2004-02-02 00:55:18 +00:00
|
|
|
<?php
|
2004-02-07 19:36:44 +00:00
|
|
|
// +-----------------------------------------------------------------------+
|
2008-04-04 22:57:23 +00:00
|
|
|
// | Piwigo - a PHP based picture gallery |
|
|
|
|
// +-----------------------------------------------------------------------+
|
|
|
|
// | Copyright(C) 2008 Piwigo Team http://piwigo.org |
|
|
|
|
// | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net |
|
|
|
|
// | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick |
|
|
|
|
// +-----------------------------------------------------------------------+
|
|
|
|
// | This program is free software; you can redistribute it and/or modify |
|
|
|
|
// | it under the terms of the GNU General Public License as published by |
|
2004-02-07 19:36:44 +00:00
|
|
|
// | the Free Software Foundation |
|
|
|
|
// | |
|
|
|
|
// | This program is distributed in the hope that it will be useful, but |
|
|
|
|
// | WITHOUT ANY WARRANTY; without even the implied warranty of |
|
|
|
|
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
|
|
|
|
// | General Public License for more details. |
|
|
|
|
// | |
|
|
|
|
// | You should have received a copy of the GNU General Public License |
|
|
|
|
// | along with this program; if not, write to the Free Software |
|
|
|
|
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
|
|
|
|
// | USA. |
|
|
|
|
// +-----------------------------------------------------------------------+
|
2004-03-04 23:56:02 +00:00
|
|
|
|
2004-12-20 19:26:43 +00:00
|
|
|
if (!defined('PHPWG_ROOT_PATH'))
|
2004-02-19 00:31:09 +00:00
|
|
|
{
|
2004-12-20 19:26:43 +00:00
|
|
|
die('Hacking attempt!');
|
2004-02-19 00:31:09 +00:00
|
|
|
}
|
|
|
|
// determine the initial instant to indicate the generation time of this page
|
2004-02-02 00:55:18 +00:00
|
|
|
$t1 = explode( ' ', microtime() );
|
|
|
|
$t2 = explode( '.', $t1[0] );
|
|
|
|
$t2 = $t1[1].'.'.$t2[1];
|
|
|
|
|
|
|
|
set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
|
|
|
|
|
|
|
|
//
|
2004-02-11 22:31:08 +00:00
|
|
|
// addslashes to vars if magic_quotes_gpc is off this is a security
|
|
|
|
// precaution to prevent someone trying to break out of a SQL statement.
|
2004-02-02 00:55:18 +00:00
|
|
|
//
|
|
|
|
if( !get_magic_quotes_gpc() )
|
|
|
|
{
|
2004-02-11 22:31:08 +00:00
|
|
|
if( is_array( $_GET ) )
|
2004-02-07 11:50:26 +00:00
|
|
|
{
|
2004-02-11 22:31:08 +00:00
|
|
|
while( list($k, $v) = each($_GET) )
|
2004-02-07 11:50:26 +00:00
|
|
|
{
|
2004-02-11 22:31:08 +00:00
|
|
|
if( is_array($_GET[$k]) )
|
|
|
|
{
|
|
|
|
while( list($k2, $v2) = each($_GET[$k]) )
|
2004-02-07 11:50:26 +00:00
|
|
|
{
|
2004-02-11 22:31:08 +00:00
|
|
|
$_GET[$k][$k2] = addslashes($v2);
|
|
|
|
}
|
|
|
|
@reset($_GET[$k]);
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
$_GET[$k] = addslashes($v);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
@reset($_GET);
|
2004-02-07 11:50:26 +00:00
|
|
|
}
|
2006-03-22 01:01:47 +00:00
|
|
|
|
2004-02-11 22:31:08 +00:00
|
|
|
if( is_array($_POST) )
|
2004-02-07 11:50:26 +00:00
|
|
|
{
|
2004-02-11 22:31:08 +00:00
|
|
|
while( list($k, $v) = each($_POST) )
|
|
|
|
{
|
|
|
|
if( is_array($_POST[$k]) )
|
|
|
|
{
|
|
|
|
while( list($k2, $v2) = each($_POST[$k]) )
|
|
|
|
{
|
|
|
|
$_POST[$k][$k2] = addslashes($v2);
|
|
|
|
}
|
|
|
|
@reset($_POST[$k]);
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
$_POST[$k] = addslashes($v);
|
|
|
|
}
|
2004-02-07 11:50:26 +00:00
|
|
|
}
|
2004-02-11 22:31:08 +00:00
|
|
|
@reset($_POST);
|
2004-02-07 11:50:26 +00:00
|
|
|
}
|
2004-02-02 00:55:18 +00:00
|
|
|
|
2004-02-11 22:31:08 +00:00
|
|
|
if( is_array($_COOKIE) )
|
2004-02-07 11:50:26 +00:00
|
|
|
{
|
2004-02-11 22:31:08 +00:00
|
|
|
while( list($k, $v) = each($_COOKIE) )
|
2004-02-07 11:50:26 +00:00
|
|
|
{
|
2004-02-11 22:31:08 +00:00
|
|
|
if( is_array($_COOKIE[$k]) )
|
|
|
|
{
|
|
|
|
while( list($k2, $v2) = each($_COOKIE[$k]) )
|
|
|
|
{
|
|
|
|
$_COOKIE[$k][$k2] = addslashes($v2);
|
|
|
|
}
|
|
|
|
@reset($_COOKIE[$k]);
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
$_COOKIE[$k] = addslashes($v);
|
|
|
|
}
|
2004-02-07 11:50:26 +00:00
|
|
|
}
|
2004-02-11 22:31:08 +00:00
|
|
|
@reset($_COOKIE);
|
2004-02-07 11:50:26 +00:00
|
|
|
}
|
2004-02-02 00:55:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
//
|
2004-02-11 22:31:08 +00:00
|
|
|
// Define some basic configuration arrays this also prevents malicious
|
|
|
|
// rewriting of language and otherarray values via URI params
|
2004-02-02 00:55:18 +00:00
|
|
|
//
|
|
|
|
$conf = array();
|
|
|
|
$page = array();
|
|
|
|
$user = array();
|
|
|
|
$lang = array();
|
2006-06-28 22:50:30 +00:00
|
|
|
$header_msgs = array();
|
2006-12-21 21:38:20 +00:00
|
|
|
$header_notes = array();
|
2007-09-29 22:36:00 +00:00
|
|
|
$filter = array();
|
2004-02-19 00:31:09 +00:00
|
|
|
|
2005-04-25 15:41:56 +00:00
|
|
|
@include(PHPWG_ROOT_PATH .'include/mysql.inc.php');
|
2004-12-20 19:26:43 +00:00
|
|
|
if (!defined('PHPWG_INSTALLED'))
|
2004-02-02 00:55:18 +00:00
|
|
|
{
|
2004-12-20 19:26:43 +00:00
|
|
|
header('Location: install.php');
|
2004-02-11 22:31:08 +00:00
|
|
|
exit;
|
2004-02-02 00:55:18 +00:00
|
|
|
}
|
|
|
|
|
2007-01-23 01:22:52 +00:00
|
|
|
foreach( array(
|
|
|
|
'array_intersect_key', //PHP 5 >= 5.1.0RC1
|
|
|
|
'hash_hmac', //(hash) - enabled by default as of PHP 5.1.2
|
2008-02-16 13:27:50 +00:00
|
|
|
'preg_last_error', // PHP 5 >= 5.2.0
|
2008-02-27 02:22:19 +00:00
|
|
|
'file_put_contents', //PHP5
|
2007-01-23 01:22:52 +00:00
|
|
|
) as $func)
|
|
|
|
{
|
|
|
|
if (!function_exists($func))
|
|
|
|
{
|
|
|
|
include_once(PHPWG_ROOT_PATH . 'include/php_compat/'.$func.'.php');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2005-04-25 22:11:57 +00:00
|
|
|
include(PHPWG_ROOT_PATH . 'include/config_default.inc.php');
|
|
|
|
@include(PHPWG_ROOT_PATH. 'include/config_local.inc.php');
|
2005-08-08 20:52:19 +00:00
|
|
|
include(PHPWG_ROOT_PATH . 'include/constants.php');
|
2004-02-19 00:31:09 +00:00
|
|
|
include(PHPWG_ROOT_PATH . 'include/functions.inc.php');
|
2008-03-23 00:04:46 +00:00
|
|
|
include(PHPWG_ROOT_PATH . 'include/template.class.php');
|
2004-02-02 00:55:18 +00:00
|
|
|
|
|
|
|
// Database connection
|
2005-01-08 23:32:25 +00:00
|
|
|
mysql_connect( $cfgHote, $cfgUser, $cfgPassword )
|
- in admin/configuration, add new step with "sections" (general, comments,
default, upload, metadata, sessions)
- admin/configuration.php and its template have been higly simplificated by
making things more generic : for example, for each configuration
parameter, its name must correspond to the name we find in the config
table and belongs to a section, in the lang array we find :
- $lang['conf_<section>_<param>']
- $lang['conf_<section>_<param>_info']
- $lang['conf_<section>_<param>_error'] optionnaly
- more described message when connection to database server is impossible
- redefinitions of get_languages and get_templates functions
- deletion of configuration parameters : webmaster, session_keyword
- rename of configuration parameters :
- default_lang => default_language
- default_style => default_template
git-svn-id: http://piwigo.org/svn/trunk@512 68402e56-0260-453c-a942-63ccdbb3a9ee
2004-09-03 15:01:05 +00:00
|
|
|
or die ( "Could not connect to database server" );
|
2005-01-08 23:32:25 +00:00
|
|
|
mysql_select_db( $cfgBase )
|
2004-02-11 22:31:08 +00:00
|
|
|
or die ( "Could not connect to database" );
|
2005-11-24 21:37:29 +00:00
|
|
|
|
2007-10-09 01:43:29 +00:00
|
|
|
defined('PWG_CHARSET') and defined('DB_CHARSET')
|
|
|
|
or die('PWG_CHARSET and/or DB_CHARSET is not defined');
|
|
|
|
if ( version_compare(mysql_get_server_info(), '4.1.0', '>=') )
|
|
|
|
{
|
|
|
|
if (DB_CHARSET!='')
|
|
|
|
{
|
|
|
|
pwg_query('SET NAMES "'.DB_CHARSET.'"');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
if ( strtolower(PWG_CHARSET)!='iso-8859-1' )
|
|
|
|
{
|
|
|
|
die('PWG supports only iso-8859-1 charset on MySql version '.mysql_get_server_info());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2004-02-02 00:55:18 +00:00
|
|
|
//
|
2004-03-26 17:08:09 +00:00
|
|
|
// Setup gallery wide options, if this fails then we output a CRITICAL_ERROR
|
|
|
|
// since basic gallery information is not available
|
2004-02-02 00:55:18 +00:00
|
|
|
//
|
2006-04-27 21:08:50 +00:00
|
|
|
load_conf_from_db();
|
2006-12-14 00:58:57 +00:00
|
|
|
load_plugins();
|
2004-02-02 00:55:18 +00:00
|
|
|
|
2004-12-20 19:26:43 +00:00
|
|
|
include(PHPWG_ROOT_PATH.'include/user.inc.php');
|
2005-08-08 20:52:19 +00:00
|
|
|
|
2006-10-20 02:17:53 +00:00
|
|
|
|
2005-08-08 20:52:19 +00:00
|
|
|
// language files
|
2007-10-08 23:46:09 +00:00
|
|
|
load_language('common.lang');
|
2008-07-02 01:11:26 +00:00
|
|
|
if ( is_admin() || (defined('IN_ADMIN') and IN_ADMIN) )
|
2005-08-08 20:52:19 +00:00
|
|
|
{
|
2007-10-08 23:46:09 +00:00
|
|
|
load_language('admin.lang');
|
2005-08-08 20:52:19 +00:00
|
|
|
}
|
2007-01-08 00:16:10 +00:00
|
|
|
trigger_action('loading_lang');
|
2007-10-08 23:46:09 +00:00
|
|
|
load_language('local.lang');
|
2005-08-08 20:52:19 +00:00
|
|
|
|
2006-10-20 02:17:53 +00:00
|
|
|
// only now we can set the localized username of the guest user (and not in
|
|
|
|
// include/user.inc.php)
|
2007-06-05 22:01:15 +00:00
|
|
|
if (is_a_guest())
|
2006-10-20 02:17:53 +00:00
|
|
|
{
|
2008-01-30 22:07:07 +00:00
|
|
|
$user['username'] = l10n('guest');
|
2006-10-20 02:17:53 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// template instance
|
2007-10-02 05:38:54 +00:00
|
|
|
if
|
2007-06-21 20:49:45 +00:00
|
|
|
(
|
2008-08-16 01:32:37 +00:00
|
|
|
defined('IN_ADMIN') and IN_ADMIN
|
2007-06-21 20:49:45 +00:00
|
|
|
)
|
|
|
|
{
|
|
|
|
// Admin template
|
2008-06-22 08:45:28 +00:00
|
|
|
//$template = new Template(PHPWG_ROOT_PATH.'template/'.$user['admin_template'], $user['admin_theme'] );
|
2008-06-23 19:14:19 +00:00
|
|
|
list($user['admin_template'], $user['admin_theme']) =
|
|
|
|
explode ('/', $conf['admin_layout']);
|
2008-08-16 01:32:37 +00:00
|
|
|
$template = new Template(PHPWG_ROOT_PATH.'admin/template/'
|
2008-06-23 19:14:19 +00:00
|
|
|
. $user['admin_template'], $user['admin_theme'] );
|
2007-06-21 20:49:45 +00:00
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
// Classic template
|
2008-06-23 19:14:19 +00:00
|
|
|
$template = new Template(PHPWG_ROOT_PATH.'template/'
|
|
|
|
. $user['template'], $user['theme'] );
|
2007-06-21 20:49:45 +00:00
|
|
|
}
|
2006-10-20 02:17:53 +00:00
|
|
|
|
2007-07-07 09:23:04 +00:00
|
|
|
if (isset($user['internal_status']['guest_must_be_guest'])
|
|
|
|
and
|
|
|
|
$user['internal_status']['guest_must_be_guest'] === true)
|
|
|
|
{
|
|
|
|
$header_msgs[] = l10n('guest_must_be_guest');
|
|
|
|
}
|
|
|
|
|
2006-02-12 21:52:16 +00:00
|
|
|
if ($conf['gallery_locked'])
|
|
|
|
{
|
2008-01-30 22:07:07 +00:00
|
|
|
$header_msgs[] = l10n('gallery_locked_message');
|
2006-02-12 21:52:16 +00:00
|
|
|
|
2007-01-02 22:57:33 +00:00
|
|
|
if ( script_basename() != 'identification' and !is_admin() )
|
2006-02-12 21:52:16 +00:00
|
|
|
{
|
2007-06-27 22:50:36 +00:00
|
|
|
set_status_header(503, 'Service Unavailable');
|
|
|
|
@header('Retry-After: 900');
|
2008-01-30 22:07:07 +00:00
|
|
|
echo l10n('gallery_locked_message')
|
2007-01-24 05:07:08 +00:00
|
|
|
.'<a href="'.get_absolute_root_url(false).'identification.php">.</a>';
|
2006-02-12 21:52:16 +00:00
|
|
|
exit();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2006-10-20 02:17:53 +00:00
|
|
|
if ($conf['check_upgrade_feed']
|
|
|
|
and defined('PHPWG_IN_UPGRADE')
|
|
|
|
and PHPWG_IN_UPGRADE)
|
2006-06-22 19:21:56 +00:00
|
|
|
{
|
2006-10-26 03:35:20 +00:00
|
|
|
|
2006-10-20 02:17:53 +00:00
|
|
|
// retrieve already applied upgrades
|
|
|
|
$query = '
|
|
|
|
SELECT id
|
|
|
|
FROM '.UPGRADE_TABLE.'
|
|
|
|
;';
|
|
|
|
$applied = array_from_query($query, 'id');
|
2005-12-03 17:33:38 +00:00
|
|
|
|
2006-10-20 02:17:53 +00:00
|
|
|
// retrieve existing upgrades
|
|
|
|
$existing = get_available_upgrade_ids();
|
|
|
|
|
|
|
|
// which upgrades need to be applied?
|
|
|
|
if (count(array_diff($existing, $applied)) > 0)
|
|
|
|
{
|
|
|
|
$header_msgs[] = 'Some database upgrades are missing, '
|
2007-01-24 05:07:08 +00:00
|
|
|
.'<a href="'.get_absolute_root_url(false).'upgrade_feed.php">upgrade now</a>';
|
2006-10-20 02:17:53 +00:00
|
|
|
}
|
|
|
|
}
|
2005-12-03 17:33:38 +00:00
|
|
|
|
2006-05-07 22:52:25 +00:00
|
|
|
if (is_adviser())
|
|
|
|
{
|
2008-01-30 22:07:07 +00:00
|
|
|
$header_msgs[] = l10n('adviser_mode_enabled');
|
2006-05-07 22:52:25 +00:00
|
|
|
}
|
|
|
|
|
2006-06-28 22:50:30 +00:00
|
|
|
if (count($header_msgs) > 0)
|
2006-06-22 21:28:54 +00:00
|
|
|
{
|
2008-03-02 00:29:27 +00:00
|
|
|
$template->assign('header_msgs', $header_msgs);
|
|
|
|
$header_msgs=array();
|
2006-06-22 21:28:54 +00:00
|
|
|
}
|
2006-11-08 04:28:30 +00:00
|
|
|
|
2007-01-15 00:09:14 +00:00
|
|
|
if (!empty($conf['filter_pages']) and get_filter_page_value('used'))
|
2006-12-21 21:38:20 +00:00
|
|
|
{
|
|
|
|
include(PHPWG_ROOT_PATH.'include/filter.inc.php');
|
|
|
|
}
|
2007-01-15 00:09:14 +00:00
|
|
|
else
|
|
|
|
{
|
|
|
|
$filter['enabled'] = false;
|
|
|
|
}
|
2006-12-21 21:38:20 +00:00
|
|
|
|
|
|
|
if (isset($conf['header_notes']))
|
|
|
|
{
|
|
|
|
$header_notes = array_merge($header_notes, $conf['header_notes']);
|
|
|
|
}
|
|
|
|
|
2006-11-08 04:28:30 +00:00
|
|
|
// default event handlers
|
2007-10-02 05:38:54 +00:00
|
|
|
add_event_handler('render_category_literal_description', 'render_category_literal_description');
|
|
|
|
add_event_handler('render_category_description', 'render_category_description');
|
2007-02-22 01:12:32 +00:00
|
|
|
add_event_handler('render_comment_content', 'htmlspecialchars');
|
2006-11-08 04:28:30 +00:00
|
|
|
add_event_handler('render_comment_content', 'parse_comment_content');
|
2007-06-07 18:50:25 +00:00
|
|
|
add_event_handler('render_comment_author', 'strip_tags');
|
2006-11-08 04:28:30 +00:00
|
|
|
trigger_action('init');
|
2006-12-25 07:17:29 +00:00
|
|
|
?>
|