X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=index.php;h=c94675a59ae65a887fe181c1350f714555d3e8d4;hb=d2dc61c246fcbb896f33f23698426893148b2f65;hp=ebc65cdb018904f550ccda6c6e1cd21ff2c8bca1;hpb=cfb99aa32382a18829fd79121f0b348dd0577dc9;p=friendica.git

diff --git a/index.php b/index.php
index ebc65cdb01..c94675a59a 100644
--- a/index.php
+++ b/index.php
@@ -13,12 +13,16 @@
  *
  */
 
-use \Friendica\Core\Config;
+use Friendica\App;
+use Friendica\Core\System;
+use Friendica\Core\Config;
 
-require_once('boot.php');
-require_once('object/BaseObject.php');
+require_once 'boot.php';
+require_once 'object/BaseObject.php';
 
-$a = new App;
+if (empty($a)) {
+	$a = new App(__DIR__);
+}
 BaseObject::set_app($a);
 
 // We assume that the index.php is called by a frontend process
@@ -49,7 +53,7 @@ if (!$install) {
 require_once "include/dba.php";
 
 if (!$install) {
-	$db = new dba($db_host, $db_user, $db_pass, $db_data, $install);
+	dba::connect($db_host, $db_user, $db_pass, $db_data, $install);
 	unset($db_host, $db_user, $db_pass, $db_data);
 
 	/**
@@ -58,22 +62,22 @@ if (!$install) {
 
 	Config::load();
 
-	if ($a->max_processes_reached() OR $a->maxload_reached()) {
+	if ($a->max_processes_reached() || $a->maxload_reached()) {
 		header($_SERVER["SERVER_PROTOCOL"] . ' 503 Service Temporarily Unavailable');
 		header('Retry-After: 120');
-		header('Refresh: 120; url=' . App::get_baseurl() . "/" . $a->query_string);
+		header('Refresh: 120; url=' . System::baseUrl() . "/" . $a->query_string);
 		die("System is currently unavailable. Please try again later");
 	}
 
-	if (get_config('system', 'force_ssl') AND ($a->get_scheme() == "http") AND
-		(intval(get_config('system', 'ssl_policy')) == SSL_POLICY_FULL) AND
-		(substr(App::get_baseurl(), 0, 8) == "https://")) {
+	if (get_config('system', 'force_ssl') && ($a->get_scheme() == "http") &&
+		(intval(get_config('system', 'ssl_policy')) == SSL_POLICY_FULL) &&
+		(substr(System::baseUrl(), 0, 8) == "https://")) {
 		header("HTTP/1.1 302 Moved Temporarily");
-		header("Location: " . App::get_baseurl() . "/" . $a->query_string);
+		header("Location: " . System::baseUrl() . "/" . $a->query_string);
 		exit();
 	}
 
-	require_once("include/session.php");
+	require_once 'include/session.php';
 	load_hooks();
 	call_hooks('init_1');
 
@@ -112,9 +116,11 @@ if (!$a->is_backend()) {
  */
 if (x($_SESSION,'authenticated') && !x($_SESSION,'language')) {
 	// we didn't loaded user data yet, but we need user language
-	$r = q("SELECT language FROM user WHERE uid=%d", intval($_SESSION['uid']));
+	$r = dba::select('user', array('language'), array('uid' => $_SESSION['uid']), array('limit' => 1));
 	$_SESSION['language'] = $lang;
-	if (dbm::is_result($r)) $_SESSION['language'] = $r[0]['language'];
+	if (dbm::is_result($r)) {
+		$_SESSION['language'] = $r['language'];
+	}
 }
 
 if ((x($_SESSION,'language')) && ($_SESSION['language'] !== $lang)) {
@@ -125,7 +131,7 @@ if ((x($_SESSION,'language')) && ($_SESSION['language'] !== $lang)) {
 if ((x($_GET,'zrl')) && (!$install && !$maintenance)) {
 	// Only continue when the given profile link seems valid
 	// Valid profile links contain a path with "/profile/" and no query parameters
-	if ((parse_url($_GET['zrl'], PHP_URL_QUERY) == "") AND
+	if ((parse_url($_GET['zrl'], PHP_URL_QUERY) == "") &&
 		strstr(parse_url($_GET['zrl'], PHP_URL_PATH), "/profile/")) {
 		$_SESSION['my_url'] = $_GET['zrl'];
 		$a->query_string = preg_replace('/[\?&]zrl=(.*?)([\?&]|$)/is','',$a->query_string);
@@ -151,7 +157,7 @@ if ((x($_GET,'zrl')) && (!$install && !$maintenance)) {
  *
  */
 
-// header('Link: <' . App::get_baseurl() . '/amcd>; rel="acct-mgmt";');
+// header('Link: <' . System::baseUrl() . '/amcd>; rel="acct-mgmt";');
 
 if (x($_COOKIE["Friendica"]) || (x($_SESSION,'authenticated')) || (x($_POST,'auth-params')) || ($a->module === 'login')) {
 	require("include/auth.php");
@@ -174,6 +180,10 @@ if (! x($_SESSION,'sysmsg_info')) {
 	$_SESSION['sysmsg_info'] = array();
 }
 
+// Array for informations about last received items
+if (! x($_SESSION,'last_updated')) {
+	$_SESSION['last_updated'] = array();
+}
 /*
  * check_config() is responsible for running update scripts. These automatically
  * update the DB schema whenever we push a new one out. It also checks to see if
@@ -188,7 +198,7 @@ if ($install && $a->module!="view") {
 	$a->module = 'maintenance';
 } else {
 	check_url($a);
-	check_db();
+	check_db(false);
 	check_plugins($a);
 }
 
@@ -238,7 +248,7 @@ if (strlen($a->module)) {
 	}
 
 	// Compatibility with the Firefox App
-	if (($a->module == "users") AND ($a->cmd == "users/sign_in")) {
+	if (($a->module == "users") && ($a->cmd == "users/sign_in")) {
 		$a->module = "login";
 	}
 
@@ -287,7 +297,7 @@ if (strlen($a->module)) {
 
 		if ((x($_SERVER,'QUERY_STRING')) && ($_SERVER['QUERY_STRING'] === 'q=internal_error.html') && isset($dreamhost_error_hack)) {
 			logger('index.php: dreamhost_error_hack invoked. Original URI =' . $_SERVER['REQUEST_URI']);
-			goaway(App::get_baseurl() . $_SERVER['REQUEST_URI']);
+			goaway(System::baseUrl() . $_SERVER['REQUEST_URI']);
 		}
 
 		logger('index.php: page not found: ' . $_SERVER['REQUEST_URI'] . ' ADDRESS: ' . $_SERVER['REMOTE_ADDR'] . ' QUERY: ' . $_SERVER['QUERY_STRING'], LOGGER_DEBUG);
@@ -443,7 +453,7 @@ if (!$a->theme['stylesheet']) {
 $a->page['htmlhead'] = str_replace('{{$stylesheet}}',$stylesheet,$a->page['htmlhead']);
 //$a->page['htmlhead'] = replace_macros($a->page['htmlhead'], array('$stylesheet' => $stylesheet));
 
-if (isset($_GET["mode"]) AND (($_GET["mode"] == "raw") OR ($_GET["mode"] == "minimal"))) {
+if (isset($_GET["mode"]) && (($_GET["mode"] == "raw") || ($_GET["mode"] == "minimal"))) {
 	$doc = new DOMDocument();
 
 	$target = new DOMDocument();
@@ -466,7 +476,7 @@ if (isset($_GET["mode"]) AND (($_GET["mode"] == "raw") OR ($_GET["mode"] == "min
 	}
 }
 
-if (isset($_GET["mode"]) AND ($_GET["mode"] == "raw")) {
+if (isset($_GET["mode"]) && ($_GET["mode"] == "raw")) {
 
 	header("Content-type: text/html; charset=utf-8");
 
@@ -481,8 +491,21 @@ $profile = $a->profile;
 header("X-Friendica-Version: " . FRIENDICA_VERSION);
 header("Content-type: text/html; charset=utf-8");
 
+if (Config::get('system', 'hsts') && (Config::get('system', 'ssl_policy') == SSL_POLICY_FULL)) {
+	header("Strict-Transport-Security: max-age=31536000");
+}
+
+// Some security stuff
+header('X-Content-Type-Options: nosniff');
+header('X-XSS-Protection: 1; mode=block');
+header('X-Permitted-Cross-Domain-Policies: none');
+header('X-Frame-Options: sameorigin');
+
+// Things like embedded OSM maps don't work, when this is enabled
+// header("Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; img-src 'self' https: data:; media-src 'self' https:; child-src 'self' https:; object-src 'none'");
+
 /*
- * We use $_GET["mode"] for special page templates. So we will check if we have 
+ * We use $_GET["mode"] for special page templates. So we will check if we have
  * to load another page template than the default one.
  * The page templates are located in /view/php/ or in the theme directory.
  */
@@ -491,7 +514,7 @@ if (isset($_GET["mode"])) {
 }
 
 // If there is no page template use the default page template
-if (!$template) {
+if (empty($template)) {
 	$template = theme_include("default.php");
 }