Spaces:

kenken999
/

processmaker-community

Sleeping

App Files Files Community

processmaker-community / processmaker-files /workflow /public_html /bootstrap.php

kenken999

Upload folder using huggingface_hub

07c3cdd verified 24 days ago

Raw

History Blame Contribute Delete

28.1 kB

	<?php
	/**
	* sysGeneric.php
	*
	* ProcessMaker Open Source Edition
	* Copyright (C) 2004 - 2008 Colosa Inc.
	*
	* This program is free software: you can redistribute it and/or modify
	* it under the terms of the GNU Affero General Public License as
	* published by the Free Software Foundation, either version 3 of the
	* License, or (at your option) any later version.
	*
	* This program is distributed in the hope that it will be useful,
	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	* GNU Affero General Public License for more details.
	*
	* You should have received a copy of the GNU Affero General Public License
	* along with this program. If not, see <http://www.gnu.org/licenses/>.
	*
	* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
	* Coral Gables, FL, 33134, USA, or email info@colosa.com.
	*
	*/

	use ProcessMaker\Plugins\PluginRegistry;

	/**
	* sysGeneric - ProcessMaker Bootstrap
	* this file is used initialize main variables, redirect and dispatch all requests
	*/

	// Defining the PATH_SEP constant, he we are defining if the the path separator symbol will be '\\' or '/'
	define('PATH_SEP', '/');

	// Defining the Home Directory
	$realdocuroot = str_replace('\\', '/', $_SERVER['DOCUMENT_ROOT']);
	$docuroot = explode(PATH_SEP , $realdocuroot);

	array_pop($docuroot);
	$pathhome = implode(PATH_SEP, $docuroot) . PATH_SEP;

	// try to find automatically the trunk directory where are placed the RBAC and Gulliver directories
	// in a normal installation you don't need to change it.
	array_pop($docuroot);
	$pathTrunk = implode(PATH_SEP, $docuroot) . PATH_SEP ;

	array_pop($docuroot);
	$pathOutTrunk = implode(PATH_SEP, $docuroot) . PATH_SEP ;

	define('PATH_HOME', $pathhome);
	define('PATH_TRUNK', $pathTrunk);
	define('PATH_OUTTRUNK', $pathOutTrunk);
	// Including these files we get the PM paths and definitions (that should be just one file.
	require_once $pathhome . PATH_SEP . 'engine' . PATH_SEP . 'config' . PATH_SEP . 'paths.php';
	require_once PATH_CORE . 'classes' . PATH_SEP . 'class.system.php';

	// starting session
	$timelife = ini_get('session.gc_maxlifetime');
	if (is_null($timelife)) {
	$timelife = 1440;
	}
	ini_set('session.gc_maxlifetime', $timelife);
	ini_set('session.cookie_lifetime', $timelife);
	session_start();

	$config = PmSystem::getSystemConfiguration();

	//$e_all = defined('E_DEPRECATED') ? E_ALL & ~E_DEPRECATED : E_ALL;
	//$e_all = defined('E_STRICT') ? $e_all & ~E_STRICT : $e_all;
	//$e_all = $config['debug'] ? $e_all : $e_all & ~E_NOTICE;
	//$e_all = E_ALL & ~ E_DEPRECATED & ~ E_STRICT & ~ E_NOTICE & ~E_WARNING;


	$filter = new InputFilter();
	$config['display_errors'] = $filter->validateInput($config['display_errors']);
	$config['error_reporting'] = $filter->validateInput($config['error_reporting']);
	$config['memory_limit'] = $filter->validateInput($config['memory_limit']);
	$config['wsdl_cache'] = $filter->validateInput($config['wsdl_cache'],'int');
	$config['time_zone'] = $filter->validateInput($config['time_zone']);
	// Do not change any of these settings directly, use env.ini instead
	ini_set( 'display_errors', $filter->validateInput($config['display_errors']) );
	ini_set( 'error_reporting', $filter->validateInput($config['error_reporting']) );
	ini_set('short_open_tag', 'On');
	ini_set('default_charset', "UTF-8");
	ini_set('memory_limit', $filter->validateInput($config['memory_limit']) );
	ini_set('soap.wsdl_cache_enabled', $config['wsdl_cache']);
	ini_set('date.timezone', (isset($_SESSION['__SYSTEM_UTC_TIME_ZONE__']) && $_SESSION['__SYSTEM_UTC_TIME_ZONE__'])? 'UTC' : $config['time_zone']); //Set Time Zone

	define ('DEBUG_SQL_LOG', $config['debug_sql']);
	define ('DEBUG_TIME_LOG', $config['debug_time']);
	define ('DEBUG_CALENDAR_LOG', $config['debug_calendar']);
	define ('MEMCACHED_ENABLED', $config['memcached']);
	define ('MEMCACHED_SERVER', $config['memcached_server']);
	define ('TIME_ZONE', ini_get('date.timezone'));

	// IIS Compatibility, SERVER_ADDR doesn't exist on that env, so we need to define it.
	$_SERVER['SERVER_ADDR'] = isset($_SERVER['SERVER_ADDR']) ? $_SERVER['SERVER_ADDR'] : $_SERVER['SERVER_NAME'];

	//to do: make different environments. sys

	define ('ERROR_SHOW_SOURCE_CODE', true); // enable ERROR_SHOW_SOURCE_CODE to display the source code for any WARNING OR NOTICE
	//define ( 'ERROR_LOG_NOTICE_ERROR', true ); //enable ERROR_LOG_NOTICE_ERROR to log Notices messages in default apache log

	//check if it is a installation instance
	if(!defined('PATH_C')) {
	// is a intallation instance, so we need to define PATH_C and PATH_LANGUAGECONT constants temporarily
	define('PATH_C', (rtrim(G::sys_get_temp_dir(), PATH_SEP) . PATH_SEP));
	define('PATH_LANGUAGECONT', PATH_HOME . 'engine/content/languages/' );
	}

	// defining Virtual URLs
	$virtualURITable = array();
	$virtualURITable['/plugin/(*)'] = 'plugin';
	$virtualURITable['/(sys)/(.js)'] = 'jsMethod';
	$virtualURITable['/js/(*)'] = PATH_GULLIVER_HOME . 'js/';
	$virtualURITable['/jscore/(*)'] = PATH_CORE . 'js/';

	if ( defined('PATH_C') ) {
	$virtualURITable['/jsform/(*.js)'] = PATH_C . 'xmlform/';
	$virtualURITable['/extjs/(*)'] = PATH_C . 'ExtJs/';
	}

	$virtualURITable['/htmlarea/(*)'] = PATH_THIRDPARTY . 'htmlarea/';
	$virtualURITable['/sys[a-zA-Z][a-zA-Z0-9]{0,}()/'] = 'sysNamed';
	$virtualURITable['/(sys*)'] = FALSE;
	$virtualURITable['/errors/(*)'] = PATH_GULLIVER_HOME . 'methods/errors/';
	$virtualURITable['/gulliver/(*)'] = PATH_GULLIVER_HOME . 'methods/';
	$virtualURITable['/controls/(*)'] = PATH_GULLIVER_HOME . 'methods/controls/';
	$virtualURITable['/html2ps_pdf/(*)'] = PATH_THIRDPARTY . 'html2ps_pdf/';
	$virtualURITable['/images/'] = 'errorFile';
	$virtualURITable['/skins/'] = 'errorFile';
	$virtualURITable['/files/'] = 'errorFile';
	$virtualURITable['/[a-zA-Z][a-zA-Z0-9]{0,}()'] = 'sysUnnamed';
	$virtualURITable['/rest/(*)'] = 'rest-service';
	$virtualURITable['/update/(*)'] = PATH_GULLIVER_HOME . 'methods/update/';
	$virtualURITable['/(*)'] = PATH_HTML;

	$isRestRequest = false;

	// Verify if we need to redirect or stream the file, if G:VirtualURI returns true means we are going to redirect the page
	if ( G::virtualURI($_SERVER['REQUEST_URI'], $virtualURITable , $realPath ))
	{
	// review if the file requested belongs to public_html plugin
	if ( substr ( $realPath, 0,6) == 'plugin' ) {
	// Another way to get the path of Plugin public_html and stream the correspondent file, By JHL Jul 14, 08
	// TODO: $pathsQuery will be used?
	$pathsQuery = '';
	// Get the query side
	// Did we use this variable $pathsQuery for something??
	$forQuery = explode("?",$realPath);
	if (isset($forQuery[1])) {
	$pathsQuery = $forQuery[1];
	}

	//Get that path in array
	$paths = explode ( PATH_SEP, $forQuery[0] );
	//remove the "plugin" word from
	$paths[0] = substr ( $paths[0],6);
	//Get the Plugin Folder, always the first element
	$pluginFolder = array_shift($paths);
	//The other parts are the realpath into public_html (no matter how many elements)
	$filePath = implode(PATH_SEP,$paths);
	$pluginFilename = PATH_PLUGINS . $pluginFolder . PATH_SEP . 'public_html'. PATH_SEP . $filePath;

	if ( file_exists ( $pluginFilename ) ) {
	G::streamFile ( $pluginFilename );
	}
	die;
	}

	$requestUriArray = explode("/",$_SERVER['REQUEST_URI']);

	if((isset($requestUriArray[1]))&&($requestUriArray[1] == 'skin')) {
	// This will allow to public images of Custom Skins, By JHL Feb 28, 11
	$pathsQuery="";
	// Get the query side
	// This way we remove garbage
	$forQuery = explode("?",$realPath);
	if (isset($forQuery[1])) {
	$pathsQuery = $forQuery[1];
	}

	//Get that path in array
	$paths = explode ( PATH_SEP, $forQuery[0] );
	$fileToBeStreamed=str_replace("/skin/",PATH_CUSTOM_SKINS,$_SERVER['REQUEST_URI']);

	if ( file_exists ( $fileToBeStreamed ) ) {
	G::streamFile ( $fileToBeStreamed );
	}
	die;
	}
	switch ($realPath) {
	case 'sysUnnamed' :
	require_once('sysUnnamed.php');
	die;
	break;
	case 'sysNamed' :
	header('location : ' . $_SERVER['REQUEST_URI'] . '/' .SYS_LANG. '/classic/login/login' );
	die;
	break;
	case 'jsMethod' :
	G::parseURI ( getenv( "REQUEST_URI" ) );
	$filename = PATH_METHODS . SYS_COLLECTION . '/' . SYS_TARGET . '.js';
	G::streamFile ( $filename );
	die;
	break;
	case 'errorFile':
	header ("location: /errors/error404.php?url=" . urlencode($_SERVER['REQUEST_URI']));
	if ( DEBUG_TIME_LOG ) G::logTimeByPage(); //log this page
	die;
	break;
	default :
	if (substr($realPath, 0, 12) == 'rest-service') {
	$isRestRequest = true;
	} else {
	$realPath = explode('?', $realPath);
	$realPath[0] .= strpos(basename($realPath[0]), '.') === false ? '.php' : '';
	G::streamFile ( $realPath[0] );
	die;
	}
	}
	}//virtual URI parser

	// the request correspond to valid php page, now parse the URI
	G::parseURI(getenv("REQUEST_URI"), $isRestRequest);

	$arrayUpdating = G::isPMUnderUpdating();
	if ($arrayUpdating['action']) {
	if ($arrayUpdating['workspace'] == "true" \|\| $arrayUpdating['workspace'] == SYS_TEMP) {
	header("location: /update/updating.php");
	if (DEBUG_TIME_LOG) G::logTimeByPage();
	die;
	}
	}

	// verify if index.html exists
	if (!file_exists(PATH_HTML . 'index.html')) { // if not, create it from template
	file_put_contents(
	PATH_HTML . 'index.html',
	G::parseTemplate(PATH_TPL . "index.html", array("lang" => ((defined("SYS_LANG") && SYS_LANG != "")? SYS_LANG : "en"), "skin" => SYS_SKIN))
	);
	}

	define('SYS_URI' , '/sys' . SYS_TEMP . '/' . SYS_LANG . '/' . SYS_SKIN . '/');

	// defining the serverConf singleton
	if (defined('PATH_DATA') && file_exists(PATH_DATA)) {
	//Instance Server Configuration Singleton
	$oServerConf =& ServerConf::getSingleton();
	}

	// Call Gulliver Classes




















	// Create headPublisher singleton

	$oHeadPublisher =& headPublisher::getSingleton();

	//Load filter class

	$filter = new InputFilter();

	// Installer, redirect to install if we don't have a valid shared data folder
	if ( !defined('PATH_DATA') \|\| !file_exists(PATH_DATA)) {

	// new installer, extjs based
	define('PATH_DATA', PATH_C);
	require_once ( PATH_CONTROLLERS . 'InstallerModule.php' );
	$controller = InstallerModule::class;

	// if the method name is empty set default to index method
	if (strpos(SYS_TARGET, '/') !== false) {
	list($controller, $controllerAction) = explode('/', SYS_TARGET);
	}
	else {
	$controllerAction = SYS_TARGET;
	}

	$controllerAction = ($controllerAction != '' && $controllerAction != 'login')? $controllerAction: 'index';

	// create the installer controller and call its method
	if (is_callable([InstallerModule::class, $controllerAction])) {
	$installer = new $controller();
	$installer->setHttpRequestData($_REQUEST);
	$installer->call($controllerAction);
	}
	else {
	$_SESSION['phpFileNotFound'] = $_SERVER['REQUEST_URI'];
	header ("location: /errors/error404.php?url=" . urlencode($_SERVER['REQUEST_URI']));
	}
	die;
	}

	// Load Language Translation
	G::LoadTranslationObject(defined('SYS_LANG')?SYS_LANG:"en");

	// look for a disabled workspace
	if($oServerConf->isWSDisabled(SYS_TEMP)){
	$aMessage['MESSAGE'] = G::LoadTranslation('ID_DISB_WORKSPACE');
	$G_PUBLISH = new Publisher;
	$G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/showMessage', '', $aMessage );
	G::RenderPage( 'publish' );
	die;
	}

	// database and workspace definition
	// if SYS_TEMP exists, the URL has a workspace, now we need to verify if exists their db.php file
	if ( defined('SYS_TEMP') && SYS_TEMP != '') {
	//this is the default, the workspace db.php file is in /shared/workflow/sites/SYS_SYS
	if ( file_exists( PATH_DB . SYS_TEMP . '/db.php' ) ) {
	$pathFile = $filter->validateInput(PATH_DB . SYS_TEMP . '/db.php','path');
	require_once( $pathFile );
	define ( 'SYS_SYS' , SYS_TEMP );

	// defining constant for workspace shared directory
	define ( 'PATH_WORKSPACE' , PATH_DB . config("system.workspace") . PATH_SEP );
	// including workspace shared classes -> particularlly for pmTables
	set_include_path(get_include_path() . PATH_SEPARATOR . PATH_WORKSPACE);
	}
	else {
	G::SendTemporalMessage ('ID_NOT_WORKSPACE', "error");
	G::header('location: /sys/' . SYS_LANG . '/' . SYS_SKIN . '/main/sysLogin?errno=2');
	die;
	}
	}
	else { //when we are in global pages, outside any valid workspace
	if (SYS_TARGET==='newSite') {
	$phpFile = G::ExpandPath('methods') . SYS_COLLECTION . "/" . SYS_TARGET.'.php';
	$phpFile = $filter->validateInput($phpFile,'path');
	require_once($phpFile);
	die();
	}
	else {
	if(SYS_TARGET=="dbInfo"){ //Show dbInfo when no SYS_SYS
	$pathFile = PATH_METHODS . 'login/dbInfo.php';
	$pathFile = $filter->validateInput($pathFile,'path');
	require_once($pathFile);
	}
	else{

	if (substr(SYS_SKIN, 0, 2) === 'ux' && SYS_TARGET != 'sysLoginVerify') { // new ux sysLogin - extjs based form
	$pathFile = $filter->validateInput(PATH_CONTROLLERS . 'main.php','path');
	require_once $pathFile;
	$controllerClass = 'Main';
	$controllerAction = SYS_TARGET == 'sysLoginVerify' ? SYS_TARGET : 'sysLogin';
	//if the method exists
	if( is_callable(Array($controllerClass, $controllerAction)) ) {
	$controller = new $controllerClass();
	$controller->setHttpRequestData($_REQUEST);
	$controller->call($controllerAction);
	}
	}
	else { // classic sysLogin interface
	$pathFile = PATH_METHODS . 'login/sysLogin.php';
	$pathFile = $filter->validateInput($pathFile,'path');
	require_once($pathFile) ;
	die();
	}
	}
	if ( DEBUG_TIME_LOG ) G::logTimeByPage(); //log this page
	die();
	}
	}

	// PM Paths DATA
	define('PATH_DATA_SITE', PATH_DATA . 'sites/' . config("system.workspace") . '/');
	define('PATH_DOCUMENT', PATH_DATA_SITE . 'files/');
	define('PATH_DATA_MAILTEMPLATES', PATH_DATA_SITE . 'mailTemplates/');
	define('PATH_DATA_PUBLIC', PATH_DATA_SITE . 'public/');
	define('PATH_DATA_REPORTS', PATH_DATA_SITE . 'reports/');
	define('PATH_DYNAFORM', PATH_DATA_SITE . 'xmlForms/');
	define('PATH_IMAGES_ENVIRONMENT_FILES', PATH_DATA_SITE . 'usersFiles'.PATH_SEP);
	define('PATH_IMAGES_ENVIRONMENT_USERS', PATH_DATA_SITE . 'usersPhotographies'.PATH_SEP);
	define('SERVER_NAME', $_SERVER ['SERVER_NAME']);
	define('SERVER_PORT', $_SERVER ['SERVER_PORT']);

	// create memcached singleton
	$memcache = & PMmemcached::getSingleton(config("system.workspace"));

	// verify configuration for rest service
	if ($isRestRequest) {
	// disable until confirm that rest is enabled & configured on rest-config.ini file
	$isRestRequest = false;
	$confFile = '';
	$restApiClassPath = '';

	// try load and getting rest configuration
	if (file_exists(PATH_DATA_SITE . 'rest-config.ini')) {
	$confFile = PATH_DATA_SITE . 'rest-config.ini';
	$restApiClassPath = PATH_DATA_SITE;
	} elseif (file_exists(PATH_CONFIG . 'rest-config.ini')) {
	$confFile = PATH_CONFIG . 'rest-config.ini';
	}
	if (! empty($confFile) && $restConfig = @parse_ini_file($confFile, true)) {
	if (array_key_exists('enable_service', $restConfig)) {
	if ($restConfig['enable_service'] == 'true' \|\| $restConfig['enable_service'] == '1') {
	$isRestRequest = true; // rest service enabled
	}
	}
	}
	}

	//here we are loading all plugins registered
	//the singleton has a list of enabled plugins
	$oPluginRegistry = PluginRegistry::loadSingleton();

	// setup propel definitions and logging
	require_once ( "propel/Propel.php" );
	require_once ( "creole/Creole.php" );

	if (defined('DEBUG_SQL_LOG') && DEBUG_SQL_LOG) {
	define('PM_PID', mt_rand(1,999999));
	require_once 'Log.php';

	// register debug connection decorator driver
	Creole::registerDriver('*', 'creole.contrib.DebugConnection');

	// initialize Propel with converted config file
	Propel::init( PATH_CORE . "config/databases.php" );

	// unified log file for all databases
	$logFile = PATH_DATA . 'log' . PATH_SEP . 'propel.log';
	$logger = Log::singleton('file', $logFile, 'wf ' . config("system.workspace"), null, PEAR_LOG_INFO);
	Propel::setLogger($logger);
	// log file for workflow database
	$con = Propel::getConnection('workflow');
	if ($con instanceof DebugConnection) {
	$con->setLogger($logger);
	}
	// log file for rbac database
	$con = Propel::getConnection('rbac');

	if ($con instanceof DebugConnection) {
	$con->setLogger($logger);
	}

	// log file for report database
	$con = Propel::getConnection('rp');
	if ($con instanceof DebugConnection) {
	$con->setLogger($logger);
	}
	}
	else {
	Propel::init( PATH_CORE . "config/databases.php" );
	}

	Creole::registerDriver('dbarray', 'creole.contrib.DBArrayConnection');

	// Session Initializations
	ini_set('session.auto_start', '1');

	// The register_globals feature has been DEPRECATED as of PHP 5.3.0. default value Off.
	// ini_set( 'register_globals', 'Off' );
	//session_start();
	ob_start();

	// Rebuild the base Workflow translations if not exists
	if( ! is_file(PATH_LANGUAGECONT . 'translation.en') ){
	require_once ( "classes/model/Translation.php" );
	$fields = Translation::generateFileTranslation('en');
	}

	// TODO: Verify if the language set into url is defined in translations env.
	if( SYS_LANG != 'en' && ! is_file(PATH_LANGUAGECONT . 'translation.' . SYS_LANG) ){
	require_once ( "classes/model/Translation.php" );
	$fields = Translation::generateFileTranslation(SYS_LANG);
	}

	// Setup plugins
	$oPluginRegistry->setupPlugins(); //get and setup enabled plugins
	$avoidChangedWorkspaceValidation = false;

	// Load custom Classes and Model from Plugins.
	G::LoadAllPluginModelClasses();

	// jump to php file in methods directory
	$collectionPlugin = '';
	if ($oPluginRegistry->isRegisteredFolder(SYS_COLLECTION)) {
	$phpFile = PATH_PLUGINS . SYS_COLLECTION . PATH_SEP . SYS_TARGET.'.php';
	$targetPlugin = explode( '/', SYS_TARGET );
	$collectionPlugin = $targetPlugin[0];
	$avoidChangedWorkspaceValidation = true;
	}
	else {
	$phpFile = G::ExpandPath('methods') . SYS_COLLECTION . PATH_SEP . SYS_TARGET.'.php';
	}

	// services is a special folder,
	if ( SYS_COLLECTION == 'services' ) {
	$avoidChangedWorkspaceValidation = true;
	$targetPlugin = explode( '/', SYS_TARGET );

	if ( $targetPlugin[0] == 'webdav' ) {
	$phpFile = G::ExpandPath('methods') . SYS_COLLECTION . PATH_SEP . 'webdav.php';
	}
	}

	if (SYS_COLLECTION == 'login' && SYS_TARGET == 'login') {
	$avoidChangedWorkspaceValidation = true;
	}

	//the index.php file, this new feature will allow automatically redirects to valid php file inside any methods folder
	/* DEPRECATED
	if ( SYS_TARGET == '' ) {
	$phpFile = str_replace ( '.php', 'index.php', $phpFile );
	$phpFile = include ( $phpFile );
	}*/
	$bWE = false;
	$isControllerCall = false;
	if ( substr(SYS_COLLECTION , 0,8) === 'gulliver' ) {
	$phpFile = PATH_GULLIVER_HOME . 'methods/' . substr( SYS_COLLECTION , 8) . SYS_TARGET.'.php';
	}
	else {
	//when the file is part of the public directory of any PROCESS, this a ProcessMaker feature
	if (preg_match('/^[0-9][[:alnum:]]+$/', SYS_COLLECTION) == 1) { //the pattern is /sysSYS/LANG/SKIN/PRO_UID/file
	$auxPart = explode ( '/' , $_SERVER['REQUEST_URI']);
	$aAux = explode('?', $auxPart[ count($auxPart)-1]);
	//$extPart = explode ( '.' , $auxPart[ count($auxPart)-1] );
	$extPart = explode ( '.' , $aAux[0] );
	$queryPart = isset($aAux[1])?$aAux[1]:"";
	$extension = $extPart[ count($extPart)-1 ];
	$phpFile = PATH_DATA_SITE . 'public' . PATH_SEP . SYS_COLLECTION . PATH_SEP . urldecode ($auxPart[ count($auxPart)-1]);
	$aAux = explode('?', $phpFile);
	$phpFile = $aAux[0];

	if ($extension != 'php') {
	G::streamFile($phpFile);
	die;
	}

	$avoidChangedWorkspaceValidation=true;
	$bWE = true;
	//$phpFile = PATH_DATA_SITE . 'public' . PATH_SEP . SYS_COLLECTION . PATH_SEP . $auxPart[ count($auxPart)-1];
	}

	//erik: verify if it is a Controller Class or httpProxyController Class
	if (is_file(PATH_CONTROLLERS . SYS_COLLECTION . '.php')) {
	$pathFile = $filter->validateInput(PATH_CONTROLLERS . SYS_COLLECTION . '.php','path');
	require_once $pathFile;
	$controllerClass = SYS_COLLECTION;
	//if the method name is empty set default to index method
	$controllerAction = SYS_TARGET != '' ? SYS_TARGET : 'index';
	//if the method exists
	if (is_callable(Array($controllerClass, $controllerAction)) ) {
	$isControllerCall = true;
	}
	}

	if (!$isControllerCall && ! file_exists($phpFile) && ! $isRestRequest) {
	$_SESSION['phpFileNotFound'] = $_SERVER['REQUEST_URI'];
	header("location: /errors/error404.php?url=" . urlencode($_SERVER['REQUEST_URI']));
	die;
	}
	}

	//redirect to login, if user changed the workspace in the URL
	if (! $avoidChangedWorkspaceValidation && isset($_SESSION['WORKSPACE']) && $_SESSION['WORKSPACE'] != config("system.workspace")) {
	$_SESSION['WORKSPACE'] = config("system.workspace");
	G::SendTemporalMessage ('ID_USER_HAVENT_RIGHTS_SYSTEM', "error");
	// verify if the current skin is a 'ux' variant
	$urlPart = substr(SYS_SKIN, 0, 2) == 'ux' && SYS_SKIN != 'uxs' ? '/main/login' : '/login/login';

	header('Location: /sys' . config("system.workspace") . '/' . SYS_LANG . '/' . SYS_SKIN . $urlPart);
	die;
	}

	// enable rbac
	$RBAC = &RBAC::getSingleton( PATH_DATA, session_id() );
	$RBAC->sSystem = 'PROCESSMAKER';

	// define and send Headers for all pages
	if (! defined('EXECUTE_BY_CRON')) {
	header("Expires: " . gmdate("D, d M Y H:i:s", mktime( 0,0,0,date('m'),date('d')-1,date('Y') ) ) . " GMT");
	header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
	header("Cache-Control: no-store, no-cache, must-revalidate");
	header("Cache-Control: post-check=0, pre-check=0", false);
	header("Pragma: no-cache");

	// get the language direction from ServerConf
	define('SYS_LANG_DIRECTION', $oServerConf->getLanDirection() );

	if((isset( $_SESSION['USER_LOGGED'] ))&&(!(isset($_GET['sid'])))) {
	if (PHP_VERSION < 5.2) {
	setcookie(session_name(), session_id(), time() + $timelife, '/', '; HttpOnly');
	} else {
	setcookie(session_name(), session_id(), time() + $timelife, '/', null, false, true);
	}
	$RBAC->initRBAC();
	//using optimization with memcache, the user data will be in memcache 8 hours, or until session id goes invalid
	$memKey = 'rbacSession' . session_id();
	if ( ($RBAC->aUserInfo = $memcache->get($memKey)) === false ) {
	$RBAC->loadUserRolePermission( $RBAC->sSystem, $_SESSION['USER_LOGGED'] );
	$memcache->set( $memKey, $RBAC->aUserInfo, PMmemcached::EIGHT_HOURS );
	}
	}
	else {
	// this is the blank list to allow execute scripts with no login (without session started)
	$noLoginFiles = $noLoginFolders = array();
	$noLoginFiles[] = 'login';
	$noLoginFiles[] = 'authentication';
	$noLoginFiles[] = 'login_Ajax';
	$noLoginFiles[] = 'dbInfo';
	$noLoginFiles[] = 'sysLoginVerify';
	$noLoginFiles[] = 'processes_Ajax';
	$noLoginFiles[] = 'showLogoFile';
	$noLoginFiles[] = 'forgotPassword';
	$noLoginFiles[] = 'retrivePassword';
	$noLoginFiles[] = 'genericAjax';

	$noLoginFolders[] = 'services';
	$noLoginFolders[] = 'tracker';
	$noLoginFolders[] = 'InstallerModule';

	// This sentence is used when you lost the Session
	if (! in_array(SYS_TARGET, $noLoginFiles)
	&& ! in_array(SYS_COLLECTION, $noLoginFolders)
	&& $bWE != true && $collectionPlugin != 'services'
	&& ! $isRestRequest
	) {
	$bRedirect = true;

	if (isset($_GET['sid'])) {
	$oSessions = new Sessions();
	if ($aSession = $oSessions->verifySession($_GET['sid'])) {
	require_once 'classes/model/Users.php';
	$oUser = new Users();
	$aUser = $oUser->load($aSession['USR_UID']);
	initUserSession($aUser['USR_UID'], $aUser['USR_USERNAME']);
	$bRedirect = false;
	if (PHP_VERSION < 5.2) {
	setcookie(session_name(), session_id(), time() + $timelife, '/', '; HttpOnly');
	} else {
	setcookie(session_name(), session_id(), time() + $timelife, '/', null, false, true);
	}
	$RBAC->initRBAC();
	$RBAC->loadUserRolePermission( $RBAC->sSystem, $_SESSION['USER_LOGGED'] );
	$memKey = 'rbacSession' . session_id();
	$memcache->set($memKey, $RBAC->aUserInfo, PMmemcached::EIGHT_HOURS );
	}
	}

	if ($bRedirect) {
	if (substr(SYS_SKIN, 0, 2) == 'ux' && SYS_SKIN != 'uxs') { // verify if the current skin is a 'ux' variant
	$loginUrl = 'main/login';
	}
	else if (strpos($_SERVER['REQUEST_URI'], '/home') !== false){ //verify is it is using the uxs skin for simplified interface
	$loginUrl = 'home/login';
	}
	else {
	$loginUrl = 'login/login'; // just set up the classic login
	}

	if (empty($_POST)) {
	header('location: ' . SYS_URI . $loginUrl . '?u=' . urlencode($_SERVER['REQUEST_URI']));

	}
	else {
	if ($isControllerCall) {
	header("HTTP/1.0 302 session lost in controller");
	}
	else {
	header('location: ' . SYS_URI . $loginUrl);
	}
	}
	die();
	}
	}
	}
	$_SESSION['phpLastFileFound'] = $_SERVER['REQUEST_URI'];

	/**
	* New feature for Gulliver framework to support Controllers & HttpProxyController classes handling
	* @author Erik Amaru Ortiz <erik@colosa.com, aortiz.erik@gmail.com>
	*/
	if ($isControllerCall) { //Instance the Controller object and call the request method
	$controller = new $controllerClass();
	$controller->setHttpRequestData($_REQUEST);
	$controller->call($controllerAction);
	} elseif ($isRestRequest) {
	G::dispatchRestService(SYS_TARGET, $restConfig, $restApiClassPath);
	} else {
	require_once $filter->validateInput($phpFile,'path');
	}

	if (defined('SKIP_HEADERS')){
	header("Expires: " . gmdate("D, d M Y H:i:s", mktime(0, 0, 0, date('m'), date('d'), date('Y') + 1)) . " GMT");
	header('Cache-Control: public');
	header('Pragma: ');
	}

	ob_end_flush();
	if (DEBUG_TIME_LOG) {
	G::logTimeByPage(); //log this page
	}
	}