110set_error_handler(
function ($errno, $errstr, $errfile, $errline) {
140 $fatalTypes = array(E_ERROR, E_PARSE, E_CORE_ERROR, E_COMPILE_ERROR, E_RECOVERABLE_ERROR);
296 $modul = $_GET[
'dbx_modul'] ??
'';
297 $run1 = $_GET[
'dbx_run1'] ??
'';
298 $mid = isset($_GET[
'dbx_mid']) ? (int)$_GET[
'dbx_mid'] : 0;
299 $thumb = isset($_GET[
'dbx_thumb']) && (string)$_GET[
'dbx_thumb'] ===
'1';
301 if ($modul !==
'dbxContent' || $run1 !==
'media' || $mid <= 0) {
306 $db =
dbx()->get_system_obj(
'dbxDB');
307 $row = is_object(
$db) ?
$db->select1(
'dbxMedia', array(
'id' => $mid,
'active' => 1),
'*', 0) : array();
308 if (!is_array($row) || (
int)($row[
'id'] ?? 0) <= 0) {
312 $rel_key = $thumb && !empty($row[
'thumb_file_path']) ?
'thumb_file_path' :
'file_path';
313 $rel = rawurldecode((
string)($row[$rel_key] ??
''));
314 $rel = str_replace(
'\\',
'/', $rel);
315 $rel = ltrim($rel,
'/');
316 if ($rel ===
'' || strpos($rel,
'..') !==
false || !preg_match(
'~^(media|dbxContent/media)/~i', $rel)) {
317 http_response_code(403);
324 $real = realpath($file);
325 if (!
$base || !$real || strpos($real,
$base) !== 0 || !is_file($real) || !is_readable($real)) {
326 if ($thumb && !empty($row[
'file_path'])) {
327 $fallback_rel = rawurldecode((
string)$row[
'file_path']);
328 $fallback_rel = ltrim(str_replace(
'\\',
'/', $fallback_rel),
'/');
330 $fallback_real = realpath($fallback_file);
331 if (
$base && $fallback_real && strpos($fallback_real,
$base) === 0 && is_file($fallback_real) && is_readable($fallback_real)) {
332 $real = $fallback_real;
333 $rel = $fallback_rel;
334 $mime = trim((
string)($row[
'mime'] ??
''));
336 $detected = function_exists(
'mime_content_type') ? mime_content_type($real) :
'';
337 $mime = $detected ?:
'application/octet-stream';
339 $file_name = trim((
string)($row[
'file_name'] ??
''));
340 if ($file_name ===
'') $file_name = basename($real);
341 $file_name = str_replace(
'"',
'', basename($file_name));
342 if (function_exists(
'session_status') && session_status() === PHP_SESSION_ACTIVE) {
343 session_write_close();
345 header(
'Content-Type: ' . $mime);
346 header(
'Content-Length: ' . filesize($real));
347 header(
'Content-Disposition: inline; filename="' . $file_name .
'"');
348 header(
'Accept-Ranges: bytes');
349 header(
'Cache-Control: private, max-age=3600');
350 header(
'X-Content-Type-Options: nosniff');
358 while (ob_get_level() > 0) {
362 $mime = trim((
string)($thumb && !empty($row[
'thumb_file_path']) ?
'image/jpeg' : ($row[
'mime'] ??
'')));
364 $detected = function_exists(
'mime_content_type') ? mime_content_type($real) :
'';
365 $mime = $detected ?:
'application/octet-stream';
368 $file_name = trim((
string)($row[
'file_name'] ??
''));
369 if ($file_name ===
'') $file_name = basename($real);
370 $file_name = str_replace(
'"',
'', basename($file_name));
372 if (function_exists(
'session_status') && session_status() === PHP_SESSION_ACTIVE) {
373 session_write_close();
376 $size = filesize($real);
378 $end = $size > 0 ? $size - 1 : 0;
379 $range = isset(
$_SERVER[
'HTTP_RANGE']) ? trim((
string)
$_SERVER[
'HTTP_RANGE']) :
'';
380 if ($range !==
'' && preg_match(
'/bytes=(\d*)-(\d*)/i', $range, $m)) {
381 if ($m[1] !==
'') $start = max(0, (
int)$m[1]);
382 if ($m[2] !==
'') $end = min($end, (
int)$m[2]);
383 if ($m[1] ===
'' && $m[2] !==
'') {
384 $suffix = max(0, (
int)$m[2]);
385 $start = max(0, $size - $suffix);
387 if ($start <= $end && $size > 0) {
388 http_response_code(206);
389 header(
'Content-Range: bytes ' . $start .
'-' . $end .
'/' . $size);
391 http_response_code(416);
392 header(
'Content-Range: bytes */' . $size);
397 header(
'Content-Type: ' . $mime);
398 header(
'Content-Length: ' . max(0, $end - $start + 1));
399 header(
'Content-Disposition: inline; filename="' . $file_name .
'"');
400 header(
'Accept-Ranges: bytes');
401 header(
'Cache-Control: private, max-age=3600');
402 header(
'X-Content-Type-Options: nosniff');
403 $out = fopen($real,
'rb');
405 if ($start > 0) fseek($out, $start);
406 $remaining = $end - $start + 1;
407 while ($remaining > 0 && !feof($out)) {
408 $chunk = fread($out, min(8192, $remaining));
409 if ($chunk ===
false || $chunk ===
'')
break;
411 $remaining -= strlen($chunk);
412 if (function_exists(
'connection_aborted') && connection_aborted())
break;
417 }
catch (Throwable $e) {
419 http_response_code(500);
428 $session_id = session_id();
430 dbx()->debug(
"#### Session #### PHP-ID=($session_id)");
435 dbx()->timer(
'system',
'full-app');
436 dbx()->timer(
'system-load',
'load Kernel');
440 $oWebApp =
dbx()->get_system_obj(
'dbxWebApp');
441 $oSession =
dbx()->get_system_obj(
'dbxSession');
442 $oInterpreter =
null;
443 dbx()->timer(
'system-load');
445 dbx()->timer(
'session-load',
'Session load');
446 $oSession->load_session();
447 dbx()->timer(
'session-load');
449 dbx()->timer(
'system-check',
'System check');
450 dbx()->set_system_var(
'dbx_activ_modul',
'dbx');
453 $oWebApp->check_request();
454 $oWebApp->check_remember();
455 $oWebApp->check_lng();
457 $oWebApp->check_missing();
458 $sync=
dbx()->get_request_var(
'dbx_sync',1,
'int');
459 $oWebApp->check_perma();
460 $oWebApp->check_config();
461 $oWebApp->check_design();
462 $oWebApp->check_modul();
465 $self =
dbx()->get_self_url();
468 $ajax =
dbx()->get_system_var(
'dbx_ajax',0,
'int');
470 $cache =
dbx()->get_config(
'dbx',
'cache');
471 $perma =
dbx()->get_system_var(
'dbx_permalink',
'undef');
472 $modul =
dbx()->get_system_var(
'dbx_modul' ,
'undef');
473 $action=
dbx()->get_system_var(
'dbx_run1' ,
'undef');
474 dbx()->debug(
"#DBX RUN Base-URL($base) Self=($self) Ajax=($ajax) Perma ($perma) User=($uid) SYS CACHE=($cache) ");
476 dbx()->timer(
'system-check');
478 dbx()->timer($modul,
'Master-Modul');
479 $modul_content=$oWebApp->run();
480 dbx()->timer($modul);
482 dbx()->timer(
'page-load',
'Page-Load');
483 dbx()->debug(
"#RUN-DBXWEBAPP SYNC=$sync");
487 $page_content =$oWebApp->design_load($modul_content);
488 if ($oInterpreter ===
null) {
489 $oInterpreter =
dbx()->get_system_obj(
'dbxInterpreter');
491 dbx()->timer(
'interpreter',
'Interpreter');
492 $page_content=$oInterpreter->run($page_content);
493 dbx()->timer(
'interpreter');
498 $page_content=$oWebApp->add_norep($page_content);
499 $page_content=$oWebApp->add_editor_files_data($page_content);
502 $page_content=$oWebApp->out_filter($page_content);
504 dbx()->debug(
"no sync no output");
505 http_response_code(204);
507 dbx()->timer(
'page-load');
508 dbx()->debug(
"call session_save($sync)");
509 $oSession->save_session();
510 $oSession->clean_session();
511 if (!empty($GLOBALS[
'dbx_session_destroy_pending'])) {
512 $oSession->destroy_php_session();
514 dbx()->timer(
'system');
515 return $page_content;
521 dbx()->send_runtime_headers();
524while (ob_get_level() > 0) ob_end_flush();
526dbx()->debug_timer(0);
527if (
$syncRequest && (
int)
dbx()->get_system_var(
'dbx_ajax', 0,
'int') !== 1) {
528 dbx()->store_performance_timer();