| 1 |
38 |
psotfx |
<?php
|
| 2 |
8130 |
acydburn |
/**
|
| 3 |
5114 |
acydburn |
*
|
| 4 |
5114 |
acydburn |
* @package phpBB3
|
| 5 |
5114 |
acydburn |
* @version $Id$
|
| 6 |
8130 |
acydburn |
* @copyright (c) 2005 phpBB Group
|
| 7 |
8130 |
acydburn |
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
|
| 8 |
5114 |
acydburn |
*
|
| 9 |
8569 |
acydburn |
* Minimum Requirement: PHP 5.2.0+
|
| 10 |
5114 |
acydburn |
*/
|
| 11 |
38 |
psotfx |
|
| 12 |
5193 |
acydburn |
/**
|
| 13 |
5193 |
acydburn |
*/
|
| 14 |
3341 |
psotfx |
if (!defined('IN_PHPBB'))
|
| 15 |
2327 |
psotfx |
{
|
| 16 |
4970 |
psotfx |
exit;
|
| 17 |
2327 |
psotfx |
}
|
| 18 |
2327 |
psotfx |
|
| 19 |
4441 |
psotfx |
$starttime = explode(' ', microtime());
|
| 20 |
4441 |
psotfx |
$starttime = $starttime[1] + $starttime[0];
|
| 21 |
4441 |
psotfx |
|
| 22 |
5980 |
acydburn |
// Report all errors, except notices
|
| 23 |
8296 |
davidmj |
error_reporting(E_ALL ^ E_NOTICE);
|
| 24 |
8467 |
naderman |
date_default_timezone_set('UTC');
|
| 25 |
824 |
psotfx |
|
| 26 |
5860 |
acydburn |
/*
|
| 27 |
5860 |
acydburn |
* Remove variables created by register_globals from the global scope
|
| 28 |
5860 |
acydburn |
* Thanks to Matt Kavanagh
|
| 29 |
5860 |
acydburn |
*/
|
| 30 |
5860 |
acydburn |
function deregister_globals()
|
| 31 |
5860 |
acydburn |
{
|
| 32 |
5860 |
acydburn |
$not_unset = array(
|
| 33 |
6015 |
acydburn |
'GLOBALS' => true,
|
| 34 |
6015 |
acydburn |
'_GET' => true,
|
| 35 |
6015 |
acydburn |
'_POST' => true,
|
| 36 |
6015 |
acydburn |
'_COOKIE' => true,
|
| 37 |
6015 |
acydburn |
'_REQUEST' => true,
|
| 38 |
6015 |
acydburn |
'_SERVER' => true,
|
| 39 |
6015 |
acydburn |
'_SESSION' => true,
|
| 40 |
6015 |
acydburn |
'_ENV' => true,
|
| 41 |
6015 |
acydburn |
'_FILES' => true,
|
| 42 |
6015 |
acydburn |
'phpEx' => true,
|
| 43 |
6015 |
acydburn |
'phpbb_root_path' => true
|
| 44 |
5860 |
acydburn |
);
|
| 45 |
5860 |
acydburn |
|
| 46 |
5860 |
acydburn |
// Not only will array_merge and array_keys give a warning if
|
| 47 |
5860 |
acydburn |
// a parameter is not an array, array_merge will actually fail.
|
| 48 |
5860 |
acydburn |
// So we check if _SESSION has been initialised.
|
| 49 |
5860 |
acydburn |
if (!isset($_SESSION) || !is_array($_SESSION))
|
| 50 |
5860 |
acydburn |
{
|
| 51 |
5860 |
acydburn |
$_SESSION = array();
|
| 52 |
5860 |
acydburn |
}
|
| 53 |
5860 |
acydburn |
|
| 54 |
6015 |
acydburn |
// Merge all into one extremely huge array; unset this later
|
| 55 |
5860 |
acydburn |
$input = array_merge(
|
| 56 |
5860 |
acydburn |
array_keys($_GET),
|
| 57 |
5860 |
acydburn |
array_keys($_POST),
|
| 58 |
5860 |
acydburn |
array_keys($_COOKIE),
|
| 59 |
5860 |
acydburn |
array_keys($_SERVER),
|
| 60 |
5860 |
acydburn |
array_keys($_SESSION),
|
| 61 |
5860 |
acydburn |
array_keys($_ENV),
|
| 62 |
5860 |
acydburn |
array_keys($_FILES)
|
| 63 |
5860 |
acydburn |
);
|
| 64 |
5860 |
acydburn |
|
| 65 |
5860 |
acydburn |
foreach ($input as $varname)
|
| 66 |
5860 |
acydburn |
{
|
| 67 |
5860 |
acydburn |
if (isset($not_unset[$varname]))
|
| 68 |
5860 |
acydburn |
{
|
| 69 |
8127 |
naderman |
// Hacking attempt. No point in continuing unless it's a COOKIE
|
| 70 |
8127 |
naderman |
if ($varname !== 'GLOBALS' || isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_SERVER['GLOBALS']) || isset($_SESSION['GLOBALS']) || isset($_ENV['GLOBALS']) || isset($_FILES['GLOBALS']))
|
| 71 |
8127 |
naderman |
{
|
| 72 |
8127 |
naderman |
exit;
|
| 73 |
8127 |
naderman |
}
|
| 74 |
8127 |
naderman |
else
|
| 75 |
8127 |
naderman |
{
|
| 76 |
8127 |
naderman |
$cookie = &$_COOKIE;
|
| 77 |
8127 |
naderman |
while (isset($cookie['GLOBALS']))
|
| 78 |
8127 |
naderman |
{
|
| 79 |
8127 |
naderman |
foreach ($cookie['GLOBALS'] as $registered_var => $value)
|
| 80 |
8127 |
naderman |
{
|
| 81 |
8127 |
naderman |
if (!isset($not_unset[$registered_var]))
|
| 82 |
8127 |
naderman |
{
|
| 83 |
8127 |
naderman |
unset($GLOBALS[$registered_var]);
|
| 84 |
8127 |
naderman |
}
|
| 85 |
8127 |
naderman |
}
|
| 86 |
8127 |
naderman |
$cookie = &$cookie['GLOBALS'];
|
| 87 |
8127 |
naderman |
}
|
| 88 |
8127 |
naderman |
}
|
| 89 |
5860 |
acydburn |
}
|
| 90 |
5860 |
acydburn |
|
| 91 |
5860 |
acydburn |
unset($GLOBALS[$varname]);
|
| 92 |
5860 |
acydburn |
}
|
| 93 |
5860 |
acydburn |
|
| 94 |
5860 |
acydburn |
unset($input);
|
| 95 |
5860 |
acydburn |
}
|
| 96 |
5860 |
acydburn |
|
| 97 |
5824 |
acydburn |
// If we are on PHP >= 6.0.0 we do not need some code
|
| 98 |
6779 |
davidmj |
if (version_compare(PHP_VERSION, '6.0.0-dev', '>='))
|
| 99 |
5608 |
davidmj |
{
|
| 100 |
5883 |
acydburn |
/**
|
| 101 |
5883 |
acydburn |
* @ignore
|
| 102 |
5883 |
acydburn |
*/
|
| 103 |
5824 |
acydburn |
define('STRIP', false);
|
| 104 |
5608 |
davidmj |
}
|
| 105 |
5824 |
acydburn |
else
|
| 106 |
5608 |
davidmj |
{
|
| 107 |
8759 |
aptx |
@set_magic_quotes_runtime(0);
|
| 108 |
5608 |
davidmj |
|
| 109 |
5824 |
acydburn |
// Be paranoid with passed vars
|
| 110 |
8116 |
acydburn |
if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on' || !function_exists('ini_get'))
|
| 111 |
5824 |
acydburn |
{
|
| 112 |
5860 |
acydburn |
deregister_globals();
|
| 113 |
5608 |
davidmj |
}
|
| 114 |
5608 |
davidmj |
|
| 115 |
5824 |
acydburn |
define('STRIP', (get_magic_quotes_gpc()) ? true : false);
|
| 116 |
4427 |
ludovic_arnaud |
}
|
| 117 |
4427 |
ludovic_arnaud |
|
| 118 |
5136 |
acydburn |
if (defined('IN_CRON'))
|
| 119 |
5136 |
acydburn |
{
|
| 120 |
8572 |
acydburn |
@define('PHPBB_ROOT_PATH', dirname(__FILE__) . DIRECTORY_SEPARATOR);
|
| 121 |
5136 |
acydburn |
}
|
| 122 |
5136 |
acydburn |
|
| 123 |
8572 |
acydburn |
if (!file_exists(PHPBB_ROOT_PATH . 'config.' . PHP_EXT))
|
| 124 |
6045 |
naderman |
{
|
| 125 |
8572 |
acydburn |
die('<p>The config.' . PHP_EXT . ' file could not be found.</p><p><a href="' . PHPBB_ROOT_PATH . 'install/index.' . PHP_EXT . '">Click here to install phpBB</a></p>');
|
| 126 |
6045 |
naderman |
}
|
| 127 |
6045 |
naderman |
|
| 128 |
8572 |
acydburn |
require(PHPBB_ROOT_PATH . 'config.' . PHP_EXT);
|
| 129 |
5859 |
acydburn |
|
| 130 |
5859 |
acydburn |
if (!defined('PHPBB_INSTALLED'))
|
| 131 |
2532 |
psotfx |
{
|
| 132 |
6154 |
grahamje |
// Redirect the user to the installer
|
| 133 |
6154 |
grahamje |
// We have to generate a full HTTP/1.1 header here since we can't guarantee to have any of the information
|
| 134 |
6154 |
grahamje |
// available as used by the redirect function
|
| 135 |
8349 |
acydburn |
$server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));
|
| 136 |
6154 |
grahamje |
$server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT');
|
| 137 |
6154 |
grahamje |
$secure = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 1 : 0;
|
| 138 |
6154 |
grahamje |
|
| 139 |
6154 |
grahamje |
$script_name = (!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : getenv('PHP_SELF');
|
| 140 |
6154 |
grahamje |
if (!$script_name)
|
| 141 |
6154 |
grahamje |
{
|
| 142 |
6154 |
grahamje |
$script_name = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI');
|
| 143 |
6154 |
grahamje |
}
|
| 144 |
6154 |
grahamje |
|
| 145 |
6204 |
ludovic_arnaud |
// Replace any number of consecutive backslashes and/or slashes with a single slash
|
| 146 |
6204 |
ludovic_arnaud |
// (could happen on some proxy setups and/or Windows servers)
|
| 147 |
8572 |
acydburn |
$script_path = trim(dirname($script_name)) . '/install/index.' . PHP_EXT;
|
| 148 |
6204 |
ludovic_arnaud |
$script_path = preg_replace('#[\\\\/]{2,}#', '/', $script_path);
|
| 149 |
6154 |
grahamje |
|
| 150 |
6154 |
grahamje |
$url = (($secure) ? 'https://' : 'http://') . $server_name;
|
| 151 |
6154 |
grahamje |
|
| 152 |
6154 |
grahamje |
if ($server_port && (($secure && $server_port <> 443) || (!$secure && $server_port <> 80)))
|
| 153 |
6154 |
grahamje |
{
|
| 154 |
8349 |
acydburn |
// HTTP HOST can carry a port number...
|
| 155 |
8349 |
acydburn |
if (strpos($server_name, ':') === false)
|
| 156 |
8349 |
acydburn |
{
|
| 157 |
8349 |
acydburn |
$url .= ':' . $server_port;
|
| 158 |
8349 |
acydburn |
}
|
| 159 |
6154 |
grahamje |
}
|
| 160 |
6154 |
grahamje |
|
| 161 |
6155 |
grahamje |
$url .= $script_path;
|
| 162 |
6154 |
grahamje |
header('Location: ' . $url);
|
| 163 |
5859 |
acydburn |
exit;
|
| 164 |
5859 |
acydburn |
}
|
| 165 |
824 |
psotfx |
|
| 166 |
5859 |
acydburn |
if (defined('DEBUG_EXTRA'))
|
| 167 |
5859 |
acydburn |
{
|
| 168 |
5859 |
acydburn |
$base_memory_usage = 0;
|
| 169 |
5859 |
acydburn |
if (function_exists('memory_get_usage'))
|
| 170 |
4984 |
acydburn |
{
|
| 171 |
5859 |
acydburn |
$base_memory_usage = memory_get_usage();
|
| 172 |
4984 |
acydburn |
}
|
| 173 |
5859 |
acydburn |
}
|
| 174 |
4984 |
acydburn |
|
| 175 |
5859 |
acydburn |
// Load Extensions
|
| 176 |
5859 |
acydburn |
if (!empty($load_extensions))
|
| 177 |
5859 |
acydburn |
{
|
| 178 |
5859 |
acydburn |
$load_extensions = explode(',', $load_extensions);
|
| 179 |
3528 |
acydburn |
|
| 180 |
5859 |
acydburn |
foreach ($load_extensions as $extension)
|
| 181 |
3528 |
acydburn |
{
|
| 182 |
5859 |
acydburn |
@dl(trim($extension));
|
| 183 |
3528 |
acydburn |
}
|
| 184 |
3528 |
acydburn |
}
|
| 185 |
3528 |
acydburn |
|
| 186 |
5246 |
acydburn |
// Include files
|
| 187 |
8572 |
acydburn |
require(PHPBB_ROOT_PATH . 'includes/acm/acm_' . $acm_type . '.' . PHP_EXT);
|
| 188 |
8572 |
acydburn |
require(PHPBB_ROOT_PATH . 'includes/cache.' . PHP_EXT);
|
| 189 |
8572 |
acydburn |
require(PHPBB_ROOT_PATH . 'includes/template.' . PHP_EXT);
|
| 190 |
8572 |
acydburn |
require(PHPBB_ROOT_PATH . 'includes/session.' . PHP_EXT);
|
| 191 |
8572 |
acydburn |
require(PHPBB_ROOT_PATH . 'includes/auth.' . PHP_EXT);
|
| 192 |
8139 |
acydburn |
|
| 193 |
8572 |
acydburn |
require(PHPBB_ROOT_PATH . 'includes/functions.' . PHP_EXT);
|
| 194 |
8572 |
acydburn |
require(PHPBB_ROOT_PATH . 'includes/functions_content.' . PHP_EXT);
|
| 195 |
8139 |
acydburn |
|
| 196 |
8572 |
acydburn |
require(PHPBB_ROOT_PATH . 'includes/constants.' . PHP_EXT);
|
| 197 |
8572 |
acydburn |
require(PHPBB_ROOT_PATH . 'includes/db/' . $dbms . '.' . PHP_EXT);
|
| 198 |
8572 |
acydburn |
require(PHPBB_ROOT_PATH . 'includes/utf/utf_tools.' . PHP_EXT);
|
| 199 |
5246 |
acydburn |
|
| 200 |
2970 |
psotfx |
// Set PHP error handler to ours
|
| 201 |
8073 |
acydburn |
set_error_handler(defined('PHPBB_MSG_HANDLER') ? PHPBB_MSG_HANDLER : 'msg_handler');
|
| 202 |
1452 |
bartvb |
|
| 203 |
3341 |
psotfx |
// Instantiate some basic classes
|
| 204 |
4164 |
psotfx |
$user = new user();
|
| 205 |
4164 |
psotfx |
$auth = new auth();
|
| 206 |
4346 |
psotfx |
$template = new template();
|
| 207 |
8295 |
davidmj |
$cache = new acm();
|
| 208 |
5859 |
acydburn |
$db = new $sql_db();
|
| 209 |
4164 |
psotfx |
|
| 210 |
5859 |
acydburn |
// Connect to DB
|
| 211 |
8246 |
naderman |
$db->sql_connect($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false, defined('PHPBB_DB_NEW_LINK') ? PHPBB_DB_NEW_LINK : false);
|
| 212 |
2673 |
psotfx |
|
| 213 |
5859 |
acydburn |
// We do not need this any longer, unset for safety purposes
|
| 214 |
5859 |
acydburn |
unset($dbpasswd);
|
| 215 |
5108 |
acydburn |
|
| 216 |
5859 |
acydburn |
// Grab global variables, re-cache if necessary
|
| 217 |
8295 |
davidmj |
$config = cache::obtain_config();
|
| 218 |
3360 |
ludovic_arnaud |
|
| 219 |
8100 |
acydburn |
// Add own hook handler
|
| 220 |
8572 |
acydburn |
require(PHPBB_ROOT_PATH . 'includes/hooks/index.' . PHP_EXT);
|
| 221 |
8100 |
acydburn |
$phpbb_hook = new phpbb_hook(array('exit_handler', 'phpbb_user_session_handler', 'append_sid', array('template', 'display')));
|
| 222 |
8100 |
acydburn |
|
| 223 |
8295 |
davidmj |
foreach (cache::obtain_hooks() as $hook)
|
| 224 |
8100 |
acydburn |
{
|
| 225 |
8572 |
acydburn |
@include(PHPBB_ROOT_PATH . 'includes/hooks/' . $hook . '.' . PHP_EXT);
|
| 226 |
8100 |
acydburn |
}
|
| 227 |
8100 |
acydburn |
|
| 228 |
5855 |
acydburn |
?> |