luos/workflow/public_html/sysGeneric.php

<?php
/**
 * Bootstrap.php
 *
 * ProcessMaker Open Source Edition
 * Copyright (C) 2004 - 2008 Colosa Inc.
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. BaseCaseTrackerObjectPeerSee the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 *
 * For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
 * Coral Gables, FL, 33134, USA, or email info@colosa.com.
 */

use Illuminate\Foundation\Http\Kernel;
use ProcessMaker\Plugins\PluginRegistry;

/**
 * bootstrap - ProcessMaker Bootstrap
 * this file is used initialize main variables, redirect and dispatch all requests
 */

function transactionLog($transactionName){
    if (extension_loaded('newrelic')) {
        $baseName="ProcessMaker";

        //Application base name
        newrelic_set_appname ($baseName);


        //Custom parameters
        if(!empty(config("system.workspace"))){
            newrelic_add_custom_parameter ("workspace", config("system.workspace"));
        }
        if(defined("SYS_LANG")){
            newrelic_add_custom_parameter ("lang", SYS_LANG);
        }
        if(defined("SYS_SKIN")){
            newrelic_add_custom_parameter ("skin", SYS_SKIN);
        }
        if(defined("SYS_COLLECTION")){
            newrelic_add_custom_parameter ("collection", SYS_COLLECTION);
        }
        if(defined("SYS_TARGET")){
            newrelic_add_custom_parameter ("target", SYS_TARGET);
        }
        if(defined("SYS_URI")){
            newrelic_add_custom_parameter ("uri", SYS_URI);
        }
        if(defined("PATH_CORE")){
            newrelic_add_custom_parameter ("path_core", PATH_CORE);
        }
        if(defined("PATH_DATA_SITE")){
            newrelic_add_custom_parameter ("path_site", PATH_DATA_SITE);
        }

        //Show correct transaction name
        if(!empty(config("system.workspace"))){
            newrelic_set_appname ("PM-".config("system.workspace").";$baseName");
        }
        if(defined("PATH_CORE")){
            $transactionName=str_replace(PATH_CORE,"",$transactionName);
        }
        newrelic_name_transaction ($transactionName);
    }
}

// Validating if exists 'HTTP_USER_AGENT' key in $_SERVER array
if (!isset($_SERVER['HTTP_USER_AGENT'])) {
    $_SERVER['HTTP_USER_AGENT'] = '';
}

// Defining the PATH_SEP constant, he we are defining if the the path separator symbol will be '\\' or '/'
define( 'PATH_SEP', '/' );

// Defining the Home Directory
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
$docuroot = explode( PATH_SEP, $realdocuroot );

array_pop( $docuroot );
$pathhome = implode( PATH_SEP, $docuroot ) . PATH_SEP;

// try to find automatically the trunk directory where are placed the RBAC and Gulliver directories
// in a normal installation you don't need to change it.
array_pop( $docuroot );
$pathTrunk = implode( PATH_SEP, $docuroot ) . PATH_SEP;

array_pop( $docuroot );
$pathOutTrunk = implode( PATH_SEP, $docuroot ) . PATH_SEP;

define( 'PATH_HOME', $pathhome );
define( 'PATH_TRUNK', $pathTrunk );
define( 'PATH_OUTTRUNK', $pathOutTrunk );

//we are focusing in have this behaivour
//1. if the uri is a existing file return the file inmediately
//2. if the uri point to png, jpg, js, or css mapped in other place, return it inmediately
//3. process the uri,

//here we are putting approved CONSTANTS, I mean constants be sure we need,
define( 'PATH_HTML', PATH_HOME . 'public_html' . PATH_SEP );

//this is the first path, if the file exists...
$request = substr($_SERVER['REQUEST_URI'], 1, strlen($_SERVER['REQUEST_URI'])); //removes the first '/'
$fileWithoutParam = explode("?", $request); // split the URI by '?'
$request = $fileWithoutParam[0];            // get the first element of the split URI
$requestFile = PATH_HTML . $request;        // temporary assemble a path for the file embedded in the URI
if (file_exists($requestFile)) {
    if (!is_file($requestFile)) {
        header( "location: /errors/error404.php?url=" . urlencode( $_SERVER['REQUEST_URI'] ) );
        die;
    }
    if ($request === "app.php" || $request === "sysGeneric.php") {
        //HTTP/1.0 403 Forbidden
        http_response_code(403);
    }
    $pos = strripos($request, ".") + 1;
    $size = strlen($request);
    if($pos < $size) {
        //if this file got an extension then assign the content
        $ext_file = substr($request, $pos, $size);
        if ($ext_file == "gif" || $ext_file == "png") {
            $ext_file = 'image/'.$ext_file ;
        } elseif ($ext_file == "jpg" || $ext_file == "jpeg") {
            $ext_file = 'image/jpeg';
        } elseif ($ext_file == "swf") {
            $ext_file = "application/x-shockwave-flash";
        } elseif ($ext_file == "json" || $ext_file == "htc" ) {
            $ext_file = "text/plain";
        } elseif ($ext_file == "htm" || $ext_file == "html" || $ext_file == "txt") {
            $ext_file = "text/html";
        } elseif ($ext_file == "doc" || $ext_file == "pdf" || $ext_file == "pm" || $ext_file == "po") {
            $ext_file = "application/octet-stream";
        } elseif ($ext_file == "tar") {
            $ext_file = "application/x-tar";
        } elseif ($ext_file == "woff") {
            $ext_file = "application/font-woff";
        } elseif ($ext_file == "js") {
            $ext_file = "text/javascript";
        } elseif ($ext_file=="css") {
            //may this line be innecesary, all the .css are been generated at run time
            $ext_file = 'text/css';
        } else {
            $ext_file = "application/octet-stream";
        }
        header ('Content-Type: ' . $ext_file);
    }
    header ( 'Pragma: cache' );
    $mtime = filemtime ( $requestFile );
    $gmt_mtime = gmdate ( "D, d M Y H:i:s", $mtime ) . " GMT";
    header ( 'ETag: "' . Bootstrap::encryptOld ( $mtime . $requestFile ) . '"' );
    header ( "Last-Modified: " . $gmt_mtime );
    header ( 'Cache-Control: public' );
    $userAgent = strtolower ( $_SERVER ['HTTP_USER_AGENT'] );
    if (preg_match ( "/msie/i", $userAgent )) {
        header ( "Expires: " . gmdate ( "D, d M Y H:i:s", time () + 60 * 10 ) . " GMT" );
    } else {
        header ( "Expires: " . gmdate ( "D, d M Y H:i:s", time () + 90 * 60 * 60 * 24 ) . " GMT" );
        if (isset ( $_SERVER ['HTTP_IF_MODIFIED_SINCE'] )) {
            if ($_SERVER ['HTTP_IF_MODIFIED_SINCE'] == $gmt_mtime) {
                header ( 'HTTP/1.1 304 Not Modified' );
            }
        }
        if (isset ( $_SERVER ['HTTP_IF_NONE_MATCH'] )) {
            if (str_replace ( '"', '', stripslashes ( $_SERVER ['HTTP_IF_NONE_MATCH'] ) ) == Bootstrap::encryptOld ( $mtime . $requestFile )) {
                header ( "HTTP/1.1 304 Not Modified" );
            }
        }
    }
    readfile($requestFile);
    die;
}


// Defining RBAC Paths constants
define( 'PATH_RBAC_HOME', PATH_TRUNK . 'rbac' . PATH_SEP );

// Defining Gulliver framework paths constants
define( 'PATH_GULLIVER_HOME', PATH_TRUNK . 'gulliver' . PATH_SEP );
define( 'PATH_GULLIVER', PATH_GULLIVER_HOME . 'system' . PATH_SEP ); //gulliver system classes
define( 'PATH_GULLIVER_BIN', PATH_GULLIVER_HOME . 'bin' . PATH_SEP ); //gulliver bin classes
define( 'PATH_TEMPLATE', PATH_GULLIVER_HOME . 'templates' . PATH_SEP );
define( 'PATH_THIRDPARTY', PATH_TRUNK . 'thirdparty' . PATH_SEP );
define( 'PATH_RBAC', PATH_RBAC_HOME . 'engine' . PATH_SEP . 'classes' . PATH_SEP ); //to enable rbac version 2
define( 'PATH_RBAC_CORE', PATH_RBAC_HOME . 'engine' . PATH_SEP );

// Defining PMCore Path constants
define( 'PATH_CORE', PATH_HOME . 'engine' . PATH_SEP );
define( 'PATH_CLASSES', PATH_HOME . "engine" . PATH_SEP . "classes" . PATH_SEP );
define( 'PATH_SKINS', PATH_CORE . 'skins' . PATH_SEP );
define( 'PATH_SKIN_ENGINE', PATH_CORE . 'skinEngine' . PATH_SEP );
define( 'PATH_METHODS', PATH_CORE . 'methods' . PATH_SEP );
define( 'PATH_XMLFORM', PATH_CORE . 'xmlform' . PATH_SEP );
define( 'PATH_CONFIG', PATH_CORE . 'config' . PATH_SEP );
define( 'PATH_PLUGINS', PATH_CORE . 'plugins' . PATH_SEP );
define( 'PATH_HTMLMAIL', PATH_CORE . 'html_templates' . PATH_SEP );
define( 'PATH_TPL', PATH_CORE . 'templates' . PATH_SEP );
define( 'PATH_TEST', PATH_CORE . 'test' . PATH_SEP );
define( 'PATH_FIXTURES', PATH_TEST . 'fixtures' . PATH_SEP );
define( 'PATH_RTFDOCS', PATH_CORE . 'rtf_templates' . PATH_SEP );
define( 'PATH_DYNACONT', PATH_CORE . 'content' . PATH_SEP . 'dynaform' . PATH_SEP );
//define( 'PATH_LANGUAGECONT',PATH_CORE . 'content' . PATH_SEP . 'languages' . PATH_SEP );
define( 'SYS_UPLOAD_PATH', PATH_HOME . "public_html/files/" );
define( 'PATH_UPLOAD', PATH_HTML . 'files' . PATH_SEP );

define( 'PATH_WORKFLOW_MYSQL_DATA', PATH_CORE . 'data' . PATH_SEP . 'mysql' . PATH_SEP );
define( 'PATH_RBAC_MYSQL_DATA', PATH_RBAC_CORE . 'data' . PATH_SEP . 'mysql' . PATH_SEP );
define( 'FILE_PATHS_INSTALLED', PATH_CORE . 'config' . PATH_SEP . 'paths_installed.php' );
define( 'PATH_WORKFLOW_MSSQL_DATA', PATH_CORE . 'data' . PATH_SEP . 'mssql' . PATH_SEP );
define( 'PATH_RBAC_MSSQL_DATA', PATH_RBAC_CORE . 'data' . PATH_SEP . 'mssql' . PATH_SEP );
define( 'PATH_CONTROLLERS', PATH_CORE . 'controllers' . PATH_SEP );

// include Gulliver Class

if (file_exists( FILE_PATHS_INSTALLED )) {

    // include the server installed configuration
    require_once FILE_PATHS_INSTALLED;

    // defining system constant when a valid server environment exists
    define( 'PATH_LANGUAGECONT', PATH_DATA . "META-INF" . PATH_SEP );
    define( 'PATH_CUSTOM_SKINS', PATH_DATA . 'skins' . PATH_SEP );
    define( 'PATH_TEMPORAL', PATH_C . 'dynEditor/' );
    define( 'PATH_DB', PATH_DATA . 'sites' . PATH_SEP );

    // smarty constants
    define( 'PATH_SMARTY_C', PATH_C . 'smarty' . PATH_SEP . 'c' );
    define( 'PATH_SMARTY_CACHE', PATH_C . 'smarty' . PATH_SEP . 'cache' );

    /* TO DO: put these line in other part of code*/
    Bootstrap::verifyPath ( PATH_SMARTY_C,     true );
    Bootstrap::verifyPath ( PATH_SMARTY_CACHE, true );
}

// set include path
set_include_path( PATH_CORE . PATH_SEPARATOR .
                  PATH_THIRDPARTY . PATH_SEPARATOR .
                  PATH_THIRDPARTY . 'pear' . PATH_SEPARATOR .
                  PATH_RBAC_CORE . PATH_SEPARATOR .
                  get_include_path()
);

/**
 * Global definitions, before it was the defines.php file
 */

// URL Key
define( "URL_KEY", 'c0l0s40pt1mu59r1m3' );

// Other definitions
define( 'TIMEOUT_RESPONSE', 100 ); //web service timeout
define( 'APPLICATION_CODE', 'ProcessMaker' ); //to login like workflow system
define( 'MAIN_POFILE', 'processmaker' );
define( 'PO_SYSTEM_VERSION', 'PM 4.0.1' );

$G_CONTENT = NULL;
$G_MESSAGE = "";
$G_MESSAGE_TYPE = "info";
$G_MENU_SELECTED = - 1;
$G_MAIN_MENU = "default";

// Environment definitions
define( 'G_PRO_ENV', 'PRODUCTION' );
define( 'G_DEV_ENV', 'DEVELOPMENT' );
define( 'G_TEST_ENV', 'TEST' );

// Number of files per folder at PATH_UPLOAD (cases documents)
define( 'APPLICATION_DOCUMENTS_PER_FOLDER', 1000 );

// Server of ProcessMaker Library
define( 'PML_SERVER', 'http://library.processmaker.com' );
define( 'PML_WSDL_URL', PML_SERVER . '/syspmLibrary/en/green/services/wsdl' );
define( 'PML_UPLOAD_URL', PML_SERVER . '/syspmLibrary/en/green/services/uploadProcess' );
define( 'PML_DOWNLOAD_URL', PML_SERVER . '/syspmLibrary/en/green/services/download' );

G::defineConstants();

$config = Bootstrap::getSystemConfiguration();

// starting session
if (isset($config['session.gc_maxlifetime'])) {
    $timelife = $config['session.gc_maxlifetime'];
} else {
    $timelife = ini_get('session.gc_maxlifetime');
}
if (is_null($timelife)) {
    $timelife = 1440;
}
ini_set('session.gc_maxlifetime', $timelife);
if ((preg_match("/msie/i", $_SERVER ['HTTP_USER_AGENT']) != 1 ||
   $config['ie_cookie_lifetime'] == 1) &&
   (!(preg_match("/safari/i", $_SERVER ['HTTP_USER_AGENT']) == 1 && preg_match("/chrome/i", $_SERVER ['HTTP_USER_AGENT']) == 0) ||
   $config['safari_cookie_lifetime'] == 1)) {
    ini_set('session.cookie_lifetime', $timelife);
}
session_start();

if (!(array_key_exists('REMOTE_USER', $_SERVER) && (string)($_SERVER['REMOTE_USER']) != '')) {
    ini_set('session.cookie_httponly', 1);
    ini_set('session.cookie_secure', 1);
}
//$e_all = defined( 'E_DEPRECATED' ) ? E_ALL & ~ E_DEPRECATED : E_ALL;
//$e_all = defined( 'E_STRICT' ) ? $e_all & ~ E_STRICT : $e_all;
//$e_all = $config['debug'] ? $e_all : $e_all & ~ E_NOTICE;
//$e_all = E_ALL & ~ E_DEPRECATED & ~ E_STRICT & ~ E_NOTICE  & ~E_WARNING;

// Do not change any of these settings directly, use env.ini instead
ini_set( 'display_errors', $config['display_errors']);
ini_set( 'error_reporting', $config['error_reporting']);
ini_set( 'short_open_tag', 'On' );
ini_set( 'default_charset', "UTF-8" );
ini_set( 'memory_limit', $config['memory_limit'] );
ini_set( 'soap.wsdl_cache_enabled', $config['wsdl_cache'] );
ini_set('date.timezone', $config['time_zone']); //Set Time Zone

define( 'DEBUG_SQL_LOG', $config['debug_sql'] );
define( 'DEBUG_SQL', $config['debug'] );
define( 'DEBUG_TIME_LOG', $config['debug_time'] );
define( 'DEBUG_CALENDAR_LOG', $config['debug_calendar'] );
define( 'MEMCACHED_ENABLED', $config['memcached'] );
define( 'MEMCACHED_SERVER', $config['memcached_server'] );

define ('WS_IN_LOGIN', isset($config['WS_IN_LOGIN']) ? $config['WS_IN_LOGIN'] : 'serverconf');

define('LOAD_HEADERS_IE', $config['load_headers_ie']);
define('LEAVE_CASE_WARNING', $config['leave_case_warning']);
define('REDIRECT_TO_MOBILE', $config['redirect_to_mobile']);
define('DISABLE_PHP_UPLOAD_EXECUTION', $config['disable_php_upload_execution']);
define('DISABLE_DOWNLOAD_DOCUMENTS_SESSION_VALIDATION', $config['disable_download_documents_session_validation']);

// IIS Compatibility, SERVER_ADDR doesn't exist on that env, so we need to define it.
$_SERVER['SERVER_ADDR'] = isset( $_SERVER['SERVER_ADDR'] ) ? $_SERVER['SERVER_ADDR'] : $_SERVER['SERVER_NAME'];

//to do: make different environments.  sys

//check if it is a installation instance
if (! defined( 'PATH_C' )) {
// is a intallation instance, so we need to define PATH_C and PATH_LANGUAGECONT constants temporarily
define( 'PATH_C', (rtrim( Bootstrap::sys_get_temp_dir(), PATH_SEP ) . PATH_SEP) );
define( 'PATH_LANGUAGECONT', PATH_HOME . 'engine/content/languages/' );
}

//Load filter class
$skinPathErrors = G::skinGetPathToSrcByVirtualUri("errors", $config);
$skinPathUpdate = G::skinGetPathToSrcByVirtualUri("update", $config);

// defining Virtual URLs
$virtualURITable = array ();
$virtualURITable['/plugin/(*)'] = 'plugin';
$virtualURITable['/(sys\w{0,})/(\w{0,}.js)'] = 'jsMethod';
$virtualURITable['/js/(*)'] = PATH_GULLIVER_HOME . 'js/';
$virtualURITable['/jscore/(*)'] = PATH_CORE . 'js/';

if (defined( 'PATH_C' )) {
    $virtualURITable['/jsform/(*.js)'] = PATH_C . 'xmlform/';
    $virtualURITable['/extjs/(*)'] = PATH_C . 'ExtJs/';
}

$virtualURITable['/htmlarea/(*)'] = PATH_THIRDPARTY . 'htmlarea/';
//$virtualURITable['/sys[a-zA-Z][a-zA-Z0-9]{0,}()/'] = 'sysNamed';
$virtualURITable['/(sys*)'] = FALSE;
$virtualURITable["/errors/(*)"] = ($skinPathErrors != "")? $skinPathErrors : PATH_GULLIVER_HOME . "methods" . PATH_SEP . "errors" . PATH_SEP;
$virtualURITable['/gulliver/(*)'] = PATH_GULLIVER_HOME . 'methods/';
$virtualURITable['/controls/(*)'] = PATH_GULLIVER_HOME . 'methods/controls/';
$virtualURITable['/html2ps_pdf/(*)'] = PATH_THIRDPARTY . 'html2ps_pdf/';
//$virtualURITable['/images/'] = 'errorFile';
//$virtualURITable['/skins/'] = 'errorFile';
//$virtualURITable['/files/'] = 'errorFile';
$virtualURITable["/update/(*)"] = ($skinPathUpdate != "")? $skinPathUpdate : PATH_GULLIVER_HOME . "methods" . PATH_SEP . "update" . PATH_SEP;
//$virtualURITable['/(*)'] = PATH_HTML;
$virtualURITable['/css/(*)'] = PATH_HTML . 'css/'; //ugly
$virtualURITable['/skin/(*)'] = PATH_HTML;
$virtualURITable['/skins/(*)'] = PATH_HTML . 'skins/'; //ugly
$virtualURITable['/images/(*)'] = PATH_HTML . 'images/'; //ugly
$virtualURITable['/[a-zA-Z][a-zA-Z0-9]{0,}/'] = 'errorFile';

// Verify if we need to redirect or stream the file, if G:VirtualURI returns true means we are going to redirect the page
if (Bootstrap::virtualURI( $_SERVER['REQUEST_URI'], $virtualURITable, $realPath )) {
    // review if the file requested belongs to public_html plugin
    if (substr( $realPath, 0, 6 ) == 'plugin') {
        // Another way to get the path of Plugin public_html and stream the correspondent file, By JHL Jul 14, 08
        // TODO: $pathsQuery will be used?
        $pathsQuery = '';
        // Get the query side
        // Did we use this variable $pathsQuery for something??
        $forQuery = explode( "?", $realPath );
        if (isset( $forQuery[1] )) {
            $pathsQuery = $forQuery[1];
        }

        //Get that path in array
        $paths = explode( PATH_SEP, $forQuery[0] );
        //remove the "plugin" word from
        $paths[0] = substr( $paths[0], 6 );
        //Get the Plugin Folder, always the first element
        $pluginFolder = array_shift( $paths );
        //The other parts are the realpath into public_html (no matter how many elements)
        $filePath = implode( PATH_SEP, $paths );
        $pluginFilename = PATH_PLUGINS . $pluginFolder . PATH_SEP . 'public_html' . PATH_SEP . $filePath;

        if (file_exists( $pluginFilename )) {
            //NewRelic Snippet - By JHL
            transactionLog($pluginFilename);

            Bootstrap::streamFile( $pluginFilename, false, '', true );
        }
        die();
    }

    $requestUriArray = explode( "/", $_SERVER['REQUEST_URI'] );

    if ((isset( $requestUriArray[1] )) && ($requestUriArray[1] == 'skin')) {
        // This will allow to public images of Custom Skins, By JHL Feb 28, 11
        $pathsQuery = "";
        // Get the query side
        // This way we remove garbage
        $forQuery = explode( "?", $realPath );
        if (isset( $forQuery[1] )) {
            $pathsQuery = $forQuery[1];
        }

        //Get that path in array
        $paths = explode( PATH_SEP, $forQuery[0] );
        $url = (preg_match("/^(.*)\?.*$/", $_SERVER["REQUEST_URI"], $arrayMatch))? $arrayMatch[1] : $_SERVER["REQUEST_URI"];

        $fileToBeStreamed = str_replace("/skin/", PATH_CUSTOM_SKINS, $url);

        if (file_exists( $fileToBeStreamed )) {
            //NewRelic Snippet - By JHL
            transactionLog($fileToBeStreamed);

            Bootstrap::streamFile( $fileToBeStreamed );
        }
        die();
    }

    switch ($realPath) {
        case 'jsMethod':
            Bootstrap::parseURI( getenv( "REQUEST_URI" ) );
            $filename = PATH_METHODS . SYS_COLLECTION . '/' . SYS_TARGET . '.js';
            //NewRelic Snippet - By JHL
            transactionLog($filename);
            Bootstrap::streamFile( $filename );
            die();
            break;
        case 'errorFile':
            header('Status: 404');
            header( "location: /errors/error404.php?url=" . urlencode( $_SERVER['REQUEST_URI'] ) );
            if (DEBUG_TIME_LOG)
                Bootstrap::logTimeByPage(); //log this page
            die();
            break;
        default:
            //Process files loaded with tag head in HTML
            $realPath = explode( '?', $realPath );
            $realPath[0] .= strpos( basename( $realPath[0] ), '.' ) === false ? '.php' : '';
            //NewRelic Snippet - By JHL
            transactionLog($realPath[0]);

            Bootstrap::streamFile( $realPath[0] );
            die();
    }
} //virtual URI parser

// the request correspond to valid php page, now parse the URI
$arrayFriendlyUri = [];
$arrayFriendlyUri['cases/opencase'] = '/^[\w\-]{32}$/';

Bootstrap::parseURI(getenv('REQUEST_URI'), $arrayFriendlyUri);

if (SYS_TARGET === false) {
    header('Status: 404');
    header('Location: /errors/error404.php?url=' . urlencode($_SERVER['REQUEST_URI']));
    exit(0);
}

// Bootstrap::mylog("sys_temp: ".SYS_TEMP);
$arrayUpdating = Bootstrap::isPMUnderUpdating();
if ($arrayUpdating['action']) {
    if ($arrayUpdating['workspace'] == "true" || $arrayUpdating['workspace'] == SYS_TEMP) {
        header("location: /update/updating.php");
        if (DEBUG_TIME_LOG)
            Bootstrap::logTimeByPage();
        die();
    }
}

// verify if index.html exists
if (! file_exists( PATH_HTML . 'index.html' )) { // if not, create it from template
    file_put_contents( PATH_HTML . "index.html", Bootstrap::parseTemplate( PATH_TPL . "index.html", array ("lang" => ((defined("SYS_LANG") && SYS_LANG != "")? SYS_LANG : "en"), "skin" => SYS_SKIN
    ) ) );
}

define( 'SYS_URI', '/sys' . SYS_TEMP . '/' . SYS_LANG . '/' . SYS_SKIN . '/' );

// defining the serverConf singleton
if (defined( 'PATH_DATA' ) && file_exists( PATH_DATA )) {
    //Instance Server Configuration Singleton
    $oServerConf = & ServerConf::getSingleton();
}



// Create headPublisher singleton

$oHeadPublisher = & headPublisher::getSingleton();

// Installer, redirect to install if we don't have a valid shared data folder
if (! defined( 'PATH_DATA' ) || ! file_exists( PATH_DATA )) {
    // new installer, extjs based
    define( 'PATH_DATA', PATH_C );
    //NewRelic Snippet - By JHL
    transactionLog(PATH_CONTROLLERS.'installer.php');
    $pathFile = PATH_CONTROLLERS . 'installer.php';
    require_once ($pathFile);
    $controller = InstallerModule::class;

    // if the method name is empty set default to index method
    if (strpos( SYS_TARGET, '/' ) !== false) {
        list ($controller, $controllerAction) = explode( '/', SYS_TARGET );
    } else {
        $controllerAction = SYS_TARGET;
    }

    $controllerAction = ($controllerAction != '' && $controllerAction != 'login') ? $controllerAction : 'index';

    // create the installer controller and call its method
    if (is_callable( Array (InstallerModule::class,$controllerAction
    ) )) {
        $installer = new $controller();
        $installer->setHttpRequestData( $_REQUEST );
        //NewRelic Snippet - By JHL
        transactionLog($controllerAction);

        $installer->call( $controllerAction );
    } else {
        $_SESSION['phpFileNotFound'] = $_SERVER['REQUEST_URI'];
        header('Status: 404');
        header( "location: /errors/error404.php?url=" . urlencode( $_SERVER['REQUEST_URI'] ) );
    }
    die();
}

app()->useStoragePath(realpath(PATH_DATA));
app()->make(Kernel::class)->bootstrap();
restore_error_handler();
//Overwrite with the Processmaker env.ini configuration used in production environments
//@todo: move env.ini configuration to .env
ini_set( 'display_errors', $config['display_errors']);
ini_set( 'error_reporting', $config['error_reporting']);
ini_set( 'short_open_tag', 'On' );
ini_set( 'default_charset', "UTF-8" );
ini_set( 'memory_limit', $config['memory_limit'] );
ini_set( 'soap.wsdl_cache_enabled', $config['wsdl_cache'] );
ini_set('date.timezone', $config['time_zone']); //Set Time Zone

// Load Language Translation
Bootstrap::LoadTranslationObject( defined( 'SYS_LANG' ) ? SYS_LANG : "en" );

// look for a disabled workspace
if ($oServerConf->isWSDisabled( SYS_TEMP )) {
    $aMessage['MESSAGE'] = Bootstrap::LoadTranslation( 'ID_DISB_WORKSPACE' );
    $G_PUBLISH = new Publisher();
    $G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'login/showMessage', '', $aMessage );
    Bootstrap::RenderPage( 'publish' );
    die();
}

// database and workspace definition
// if SYS_TEMP exists, the URL has a workspace, now we need to verify if exists their db.php file
if (defined( 'SYS_TEMP' ) && SYS_TEMP != '') {
    //this is the default, the workspace db.php file is in /shared/workflow/sites/SYS_SYS
    $pathFile = PATH_DB . SYS_TEMP . '/db.php';
    if (file_exists( $pathFile )) {
        require_once ($pathFile);
        define( 'SYS_SYS', SYS_TEMP );
        config(["system.workspace" => SYS_TEMP]);

        // defining constant for workspace shared directory
        define( 'PATH_WORKSPACE', PATH_DB . config("system.workspace") . PATH_SEP );
        // including workspace shared classes -> particularlly for pmTables
        set_include_path( get_include_path() . PATH_SEPARATOR . PATH_WORKSPACE );
    } else {
        if (SYS_LANG != '' && SYS_SKIN != '') {
            Bootstrap::SendTemporalMessage( 'ID_NOT_WORKSPACE', "error" );
            Bootstrap::header( 'location: /sys/' . SYS_LANG . '/' . SYS_SKIN . '/main/sysLogin?errno=2' );
        } else {
            header('Status: 404');
            header('location: /errors/error404.php?url=' . urlencode($_SERVER['REQUEST_URI']));
        }
        die();
    }
} else { //when we are in global pages, outside any valid workspace
    if (SYS_TARGET === 'newSite') {
        $phpFile = G::ExpandPath( 'methods' ) . SYS_COLLECTION . "/" . SYS_TARGET . '.php';
        //NewRelic Snippet - By JHL
        transactionLog($phpFile);
        require_once ($phpFile);
        die();
    } else {
        if (SYS_TARGET == "dbInfo") { //Show dbInfo when no SYS_SYS
            $pathFile = PATH_METHODS . "login/dbInfo.php";
            require_once ($pathFile);
        } else {

            if (substr( SYS_SKIN, 0, 2 ) === 'ux' && SYS_TARGET != 'sysLoginVerify') { // new ux sysLogin - extjs based form
                $pathFile = PATH_CONTROLLERS . 'main.php';
                require_once $pathFile;
                $controllerClass = 'Main';
                $controllerAction = SYS_TARGET == 'sysLoginVerify' ? SYS_TARGET : 'sysLogin';
                //if the method exists
                if (is_callable( Array ($controllerClass,$controllerAction
                ) )) {
                    $controller = new $controllerClass();
                    $controller->setHttpRequestData( $_REQUEST );
                    $controller->call( $controllerAction );
                }
            } else { // classic sysLogin interface
                $pathFile = PATH_METHODS . "login/sysLogin.php";
                require_once ($pathFile);
                die();
            }
        }
        if (DEBUG_TIME_LOG)
            Bootstrap::logTimeByPage(); //log this page
        die();
    }
}

// PM Paths DATA
define( 'PATH_DATA_SITE', PATH_DATA . 'sites/' . config("system.workspace") . '/' );
define( 'PATH_DOCUMENT', PATH_DATA_SITE . 'files/' );
define( 'PATH_DATA_MAILTEMPLATES', PATH_DATA_SITE . 'mailTemplates/' );
define( 'PATH_DATA_PUBLIC', PATH_DATA_SITE . 'public/' );
define( 'PATH_DATA_REPORTS', PATH_DATA_SITE . 'reports/' );
define( 'PATH_DYNAFORM', PATH_DATA_SITE . 'xmlForms/' );
define( 'PATH_IMAGES_ENVIRONMENT_FILES', PATH_DATA_SITE . 'usersFiles' . PATH_SEP );
define( 'PATH_IMAGES_ENVIRONMENT_USERS', PATH_DATA_SITE . 'usersPhotographies' . PATH_SEP );
define( 'SERVER_NAME', $_SERVER['SERVER_NAME'] );
define( 'SERVER_PORT', $_SERVER['SERVER_PORT'] );



// create memcached singleton
$memcache = & PMmemcached::getSingleton( config("system.workspace") );

// load Plugins base class

// setup propel definitions and logging
//changed to autoloader

if (defined( 'DEBUG_SQL_LOG' ) && DEBUG_SQL_LOG) {
    define( 'PM_PID', mt_rand( 1, 999999 ) );
    require_once 'Log.php';

    // register debug connection decorator driver
    Creole::registerDriver( '*', 'creole.contrib.DebugConnection' );

    // initialize Propel with converted config file
    Propel::init( PATH_CORE . "config/databases.php" );

    // unified log file for all databases
    $logFile = PATH_DATA . 'log' . PATH_SEP . 'propel.log';
    $logger = Log::singleton( 'file', $logFile, 'wf ' . config("system.workspace"), null, PEAR_LOG_INFO );
    Propel::setLogger( $logger );
    // log file for workflow database
    $con = Propel::getConnection( 'workflow' );
    if ($con instanceof DebugConnection) {
        $con->setLogger( $logger );
    }
    // log file for rbac database
    $con = Propel::getConnection( 'rbac' );

    if ($con instanceof DebugConnection) {
        $con->setLogger( $logger );
    }

    // log file for report database
    $con = Propel::getConnection( 'rp' );
    if ($con instanceof DebugConnection) {
        $con->setLogger( $logger );
    }
} else {
    Propel::init( PATH_CORE . "config/databases.php" );
}

//here we are loading all plugins registered
//the singleton has a list of enabled plugins
$oPluginRegistry = PluginRegistry::loadSingleton();
$attributes = $oPluginRegistry->getAttributes();
Bootstrap::LoadTranslationPlugins( defined( 'SYS_LANG' ) ? SYS_LANG : "en" , $attributes);

//Set Time Zone
/*----------------------------------********---------------------------------*/
$_SESSION['__SYSTEM_UTC_TIME_ZONE__'] = (int)($config['system_utc_time_zone']) == 1;
/*----------------------------------********---------------------------------*/

ini_set('date.timezone', (isset($_SESSION['__SYSTEM_UTC_TIME_ZONE__']) && $_SESSION['__SYSTEM_UTC_TIME_ZONE__'])? 'UTC' : $config['time_zone']); //Set Time Zone

define('TIME_ZONE', ini_get('date.timezone'));

/*----------------------------------********---------------------------------*/
$_GET = \ProcessMaker\Util\DateTime::convertDataToUtc($_GET);
$_POST = \ProcessMaker\Util\DateTime::convertDataToUtc($_POST);
$_REQUEST = \ProcessMaker\Util\DateTime::convertDataToUtc($_REQUEST);
/*----------------------------------********---------------------------------*/

Creole::registerDriver( 'dbarray', 'creole.contrib.DBArrayConnection' );

// Session Initializations
ini_set( 'session.auto_start', '1' );

// The register_globals feature has been DEPRECATED as of PHP 5.3.0. default value Off.
// ini_set( 'register_globals', 'Off' );
//session_start();
ob_start();

// Rebuild the base Workflow translations if not exists
if (! is_file( PATH_LANGUAGECONT . 'translation.en' )) {
    $pathFile = PATH_CLASSES . "model" . PATH_SEP . "Translation.php";

    require_once ($pathFile);

    $pmTranslation = new Translation();
    $fields = $pmTranslation->generateFileTranslation("en");

    // Load Language Translation
    Bootstrap::LoadTranslationObject("en");
}

// TODO: Verify if the language set into url is defined in translations env.
if (SYS_LANG != 'en' && ! is_file( PATH_LANGUAGECONT . 'translation.' . SYS_LANG )) {
    $pathFile = PATH_CLASSES . "model" . PATH_SEP . "Translation.php";

    require_once ($pathFile);

    $pmTranslation = new Translation();
    $fields = $pmTranslation->generateFileTranslation(SYS_LANG);

    // Load Language Translation
    Bootstrap::LoadTranslationObject(SYS_LANG);
}

// Setup plugins
$oPluginRegistry->setupPlugins(); //get and setup enabled plugins
$avoidChangedWorkspaceValidation = false;

// Load custom Classes and Model from Plugins.
Bootstrap::LoadAllPluginModelClasses();

// jump to php file in methods directory
$collectionPlugin = '';
if ($oPluginRegistry->isRegisteredFolder( SYS_COLLECTION )) {
    $phpFile = PATH_PLUGINS . SYS_COLLECTION . PATH_SEP . SYS_TARGET . '.php';
    $targetPlugin = explode( '/', SYS_TARGET );
    $collectionPlugin = $targetPlugin[0];
    $avoidChangedWorkspaceValidation = true;
} else {
    $phpFile = Bootstrap::ExpandPath( 'methods' ) . SYS_COLLECTION . PATH_SEP . SYS_TARGET . '.php';
}

// services is a special folder,
if (SYS_COLLECTION == 'services') {
    $avoidChangedWorkspaceValidation = true;
    $targetPlugin = explode( '/', SYS_TARGET );

    if ($targetPlugin[0] == 'webdav') {
        $phpFile = Bootstrap::ExpandPath( 'methods' ) . SYS_COLLECTION . PATH_SEP . 'webdav.php';
    }
}

if (SYS_COLLECTION == 'login' && SYS_TARGET == 'login') {
    $avoidChangedWorkspaceValidation = true;
}

$bWE = false;
$isControllerCall = false;
$isPluginController = false;

if (substr( SYS_COLLECTION, 0, 8 ) === 'gulliver') {
    $phpFile = PATH_GULLIVER_HOME . 'methods/' . substr( SYS_COLLECTION, 8 ) . SYS_TARGET . '.php';
} else {
    //when the file is part of the public directory of any PROCESS, this a ProcessMaker feature
    if (preg_match( '/^[0-9][[:alnum:]]+$/', SYS_COLLECTION ) == 1) { //the pattern is /sysSYS/LANG/SKIN/PRO_UID/file
        $auxPart = explode( '/', $_SERVER['REQUEST_URI'] );
        $aAux = explode( '?', $auxPart[count( $auxPart ) - 1] );
        //$extPart = explode ( '.' , $auxPart[ count($auxPart)-1] );
        $extPart = explode( '.', $aAux[0] );
        $queryPart = isset( $aAux[1] ) ? $aAux[1] : "";
        $extension = $extPart[count( $extPart ) - 1];
        $phpFile = PATH_DATA_SITE . 'public' . PATH_SEP . SYS_COLLECTION . PATH_SEP . urldecode( $auxPart[count( $auxPart ) - 1] );
        $aAux = explode( '?', $phpFile );
        $phpFile = $aAux[0];

        if ($extension != 'php') {
            //NewRelic Snippet - By JHL
            transactionLog($phpFile);
            Bootstrap::streamFile($phpFile);
            die();
        }

        $isWebEntry = \ProcessMaker\BusinessModel\WebEntry::isWebEntry(SYS_COLLECTION, $phpFile);
        if (\Bootstrap::getDisablePhpUploadExecution() === 1 && !$isWebEntry) {
            $message = \G::LoadTranslation('THE_PHP_FILES_EXECUTION_WAS_DISABLED');
            \Bootstrap::registerMonologPhpUploadExecution('phpExecution', 550, $message, $phpFile);
            echo $message;
            die();
        } else {
            //Backward compatibility: Preload PmDynaform for old generated webentry files.
            class_exists('PmDynaform');
            \Bootstrap::registerMonologPhpUploadExecution('phpExecution', 200, 'Php Execution', $phpFile);
        }

        $avoidChangedWorkspaceValidation = true;
        $bWE = true;
        //$phpFile = PATH_DATA_SITE . 'public' . PATH_SEP .  SYS_COLLECTION . PATH_SEP . $auxPart[ count($auxPart)-1];
    }

    //erik: verify if it is a Controller Class or httpProxyController Class
    if (is_file( PATH_CONTROLLERS . SYS_COLLECTION . '.php' )) {

        $pathFile = PATH_CONTROLLERS . SYS_COLLECTION . '.php';
        require_once $pathFile;
        $controllerClass = SYS_COLLECTION;
        //if the method name is empty set default to index method
        $controllerAction = SYS_TARGET != '' ? SYS_TARGET : 'index';
        //if the method exists
        if (is_callable( Array ($controllerClass,$controllerAction ) )) {
            $isControllerCall = true;
        }

        if (substr(SYS_SKIN, 0, 2) != "ux" && $controllerClass == "main") {
            $isControllerCall = false;
        }
    }

    if (is_dir(PATH_PLUGINS . SYS_COLLECTION) && $oPluginRegistry->isRegisteredFolder(SYS_COLLECTION)) {
        $pluginName = SYS_COLLECTION;
        $pluginResourceRequest = explode('/', rtrim(SYS_TARGET, '/'));
        $isPluginController = true;

        if ($pluginResourceRequest > 0) {
            $controllerClass = $pluginResourceRequest[0];

            if (count($pluginResourceRequest) == 1) {
                $controllerAction = 'index';
            } else {
                $controllerAction = $pluginResourceRequest[1];
            }
        }

        $pluginControllerPath = PATH_PLUGINS . $pluginName . PATH_SEP . 'controllers' . PATH_SEP;

        $pathFile = $pluginControllerPath. $controllerClass . '.php';
        if (is_file($pathFile)) {
            require_once $pathFile;
        } elseif (is_file($pluginControllerPath. ucfirst($controllerClass) . '.php')) {
            $controllerClass = ucfirst($controllerClass);
            require_once $pathFile;
        } elseif (is_file($pluginControllerPath. ucfirst($controllerClass) . 'Controller.php')) {
            $controllerClass = ucfirst($controllerClass) . 'Controller';
            require_once $pathFile;
        }

        //if the method exists
        if (is_callable(array($controllerClass, $controllerAction))) {
            $isControllerCall = true;
        }
    }

    if (! $isControllerCall && ! file_exists( $phpFile )) {
        $_SESSION['phpFileNotFound'] = $_SERVER['REQUEST_URI'];
        header('Status: 404');
        header( "location: /errors/error404.php?url=" . urlencode( $_SERVER['REQUEST_URI'] ) );
        die();
    }
}

//redirect to login, if user changed the workspace in the URL
if (! $avoidChangedWorkspaceValidation && isset( $_SESSION['WORKSPACE'] ) && $_SESSION['WORKSPACE'] != config("system.workspace")) {
    $_SESSION['WORKSPACE'] = config("system.workspace");
    Bootstrap::SendTemporalMessage( 'ID_USER_HAVENT_RIGHTS_SYSTEM', "error" );
    // verify if the current skin is a 'ux' variant
    $urlPart = substr( SYS_SKIN, 0, 2 ) == 'ux' && SYS_SKIN != 'uxs' ? '/main/login' : '/login/login';

    header( 'Location: /sys' . config("system.workspace") . '/' . SYS_LANG . '/' . SYS_SKIN . $urlPart );
    die();
}

// enable rbac

$RBAC = &RBAC::getSingleton( PATH_DATA, session_id() );
$RBAC->sSystem = 'PROCESSMAKER';

// define and send Headers for all pages
if (! defined( 'EXECUTE_BY_CRON' )) {
    header( "Expires: " . gmdate( "D, d M Y H:i:s", mktime( 0, 0, 0, date( 'm' ), date( 'd' ) - 1, date( 'Y' ) ) ) . " GMT" );
    header( "Last-Modified: " . gmdate( "D, d M Y H:i:s" ) . " GMT" );
    header( "Cache-Control: no-store, no-cache, must-revalidate" );
    header( "Cache-Control: post-check=0, pre-check=0", false );
    header( "Pragma: no-cache" );

    // get the language direction from ServerConf
    define( 'SYS_LANG_DIRECTION', $oServerConf->getLanDirection() );

    if ((isset( $_SESSION['USER_LOGGED'] )) && (! (isset( $_GET['sid'] )))) {
        if ((preg_match("/msie/i", $_SERVER ['HTTP_USER_AGENT']) != 1 ||
            $config['ie_cookie_lifetime'] == 1) &&
            (!(preg_match("/safari/i", $_SERVER ['HTTP_USER_AGENT']) == 1 && preg_match("/chrome/i", $_SERVER ['HTTP_USER_AGENT']) == 0) ||
            $config['safari_cookie_lifetime'] == 1)) {
            if (PHP_VERSION < 5.2) {
                setcookie(session_name(), session_id(), time() + $timelife, '/', '; HttpOnly');
            } else {
                setcookie(session_name(), session_id(), time() + $timelife, '/', null, G::is_https(), true);
            }
        }
        $RBAC->initRBAC();
        //using optimization with memcache, the user data will be in memcache 8 hours, or until session id goes invalid
        $memKey = 'rbacSession' . session_id();
        if (($RBAC->aUserInfo = $memcache->get( $memKey )) === false) {
            $RBAC->loadUserRolePermission( $RBAC->sSystem, $_SESSION['USER_LOGGED'] );
            $memcache->set( $memKey, $RBAC->aUserInfo, PMmemcached::EIGHT_HOURS );
        }
    } else {
        // this is the blank list to allow execute scripts with no login (without session started)
        $noLoginFiles = $noLoginFolders = array ();
        $noLoginFiles[] = 'login';
        $noLoginFiles[] = 'authentication';
        $noLoginFiles[] = 'authenticationSso';
        $noLoginFiles[] = 'login_Ajax';
        $noLoginFiles[] = 'dbInfo';
        $noLoginFiles[] = 'sysLoginVerify';
        $noLoginFiles[] = 'processes_Ajax';
        $noLoginFiles[] = 'showLogoFile';
        $noLoginFiles[] = 'forgotPassword';
        $noLoginFiles[] = 'retrivePassword';
        $noLoginFiles[] = 'steps_Ajax';
        $noLoginFiles[] = 'proxyCasesList';
        $noLoginFiles[] = 'proxyNewCasesList';
        $noLoginFiles[] = 'casesStartPage_Ajax';
        $noLoginFiles[] = 'cases_Ajax';
        $noLoginFiles[] = 'casesList_Ajax';
        $noLoginFiles[] = 'proxyReassignCasesList';
        $noLoginFiles[] = 'ajaxListener';
        $noLoginFiles[] = 'cases_Step';
        $noLoginFiles[] = 'cases_ShowOutputDocument';
        $noLoginFiles[] = 'cases_ShowDocument';
        $noLoginFiles[] = 'cases_CatchExecute';
        $noLoginFiles[] = 'cases_SaveData';
        $noLoginFiles[] = 'cases_Derivate';
        $noLoginFiles[] = 'cases_NextStep';
        $noLoginFiles[] = 'genericAjax';
        $noLoginFiles[] = 'casesSaveDataView';
        $noLoginFiles[] = 'propelTableAjax';
        $noLoginFiles[] = 'licenseUpdate';
        $noLoginFiles[] = 'casesStreamingFile';
        $noLoginFiles[] = 'opencase';
        $noLoginFiles[] = 'defaultAjaxDynaform';

        $noLoginFolders[] = 'services';
        $noLoginFolders[] = 'tracker';
        $noLoginFolders[] = 'installer';

        // This sentence is used when you lost the Session
        if (! in_array( SYS_TARGET, $noLoginFiles ) && ! in_array( SYS_COLLECTION, $noLoginFolders ) && $bWE != true && $collectionPlugin != 'services') {
            $bRedirect = true;
            if (isset( $_GET['sid'] )) {
                $oSessions = new Sessions();
                if ($aSession = $oSessions->verifySession( $_GET['sid'] )) {
                    require_once 'classes/model/Users.php';
                    $oUser = new Users();
                    $aUser = $oUser->load( $aSession['USR_UID'] );
                    initUserSession(
                        $_SESSION['USER_LOGGED'],
                        $aUser['USR_USERNAME']
                    );
                    $bRedirect = false;
                    if ((preg_match("/msie/i", $_SERVER ['HTTP_USER_AGENT']) != 1 ||
                        $config['ie_cookie_lifetime'] == 1) &&
                        (!(preg_match("/safari/i", $_SERVER ['HTTP_USER_AGENT']) == 1 && preg_match("/chrome/i", $_SERVER ['HTTP_USER_AGENT']) == 0) ||
                        $config['safari_cookie_lifetime'] == 1)) {
                        if (PHP_VERSION < 5.2) {
                            setcookie(session_name(), session_id(), time() + $timelife, '/', '; HttpOnly');
                        } else {
                            setcookie(session_name(), session_id(), time() + $timelife, '/', null, G::is_https(), true);
                        }
                    }
                    $RBAC->initRBAC();
                    $RBAC->loadUserRolePermission( $RBAC->sSystem, $_SESSION['USER_LOGGED'] );
                    $memKey = 'rbacSession' . session_id();
                    $memcache->set( $memKey, $RBAC->aUserInfo, PMmemcached::EIGHT_HOURS );
                }
            }

            if (isset($_GET['tracker_designer']) && intval($_GET['tracker_designer']) !== 1) {
                unset($_GET['tracker_designer']);
            }

            if ($bRedirect && (!isset($_GET['tracker_designer']) || (!isset($_SESSION['CASE']) && !isset($_SESSION['PIN'])))) {
                if (substr(SYS_SKIN, 0, 2) === 'ux' && SYS_SKIN !== 'uxs') { // verify if the current skin is a 'ux' variant
                    $loginUrl = 'main/login';
                } else if (strpos($_SERVER['REQUEST_URI'], '/home') !== false) { //verify is it is using the uxs skin for simplified interface
                    $loginUrl = 'home/login';
                } else {
                    $loginUrl = 'login/login'; // just set up the classic login
                }

                if (empty($_POST)) {
                    header('location: ' . SYS_URI . $loginUrl . '?u=' . urlencode($_SERVER['REQUEST_URI']));

                } else {
                    if ($isControllerCall) {
                        header("HTTP/1.0 302 session lost in controller");
                    } else {
                        header('location: ' . SYS_URI . $loginUrl);
                    }
                }
                die();
            }
        }
    }
    $_SESSION['phpLastFileFound'] = $_SERVER['REQUEST_URI'];

    // Initialization functions plugins
    $oPluginRegistry->init();
    /**
     * New feature for Gulliver framework to support Controllers & HttpProxyController classes handling
     *
     * @author <erik@colosa.com
     */
    if ($isControllerCall) { //Instance the Controller object and call the request method
        $controller = new $controllerClass();
        $controller->setHttpRequestData($_REQUEST);//NewRelic Snippet - By JHL
        transactionLog($controllerAction);

        if ($isPluginController) {
            $controller->setPluginName($pluginName);
            $controller->setPluginHomeDir(PATH_PLUGINS . $pluginName . PATH_SEP);
        }

        $controller->call($controllerAction);
    } else {
        //NewRelic Snippet - By JHL
        transactionLog($phpFile);
        require_once $phpFile;
    }

    if (defined( 'SKIP_HEADERS' )) {
        header( "Expires: " . gmdate( "D, d M Y H:i:s", mktime( 0, 0, 0, date( 'm' ), date( 'd' ), date( 'Y' ) + 1 ) ) . " GMT" );
        header( 'Cache-Control: public' );
        header( 'Pragma: ' );
    }

    ob_end_flush();
    if (DEBUG_TIME_LOG) {
        bootstrap::logTimeByPage(); //log this page
    }
}