source: tags/release-1_6_1/include/common.inc.php @ 3600

Last change on this file since 3600 was 1425, checked in by plg, 18 years ago

bug 395 fixed: the upgrade feed can be performed only if PHPWG_IN_UPGRADE is
true.
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 6.4 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | PhpWebGallery - a PHP based picture gallery                           |
4// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
5// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
6// +-----------------------------------------------------------------------+
7// | branch        : BSF (Best So Far)
8// | file          : $RCSfile$
9// | last update   : $Date: 2006-07-03 22:42:57 +0000 (Mon, 03 Jul 2006) $
10// | last modifier : $Author: plg $
11// | revision      : $Revision: 1425 $
12// +-----------------------------------------------------------------------+
13// | This program is free software; you can redistribute it and/or modify  |
14// | it under the terms of the GNU General Public License as published by  |
15// | the Free Software Foundation                                          |
16// |                                                                       |
17// | This program is distributed in the hope that it will be useful, but   |
18// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
19// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
20// | General Public License for more details.                              |
21// |                                                                       |
22// | You should have received a copy of the GNU General Public License     |
23// | along with this program; if not, write to the Free Software           |
24// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
25// | USA.                                                                  |
26// +-----------------------------------------------------------------------+
27
28if (!defined('PHPWG_ROOT_PATH'))
29{
30  die('Hacking attempt!');
31}
32// determine the initial instant to indicate the generation time of this page
33$t1 = explode( ' ', microtime() );
34$t2 = explode( '.', $t1[0] );
35$t2 = $t1[1].'.'.$t2[1];
36
37set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
38
39//
40// addslashes to vars if magic_quotes_gpc is off this is a security
41// precaution to prevent someone trying to break out of a SQL statement.
42//
43if( !get_magic_quotes_gpc() )
44{
45  if( is_array( $_GET ) )
46  {
47    while( list($k, $v) = each($_GET) )
48    {
49      if( is_array($_GET[$k]) )
50      {
51        while( list($k2, $v2) = each($_GET[$k]) )
52        {
53          $_GET[$k][$k2] = addslashes($v2);
54        }
55        @reset($_GET[$k]);
56      }
57      else
58      {
59        $_GET[$k] = addslashes($v);
60      }
61    }
62    @reset($_GET);
63  }
64
65  if( is_array($_POST) )
66  {
67    while( list($k, $v) = each($_POST) )
68    {
69      if( is_array($_POST[$k]) )
70      {
71        while( list($k2, $v2) = each($_POST[$k]) )
72        {
73          $_POST[$k][$k2] = addslashes($v2);
74        }
75        @reset($_POST[$k]);
76      }
77      else
78      {
79        $_POST[$k] = addslashes($v);
80      }
81    }
82    @reset($_POST);
83  }
84
85  if( is_array($_COOKIE) )
86  {
87    while( list($k, $v) = each($_COOKIE) )
88    {
89      if( is_array($_COOKIE[$k]) )
90      {
91        while( list($k2, $v2) = each($_COOKIE[$k]) )
92        {
93          $_COOKIE[$k][$k2] = addslashes($v2);
94        }
95        @reset($_COOKIE[$k]);
96      }
97      else
98      {
99        $_COOKIE[$k] = addslashes($v);
100      }
101    }
102    @reset($_COOKIE);
103  }
104}
105
106//
107// Define some basic configuration arrays this also prevents malicious
108// rewriting of language and otherarray values via URI params
109//
110$conf = array();
111$page = array();
112$user = array();
113$lang = array();
114$header_msgs = array();
115
116@include(PHPWG_ROOT_PATH .'include/mysql.inc.php');
117if (!defined('PHPWG_INSTALLED'))
118{
119  header('Location: install.php');
120  exit;
121}
122
123include(PHPWG_ROOT_PATH . 'include/config_default.inc.php');
124@include(PHPWG_ROOT_PATH. 'include/config_local.inc.php');
125include(PHPWG_ROOT_PATH . 'include/constants.php');
126include(PHPWG_ROOT_PATH . 'include/functions.inc.php');
127include(PHPWG_ROOT_PATH . 'include/template.php');
128
129// Database connection
130mysql_connect( $cfgHote, $cfgUser, $cfgPassword )
131or die ( "Could not connect to database server" );
132mysql_select_db( $cfgBase )
133or die ( "Could not connect to database" );
134
135if ($conf['check_upgrade_feed']
136    and defined('PHPWG_IN_UPGRADE')
137    and PHPWG_IN_UPGRADE)
138{
139  // retrieve already applied upgrades
140  $query = '
141SELECT id
142  FROM '.UPGRADE_TABLE.'
143;';
144  $applied = array_from_query($query, 'id');
145
146  // retrieve existing upgrades
147  $existing = get_available_upgrade_ids();
148
149  // which upgrades need to be applied?
150  if (count(array_diff($existing, $applied)) > 0)
151  {
152    $header_msgs[] = 'Some database upgrades are missing, '
153      .'<a href="'.PHPWG_ROOT_PATH.'upgrade_feed.php">upgrade now</a>';
154  }
155}
156
157//
158// Setup gallery wide options, if this fails then we output a CRITICAL_ERROR
159// since basic gallery information is not available
160//
161load_conf_from_db();
162
163include(PHPWG_ROOT_PATH.'include/user.inc.php');
164
165// language files
166include_once(get_language_filepath('common.lang.php'));
167
168if (defined('IN_ADMIN') and IN_ADMIN)
169{
170  include_once(get_language_filepath('admin.lang.php'));
171}
172
173if ($conf['gallery_locked'])
174{
175  $header_msgs[] = $lang['gallery_locked_message']
176    . '<a href="'.PHPWG_ROOT_PATH.'identification.php">.</a>';
177
178  if ( basename($_SERVER["PHP_SELF"]) != 'identification.php'
179      and !is_admin() )
180  {
181    exit();
182  }
183}
184
185// only now we can set the localized username of the guest user (and not in
186// include/user.inc.php)
187if ($user['is_the_guest'])
188{
189  $user['username'] = $lang['guest'];
190}
191
192// include template/theme configuration
193if (defined('IN_ADMIN') and IN_ADMIN)
194{
195  list($user['template'], $user['theme']) =
196    explode
197    (
198      '/',
199      isset($conf['default_admin_layout']) ? $conf['default_admin_layout']
200                                           : $user['template']
201    );
202// TODO : replace $conf['admin_layout'] by $user['admin_layout']
203}
204else
205{
206  list($user['template'], $user['theme']) = explode('/', $user['template']);
207}
208// TODO : replace initial $user['template'] by $user['layout']
209
210include(
211  PHPWG_ROOT_PATH
212  .'template/'.$user['template']
213  .'/theme/'.$user['theme']
214  .'/themeconf.inc.php'
215  );
216
217if (is_adviser())
218{
219  $header_msgs[] = $lang['adviser_mode_enabled'];
220}
221
222// template instance
223$template = new Template(PHPWG_ROOT_PATH.'template/'.$user['template']);
224
225if (count($header_msgs) > 0)
226{
227  $template->assign_block_vars('header_msgs',array());
228  foreach ($header_msgs as $header_msg)
229  {
230    $template->assign_block_vars('header_msgs.header_msg',
231                                 array('HEADER_MSG'=>$header_msg));
232  }
233}
234?>
Note: See TracBrowser for help on using the repository browser.