- Timestamp:
- Feb 11, 2004, 11:31:08 PM (21 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/include/common.inc.php
r354 r359 1 1 <?php 2 2 // +-----------------------------------------------------------------------+ 3 // | common.inc.php 3 // | common.inc.php | 4 4 // +-----------------------------------------------------------------------+ 5 5 // | application : PhpWebGallery <http://phpwebgallery.net> | … … 25 25 // | USA. | 26 26 // +-----------------------------------------------------------------------+ 27 // determine the initial instant to indicate the generation time of this page 27 28 // determine the initial instant to indicate the generation time of this 29 // page 28 30 $t1 = explode( ' ', microtime() ); 29 31 $t2 = explode( '.', $t1[0] ); … … 33 35 34 36 // 35 // addslashes to vars if magic_quotes_gpc is off 36 // this is a security precaution to prevent someone 37 // trying to break out of a SQL statement. 37 // addslashes to vars if magic_quotes_gpc is off this is a security 38 // precaution to prevent someone trying to break out of a SQL statement. 38 39 // 39 40 if( !get_magic_quotes_gpc() ) 40 41 { 41 if( is_array( $HTTP_GET_VARS) )42 { 43 while( list($k, $v) = each($ HTTP_GET_VARS) )42 if( is_array( $_GET ) ) 43 { 44 while( list($k, $v) = each($_GET) ) 44 45 { 45 if( is_array($HTTP_GET_VARS[$k]) )46 47 while( list($k2, $v2) = each($ HTTP_GET_VARS[$k]) )46 if( is_array($_GET[$k]) ) 47 { 48 while( list($k2, $v2) = each($_GET[$k]) ) 48 49 { 49 $HTTP_GET_VARS[$k][$k2] = addslashes($v2);50 51 @reset($HTTP_GET_VARS[$k]);52 53 54 55 $HTTP_GET_VARS[$k] = addslashes($v);56 57 58 @reset($HTTP_GET_VARS);50 $_GET[$k][$k2] = addslashes($v2); 51 } 52 @reset($_GET[$k]); 53 } 54 else 55 { 56 $_GET[$k] = addslashes($v); 57 } 58 } 59 @reset($_GET); 59 60 } 60 61 61 if( is_array($ HTTP_POST_VARS) )62 { 63 while( list($k, $v) = each($HTTP_POST_VARS) )64 65 if( is_array($HTTP_POST_VARS[$k]) )66 67 while( list($k2, $v2) = each($HTTP_POST_VARS[$k]) )68 69 $HTTP_POST_VARS[$k][$k2] = addslashes($v2);70 71 @reset($HTTP_POST_VARS[$k]);72 73 74 75 $HTTP_POST_VARS[$k] = addslashes($v);76 62 if( is_array($_POST) ) 63 { 64 while( list($k, $v) = each($_POST) ) 65 { 66 if( is_array($_POST[$k]) ) 67 { 68 while( list($k2, $v2) = each($_POST[$k]) ) 69 { 70 $_POST[$k][$k2] = addslashes($v2); 71 } 72 @reset($_POST[$k]); 73 } 74 else 75 { 76 $_POST[$k] = addslashes($v); 77 } 77 78 } 78 @reset($ HTTP_POST_VARS);79 } 80 81 if( is_array($ HTTP_COOKIE_VARS) )82 { 83 while( list($k, $v) = each($ HTTP_COOKIE_VARS) )79 @reset($_POST); 80 } 81 82 if( is_array($_COOKIE) ) 83 { 84 while( list($k, $v) = each($_COOKIE) ) 84 85 { 85 if( is_array($HTTP_COOKIE_VARS[$k]) )86 87 while( list($k2, $v2) = each($HTTP_COOKIE_VARS[$k]) )88 89 $HTTP_COOKIE_VARS[$k][$k2] = addslashes($v2);90 91 @reset($HTTP_COOKIE_VARS[$k]);92 93 94 95 $HTTP_COOKIE_VARS[$k] = addslashes($v);96 86 if( is_array($_COOKIE[$k]) ) 87 { 88 while( list($k2, $v2) = each($_COOKIE[$k]) ) 89 { 90 $_COOKIE[$k][$k2] = addslashes($v2); 91 } 92 @reset($_COOKIE[$k]); 93 } 94 else 95 { 96 $_COOKIE[$k] = addslashes($v); 97 } 97 98 } 98 @reset($HTTP_COOKIE_VARS); 99 } 100 } 101 102 // 103 // Define some basic configuration arrays this also prevents 104 // malicious rewriting of language and otherarray values via 105 // URI params 99 @reset($_COOKIE); 100 } 101 } 102 103 // 104 // Define some basic configuration arrays this also prevents malicious 105 // rewriting of language and otherarray values via URI params 106 106 // 107 107 $conf = array(); … … 110 110 $lang = array(); 111 111 112 include($phpwg_root_path .'config.php');113 114 112 if( !defined("PHPWG_INSTALLED") ) 115 113 { 116 header("Location: install.php");117 118 } 119 120 include( $phpwg_root_path . 'include/constants.php');121 include( $phpwg_root_path . 'include/functions.inc.php');122 include( $phpwg_root_path . 'include/template.php');123 include( $phpwg_root_path . 'include/vtemplate.class.php');124 include( $phpwg_root_path . 'include/config.inc.php');114 header( 'Location: install.php' ); 115 exit; 116 } 117 118 include( $phpwg_root_path.'include/constants.php' ); 119 include( $phpwg_root_path.'include/functions.inc.php' ); 120 include( $phpwg_root_path.'include/template.php' ); 121 include( $phpwg_root_path.'include/vtemplate.class.php' ); 122 include( $phpwg_root_path.'include/config.inc.php' ); 125 123 126 124 // … … 129 127 130 128 mysql_connect( $cfgHote, $cfgUser, $cfgPassword ) 131 129 or die ( "Could not connect to server" ); 132 130 mysql_select_db( $cfgBase ) 133 131 or die ( "Could not connect to database" ); 134 132 135 133 // 136 134 // Obtain and encode users IP 137 135 // 138 if( getenv('HTTP_X_FORWARDED_FOR') != '' ) 139 { 140 $client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR ); 141 142 if ( preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/", getenv('HTTP_X_FORWARDED_FOR'), $ip_list) ) 143 { 144 $private_ip = array('/^0\./', '/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.16\..*/', '/^10.\.*/', '/^224.\.*/', '/^240.\.*/'); 136 if ( getenv( 'HTTP_X_FORWARDED_FOR' ) != '' ) 137 { 138 $client_ip = ( !empty($_SERVER['REMOTE_ADDR']) ) ? $_SERVER['REMOTE_ADDR'] : ( ( !empty($_ENV['REMOTE_ADDR']) ) ? $_ENV['REMOTE_ADDR'] : $REMOTE_ADDR ); 139 140 if ( preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/", 141 getenv('HTTP_X_FORWARDED_FOR'), $ip_list) ) 142 { 143 $private_ip = array( '/^0\./' 144 ,'/^127\.0\.0\.1/' 145 ,'/^192\.168\..*/' 146 ,'/^172\.16\..*/' 147 ,'/^10.\.*/' 148 ,'/^224.\.*/' 149 ,'/^240.\.*/' 150 ); 145 151 $client_ip = preg_replace($private_ip, $client_ip, $ip_list[1]); 146 152 } … … 148 154 else 149 155 { 150 $client_ip = ( !empty($ HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );156 $client_ip = ( !empty($_SERVER['REMOTE_ADDR']) ) ? $_SERVER['REMOTE_ADDR'] : ( ( !empty($_ENV['REMOTE_ADDR']) ) ? $_ENV['REMOTE_ADDR'] : $REMOTE_ADDR ); 151 157 } 152 158 $user_ip = encode_ip($client_ip); 153 159 154 160 // 155 // Setup forum wide options, if this fails 156 // then we output a CRITICAL_ERROR since 157 // basic forum information is not available 158 // 159 $sql = "SELECT * FROM " . CONFIG_TABLE; 161 // Setup forum wide options, if this fails then we output a CRITICAL_ERROR 162 // since basic forum information is not available 163 // 164 $sql = 'SELECT * FROM '.CONFIG_TABLE; 160 165 if( !($result = mysql_query($sql)) ) 161 166 { … … 189 194 } 190 195 191 if (file_exists('install.php') && !DEBUG)192 {193 die('Please ensure both the install/ and contrib/ directories are deleted');194 }195 196 197 196 //--------------- 198 197 // A partir d'ici il faudra dispatcher le code dans d'autres fichiers
Note: See TracChangeset
for help on using the changeset viewer.