index.php 17 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434
  1. <?php
  2. // This Source Code Form is subject to the terms of the Mozilla Public
  3. // License, v. 2.0. If a copy of the MPL was not distributed with this
  4. // file, You can obtain one at http://mozilla.org/MPL/2.0/.
  5. // == | Setup | =======================================================================================================
  6. // Enable Error Reporting
  7. error_reporting(E_ALL);
  8. ini_set("display_errors", "on");
  9. ini_set('html_errors', false);
  10. // This has to be defined using the function at runtime because it is based
  11. // on a variable. However, constants defined with the language construct
  12. // can use this constant by some strange voodoo. Keep an eye on this.
  13. // NOTE: DOCUMENT_ROOT does NOT have a trailing slash.
  14. define('ROOT_PATH', $_SERVER['DOCUMENT_ROOT']);
  15. // Debug flag
  16. define('DEBUG_MODE', $_GET['debug'] ?? null);
  17. // Define basic constants for the software
  18. const SOFTWARE_NAME = 'Phoebus';
  19. const SOFTWARE_VERSION = '2.3.1-binoc';
  20. const DATASTORE_RELPATH = '/datastore/';
  21. const OBJ_RELPATH = '/.obj/';
  22. const BASE_RELPATH = '/base/';
  23. const COMPONENTS_RELPATH = '/components/';
  24. const DATABASES_RELPATH = '/databases/';
  25. const MODULES_RELPATH = '/modules/';
  26. const LIB_RELPATH = '/libraries/';
  27. const SPECIAL_SKIN_PATH = ROOT_PATH . '/base/skin/default/';
  28. // Define components
  29. const COMPONENTS = array(
  30. 'aus' => ROOT_PATH . COMPONENTS_RELPATH . 'api/addonUpdateService.php',
  31. 'discover' => ROOT_PATH . COMPONENTS_RELPATH . 'discover/discoverPane.php',
  32. 'download' => ROOT_PATH . BASE_RELPATH . 'addonDownload.php',
  33. 'integration' => ROOT_PATH . COMPONENTS_RELPATH . 'api/amIntegration.php',
  34. 'panel' => ROOT_PATH . COMPONENTS_RELPATH . 'panel/phoebusPanel.php',
  35. 'site' => ROOT_PATH . BASE_RELPATH . 'addonSite.php',
  36. 'special' => ROOT_PATH . BASE_RELPATH . 'specialComponent.php'
  37. );
  38. // Define modules
  39. const MODULES = array(
  40. 'account' => ROOT_PATH . MODULES_RELPATH . 'classAccount.php',
  41. 'database' => ROOT_PATH . MODULES_RELPATH . 'classDatabase.php',
  42. 'generateContent' => ROOT_PATH . MODULES_RELPATH . 'classGenerateContent.php',
  43. 'log' => ROOT_PATH . MODULES_RELPATH . 'classLog.php',
  44. 'mozillaRDF' => ROOT_PATH . MODULES_RELPATH . 'classMozillaRDF.php',
  45. 'persona' => ROOT_PATH . MODULES_RELPATH . 'classPersona.php',
  46. 'readManifest' => ROOT_PATH . MODULES_RELPATH . 'classReadManifest.php',
  47. 'writeManifest' => ROOT_PATH . MODULES_RELPATH . 'classWriteManifest.php',
  48. 'vc' => ROOT_PATH . MODULES_RELPATH . 'nsIVersionComparator.php',
  49. );
  50. // Define databases
  51. const DATABASES = array(
  52. 'emailBlacklist' => ROOT_PATH . DATABASES_RELPATH . 'emailBlacklist.php',
  53. 'searchPlugins' => ROOT_PATH . DATABASES_RELPATH . 'searchPlugins.php',
  54. );
  55. // Define libraries
  56. const LIBRARIES = array(
  57. 'smarty' => ROOT_PATH . LIB_RELPATH . 'smarty/libs/Smarty.class.php',
  58. 'safeMySQL' => ROOT_PATH . LIB_RELPATH . 'safemysql/safemysql.class.php',
  59. 'rdfParser' => ROOT_PATH . LIB_RELPATH . 'librdf/rdf_parser.php',
  60. );
  61. // Define the target applications that the site will accommodate with
  62. // the enabled site features
  63. const TARGET_APPLICATION_SITE = array(
  64. 'palemoon' => array(
  65. 'enabled' => false,
  66. 'oldVersion' => '28.0.0',
  67. 'name' => 'Pale Moon - Add-ons for 29 and older',
  68. 'domain' => array('live' => 'addons-legacy.palemoon.org', 'dev' => null),
  69. 'features' => array('https', 'extensions', 'extensions-cat', 'themes',
  70. 'personas', 'language-packs', 'search-plugins')
  71. ),
  72. 'basilisk' => array(
  73. 'enabled' => false,
  74. 'oldVersion' => '20210427',
  75. 'name' => 'Basilisk: add-ons',
  76. 'domain' => array('live' => 'addons.basilisk-browser.org', 'dev' => null),
  77. 'features' => array('https', 'extensions', 'themes', 'personas', 'search-plugins')
  78. ),
  79. 'ambassador' => array(
  80. 'enabled' => false,
  81. 'oldVersion' => '0.1',
  82. 'name' => 'Add-ons - Ambassador',
  83. 'domain' => array('live' => 'ab-addons.thereisonlyxul.org', 'dev' => null),
  84. 'features' => array('extensions', 'themes', 'disable-xpinstall')
  85. ),
  86. 'borealis' => array(
  87. 'enabled' => false,
  88. 'oldVersion' => '0.1',
  89. 'name' => 'Borealis Add-ons - Binary Outcast',
  90. 'domain' => array('live' => 'borealis-addons.binaryoutcast.com', 'dev' => null),
  91. 'features' => array('https', 'extensions', 'themes', 'search-plugins')
  92. ),
  93. 'interlink' => array(
  94. 'enabled' => true,
  95. 'oldVersion' => '0.1',
  96. 'name' => 'Interlink Add-ons - Binary Outcast',
  97. 'domain' => array('live' => 'interlink-addons.binaryoutcast.com', 'dev' => 'addons-dev.binaryoutcast.com'),
  98. 'features' => array('https', 'extensions', 'themes', 'search-plugins', 'disable-xpinstall')
  99. ),
  100. );
  101. /* Define Application IDs
  102. * Application IDs are normally in the form of a {GUID} or user@host ID.
  103. *
  104. * Firefox: {ec8030f7-c20a-464f-9b0e-13a3a9e97384}
  105. * Thunderbird: {3550f703-e582-4d05-9a08-453d09bdfdc6}
  106. * SeaMonkey: {92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
  107. * Fennec (Android): {aa3c5121-dab2-40e2-81ca-7ea25febc110}
  108. * Fennec (XUL): {a23983c0-fd0e-11dc-95ff-0800200c9a66}
  109. * Sunbird: {718e30fb-e89b-41dd-9da7-e25a45638b28}
  110. * Instantbird: {33cb9019-c295-46dd-be21-8c4936574bee}
  111. * Adblock Browser: {55aba3ac-94d3-41a8-9e25-5c21fe874539} */
  112. const TARGET_APPLICATION_ID = array(
  113. 'toolkit' => 'toolkit@mozilla.org',
  114. 'palemoon' => '{8de7fcbb-c55c-4fbe-bfc5-fc555c87dbc4}',
  115. 'basilisk' => '{ec8030f7-c20a-464f-9b0e-13a3a9e97384}',
  116. 'ambassador' => '{4523665a-317f-4a66-9376-3763d1ad1978}',
  117. 'borealis' => '{a3210b97-8e8a-4737-9aa0-aa0e607640b9}',
  118. 'interlink' => '{3550f703-e582-4d05-9a08-453d09bdfdc6}',
  119. );
  120. const EXTENSION_CATEGORY_SLUGS = array(
  121. 'alerts-and-updates' => 'Alerts &amp; Updates',
  122. 'appearance' => 'Appearance',
  123. 'bookmarks-and-tabs' => 'Bookmarks &amp; Tabs',
  124. 'download-management' => 'Download Management',
  125. 'feeds-news-and-blogging' => 'Feeds, News, &amp; Blogging',
  126. 'privacy-and-security' => 'Privacy &amp; Security',
  127. 'search-tools' => 'Search Tools',
  128. 'social-and-communication' => 'Social &amp; Communication',
  129. 'tools-and-utilities' => 'Tools &amp; Utilities',
  130. 'web-development' => 'Web Development',
  131. 'other' => 'Other'
  132. );
  133. const OTHER_CATEGORY_SLUGS = array(
  134. 'themes' => 'Themes',
  135. 'personas' => 'Personas',
  136. 'search-plugins' => 'Search Plugins',
  137. 'language-packs' => 'Language Packs',
  138. );
  139. // Load fundamental constants and global functions
  140. require_once('./fundamentals.php');
  141. // nsIVersionComparator is now needed software wide so include it.
  142. gfImportModules('vc');
  143. // ====================================================================================================================
  144. // == | Functions | ===================================================================================================
  145. /**********************************************************************************************************************
  146. * Basic Content Generation using the Special Component's Template
  147. ***********************************************************************************************************************/
  148. function gfGenContent($aTitle, $aContent, $aTextBox = null, $aList = null, $aError = null) {
  149. $templateHead = @file_get_contents(SPECIAL_SKIN_PATH . 'template-header.xhtml');
  150. $templateFooter = @file_get_contents(SPECIAL_SKIN_PATH . 'template-footer.xhtml');
  151. // Make sure the template isn't busted, if it is send a text only error as an array
  152. if (!$templateHead || !$templateFooter) {
  153. gfError([__FUNCTION__ . ': Special Template is busted...', $aTitle, $aContent], -1);
  154. }
  155. // Can't use both the textbox and list arguments
  156. if ($aTextBox && $aList) {
  157. gfError(__FUNCTION__ . ': You cannot use both textbox and list');
  158. }
  159. // Anonymous function to determin if aContent is a string-ish or not
  160. $notString = function() use ($aContent) {
  161. return (!is_string($aContent) && !is_int($aContent));
  162. };
  163. // If not a string var_export it and enable the textbox
  164. if ($notString()) {
  165. $aContent = var_export($aContent, true);
  166. $aTextBox = true;
  167. $aList = false;
  168. }
  169. // Use either a textbox or an unordered list
  170. if ($aTextBox) {
  171. // We are using the textbox so put aContent in there
  172. $aContent = '<textarea style="width: 1195px; resize: none;" name="content" rows="36" readonly>' .
  173. $aContent .
  174. '</textarea>';
  175. }
  176. elseif ($aList) {
  177. // We are using an unordered list so put aContent in there
  178. $aContent = '<ul><li>' . $aContent . '</li><ul>';
  179. }
  180. // Set page title
  181. $templateHead = str_replace('<title></title>',
  182. '<title>' . $aTitle . ' - ' . SOFTWARE_NAME . ' ' . SOFTWARE_VERSION . '</title>',
  183. $templateHead);
  184. // If we are generating an error from gfError we want to clean the output buffer
  185. if ($aError) {
  186. ob_get_clean();
  187. }
  188. // Send an html header
  189. header('Content-Type: text/html', false);
  190. // write out the everything
  191. print($templateHead . '<h2>' . $aTitle . '</h2>' . $aContent . $templateFooter);
  192. // We're done here
  193. exit();
  194. }
  195. /**********************************************************************************************************************
  196. * Checks for enabled features
  197. *
  198. * @param $aFeature feature
  199. * @param $aReturn if true we will return a value else 404
  200. ***********************************************************************************************************************/
  201. function gfEnabledFeature($aFeature, $aReturn = null) {
  202. global $gaRuntime;
  203. $currentApplication = $gaRuntime['currentApplication'];
  204. if (!in_array($aFeature, TARGET_APPLICATION_SITE[$currentApplication]['features'])) {
  205. if(!$aReturn) {
  206. gfHeader(404);
  207. }
  208. return null;
  209. }
  210. return true;
  211. }
  212. /**********************************************************************************************************************
  213. * Checks for old versions
  214. *
  215. * @param $aFeature feature
  216. * @param $aReturn if true we will return a value else 404
  217. ***********************************************************************************************************************/
  218. function gfValidClientVersion($aCheckVersion = null, $aVersion = null) {
  219. // XXXTobin: Stop being /AS MUCH/ of a petty asshole.
  220. return true;
  221. }
  222. // ====================================================================================================================
  223. // == | Main | ========================================================================================================
  224. // Define an array that will hold the current application state
  225. $gaRuntime = array(
  226. 'authentication' => null,
  227. 'currentApplication' => null,
  228. 'orginalApplication' => null,
  229. 'currentName' => null,
  230. 'currentScheme' => gfSuperVar('server', 'SCHEME') ?? (gfSuperVar('server', 'HTTPS') ? 'https' : 'http'),
  231. 'currentDomain' => null,
  232. 'validClient' => null,
  233. 'validVersion' => null,
  234. 'debugMode' => null,
  235. 'useSmarty' => null,
  236. 'phpServerName' => gfSuperVar('server', 'SERVER_NAME'),
  237. 'phpRequestURI' => gfSuperVar('server', 'REQUEST_URI'),
  238. 'remoteAddr' => gfSuperVar('server', 'HTTP_X_FORWARDED_FOR') ??
  239. gfSuperVar('server', 'REMOTE_ADDR'),
  240. 'userAgent' => gfSuperVar('server', 'HTTP_USER_AGENT'),
  241. 'qComponent' => gfSuperVar('get', 'component'),
  242. 'qPath' => gfSuperVar('get', 'path'),
  243. 'qApplication' => gfSuperVar('get', 'appOverride'),
  244. 'qDebugOff' => gfSuperVar('get', 'debugOff'),
  245. 'qSearchTerms' => gfSuperVar('get', 'terms'),
  246. );
  247. // --------------------------------------------------------------------------------------------------------------------
  248. // If the entire site is offline but nothing above is busted.. We want to serve proper but empty responses
  249. if (file_exists(ROOT_PATH . '/.offline') && !gfSuperVar('cookie', 'overrideOffline')) {
  250. $strOfflineMessage = 'Phoebus, and by extension this Add-ons Site, is currently unavailable. Please try again later.';
  251. // Root (/) won't set a component or path
  252. if (!$gaRuntime['qComponent'] && !$gaRuntime['qPath']) {
  253. $gaRuntime['qComponent'] = 'site';
  254. $gaRuntime['qPath'] = '/';
  255. }
  256. switch ($gaRuntime['qComponent']) {
  257. case 'aus':
  258. gfHeader('xml');
  259. print('<?xml version="1.0" encoding="UTF-8"?><RDF:RDF xmlns:RDF="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:em="http://www.mozilla.org/2004/em-rdf#" />');
  260. exit();
  261. break;
  262. case 'integration':
  263. $gaRuntime['requestAPIScope'] = gfSuperVar('get', 'type');
  264. $gaRuntime['requestAPIFunction'] = gfSuperVar('get', 'request');
  265. if ($gaRuntime['requestAPIScope'] != 'internal') {
  266. gfHeader(404);
  267. }
  268. switch ($gaRuntime['requestAPIFunction']) {
  269. case 'search':
  270. gfHeader('xml');
  271. print('<?xml version="1.0" encoding="utf-8" ?><searchresults total_results="0" />');
  272. exit();
  273. break;
  274. case 'get':
  275. case 'recommended':
  276. gfHeader('xml');
  277. print('<?xml version="1.0" encoding="utf-8" ?><addons />');
  278. exit();
  279. break;
  280. default:
  281. gfHeader(404);
  282. }
  283. break;
  284. case 'discover':
  285. gfHeader(404);
  286. default:
  287. gfError($strOfflineMessage);
  288. }
  289. }
  290. // --------------------------------------------------------------------------------------------------------------------
  291. // Decide which application by domain that the software will be serving
  292. // and if debug is enabled
  293. foreach (TARGET_APPLICATION_SITE as $_key => $_value) {
  294. switch ($gaRuntime['phpServerName']) {
  295. case $_value['domain']['live']:
  296. $gaRuntime['currentApplication'] = $_key;
  297. $gaRuntime['currentDomain'] = $_value['domain']['live'];
  298. break;
  299. case $_value['domain']['dev']:
  300. $gaRuntime['currentApplication'] = $_key;
  301. $gaRuntime['currentDomain'] = $_value['domain']['dev'];
  302. $gaRuntime['debugMode'] = true;
  303. break;
  304. }
  305. if ($gaRuntime['currentApplication']) {
  306. break;
  307. }
  308. }
  309. // --------------------------------------------------------------------------------------------------------------------
  310. // Items that get changed depending on debug mode
  311. if ($gaRuntime['debugMode']) {
  312. // We can disable debug mode when on a dev url otherwise if debug mode we want all errors
  313. if ($gaRuntime['qDebugOff']) {
  314. $gaRuntime['debugMode'] = null;
  315. }
  316. // Override currentApplication by query
  317. // If qApplication is set and it exists in the array constant set the currentApplication to that
  318. if ($gaRuntime['qApplication']) {
  319. if (array_key_exists($gaRuntime['qApplication'], TARGET_APPLICATION_SITE)) {
  320. $gaRuntime['orginalApplication'] = $gaRuntime['currentApplication'];
  321. $gaRuntime['currentApplication'] = $gaRuntime['qApplication'];
  322. }
  323. else {
  324. gfError('Invalid application');
  325. }
  326. // The same application shouldn't be appOverriden
  327. if ($gaRuntime['currentApplication'] == $gaRuntime['orginalApplication']) {
  328. gfError('It makes no sense to appOverride the same application');
  329. }
  330. }
  331. }
  332. // --------------------------------------------------------------------------------------------------------------------
  333. // We cannot continue without a valid currentApplication
  334. if (!$gaRuntime['currentDomain']) {
  335. gfError('Invalid domain');
  336. }
  337. // We cannot continue without a valid currentApplication
  338. if (!$gaRuntime['currentApplication']) {
  339. gfError('Invalid application');
  340. }
  341. // We cannot contine if the application is not enabled
  342. if (!TARGET_APPLICATION_SITE[$gaRuntime['currentApplication']]['enabled']) {
  343. gfError('This ' . ucfirst($gaRuntime['currentApplication']) . ' Add-ons Site has been disabled. ' .
  344. 'Please contact the Phoebus Administrator');
  345. }
  346. // --------------------------------------------------------------------------------------------------------------------
  347. // Set valid client
  348. $gaRuntime['validClient'] = gfValidClientVersion();
  349. $gaRuntime['validVersion'] = gfValidClientVersion(true);
  350. // --------------------------------------------------------------------------------------------------------------------
  351. // Root (/) won't set a component or path
  352. if (!$gaRuntime['qComponent'] && !$gaRuntime['qPath']) {
  353. $gaRuntime['qComponent'] = 'site';
  354. $gaRuntime['qPath'] = '/';
  355. }
  356. // The PANEL component overrides the SITE component
  357. elseif (str_starts_with($gaRuntime['phpRequestURI'], '/panel/')) {
  358. $gaRuntime['qComponent'] = 'panel';
  359. }
  360. // The SPECIAL component overrides the SITE component
  361. elseif (str_starts_with($gaRuntime['phpRequestURI'], '/special/')) {
  362. $gaRuntime['qComponent'] = 'special';
  363. }
  364. // --------------------------------------------------------------------------------------------------------------------
  365. // Load component based on qComponent
  366. if ($gaRuntime['qComponent'] && array_key_exists($gaRuntime['qComponent'], COMPONENTS)) {
  367. require_once(COMPONENTS[$gaRuntime['qComponent']]);
  368. }
  369. else {
  370. if (!$gaRuntime['debugMode']) {
  371. gfHeader(404);
  372. }
  373. gfError('Invalid component');
  374. }
  375. // ====================================================================================================================
  376. ?>