| 1 |
<?php
|
| 2 |
/**
|
| 3 |
*
|
| 4 |
* @package phpBB3
|
| 5 |
* @version $Id: common.php 8759 2008-08-15 13:00:20Z aptx $
|
| 6 |
* @copyright (c) 2005 phpBB Group
|
| 7 |
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
|
| 8 |
*
|
| 9 |
* Minimum Requirement: PHP 5.2.0+
|
| 10 |
*/
|
| 11 |
|
| 12 |
/**
|
| 13 |
*/
|
| 14 |
if (!defined('IN_PHPBB'))
|
| 15 |
{
|
| 16 |
exit;
|
| 17 |
}
|
| 18 |
|
| 19 |
$starttime = explode(' ', microtime());
|
| 20 |
$starttime = $starttime[1] + $starttime[0];
|
| 21 |
|
| 22 |
// Report all errors, except notices
|
| 23 |
error_reporting(E_ALL ^ E_NOTICE);
|
| 24 |
date_default_timezone_set('UTC');
|
| 25 |
|
| 26 |
/*
|
| 27 |
* Remove variables created by register_globals from the global scope
|
| 28 |
* Thanks to Matt Kavanagh
|
| 29 |
*/
|
| 30 |
function deregister_globals()
|
| 31 |
{
|
| 32 |
$not_unset = array(
|
| 33 |
'GLOBALS' => true,
|
| 34 |
'_GET' => true,
|
| 35 |
'_POST' => true,
|
| 36 |
'_COOKIE' => true,
|
| 37 |
'_REQUEST' => true,
|
| 38 |
'_SERVER' => true,
|
| 39 |
'_SESSION' => true,
|
| 40 |
'_ENV' => true,
|
| 41 |
'_FILES' => true,
|
| 42 |
'phpEx' => true,
|
| 43 |
'phpbb_root_path' => true
|
| 44 |
);
|
| 45 |
|
| 46 |
// Not only will array_merge and array_keys give a warning if
|
| 47 |
// a parameter is not an array, array_merge will actually fail.
|
| 48 |
// So we check if _SESSION has been initialised.
|
| 49 |
if (!isset($_SESSION) || !is_array($_SESSION))
|
| 50 |
{
|
| 51 |
$_SESSION = array();
|
| 52 |
}
|
| 53 |
|
| 54 |
// Merge all into one extremely huge array; unset this later
|
| 55 |
$input = array_merge(
|
| 56 |
array_keys($_GET),
|
| 57 |
array_keys($_POST),
|
| 58 |
array_keys($_COOKIE),
|
| 59 |
array_keys($_SERVER),
|
| 60 |
array_keys($_SESSION),
|
| 61 |
array_keys($_ENV),
|
| 62 |
array_keys($_FILES)
|
| 63 |
);
|
| 64 |
|
| 65 |
foreach ($input as $varname)
|
| 66 |
{
|
| 67 |
if (isset($not_unset[$varname]))
|
| 68 |
{
|
| 69 |
// Hacking attempt. No point in continuing unless it's a COOKIE
|
| 70 |
if ($varname !== 'GLOBALS' || isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_SERVER['GLOBALS']) || isset($_SESSION['GLOBALS']) || isset($_ENV['GLOBALS']) || isset($_FILES['GLOBALS']))
|
| 71 |
{
|
| 72 |
exit;
|
| 73 |
}
|
| 74 |
else
|
| 75 |
{
|
| 76 |
$cookie = &$_COOKIE;
|
| 77 |
while (isset($cookie['GLOBALS']))
|
| 78 |
{
|
| 79 |
foreach ($cookie['GLOBALS'] as $registered_var => $value)
|
| 80 |
{
|
| 81 |
if (!isset($not_unset[$registered_var]))
|
| 82 |
{
|
| 83 |
unset($GLOBALS[$registered_var]);
|
| 84 |
}
|
| 85 |
}
|
| 86 |
$cookie = &$cookie['GLOBALS'];
|
| 87 |
}
|
| 88 |
}
|
| 89 |
}
|
| 90 |
|
| 91 |
unset($GLOBALS[$varname]);
|
| 92 |
}
|
| 93 |
|
| 94 |
unset($input);
|
| 95 |
}
|
| 96 |
|
| 97 |
// If we are on PHP >= 6.0.0 we do not need some code
|
| 98 |
if (version_compare(PHP_VERSION, '6.0.0-dev', '>='))
|
| 99 |
{
|
| 100 |
/**
|
| 101 |
* @ignore
|
| 102 |
*/
|
| 103 |
define('STRIP', false);
|
| 104 |
}
|
| 105 |
else
|
| 106 |
{
|
| 107 |
@set_magic_quotes_runtime(0);
|
| 108 |
|
| 109 |
// Be paranoid with passed vars
|
| 110 |
if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on' || !function_exists('ini_get'))
|
| 111 |
{
|
| 112 |
deregister_globals();
|
| 113 |
}
|
| 114 |
|
| 115 |
define('STRIP', (get_magic_quotes_gpc()) ? true : false);
|
| 116 |
}
|
| 117 |
|
| 118 |
if (defined('IN_CRON'))
|
| 119 |
{
|
| 120 |
@define('PHPBB_ROOT_PATH', dirname(__FILE__) . DIRECTORY_SEPARATOR);
|
| 121 |
}
|
| 122 |
|
| 123 |
if (!file_exists(PHPBB_ROOT_PATH . 'config.' . PHP_EXT))
|
| 124 |
{
|
| 125 |
die('<p>The config.' . PHP_EXT . ' file could not be found.</p><p><a href="' . PHPBB_ROOT_PATH . 'install/index.' . PHP_EXT . '">Click here to install phpBB</a></p>');
|
| 126 |
}
|
| 127 |
|
| 128 |
require(PHPBB_ROOT_PATH . 'config.' . PHP_EXT);
|
| 129 |
|
| 130 |
if (!defined('PHPBB_INSTALLED'))
|
| 131 |
{
|
| 132 |
// Redirect the user to the installer
|
| 133 |
// We have to generate a full HTTP/1.1 header here since we can't guarantee to have any of the information
|
| 134 |
// available as used by the redirect function
|
| 135 |
$server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));
|
| 136 |
$server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT');
|
| 137 |
$secure = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 1 : 0;
|
| 138 |
|
| 139 |
$script_name = (!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : getenv('PHP_SELF');
|
| 140 |
if (!$script_name)
|
| 141 |
{
|
| 142 |
$script_name = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI');
|
| 143 |
}
|
| 144 |
|
| 145 |
// Replace any number of consecutive backslashes and/or slashes with a single slash
|
| 146 |
// (could happen on some proxy setups and/or Windows servers)
|
| 147 |
$script_path = trim(dirname($script_name)) . '/install/index.' . PHP_EXT;
|
| 148 |
$script_path = preg_replace('#[\\\\/]{2,}#', '/', $script_path);
|
| 149 |
|
| 150 |
$url = (($secure) ? 'https://' : 'http://') . $server_name;
|
| 151 |
|
| 152 |
if ($server_port && (($secure && $server_port <> 443) || (!$secure && $server_port <> 80)))
|
| 153 |
{
|
| 154 |
// HTTP HOST can carry a port number...
|
| 155 |
if (strpos($server_name, ':') === false)
|
| 156 |
{
|
| 157 |
$url .= ':' . $server_port;
|
| 158 |
}
|
| 159 |
}
|
| 160 |
|
| 161 |
$url .= $script_path;
|
| 162 |
header('Location: ' . $url);
|
| 163 |
exit;
|
| 164 |
}
|
| 165 |
|
| 166 |
if (defined('DEBUG_EXTRA'))
|
| 167 |
{
|
| 168 |
$base_memory_usage = 0;
|
| 169 |
if (function_exists('memory_get_usage'))
|
| 170 |
{
|
| 171 |
$base_memory_usage = memory_get_usage();
|
| 172 |
}
|
| 173 |
}
|
| 174 |
|
| 175 |
// Load Extensions
|
| 176 |
if (!empty($load_extensions))
|
| 177 |
{
|
| 178 |
$load_extensions = explode(',', $load_extensions);
|
| 179 |
|
| 180 |
foreach ($load_extensions as $extension)
|
| 181 |
{
|
| 182 |
@dl(trim($extension));
|
| 183 |
}
|
| 184 |
}
|
| 185 |
|
| 186 |
// Include files
|
| 187 |
require(PHPBB_ROOT_PATH . 'includes/acm/acm_' . $acm_type . '.' . PHP_EXT);
|
| 188 |
require(PHPBB_ROOT_PATH . 'includes/cache.' . PHP_EXT);
|
| 189 |
require(PHPBB_ROOT_PATH . 'includes/template.' . PHP_EXT);
|
| 190 |
require(PHPBB_ROOT_PATH . 'includes/session.' . PHP_EXT);
|
| 191 |
require(PHPBB_ROOT_PATH . 'includes/auth.' . PHP_EXT);
|
| 192 |
|
| 193 |
require(PHPBB_ROOT_PATH . 'includes/functions.' . PHP_EXT);
|
| 194 |
require(PHPBB_ROOT_PATH . 'includes/functions_content.' . PHP_EXT);
|
| 195 |
|
| 196 |
require(PHPBB_ROOT_PATH . 'includes/constants.' . PHP_EXT);
|
| 197 |
require(PHPBB_ROOT_PATH . 'includes/db/' . $dbms . '.' . PHP_EXT);
|
| 198 |
require(PHPBB_ROOT_PATH . 'includes/utf/utf_tools.' . PHP_EXT);
|
| 199 |
|
| 200 |
// Set PHP error handler to ours
|
| 201 |
set_error_handler(defined('PHPBB_MSG_HANDLER') ? PHPBB_MSG_HANDLER : 'msg_handler');
|
| 202 |
|
| 203 |
// Instantiate some basic classes
|
| 204 |
$user = new user();
|
| 205 |
$auth = new auth();
|
| 206 |
$template = new template();
|
| 207 |
$cache = new acm();
|
| 208 |
$db = new $sql_db();
|
| 209 |
|
| 210 |
// Connect to DB
|
| 211 |
$db->sql_connect($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false, defined('PHPBB_DB_NEW_LINK') ? PHPBB_DB_NEW_LINK : false);
|
| 212 |
|
| 213 |
// We do not need this any longer, unset for safety purposes
|
| 214 |
unset($dbpasswd);
|
| 215 |
|
| 216 |
// Grab global variables, re-cache if necessary
|
| 217 |
$config = cache::obtain_config();
|
| 218 |
|
| 219 |
// Add own hook handler
|
| 220 |
require(PHPBB_ROOT_PATH . 'includes/hooks/index.' . PHP_EXT);
|
| 221 |
$phpbb_hook = new phpbb_hook(array('exit_handler', 'phpbb_user_session_handler', 'append_sid', array('template', 'display')));
|
| 222 |
|
| 223 |
foreach (cache::obtain_hooks() as $hook)
|
| 224 |
{
|
| 225 |
@include(PHPBB_ROOT_PATH . 'includes/hooks/' . $hook . '.' . PHP_EXT);
|
| 226 |
}
|
| 227 |
|
| 228 |
?> |