diff options
Diffstat (limited to 'phpBB/common.php')
-rw-r--r-- | phpBB/common.php | 227 |
1 files changed, 227 insertions, 0 deletions
diff --git a/phpBB/common.php b/phpBB/common.php new file mode 100644 index 0000000000..c4a3160102 --- /dev/null +++ b/phpBB/common.php @@ -0,0 +1,227 @@ +<?php +/** +* +* @package phpBB3 +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +* Minimum Requirement: PHP 4.3.3 +*/ + +/** +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +$starttime = explode(' ', microtime()); +$starttime = $starttime[1] + $starttime[0]; + +// Report all errors, except notices +error_reporting(E_ALL ^ E_NOTICE); + +/* +* Remove variables created by register_globals from the global scope +* Thanks to Matt Kavanagh +*/ +function deregister_globals() +{ + $not_unset = array( + 'GLOBALS' => true, + '_GET' => true, + '_POST' => true, + '_COOKIE' => true, + '_REQUEST' => true, + '_SERVER' => true, + '_SESSION' => true, + '_ENV' => true, + '_FILES' => true, + 'phpEx' => true, + 'phpbb_root_path' => true + ); + + // Not only will array_merge and array_keys give a warning if + // a parameter is not an array, array_merge will actually fail. + // So we check if _SESSION has been initialised. + if (!isset($_SESSION) || !is_array($_SESSION)) + { + $_SESSION = array(); + } + + // Merge all into one extremely huge array; unset this later + $input = array_merge( + array_keys($_GET), + array_keys($_POST), + array_keys($_COOKIE), + array_keys($_SERVER), + array_keys($_SESSION), + array_keys($_ENV), + array_keys($_FILES) + ); + + foreach ($input as $varname) + { + if (isset($not_unset[$varname])) + { + // Hacking attempt. No point in continuing unless it's a COOKIE + if ($varname !== 'GLOBALS' || isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_SERVER['GLOBALS']) || isset($_SESSION['GLOBALS']) || isset($_ENV['GLOBALS']) || isset($_FILES['GLOBALS'])) + { + exit; + } + else + { + $cookie = &$_COOKIE; + while (isset($cookie['GLOBALS'])) + { + foreach ($cookie['GLOBALS'] as $registered_var => $value) + { + if (!isset($not_unset[$registered_var])) + { + unset($GLOBALS[$registered_var]); + } + } + $cookie = &$cookie['GLOBALS']; + } + } + } + + unset($GLOBALS[$varname]); + } + + unset($input); +} + +// If we are on PHP >= 6.0.0 we do not need some code +if (version_compare(PHP_VERSION, '6.0.0-dev', '>=')) +{ + /** + * @ignore + */ + define('STRIP', false); +} +else +{ + @set_magic_quotes_runtime(0); + + // Be paranoid with passed vars + if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on' || !function_exists('ini_get')) + { + deregister_globals(); + } + + define('STRIP', (get_magic_quotes_gpc()) ? true : false); +} + +if (defined('IN_CRON')) +{ + $phpbb_root_path = dirname(__FILE__) . DIRECTORY_SEPARATOR; +} + +if (!file_exists($phpbb_root_path . 'config.' . $phpEx)) +{ + die("<p>The config.$phpEx file could not be found.</p><p><a href=\"{$phpbb_root_path}install/index.$phpEx\">Click here to install phpBB</a></p>"); +} + +require($phpbb_root_path . 'config.' . $phpEx); + +if (!defined('PHPBB_INSTALLED')) +{ + // Redirect the user to the installer + // We have to generate a full HTTP/1.1 header here since we can't guarantee to have any of the information + // available as used by the redirect function + $server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME')); + $server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT'); + $secure = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 1 : 0; + + $script_name = (!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : getenv('PHP_SELF'); + if (!$script_name) + { + $script_name = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI'); + } + + // Replace any number of consecutive backslashes and/or slashes with a single slash + // (could happen on some proxy setups and/or Windows servers) + $script_path = trim(dirname($script_name)) . '/install/index.' . $phpEx; + $script_path = preg_replace('#[\\\\/]{2,}#', '/', $script_path); + + $url = (($secure) ? 'https://' : 'http://') . $server_name; + + if ($server_port && (($secure && $server_port <> 443) || (!$secure && $server_port <> 80))) + { + // HTTP HOST can carry a port number... + if (strpos($server_name, ':') === false) + { + $url .= ':' . $server_port; + } + } + + $url .= $script_path; + header('Location: ' . $url); + exit; +} + +if (defined('DEBUG_EXTRA')) +{ + $base_memory_usage = 0; + if (function_exists('memory_get_usage')) + { + $base_memory_usage = memory_get_usage(); + } +} + +// Load Extensions +if (!empty($load_extensions)) +{ + $load_extensions = explode(',', $load_extensions); + + foreach ($load_extensions as $extension) + { + @dl(trim($extension)); + } +} + +// Include files +require($phpbb_root_path . 'includes/acm/acm_' . $acm_type . '.' . $phpEx); +require($phpbb_root_path . 'includes/cache.' . $phpEx); +require($phpbb_root_path . 'includes/template.' . $phpEx); +require($phpbb_root_path . 'includes/session.' . $phpEx); +require($phpbb_root_path . 'includes/auth.' . $phpEx); + +require($phpbb_root_path . 'includes/functions.' . $phpEx); +require($phpbb_root_path . 'includes/functions_content.' . $phpEx); + +require($phpbb_root_path . 'includes/constants.' . $phpEx); +require($phpbb_root_path . 'includes/db/' . $dbms . '.' . $phpEx); +require($phpbb_root_path . 'includes/utf/utf_tools.' . $phpEx); + +// Set PHP error handler to ours +set_error_handler(defined('PHPBB_MSG_HANDLER') ? PHPBB_MSG_HANDLER : 'msg_handler'); + +// Instantiate some basic classes +$user = new user(); +$auth = new auth(); +$template = new template(); +$cache = new cache(); +$db = new $sql_db(); + +// Connect to DB +$db->sql_connect($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false, defined('PHPBB_DB_NEW_LINK') ? PHPBB_DB_NEW_LINK : false); + +// We do not need this any longer, unset for safety purposes +unset($dbpasswd); + +// Grab global variables, re-cache if necessary +$config = $cache->obtain_config(); + +// Add own hook handler +require($phpbb_root_path . 'includes/hooks/index.' . $phpEx); +$phpbb_hook = new phpbb_hook(array('exit_handler', 'phpbb_user_session_handler', 'append_sid', array('template', 'display'))); + +foreach ($cache->obtain_hooks() as $hook) +{ + @include($phpbb_root_path . 'includes/hooks/' . $hook . '.' . $phpEx); +} + +?>
\ No newline at end of file |