r2471 Fixed a hack introduced in changeset#2468
[racktables] / inc / init.php
CommitLineData
b325120a 1<?php
e673ee24
DO
2/*
3*
4* This file performs RackTables initialisation. After you include it
da958e52 5* from 1st-level page, don't forget to call fixContext(). This is done
204284ba 6* to enable override of of pageno and tabno variables. pageno and tabno
c3a8284b
DO
7* together participate in forming security context by generating
8* related autotags.
e673ee24
DO
9*
10*/
11
12$root = (empty($_SERVER['HTTPS'])?'http':'https').
13 '://'.
14 (isset($_SERVER['HTTP_HOST'])?$_SERVER['HTTP_HOST']:($_SERVER['SERVER_NAME'].($_SERVER['SERVER_PORT']=='80'?'':$_SERVER['SERVER_PORT']))).
9c6e7a97
DO
15 dirname($_SERVER['PHP_SELF']);
16if (substr ($root, -1) != '/')
17 $root .= '/';
e673ee24
DO
18
19// This is the first thing we need to do.
20require_once 'inc/config.php';
21
22// What we need first is database and interface functions.
23require_once 'inc/interface.php';
24require_once 'inc/functions.php';
25require_once 'inc/database.php';
26if (file_exists ('inc/secret.php'))
27 require_once 'inc/secret.php';
28else
29{
30 showError
31 (
32 "Database connection parameters are read from inc/secret.php file, " .
e6093686 33 "which cannot be found.\nYou probably need to complete the installation " .
b0348307
DO
34 "procedure by following <a href='${root}install.php'>this link</a>.",
35 __FILE__
e673ee24 36 );
7ab82114 37 exit (1);
e673ee24
DO
38}
39
40// Now try to connect...
41try
42{
43 $dbxlink = new PDO ($pdo_dsn, $db_username, $db_password);
44}
45catch (PDOException $e)
46{
b0348307 47 showError ("Database connection failed:\n\n" . $e->getMessage(), __FILE__);
7ab82114 48 exit (1);
e673ee24
DO
49}
50
4d55392a
DO
51$dbxlink->exec ("set names 'utf8'");
52
b8d1ab66
DO
53if (get_magic_quotes_gpc())
54 foreach ($_REQUEST as $key => $value)
f4d511df
DO
55 if (gettype ($value) == 'string')
56 $_REQUEST[$key] = stripslashes ($value);
b8d1ab66
DO
57
58if (!set_magic_quotes_runtime (0))
59{
b0348307 60 showError ('Failed to turn magic quotes off', __FILE__);
7ab82114 61 exit (1);
b8d1ab66 62}
6bae5fbb 63
e673ee24
DO
64// Escape any globals before we ever try to use them.
65foreach ($_REQUEST as $key => $value)
f4d511df 66 if (gettype ($value) == 'string')
b8d1ab66 67 $_REQUEST[$key] = escapeString ($value);
6bae5fbb 68
e673ee24
DO
69if (isset ($_SERVER['PHP_AUTH_USER']))
70 $_SERVER['PHP_AUTH_USER'] = escapeString ($_SERVER['PHP_AUTH_USER']);
dc9ea133
DO
71if (isset ($_SERVER['REMOTE_USER']))
72 $_SERVER['REMOTE_USER'] = escapeString ($_SERVER['REMOTE_USER']);
e673ee24 73
fbbb74fb
DO
74$dbver = getDatabaseVersion();
75if ($dbver != CODE_VERSION)
76{
77 echo '<p align=justify>This Racktables installation seems to be ' .
78 'just upgraded to version ' . CODE_VERSION . ', while the '.
db914a6c 79 'database version is ' . $dbver . '. No user will be ' .
fbbb74fb
DO
80 'either authenticated or shown any page until the upgrade is ' .
81 "finished. Follow <a href='${root}upgrade.php'>this link</a> and " .
82 'authenticate as administrator to finish the upgrade.</p>';
7ab82114 83 exit (1);
fbbb74fb
DO
84}
85
26131670
DO
86if (!mb_internal_encoding ('UTF-8') or !mb_regex_encoding ('UTF-8'))
87{
b0348307 88 showError ('Failed setting multibyte string encoding to UTF-8', __FILE__);
7ab82114 89 exit (1);
26131670 90}
06f23fd4
DO
91$configCache = loadConfigCache();
92if (!count ($configCache))
93{
b0348307 94 showError ('Failed to load configuration from the database.', __FILE__);
7ab82114 95 exit (1);
06f23fd4
DO
96}
97
204284ba 98require_once 'inc/code.php'; // for getRackCode()
4a6a28f1
DO
99$rackCodeCache = loadScript ('RackCodeCache');
100if ($rackCodeCache == NULL or empty ($rackCodeCache))
101{
4a6a28f1 102 $rackCode = getRackCode (loadScript ('RackCode'));
4a6a28f1
DO
103 saveScript ('RackCodeCache', base64_encode (serialize ($rackCode)));
104}
105else
106{
4a6a28f1 107 $rackCode = unserialize (base64_decode ($rackCodeCache));
4a6a28f1
DO
108 if ($rackCode === FALSE) // invalid cache
109 {
110 saveScript ('RackCodeCache', '');
4a6a28f1 111 $rackCode = getRackCode (loadScript ('RackCode'));
4a6a28f1
DO
112 }
113}
114
cf25e649
DO
115// Depending on the 'result' value the 'load' carries either the
116// parse tree or error message.
cf25e649
DO
117if ($rackCode['result'] != 'ACK')
118{
119 // FIXME: display a message with an option to reset RackCode text
b0348307 120 showError ('Could not load the RackCode due to error: ' . $rackCode['load'], __FILE__);
7ab82114 121 exit (1);
cf25e649
DO
122}
123$rackCode = $rackCode['load'];
bcd37231 124
e673ee24 125require_once 'inc/auth.php';
d5262485 126$auto_tags = array();
4c9b513a 127authenticate(); // sometimes this generates autotags, but never --- given tags
e673ee24
DO
128// Authentication passed.
129// Note that we don't perform autorization here, so each 1st level page
4c9b513a 130// has to do it in its way, e.g. by calling authorize() after fixContext().
e673ee24 131
deb18b61
DY
132if (!isset ($script_mode) or $script_mode !== TRUE)
133 session_start();
83555c04
DY
134
135
e673ee24 136$pageno = (isset ($_REQUEST['page'])) ? $_REQUEST['page'] : 'index';
b0348307
DO
137// Special handling of tab number to substitute the "last" index where applicable.
138// Always show explicitly requested tab, substitute the last used name in case
139// it is awailable, fall back to the default one.
da111736 140
b0348307
DO
141if (isset ($_REQUEST['tab']))
142 $tabno = $_REQUEST['tab'];
da111736 143elseif (basename($_SERVER['PHP_SELF']) == 'index.php' and getConfigVar ('SHOW_LAST_TAB') == 'yes' and isset ($_SESSION['RTLT'][$pageno]))
050b68b5 144{
3b34b607 145 $tabno = $_SESSION['RTLT'][$pageno];
050b68b5
DY
146 $url = "${root}?page=$pageno&tab=$tabno";
147 foreach ($_GET as $name=>$value)
148 {
149 if ($name == 'page' or $name == 'tab') continue;
150 $url .= '&'.urlencode($name).'='.urlencode($value);
151 }
152 header('Location: '.$url);
153 exit();
154}
b0348307
DO
155else
156 $tabno = 'default';
050b68b5
DY
157
158
159
da958e52 160$op = (isset ($_REQUEST['op'])) ? $_REQUEST['op'] : '';
b0348307 161
20c901a7 162$taglist = getTagList();
51b6651a 163$tagtree = treeFromList ($taglist);
1327d9dd 164sortTree ($tagtree, 'taginfoCmp');
e673ee24
DO
165
166require_once 'inc/navigation.php';
167require_once 'inc/pagetitles.php';
e673ee24 168require_once 'inc/ophandlers.php';
641fe9b0 169require_once 'inc/triggers.php';
d33645ff 170require_once 'inc/gateways.php';
3ec29bf4 171require_once 'inc/snmp.php';
e77d763c
DO
172if (file_exists ('inc/local.php'))
173 require_once 'inc/local.php';
e673ee24 174
4c9b513a 175// These will be filled in by fixContext()
2fb24351
DO
176$expl_tags = array();
177$impl_tags = array();
4c9b513a
DO
178// Initial chain for the current target.
179$target_given_tags = array();
180// Initial chain for the current user.
181$user_given_tags = array();
7ddb2c05 182if (!isset ($script_mode) or $script_mode !== TRUE)
153056f9 183{
7ddb2c05 184 $auto_tags = array_merge ($auto_tags, getUserAutoTags());
d6d79c36 185 if (isset ($accounts[$remote_username]))
4c9b513a 186 $user_given_tags = loadUserTags ($accounts[$remote_username]['user_id']);
153056f9 187}
2fb24351 188
e673ee24 189?>