phpBB

Code Changes

File: common.php

  Unmodified   Added   Modified   Removed
Line 16Line 16
	exit;
}


	exit;
}


$starttime = explode(' ', microtime());
$starttime = $starttime[1] + $starttime[0];

require($phpbb_root_path . 'includes/startup.' . $phpEx);






// Report all errors, except notices
error_reporting(E_ALL ^ E_NOTICE);

/*
* Remove variables created by register_globals from the global scope
* Thanks to Matt Kavanagh
*/
function deregister_globals()

if (file_exists($phpbb_root_path . 'config.' . $phpEx))








{

{

	$not_unset = array(
'GLOBALS' => true,
'_GET' => true,
'_POST' => true,
'_COOKIE' => true,
'_REQUEST' => true,
'_SERVER' => true,
'_SESSION' => true,
'_ENV' => true,
'_FILES' => true,
'phpEx' => true,
'phpbb_root_path' => true
);

// Not only will array_merge and array_keys give a warning if
// a parameter is not an array, array_merge will actually fail.
// So we check if _SESSION has been initialised.
if (!isset($_SESSION) || !is_array($_SESSION))
{
$_SESSION = array();

	require($phpbb_root_path . 'config.' . $phpEx);




















	}

	}


// Merge all into one extremely huge array; unset this later
$input = array_merge(
array_keys($_GET),
array_keys($_POST),
array_keys($_COOKIE),
array_keys($_SERVER),
array_keys($_SESSION),
array_keys($_ENV),
array_keys($_FILES)
);

foreach ($input as $varname)
{
if (isset($not_unset[$varname]))
{
// Hacking attempt. No point in continuing unless it's a COOKIE
if ($varname !== 'GLOBALS' || isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_SERVER['GLOBALS']) || isset($_SESSION['GLOBALS']) || isset($_ENV['GLOBALS']) || isset($_FILES['GLOBALS']))
{
exit;
}
else
{
$cookie = &$_COOKIE;
while (isset($cookie['GLOBALS']))
{
foreach ($cookie['GLOBALS'] as $registered_var => $value)
{
if (!isset($not_unset[$registered_var]))
{
unset($GLOBALS[$registered_var]);
}
}
$cookie = &$cookie['GLOBALS'];
}
}
}

unset($GLOBALS[$varname]);
}

unset($input);
}

// If we are on PHP >= 6.0.0 we do not need some code
if (version_compare(PHP_VERSION, '6.0.0-dev', '>='))
{
/**
* @ignore
*/
define('STRIP', false);
}
else
{
@set_magic_quotes_runtime(0);

// Be paranoid with passed vars
if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on' || !function_exists('ini_get'))
{
deregister_globals();
}

define('STRIP', (get_magic_quotes_gpc()) ? true : false);
}

if (defined('IN_CRON'))
{
$phpbb_root_path = dirname(__FILE__) . DIRECTORY_SEPARATOR;
}

if (!file_exists($phpbb_root_path . 'config.' . $phpEx))
{
die("<p>The config.$phpEx file could not be found.</p><p><a href=\"{$phpbb_root_path}install/index.$phpEx\">Click here to install phpBB</a></p>");
}

require($phpbb_root_path . 'config.' . $phpEx);

 

if (!defined('PHPBB_INSTALLED'))
{
// Redirect the user to the installer


if (!defined('PHPBB_INSTALLED'))
{
// Redirect the user to the installer

 
	require($phpbb_root_path . 'includes/functions.' . $phpEx);


	// We have to generate a full HTTP/1.1 header here since we can't guarantee to have any of the information
// available as used by the redirect function
$server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));

	// We have to generate a full HTTP/1.1 header here since we can't guarantee to have any of the information
// available as used by the redirect function
$server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));

Line 141Line 40
		$script_name = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI');
}


		$script_name = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI');
}


 
	// $phpbb_root_path accounts for redirects from e.g. /adm
$script_path = trim(dirname($script_name)) . '/' . $phpbb_root_path . 'install/index.' . $phpEx;

	// Replace any number of consecutive backslashes and/or slashes with a single slash
// (could happen on some proxy setups and/or Windows servers)

	// Replace any number of consecutive backslashes and/or slashes with a single slash
// (could happen on some proxy setups and/or Windows servers)

	$script_path = trim(dirname($script_name)) . '/install/index.' . $phpEx;

 
	$script_path = preg_replace('#[\\\\/]{2,}#', '/', $script_path);

	$script_path = preg_replace('#[\\\\/]{2,}#', '/', $script_path);

 
	// Eliminate . and .. from the path
$script_path = phpbb_clean_path($script_path);


$url = (($secure) ? 'https://' : 'http://') . $server_name;



$url = (($secure) ? 'https://' : 'http://') . $server_name;


Line 172Line 74
}

// Load Extensions

}

// Load Extensions

if (!empty($load_extensions))


// dl() is deprecated and disabled by default as of PHP 5.3.
if (!empty($load_extensions) && function_exists('dl'))

{
$load_extensions = explode(',', $load_extensions);


{
$load_extensions = explode(',', $load_extensions);