private function Initialize($my_domains)
{
if (sizeof($_GET)) {
$array_keys = array_keys($_GET);
foreach ($array_keys as $k) {
if (!preg_match('/^[a-zA-Z0-9\\_]+$/', $k) or is_numeric($k)) {
unset($_GET[$k]);
}
}
$this->fixQuery($_GET, 'get');
}
if (sizeof($_POST)) {
$array_keys = array_keys($_POST);
foreach ($array_keys as $k) {
if (!preg_match('/^[a-zA-Z0-9\\_]+$/', $k) or is_numeric($k)) {
unset($_POST[$k]);
}
}
$this->fixQuery($_POST, 'post');
}
if (sizeof($_COOKIE)) {
$array_keys = array_keys($_COOKIE);
foreach ($array_keys as $k) {
if (!preg_match('/^[a-zA-Z0-9\\_]+$/', $k) or is_numeric($k)) {
@setcookie($k, '', NV_CURRENTTIME - 3600);
unset($_COOKIE[$k]);
}
}
$this->fixQuery($_COOKIE, 'cookie');
}
if (sizeof($_FILES) && strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') {
$array_keys = array_keys($_FILES);
foreach ($array_keys as $k) {
if (!preg_match('/^[a-zA-Z0-9\\_]+$/', $k) or is_numeric($k)) {
unset($_FILES[$k]);
}
}
$this->fixQuery($_FILES, 'files');
}
$query = http_build_query($_GET);
$_SERVER['QUERY_STRING'] = $query;
$_SERVER['argv'] = array($query);
$this->request_uri = empty($_SERVER['REQUEST_URI']) ? $_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING'] : $_SERVER['REQUEST_URI'];
$doc_root = isset($_SERVER['DOCUMENT_ROOT']) ? $_SERVER['DOCUMENT_ROOT'] : '';
if (!empty($doc_root)) {
$doc_root = str_replace(DIRECTORY_SEPARATOR, '/', $doc_root);
}
if (!empty($doc_root)) {
$doc_root = preg_replace('/[\\/]+$/', '', $doc_root);
}
$base_siteurl = pathinfo($_SERVER['PHP_SELF'], PATHINFO_DIRNAME);
if ($base_siteurl == DIRECTORY_SEPARATOR) {
$base_siteurl = '';
}
if (!empty($base_siteurl)) {
$base_siteurl = str_replace(DIRECTORY_SEPARATOR, '/', $base_siteurl);
}
if (!empty($base_siteurl)) {
$base_siteurl = preg_replace('/[\\/]+$/', '', $base_siteurl);
}
if (!empty($base_siteurl)) {
$base_siteurl = preg_replace('/^[\\/]*(.*)$/', '/\\1', $base_siteurl);
}
if (defined('NV_WYSIWYG') and !defined('NV_ADMIN')) {
$base_siteurl = preg_replace('#/' . NV_EDITORSDIR . '(.*)$#', '', $base_siteurl);
} elseif (defined('NV_IS_UPDATE')) {
// Update se bao gom ca admin nen update phai dat truoc
$base_siteurl = preg_replace('#/install(.*)$#', '', $base_siteurl);
} elseif (defined('NV_ADMIN')) {
$base_siteurl = preg_replace('#/' . NV_ADMINDIR . '(.*)$#i', '', $base_siteurl);
} elseif (!empty($base_siteurl)) {
$base_siteurl = preg_replace('#/index\\.php(.*)$#', '', $base_siteurl);
}
if (NV_ROOTDIR !== $doc_root . $base_siteurl) {
$doc_root = NV_ROOTDIR;
$count = substr_count($base_siteurl, '/');
for ($i = 0; $i < $count; ++$i) {
$doc_root = preg_replace('#\\/[^\\/]+$#', '', $doc_root);
}
$_SERVER['DOCUMENT_ROOT'] = $doc_root;
}
$_SERVER['SCRIPT_FILENAME'] = $_SERVER['DOCUMENT_ROOT'] . $_SERVER['PHP_SELF'];
$_SERVER['SERVER_PORT'] = $this->get_Env('SERVER_PORT');
$_SERVER['SERVER_PROTOCOL'] = $this->get_Env('SERVER_PROTOCOL');
$this->server_name = preg_replace('/^[a-z]+\\:\\/\\//i', '', $this->get_Env(array('HTTP_HOST', 'SERVER_NAME')));
$this->server_name = preg_replace('/(\\:[0-9]+)$/', '', $this->server_name);
$_SERVER['SERVER_NAME'] = $this->server_name;
$this->base_siteurl = $base_siteurl;
$this->base_adminurl = $base_siteurl . (NV_ADMINDIR != '' ? '/' . NV_ADMINDIR : '');
$this->doc_root = $doc_root;
$this->server_protocol = strtolower(preg_replace('/^([^\\/]+)\\/*(.*)$/', '\\1', $_SERVER['SERVER_PROTOCOL'])) . ($this->get_Env('HTTPS') == 'on' ? 's' : '');
$this->server_port = ($_SERVER['SERVER_PORT'] == '80' or $_SERVER['SERVER_PORT'] == '443') ? '' : ':' . $_SERVER['SERVER_PORT'];
if (filter_var($this->server_name, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === false) {
$this->my_current_domain = $this->server_protocol . '://' . $this->server_name . $this->server_port;
} else {
$this->my_current_domain = $this->server_protocol . '://[' . $this->server_name . ']' . $this->server_port;
}
$this->headerstatus = substr(php_sapi_name(), 0, 3) == 'cgi' ? 'Status:' : $_SERVER['SERVER_PROTOCOL'];
$domains = array();
if (empty($my_domains)) {
$domains = (array) $this->server_name;
} else {
$domains = array_map('trim', explode(',', $my_domains));
$domains = array_map('strtolower', $domains);
}
$this->my_domains = array_unique($domains);
$this->site_url = $this->my_current_domain . $this->base_siteurl;
$this->referer = $this->get_Env(array('HTTP_REFERER', 'Referer'));
if (!empty($this->referer)) {
$ref = @parse_url($this->referer);
if (isset($ref['scheme']) and in_array($ref['scheme'], array('http', 'https', 'ftp', 'gopher')) and isset($ref['host'])) {
if (substr($ref['host'], 0, 1) == '[' and substr($ref['host'], -1) == ']') {
$ref['host'] = substr($ref['host'], 1, -1);
}
if (preg_match('/^' . preg_quote($ref['host']) . '/', $this->server_name)) {
$this->referer_key = 1;
} else {
$this->referer_key = 0;
if (!empty($this->engine_allowed)) {
foreach ($this->engine_allowed as $se => $v) {
if (preg_match('/' . preg_quote($v['host_pattern']) . '/i', $ref['host'])) {
$this->search_engine = $se;
break;
}
}
}
}
$this->referer_host = $ref['host'];
$tmp = array();
$base = $this->referer;
if (isset($ref['query']) and !empty($ref['query'])) {
list($base, $query_string) = explode('?', $this->referer);
parse_str($query_string, $parameters);
foreach ($parameters as $key => $value) {
if (preg_match('/^[a-zA-Z\\_][a-zA-Z0-9\\_]*$/', $key)) {
$tmp[$key] = $this->security_get($value, true);
}
}
}
if (!empty($tmp)) {
$this->referer_queries = $tmp;
$_SERVER['HTTP_REFERER'] = $base . '?' . http_build_query($tmp);
} else {
$_SERVER['HTTP_REFERER'] = $base;
}
$this->referer = $_SERVER['HTTP_REFERER'];
} else {
$this->referer_key = 0;
$this->referer = '';
unset($_SERVER['HTTP_REFERER']);
}
} else {
$this->referer_key = 2;
unset($_SERVER['HTTP_REFERER']);
}
if ($this->str_referer_blocker and !empty($_SERVER['QUERY_STRING']) and $this->referer_key == 0 and empty($this->search_engine)) {
header('Location: ' . $this->site_url);
exit;
}
$user_agent = (string) $this->get_Env('HTTP_USER_AGENT');
$user_agent = substr(htmlspecialchars($user_agent), 0, 255);
if (!empty($user_agent)) {
$user_agent = trim($user_agent);
}
if (empty($user_agent) or $user_agent == '-') {
$user_agent = 'none';
}
$this->user_agent = $user_agent;
$_SERVER['HTTP_USER_AGENT'] = $user_agent;
}