source: trunk/include/common.inc.php @ 2543

Last change on this file since 2543 was 2543, checked in by rvelices, 16 years ago
  • fix status header (web services + IE6 min display)
  • sql optims in feed /notification
  • dont send cookie for 10 years from admin/history.php
  • Property svn:eol-style set to LF
  • Property svn:keywords set to Author Date Id Revision
File size: 8.1 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based picture gallery                                  |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008      Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24defined('PHPWG_ROOT_PATH') or trigger_error('Hacking attempt!', E_USER_ERROR);
25
26// determine the initial instant to indicate the generation time of this page
27$t1 = explode( ' ', microtime() );
28$t2 = explode( '.', $t1[0] );
29$t2 = $t1[1].'.'.$t2[1];
30
31set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
32
33//
34// addslashes to vars if magic_quotes_gpc is off this is a security
35// precaution to prevent someone trying to break out of a SQL statement.
36//
37if( !get_magic_quotes_gpc() )
38{
39  if( is_array( $_GET ) )
40  {
41    while( list($k, $v) = each($_GET) )
42    {
43      if( is_array($_GET[$k]) )
44      {
45        while( list($k2, $v2) = each($_GET[$k]) )
46        {
47          $_GET[$k][$k2] = addslashes($v2);
48        }
49        @reset($_GET[$k]);
50      }
51      else
52      {
53        $_GET[$k] = addslashes($v);
54      }
55    }
56    @reset($_GET);
57  }
58
59  if( is_array($_POST) )
60  {
61    while( list($k, $v) = each($_POST) )
62    {
63      if( is_array($_POST[$k]) )
64      {
65        while( list($k2, $v2) = each($_POST[$k]) )
66        {
67          $_POST[$k][$k2] = addslashes($v2);
68        }
69        @reset($_POST[$k]);
70      }
71      else
72      {
73        $_POST[$k] = addslashes($v);
74      }
75    }
76    @reset($_POST);
77  }
78
79  if( is_array($_COOKIE) )
80  {
81    while( list($k, $v) = each($_COOKIE) )
82    {
83      if( is_array($_COOKIE[$k]) )
84      {
85        while( list($k2, $v2) = each($_COOKIE[$k]) )
86        {
87          $_COOKIE[$k][$k2] = addslashes($v2);
88        }
89        @reset($_COOKIE[$k]);
90      }
91      else
92      {
93        $_COOKIE[$k] = addslashes($v);
94      }
95    }
96    @reset($_COOKIE);
97  }
98}
99if ( !empty($_SERVER["PATH_INFO"]) )
100{
101  $_SERVER["PATH_INFO"] = addslashes($_SERVER["PATH_INFO"]);
102}
103
104//
105// Define some basic configuration arrays this also prevents malicious
106// rewriting of language and otherarray values via URI params
107//
108$conf = array();
109$page = array();
110$user = array();
111$lang = array();
112$header_msgs = array();
113$header_notes = array();
114$filter = array();
115
116@include(PHPWG_ROOT_PATH .'include/mysql.inc.php');
117if (!defined('PHPWG_INSTALLED'))
118{
119  header('Location: install.php');
120  exit;
121}
122
123foreach( array(
124  'array_intersect_key', //PHP 5 >= 5.1.0RC1
125  'hash_hmac', //(hash) - enabled by default as of PHP 5.1.2
126  'preg_last_error', // PHP 5 >= 5.2.0
127  'file_put_contents', //PHP5
128  ) as $func)
129{
130  if (!function_exists($func))
131  {
132    include_once(PHPWG_ROOT_PATH . 'include/php_compat/'.$func.'.php');
133  }
134}
135
136include(PHPWG_ROOT_PATH . 'include/config_default.inc.php');
137@include(PHPWG_ROOT_PATH. 'include/config_local.inc.php');
138include(PHPWG_ROOT_PATH . 'include/constants.php');
139include(PHPWG_ROOT_PATH . 'include/functions.inc.php');
140include(PHPWG_ROOT_PATH . 'include/template.class.php');
141
142// Database connection
143@mysql_connect( $cfgHote, $cfgUser, $cfgPassword ) or my_error( 'mysql_connect', true );
144@mysql_select_db( $cfgBase ) or my_error( 'mysql_select_db', true );
145
146defined('PWG_CHARSET') and defined('DB_CHARSET')
147  or fatal_error('PWG_CHARSET and/or DB_CHARSET is not defined');
148if ( version_compare(mysql_get_server_info(), '4.1.0', '>=') )
149{
150  if (DB_CHARSET!='')
151  {
152    pwg_query('SET NAMES "'.DB_CHARSET.'"');
153  }
154}
155else
156{
157  if ( strtolower(PWG_CHARSET)!='iso-8859-1' )
158  {
159    fatal_error('PWG supports only iso-8859-1 charset on MySql version '.mysql_get_server_info());
160  }
161}
162
163//
164// Setup gallery wide options, if this fails then we output a CRITICAL_ERROR
165// since basic gallery information is not available
166//
167load_conf_from_db();
168load_plugins();
169
170include(PHPWG_ROOT_PATH.'include/user.inc.php');
171
172
173// language files
174load_language('common.lang');
175if ( is_admin() || (defined('IN_ADMIN') and IN_ADMIN) )
176{
177  load_language('admin.lang');
178}
179trigger_action('loading_lang');
180load_language('local.lang', '', array('no_fallback'=>true) );
181
182// only now we can set the localized username of the guest user (and not in
183// include/user.inc.php)
184if (is_a_guest())
185{
186  $user['username'] = l10n('guest');
187}
188
189// template instance
190if
191  (
192      defined('IN_ADMIN') and IN_ADMIN
193  )
194{
195  // Admin template
196  //$template = new Template(PHPWG_ROOT_PATH.'template/'.$user['admin_template'], $user['admin_theme'] );
197  list($user['admin_template'], $user['admin_theme']) =
198    explode ('/', $conf['admin_layout']);
199  $template = new Template(PHPWG_ROOT_PATH.'admin/template/'
200    . $user['admin_template'], $user['admin_theme'] );
201}
202else
203{
204  // Classic template
205  $template = new Template(PHPWG_ROOT_PATH.'template/'
206    . $user['template'], $user['theme'] );
207}
208
209if (isset($user['internal_status']['guest_must_be_guest'])
210    and
211    $user['internal_status']['guest_must_be_guest'] === true)
212{
213  $header_msgs[] = l10n('guest_must_be_guest');
214}
215
216if ($conf['gallery_locked'])
217{
218  $header_msgs[] = l10n('gallery_locked_message');
219
220  if ( script_basename() != 'identification' and !is_admin() )
221  {
222    set_status_header(503, 'Service Unavailable');
223    @header('Retry-After: 900');
224    echo l10n('gallery_locked_message')
225      .'<a href="'.get_absolute_root_url(false).'identification.php">.</a>';
226    echo str_repeat( ' ', 512); //IE6 doesn't error output if below a size
227    exit();
228  }
229}
230
231if ($conf['check_upgrade_feed']
232    and defined('PHPWG_IN_UPGRADE')
233    and PHPWG_IN_UPGRADE)
234{
235
236  // retrieve already applied upgrades
237  $query = '
238SELECT id
239  FROM '.UPGRADE_TABLE.'
240;';
241  $applied = array_from_query($query, 'id');
242
243  // retrieve existing upgrades
244  $existing = get_available_upgrade_ids();
245
246  // which upgrades need to be applied?
247  if (count(array_diff($existing, $applied)) > 0)
248  {
249    $header_msgs[] = 'Some database upgrades are missing, '
250      .'<a href="'.get_absolute_root_url(false).'upgrade_feed.php">upgrade now</a>';
251  }
252}
253
254if (is_adviser())
255{
256  $header_msgs[] = l10n('adviser_mode_enabled');
257}
258
259if (count($header_msgs) > 0)
260{
261  $template->assign('header_msgs', $header_msgs);
262  $header_msgs=array();
263}
264
265if (!empty($conf['filter_pages']) and get_filter_page_value('used'))
266{
267  include(PHPWG_ROOT_PATH.'include/filter.inc.php');
268}
269else
270{
271  $filter['enabled'] = false;
272}
273
274if (isset($conf['header_notes']))
275{
276  $header_notes = array_merge($header_notes, $conf['header_notes']);
277}
278
279// default event handlers
280add_event_handler('render_category_literal_description', 'render_category_literal_description');
281add_event_handler('render_category_description', 'render_category_description');
282add_event_handler('render_comment_content', 'htmlspecialchars');
283add_event_handler('render_comment_content', 'parse_comment_content');
284add_event_handler('render_comment_author', 'strip_tags');
285add_event_handler('blockmanager_register_blocks', 'register_default_menubar_blocks', EVENT_HANDLER_PRIORITY_NEUTRAL-1);
286trigger_action('init');
287?>
Note: See TracBrowser for help on using the repository browser.