[ Index ]

PHP Cross Reference of phpBB-3.2.0-deutsch

title

Body

[close]

/includes/ -> startup.php (source)

   1  <?php
   2  /**
   3  *
   4  * This file is part of the phpBB Forum Software package.
   5  *
   6  * @copyright (c) phpBB Limited <https://www.phpbb.com>
   7  * @license GNU General Public License, version 2 (GPL-2.0)
   8  *
   9  * For full copyright and license information, please see
  10  * the docs/CREDITS.txt file.
  11  *
  12  */
  13  
  14  /**
  15  */
  16  if (!defined('IN_PHPBB'))
  17  {
  18      exit;
  19  }
  20  
  21  // Report all errors, except notices and deprecation messages
  22  $level = E_ALL & ~E_NOTICE & ~E_DEPRECATED;
  23  error_reporting($level);
  24  
  25  /*
  26  * Remove variables created by register_globals from the global scope
  27  * Thanks to Matt Kavanagh
  28  */
  29  function deregister_globals()
  30  {
  31      $not_unset = array(
  32          'GLOBALS'    => true,
  33          '_GET'        => true,
  34          '_POST'        => true,
  35          '_COOKIE'    => true,
  36          '_REQUEST'    => true,
  37          '_SERVER'    => true,
  38          '_SESSION'    => true,
  39          '_ENV'        => true,
  40          '_FILES'    => true,
  41          'phpEx'        => true,
  42          'phpbb_root_path'    => true
  43      );
  44  
  45      // Not only will array_merge and array_keys give a warning if
  46      // a parameter is not an array, array_merge will actually fail.
  47      // So we check if _SESSION has been initialised.
  48      if (!isset($_SESSION) || !is_array($_SESSION))
  49      {
  50          $_SESSION = array();
  51      }
  52  
  53      // Merge all into one extremely huge array; unset this later
  54      $input = array_merge(
  55          array_keys($_GET),
  56          array_keys($_POST),
  57          array_keys($_COOKIE),
  58          array_keys($_SERVER),
  59          array_keys($_SESSION),
  60          array_keys($_ENV),
  61          array_keys($_FILES)
  62      );
  63  
  64      foreach ($input as $varname)
  65      {
  66          if (isset($not_unset[$varname]))
  67          {
  68              // Hacking attempt. No point in continuing.
  69              if (isset($_COOKIE[$varname]))
  70              {
  71                  echo "Clear your cookies. ";
  72              }
  73              echo "Malicious variable name detected. Contact the administrator and ask them to disable register_globals.";
  74              exit;
  75          }
  76  
  77          unset($GLOBALS[$varname]);
  78      }
  79  
  80      unset($input);
  81  }
  82  
  83  // Register globals and magic quotes have been dropped in PHP 5.4
  84  if (version_compare(PHP_VERSION, '5.4.0-dev', '>='))
  85  {
  86      /**
  87      * @ignore
  88      */
  89      define('STRIP', false);
  90  }
  91  else
  92  {
  93      if (get_magic_quotes_runtime())
  94      {
  95          // Deactivate
  96          @set_magic_quotes_runtime(0);
  97      }
  98  
  99      // Be paranoid with passed vars
 100      if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on' || !function_exists('ini_get'))
 101      {
 102          deregister_globals();
 103      }
 104  
 105      define('STRIP', (get_magic_quotes_gpc()) ? true : false);
 106  }
 107  
 108  // In PHP 5.3.0 the error level has been raised to E_WARNING which causes problems
 109  // because we show E_WARNING errors and do not set a default timezone.
 110  // This is because we have our own timezone handling and work in UTC only anyway.
 111  
 112  // So what we basically want to do is set our timezone to UTC,
 113  // but we don't know what other scripts (such as bridges) are involved,
 114  // so we check whether a timezone is already set by calling date_default_timezone_get().
 115  
 116  // Unfortunately, date_default_timezone_get() itself might throw E_WARNING
 117  // if no timezone has been set, so we have to keep it quiet with @.
 118  
 119  // date_default_timezone_get() tries to guess the correct timezone first
 120  // and then falls back to UTC when everything fails.
 121  // We just set the timezone to whatever date_default_timezone_get() returns.
 122  date_default_timezone_set(@date_default_timezone_get());
 123  
 124  // Autoloading of dependencies.
 125  // Three options are supported:
 126  // 1. If dependencies are installed with Composer, Composer will create a
 127  //    vendor/autoload.php. If this file exists it will be
 128  //    automatically used by phpBB. This is the default mode that phpBB
 129  //    will use when shipped.
 130  // 2. To disable composer autoloading, PHPBB_NO_COMPOSER_AUTOLOAD can be specified.
 131  //       Additionally specify PHPBB_AUTOLOAD=/path/to/autoload.php in the
 132  //    environment. This is useful for running CLI scripts and tests.
 133  //    /path/to/autoload.php should define and register class loaders
 134  //    for all of phpBB's dependencies.
 135  // 3. You can also set PHPBB_NO_COMPOSER_AUTOLOAD without setting PHPBB_AUTOLOAD.
 136  //    In this case autoloading needs to be defined before running any phpBB
 137  //    script. This might be useful in cases when phpBB is integrated into a
 138  //    larger program.
 139  if (getenv('PHPBB_NO_COMPOSER_AUTOLOAD'))
 140  {
 141      if (getenv('PHPBB_AUTOLOAD'))
 142      {
 143          require(getenv('PHPBB_AUTOLOAD'));
 144      }
 145  }
 146  else
 147  {
 148      if (!file_exists($phpbb_root_path . 'vendor/autoload.php'))
 149      {
 150          trigger_error(
 151              'Composer dependencies have not been set up yet, run ' .
 152              "'php ../composer.phar install' from the phpBB directory to do so.",
 153              E_USER_ERROR
 154          );
 155      }
 156      require ($phpbb_root_path . 'vendor/autoload.php');
 157  }
 158  
 159  $starttime = microtime(true);


Generated: Sun Feb 19 19:47:08 2017 Cross-referenced by PHPXref 0.7.1