PHP Cross Reference - Textpattern - Source: /textpattern/index.php

Source: /textpattern/index.php - 229 lines - 6386 bytes - Text - Print

   1  <?php
   2  
   3  /*
   4   * Textpattern Content Management System
   5   * http://textpattern.com
   6   *
   7   * Copyright (C) 2005 Dean Allen
   8   * Copyright (C) 2016 The Textpattern Development Team
   9   *
  10   * This file is part of Textpattern.
  11   *
  12   * Textpattern is free software; you can redistribute it and/or
  13   * modify it under the terms of the GNU General Public License
  14   * as published by the Free Software Foundation, version 2.
  15   *
  16   * Textpattern is distributed in the hope that it will be useful,
  17   * but WITHOUT ANY WARRANTY; without even the implied warranty of
  18   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  19   * GNU General Public License for more details.
  20   *
  21   * You should have received a copy of the GNU General Public License
  22   * along with Textpattern. If not, see <http://www.gnu.org/licenses/>.
  23   */
  24  
  25  if (@ini_get('register_globals')) {
  26      if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS'])) {
  27          die('GLOBALS overwrite attempt detected. Please consider turning register_globals off.');
  28      }
  29  
  30      // Collect and unset all registered variables from globals.
  31      $_txpg = array_merge(
  32          isset($_SESSION) ? (array) $_SESSION : array(),
  33          (array) $_ENV,
  34          (array) $_GET,
  35          (array) $_POST,
  36          (array) $_COOKIE,
  37          (array) $_FILES,
  38          (array) $_SERVER);
  39  
  40      // As the deliberately awkward-named local variable $_txpfoo MUST NOT be unset to avoid notices further
  41      // down, we must remove any potentially identical-named global from the list of global names here.
  42      unset($_txpg['_txpfoo']);
  43      foreach ($_txpg as $_txpfoo => $value) {
  44          if (!in_array($_txpfoo, array(
  45              'GLOBALS',
  46              '_SERVER',
  47              '_GET',
  48              '_POST',
  49              '_FILES',
  50              '_COOKIE',
  51              '_SESSION',
  52              '_REQUEST',
  53              '_ENV',
  54          ))) {
  55              unset($GLOBALS[$_txpfoo], $$_txpfoo);
  56          }
  57      }
  58  }
  59  
  60  if (!defined('txpath')) {
  61      define("txpath", dirname(__FILE__));
  62  }
  63  
  64  define("txpinterface", "admin");
  65  
  66  $thisversion = '4.6.2';
  67  $txp_using_svn = false; // Set false for releases.
  68  
  69  ob_start(null, 2048);
  70  
  71  if (!isset($txpcfg['table_prefix']) && !@include './config.php') {
  72      ob_end_clean();
  73      header('HTTP/1.1 503 Service Unavailable');
  74      exit('config.php is missing or corrupt. To install Textpattern, visit <a href="./setup/">setup</a>.');
  75  } else {
  76      ob_end_clean();
  77  }
  78  
  79  header("Content-type: text/html; charset=utf-8");
  80  
  81  error_reporting(E_ALL | E_STRICT);
  82  @ini_set("display_errors", "1");
  83  include txpath.'/lib/class.trace.php';
  84  $trace = new Trace();
  85  $trace->start('[PHP includes]');
  86  include_once txpath.'/lib/constants.php';
  87  include txpath.'/lib/txplib_misc.php';
  88  
  89  include txpath.'/vendors/Textpattern/Loader.php';
  90  
  91  $loader = new \Textpattern\Loader(txpath.'/vendors');
  92  $loader->register();
  93  
  94  $loader = new \Textpattern\Loader(txpath.'/lib');
  95  $loader->register();
  96  
  97  include txpath.'/lib/txplib_db.php';
  98  include txpath.'/lib/txplib_forms.php';
  99  include txpath.'/lib/txplib_html.php';
 100  include txpath.'/lib/admin_config.php';
 101  $trace->stop();
 102  
 103  set_error_handler('adminErrorHandler', error_reporting());
 104  
 105  if ($connected && numRows(safe_query("SHOW TABLES LIKE '".PFX."textpattern'"))) {
 106      // Global site preferences.
 107      $prefs = get_prefs();
 108      extract($prefs);
 109  
 110      $dbversion = $version;
 111  
 112      if (empty($siteurl)) {
 113          $httphost = preg_replace('/[^-_a-zA-Z0-9.:]/', '', $_SERVER['HTTP_HOST']);
 114          $prefs['siteurl'] = $siteurl = $httphost.rtrim(dirname(dirname($_SERVER['SCRIPT_NAME'])), DS);
 115      }
 116  
 117      if (empty($path_to_site)) {
 118          updateSitePath(dirname(dirname(__FILE__)));
 119      }
 120  
 121      define("LANG", $language);
 122      define('txp_version', $thisversion);
 123  
 124      if (!defined('PROTOCOL')) {
 125          switch (serverSet('HTTPS')) {
 126              case '':
 127              case 'off': // ISAPI with IIS.
 128                  define('PROTOCOL', 'http://');
 129                  break;
 130              default:
 131                  define('PROTOCOL', 'https://');
 132                  break;
 133          }
 134      }
 135  
 136      define('hu', PROTOCOL.$siteurl.'/');
 137  
 138      // Relative URL global.
 139      define('rhu', preg_replace('|^https?://[^/]+|', '', hu));
 140  
 141      // HTTP address of the site serving images.
 142      if (!defined('ihu')) {
 143          define('ihu', hu);
 144      }
 145  
 146      if (!empty($locale)) {
 147          setlocale(LC_ALL, $locale);
 148      }
 149  
 150      $textarray = load_lang(LANG);
 151  
 152      // Initialise global theme.
 153      $theme = \Textpattern\Admin\Theme::init();
 154  
 155      include txpath.'/include/txp_auth.php';
 156      doAuth();
 157  
 158      // Add private preferences.
 159      $prefs = array_merge(get_prefs($txp_user), $prefs);
 160      extract($prefs);
 161  
 162      /**
 163       * @ignore
 164       */
 165  
 166      define('SITE_HOST', (string) @parse_url(hu, PHP_URL_HOST));
 167  
 168      /**
 169       * @ignore
 170       */
 171  
 172      define('IMPATH', $path_to_site.DS.$img_dir.DS);
 173  
 174      $event = (gps('event') ? trim(gps('event')) : (!empty($default_event) && has_privs($default_event) ? $default_event : 'article'));
 175      $step = trim(gps('step'));
 176      $app_mode = trim(gps('app_mode'));
 177  
 178      if (!$dbversion or ($dbversion != $thisversion) or $txp_using_svn) {
 179          define('TXP_UPDATE', 1);
 180          include txpath.'/update/_update.php';
 181      }
 182  
 183      janitor();
 184  
 185      // Article or form preview.
 186      if (isset($_GET['txpreview'])) {
 187          include txpath.'/publish.php';
 188          textpattern();
 189          exit;
 190      }
 191  
 192      if (!empty($admin_side_plugins) and gps('event') != 'plugin') {
 193          load_plugins(1);
 194      }
 195  
 196      // Plugins may have altered privilege settings.
 197      if (!defined('TXP_UPDATE_DONE') && !gps('event') && !empty($default_event) && has_privs($default_event)) {
 198          $event = $default_event;
 199      }
 200  
 201      // Initialise private theme.
 202      $theme = \Textpattern\Admin\Theme::init();
 203  
 204      include txpath.'/lib/txplib_head.php';
 205  
 206      require_privs($event);
 207      callback_event($event, $step, 1);
 208      $inc = txpath.'/include/txp_'.$event.'.php';
 209  
 210      if (is_readable($inc)) {
 211          include($inc);
 212      }
 213  
 214      callback_event($event, $step, 0);
 215  
 216      end_page();
 217  
 218      if ($app_mode != 'async') {
 219          echo $trace->summary();
 220          echo $trace->result();
 221      } else {
 222          foreach ($trace->summary(true) as $key => $value) {
 223              header('X-Textpattern-'.preg_replace('/[^\w]+/', '', $key).': '.$value);
 224          }
 225      }
 226  } else {
 227      txp_die('Database connection was successful, but the <code>textpattern</code> table was not found.',
 228          '503 Service Unavailable');
 229  }