Load('admin.install'); // we need to disable events as they aren't initalized until the installer runs iwp_template::getInstance()->DisableEvents = true; // the installer doesn't autoload include(dirname(__FILE__) . '/includes/classes/class.install.php'); $install = new iwp_install(); $install->lang->Load('admin.install'); if (@$_GET['action'] == 'filecheck') { $install->RemoteFileCheck(); } else { $install->StartInstall(); } die(); } if(isset($_GET['section']) && $_GET['section'] == 'install'){ header('Location: index.php'); die(); } /** * In order to prevent cross-domain problems with cookies, we'll make sure * The user is using the correct URL to access the admin, i.e. the one in their config */ $requestHost = $_SERVER["HTTP_HOST"]; $configPathInfo = parse_url(GetConfig('siteURL')); if($requestHost !== stricmp($configPathInfo['host'], $requestHost)){ if(!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == "off"){ $protocol = 'http://'; }else{ $protocol = 'https://'; } if('www.'.$requestHost === $configPathInfo['host']){ // they accessed the admin without the www. when the should have accessed // with it! $currentPath = 'www.'.$requestHost; header('Location: ' . $protocol . $currentPath . $_SERVER['REQUEST_URI']); die(); }elseif(substr($requestHost,4) == $configPathInfo['host']){ // they accessed the admin with the www. when the should have accessed // without it! $currentPath = substr($requestHost,4); header('Location: ' . $protocol . $currentPath . $_SERVER['REQUEST_URI']); die(); } } // Load the user data from the session $auth = iwp_admin_auth::getInstance(); if(!$auth->IsLoggedIn(mysql_user_row())) { if(isset($_POST['submit_login'])){ // They've just submitted the login form $auth->DoLogin(); }elseif(isset($_GET['forgotpass'])) { // They forgot their password $auth->ForgotPassword(); }elseif(isset($_GET['forgotpassconfirm'])) { // They forgot their password $auth->ForgotPasswordConfirm(); }else{ if(isset($_GET['section']) && isset($_GET['action'])){ // if they tried to access a specific page, store it in a cookie while the login so we can redirect them to it. $cookiePrefix = iwp_config::Get('cookiePrefix'); setcookie($cookiePrefix . "redirectPage", $_SERVER["QUERY_STRING"]); } if(sizeof($_POST) > 1){ // save any post data that was sent so it can be reset when they login iwp_session::Set('__postData', serialize($_POST)); } if(sizeof($_GET) > 1){ // save any get data that was sent so it can be reset when they login iwp_session::Set('__getData', serialize($_GET)); } $auth->ShowLoginPage(); } die(); } else { // logged in, we need to set up the main menus $auth->template->Assign(array('menu', 'Text'), iwp_admin_navigation::getInstance()->GetTextMenu()); $auth->template->Assign(array('menu', 'DropDown'), iwp_admin_navigation::getInstance()->GetDropDownMenu()); } $auth->LoadUserData(); $section = iwp_validation::FilterAlpha(@$_GET['section']); $action = iwp_validation::FilterAlphaNumeric(@$_GET['action']); $classname = 'iwp_admin_'.$section; iwp_event::trigger('iwp_event_admin_index_beforetemplate', new iwp_event_admin_index_beforetemplate()); if((isset($_GET['section']) && !in_array($section, $whitelist_section)) || (isset($_GET['action']) &&!in_array(strtolower($action), $whitelist_action))) { iwp_admin_home::getInstance()->ShowDashboard(GetLang('InvalidUrlSelected'), MSG_ERROR); die(); } if (defined('PRODUCT_EDITION')) { iwp_template::getInstance()->Assign('adminEditionTitle', ' ('. PRODUCT_EDITION .' '. GetLang('EditionEdition') .')'); } if(!isset($_GET['section'])){ // must be home page iwp_admin_home::getInstance()->ShowDashboard(); die(); } $class = call_user_func(array($classname, 'getInstance')); iwp_template::getInstance()->Assign('section', $section); iwp_template::getInstance()->Assign('action', $action); // Finally, call the class and the function $class->$action(); iwp_event::trigger('iwp_event_admin_index_aftertemplate', new iwp_event_admin_index_aftertemplate());