[racktables] / inc / init.php

<?php
/*
*
* This file performs RackTables initialisation. After you include it
* from 1st-level page, don't forget to call fixContext(). This is done
* to allow reloading of pageno and tabno variables. pageno and tabno
* together participate in forming security context by generating
* related autotags.
*
*/

$root = (empty($_SERVER['HTTPS'])?'http':'https').
	'://'.
	(isset($_SERVER['HTTP_HOST'])?$_SERVER['HTTP_HOST']:($_SERVER['SERVER_NAME'].($_SERVER['SERVER_PORT']=='80'?'':$_SERVER['SERVER_PORT']))).
	dirname($_SERVER['PHP_SELF']);
if (substr ($root, -1) != '/')
	$root .= '/';

// This is the first thing we need to do.
require_once 'inc/config.php';

// What we need first is database and interface functions.
require_once 'inc/interface.php';
require_once 'inc/functions.php';
require_once 'inc/database.php';
if (file_exists ('inc/secret.php'))
	require_once 'inc/secret.php';
else
{
	showError
	(
		"Database connection parameters are read from inc/secret.php file, " .
		"which cannot be found.\nYou probably need to complete the installation " .
		"procedure by following <a href='${root}install.php'>this link</a>."
	);
	die;
}

// Now try to connect...
try
{
	$dbxlink = new PDO ($pdo_dsn, $db_username, $db_password);
}
catch (PDOException $e)
{
	showError ("Database connection failed:\n\n" . $e->getMessage());
	die();
}

$dbxlink->exec ("set names 'utf8'");

if (get_magic_quotes_gpc())
	foreach ($_REQUEST as $key => $value)
		if (gettype ($value) == 'string')
			$_REQUEST[$key] = stripslashes ($value);

if (!set_magic_quotes_runtime (0))
{
	showError ('Failed to turn magic quotes off');
	die;
}

// Escape any globals before we ever try to use them.
foreach ($_REQUEST as $key => $value)
	if (gettype ($value) == 'string')
		$_REQUEST[$key] = escapeString ($value);

if (isset ($_SERVER['PHP_AUTH_USER']))
	$_SERVER['PHP_AUTH_USER'] = escapeString ($_SERVER['PHP_AUTH_USER']);
if (isset ($_SERVER['PHP_AUTH_PW']))
	$_SERVER['PHP_AUTH_PW'] = escapeString ($_SERVER['PHP_AUTH_PW']);

$dbver = getDatabaseVersion();
if ($dbver != CODE_VERSION)
{
	echo '<p align=justify>This Racktables installation seems to be ' .
		'just upgraded to version ' . CODE_VERSION . ', while the '.
		'database version is ' . $dbver . '. No user will be ' .
		'either authenticated or shown any page until the upgrade is ' .
		"finished. Follow <a href='${root}upgrade.php'>this link</a> and " .
		'authenticate as administrator to finish the upgrade.</p>';
	die;
}

if (!mb_internal_encoding ('UTF-8') or !mb_regex_encoding ('UTF-8'))
{
	showError ('Failed setting multibyte string encoding to UTF-8');
	die;
}
$configCache = loadConfigCache();
if (!count ($configCache))
{
	showError ('Failed to load configuration from the database.');
	die();
}

require_once 'inc/code.php';
// Depending on the 'result' value the 'load' carries either the
// parse tree or error message.
$rackCode = getRackCode (loadScript ('RackCode'));
if ($rackCode['result'] != 'ACK')
{
	// FIXME: display a message with an option to reset RackCode text
	showError ('Could not load the RackCode due to error: ' . $rackCode['load'], __FUNCTION__);
	die;
}
$rackCode = $rackCode['load'];

// Now init authentication.

require_once 'inc/auth.php';
// Load access database once.
$accounts = getUserAccounts();
if ($accounts === NULL)
{
	showError ('Failed to initialize access database.');
	die();
}

authenticate();

// Authentication passed.
// Note that we don't perform autorization here, so each 1st level page
// has to do it in its way, e.g. to call authorize().

$remote_username = $_SERVER['PHP_AUTH_USER'];
$pageno = (isset ($_REQUEST['page'])) ? $_REQUEST['page'] : 'index';
$tabno = (isset ($_REQUEST['tab'])) ? $_REQUEST['tab'] : 'default';
$op = (isset ($_REQUEST['op'])) ? $_REQUEST['op'] : '';
// Order matters here.
$taglist = getTagList();
$tagtree = getTagTree();

require_once 'inc/navigation.php';
require_once 'inc/pagetitles.php';
require_once 'inc/ophandlers.php';
require_once 'inc/triggers.php';
require_once 'inc/gateways.php';
require_once 'inc/snmp.php';

// These will be filled in by fixContext()
$auto_tags = array();
$expl_tags = array();
$impl_tags = array();
// and this will remain constant
$user_tags = loadUserTags ($accounts[$remote_username]['user_id']);
$user_tags = array_merge ($user_tags, getImplicitTags ($user_tags), getUserAutoTags());

?>
Commit	Line	Data
b325120a	1	<?php
e673ee24 DO	2	/*
	3	*
	4	* This file performs RackTables initialisation. After you include it
da958e52	5	* from 1st-level page, don't forget to call fixContext(). This is done
e673ee24	6	* to allow reloading of pageno and tabno variables. pageno and tabno
c3a8284b DO	7	* together participate in forming security context by generating
c3a8284b DO	8	* related autotags.
e673ee24 DO	9	*
	10	*/
	11
	12	$root = (empty($_SERVER['HTTPS'])?'http':'https').
	13	'://'.
	14	(isset($_SERVER['HTTP_HOST'])?$_SERVER['HTTP_HOST']:($_SERVER['SERVER_NAME'].($_SERVER['SERVER_PORT']=='80'?'':$_SERVER['SERVER_PORT']))).
9c6e7a97 DO	15	dirname($_SERVER['PHP_SELF']);
	16	if (substr ($root, -1) != '/')
	17	$root .= '/';
e673ee24 DO	18
	19	// This is the first thing we need to do.
	20	require_once 'inc/config.php';
	21
	22	// What we need first is database and interface functions.
	23	require_once 'inc/interface.php';
	24	require_once 'inc/functions.php';
	25	require_once 'inc/database.php';
	26	if (file_exists ('inc/secret.php'))
	27	require_once 'inc/secret.php';
	28	else
	29	{
	30	showError
	31	(
	32	"Database connection parameters are read from inc/secret.php file, " .
e6093686 DO	33	"which cannot be found.\nYou probably need to complete the installation " .
e6093686 DO	34	"procedure by following <a href='${root}install.php'>this link</a>."
e673ee24 DO	35	);
	36	die;
	37	}
	38
	39	// Now try to connect...
	40	try
	41	{
	42	$dbxlink = new PDO ($pdo_dsn, $db_username, $db_password);
	43	}
	44	catch (PDOException $e)
	45	{
	46	showError ("Database connection failed:\n\n" . $e->getMessage());
	47	die();
	48	}
	49
4d55392a DO	50	$dbxlink->exec ("set names 'utf8'");
4d55392a DO	51
b8d1ab66 DO	52	if (get_magic_quotes_gpc())
b8d1ab66 DO	53	foreach ($_REQUEST as $key => $value)
f4d511df DO	54	if (gettype ($value) == 'string')
f4d511df DO	55	$_REQUEST[$key] = stripslashes ($value);
b8d1ab66 DO	56
	57	if (!set_magic_quotes_runtime (0))
	58	{
	59	showError ('Failed to turn magic quotes off');
	60	die;
	61	}
6bae5fbb	62
e673ee24 DO	63	// Escape any globals before we ever try to use them.
e673ee24 DO	64	foreach ($_REQUEST as $key => $value)
f4d511df	65	if (gettype ($value) == 'string')
b8d1ab66	66	$_REQUEST[$key] = escapeString ($value);
6bae5fbb	67
e673ee24 DO	68	if (isset ($_SERVER['PHP_AUTH_USER']))
	69	$_SERVER['PHP_AUTH_USER'] = escapeString ($_SERVER['PHP_AUTH_USER']);
	70	if (isset ($_SERVER['PHP_AUTH_PW']))
	71	$_SERVER['PHP_AUTH_PW'] = escapeString ($_SERVER['PHP_AUTH_PW']);
	72
fbbb74fb DO	73	$dbver = getDatabaseVersion();
	74	if ($dbver != CODE_VERSION)
	75	{
	76	echo '<p align=justify>This Racktables installation seems to be ' .
	77	'just upgraded to version ' . CODE_VERSION . ', while the '.
db914a6c	78	'database version is ' . $dbver . '. No user will be ' .
fbbb74fb DO	79	'either authenticated or shown any page until the upgrade is ' .
	80	"finished. Follow <a href='${root}upgrade.php'>this link</a> and " .
	81	'authenticate as administrator to finish the upgrade.</p>';
	82	die;
	83	}
	84
26131670 DO	85	if (!mb_internal_encoding ('UTF-8') or !mb_regex_encoding ('UTF-8'))
	86	{
	87	showError ('Failed setting multibyte string encoding to UTF-8');
	88	die;
	89	}
06f23fd4 DO	90	$configCache = loadConfigCache();
	91	if (!count ($configCache))
	92	{
	93	showError ('Failed to load configuration from the database.');
	94	die();
	95	}
	96
bcd37231	97	require_once 'inc/code.php';
cf25e649 DO	98	// Depending on the 'result' value the 'load' carries either the
	99	// parse tree or error message.
	100	$rackCode = getRackCode (loadScript ('RackCode'));
	101	if ($rackCode['result'] != 'ACK')
	102	{
	103	// FIXME: display a message with an option to reset RackCode text
	104	showError ('Could not load the RackCode due to error: ' . $rackCode['load'], __FUNCTION__);
	105	die;
	106	}
	107	$rackCode = $rackCode['load'];
bcd37231	108
e673ee24 DO	109	// Now init authentication.
	110
	111	require_once 'inc/auth.php';
	112	// Load access database once.
	113	$accounts = getUserAccounts();
c35e997f	114	if ($accounts === NULL)
e673ee24 DO	115	{
	116	showError ('Failed to initialize access database.');
	117	die();
	118	}
	119
	120	authenticate();
	121
	122	// Authentication passed.
	123	// Note that we don't perform autorization here, so each 1st level page
	124	// has to do it in its way, e.g. to call authorize().
	125
	126	$remote_username = $_SERVER['PHP_AUTH_USER'];
	127	$pageno = (isset ($_REQUEST['page'])) ? $_REQUEST['page'] : 'index';
	128	$tabno = (isset ($_REQUEST['tab'])) ? $_REQUEST['tab'] : 'default';
da958e52	129	$op = (isset ($_REQUEST['op'])) ? $_REQUEST['op'] : '';
20c901a7 DO	130	// Order matters here.
	131	$taglist = getTagList();
	132	$tagtree = getTagTree();
e673ee24 DO	133
	134	require_once 'inc/navigation.php';
	135	require_once 'inc/pagetitles.php';
e673ee24	136	require_once 'inc/ophandlers.php';
641fe9b0	137	require_once 'inc/triggers.php';
d33645ff	138	require_once 'inc/gateways.php';
3ec29bf4	139	require_once 'inc/snmp.php';
e673ee24	140
da958e52 DO	141	// These will be filled in by fixContext()
da958e52 DO	142	$auto_tags = array();
2fb24351 DO	143	$expl_tags = array();
2fb24351 DO	144	$impl_tags = array();
da958e52 DO	145	// and this will remain constant
	146	$user_tags = loadUserTags ($accounts[$remote_username]['user_id']);
	147	$user_tags = array_merge ($user_tags, getImplicitTags ($user_tags), getUserAutoTags());
2fb24351	148
e673ee24	149	?>