*/
use Friendica\App;
-use Friendica\BaseObject;
use Friendica\Content\Nav;
use Friendica\Core\Addon;
use Friendica\Core\Config;
use Friendica\Core\System;
use Friendica\Core\Theme;
use Friendica\Core\Worker;
-use Friendica\Database\DBM;
+use Friendica\Database\DBA;
use Friendica\Model\Profile;
use Friendica\Module\Login;
require_once 'boot.php';
$a = new App(__DIR__);
-BaseObject::setApp($a);
// We assume that the index.php is called by a frontend process
// The value is set to "true" by default in boot.php
$a->backend = false;
-/**
- * Load the configuration file which contains our DB credentials.
- * Ignore errors. If the file doesn't exist or is empty, we are running in
- * installation mode.
- */
-
-$install = ((file_exists('config/.htconfig.php') && filesize('config/.htconfig.php')) ? false : true);
-
-// Only load config if found, don't surpress errors
-if (!$install) {
- include "config/.htconfig.php";
-}
-
/**
* Try to open the database;
*/
require_once "include/dba.php";
-if (!$install) {
- $result = dba::connect($db_host, $db_user, $db_pass, $db_data);
- unset($db_host, $db_user, $db_pass, $db_data);
-
- if (!$result) {
- System::unavailable();
- }
-
- /**
- * Load configs from db. Overwrite configs from .htconfig.php
- */
+// Missing DB connection: ERROR
+if ($a->mode & App::MODE_LOCALCONFIGPRESENT && !($a->mode & App::MODE_DBAVAILABLE)) {
+ System::httpExit(500, ['title' => 'Error 500 - Internal Server Error', 'description' => 'Apologies but the website is unavailable at the moment.']);
+}
- Config::load();
+// Max Load Average reached: ERROR
+if ($a->isMaxProcessesReached() || $a->isMaxLoadReached()) {
+ header('Retry-After: 120');
+ header('Refresh: 120; url=' . System::baseUrl() . "/" . $a->query_string);
- if ($a->max_processes_reached() || $a->maxload_reached()) {
- header($_SERVER["SERVER_PROTOCOL"] . ' 503 Service Temporarily Unavailable');
- header('Retry-After: 120');
- header('Refresh: 120; url=' . System::baseUrl() . "/" . $a->query_string);
- die("System is currently unavailable. Please try again later");
- }
+ System::httpExit(503, ['title' => 'Error 503 - Service Temporarily Unavailable', 'description' => 'System is currently overloaded. Please try again later.']);
+}
+if (!$a->isInstallMode()) {
if (Config::get('system', 'force_ssl') && ($a->get_scheme() == "http")
&& (intval(Config::get('system', 'ssl_policy')) == SSL_POLICY_FULL)
&& (substr(System::baseUrl(), 0, 8) == "https://")
Session::init();
Addon::loadHooks();
Addon::callHooks('init_1');
-
- $maintenance = Config::get('system', 'maintenance');
}
$lang = L10n::getBrowserLanguage();
* Language was set earlier, but we can over-ride it in the session.
* We have to do it here because the session was just now opened.
*/
-if (x($_SESSION, 'authenticated') && !x($_SESSION, 'language')) {
- // we haven't loaded user data yet, but we need user language
- $user = dba::selectFirst('user', ['language'], ['uid' => $_SESSION['uid']]);
+if (!empty($_SESSION['authenticated']) && empty($_SESSION['language'])) {
$_SESSION['language'] = $lang;
- if (DBM::is_result($user)) {
- $_SESSION['language'] = $user['language'];
+ // we haven't loaded user data yet, but we need user language
+ if (!empty($_SESSION['uid'])) {
+ $user = DBA::selectFirst('user', ['language'], ['uid' => $_SESSION['uid']]);
+ if (DBA::isResult($user)) {
+ $_SESSION['language'] = $user['language'];
+ }
}
}
-if ((x($_SESSION, 'language')) && ($_SESSION['language'] !== $lang)) {
+if (!empty($_SESSION['language']) && $_SESSION['language'] !== $lang) {
$lang = $_SESSION['language'];
L10n::loadTranslationTable($lang);
}
-if ((x($_GET, 'zrl')) && (!$install && !$maintenance)) {
- // Only continue when the given profile link seems valid
- // Valid profile links contain a path with "/profile/" and no query parameters
- if ((parse_url($_GET['zrl'], PHP_URL_QUERY) == "")
- && strstr(parse_url($_GET['zrl'], PHP_URL_PATH), "/profile/")
- ) {
- $_SESSION['my_url'] = $_GET['zrl'];
- $a->query_string = preg_replace('/[\?&]zrl=(.*?)([\?&]|$)/is', '', $a->query_string);
- Profile::zrlInit($a);
- } else {
- // Someone came with an invalid parameter, maybe as a DDoS attempt
- // We simply stop processing here
- logger("Invalid ZRL parameter ".$_GET['zrl'], LOGGER_DEBUG);
- header('HTTP/1.1 403 Forbidden');
- echo "<h1>403 Forbidden</h1>";
- killme();
+if (!empty($_GET['zrl']) && $a->mode == App::MODE_NORMAL) {
+ $a->query_string = Profile::stripZrls($a->query_string);
+ if (!local_user()) {
+ // Only continue when the given profile link seems valid
+ // Valid profile links contain a path with "/profile/" and no query parameters
+ if ((parse_url($_GET['zrl'], PHP_URL_QUERY) == "") &&
+ strstr(parse_url($_GET['zrl'], PHP_URL_PATH), "/profile/")) {
+ if (defaults($_SESSION, "visitor_home", "") != $_GET["zrl"]) {
+ $_SESSION['my_url'] = $_GET['zrl'];
+ $_SESSION['authenticated'] = 0;
+ }
+ Profile::zrlInit($a);
+ } else {
+ // Someone came with an invalid parameter, maybe as a DDoS attempt
+ // We simply stop processing here
+ logger("Invalid ZRL parameter " . $_GET['zrl'], LOGGER_DEBUG);
+ header('HTTP/1.1 403 Forbidden');
+ echo "<h1>403 Forbidden</h1>";
+ exit();
+ }
}
}
+if (!empty($_GET['owt']) && $a->mode == App::MODE_NORMAL) {
+ $token = $_GET['owt'];
+ $a->query_string = Profile::stripQueryParam($a->query_string, 'owt');
+ Profile::openWebAuthInit($token);
+}
+
/**
* For Mozilla auth manager - still needs sorting, and this might conflict with LRDD header.
* Apache/PHP lumps the Link: headers into one - and other services might not be able to parse it
Login::sessionAuth();
-if (! x($_SESSION, 'authenticated')) {
+if (empty($_SESSION['authenticated'])) {
header('X-Account-Management-Status: none');
}
-/* set up page['htmlhead'] and page['end'] for the modules to use */
-$a->page['htmlhead'] = '';
-$a->page['end'] = '';
-
$_SESSION['sysmsg'] = defaults($_SESSION, 'sysmsg' , []);
$_SESSION['sysmsg_info'] = defaults($_SESSION, 'sysmsg_info' , []);
$_SESSION['last_updated'] = defaults($_SESSION, 'last_updated', []);
// in install mode, any url loads install module
// but we need "view" module for stylesheet
-if ($install && $a->module!="view") {
+if ($a->isInstallMode() && $a->module!="view") {
$a->module = 'install';
-} elseif ($maintenance && $a->module!="view") {
+} elseif (!($a->mode & App::MODE_MAINTENANCEDISABLED) && $a->module != "view") {
$a->module = 'maintenance';
} else {
check_url($a);
check_db(false);
- check_addons($a);
+ Addon::check();
}
Nav::setSelected('nothing');
if (! $a->module_loaded) {
// Stupid browser tried to pre-fetch our Javascript img template. Don't log the event or return anything - just quietly exit.
- if ((x($_SERVER, 'QUERY_STRING')) && preg_match('/{[0-9]}/', $_SERVER['QUERY_STRING']) !== 0) {
+ if (!empty($_SERVER['QUERY_STRING']) && preg_match('/{[0-9]}/', $_SERVER['QUERY_STRING']) !== 0) {
killme();
}
- if ((x($_SERVER, 'QUERY_STRING')) && ($_SERVER['QUERY_STRING'] === 'q=internal_error.html') && isset($dreamhost_error_hack)) {
+ if (!empty($_SERVER['QUERY_STRING']) && ($_SERVER['QUERY_STRING'] === 'q=internal_error.html') && isset($dreamhost_error_hack)) {
logger('index.php: dreamhost_error_hack invoked. Original URI =' . $_SERVER['REQUEST_URI']);
goaway(System::baseUrl() . $_SERVER['REQUEST_URI']);
}
logger('index.php: page not found: ' . $_SERVER['REQUEST_URI'] . ' ADDRESS: ' . $_SERVER['REMOTE_ADDR'] . ' QUERY: ' . $_SERVER['QUERY_STRING'], LOGGER_DEBUG);
header($_SERVER["SERVER_PROTOCOL"] . ' 404 ' . L10n::t('Not Found'));
$tpl = get_markup_template("404.tpl");
- $a->page['content'] = replace_macros(
- $tpl,
- [
- '$message' => L10n::t('Page not found.')]
- );
+ $a->page['content'] = replace_macros($tpl, [
+ '$message' => L10n::t('Page not found.')
+ ]);
}
}
/**
* Load current theme info
*/
-$theme_info_file = "view/theme/".current_theme()."/theme.php";
+$theme_info_file = 'view/theme/' . $a->getCurrentTheme() . '/theme.php';
if (file_exists($theme_info_file)) {
require_once $theme_info_file;
}
/* initialise content region */
-if (! x($a->page, 'content')) {
- $a->page['content'] = '';
-}
-
-if (!$install && !$maintenance) {
+if ($a->mode == App::MODE_NORMAL) {
Addon::callHooks('page_content_top', $a->page['content']);
}
$a->page['page_title'] = $a->module;
$placeholder = '';
+ Addon::callHooks($a->module . '_mod_init', $placeholder);
+
if ($a->module_class) {
- Addon::callHooks($a->module . '_mod_init', $placeholder);
call_user_func([$a->module_class, 'init']);
} else if (function_exists($a->module . '_init')) {
- Addon::callHooks($a->module . '_mod_init', $placeholder);
$func = $a->module . '_init';
$func($a);
}
- if (function_exists(str_replace('-', '_', current_theme()) . '_init')) {
- $func = str_replace('-', '_', current_theme()) . '_init';
+ // "rawContent" is especially meant for technical endpoints.
+ // This endpoint doesn't need any theme initialization or other comparable stuff.
+ if (!$a->error && $a->module_class) {
+ call_user_func([$a->module_class, 'rawContent']);
+ }
+
+ if (function_exists(str_replace('-', '_', $a->getCurrentTheme()) . '_init')) {
+ $func = str_replace('-', '_', $a->getCurrentTheme()) . '_init';
$func($a);
}
$a->page['content'] .= $arr['content'];
}
- if (function_exists(str_replace('-', '_', current_theme()) . '_content_loaded')) {
- $func = str_replace('-', '_', current_theme()) . '_content_loaded';
+ if (function_exists(str_replace('-', '_', $a->getCurrentTheme()) . '_content_loaded')) {
+ $func = str_replace('-', '_', $a->getCurrentTheme()) . '_content_loaded';
$func($a);
}
}
* theme choices made by the modules can take effect.
*/
-$a->init_pagehead();
+$a->initHead();
/*
* Build the page ending -- this is stuff that goes right before
* the closing </body> tag
*/
-$a->init_page_end();
-
-// If you're just visiting, let javascript take you home
-if (x($_SESSION, 'visitor_home')) {
- $homebase = $_SESSION['visitor_home'];
-} elseif (local_user()) {
- $homebase = 'profile/' . $a->user['nickname'];
-}
-
-if (isset($homebase)) {
- $a->page['content'] .= '<script>var homebase="' . $homebase . '" ; </script>';
-}
+$a->initFooter();
/*
* now that we've been through the module content, see if the page reported
Nav::build($a);
}
-/*
- * Add a "toggle mobile" link if we're using a mobile device
- */
-if ($a->is_mobile || $a->is_tablet) {
- if (isset($_SESSION['show-mobile']) && !$_SESSION['show-mobile']) {
- $link = 'toggle_mobile?address=' . curPageURL();
- } else {
- $link = 'toggle_mobile?off=1&address=' . curPageURL();
- }
- $a->page['footer'] = replace_macros(
- get_markup_template("toggle_mobile_footer.tpl"),
- [
- '$toggle_link' => $link,
- '$toggle_text' => L10n::t('toggle mobile')]
- );
-}
-
/**
* Build the page - now that we have all the components
*/
-
-if (!$a->theme['stylesheet']) {
- $stylesheet = current_theme_url();
-} else {
- $stylesheet = $a->theme['stylesheet'];
-}
-
-$a->page['htmlhead'] = str_replace('{{$stylesheet}}', $stylesheet, $a->page['htmlhead']);
-//$a->page['htmlhead'] = replace_macros($a->page['htmlhead'], array('$stylesheet' => $stylesheet));
-
if (isset($_GET["mode"]) && (($_GET["mode"] == "raw") || ($_GET["mode"] == "minimal"))) {
$doc = new DOMDocument();
echo substr($target->saveHTML(), 6, -8);
- killme();
+ exit();
}
$page = $a->page;
/// @TODO Looks unsafe (remote-inclusion), is maybe not but Theme::getPathForFile() uses file_exists() but does not escape anything
require_once $template;
-
-killme();
projects / friendica.git / blobdiff