. if (!defined('EG')) die('Direct access not allowed!'); class BaseController extends Controller { protected $lang; protected $ismoderator; protected $querySanitized = true; protected $_topMenuClasses = array( "home" => null, "hardware" => null, "credits" => null, "issues" => null, "contact" => null, "search" => null, "news" => null, "download" => null, "help" => null, ); public function __construct($model, $controller, $queryString) { parent::__construct($model, $controller, $queryString); header("Cache-Control: no-cache"); $this->model('BoxesModel'); $this->load('header'); $this->load('footer','last'); $this->session('registered'); $this->s['registered']->checkStatus(); $data['username'] = null; $data['islogged'] = 'no'; $data['token'] = 'token'; $data['ismoderator'] = false; $this->ismoderator = false; if ($this->s['registered']->status['status'] === 'logged') { $data['username'] = $this->s['registered']->status['user']; $data['islogged'] = 'yes'; $data['token'] = $this->s['registered']->status['token']; $data['ismoderator'] = in_array('moderator',$this->s['registered']->status['groups']) ? true : false; $this->ismoderator = $data['ismoderator']; } $data['lang'] = 'en'; $this->lang = 'en'; if (isset($this->_queryString[0])) { $lang = (strcmp($this->_queryString[0],'') !== 0) ? $this->_queryString[0] : 'en'; $data['lang'] = Lang::sanitize($lang); $this->lang = $data['lang']; Lang::$current = $data['lang']; } $data['tm'] = $this->_topMenuClasses; // print_r($this->_queryString); $this->_queryString = $this->sanitizeQueryString($this->_queryString); $this->append($data); } protected function right($lang = 'en') { $hard = new HardwareModel(); $data['stat'] = $hard->clear()->select('type,count(*) AS numb')->where(array('-deleted'=>'no'))->groupBy('type')->toList('type','aggregate.numb')->send(); $logged = $this->s['registered']->getUsersLogged(); $data['numbLogged'] = count($logged); // get the right column container $this->m['BoxesModel']->setWhereQueryClause(array('title'=>'right_bottom')); $boxes = $this->m['BoxesModel']->getAll('boxes'); if (count($boxes) > 0) { $xml = htmlspecialchars_decode($boxes[0]['boxes']['message'],ENT_QUOTES); $box_news = new BoxParser($xml); $data['htmlRightBox'] = $box_news->render(); } else { $data['htmlRightBox'] = null; } $data['language_links'] = $this->buildLanguageLinks($this->lang); // print_r($this->_queryString); $this->append($data); $this->load('right'); } protected function sanitizeQueryString($queryArray) { $resArray = array(); foreach ($queryArray as $item) { if (preg_match('/^[a-zA-Z0-9\-\_\.\+\s]+$/',$item)) { $resArray[] = sanitizeAll($item); } else { $this->querySanitized = false; return array('en'); } } return $resArray; } protected function buildLanguageLinks($lang) { $status = $this->_queryString; $cPage = $this->querySanitized ? $this->currPage : $this->baseUrl."/home/index"; $link = "