.
*/
if (@ini_get('register_globals')) {
if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS'])) {
die('GLOBALS overwrite attempt detected. Please consider turning register_globals off.');
}
// Collect and unset all registered variables from globals.
$_txpg = array_merge(
isset($_SESSION) ? (array) $_SESSION : array(),
(array) $_ENV,
(array) $_GET,
(array) $_POST,
(array) $_COOKIE,
(array) $_FILES,
(array) $_SERVER);
// As the deliberately awkward-named local variable $_txpfoo MUST NOT be unset to avoid notices further
// down, we must remove any potentially identical-named global from the list of global names here.
unset($_txpg['_txpfoo']);
foreach ($_txpg as $_txpfoo => $value) {
if (!in_array($_txpfoo, array(
'GLOBALS',
'_SERVER',
'_GET',
'_POST',
'_FILES',
'_COOKIE',
'_SESSION',
'_REQUEST',
'_ENV',
))) {
unset($GLOBALS[$_txpfoo], $$_txpfoo);
}
}
}
if (!defined('txpath')) {
define("txpath", dirname(__FILE__));
}
define("txpinterface", "admin");
$thisversion = '4.6.2';
$txp_using_svn = false; // Set false for releases.
ob_start(null, 2048);
if (!isset($txpcfg['table_prefix']) && !@include './config.php') {
ob_end_clean();
header('HTTP/1.1 503 Service Unavailable');
exit('config.php is missing or corrupt. To install Textpattern, visit setup.');
} else {
ob_end_clean();
}
header("Content-type: text/html; charset=utf-8");
error_reporting(E_ALL | E_STRICT);
@ini_set("display_errors", "1");
include txpath.'/lib/class.trace.php';
$trace = new Trace();
$trace->start('[PHP includes]');
include_once txpath.'/lib/constants.php';
include txpath.'/lib/txplib_misc.php';
include txpath.'/vendors/Textpattern/Loader.php';
$loader = new \Textpattern\Loader(txpath.'/vendors');
$loader->register();
$loader = new \Textpattern\Loader(txpath.'/lib');
$loader->register();
include txpath.'/lib/txplib_db.php';
include txpath.'/lib/txplib_forms.php';
include txpath.'/lib/txplib_html.php';
include txpath.'/lib/admin_config.php';
$trace->stop();
set_error_handler('adminErrorHandler', error_reporting());
if ($connected && numRows(safe_query("SHOW TABLES LIKE '".PFX."textpattern'"))) {
// Global site preferences.
$prefs = get_prefs();
extract($prefs);
$dbversion = $version;
if (empty($siteurl)) {
$httphost = preg_replace('/[^-_a-zA-Z0-9.:]/', '', $_SERVER['HTTP_HOST']);
$prefs['siteurl'] = $siteurl = $httphost.rtrim(dirname(dirname($_SERVER['SCRIPT_NAME'])), DS);
}
if (empty($path_to_site)) {
updateSitePath(dirname(dirname(__FILE__)));
}
define("LANG", $language);
define('txp_version', $thisversion);
if (!defined('PROTOCOL')) {
switch (serverSet('HTTPS')) {
case '':
case 'off': // ISAPI with IIS.
define('PROTOCOL', 'http://');
break;
default:
define('PROTOCOL', 'https://');
break;
}
}
define('hu', PROTOCOL.$siteurl.'/');
// Relative URL global.
define('rhu', preg_replace('|^https?://[^/]+|', '', hu));
// HTTP address of the site serving images.
if (!defined('ihu')) {
define('ihu', hu);
}
if (!empty($locale)) {
setlocale(LC_ALL, $locale);
}
$textarray = load_lang(LANG);
// Initialise global theme.
$theme = \Textpattern\Admin\Theme::init();
include txpath.'/include/txp_auth.php';
doAuth();
// Add private preferences.
$prefs = array_merge(get_prefs($txp_user), $prefs);
extract($prefs);
/**
* @ignore
*/
define('SITE_HOST', (string) @parse_url(hu, PHP_URL_HOST));
/**
* @ignore
*/
define('IMPATH', $path_to_site.DS.$img_dir.DS);
$event = (gps('event') ? trim(gps('event')) : (!empty($default_event) && has_privs($default_event) ? $default_event : 'article'));
$step = trim(gps('step'));
$app_mode = trim(gps('app_mode'));
if (!$dbversion or ($dbversion != $thisversion) or $txp_using_svn) {
define('TXP_UPDATE', 1);
include txpath.'/update/_update.php';
}
janitor();
// Article or form preview.
if (isset($_GET['txpreview'])) {
include txpath.'/publish.php';
textpattern();
exit;
}
if (!empty($admin_side_plugins) and gps('event') != 'plugin') {
load_plugins(1);
}
// Plugins may have altered privilege settings.
if (!defined('TXP_UPDATE_DONE') && !gps('event') && !empty($default_event) && has_privs($default_event)) {
$event = $default_event;
}
// Initialise private theme.
$theme = \Textpattern\Admin\Theme::init();
include txpath.'/lib/txplib_head.php';
require_privs($event);
callback_event($event, $step, 1);
$inc = txpath.'/include/txp_'.$event.'.php';
if (is_readable($inc)) {
include($inc);
}
callback_event($event, $step, 0);
end_page();
if ($app_mode != 'async') {
echo $trace->summary();
echo $trace->result();
} else {
foreach ($trace->summary(true) as $key => $value) {
header('X-Textpattern-'.preg_replace('/[^\w]+/', '', $key).': '.$value);
}
}
} else {
txp_die('Database connection was successful, but the textpattern
table was not found.',
'503 Service Unavailable');
}