source: trunk/include/common.inc.php @ 719

Last change on this file since 719 was 681, checked in by plg, 19 years ago
  • replacement of variable names in include/mysql.inc.php (for upgrades) :

dbname => cfgBase
dbuser => cfgUser
dbpasswd => cfgPassword
dbhost => cfgHote
table_prefix => prefixeTable
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 4.7 KB
RevLine 
[354]1<?php
2// +-----------------------------------------------------------------------+
[593]3// | PhpWebGallery - a PHP based picture gallery                           |
4// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
[675]5// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
[354]6// +-----------------------------------------------------------------------+
[593]7// | branch        : BSF (Best So Far)
[354]8// | file          : $RCSfile$
9// | last update   : $Date: 2005-01-08 23:32:25 +0000 (Sat, 08 Jan 2005) $
10// | last modifier : $Author: plg $
11// | revision      : $Revision: 681 $
12// +-----------------------------------------------------------------------+
13// | This program is free software; you can redistribute it and/or modify  |
14// | it under the terms of the GNU General Public License as published by  |
15// | the Free Software Foundation                                          |
16// |                                                                       |
17// | This program is distributed in the hope that it will be useful, but   |
18// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
19// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
20// | General Public License for more details.                              |
21// |                                                                       |
22// | You should have received a copy of the GNU General Public License     |
23// | along with this program; if not, write to the Free Software           |
24// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
25// | USA.                                                                  |
26// +-----------------------------------------------------------------------+
[383]27
[650]28if (!defined('PHPWG_ROOT_PATH'))
[364]29{
[650]30  die('Hacking attempt!');
[364]31}
32// determine the initial instant to indicate the generation time of this page
[354]33$t1 = explode( ' ', microtime() );
34$t2 = explode( '.', $t1[0] );
35$t2 = $t1[1].'.'.$t2[1];
36
37set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
38
39//
[359]40// addslashes to vars if magic_quotes_gpc is off this is a security
41// precaution to prevent someone trying to break out of a SQL statement.
[354]42//
43if( !get_magic_quotes_gpc() )
44{
[359]45  if( is_array( $_GET ) )
[354]46  {
[359]47    while( list($k, $v) = each($_GET) )
[354]48    {
[359]49      if( is_array($_GET[$k]) )
50      {
51        while( list($k2, $v2) = each($_GET[$k]) )
[354]52        {
[359]53          $_GET[$k][$k2] = addslashes($v2);
54        }
55        @reset($_GET[$k]);
56      }
57      else
58      {
59        $_GET[$k] = addslashes($v);
60      }
61    }
62    @reset($_GET);
[354]63  }
64 
[359]65  if( is_array($_POST) )
[354]66  {
[359]67    while( list($k, $v) = each($_POST) )
68    {
69      if( is_array($_POST[$k]) )
70      {
71        while( list($k2, $v2) = each($_POST[$k]) )
72        {
73          $_POST[$k][$k2] = addslashes($v2);
74        }
75        @reset($_POST[$k]);
76      }
77      else
78      {
79        $_POST[$k] = addslashes($v);
80      }
[354]81    }
[359]82    @reset($_POST);
[354]83  }
84
[359]85  if( is_array($_COOKIE) )
[354]86  {
[359]87    while( list($k, $v) = each($_COOKIE) )
[354]88    {
[359]89      if( is_array($_COOKIE[$k]) )
90      {
91        while( list($k2, $v2) = each($_COOKIE[$k]) )
92        {
93          $_COOKIE[$k][$k2] = addslashes($v2);
94        }
95        @reset($_COOKIE[$k]);
96      }
97      else
98      {
99        $_COOKIE[$k] = addslashes($v);
100      }
[354]101    }
[359]102    @reset($_COOKIE);
[354]103  }
104}
105
106//
[359]107// Define some basic configuration arrays this also prevents malicious
108// rewriting of language and otherarray values via URI params
[354]109//
110$conf = array();
111$page = array();
112$user = array();
113$lang = array();
114
[364]115
[367]116include(PHPWG_ROOT_PATH .'include/mysql.inc.php');
[650]117if (!defined('PHPWG_INSTALLED'))
[354]118{
[650]119  header('Location: install.php');
[359]120  exit;
[354]121}
122
[364]123include(PHPWG_ROOT_PATH . 'include/constants.php');
[367]124include(PHPWG_ROOT_PATH . 'include/config.inc.php');
[364]125include(PHPWG_ROOT_PATH . 'include/functions.inc.php');
126include(PHPWG_ROOT_PATH . 'include/template.php');
127
[354]128// Database connection
[681]129mysql_connect( $cfgHote, $cfgUser, $cfgPassword )
[512]130or die ( "Could not connect to database server" );
[681]131mysql_select_db( $cfgBase )
[359]132or die ( "Could not connect to database" );
[354]133       
134//
[394]135// Setup gallery wide options, if this fails then we output a CRITICAL_ERROR
136// since basic gallery information is not available
[354]137//
[541]138$query = '
139SELECT param,value
140 FROM '.CONFIG_TABLE.'
141;';
[650]142if (!($result = pwg_query($query)))
[354]143{
144  die("Could not query config information");
145}
146
[383]147while ( $row =mysql_fetch_array( $result ) )
148{
149  if ( isset( $row['value'] ) )
[354]150  {
[383]151    $conf[$row['param']] = $row['value'];
[354]152  }
[383]153  else
154  {
155    $conf[$row['param']] = '';
156  }
157  // If the field is true or false, the variable is transformed into a
158  // boolean value.
159  if ( $conf[$row['param']] == 'true' or $conf[$row['param']] == 'false' )
160  {
161    $conf[$row['param']] = get_boolean( $conf[$row['param']] );
162  }
[354]163}
164
[650]165include(PHPWG_ROOT_PATH.'include/user.inc.php');
[362]166?>
Note: See TracBrowser for help on using the repository browser.