1 |
1349
|
Luisehahne
|
<?php
|
2 |
|
|
/**
|
3 |
|
|
*
|
4 |
|
|
* @category framework
|
5 |
|
|
* @package initialize
|
6 |
|
|
* @author WebsiteBaker Project
|
7 |
|
|
* @copyright 2004-2009, Ryan Djurovich
|
8 |
|
|
* @copyright 2009-2011, Website Baker Org. e.V.
|
9 |
|
|
* @link http://www.websitebaker2.org/
|
10 |
|
|
* @license http://www.gnu.org/licenses/gpl.html
|
11 |
|
|
* @platform WebsiteBaker 2.8.x
|
12 |
1374
|
Luisehahne
|
* @requirements PHP 5.2.2 and higher
|
13 |
1349
|
Luisehahne
|
* @version $Id$
|
14 |
|
|
* @filesource $HeadURL$
|
15 |
|
|
* @lastmodified $Date$
|
16 |
|
|
*
|
17 |
|
|
*/
|
18 |
|
|
|
19 |
1488
|
DarkViper
|
/* -------------------------------------------------------- */
|
20 |
|
|
// Must include code to stop this file being accessed directly
|
21 |
1499
|
DarkViper
|
require_once(dirname(__FILE__).'/globalExceptionHandler.php');
|
22 |
1637
|
darkviper
|
if(!defined('WB_URL')) { throw new IllegalFileException(); }
|
23 |
1488
|
DarkViper
|
/* -------------------------------------------------------- */
|
24 |
1617
|
darkviper
|
/**
|
25 |
|
|
* sanitize $_SERVER['HTTP_REFERER']
|
26 |
|
|
* @param string $sWbUrl qualified startup URL of current application
|
27 |
|
|
*/
|
28 |
|
|
function SanitizeHttpReferer($sWbUrl = WB_URL) {
|
29 |
|
|
$sTmpReferer = '';
|
30 |
|
|
if (isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER'] != '') {
|
31 |
|
|
$aRefUrl = parse_url($_SERVER['HTTP_REFERER']);
|
32 |
|
|
if ($aRefUrl !== false) {
|
33 |
|
|
$aRefUrl['host'] = isset($aRefUrl['host']) ? $aRefUrl['host'] : '';
|
34 |
|
|
$aRefUrl['path'] = isset($aRefUrl['path']) ? $aRefUrl['path'] : '';
|
35 |
|
|
$aRefUrl['fragment'] = isset($aRefUrl['fragment']) ? '#'.$aRefUrl['fragment'] : '';
|
36 |
|
|
$aWbUrl = parse_url(WB_URL);
|
37 |
|
|
if ($aWbUrl !== false) {
|
38 |
|
|
$aWbUrl['host'] = isset($aWbUrl['host']) ? $aWbUrl['host'] : '';
|
39 |
|
|
$aWbUrl['path'] = isset($aWbUrl['path']) ? $aWbUrl['path'] : '';
|
40 |
|
|
if (strpos($aRefUrl['host'].$aRefUrl['path'],
|
41 |
|
|
$aWbUrl['host'].$aWbUrl['path']) !== false) {
|
42 |
|
|
$aRefUrl['path'] = preg_replace('#^'.$aWbUrl['path'].'#i', '', $aRefUrl['path']);
|
43 |
|
|
$sTmpReferer = WB_URL.$aRefUrl['path'].$aRefUrl['fragment'];
|
44 |
|
|
}
|
45 |
|
|
unset($aWbUrl);
|
46 |
|
|
}
|
47 |
|
|
unset($aRefUrl);
|
48 |
|
|
}
|
49 |
|
|
}
|
50 |
|
|
$_SERVER['HTTP_REFERER'] = $sTmpReferer;
|
51 |
|
|
}
|
52 |
1680
|
darkviper
|
/* -------------------------------------------------------- */
|
53 |
|
|
function SetInstallPathConstants() {
|
54 |
|
|
if(!defined('DEBUG')){ define('DEBUG', false); }// Include config file
|
55 |
|
|
if(!defined('ADMIN_DIRECTORY')){ define('ADMIN_DIRECTORY', 'admin'); }
|
56 |
|
|
if(!preg_match('/xx[a-z0-9_][a-z0-9_\-\.]+/i', 'xx'.ADMIN_DIRECTORY)) {
|
57 |
|
|
throw new RuntimeException('Invalid admin-directory: ' . ADMIN_DIRECTORY);
|
58 |
|
|
}
|
59 |
|
|
if(!defined('WB_PATH')){ define('WB_PATH', dirname(dirname(__FILE__))); }
|
60 |
|
|
if(!defined('ADMIN_URL')){ define('ADMIN_URL', WB_URL.'/'.ADMIN_DIRECTORY); }
|
61 |
|
|
if(!defined('ADMIN_PATH')){ define('ADMIN_PATH', WB_PATH.'/'.ADMIN_DIRECTORY); }
|
62 |
|
|
if(!defined('WB_REL')){
|
63 |
|
|
$x1 = parse_url(WB_URL);
|
64 |
|
|
define('WB_REL', (isset($x1['path']) ? $x1['path'] : ''));
|
65 |
|
|
}
|
66 |
|
|
if(!defined('DOCUMENT_ROOT')) {
|
67 |
|
|
define('DOCUMENT_ROOT', preg_replace('/'.preg_quote(WB_REL, '/').'$/', '', WB_PATH));
|
68 |
|
|
}
|
69 |
|
|
}
|
70 |
|
|
/* -------------------------------------------------------- */
|
71 |
|
|
$starttime = array_sum(explode(" ",microtime()));
|
72 |
|
|
SetInstallPathConstants();
|
73 |
|
|
SanitizeHttpReferer(WB_URL); // sanitize $_SERVER['HTTP_REFERER']
|
74 |
1687
|
darkviper
|
if(!class_exists('WbAutoloader', false)){ include(dirname(__FILE__).'/WbAutoloader.php'); }
|
75 |
|
|
WbAutoloader::doRegister(array(ADMIN_DIRECTORY=>'a', 'modules'=>'m'));
|
76 |
|
|
require_once dirname(dirname(__FILE__)).'/include/Twig/Autoloader.php';
|
77 |
|
|
Twig_Autoloader::register();
|
78 |
1462
|
DarkViper
|
date_default_timezone_set('UTC');
|
79 |
1349
|
Luisehahne
|
// Create database class
|
80 |
1682
|
darkviper
|
$sSqlUrl = DB_TYPE.'://'.DB_USERNAME.':'.DB_PASSWORD.'@'.DB_HOST.'/'.DB_NAME;
|
81 |
1686
|
darkviper
|
$database = WbDatabase::getInstance();
|
82 |
1683
|
darkviper
|
$database->doConnect($sSqlUrl);
|
83 |
1680
|
darkviper
|
// disable all kind of magic_quotes
|
84 |
|
|
if(get_magic_quotes_gpc() || get_magic_quotes_runtime()) {
|
85 |
|
|
@ini_set('magic_quotes_sybase', 0);
|
86 |
|
|
@ini_set('magic_quotes_gpc', 0);
|
87 |
|
|
@ini_set('magic_quotes_runtime', 0);
|
88 |
|
|
}
|
89 |
1349
|
Luisehahne
|
// Get website settings (title, keywords, description, header, and footer)
|
90 |
|
|
$query_settings = "SELECT name,value FROM ".TABLE_PREFIX."settings";
|
91 |
|
|
$get_settings = $database->query($query_settings);
|
92 |
|
|
if($database->is_error()) { die($database->get_error()); }
|
93 |
|
|
if($get_settings->numRows() == 0) { die("Settings not found"); }
|
94 |
|
|
while($setting = $get_settings->fetchRow()) {
|
95 |
|
|
$setting_name=strtoupper($setting['name']);
|
96 |
|
|
$setting_value=$setting['value'];
|
97 |
|
|
if ($setting_value=='false')
|
98 |
|
|
$setting_value=false;
|
99 |
|
|
if ($setting_value=='true')
|
100 |
|
|
$setting_value=true;
|
101 |
|
|
@define($setting_name,$setting_value);
|
102 |
|
|
}
|
103 |
1510
|
darkviper
|
@define('DO_NOT_TRACK', (isset($_SERVER['HTTP_DNT'])));
|
104 |
1349
|
Luisehahne
|
$string_file_mode = STRING_FILE_MODE;
|
105 |
|
|
define('OCTAL_FILE_MODE',(int) octdec($string_file_mode));
|
106 |
|
|
$string_dir_mode = STRING_DIR_MODE;
|
107 |
|
|
define('OCTAL_DIR_MODE',(int) octdec($string_dir_mode));
|
108 |
1465
|
Luisehahne
|
$sSecMod = (defined('SECURE_FORM_MODULE') && SECURE_FORM_MODULE != '') ? '.'.SECURE_FORM_MODULE : '';
|
109 |
1462
|
DarkViper
|
$sSecMod = WB_PATH.'/framework/SecureForm'.$sSecMod.'.php';
|
110 |
|
|
require_once($sSecMod);
|
111 |
1349
|
Luisehahne
|
if (!defined("WB_INSTALL_PROCESS")) {
|
112 |
|
|
// get CAPTCHA and ASP settings
|
113 |
|
|
$table = TABLE_PREFIX.'mod_captcha_control';
|
114 |
1462
|
DarkViper
|
if( ($get_settings = $database->query("SELECT * FROM $table LIMIT 1")) ) {
|
115 |
1349
|
Luisehahne
|
if($get_settings->numRows() == 0) { die("CAPTCHA-Settings not found"); }
|
116 |
|
|
$setting = $get_settings->fetchRow();
|
117 |
|
|
if($setting['enabled_captcha'] == '1') define('ENABLED_CAPTCHA', true);
|
118 |
|
|
else define('ENABLED_CAPTCHA', false);
|
119 |
|
|
if($setting['enabled_asp'] == '1') define('ENABLED_ASP', true);
|
120 |
|
|
else define('ENABLED_ASP', false);
|
121 |
|
|
define('CAPTCHA_TYPE', $setting['captcha_type']);
|
122 |
|
|
define('ASP_SESSION_MIN_AGE', (int)$setting['asp_session_min_age']);
|
123 |
|
|
define('ASP_VIEW_MIN_AGE', (int)$setting['asp_view_min_age']);
|
124 |
|
|
define('ASP_INPUT_MIN_AGE', (int)$setting['asp_input_min_age']);
|
125 |
|
|
}
|
126 |
|
|
}
|
127 |
|
|
|
128 |
|
|
// set error-reporting
|
129 |
|
|
if(intval(ER_LEVEL) > 0 )
|
130 |
|
|
{
|
131 |
|
|
error_reporting(ER_LEVEL);
|
132 |
1352
|
Luisehahne
|
if( intval(ini_get ( 'display_errors' )) == 0 )
|
133 |
1349
|
Luisehahne
|
{
|
134 |
|
|
ini_set('display_errors', 1);
|
135 |
|
|
}
|
136 |
|
|
}
|
137 |
|
|
// Start a session
|
138 |
|
|
if(!defined('SESSION_STARTED')) {
|
139 |
|
|
session_name(APP_NAME.'_session_id');
|
140 |
|
|
@session_start();
|
141 |
|
|
define('SESSION_STARTED', true);
|
142 |
|
|
}
|
143 |
|
|
if(defined('ENABLED_ASP') && ENABLED_ASP && !isset($_SESSION['session_started']))
|
144 |
|
|
$_SESSION['session_started'] = time();
|
145 |
|
|
|
146 |
|
|
// Get users language
|
147 |
|
|
if(isset($_GET['lang']) AND $_GET['lang'] != '' AND !is_numeric($_GET['lang']) AND strlen($_GET['lang']) == 2) {
|
148 |
1680
|
darkviper
|
define('LANGUAGE', strtoupper($_GET['lang']));
|
149 |
1349
|
Luisehahne
|
$_SESSION['LANGUAGE']=LANGUAGE;
|
150 |
|
|
} else {
|
151 |
|
|
if(isset($_SESSION['LANGUAGE']) AND $_SESSION['LANGUAGE'] != '') {
|
152 |
|
|
define('LANGUAGE', $_SESSION['LANGUAGE']);
|
153 |
|
|
} else {
|
154 |
|
|
define('LANGUAGE', DEFAULT_LANGUAGE);
|
155 |
|
|
}
|
156 |
|
|
}
|
157 |
1680
|
darkviper
|
|
158 |
1349
|
Luisehahne
|
// Load Language file
|
159 |
|
|
if(!defined('LANGUAGE_LOADED')) {
|
160 |
|
|
if(!file_exists(WB_PATH.'/languages/'.LANGUAGE.'.php')) {
|
161 |
|
|
exit('Error loading language file '.LANGUAGE.', please check configuration');
|
162 |
|
|
} else {
|
163 |
|
|
require_once(WB_PATH.'/languages/'.LANGUAGE.'.php');
|
164 |
|
|
}
|
165 |
|
|
}
|
166 |
1680
|
darkviper
|
|
167 |
1349
|
Luisehahne
|
// Get users timezone
|
168 |
|
|
if(isset($_SESSION['TIMEZONE'])) {
|
169 |
|
|
define('TIMEZONE', $_SESSION['TIMEZONE']);
|
170 |
|
|
} else {
|
171 |
|
|
define('TIMEZONE', DEFAULT_TIMEZONE);
|
172 |
|
|
}
|
173 |
|
|
// Get users date format
|
174 |
|
|
if(isset($_SESSION['DATE_FORMAT'])) {
|
175 |
|
|
define('DATE_FORMAT', $_SESSION['DATE_FORMAT']);
|
176 |
|
|
} else {
|
177 |
|
|
define('DATE_FORMAT', DEFAULT_DATE_FORMAT);
|
178 |
|
|
}
|
179 |
|
|
// Get users time format
|
180 |
|
|
if(isset($_SESSION['TIME_FORMAT'])) {
|
181 |
|
|
define('TIME_FORMAT', $_SESSION['TIME_FORMAT']);
|
182 |
|
|
} else {
|
183 |
|
|
define('TIME_FORMAT', DEFAULT_TIME_FORMAT);
|
184 |
|
|
}
|
185 |
|
|
|
186 |
|
|
// Set Theme dir
|
187 |
|
|
define('THEME_URL', WB_URL.'/templates/'.DEFAULT_THEME);
|
188 |
|
|
define('THEME_PATH', WB_PATH.'/templates/'.DEFAULT_THEME);
|
189 |
|
|
|
190 |
1680
|
darkviper
|
// extended wb_settings
|
191 |
1349
|
Luisehahne
|
define('EDIT_ONE_SECTION', false);
|
192 |
|
|
|
193 |
|
|
define('EDITOR_WIDTH', 0);
|