source: trunk/include/common.inc.php @ 2362

Last change on this file since 2362 was 2299, checked in by plg, 17 years ago

Bug fixed: as rvelices notified me by email, my header replacement script was
bugged (r2297 was repeating new and old header).

By the way, I've also removed the replacement keywords. We were using them
because it was a common usage with CVS but it is advised not to use them with
Subversion. Personnaly, it is a problem when I search differences between 2
Piwigo installations outside Subversion.

  • Property svn:eol-style set to LF
  • Property svn:keywords set to Author Date Id Revision
File size: 7.7 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based picture gallery                                  |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008      Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24if (!defined('PHPWG_ROOT_PATH'))
25{
26  die('Hacking attempt!');
27}
28// determine the initial instant to indicate the generation time of this page
29$t1 = explode( ' ', microtime() );
30$t2 = explode( '.', $t1[0] );
31$t2 = $t1[1].'.'.$t2[1];
32
33set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
34
35//
36// addslashes to vars if magic_quotes_gpc is off this is a security
37// precaution to prevent someone trying to break out of a SQL statement.
38//
39if( !get_magic_quotes_gpc() )
40{
41  if( is_array( $_GET ) )
42  {
43    while( list($k, $v) = each($_GET) )
44    {
45      if( is_array($_GET[$k]) )
46      {
47        while( list($k2, $v2) = each($_GET[$k]) )
48        {
49          $_GET[$k][$k2] = addslashes($v2);
50        }
51        @reset($_GET[$k]);
52      }
53      else
54      {
55        $_GET[$k] = addslashes($v);
56      }
57    }
58    @reset($_GET);
59  }
60
61  if( is_array($_POST) )
62  {
63    while( list($k, $v) = each($_POST) )
64    {
65      if( is_array($_POST[$k]) )
66      {
67        while( list($k2, $v2) = each($_POST[$k]) )
68        {
69          $_POST[$k][$k2] = addslashes($v2);
70        }
71        @reset($_POST[$k]);
72      }
73      else
74      {
75        $_POST[$k] = addslashes($v);
76      }
77    }
78    @reset($_POST);
79  }
80
81  if( is_array($_COOKIE) )
82  {
83    while( list($k, $v) = each($_COOKIE) )
84    {
85      if( is_array($_COOKIE[$k]) )
86      {
87        while( list($k2, $v2) = each($_COOKIE[$k]) )
88        {
89          $_COOKIE[$k][$k2] = addslashes($v2);
90        }
91        @reset($_COOKIE[$k]);
92      }
93      else
94      {
95        $_COOKIE[$k] = addslashes($v);
96      }
97    }
98    @reset($_COOKIE);
99  }
100}
101
102//
103// Define some basic configuration arrays this also prevents malicious
104// rewriting of language and otherarray values via URI params
105//
106$conf = array();
107$page = array();
108$user = array();
109$lang = array();
110$header_msgs = array();
111$header_notes = array();
112$filter = array();
113
114@include(PHPWG_ROOT_PATH .'include/mysql.inc.php');
115if (!defined('PHPWG_INSTALLED'))
116{
117  header('Location: install.php');
118  exit;
119}
120
121foreach( array(
122  'array_intersect_key', //PHP 5 >= 5.1.0RC1
123  'hash_hmac', //(hash) - enabled by default as of PHP 5.1.2
124  'preg_last_error', // PHP 5 >= 5.2.0
125  'file_put_contents', //PHP5
126  ) as $func)
127{
128  if (!function_exists($func))
129  {
130    include_once(PHPWG_ROOT_PATH . 'include/php_compat/'.$func.'.php');
131  }
132}
133
134include(PHPWG_ROOT_PATH . 'include/config_default.inc.php');
135@include(PHPWG_ROOT_PATH. 'include/config_local.inc.php');
136include(PHPWG_ROOT_PATH . 'include/constants.php');
137include(PHPWG_ROOT_PATH . 'include/functions.inc.php');
138include(PHPWG_ROOT_PATH . 'include/template.class.php');
139
140// Database connection
141mysql_connect( $cfgHote, $cfgUser, $cfgPassword )
142or die ( "Could not connect to database server" );
143mysql_select_db( $cfgBase )
144or die ( "Could not connect to database" );
145
146defined('PWG_CHARSET') and defined('DB_CHARSET')
147  or die('PWG_CHARSET and/or DB_CHARSET is not defined');
148if ( version_compare(mysql_get_server_info(), '4.1.0', '>=') )
149{
150  if (DB_CHARSET!='')
151  {
152    pwg_query('SET NAMES "'.DB_CHARSET.'"');
153  }
154}
155else
156{
157  if ( strtolower(PWG_CHARSET)!='iso-8859-1' )
158  {
159    die('PWG supports only iso-8859-1 charset on MySql version '.mysql_get_server_info());
160  }
161}
162
163//
164// Setup gallery wide options, if this fails then we output a CRITICAL_ERROR
165// since basic gallery information is not available
166//
167load_conf_from_db();
168load_plugins();
169
170include(PHPWG_ROOT_PATH.'include/user.inc.php');
171
172
173// language files
174load_language('common.lang');
175if (defined('IN_ADMIN') and IN_ADMIN)
176{
177  load_language('admin.lang');
178}
179trigger_action('loading_lang');
180load_language('local.lang');
181
182// only now we can set the localized username of the guest user (and not in
183// include/user.inc.php)
184if (is_a_guest())
185{
186  $user['username'] = l10n('guest');
187}
188
189// template instance
190if
191  (
192      defined('IN_ADMIN') and IN_ADMIN and
193      isset($user['admin_template']) and
194      isset($user['admin_theme'])
195  )
196{
197  // Admin template
198  $template = new Template(PHPWG_ROOT_PATH.'template/'.$user['admin_template'], $user['admin_theme'] );
199}
200else
201{
202  // Classic template
203  $template = new Template(PHPWG_ROOT_PATH.'template/'.$user['template'], $user['theme'] );
204}
205
206if (isset($user['internal_status']['guest_must_be_guest'])
207    and
208    $user['internal_status']['guest_must_be_guest'] === true)
209{
210  $header_msgs[] = l10n('guest_must_be_guest');
211}
212
213if ($conf['gallery_locked'])
214{
215  $header_msgs[] = l10n('gallery_locked_message');
216
217  if ( script_basename() != 'identification' and !is_admin() )
218  {
219    set_status_header(503, 'Service Unavailable');
220    @header('Retry-After: 900');
221    echo l10n('gallery_locked_message')
222      .'<a href="'.get_absolute_root_url(false).'identification.php">.</a>';
223    exit();
224  }
225}
226
227if ($conf['check_upgrade_feed']
228    and defined('PHPWG_IN_UPGRADE')
229    and PHPWG_IN_UPGRADE)
230{
231
232  // retrieve already applied upgrades
233  $query = '
234SELECT id
235  FROM '.UPGRADE_TABLE.'
236;';
237  $applied = array_from_query($query, 'id');
238
239  // retrieve existing upgrades
240  $existing = get_available_upgrade_ids();
241
242  // which upgrades need to be applied?
243  if (count(array_diff($existing, $applied)) > 0)
244  {
245    $header_msgs[] = 'Some database upgrades are missing, '
246      .'<a href="'.get_absolute_root_url(false).'upgrade_feed.php">upgrade now</a>';
247  }
248}
249
250if (is_adviser())
251{
252  $header_msgs[] = l10n('adviser_mode_enabled');
253}
254
255if (count($header_msgs) > 0)
256{
257  $template->assign('header_msgs', $header_msgs);
258  $header_msgs=array();
259}
260
261if (!empty($conf['filter_pages']) and get_filter_page_value('used'))
262{
263  include(PHPWG_ROOT_PATH.'include/functions_filter.inc.php');
264  include(PHPWG_ROOT_PATH.'include/filter.inc.php');
265}
266else
267{
268  $filter['enabled'] = false;
269}
270
271if (isset($conf['header_notes']))
272{
273  $header_notes = array_merge($header_notes, $conf['header_notes']);
274}
275
276// default event handlers
277add_event_handler('render_category_literal_description', 'render_category_literal_description');
278add_event_handler('render_category_description', 'render_category_description');
279add_event_handler('render_comment_content', 'htmlspecialchars');
280add_event_handler('render_comment_content', 'parse_comment_content');
281add_event_handler('render_comment_author', 'strip_tags');
282trigger_action('init');
283?>
Note: See TracBrowser for help on using the repository browser.