summaryrefslogtreecommitdiff
path: root/includes
diff options
context:
space:
mode:
authorGreg Roach <fisharebest@gmail.com>2015-01-28 11:01:22 +0000
committerGreg Roach <fisharebest@gmail.com>2015-01-28 11:02:44 +0000
commit0f70b9be1c1baf38659b9c7b919621ac363777ab (patch)
treed91308b22613a6963a3cc46ea85a56baa66ca3f1 /includes
parente0d050c57b008e0b7552a5d89593b28b8fb7a355 (diff)
downloadwebtrees-0f70b9be1c1baf38659b9c7b919621ac363777ab.tar.gz
webtrees-0f70b9be1c1baf38659b9c7b919621ac363777ab.tar.bz2
webtrees-0f70b9be1c1baf38659b9c7b919621ac363777ab.zip
Use PHP function to set HTTP status
Diffstat (limited to 'includes')
-rw-r--r--includes/hitcount.php2
-rw-r--r--includes/php_53_compatibility.php193
-rw-r--r--includes/reportheader.php2
-rw-r--r--includes/session.php64
-rw-r--r--includes/specialchars.php2
5 files changed, 202 insertions, 61 deletions
diff --git a/includes/hitcount.php b/includes/hitcount.php
index 597f6aaa24..81eee433ca 100644
--- a/includes/hitcount.php
+++ b/includes/hitcount.php
@@ -24,7 +24,7 @@
use WT\Auth;
if (!defined('WT_WEBTREES')) {
- header('HTTP/1.0 403 Forbidden');
+ http_response_code(403);
exit;
}
diff --git a/includes/php_53_compatibility.php b/includes/php_53_compatibility.php
new file mode 100644
index 0000000000..b4abc6ebea
--- /dev/null
+++ b/includes/php_53_compatibility.php
@@ -0,0 +1,193 @@
+<?php
+
+// http://php.net/manual/en/security.magicquotes.disabling.php
+if (get_magic_quotes_gpc()) {
+ $_process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
+ while (list($key, $val) = each($_process)) {
+ foreach ($val as $k => $v) {
+ unset($_process[$key][$k]);
+ if (is_array($v)) {
+ $_process[$key][stripslashes($k)] = $v;
+ $_process[] = &$_process[$key][stripslashes($k)];
+ } else {
+ $_process[$key][stripslashes($k)] = stripslashes($v);
+ }
+ }
+ }
+ unset($_process);
+}
+
+////////////////////////////////////////////////////////////////////////////////
+// The ircmaxell/password-compat library does not support unpatched versions of
+// PHP older than PHP5.3.6. These versions of PHP have no secure crypt library.
+////////////////////////////////////////////////////////////////////////////////
+$hash = '$2y$04$usesomesillystringfore7hnbRJHxXVLeakoG8K30oukPsA.ztMG';
+if (!defined('PASSWORD_BCRYPT') && crypt("password", $hash) !== $hash) {
+ define('PASSWORD_BCRYPT', 1);
+ define('PASSWORD_DEFAULT', 1);
+ /**
+ * @param string $password
+ * @param integer $algo
+ *
+ * @return string
+ */
+ function password_hash($password, $algo) {
+ return crypt($password);
+ }
+
+ /**
+ * @param string $hash
+ * @param integer $algo
+ *
+ * @return boolean
+ */
+ function password_needs_rehash($hash, $algo) {
+ return false;
+ }
+
+ /**
+ * @param string $password
+ * @param integer $hash
+ *
+ * @return boolean
+ */
+ function password_verify($password, $hash) {
+ return crypt($password, $hash) === $hash;
+ }
+}
+
+/**
+ * This function was added to PHP in 5.4
+ *
+ * @param string|null $code
+ *
+ * @link https://php.net/http_response_code
+ * @return int|null
+ */
+function http_response_code($code = null) {
+ if ($code !== null) {
+ switch ($code) {
+ case 100:
+ $text = 'Continue';
+ break;
+ case 101:
+ $text = 'Switching Protocols';
+ break;
+ case 200:
+ $text = 'OK';
+ break;
+ case 201:
+ $text = 'Created';
+ break;
+ case 202:
+ $text = 'Accepted';
+ break;
+ case 203:
+ $text = 'Non-Authoritative Information';
+ break;
+ case 204:
+ $text = 'No Content';
+ break;
+ case 205:
+ $text = 'Reset Content';
+ break;
+ case 206:
+ $text = 'Partial Content';
+ break;
+ case 300:
+ $text = 'Multiple Choices';
+ break;
+ case 301:
+ $text = 'Moved Permanently';
+ break;
+ case 302:
+ $text = 'Moved Temporarily';
+ break;
+ case 303:
+ $text = 'See Other';
+ break;
+ case 304:
+ $text = 'Not Modified';
+ break;
+ case 305:
+ $text = 'Use Proxy';
+ break;
+ case 400:
+ $text = 'Bad Request';
+ break;
+ case 401:
+ $text = 'Unauthorized';
+ break;
+ case 402:
+ $text = 'Payment Required';
+ break;
+ case 403:
+ $text = 'Forbidden';
+ break;
+ case 404:
+ $text = 'Not Found';
+ break;
+ case 405:
+ $text = 'Method Not Allowed';
+ break;
+ case 406:
+ $text = 'Not Acceptable';
+ break;
+ case 407:
+ $text = 'Proxy Authentication Required';
+ break;
+ case 408:
+ $text = 'Request Time-out';
+ break;
+ case 409:
+ $text = 'Conflict';
+ break;
+ case 410:
+ $text = 'Gone';
+ break;
+ case 411:
+ $text = 'Length Required';
+ break;
+ case 412:
+ $text = 'Precondition Failed';
+ break;
+ case 413:
+ $text = 'Request Entity Too Large';
+ break;
+ case 414:
+ $text = 'Request-URI Too Large';
+ break;
+ case 415:
+ $text = 'Unsupported Media Type';
+ break;
+ case 500:
+ $text = 'Internal Server Error';
+ break;
+ case 501:
+ $text = 'Not Implemented';
+ break;
+ case 502:
+ $text = 'Bad Gateway';
+ break;
+ case 503:
+ $text = 'Service Unavailable';
+ break;
+ case 504:
+ $text = 'Gateway Time-out';
+ break;
+ case 505:
+ $text = 'HTTP Version not supported';
+ break;
+ default:
+ exit('Unknown http status code "' . htmlentities($code) . '"');
+ break;
+ }
+ $protocol = (isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : 'HTTP/1.0');
+ header($protocol . ' ' . $code . ' ' . $text);
+ $GLOBALS['http_response_code'] = $code;
+ } else {
+ $code = (isset($GLOBALS['http_response_code']) ? $GLOBALS['http_response_code'] : 200);
+ }
+
+ return $code;
+}
diff --git a/includes/reportheader.php b/includes/reportheader.php
index 761d36364e..8cea77e55e 100644
--- a/includes/reportheader.php
+++ b/includes/reportheader.php
@@ -23,7 +23,7 @@
// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
if (!defined('WT_WEBTREES')) {
- header('HTTP/1.0 403 Forbidden');
+ http_response_code(403);
exit;
}
diff --git a/includes/session.php b/includes/session.php
index 008cc14533..29a3f56c11 100644
--- a/includes/session.php
+++ b/includes/session.php
@@ -27,7 +27,7 @@ use WT\Theme;
// WT_SCRIPT_NAME is defined in each script that the user is permitted to load.
if (!defined('WT_SCRIPT_NAME')) {
- header('HTTP/1.0 403 Forbidden');
+ http_response_code(403);
exit;
}
@@ -161,61 +161,9 @@ if (strpos(ini_get('disable_functions'), 'ini_set') === false) {
ini_set('display_errors', 'on');
}
-// PHP5.3 may be using magic-quotes :-(
-if (version_compare(PHP_VERSION, '5.4', '<') && get_magic_quotes_gpc()) {
- // http://php.net/manual/en/security.magicquotes.disabling.php
- $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
- while (list($key, $val) = each($process)) {
- foreach ($val as $k => $v) {
- unset($process[$key][$k]);
- if (is_array($v)) {
- $process[$key][stripslashes($k)] = $v;
- $process[] = &$process[$key][stripslashes($k)];
- } else {
- $process[$key][stripslashes($k)] = stripslashes($v);
- }
- }
- }
- unset($process);
-}
-
-////////////////////////////////////////////////////////////////////////////////
-// The ircmaxell/password-compat library does not support unpatched versions of
-// PHP older than PHP5.3.6. These versions of PHP have no secure crypt library.
-////////////////////////////////////////////////////////////////////////////////
-$hash = '$2y$04$usesomesillystringfore7hnbRJHxXVLeakoG8K30oukPsA.ztMG';
-if (!defined('PASSWORD_BCRYPT') && crypt("password", $hash) !== $hash) {
- define('PASSWORD_BCRYPT', 1);
- define('PASSWORD_DEFAULT', 1);
- /**
- * @param string $password
- * @param integer $algo
- *
- * @return string
- */
- function password_hash($password, $algo) {
- return crypt($password);
- }
-
- /**
- * @param string $hash
- * @param integer $algo
- *
- * @return boolean
- */
- function password_needs_rehash($hash, $algo) {
- return false;
- }
-
- /**
- * @param string $password
- * @param integer $hash
- *
- * @return boolean
- */
- function password_verify($password, $hash) {
- return crypt($password, $hash) === $hash;
- }
+// We use some PHP5.5 features, but need to run on older servers
+if (version_compare(PHP_VERSION, '5.4', '<')) {
+ require WT_ROOT . 'includes/php_53_compatibility.php';
}
require WT_ROOT . 'library/autoload.php';
@@ -401,7 +349,7 @@ case 'allow':
$SEARCH_SPIDER = false;
break;
case 'deny':
- header('HTTP/1.1 403 Access Denied');
+ http_response_code(403);
exit;
case 'robot':
case 'unknown':
@@ -663,7 +611,7 @@ if ($SEARCH_SPIDER && !in_array(WT_SCRIPT_NAME, array(
'index.php', 'indilist.php', 'module.php', 'mediafirewall.php',
'individual.php', 'family.php', 'mediaviewer.php', 'note.php', 'repo.php', 'source.php',
))) {
- header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden');
+ http_response_code(403);
$controller = new WT_Controller_Page;
$controller->setPageTitle(WT_I18N::translate('Search engine'));
$controller->pageHeader();
diff --git a/includes/specialchars.php b/includes/specialchars.php
index 8c80e6aa09..6ab78e6e78 100644
--- a/includes/specialchars.php
+++ b/includes/specialchars.php
@@ -23,7 +23,7 @@
// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
if (!defined('WT_WEBTREES')) {
- header('HTTP/1.0 403 Forbidden');
+ http_response_code(403);
exit;
}