Context Navigation

source: trunk/include/common.inc.php @ 2297

Last change on this file since 2297 was 2297, checked in by plg, 16 years ago
Modification: new header on PHP files, PhpWebGallery renamed Piwigo.
Property svn:eol-style set to `LF` Property svn:keywords set to `Author Date Id Revision`
File size: 9.3 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based picture gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23	// +-----------------------------------------------------------------------+
24	// \| PhpWebGallery - a PHP based picture gallery \|
25	// \| Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net \|
26	// \| Copyright (C) 2003-2008 PhpWebGallery Team - http://phpwebgallery.net \|
27	// +-----------------------------------------------------------------------+
28	// \| file : $Id: common.inc.php 2297 2008-04-04 22:57:23Z plg $
29	// \| last update : $Date: 2008-04-04 22:57:23 +0000 (Fri, 04 Apr 2008) $
30	// \| last modifier : $Author: plg $
31	// \| revision : $Revision: 2297 $
32	// +-----------------------------------------------------------------------+
33	// \| This program is free software; you can redistribute it and/or modify \|
34	// \| it under the terms of the GNU General Public License as published by \|
35	// \| the Free Software Foundation \|
36	// \| \|
37	// \| This program is distributed in the hope that it will be useful, but \|
38	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
39	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
40	// \| General Public License for more details. \|
41	// \| \|
42	// \| You should have received a copy of the GNU General Public License \|
43	// \| along with this program; if not, write to the Free Software \|
44	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
45	// \| USA. \|
46	// +-----------------------------------------------------------------------+
47
48	if (!defined('PHPWG_ROOT_PATH'))
49	{
50	die('Hacking attempt!');
51	}
52	// determine the initial instant to indicate the generation time of this page
53	$t1 = explode( ' ', microtime() );
54	$t2 = explode( '.', $t1[0] );
55	$t2 = $t1[1].'.'.$t2[1];
56
57	set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
58
59	//
60	// addslashes to vars if magic_quotes_gpc is off this is a security
61	// precaution to prevent someone trying to break out of a SQL statement.
62	//
63	if( !get_magic_quotes_gpc() )
64	{
65	if( is_array( $_GET ) )
66	{
67	while( list($k, $v) = each($_GET) )
68	{
69	if( is_array($_GET[$k]) )
70	{
71	while( list($k2, $v2) = each($_GET[$k]) )
72	{
73	$_GET[$k][$k2] = addslashes($v2);
74	}
75	@reset($_GET[$k]);
76	}
77	else
78	{
79	$_GET[$k] = addslashes($v);
80	}
81	}
82	@reset($_GET);
83	}
84
85	if( is_array($_POST) )
86	{
87	while( list($k, $v) = each($_POST) )
88	{
89	if( is_array($_POST[$k]) )
90	{
91	while( list($k2, $v2) = each($_POST[$k]) )
92	{
93	$_POST[$k][$k2] = addslashes($v2);
94	}
95	@reset($_POST[$k]);
96	}
97	else
98	{
99	$_POST[$k] = addslashes($v);
100	}
101	}
102	@reset($_POST);
103	}
104
105	if( is_array($_COOKIE) )
106	{
107	while( list($k, $v) = each($_COOKIE) )
108	{
109	if( is_array($_COOKIE[$k]) )
110	{
111	while( list($k2, $v2) = each($_COOKIE[$k]) )
112	{
113	$_COOKIE[$k][$k2] = addslashes($v2);
114	}
115	@reset($_COOKIE[$k]);
116	}
117	else
118	{
119	$_COOKIE[$k] = addslashes($v);
120	}
121	}
122	@reset($_COOKIE);
123	}
124	}
125
126	//
127	// Define some basic configuration arrays this also prevents malicious
128	// rewriting of language and otherarray values via URI params
129	//
130	$conf = array();
131	$page = array();
132	$user = array();
133	$lang = array();
134	$header_msgs = array();
135	$header_notes = array();
136	$filter = array();
137
138	@include(PHPWG_ROOT_PATH .'include/mysql.inc.php');
139	if (!defined('PHPWG_INSTALLED'))
140	{
141	header('Location: install.php');
142	exit;
143	}
144
145	foreach( array(
146	'array_intersect_key', //PHP 5 >= 5.1.0RC1
147	'hash_hmac', //(hash) - enabled by default as of PHP 5.1.2
148	'preg_last_error', // PHP 5 >= 5.2.0
149	'file_put_contents', //PHP5
150	) as $func)
151	{
152	if (!function_exists($func))
153	{
154	include_once(PHPWG_ROOT_PATH . 'include/php_compat/'.$func.'.php');
155	}
156	}
157
158	include(PHPWG_ROOT_PATH . 'include/config_default.inc.php');
159	@include(PHPWG_ROOT_PATH. 'include/config_local.inc.php');
160	include(PHPWG_ROOT_PATH . 'include/constants.php');
161	include(PHPWG_ROOT_PATH . 'include/functions.inc.php');
162	include(PHPWG_ROOT_PATH . 'include/template.class.php');
163
164	// Database connection
165	mysql_connect( $cfgHote, $cfgUser, $cfgPassword )
166	or die ( "Could not connect to database server" );
167	mysql_select_db( $cfgBase )
168	or die ( "Could not connect to database" );
169
170	defined('PWG_CHARSET') and defined('DB_CHARSET')
171	or die('PWG_CHARSET and/or DB_CHARSET is not defined');
172	if ( version_compare(mysql_get_server_info(), '4.1.0', '>=') )
173	{
174	if (DB_CHARSET!='')
175	{
176	pwg_query('SET NAMES "'.DB_CHARSET.'"');
177	}
178	}
179	else
180	{
181	if ( strtolower(PWG_CHARSET)!='iso-8859-1' )
182	{
183	die('PWG supports only iso-8859-1 charset on MySql version '.mysql_get_server_info());
184	}
185	}
186
187	//
188	// Setup gallery wide options, if this fails then we output a CRITICAL_ERROR
189	// since basic gallery information is not available
190	//
191	load_conf_from_db();
192	load_plugins();
193
194	include(PHPWG_ROOT_PATH.'include/user.inc.php');
195
196
197	// language files
198	load_language('common.lang');
199	if (defined('IN_ADMIN') and IN_ADMIN)
200	{
201	load_language('admin.lang');
202	}
203	trigger_action('loading_lang');
204	load_language('local.lang');
205
206	// only now we can set the localized username of the guest user (and not in
207	// include/user.inc.php)
208	if (is_a_guest())
209	{
210	$user['username'] = l10n('guest');
211	}
212
213	// template instance
214	if
215	(
216	defined('IN_ADMIN') and IN_ADMIN and
217	isset($user['admin_template']) and
218	isset($user['admin_theme'])
219	)
220	{
221	// Admin template
222	$template = new Template(PHPWG_ROOT_PATH.'template/'.$user['admin_template'], $user['admin_theme'] );
223	}
224	else
225	{
226	// Classic template
227	$template = new Template(PHPWG_ROOT_PATH.'template/'.$user['template'], $user['theme'] );
228	}
229
230	if (isset($user['internal_status']['guest_must_be_guest'])
231	and
232	$user['internal_status']['guest_must_be_guest'] === true)
233	{
234	$header_msgs[] = l10n('guest_must_be_guest');
235	}
236
237	if ($conf['gallery_locked'])
238	{
239	$header_msgs[] = l10n('gallery_locked_message');
240
241	if ( script_basename() != 'identification' and !is_admin() )
242	{
243	set_status_header(503, 'Service Unavailable');
244	@header('Retry-After: 900');
245	echo l10n('gallery_locked_message')
246	.'<a href="'.get_absolute_root_url(false).'identification.php">.</a>';
247	exit();
248	}
249	}
250
251	if ($conf['check_upgrade_feed']
252	and defined('PHPWG_IN_UPGRADE')
253	and PHPWG_IN_UPGRADE)
254	{
255
256	// retrieve already applied upgrades
257	$query = '
258	SELECT id
259	FROM '.UPGRADE_TABLE.'
260	;';
261	$applied = array_from_query($query, 'id');
262
263	// retrieve existing upgrades
264	$existing = get_available_upgrade_ids();
265
266	// which upgrades need to be applied?
267	if (count(array_diff($existing, $applied)) > 0)
268	{
269	$header_msgs[] = 'Some database upgrades are missing, '
270	.'<a href="'.get_absolute_root_url(false).'upgrade_feed.php">upgrade now</a>';
271	}
272	}
273
274	if (is_adviser())
275	{
276	$header_msgs[] = l10n('adviser_mode_enabled');
277	}
278
279	if (count($header_msgs) > 0)
280	{
281	$template->assign('header_msgs', $header_msgs);
282	$header_msgs=array();
283	}
284
285	if (!empty($conf['filter_pages']) and get_filter_page_value('used'))
286	{
287	include(PHPWG_ROOT_PATH.'include/functions_filter.inc.php');
288	include(PHPWG_ROOT_PATH.'include/filter.inc.php');
289	}
290	else
291	{
292	$filter['enabled'] = false;
293	}
294
295	if (isset($conf['header_notes']))
296	{
297	$header_notes = array_merge($header_notes, $conf['header_notes']);
298	}
299
300	// default event handlers
301	add_event_handler('render_category_literal_description', 'render_category_literal_description');
302	add_event_handler('render_category_description', 'render_category_description');
303	add_event_handler('render_comment_content', 'htmlspecialchars');
304	add_event_handler('render_comment_content', 'parse_comment_content');
305	add_event_handler('render_comment_author', 'strip_tags');
306	trigger_action('init');
307	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: