Line 16 | Line 16 |
---|
exit; }
|
exit; }
|
$starttime = explode(' ', microtime()); $starttime = $starttime[1] + $starttime[0];
| require($phpbb_root_path . 'includes/startup.' . $phpEx);
|
|
|
// Report all errors, except notices error_reporting(E_ALL ^ E_NOTICE);
/* * Remove variables created by register_globals from the global scope * Thanks to Matt Kavanagh */ function deregister_globals()
| if (file_exists($phpbb_root_path . 'config.' . $phpEx))
|
{
|
{
|
$not_unset = array( 'GLOBALS' => true, '_GET' => true, '_POST' => true, '_COOKIE' => true, '_REQUEST' => true, '_SERVER' => true, '_SESSION' => true, '_ENV' => true, '_FILES' => true, 'phpEx' => true, 'phpbb_root_path' => true );
// Not only will array_merge and array_keys give a warning if // a parameter is not an array, array_merge will actually fail. // So we check if _SESSION has been initialised. if (!isset($_SESSION) || !is_array($_SESSION)) { $_SESSION = array();
| require($phpbb_root_path . 'config.' . $phpEx);
|
}
|
}
|
// Merge all into one extremely huge array; unset this later $input = array_merge( array_keys($_GET), array_keys($_POST), array_keys($_COOKIE), array_keys($_SERVER), array_keys($_SESSION), array_keys($_ENV), array_keys($_FILES) );
foreach ($input as $varname) { if (isset($not_unset[$varname])) { // Hacking attempt. No point in continuing unless it's a COOKIE if ($varname !== 'GLOBALS' || isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_SERVER['GLOBALS']) || isset($_SESSION['GLOBALS']) || isset($_ENV['GLOBALS']) || isset($_FILES['GLOBALS'])) { exit; } else { $cookie = &$_COOKIE; while (isset($cookie['GLOBALS'])) { foreach ($cookie['GLOBALS'] as $registered_var => $value) { if (!isset($not_unset[$registered_var])) { unset($GLOBALS[$registered_var]); } } $cookie = &$cookie['GLOBALS']; } } }
unset($GLOBALS[$varname]); }
unset($input); }
// If we are on PHP >= 6.0.0 we do not need some code if (version_compare(PHP_VERSION, '6.0.0-dev', '>=')) { /** * @ignore */ define('STRIP', false); } else { @set_magic_quotes_runtime(0);
// Be paranoid with passed vars if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on' || !function_exists('ini_get')) { deregister_globals(); }
define('STRIP', (get_magic_quotes_gpc()) ? true : false); }
if (defined('IN_CRON')) { $phpbb_root_path = dirname(__FILE__) . DIRECTORY_SEPARATOR; }
if (!file_exists($phpbb_root_path . 'config.' . $phpEx)) { die("<p>The config.$phpEx file could not be found.</p><p><a href=\"{$phpbb_root_path}install/index.$phpEx\">Click here to install phpBB</a></p>"); }
require($phpbb_root_path . 'config.' . $phpEx);
| |
if (!defined('PHPBB_INSTALLED')) { // Redirect the user to the installer
|
if (!defined('PHPBB_INSTALLED')) { // Redirect the user to the installer
|
| require($phpbb_root_path . 'includes/functions.' . $phpEx);
|
// We have to generate a full HTTP/1.1 header here since we can't guarantee to have any of the information // available as used by the redirect function $server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));
| // We have to generate a full HTTP/1.1 header here since we can't guarantee to have any of the information // available as used by the redirect function $server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));
|
Line 141 | Line 40 |
---|
$script_name = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI'); }
|
$script_name = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI'); }
|
| // $phpbb_root_path accounts for redirects from e.g. /adm $script_path = trim(dirname($script_name)) . '/' . $phpbb_root_path . 'install/index.' . $phpEx;
|
// Replace any number of consecutive backslashes and/or slashes with a single slash // (could happen on some proxy setups and/or Windows servers)
|
// Replace any number of consecutive backslashes and/or slashes with a single slash // (could happen on some proxy setups and/or Windows servers)
|
$script_path = trim(dirname($script_name)) . '/install/index.' . $phpEx;
| |
$script_path = preg_replace('#[\\\\/]{2,}#', '/', $script_path);
|
$script_path = preg_replace('#[\\\\/]{2,}#', '/', $script_path);
|
| // Eliminate . and .. from the path $script_path = phpbb_clean_path($script_path);
|
$url = (($secure) ? 'https://' : 'http://') . $server_name;
| $url = (($secure) ? 'https://' : 'http://') . $server_name;
|
Line 172 | Line 74 |
---|
}
// Load Extensions
|
}
// Load Extensions
|
if (!empty($load_extensions))
| // dl() is deprecated and disabled by default as of PHP 5.3. if (!empty($load_extensions) && function_exists('dl'))
|
{ $load_extensions = explode(',', $load_extensions);
| { $load_extensions = explode(',', $load_extensions);
|