1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
|
<?php
/**
* @version $Header$
* @package kernel
* @subpackage functions
*/
// Copyright (c) 2002-2003, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See below for details and a complete list of authors.
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See http://www.gnu.org/copyleft/lesser.html for details.
/**
* required setup
*/
namespace Bitweaver;
use Bitweaver\Plugins\ResourceBitpackage;
use Bitweaver\Languages\BitLanguage;
$rootDir = dirname( dirname( dirname( __FILE__ ) ) );
define( 'BIT_ROOT_PATH', empty( $_SERVER['DOCUMENT_ROOT'] ) ? $rootDir.'/' : $_SERVER['DOCUMENT_ROOT'].'/' );
// immediately die on request to hack our database
if(( !empty( $_REQUEST['sort_mode'] ) && !is_array( $_REQUEST['sort_mode'] ) && strpos( $_REQUEST['sort_mode'], 'http' ) !== false ) || ( !empty( $_REQUEST['PGV_BASE_DIRECTORY'] ) && strpos( $_REQUEST['PGV_BASE_DIRECTORY'], 'http' ) !== false )) {
die;
}
require_once BIT_ROOT_PATH.'kernel/includes/config_defaults_inc.php';
require_once KERNEL_PKG_INCLUDE_PATH.'bit_error_inc.php';
use Bitweaver\KernelTools;
// set error reporting
error_reporting( E_ALL & ~E_DEPRECATED & ~E_NOTICE & ~E_WARNING ); // BIT_PHP_ERROR_REPORTING ); //
if( ini_get( 'safe_mode' ) && ini_get( 'safe_mode_gid' )) {
umask( 0007 );
}
// clean up $_GET and make sure others are clean as well
if( !empty( $_GET ) && is_array( $_GET ) && empty( $gNoToxify ) ) {
KernelTools::detoxify( $_GET, true, false );
$_REQUEST = array_merge( $_REQUEST, $_GET );
}
// =================== Global Classes ===================
global $gBitDb;
$gBitDb = new BitDbAdodb();
if( defined( 'QUERY_CACHE_ACTIVE' ) ) {
$gBitDb->setCaching();
}
global $gBitSmarty, $gBitSystem;
// Per http://stackoverflow.com/a/14101767/268416 try to force gBitSystem to be among the last object to be destroyed, see BitSystem::__destruct() for details
set_error_handler('\Bitweaver\bit_error_handler');
// make sure we only create one BitSmarty
if( !is_object( $gBitSmarty ) ) {
$gBitSmarty = new Themes\BitSmarty();
// Load Bitweaver Plugins
$gBitSmarty->addExtension(new Themes\BitweaverExtension() );
// set the default handler
$gBitSmarty->addDefaultModifiers( [ 'add_link_ticket', 'tr' ] );
$gBitSmarty->registerResource( 'bitpackage', new ResourceBitpackage() );
if( isset( $_REQUEST['highlight'] ) ) {
// $gBitSmarty->addDefaultModifiers( 'highlight' );
}
}
BitSystem::loadSingleton();
// first thing we do, is check to see if our version of bitweaver is up to date.
// we need to know about this before any other package is loaded to ensure that we can exclude stuff that isn't backwards compatible.
// BIT_INSTALL is set by the installer and LOGIN_VALIDATE is set in users/validate.php
if( !empty( $gBitSystem->mConfig ) && version_compare( MIN_BIT_VERSION, $gBitSystem->getVersion(), '>' ) && !( defined( 'BIT_INSTALL' ) || defined( 'LOGIN_VALIDATE' ))) {
define( 'INSTALLER_FORCE', true );
}
BitSystem::prependIncludePath( UTIL_PKG_INCLUDE_PATH );
BitSystem::prependIncludePath( UTIL_PKG_INCLUDE_PATH.'pear/' );
BitLanguage::loadSingleton();
// collects information about the browser - needed for various browser specific theme settings
require_once UTIL_PKG_INCLUDE_PATH.'phpsniff/phpSniff.class.php';
global $gSniffer;
$gSniffer = new \phpSniff;
if( file_exists( ini_get( 'browscap' ) ) ) {
$browserInfo = array_merge( $gSniffer->_browser_info, get_browser( null, true ) );
$gBitSmarty->assign( 'gBrowserInfo', $browserInfo );
} else {
$gBitSmarty->assign( 'gBrowserInfo', $gSniffer->_browser_info );
}
// set various classes global
global $gBitUser, $gTicket, $userlib, $gBitDbType, $gLibertySystem;
if( $gBitSystem->isDatabaseValid() ) {
// output compression
if( ini_get( 'zlib.output_compression' ) == 1 ) {
$gBitSmarty->assign( 'output_compression', 'zlib' );
} elseif( $gBitSystem->isFeatureActive( 'site_output_obzip' ) && !empty( $_SERVER['SCRIPT_FILENAME'] ) && !preg_match( '!/download.php$!', $_SERVER['SCRIPT_FILENAME'] )) {
ob_start( "ob_gzhandler" );
$gBitSmarty->assign( 'output_compression', 'gzip' );
}
$host = $gBitSystem->getConfig( 'kernel_server_name', $_SERVER['HTTP_HOST'] );
if( !defined('BIT_BASE_URI' ) ) {
// Added check for IIS $_SERVER['HTTPS'] uses 'off' value - wolff_borg
define( 'BIT_BASE_URI', 'http'.(( !empty( $_SERVER['HTTPS'] ) && $_SERVER['HTTPS'] != 'off' ) ? 's' : '' ).'://'.$host );
}
if( !defined( 'BIT_BASE_PATH' ) ) {
$root_url_count = strlen( BIT_ROOT_URL );
$root_path_count = strlen( BIT_ROOT_PATH );
$path_end = $root_path_count - $root_url_count;
define( 'BIT_BASE_PATH', BIT_ROOT_URL == "/" ? BIT_ROOT_PATH : substr( BIT_ROOT_PATH, 0, $path_end ) . "/" );
}
// Force full URI's for offline or exported content (newsletters, etc.)
$root = !empty( $_REQUEST['uri_mode'] ) ? BIT_BASE_URI : BIT_ROOT_URL;
if( $root[strlen($root)-1] != '/' ) {
$root .= '/';
}
define( 'UTIL_PKG_URL', $root.'util/' );
define( 'LIBERTY_PKG_URL', $root.'liberty/' );
// load only installed and active packages
$gBitSystem->scanPackages( 'bit_setup_inc.php', true, 'active', true, true );
$gBitSmarty->scanPackagePluginDirs();
if( file_exists( CONFIG_PKG_INCLUDE_PATH.'kernel/override_inc.php' ) ) {
// possible install specific customizations for multi-sites, staging sites, etc.
require_once CONFIG_PKG_PATH.'kernel/override_inc.php';
}
// some plugins check for active packages, so we do this *after* package scanning
$gBitSmarty->assign( 'gBitSystem', $gBitSystem );
// some liberty plugins might need to run some functions.
// it's necessary that we call them early on after scanPackages() has been completed.
foreach( $gLibertySystem->getPluginFunctions( 'preload_function' ) as $func ) {
$func();
}
// TODO: XSS security check
if( !empty( $_REQUEST['tk'] ) && empty( $_SERVER['bot'] ) ) {
//$gBitUser->verifyTicket();
} elseif( !empty( $_SERVER['bot'] ) ) {
}
// this will register and set up the dropdown menus and the application menus in modules
require_once THEMES_PKG_INCLUDE_PATH.'menu_register_inc.php';
// added for virtual hosting suport
if( !isset( $bitdomain )) {
$bitdomain = "";
} else {
$bitdomain .= "/";
}
$gBitSystem->setConfig( 'bitdomain', $bitdomain );
$gBitSmarty->assign( "bitdomain", $bitdomain );
// Fix IIS servers not setting what they should set (ay ay IIS, ay ay)
if( !isset( $_SERVER['QUERY_STRING'] )) {
$_SERVER['QUERY_STRING'] = '';
}
if( !isset( $_SERVER['REQUEST_URI'] ) || empty( $_SERVER['REQUEST_URI'] )) {
$_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'].'/'.$_SERVER['QUERY_STRING'];
}
if( isset( $_REQUEST['page'] )) {
$_REQUEST['page'] = strip_tags( $_REQUEST['page'] );
}
global $gHideModules;
$gBitSmarty->assign( 'gHideModules', $gHideModules );
$keywords = $gBitSystem->getConfig( 'site_keywords' );
$gBitSmarty->assign( 'metaKeywords', $keywords );
// =================== Kernel ===================
//$gBitSmarty->assign( "gBitSystemPackages", $gBitSystem->mPackages ); doesn't seem to be used - xing
// check to see if admin has closed the site
if(( isset( $_SERVER['SCRIPT_URL'] ) && $_SERVER['SCRIPT_URL'] == USERS_PKG_URL.'validate.php' )) {
$bypass_siteclose_check = 'y';
}
if( empty($gShellScript) && $gBitSystem->isFeatureActive( 'site_closed' ) && !$gBitUser->hasPermission( 'p_access_closed_site' ) && !isset( $bypass_siteclose_check )) {
$_REQUEST['error'] = $gBitSystem->getConfig('site_closed_msg',' ');
include KERNEL_PKG_PATH . 'error_simple.php';
exit;
}
// check to see if max server load threshold is enabled
$site_use_load_threshold = $gBitSystem->getConfig( 'site_use_load_threshold', 'n' );
// get average server load in the last minute. Keep quiet cause virtual hosts can give perm denied or openbase_dir is open_basedir on
if(@is_readable('/proc/loadavg') && @($load = file('/proc/loadavg'))) {
list($server_load) = explode(' ', $load[0]);
$gBitSmarty->assign('server_load', $server_load);
if ($site_use_load_threshold == 'y' && !$gBitUser->hasPermission( 'p_access_closed_site' ) && !isset($bypass_siteclose_check)) {
$site_load_threshold = $gBitSystem->getConfig('site_load_threshold', 3);
if ($server_load > $site_load_threshold) {
$_REQUEST['error'] = $gBitSystem->getConfig('site_busy_msg', 'Server is currently too busy; please come back later.');
include KERNEL_PKG_PATH . 'error_simple.php';
exit;
}
}
}
// if we are interactively translating the website, we force template caching on every page load.
if( $gBitSystem->isFeatureActive( 'i18n_interactive_translation' ) && $gBitUser->hasPermission( 'p_languages_edit' ) ) {
$gBitSmarty->assign( "gBitTranslationHash", $gBitTranslationHash );
} else {
// this has to be done since the permission can't be checked in BitLanguage::translate() as it's called too soon by prefilter.tr
$gBitSystem->setConfig( 'i18n_interactive_translation', 'n' );
}
// All of the below deals with HTTPS - perhaps we should move this to a separate file
if( isset( $_SERVER['HTTPS'] ) && $_SERVER['HTTPS'] == 'on' ) {
$site_http_port = 80;
$site_https_port = isset( $_SERVER['SERVER_PORT'] ) ? $_SERVER['SERVER_PORT'] : 443;
} else {
$site_https_port = 443;
$site_http_port = isset( $_SERVER['SERVER_PORT'] ) ? $_SERVER['SERVER_PORT'] : 80;
}
if( !$site_https_port = $gBitSystem->getConfig( 'site_https_port', $site_https_port ) ) {
$gBitSystem->setConfig( 'site_https_port', $site_https_port );
}
if( defined( 'SECURE_BIT_BASE_URI' ) ) {
define( 'SECURE_BIT_BASE_URI', 'https://'.$host.($site_https_port!=443?$site_https_port:'') );
}
// we need this for backwards compatibility - use $gBitSystem->getPrerference( 'max_records' ) if you need it, or else the spanish inquisition will come and poke you with a soft cushion
$max_records = $gBitSystem->getConfig( "max_records", 10 );
$gBitSmarty->assign('site_https_login', $gBitSystem->getConfig( 'site_https_login' ) );
$gBitSmarty->assign('site_https_login_required', $gBitSystem->getConfig( 'site_https_login_required' ) );
$login_url = USERS_PKG_URL . 'validate.php';
$gBitSmarty->assign( 'login_url', $login_url );
if( $gBitSystem->isFeatureActive( 'site_https_login' ) || $gBitSystem->isFeatureActive( 'site_https_login_required' ) ) {
$http_login_url = 'http://' . $gBitSystem->getConfig( 'site_http_domain', $_SERVER['HTTP_HOST'] );
if( $site_http_port != 80 ) {
$http_login_url .= ':'.$site_http_port;
}
$http_login_url .= $gBitSystem->getConfig( 'site_http_prefix', BIT_ROOT_URL ).USERS_PKG_URL.'signin.php';
$https_login_url = 'https://'.$gBitSystem->getConfig( 'site_https_domain', $_SERVER['HTTP_HOST'] );
if( $site_https_port != 443 ) {
$https_login_url .= ':'.$site_https_port;
}
$https_login_url .= $gBitSystem->getConfig( 'site_https_prefix', BIT_ROOT_URL ).USERS_PKG_URL.'signin.php';
$gBitSystem->setConfig( 'http_login_url', $http_login_url );
if( $gBitSystem->isFeatureActive('site_https_login_required') ) {
// force the login_url to the https_login_url if needed
if( !( isset( $_SERVER['HTTPS'] ) && $_SERVER['HTTPS'] == 'on' )) {
$gBitSmarty->assign( 'login_url', $https_login_url );
}
} else {
$gBitSystem->setConfig( 'http_login_url', $http_login_url );
$gBitSystem->setConfig( 'https_login_url', $https_login_url );
}
}
// if we have a valid user but their status is unsavory then completely cut them off from accessing the site
if( $gBitUser->getField('content_status_id') < 0 ){
$gBitSystem->scanPackages();
$gBitSystem->fatalError( KernelTools::tra( 'Access Denied' )."!" );
}
}
// INSTALLER_FORCE was set earlier and here we force the installer if needed.
if( defined( 'INSTALLER_FORCE' )) {
$gBitSmarty->display( "bitpackage:kernel/force_installer.tpl" );
die;
}
|
