phpBB/common.php

   1 <?php
   2 /**
   3 *
   4 * @package phpBB3
   5 * @version $Id$
   6 * @copyright (c) 2005 phpBB Group
   7 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
   8 *
   9 * Minimum Requirement: PHP 4.3.3
  10 */
  11
  12 /**
  13 */
  14 if (!defined('IN_PHPBB'))
  15 {
  16         exit;
  17 }
  18
  19 $starttime = explode(' ', microtime());
  20 $starttime = $starttime[1] + $starttime[0];
  21
  22 // Report all errors, except notices
  23 error_reporting(E_ALL ^ E_NOTICE);
  24
  25 /*
  26 * Remove variables created by register_globals from the global scope
  27 * Thanks to Matt Kavanagh
  28 */
  29 function deregister_globals()
  30 {
  31         $not_unset = array(
  32                 'GLOBALS'       => true,
  33                 '_GET'          => true,
  34                 '_POST'         => true,
  35                 '_COOKIE'       => true,
  36                 '_REQUEST'      => true,
  37                 '_SERVER'       => true,
  38                 '_SESSION'      => true,
  39                 '_ENV'          => true,
  40                 '_FILES'        => true,
  41                 'phpEx'         => true,
  42                 'phpbb_root_path'       => true
  43         );
  44
  45         // Not only will array_merge and array_keys give a warning if
  46         // a parameter is not an array, array_merge will actually fail.
  47         // So we check if _SESSION has been initialised.
  48         if (!isset($_SESSION) || !is_array($_SESSION))
  49         {
  50                 $_SESSION = array();
  51         }
  52
  53         // Merge all into one extremely huge array; unset this later
  54         $input = array_merge(
  55                 array_keys($_GET),
  56                 array_keys($_POST),
  57                 array_keys($_COOKIE),
  58                 array_keys($_SERVER),
  59                 array_keys($_SESSION),
  60                 array_keys($_ENV),
  61                 array_keys($_FILES)
  62         );
  63
  64         foreach ($input as $varname)
  65         {
  66                 if (isset($not_unset[$varname]))
  67                 {
  68                         // Hacking attempt. No point in continuing.
  69                         exit;
  70                 }
  71
  72                 unset($GLOBALS[$varname]);
  73         }
  74
  75         unset($input);
  76 }
  77
  78 // If we are on PHP >= 6.0.0 we do not need some code
  79 if (version_compare(PHP_VERSION, '6.0.0-dev', '>='))
  80 {
  81         /**
  82         * @ignore
  83         */
  84         define('STRIP', false);
  85 }
  86 else
  87 {
  88         set_magic_quotes_runtime(0);
  89
  90         // Be paranoid with passed vars
  91         if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')
  92         {
  93                 deregister_globals();
  94         }
  95
  96         define('STRIP', (get_magic_quotes_gpc()) ? true : false);
  97 }
  98
  99 if (defined('IN_CRON'))
 100 {
 101         chdir($phpbb_root_path);
 102         if (@function_exists('getcwd'))
 103         {
 104                 $phpbb_root_path = getcwd() . '/';
 105         }
 106         else
 107         {
 108                 // This is a best guess
 109                 $phpbb_root_path = pathinfo($_SERVER['SCRIPT_FILENAME'], PATHINFO_DIRNAME) . '/';
 110         }
 111 }
 112
 113 if (!file_exists($phpbb_root_path . 'config.' . $phpEx))
 114 {
 115         die("<p>The config.$phpEx file could not be found.</p><p><a href=\"{$phpbb_root_path}install/index.$phpEx\">Click here to install phpBB</a></p>");
 116 }
 117
 118 require($phpbb_root_path . 'config.' . $phpEx);
 119
 120 if (!defined('PHPBB_INSTALLED'))
 121 {
 122         // Redirect the user to the installer
 123         // We have to generate a full HTTP/1.1 header here since we can't guarantee to have any of the information
 124         // available as used by the redirect function
 125         $server_name = (!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME');
 126         $server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT');
 127         $secure = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 1 : 0;
 128
 129         $script_name = (!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : getenv('PHP_SELF');
 130         if (!$script_name)
 131         {
 132                 $script_name = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI');
 133         }
 134
 135         // Replace any number of consecutive backslashes and/or slashes with a single slash
 136         // (could happen on some proxy setups and/or Windows servers)
 137         $script_path = trim(dirname($script_name)) . '/install/index.' . $phpEx;
 138         $script_path = preg_replace('#[\\\\/]{2,}#', '/', $script_path);
 139
 140         $url = (($secure) ? 'https://' : 'http://') . $server_name;
 141
 142         if ($server_port && (($secure && $server_port <> 443) || (!$secure && $server_port <> 80)))
 143         {
 144                 $url .= ':' . $server_port;
 145         }
 146
 147         $url .= $script_path;
 148         header('Location: ' . $url);
 149         exit;
 150 }
 151
 152 if (defined('DEBUG_EXTRA'))
 153 {
 154         $base_memory_usage = 0;
 155         if (function_exists('memory_get_usage'))
 156         {
 157                 $base_memory_usage = memory_get_usage();
 158         }
 159 }
 160
 161 // Load Extensions
 162 if (!empty($load_extensions))
 163 {
 164         $load_extensions = explode(',', $load_extensions);
 165
 166         foreach ($load_extensions as $extension)
 167         {
 168                 @dl(trim($extension));
 169         }
 170 }
 171
 172 // Include files
 173 require($phpbb_root_path . 'includes/acm/acm_' . $acm_type . '.' . $phpEx);
 174 require($phpbb_root_path . 'includes/cache.' . $phpEx);
 175 require($phpbb_root_path . 'includes/template.' . $phpEx);
 176 require($phpbb_root_path . 'includes/session.' . $phpEx);
 177 require($phpbb_root_path . 'includes/auth.' . $phpEx);
 178 require($phpbb_root_path . 'includes/functions.' . $phpEx);
 179 require($phpbb_root_path . 'includes/constants.' . $phpEx);
 180 require($phpbb_root_path . 'includes/db/' . $dbms . '.' . $phpEx);
 181 require($phpbb_root_path . 'includes/utf/utf_tools.' . $phpEx);
 182
 183 // Set PHP error handler to ours
 184 set_error_handler('msg_handler');
 185
 186 // Instantiate some basic classes
 187 $user           = new user();
 188 $auth           = new auth();
 189 $template       = new template();
 190 $cache          = new cache();
 191 $db                     = new $sql_db();
 192
 193 // Connect to DB
 194 $db->sql_connect($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false, false);
 195
 196 // We do not need this any longer, unset for safety purposes
 197 unset($dbpasswd);
 198
 199 // Grab global variables, re-cache if necessary
 200 $config = $cache->obtain_config();
 201
 202 ?>