X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=index.php;h=2b27845e59dcbce9ed64e69bda2ba9c028a8a2d3;hb=e868ebfe77d6a83d3d94add10445a8946480c81f;hp=47cde87409b62a31146d553d4e8582bdfd7acb13;hpb=185e229f7974c3bee2070ee7a2e4b8aaf01ee35e;p=quix0rs-gnu-social.git

diff --git a/index.php b/index.php
index 47cde87409..2b27845e59 100644
--- a/index.php
+++ b/index.php
@@ -19,46 +19,59 @@
  * @category StatusNet
  * @package  StatusNet
  * @author   Brenda Wallace <shiny@cpan.org>
+ * @author   Brion Vibber <brion@pobox.com>
  * @author   Christopher Vollick <psycotica0@gmail.com>
  * @author   CiaranG <ciaran@ciarang.com>
  * @author   Craig Andrews <candrews@integralblue.com>
  * @author   Evan Prodromou <evan@controlezvous.ca>
  * @author   Gina Haeussge <osd@foosel.net>
+ * @author   James Walker <walkah@walkah.net>
  * @author   Jeffery To <jeffery.to@gmail.com>
  * @author   Mike Cochrane <mikec@mikenz.geek.nz>
  * @author   Robin Millette <millette@controlyourself.ca>
  * @author   Sarven Capadisli <csarven@controlyourself.ca>
  * @author   Tom Adams <tom@holizz.com>
- * 
+ * @author   Zach Copley <zach@status.net>
+ * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
+ *
  * @license  GNU Affero General Public License http://www.gnu.org/licenses/
  */
 
-define('INSTALLDIR', dirname(__FILE__));
-define('STATUSNET', true);
-define('LACONICA', true); // compatibility
+$_startTime = microtime(true);
+$_perfCounters = array();
 
-require_once INSTALLDIR . '/lib/common.php';
+define('INSTALLDIR', dirname(__FILE__));
+define('GNUSOCIAL', true);
+define('STATUSNET', true);  // compatibility
 
 $user = null;
 $action = null;
 
 function getPath($req)
 {
+    $p = null;
+
     if ((common_config('site', 'fancy') || !array_key_exists('PATH_INFO', $_SERVER))
         && array_key_exists('p', $req)
     ) {
-        return $req['p'];
+        $p = $req['p'];
     } else if (array_key_exists('PATH_INFO', $_SERVER)) {
         $path = $_SERVER['PATH_INFO'];
         $script = $_SERVER['SCRIPT_NAME'];
         if (substr($path, 0, mb_strlen($script)) == $script) {
-            return substr($path, mb_strlen($script));
+            $p = substr($path, mb_strlen($script) + 1);
         } else {
-            return $path;
+            $p = $path;
         }
     } else {
-        return null;
+        $p = null;
     }
+
+    // Trim all initial '/'
+
+    $p = ltrim($p, '/');
+
+    return $p;
 }
 
 /**
@@ -68,52 +81,68 @@ function getPath($req)
  */
 function handleError($error)
 {
-    if ($error->getCode() == DB_DATAOBJECT_ERROR_NODATA) {
-        return;
-    }
+    try {
 
-    $logmsg = "PEAR error: " . $error->getMessage();
-    if (common_config('site', 'logdebug')) {
-        $logmsg .= " : ". $error->getDebugInfo();
-    }
-    // DB queries often end up with a lot of newlines; merge to a single line
-    // for easier grepability...
-    $logmsg = str_replace("\n", " ", $logmsg);
-    common_log(LOG_ERR, $logmsg);
-
-    // @fixme backtrace output should be consistent with exception handling
-    if (common_config('site', 'logdebug')) {
-        $bt = $error->getBacktrace();
-        foreach ($bt as $n => $line) {
-            common_log(LOG_ERR, formatBacktraceLine($n, $line));
+        if ($error->getCode() == DB_DATAOBJECT_ERROR_NODATA) {
+            return;
+        }
+
+        $logmsg = "PEAR error: " . $error->getMessage();
+        if ($error instanceof PEAR_Exception && common_config('site', 'logdebug')) {
+            $logmsg .= " : ". $error->toText();
+        }
+        // DB queries often end up with a lot of newlines; merge to a single line
+        // for easier grepability...
+        $logmsg = str_replace("\n", " ", $logmsg);
+        common_log(LOG_ERR, $logmsg);
+
+        // @fixme backtrace output should be consistent with exception handling
+        if (common_config('site', 'logdebug')) {
+            $bt = $error->getTrace();
+            foreach ($bt as $n => $line) {
+                common_log(LOG_ERR, formatBacktraceLine($n, $line));
+            }
+        }
+        if ($error instanceof DB_DataObject_Error
+            || $error instanceof DB_Error
+            || ($error instanceof PEAR_Exception && $error->getCode() == -24)
+        ) {
+            //If we run into a DB error, assume we can't connect to the DB at all
+            //so set the current user to null, so we don't try to access the DB
+            //while rendering the error page.
+            global $_cur;
+            $_cur = null;
+
+            $msg = sprintf(
+                // TRANS: Database error message.
+                _('The database for %1$s is not responding correctly, '.
+                  'so the site will not work properly. '.
+                  'The site admins probably know about the problem, '.
+                  'but you can contact them at %2$s to make sure. '.
+                  'Otherwise, wait a few minutes and try again.'
+                ),
+                common_config('site', 'name'),
+                common_config('site', 'email')
+            );
+
+            $dac = new DBErrorAction($msg, 500);
+            $dac->showPage();
+        } else {
+            $sac = new ServerErrorAction($error->getMessage(), 500, $error);
+            $sac->showPage();
         }
-    }
-    if ($error instanceof DB_DataObject_Error
-        || $error instanceof DB_Error
-    ) {
-        $msg = sprintf(
-            _(
-                'The database for %s isn\'t responding correctly, '.
-                'so the site won\'t work properly. '.
-                'The site admins probably know about the problem, '.
-                'but you can contact them at %s to make sure. '.
-                'Otherwise, wait a few minutes and try again.'
-            ),
-            common_config('site', 'name'),
-            common_config('site', 'email')
-        );
-    } else {
-        $msg = _(
-            'An important error occured, probably related to email setup. '.
-            'Check logfiles for more info..'
-        );
-    }
 
-    $dac = new DBErrorAction($msg, 500);
-    $dac->showPage();
+    } catch (Exception $e) {
+        // TRANS: Error message.
+        echo _('An error occurred.');
+    }
     exit(-1);
 }
 
+set_exception_handler('handleError');
+
+require_once INSTALLDIR . '/lib/common.php';
+
 /**
  * Format a backtrace line for debug output roughly like debug_print_backtrace() does.
  * Exceptions already have this built in, but PEAR error objects just give us the array.
@@ -146,41 +175,35 @@ function formatBacktraceLine($n, $line)
     return $out;
 }
 
-function checkMirror($action_obj, $args)
+function setupRW()
 {
     global $config;
 
     static $alwaysRW = array('session', 'remember_me');
 
-    if (common_config('db', 'mirror') && $action_obj->isReadOnly($args)) {
-        if (is_array(common_config('db', 'mirror'))) {
-            // "load balancing", ha ha
-            $arr = common_config('db', 'mirror');
-            $k = array_rand($arr);
-            $mirror = $arr[$k];
-        } else {
-            $mirror = common_config('db', 'mirror');
-        }
+    $rwdb = $config['db']['database'];
+
+    if (Event::handle('StartReadWriteTables', array(&$alwaysRW, &$rwdb))) {
 
         // We ensure that these tables always are used
         // on the master DB
 
-        $config['db']['database_rw'] = $config['db']['database'];
+        $config['db']['database_rw'] = $rwdb;
         $config['db']['ini_rw'] = INSTALLDIR.'/classes/statusnet.ini';
 
         foreach ($alwaysRW as $table) {
             $config['db']['table_'.$table] = 'rw';
         }
 
-        // everyone else uses the mirror
-
-        $config['db']['database'] = $mirror;
+        Event::handle('EndReadWriteTables', array($alwaysRW, $rwdb));
     }
+
+    return;
 }
 
 function isLoginAction($action)
 {
-    static $loginActions =  array('login', 'recoverpassword', 'api', 'doc', 'register', 'publicxrds');
+    static $loginActions =  array('login', 'recoverpassword', 'api', 'doc', 'register', 'publicxrds', 'otp', 'opensearch', 'rsd');
 
     $login = null;
 
@@ -195,18 +218,18 @@ function main()
 {
     // fake HTTP redirects using lighttpd's 404 redirects
     if (strpos($_SERVER['SERVER_SOFTWARE'], 'lighttpd') !== false) {
-        $_lighty_url = $base_url.$_SERVER['REQUEST_URI'];
+        $_lighty_url = $_SERVER['REQUEST_URI'];
         $_lighty_url = @parse_url($_lighty_url);
 
         if ($_lighty_url['path'] != '/index.php' && $_lighty_url['path'] != '/') {
             $_lighty_path = preg_replace('/^'.preg_quote(common_config('site', 'path')).'\//', '', substr($_lighty_url['path'], 1));
             $_SERVER['QUERY_STRING'] = 'p='.$_lighty_path;
-            if ($_lighty_url['query']) {
+            if (isset($_lighty_url['query']) && $_lighty_url['query'] != '') {
                 $_SERVER['QUERY_STRING'] .= '&'.$_lighty_url['query'];
-            }
-            parse_str($_lighty_url['query'], $_lighty_query);
-            foreach ($_lighty_query as $key => $val) {
-                $_GET[$key] = $_REQUEST[$key] = $val;
+                parse_str($_lighty_url['query'], $_lighty_query);
+                foreach ($_lighty_query as $key => $val) {
+                    $_GET[$key] = $_REQUEST[$key] = $val;
+                }
             }
             $_GET['p'] = $_REQUEST['p'] = $_lighty_path;
         }
@@ -223,9 +246,9 @@ function main()
 
     if (!_have_config()) {
         $msg = sprintf(
-            _(
-                "No configuration file found. Try running ".
-                "the installation program first."
+            // TRANS: Error message displayed when there is no StatusNet configuration file.
+            _("No configuration file found. Try running ".
+              "the installation program first."
             )
         );
         $sac = new ServerErrorAction($msg);
@@ -233,13 +256,13 @@ function main()
         return;
     }
 
-    // For database errors
+    // Make sure RW database is setup
 
-    PEAR::setErrorHandling(PEAR_ERROR_CALLBACK, 'handleError');
+    setupRW();
 
     // XXX: we need a little more structure in this script
 
-    // get and cache current user
+    // get and cache current user (may hit RW!)
 
     $user = common_current_user();
 
@@ -254,16 +277,25 @@ function main()
     $args = $r->map($path);
 
     if (!$args) {
+        // TRANS: Error message displayed when trying to access a non-existing page.
         $cac = new ClientErrorAction(_('Unknown page'), 404);
         $cac->showPage();
         return;
     }
 
+    $site_ssl = common_config('site', 'ssl');
+
+    // If the request is HTTP and it should be HTTPS...
+    if ($site_ssl != 'never' && !StatusNet::isHTTPS() && common_is_sensitive($args['action'])) {
+        common_redirect(common_local_url($args['action'], $args));
+        return;
+    }
+
     $args = array_merge($args, $_REQUEST);
 
     Event::handle('ArgsInitialize', array(&$args));
 
-    $action = $args['action'];
+    $action = basename($args['action']);
 
     if (!$action || !preg_match('/^[a-zA-Z0-9_-]*$/', $action)) {
         common_redirect(common_local_url('public'));
@@ -276,8 +308,9 @@ function main()
     if (!$user && common_config('site', 'private')
         && !isLoginAction($action)
         && !preg_match('/rss$/', $action)
-        && !preg_match('/^Api/', $action)
-    ) {
+        && $action != 'robotstxt'
+        && !preg_match('/^Api/', $action)) {
+
         // set returnto
         $rargs =& common_copy_args($args);
         unset($rargs['action']);
@@ -299,25 +332,20 @@ function main()
     $action_class = ucfirst($action).'Action';
 
     if (!class_exists($action_class)) {
+        // TRANS: Error message displayed when trying to perform an undefined action.
         $cac = new ClientErrorAction(_('Unknown action'), 404);
         $cac->showPage();
     } else {
-        $action_obj = new $action_class();
-
-        checkMirror($action_obj, $args);
-
         try {
-            if ($action_obj->prepare($args)) {
-                $action_obj->handle($args);
-            }
+            call_user_func("$action_class::run", $args);
         } catch (ClientException $cex) {
             $cac = new ClientErrorAction($cex->getMessage(), $cex->getCode());
             $cac->showPage();
         } catch (ServerException $sex) { // snort snort guffaw
-            $sac = new ServerErrorAction($sex->getMessage(), $sex->getCode());
+            $sac = new ServerErrorAction($sex->getMessage(), $sex->getCode(), $sex);
             $sac->showPage();
         } catch (Exception $ex) {
-            $sac = new ServerErrorAction($ex->getMessage());
+            $sac = new ServerErrorAction($ex->getMessage(), 500, $ex);
             $sac->showPage();
         }
     }