X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=index.php;h=bf4ee378af840ccb0810f7cfa686921a251863ba;hb=71b30e06516b6d35817678ece1e289e02a7b7844;hp=a69a8d0c36b4bc50942bb5b9450ce1d2e1671555;hpb=0434b0485a0a7f2cfc8d1ea24a0fd2b6ca27ff7a;p=friendica.git
diff --git a/index.php b/index.php
index a69a8d0c36..bf4ee378af 100644
--- a/index.php
+++ b/index.php
@@ -41,10 +41,11 @@ $install = ((file_exists('.htconfig.php') && filesize('.htconfig.php')) ? false
*/
require_once("include/dba.php");
+require_once("include/dbm.php");
if(!$install) {
$db = new dba($db_host, $db_user, $db_pass, $db_data, $install);
- unset($db_host, $db_user, $db_pass, $db_data);
+ unset($db_host, $db_user, $db_pass, $db_data);
/**
* Load configs from db. Overwrite configs from .htconfig.php
@@ -53,6 +54,21 @@ if(!$install) {
load_config('config');
load_config('system');
+ $processlist = dbm::processlist();
+ if ($processlist["list"] != "") {
+
+ logger("Processcheck: Processes: ".$processlist["amount"]." - Processlist: ".$processlist["list"], LOGGER_DEBUG);
+
+ $max_processes = get_config('system', 'max_processes_frontend');
+ if (intval($max_processes) == 0)
+ $max_processes = 20;
+
+ if ($processlist["amount"] > $max_processes) {
+ logger("Processcheck: Maximum number of processes for frontend tasks (".$max_processes.") reached.", LOGGER_DEBUG);
+ system_unavailable();
+ }
+ }
+
$maxsysload_frontend = intval(get_config('system','maxloadavg_frontend'));
if($maxsysload_frontend < 1)
$maxsysload_frontend = 50;
@@ -118,14 +134,20 @@ if((x($_SESSION,'language')) && ($_SESSION['language'] !== $lang)) {
if((x($_GET,'zrl')) && (!$install && !$maintenance)) {
// Only continue when the given profile link seems valid
- // Valid profile links contain a path and no query parameters
+ // Valid profile links contain a path with "/profile/" and no query parameters
if ((parse_url($_GET['zrl'], PHP_URL_QUERY) == "") AND
- (parse_url($_GET['zrl'], PHP_URL_PATH) != "")) {
+ strstr(parse_url($_GET['zrl'], PHP_URL_PATH), "/profile/")) {
$_SESSION['my_url'] = $_GET['zrl'];
$a->query_string = preg_replace('/[\?&]zrl=(.*?)([\?&]|$)/is','',$a->query_string);
zrl_init($a);
- } else
+ } else {
+ // Someone came with an invalid parameter, maybe as a DDoS attempt
+ // We simply stop processing here
logger("Invalid ZRL parameter ".$_GET['zrl'], LOGGER_DEBUG);
+ header('HTTP/1.1 403 Forbidden');
+ echo "403 Forbidden
";
+ killme();
+ }
}
/**
@@ -141,7 +163,7 @@ if((x($_GET,'zrl')) && (!$install && !$maintenance)) {
// header('Link: <' . $a->get_baseurl() . '/amcd>; rel="acct-mgmt";');
-if((x($_SESSION,'authenticated')) || (x($_POST,'auth-params')) || ($a->module === 'login'))
+if(x($_COOKIE["Friendica"]) || (x($_SESSION,'authenticated')) || (x($_POST,'auth-params')) || ($a->module === 'login'))
require("include/auth.php");
if(! x($_SESSION,'authenticated'))
@@ -436,9 +458,9 @@ if($a->is_mobile || $a->is_tablet) {
$link = 'toggle_mobile?off=1&address=' . curPageURL();
}
$a->page['footer'] = replace_macros(get_markup_template("toggle_mobile_footer.tpl"), array(
- '$toggle_link' => $link,
- '$toggle_text' => t('toggle mobile')
- ));
+ '$toggle_link' => $link,
+ '$toggle_text' => t('toggle mobile')
+ ));
}
/**
@@ -485,70 +507,6 @@ if (isset($_GET["mode"]) AND ($_GET["mode"] == "raw")) {
session_write_close();
exit;
-} elseif (get_pconfig(local_user(),'system','infinite_scroll')
- AND ($a->module == "network") AND ($_GET["mode"] != "minimal")) {
- if (is_string($_GET["page"]))
- $pageno = $_GET["page"];
- else
- $pageno = 1;
-
- $reload_uri = "";
-
- foreach ($_GET AS $param => $value)
- if (($param != "page") AND ($param != "q"))
- $reload_uri .= "&".$param."=".urlencode($value);
-
- if (($a->page_offset != "") AND !strstr($reload_uri, "&offset="))
- $reload_uri .= "&offset=".urlencode($a->page_offset);
-
-
-$a->page['htmlhead'] .= <<< EOT
-
-
-EOT;
-
}
$page = $a->page;