r1643 + "still" isn't always the right expression
[racktables] / inc / init.php
1 <?php
2 /*
3 *
4 * This file performs RackTables initialisation. After you include it
5 * from 1st-level page, don't forget to call authorize(). This is done
6 * to allow reloading of pageno and tabno variables. pageno and tabno
7 * together form security context.
8 *
9 */
10
11 $root = (empty($_SERVER['HTTPS'])?'http':'https').
12 '://'.
13 (isset($_SERVER['HTTP_HOST'])?$_SERVER['HTTP_HOST']:($_SERVER['SERVER_NAME'].($_SERVER['SERVER_PORT']=='80'?'':$_SERVER['SERVER_PORT']))).
14 dirname($_SERVER['PHP_SELF']);
15 if (substr ($root, -1) != '/')
16 $root .= '/';
17
18 // This is the first thing we need to do.
19 require_once 'inc/config.php';
20
21 // What we need first is database and interface functions.
22 require_once 'inc/interface.php';
23 require_once 'inc/functions.php';
24 require_once 'inc/database.php';
25 if (file_exists ('inc/secret.php'))
26 require_once 'inc/secret.php';
27 else
28 {
29 showError
30 (
31 "Database connection parameters are read from inc/secret.php file, " .
32 "which cannot be found.\nYou probably need to complete the installation " .
33 "procedure by following <a href='${root}install.php'>this link</a>."
34 );
35 die;
36 }
37
38 // Now try to connect...
39 try
40 {
41 $dbxlink = new PDO ($pdo_dsn, $db_username, $db_password);
42 }
43 catch (PDOException $e)
44 {
45 showError ("Database connection failed:\n\n" . $e->getMessage());
46 die();
47 }
48
49 if (get_magic_quotes_gpc())
50 foreach ($_REQUEST as $key => $value)
51 $_REQUEST[$key] = stripslashes ($value);
52
53 if (!set_magic_quotes_runtime (0))
54 {
55 showError ('Failed to turn magic quotes off');
56 die;
57 }
58
59 // Escape any globals before we ever try to use them.
60 foreach ($_REQUEST as $key => $value)
61 {
62 if (gettype ($value) != 'string')
63 continue;
64 $_REQUEST[$key] = escapeString ($value);
65 }
66
67 if (isset ($_SERVER['PHP_AUTH_USER']))
68 $_SERVER['PHP_AUTH_USER'] = escapeString ($_SERVER['PHP_AUTH_USER']);
69 if (isset ($_SERVER['PHP_AUTH_PW']))
70 $_SERVER['PHP_AUTH_PW'] = escapeString ($_SERVER['PHP_AUTH_PW']);
71
72 $dbver = getDatabaseVersion();
73 if ($dbver != CODE_VERSION)
74 {
75 echo '<p align=justify>This Racktables installation seems to be ' .
76 'just upgraded to version ' . CODE_VERSION . ', while the '.
77 'database version is ' . $dbver . '. No user will be ' .
78 'either authenticated or shown any page until the upgrade is ' .
79 "finished. Follow <a href='${root}upgrade.php'>this link</a> and " .
80 'authenticate as administrator to finish the upgrade.</p>';
81 die;
82 }
83
84 $configCache = loadConfigCache();
85 if (!count ($configCache))
86 {
87 showError ('Failed to load configuration from the database.');
88 die();
89 }
90
91 // Now init authentication.
92
93 require_once 'inc/auth.php';
94 // Load access database once.
95 $accounts = getUserAccounts();
96 $perms = getUserPermissions();
97 if ($accounts === NULL or $perms === NULL)
98 {
99 showError ('Failed to initialize access database.');
100 die();
101 }
102
103 authenticate();
104
105 // Authentication passed.
106 // Note that we don't perform autorization here, so each 1st level page
107 // has to do it in its way, e.g. to call authorize().
108
109
110
111 $remote_username = $_SERVER['PHP_AUTH_USER'];
112 $pageno = (isset ($_REQUEST['page'])) ? $_REQUEST['page'] : 'index';
113 $tabno = (isset ($_REQUEST['tab'])) ? $_REQUEST['tab'] : 'default';
114
115 require_once 'inc/navigation.php';
116 require_once 'inc/pagetitles.php';
117 require_once 'inc/pagehandlers.php';
118 require_once 'inc/ophandlers.php';
119 require_once 'inc/triggers.php';
120 require_once 'inc/gateways.php';
121 require_once 'inc/help.php';
122
123 ?>