elseif (!$_SESSION['loggedIn']) { // If the password hasn't been set and we're setting it if ("" === $ICEcoder["password"] && true === isset($_POST['submit']) && -1 < strpos($_POST['submit'],"set password")) { $password = str_replace("\$", "\\$", generateHash($_POST['password'])); $settingsClass->updatePasswordCheckUpdates(); $settingsClass->createIPSettingsFileIfNotExist(); $settingsClass->disableFurtherRegistration(); // Set the session user level if ($ICEcoder["multiUser"]) { $_SESSION['username'] = $_POST['username']; } $_SESSION['loggedIn'] = true; $extraProcesses = new ExtraProcesses(); $extraProcesses->onUserNew($_SESSION['username'] ?? ""); // Finally, load again as now this file has changed and auto login header('Location: ../'); echo ""; die('Logging you in...'); } // =================================================== // We're likely showing the login screen at this point // =================================================== } elseif ($ICEcoder['loginRequired'] && $_SESSION['loggedIn'] && "" === $ICEcoder["password"]) { header("Location: ../?logout"); echo ""; die('Logging you out...'); } else { // ================================== // Continue with whatever we're doing // ================================== }