CMS Made Simple PHP Cross Reference Content Management Systems

Source: /include.php - 288 lines - 8894 bytes - Summary - Text - Print

Description: This file is included in every page.  It does all seutp functions including importing additional functions/classes, setting up sessions and nls, and construction of various important variables like $gCms.

   1  <?php
   2  #CMS - CMS Made Simple
   3  #(c)2004 by Ted Kulp (wishy@users.sf.net)
   4  #This project's homepage is: http://www.cmsmadesimple.org
   5  #
   6  #This program is free software; you can redistribute it and/or modify
   7  #it under the terms of the GNU General Public License as published by
   8  #the Free Software Foundation; either version 2 of the License, or
   9  #(at your option) any later version.
  10  #
  11  #This program is distributed in the hope that it will be useful,
  12  #but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  #MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  #GNU General Public License for more details.
  15  #You should have received a copy of the GNU General Public License
  16  #along with this program; if not, write to the Free Software
  17  #Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  18  #
  19  #$Id$
  20  
  21  $dirname = dirname(__FILE__);
  22  
  23  define('CMS_DEFAULT_VERSIONCHECK_URL','http://www.cmsmadesimple.org/latest_version.php');
  24  define('CMS_SECURE_PARAM_NAME','_sx_');
  25  define('CMS_USER_KEY','_userkey_');
  26  
  27  $session_key = substr(md5($dirname), 0, 8);
  28  if( !isset($CMS_INSTALL_PAGE) )
  29    {
  30      @session_name('CMSSESSID' . $session_key);
  31      @ini_set('url_rewriter.tags', '');
  32      @ini_set('session.use_trans_sid', 0);
  33    }
  34  
  35  #Setup session with different id and start it
  36  if( isset($CMS_ADMIN_PAGE) || isset($CMS_INSTALL_PAGE) )
  37    {
  38      // admin pages can't be cached... period, at all.. never.
  39      @session_cache_limiter('private');
  40      header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
  41      header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
  42      header("Cache-Control: no-store, no-cache, must-revalidate");
  43      header("Cache-Control: post-check=0, pre-check=0", false);
  44      header("Pragma: no-cache");
  45    }
  46  else
  47    {
  48      @session_cache_limiter('public');
  49    }
  50  
  51  if(!@session_id()) session_start();
  52  
  53  
  54  /**
  55   * This file is included in every page.  It does all seutp functions including
  56   * importing additional functions/classes, setting up sessions and nls, and
  57   * construction of various important variables like $gCms.
  58   *
  59   * @package CMS
  60   */
  61  #magic_quotes_runtime is a nuisance...  turn it off before it messes something up
  62  if (version_compare(phpversion(),"5.3.0","<")) {
  63    set_magic_quotes_runtime(false);
  64  }
  65  
  66  // minimum stuff to get started (autoloader needs the cmsms() and the config stuff.
  67  //require_once($dirname.DIRECTORY_SEPARATOR.'lib'.DIRECTORY_SEPARATOR.'classes'.DIRECTORY_SEPARATOR.'class.cms_variables.php');
  68  require_once ($dirname.DIRECTORY_SEPARATOR.'fileloc.php');
  69  require_once ($dirname.DIRECTORY_SEPARATOR.'lib'.DIRECTORY_SEPARATOR.'classes'.DIRECTORY_SEPARATOR.'class.CmsException.php');
  70  require_once ($dirname.DIRECTORY_SEPARATOR.'lib'.DIRECTORY_SEPARATOR.'classes'.DIRECTORY_SEPARATOR.'class.cms_config.php');
  71  require_once ($dirname.DIRECTORY_SEPARATOR.'lib'.DIRECTORY_SEPARATOR.'classes'.DIRECTORY_SEPARATOR.'class.CmsApp.php');
  72  require_once ($dirname.DIRECTORY_SEPARATOR.'lib'.DIRECTORY_SEPARATOR.'autoloader.php');
  73  require_once ($dirname.DIRECTORY_SEPARATOR.'lib'.DIRECTORY_SEPARATOR.'misc.functions.php');
  74  require_once ($dirname.DIRECTORY_SEPARATOR.'lib'.DIRECTORY_SEPARATOR.'module.functions.php');
  75  require_once ($dirname.DIRECTORY_SEPARATOR.'version.php');
  76  debug_buffer('done loading required files');
  77  
  78  // sanitize $_GET
  79  array_walk_recursive($_GET, 'sanitize_input_array');
  80  // sanitize $_SERVER
  81  array_walk_recursive($_SERVER,'sanitize_input_array');
  82  
  83  if (isset($starttime))
  84  {
  85    cmsms()->set_variable('starttime',$starttime);
  86  }
  87  
  88  
  89  if( isset($CMS_ADMIN_PAGE) )
  90    {
  91      function cms_admin_sendheaders($content_type = 'text/html',$charset = '')
  92      {
  93        if( !$charset ) $charset = get_encoding();
  94  
  95        // Date in the past
  96        header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
  97  
  98        // always modified
  99        header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
 100   
 101        // HTTP/1.1
 102        header("Cache-Control: no-store, no-cache, must-revalidate");
 103        header("Cache-Control: post-check=0, pre-check=0", false);
 104  
 105        // HTTP/1.0
 106        header("Pragma: no-cache");
 107          
 108        // Language shizzle
 109        header("Content-Type: $content_type; charset=$charset");
 110      }
 111  
 112       if( !isset($_SESSION[CMS_USER_KEY]) )
 113         {
 114       if( isset($_COOKIE[CMS_SECURE_PARAM_NAME]) )
 115         {
 116           $_SESSION[CMS_USER_KEY] = $_COOKIE[CMS_SECURE_PARAM_NAME];
 117         }
 118       else
 119         {
 120           // maybe change this algorithm.
 121           $key = substr(str_shuffle(sha1($dirname.time().session_id())),-16);
 122           $_SESSION[CMS_USER_KEY] = $key;
 123           cms_cookies::set(CMS_SECURE_PARAM_NAME,$key);
 124         }
 125         }
 126    }
 127  
 128  
 129  # Create the global
 130  $gCms = cmsms();
 131  #Grab the current configuration
 132  $config = $gCms->GetConfig();
 133  
 134  #Set the timezone
 135  if( $config['timezone'] != '' )
 136    {
 137      @date_default_timezone_set(trim($config['timezone']));
 138    }
 139  
 140  #Attempt to override the php memory limit
 141  if( isset($config['php_memory_limit']) && !empty($config['php_memory_limit'])  )
 142    {
 143      ini_set('memory_limit',trim($config['php_memory_limit']));
 144    }
 145  
 146  #Add users if they exist in the session
 147  cmsms()->set_variable('user_id','');
 148  cmsms()->set_variable('username','');
 149  if (isset($_SESSION['cms_admin_user_id']))
 150  {
 151    cmsms()->set_variable('user_id',$_SESSION['cms_admin_user_id']);
 152  }
 153  if (isset($_SESSION['cms_admin_username']))
 154  {
 155    cmsms()->set_variable('username',$_SESSION['cms_admin_username']);
 156  }
 157  
 158  if ($config["debug"] == true)
 159    {
 160      @ini_set('display_errors',1);
 161      @error_reporting(E_ALL);
 162    }
 163  
 164  
 165  debug_buffer('loading adodb');
 166  require(cms_join_path($dirname,'lib','adodb.functions.php'));
 167  load_adodb();
 168  
 169  debug_buffer('loading page functions');
 170  require_once(cms_join_path($dirname,'lib','page.functions.php'));
 171  
 172  debug_buffer('loading content functions');
 173  require_once(cms_join_path($dirname,'lib','content.functions.php'));
 174  
 175  debug_buffer('loading translation functions');
 176  require_once(cms_join_path($dirname,'lib','translation.functions.php'));
 177  
 178  debug_buffer('loading php4 entity decode functions');
 179  require_once ($dirname.DIRECTORY_SEPARATOR.'lib'.DIRECTORY_SEPARATOR.'html_entity_decode_php4.php');
 180  
 181  debug_buffer('done loading files');
 182  
 183  #Load them into the usual variables.  This'll go away a little later on.
 184  global $DONT_LOAD_DB;
 185  if (!isset($DONT_LOAD_DB))
 186  {
 187    debug_buffer('Initialize Database');
 188    cmsms()->GetDb();
 189    debug_buffer('Done Initializing Database');
 190  
 191    if( isset($CMS_ADMIN_PAGE) && !isset($CMS_LOGIN_PAGE) ) {
 192      $db = cmsms()->GetDb();
 193      $current_version = $CMS_SCHEMA_VERSION;
 194      $query = "SELECT version from ".cms_db_prefix()."version";
 195      $current_version = $db->GetOne($query);
 196      if ($current_version < $CMS_SCHEMA_VERSION) {
 197        redirect($config['root_url'] . "/install/upgrade.php");
 198      }
 199    }
 200  }
 201  
 202  debug_buffer('Initialize Smarty');
 203  $smarty = cmsms()->GetSmarty();
 204  debug_buffer('Done Initialiing Smarty');
 205  
 206  /*
 207  // Neccery? -Stikki-
 208  if (!defined('SMARTY_DIR')) {
 209      define('SMARTY_DIR', cms_join_path($dirname,'lib','smarty') . DIRECTORY_SEPARATOR);
 210  }
 211  */
 212  
 213  #Stupid magic quotes...
 214  if(get_magic_quotes_gpc())
 215  {
 216      stripslashes_deep($_GET);
 217      stripslashes_deep($_POST);
 218      stripslashes_deep($_REQUEST);
 219      stripslashes_deep($_COOKIE);
 220      stripslashes_deep($_SESSION);
 221  }
 222  
 223  #Fix for IIS (and others) to make sure REQUEST_URI is filled in
 224  if (!isset($_SERVER['REQUEST_URI']))
 225  {
 226      $_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'];
 227      if(isset($_SERVER['QUERY_STRING']))
 228      {
 229          $_SERVER['REQUEST_URI'] .= '?'.$_SERVER['QUERY_STRING'];
 230      }
 231  }
 232  
 233  #Set a umask
 234  $global_umask = get_site_preference('global_umask','');
 235  if( $global_umask != '' )
 236  {
 237    @umask( octdec($global_umask) );
 238  }
 239  
 240  if ($config['debug'] == true)
 241  {
 242    $smarty->debugging = true;
 243    $smarty->error_reporting = 'E_ALL';
 244  }
 245  
 246  #Setup content routes
 247  /* not needed
 248  if( !isset($CMS_ADMIN_PAGE) && !isset($CMS_STYLESHEET) && !isset($CMS_INSTALL_PAGE) )
 249  {
 250    debug_buffer('','Loading Routes');
 251    cmsms()->set_variable('pageinfo',new PageInfo());
 252    $contentops = cmsms()->GetContentOperations();
 253    $contentops->register_routes();
 254    debug_buffer('','End of Loading Routes');
 255  }
 256  */
 257  
 258  #Load all installed module code
 259  if (! isset($CMS_INSTALL_PAGE))
 260    {
 261      debug_buffer('','Loading Modules');
 262      $modops = cmsms()->GetModuleOperations();
 263      $modops->LoadModules(isset($LOAD_ALL_MODULES), !isset($CMS_ADMIN_PAGE));
 264      debug_buffer('', 'End of Loading Modules');
 265    }
 266  
 267  #Setup language stuff.... will auto-detect languages (Launch only to admin at this point)
 268  if(isset($CMS_ADMIN_PAGE)) 
 269      CmsNlsOperations::set_language();
 270  
 271  $CMS_LAZYLOAD_MODULES = 1; // still used ??
 272  
 273  #Do auto task stuff.
 274  if (! isset($CMS_INSTALL_PAGE))
 275    {
 276      CmsRegularTaskHandler::handle_tasks();
 277    }
 278  
 279  $smarty->assign('sitename', get_site_preference('sitename', 'CMSMS Site'));
 280  
 281  function sanitize_input_array(&$value, $key)
 282  {
 283    $value = preg_replace('/\<\/?script[^\>]*\>/i', '', $value); //the i makes it caseinsensitive
 284    $value = preg_replace('/javascript\:/i', '', $value); //the i makes it caseinsensitive
 285  }
 286  
 287  # vim:ts=4 sw=4 noet
 288  ?>

title

Description

title

Description

title

Description

title

title

Body