source: trunk/include/common.inc.php @ 2385

Last change on this file since 2385 was 2299, checked in by plg, 17 years ago

Bug fixed: as rvelices notified me by email, my header replacement script was
bugged (r2297 was repeating new and old header).

By the way, I've also removed the replacement keywords. We were using them
because it was a common usage with CVS but it is advised not to use them with
Subversion. Personnaly, it is a problem when I search differences between 2
Piwigo installations outside Subversion.
  • Property svn:eol-style set to LF
  • Property svn:keywords set to Author Date Id Revision
File size: 7.7 KB
RevLine 
[354]1<?php
2// +-----------------------------------------------------------------------+
[2297]3// | Piwigo - a PHP based picture gallery                                  |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008      Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
[383]23
[650]24if (!defined('PHPWG_ROOT_PATH'))
[364]25{
[650]26  die('Hacking attempt!');
[364]27}
28// determine the initial instant to indicate the generation time of this page
[354]29$t1 = explode( ' ', microtime() );
30$t2 = explode( '.', $t1[0] );
31$t2 = $t1[1].'.'.$t2[1];
32
33set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
34
35//
[359]36// addslashes to vars if magic_quotes_gpc is off this is a security
37// precaution to prevent someone trying to break out of a SQL statement.
[354]38//
39if( !get_magic_quotes_gpc() )
40{
[359]41  if( is_array( $_GET ) )
[354]42  {
[359]43    while( list($k, $v) = each($_GET) )
[354]44    {
[359]45      if( is_array($_GET[$k]) )
46      {
47        while( list($k2, $v2) = each($_GET[$k]) )
[354]48        {
[359]49          $_GET[$k][$k2] = addslashes($v2);
50        }
51        @reset($_GET[$k]);
52      }
53      else
54      {
55        $_GET[$k] = addslashes($v);
56      }
57    }
58    @reset($_GET);
[354]59  }
[1092]60
[359]61  if( is_array($_POST) )
[354]62  {
[359]63    while( list($k, $v) = each($_POST) )
64    {
65      if( is_array($_POST[$k]) )
66      {
67        while( list($k2, $v2) = each($_POST[$k]) )
68        {
69          $_POST[$k][$k2] = addslashes($v2);
70        }
71        @reset($_POST[$k]);
72      }
73      else
74      {
75        $_POST[$k] = addslashes($v);
76      }
[354]77    }
[359]78    @reset($_POST);
[354]79  }
80
[359]81  if( is_array($_COOKIE) )
[354]82  {
[359]83    while( list($k, $v) = each($_COOKIE) )
[354]84    {
[359]85      if( is_array($_COOKIE[$k]) )
86      {
87        while( list($k2, $v2) = each($_COOKIE[$k]) )
88        {
89          $_COOKIE[$k][$k2] = addslashes($v2);
90        }
91        @reset($_COOKIE[$k]);
92      }
93      else
94      {
95        $_COOKIE[$k] = addslashes($v);
96      }
[354]97    }
[359]98    @reset($_COOKIE);
[354]99  }
100}
101
102//
[359]103// Define some basic configuration arrays this also prevents malicious
104// rewriting of language and otherarray values via URI params
[354]105//
106$conf = array();
107$page = array();
108$user = array();
109$lang = array();
[1414]110$header_msgs = array();
[1677]111$header_notes = array();
[2111]112$filter = array();
[354]113
[766]114@include(PHPWG_ROOT_PATH .'include/mysql.inc.php');
[650]115if (!defined('PHPWG_INSTALLED'))
[354]116{
[650]117  header('Location: install.php');
[359]118  exit;
[354]119}
120
[1744]121foreach( array(
122  'array_intersect_key', //PHP 5 >= 5.1.0RC1
123  'hash_hmac', //(hash) - enabled by default as of PHP 5.1.2
[2213]124  'preg_last_error', // PHP 5 >= 5.2.0
[2215]125  'file_put_contents', //PHP5
[1744]126  ) as $func)
127{
128  if (!function_exists($func))
129  {
130    include_once(PHPWG_ROOT_PATH . 'include/php_compat/'.$func.'.php');
131  }
132}
133
[770]134include(PHPWG_ROOT_PATH . 'include/config_default.inc.php');
135@include(PHPWG_ROOT_PATH. 'include/config_local.inc.php');
[808]136include(PHPWG_ROOT_PATH . 'include/constants.php');
[364]137include(PHPWG_ROOT_PATH . 'include/functions.inc.php');
[2290]138include(PHPWG_ROOT_PATH . 'include/template.class.php');
[364]139
[354]140// Database connection
[681]141mysql_connect( $cfgHote, $cfgUser, $cfgPassword )
[512]142or die ( "Could not connect to database server" );
[681]143mysql_select_db( $cfgBase )
[359]144or die ( "Could not connect to database" );
[953]145
[2127]146defined('PWG_CHARSET') and defined('DB_CHARSET')
147  or die('PWG_CHARSET and/or DB_CHARSET is not defined');
148if ( version_compare(mysql_get_server_info(), '4.1.0', '>=') )
149{
150  if (DB_CHARSET!='')
151  {
152    pwg_query('SET NAMES "'.DB_CHARSET.'"');
153  }
154}
155else
156{
157  if ( strtolower(PWG_CHARSET)!='iso-8859-1' )
158  {
159    die('PWG supports only iso-8859-1 charset on MySql version '.mysql_get_server_info());
160  }
161}
162
[354]163//
[394]164// Setup gallery wide options, if this fails then we output a CRITICAL_ERROR
165// since basic gallery information is not available
[354]166//
[1284]167load_conf_from_db();
[1655]168load_plugins();
[354]169
[650]170include(PHPWG_ROOT_PATH.'include/user.inc.php');
[808]171
[1568]172
[808]173// language files
[2126]174load_language('common.lang');
[808]175if (defined('IN_ADMIN') and IN_ADMIN)
176{
[2126]177  load_language('admin.lang');
[808]178}
[1699]179trigger_action('loading_lang');
[2126]180load_language('local.lang');
[808]181
[1568]182// only now we can set the localized username of the guest user (and not in
183// include/user.inc.php)
[2029]184if (is_a_guest())
[1568]185{
[2201]186  $user['username'] = l10n('guest');
[1568]187}
188
189// template instance
[2117]190if
[2038]191  (
[2117]192      defined('IN_ADMIN') and IN_ADMIN and
[2038]193      isset($user['admin_template']) and
194      isset($user['admin_theme'])
195  )
196{
197  // Admin template
198  $template = new Template(PHPWG_ROOT_PATH.'template/'.$user['admin_template'], $user['admin_theme'] );
199}
200else
201{
202  // Classic template
203  $template = new Template(PHPWG_ROOT_PATH.'template/'.$user['template'], $user['theme'] );
204}
[1568]205
[2055]206if (isset($user['internal_status']['guest_must_be_guest'])
207    and
208    $user['internal_status']['guest_must_be_guest'] === true)
209{
210  $header_msgs[] = l10n('guest_must_be_guest');
211}
212
[1036]213if ($conf['gallery_locked'])
214{
[2201]215  $header_msgs[] = l10n('gallery_locked_message');
[1036]216
[1692]217  if ( script_basename() != 'identification' and !is_admin() )
[1036]218  {
[2046]219    set_status_header(503, 'Service Unavailable');
220    @header('Retry-After: 900');
[2201]221    echo l10n('gallery_locked_message')
[1750]222      .'<a href="'.get_absolute_root_url(false).'identification.php">.</a>';
[1036]223    exit();
224  }
225}
226
[1568]227if ($conf['check_upgrade_feed']
228    and defined('PHPWG_IN_UPGRADE')
229    and PHPWG_IN_UPGRADE)
[1377]230{
[1578]231
[1568]232  // retrieve already applied upgrades
233  $query = '
234SELECT id
235  FROM '.UPGRADE_TABLE.'
236;';
237  $applied = array_from_query($query, 'id');
238
239  // retrieve existing upgrades
240  $existing = get_available_upgrade_ids();
241
242  // which upgrades need to be applied?
243  if (count(array_diff($existing, $applied)) > 0)
244  {
245    $header_msgs[] = 'Some database upgrades are missing, '
[1750]246      .'<a href="'.get_absolute_root_url(false).'upgrade_feed.php">upgrade now</a>';
[1568]247  }
[1377]248}
[960]249
[1303]250if (is_adviser())
251{
[2201]252  $header_msgs[] = l10n('adviser_mode_enabled');
[1303]253}
254
[1414]255if (count($header_msgs) > 0)
[1380]256{
[2240]257  $template->assign('header_msgs', $header_msgs);
258  $header_msgs=array();
[1380]259}
[1598]260
[1722]261if (!empty($conf['filter_pages']) and get_filter_page_value('used'))
[1677]262{
263  include(PHPWG_ROOT_PATH.'include/functions_filter.inc.php');
264  include(PHPWG_ROOT_PATH.'include/filter.inc.php');
265}
[1722]266else
267{
268  $filter['enabled'] = false;
269}
[1677]270
271if (isset($conf['header_notes']))
272{
273  $header_notes = array_merge($header_notes, $conf['header_notes']);
274}
275
[1598]276// default event handlers
[2117]277add_event_handler('render_category_literal_description', 'render_category_literal_description');
278add_event_handler('render_category_description', 'render_category_description');
[1849]279add_event_handler('render_comment_content', 'htmlspecialchars');
[1598]280add_event_handler('render_comment_content', 'parse_comment_content');
[2030]281add_event_handler('render_comment_author', 'strip_tags');
[1598]282trigger_action('init');
[1679]283?>
Note: See TracBrowser for help on using the repository browser.