X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=index.php;h=5dcb9a54a0da070f7e606c3c3b3862cf7a034c78;hb=5aba3abfc1ac37f9ba826e0d293be35910ee395f;hp=0ea09c0c7a59ab5248098127684fbceb7d488e6b;hpb=4e3d0018c69eaaa122f004357c5c68dacef59fc7;p=friendica.git diff --git a/index.php b/index.php index 0ea09c0c7a..5dcb9a54a0 100644 --- a/index.php +++ b/index.php @@ -32,9 +32,7 @@ $install = ((file_exists('.htconfig.php') && filesize('.htconfig.php')) ? false -$lang = get_browser_language(); - -load_translation_table($lang); + /** * @@ -55,13 +53,23 @@ if(!$install) { load_config('config'); load_config('system'); + if (get_config('system','force_ssl') AND ($a->get_scheme() == "http") AND + (intval(get_config('system','ssl_policy')) == SSL_POLICY_FULL) AND + (substr($a->get_baseurl(), 0, 8) == "https://")) { + header("HTTP/1.1 302 Moved Temporarily"); + header("location: ".$a->get_baseurl()."/".$a->query_string); + } + require_once("include/session.php"); load_hooks(); call_hooks('init_1'); + + $maintenance = get_config('system', 'maintenance'); } -$maintenance = get_config('system', 'maintenance'); +$lang = get_browser_language(); +load_translation_table($lang); /** * @@ -69,7 +77,7 @@ $maintenance = get_config('system', 'maintenance'); * * The order of these may be important so use caution if you think they're all * intertwingled with no logical order and decide to sort it out. Some of the - * dependencies have changed, but at least at one time in the recent past - the + * dependencies have changed, but at least at one time in the recent past - the * order was critical to everything working properly * */ @@ -102,13 +110,14 @@ if((x($_GET,'zrl')) && (!$install && !$maintenance)) { * * For Mozilla auth manager - still needs sorting, and this might conflict with LRDD header. * Apache/PHP lumps the Link: headers into one - and other services might not be able to parse it - * this way. There's a PHP flag to link the headers because by default this will over-write any other - * link header. + * this way. There's a PHP flag to link the headers because by default this will over-write any other + * link header. * * What we really need to do is output the raw headers ourselves so we can keep them separate. * + */ - + // header('Link: <' . $a->get_baseurl() . '/amcd>; rel="acct-mgmt";'); if((x($_SESSION,'authenticated')) || (x($_POST,'auth-params')) || ($a->module === 'login')) @@ -117,7 +126,6 @@ if((x($_SESSION,'authenticated')) || (x($_POST,'auth-params')) || ($a->module == if(! x($_SESSION,'authenticated')) header('X-Account-Management-Status: none'); - /* set up page['htmlhead'] and page['end'] for the modules to use */ $a->page['htmlhead'] = ''; $a->page['end'] = ''; @@ -130,28 +138,35 @@ if(! x($_SESSION,'sysmsg_info')) $_SESSION['sysmsg_info'] = array(); /* - * check_config() is responsible for running update scripts. These automatically + * check_config() is responsible for running update scripts. These automatically * update the DB schema whenever we push a new one out. It also checks to see if - * any plugins have been added or removed and reacts accordingly. + * any plugins have been added or removed and reacts accordingly. */ - -if($install) +// in install mode, any url loads install module +// but we need "view" module for stylesheet +if($install && $a->module!="view") $a->module = 'install'; -elseif($maintenance) +elseif($maintenance && $a->module!="view") $a->module = 'maintenance'; else { - proc_run('php', 'include/dbupdate.php'); + check_url($a); + check_db(); check_plugins($a); } nav_set_selected('nothing'); -$arr = array('app_menu' => $a->apps); +//Don't populate apps_menu if apps are private +$privateapps = get_config('config','private_addons'); +if((local_user()) || (! $privateapps === "1")) +{ + $arr = array('app_menu' => $a->apps); -call_hooks('app_menu', $arr); + call_hooks('app_menu', $arr); -$a->apps = $arr['app_menu']; + $a->apps = $arr['app_menu']; +} /** * @@ -161,13 +176,13 @@ $a->apps = $arr['app_menu']; * and use it for handling our URL request. * The module file contains a few functions that we call in various circumstances * and in the following order: - * + * * "module"_init * "module"_post (only called if there are $_POST variables) * "module"_afterpost * "module"_content - the string return of this function contains our page body * - * Modules which emit other serialisations besides HTML (XML,JSON, etc.) should do + * Modules which emit other serialisations besides HTML (XML,JSON, etc.) should do * so within the module init and/or post functions and then invoke killme() to terminate * further processing. */ @@ -181,10 +196,26 @@ if(strlen($a->module)) { * */ + // Compatibility with the Android Diaspora client + if ($a->module == "stream") + $a->module = "network"; + + // Compatibility with the Firefox App + if (($a->module == "users") AND ($a->cmd == "users/sign_in")) + $a->module = "login"; + + $privateapps = get_config('config','private_addons'); + if(is_array($a->plugins) && in_array($a->module,$a->plugins) && file_exists("addon/{$a->module}/{$a->module}.php")) { - include_once("addon/{$a->module}/{$a->module}.php"); - if(function_exists($a->module . '_module')) - $a->module_loaded = true; + //Check if module is an app and if public access to apps is allowed or not + if((!local_user()) && plugin_is_app($a->module) && $privateapps === "1") { + info( t("You must be logged in to use addons. ")); + } + else { + include_once("addon/{$a->module}/{$a->module}.php"); + if(function_exists($a->module . '_module')) + $a->module_loaded = true; + } } /** @@ -200,8 +231,8 @@ if(strlen($a->module)) { * * The URL provided does not resolve to a valid module. * - * On Dreamhost sites, quite often things go wrong for no apparent reason and they send us to '/internal_error.html'. - * We don't like doing this, but as it occasionally accounts for 10-20% or more of all site traffic - + * On Dreamhost sites, quite often things go wrong for no apparent reason and they send us to '/internal_error.html'. + * We don't like doing this, but as it occasionally accounts for 10-20% or more of all site traffic - * we are going to trap this and redirect back to the requested page. As long as you don't have a critical error on your page * this will often succeed and eventually do the right thing. * @@ -301,10 +332,8 @@ if($a->module_loaded) { $func = str_replace('-','_',current_theme()) . '_content_loaded'; $func($a); } - } - /* * Create the page head after setting the language * and getting any auth credentials @@ -345,7 +374,7 @@ if(stristr( implode("",$_SESSION['sysmsg']), t('Permission denied'))) { * Report anything which needs to be communicated in the notification area (before the main body) * */ - + /*if(x($_SESSION,'sysmsg')) { $a->page['content'] = "
\r\n" . ((x($a->page,'content')) ? $a->page['content'] : ''); @@ -408,20 +437,120 @@ if(!$a->theme['stylesheet']) $stylesheet = current_theme_url(); else $stylesheet = $a->theme['stylesheet']; -$a->page['htmlhead'] = replace_macros($a->page['htmlhead'], array('$stylesheet' => $stylesheet)); + +$a->page['htmlhead'] = str_replace('{{$stylesheet}}',$stylesheet,$a->page['htmlhead']); +//$a->page['htmlhead'] = replace_macros($a->page['htmlhead'], array('$stylesheet' => $stylesheet)); + +if (isset($_GET["mode"]) AND (($_GET["mode"] == "raw") OR ($_GET["mode"] == "minimal"))) { + $doc = new DOMDocument(); + + $target = new DOMDocument(); + $target->loadXML("