r3728 Returned a GET/POST/COOKIE part of magic_quotes trick, now
[racktables] / inc / init.php
CommitLineData
b325120a 1<?php
e673ee24
DO
2/*
3*
4* This file performs RackTables initialisation. After you include it
da958e52 5* from 1st-level page, don't forget to call fixContext(). This is done
204284ba 6* to enable override of of pageno and tabno variables. pageno and tabno
c3a8284b
DO
7* together participate in forming security context by generating
8* related autotags.
e673ee24
DO
9*
10*/
11
e673ee24 12// This is the first thing we need to do.
b135a49d 13require_once 'inc/exceptions.php';
e673ee24
DO
14require_once 'inc/config.php';
15
16// What we need first is database and interface functions.
e673ee24
DO
17require_once 'inc/functions.php';
18require_once 'inc/database.php';
2c9fde3a
DO
19// Always have default values for these options, so if a user didn't
20// care to set, something would be working anyway.
21$user_auth_src = 'database';
22$require_local_account = TRUE;
23
f77323f1
DO
24function showError ($info = '', $location = 'N/A')
25{
26 if (preg_match ('/\.php$/', $location))
27 $location = basename ($location);
28 elseif ($location != 'N/A')
29 $location = $location . '()';
30 echo "<div class=msg_error>An error has occured in [${location}]. ";
31 if (!strlen ($info))
32 echo 'No additional information is available.';
33 else
34 echo "Additional information:<br><p>\n<pre>\n${info}\n</pre></p>";
35 echo "Go back or try starting from <a href='".makeHref()."'>index page</a>.<br></div>\n";
36}
37
0cc24e9a
DY
38/*
39 * This is almost a clone of showError(). This is added to get rid of
40 * cases when script dies after showError() is shown.
41 */
42
43function showWarning ($info = '', $location = 'N/A')
44{
45 if (preg_match ('/\.php$/', $location))
46 $location = basename ($location);
47 elseif ($location != 'N/A')
48 $location = $location . '()';
49 echo "<div class=msg_error>Warning event at [${location}]. ";
50 if (!strlen ($info))
51 echo 'No additional information is available.';
52 else
53 echo "Additional information:<br><p>\n<pre>\n${info}\n</pre></p>";
54}
55
56
57
80138748
DO
58if (file_exists ('inc/secret.php'))
59 require_once 'inc/secret.php';
e673ee24
DO
60else
61{
4837a6fe 62 throw new Exception
e673ee24 63 (
80138748 64 "Database connection parameters are read from inc/secret.php file, " .
e6093686 65 "which cannot be found.\nYou probably need to complete the installation " .
4837a6fe
DO
66 "procedure by following <a href='install.php'>this link</a>.",
67 E_INTERNAL
e673ee24 68 );
e673ee24
DO
69}
70
71// Now try to connect...
72try
73{
74 $dbxlink = new PDO ($pdo_dsn, $db_username, $db_password);
75}
76catch (PDOException $e)
77{
4837a6fe 78 throw new Exception ("Database connection failed:\n\n" . $e->getMessage(), E_INTERNAL);
e673ee24 79}
e7aa0333 80$dbxlink->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
4d55392a
DO
81$dbxlink->exec ("set names 'utf8'");
82
0707fdba
DO
83// Magic quotes feature is deprecated, but just in case the local system
84// still has it activated, reverse its effect.
85if (function_exists ('get_magic_quotes_gpc') and get_magic_quotes_gpc())
86 foreach ($_REQUEST as $key => $value)
87 if (gettype ($value) == 'string')
88 $_REQUEST[$key] = stripslashes ($value);
89
f3d274bf 90// Escape any globals before we ever try to use them, but keep a copy of originals.
f8874cdb 91$sic = array();
e673ee24 92foreach ($_REQUEST as $key => $value)
f8874cdb
DO
93{
94 $sic[$key] = dos2unix ($value);
f4d511df 95 if (gettype ($value) == 'string')
f8874cdb
DO
96 $_REQUEST[$key] = escapeString (dos2unix ($value));
97}
6bae5fbb 98
e673ee24
DO
99if (isset ($_SERVER['PHP_AUTH_USER']))
100 $_SERVER['PHP_AUTH_USER'] = escapeString ($_SERVER['PHP_AUTH_USER']);
dc9ea133
DO
101if (isset ($_SERVER['REMOTE_USER']))
102 $_SERVER['REMOTE_USER'] = escapeString ($_SERVER['REMOTE_USER']);
e673ee24 103
fbbb74fb
DO
104$dbver = getDatabaseVersion();
105if ($dbver != CODE_VERSION)
106{
107 echo '<p align=justify>This Racktables installation seems to be ' .
108 'just upgraded to version ' . CODE_VERSION . ', while the '.
db914a6c 109 'database version is ' . $dbver . '. No user will be ' .
fbbb74fb 110 'either authenticated or shown any page until the upgrade is ' .
790a60e8 111 "finished. Follow <a href='upgrade.php'>this link</a> and " .
fbbb74fb 112 'authenticate as administrator to finish the upgrade.</p>';
7ab82114 113 exit (1);
fbbb74fb
DO
114}
115
26131670 116if (!mb_internal_encoding ('UTF-8') or !mb_regex_encoding ('UTF-8'))
4837a6fe 117 throw new Exception ('Failed setting multibyte string encoding to UTF-8', E_INTERNAL);
3540d15c
DY
118
119loadConfigDefaults();
06f23fd4 120
204284ba 121require_once 'inc/code.php'; // for getRackCode()
4a6a28f1 122$rackCodeCache = loadScript ('RackCodeCache');
59a83bd8 123if ($rackCodeCache == NULL or !strlen ($rackCodeCache))
4a6a28f1 124{
4a6a28f1 125 $rackCode = getRackCode (loadScript ('RackCode'));
4a6a28f1
DO
126 saveScript ('RackCodeCache', base64_encode (serialize ($rackCode)));
127}
128else
129{
4a6a28f1 130 $rackCode = unserialize (base64_decode ($rackCodeCache));
4a6a28f1
DO
131 if ($rackCode === FALSE) // invalid cache
132 {
133 saveScript ('RackCodeCache', '');
4a6a28f1 134 $rackCode = getRackCode (loadScript ('RackCode'));
4a6a28f1
DO
135 }
136}
137
cf25e649
DO
138// Depending on the 'result' value the 'load' carries either the
139// parse tree or error message.
cf25e649 140if ($rackCode['result'] != 'ACK')
4837a6fe 141 throw new Exception ($rackCode['load'], E_BAD_RACKCODE);
cf25e649 142$rackCode = $rackCode['load'];
7ddbcf59
DO
143// Only call buildPredicateTable() once and save the result, because it will remain
144// constant during one execution for constraints processing.
145$pTable = buildPredicateTable ($rackCode);
146// Constraints parse trees aren't cached in the database, so the least to keep
147// things running is to maintain application cache for them.
148$parseCache = array();
7cfc98b1 149$entityCache = array();
5fd2a004
DO
150// used by getExplicitTagsOnly()
151$tagRelCache = array();
7cfc98b1 152
573214e0
DO
153$taglist = getTagList();
154$tagtree = treeFromList ($taglist);
155sortTree ($tagtree, 'taginfoCmp');
156
e673ee24 157require_once 'inc/auth.php';
d5262485 158$auto_tags = array();
b82cce3f
DO
159// Initial chain for the current user.
160$user_given_tags = array();
e673ee24 161
f15eb3dd
DO
162// This also can be modified in local.php.
163$pageheaders = array
164(
eea3ca5e
RF
165 100 => "<link rel='STYLESHEET' type='text/css' href='css/pi.css' />",
166 101 => "<link rel='STYLESHEET' type='text/css' href='css/dhtmlxcombo.css' />",
167 102 => "<link rel='ICON' type='image/x-icon' href='pix/racktables.ico' />",
168 200 => "<script language='javascript' type='text/javascript' src='js/racktables.js'></script>",
169 201 => "<script language='javascript' type='text/javascript' src='js/jquery-1.3.1.min.js'></script>",
170 202 => "<script language='javascript' type='text/javascript' src='js/live_validation.js'></script>",
171 203 => "<script language='javascript' type='text/javascript' src='js/codepress/codepress.js'></script>",
172 204 => "<script language='javascript' type='text/javascript' src='js/dhtmlxcommon.js'></script>",
173 205 => "<script language='javascript' type='text/javascript' src='js/dhtmlxcombo.js'></script>",
2e3027b0
RF
174 206 => "<script language='javascript' type='text/javascript' src='js/dhtmlxcombo_whp.js'></script>",
175 207 => "<script language='javascript'>window.dhx_globalImgPath='pix/'</script>",
eea3ca5e 176
f15eb3dd
DO
177);
178
deb18b61 179if (!isset ($script_mode) or $script_mode !== TRUE)
b82cce3f 180{
39b0408a
DO
181 // A successful call to authenticate() always generates autotags and somethimes
182 // even given/implicit tags. It also sets remote_username and remote_displayname.
183 authenticate();
b82cce3f
DO
184 // Authentication passed.
185 // Note that we don't perform autorization here, so each 1st level page
186 // has to do it in its way, e.g. by calling authorize() after fixContext().
deb18b61 187 session_start();
b82cce3f 188}
39b0408a
DO
189else
190{
191 // Some functions require remote_username to be set to something to act correctly,
192 // even though they don't use the value itself.
193 $admin_account = spotEntity ('user', 1);
194 $remote_username = $admin_account['user_name'];
195 unset ($admin_account);
196}
3540d15c
DY
197
198alterConfigWithUserPreferences();
199
69c6e510
DY
200require_once 'inc/navigation.php';
201require_once 'inc/triggers.php';
167cff93 202
050b68b5 203
067d799f 204$op = '';
d33645ff 205require_once 'inc/gateways.php';
80138748
DO
206if (file_exists ('inc/local.php'))
207 require_once 'inc/local.php';
e673ee24 208
4c9b513a 209// These will be filled in by fixContext()
2fb24351
DO
210$expl_tags = array();
211$impl_tags = array();
4c9b513a
DO
212// Initial chain for the current target.
213$target_given_tags = array();
2fb24351 214
e673ee24 215?>