1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
|
<?php
/**
* @file index.php
*
* @brief The main entry point to the application.
*
* Bootstrap the application, load configuration, load modules, load theme, etc.
*/
/*
* bootstrap the application
*/
require_once('boot.php');
if(file_exists('.htsite.php'))
include('.htsite.php');
// our global App object
$a = new App;
/*
* Load the configuration file which contains our DB credentials.
* Ignore errors. If the file doesn't exist or is empty, we are running in
* installation mode.
*/
$a->install = ((file_exists('.htconfig.php') && filesize('.htconfig.php')) ? false : true);
@include('.htconfig.php');
if(! defined('UNO'))
define('UNO', 0);
$a->timezone = ((x($default_timezone)) ? $default_timezone : 'UTC');
date_default_timezone_set($a->timezone);
/*
* Try to open the database;
*/
require_once('include/dba/dba_driver.php');
if(! $a->install) {
$db = dba_factory($db_host, $db_port, $db_user, $db_pass, $db_data, $db_type, $a->install);
if(! $db->connected) {
system_unavailable();
}
unset($db_host, $db_port, $db_user, $db_pass, $db_data, $db_type);
/**
* Load configs from db. Overwrite configs from .htconfig.php
*/
load_config('config');
load_config('system');
load_config('feature');
require_once('include/session.php');
load_hooks();
call_hooks('init_1');
$a->language = get_best_language();
load_translation_table($a->language);
// Force the cookie to be secure (https only) if this site is SSL enabled. Must be done before session_start().
if(intval($a->config['system']['ssl_cookie_protection'])) {
$arr = session_get_cookie_params();
session_set_cookie_params(
((isset($arr['lifetime'])) ? $arr['lifetime'] : 0),
((isset($arr['path'])) ? $arr['path'] : '/'),
((isset($arr['domain'])) ? $arr['domain'] : $a->get_hostname()),
((isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') ? true : false),
((isset($arr['httponly'])) ? $arr['httponly'] : true));
}
}
else {
// load translations but do not check plugins as we have no database
$a->language = get_best_language();
load_translation_table($a->language,true);
}
/**
*
* Important stuff we always need to do.
*
* The order of these may be important so use caution if you think they're all
* intertwingled with no logical order and decide to sort it out. Some of the
* dependencies have changed, but at least at one time in the recent past - the
* order was critical to everything working properly
*
*/
session_start();
/**
* Language was set earlier, but we can over-ride it in the session.
* We have to do it here because the session was just now opened.
*/
if(array_key_exists('system_language',$_POST)) {
if(strlen($_POST['system_language']))
$_SESSION['language'] = $_POST['system_language'];
else
unset($_SESSION['language']);
}
if((x($_SESSION, 'language')) && ($_SESSION['language'] !== $lang)) {
$a->language = $_SESSION['language'];
load_translation_table($a->language);
}
if((x($_GET,'zid')) && (! $a->install)) {
$a->query_string = strip_zids($a->query_string);
if(! local_channel()) {
$_SESSION['my_address'] = $_GET['zid'];
zid_init($a);
}
}
if((x($_SESSION, 'authenticated')) || (x($_POST, 'auth-params')) || ($a->module === 'login'))
require('include/auth.php');
if(! x($_SESSION, 'sysmsg'))
$_SESSION['sysmsg'] = array();
if(! x($_SESSION, 'sysmsg_info'))
$_SESSION['sysmsg_info'] = array();
/*
* check_config() is responsible for running update scripts. These automatically
* update the DB schema whenever we push a new one out. It also checks to see if
* any plugins have been added or removed and reacts accordingly.
*/
if($a->install) {
/* Allow an exception for the view module so that pcss will be interpreted during installation */
if($a->module != 'view')
$a->module = 'setup';
}
else
check_config($a);
nav_set_selected('nothing');
$arr = array('app_menu' => $a->get_apps());
call_hooks('app_menu', $arr);
$a->set_apps($arr['app_menu']);
$Router = new Zotlabs\Web\Router($a);
/* initialise content region */
if(! x($a->page, 'content'))
$a->page['content'] = '';
if(! ($a->module === 'setup')) {
/* set JS cookie */
if($_COOKIE['jsAvailable'] != 1) {
$a->page['content'] .= '<script>document.cookie="jsAvailable=1; path=/"; var jsMatch = /\&JS=1/; if (!jsMatch.exec(location.href)) { location.href = location.href + "&JS=1"; }</script>';
/* emulate JS cookie if cookies are not accepted */
if ($_GET['JS'] == 1) {
$_COOKIE['jsAvailable'] = 1;
}
}
call_hooks('page_content_top', $a->page['content']);
}
$Router->Dispatch($a);
// If you're just visiting, let javascript take you home
if(x($_SESSION, 'visitor_home')) {
$homebase = $_SESSION['visitor_home'];
} elseif(local_channel()) {
$homebase = $a->get_baseurl() . '/channel/' . $a->channel['channel_address'];
}
if(isset($homebase)) {
$a->page['content'] .= '<script>var homebase = "' . $homebase . '";</script>';
}
// now that we've been through the module content, see if the page reported
// a permission problem and if so, a 403 response would seem to be in order.
if(stristr(implode("", $_SESSION['sysmsg']), t('Permission denied'))) {
header($_SERVER['SERVER_PROTOCOL'] . ' 403 ' . t('Permission denied.'));
}
call_hooks('page_end', $a->page['content']);
construct_page($a);
session_write_close();
exit;
|