We are no longer offering accounts on this server. Consider https://gitlab.freedesktop.org/ as a place to host projects.

index.php 10.2 KB
Newer Older
Evan Prodromou's avatar
Evan Prodromou committed
1
<?php
2
/**
3
 * StatusNet - the distributed open-source microblogging tool
4
 * Copyright (C) 2008, 2009, StatusNet, Inc.
Evan Prodromou's avatar
Evan Prodromou committed
5
 *
Evan Prodromou's avatar
Evan Prodromou committed
6 7 8 9
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
Evan Prodromou's avatar
Evan Prodromou committed
10
 *
Evan Prodromou's avatar
Evan Prodromou committed
11 12 13 14
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
Evan Prodromou's avatar
Evan Prodromou committed
15
 *
Evan Prodromou's avatar
Evan Prodromou committed
16 17
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
Evan Prodromou's avatar
Evan Prodromou committed
18
 *
19 20
 * @category StatusNet
 * @package  StatusNet
21
 * @author   Brenda Wallace <shiny@cpan.org>
22
 * @author   Brion Vibber <brion@pobox.com>
23
 * @author   Christopher Vollick <psycotica0@gmail.com>
24
 * @author   CiaranG <ciaran@ciarang.com>
25
 * @author   Craig Andrews <candrews@integralblue.com>
26
 * @author   Evan Prodromou <evan@controlezvous.ca>
27
 * @author   Gina Haeussge <osd@foosel.net>
28
 * @author   James Walker <walkah@walkah.net>
29 30 31
 * @author   Jeffery To <jeffery.to@gmail.com>
 * @author   Mike Cochrane <mikec@mikenz.geek.nz>
 * @author   Robin Millette <millette@controlyourself.ca>
32
 * @author   Sarven Capadisli <csarven@controlyourself.ca>
33
 * @author   Tom Adams <tom@holizz.com>
34
 * @author   Zach Copley <zach@status.net>
35
 * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
36
 *
37
 * @license  GNU Affero General Public License http://www.gnu.org/licenses/
Evan Prodromou's avatar
Evan Prodromou committed
38
 */
Evan Prodromou's avatar
Evan Prodromou committed
39

40
$_startTime = microtime(true);
41
$_perfCounters = array();
42

Evan Prodromou's avatar
Evan Prodromou committed
43
define('INSTALLDIR', dirname(__FILE__));
mattl's avatar
mattl committed
44 45
define('GNUSOCIAL', true);
define('STATUSNET', true);  // compatibility
Evan Prodromou's avatar
Evan Prodromou committed
46

47 48 49
$user = null;
$action = null;

50 51
function getPath($req)
{
Evan Prodromou's avatar
Evan Prodromou committed
52 53
    $p = null;

54
    if ((common_config('site', 'fancy') || !array_key_exists('PATH_INFO', $_SERVER))
55
        && array_key_exists('p', $req)
56
    ) {
Evan Prodromou's avatar
Evan Prodromou committed
57
        $p = $req['p'];
58
    } else if (array_key_exists('PATH_INFO', $_SERVER)) {
59 60 61
        $path = $_SERVER['PATH_INFO'];
        $script = $_SERVER['SCRIPT_NAME'];
        if (substr($path, 0, mb_strlen($script)) == $script) {
62
            $p = substr($path, mb_strlen($script) + 1);
63
        } else {
Evan Prodromou's avatar
Evan Prodromou committed
64
            $p = $path;
65
        }
66
    } else {
Evan Prodromou's avatar
Evan Prodromou committed
67 68 69 70 71
        $p = null;
    }

    // Trim all initial '/'

72
    $p = ltrim($p, '/');
Evan Prodromou's avatar
Evan Prodromou committed
73 74

    return $p;
75
}
76

Brenda Wallace's avatar
Brenda Wallace committed
77 78
/**
 * logs and then displays error messages
Brenda Wallace's avatar
Brenda Wallace committed
79 80
 *
 * @return void
Brenda Wallace's avatar
Brenda Wallace committed
81
 */
82 83
function handleError($error)
{
84
    try {
85

86 87
        if ($error->getCode() == DB_DATAOBJECT_ERROR_NODATA) {
            return;
88
        }
89

90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109
        $logmsg = "PEAR error: " . $error->getMessage();
        if ($error instanceof PEAR_Exception && common_config('site', 'logdebug')) {
            $logmsg .= " : ". $error->toText();
        }
        // DB queries often end up with a lot of newlines; merge to a single line
        // for easier grepability...
        $logmsg = str_replace("\n", " ", $logmsg);
        common_log(LOG_ERR, $logmsg);

        // @fixme backtrace output should be consistent with exception handling
        if (common_config('site', 'logdebug')) {
            $bt = $error->getTrace();
            foreach ($bt as $n => $line) {
                common_log(LOG_ERR, formatBacktraceLine($n, $line));
            }
        }
        if ($error instanceof DB_DataObject_Error
            || $error instanceof DB_Error
            || ($error instanceof PEAR_Exception && $error->getCode() == -24)
        ) {
110 111 112 113 114 115
            //If we run into a DB error, assume we can't connect to the DB at all
            //so set the current user to null, so we don't try to access the DB
            //while rendering the error page.
            global $_cur;
            $_cur = null;

116
            $msg = sprintf(
117
                // TRANS: Database error message.
118 119 120 121 122
                _('The database for %1$s is not responding correctly, '.
                  'so the site will not work properly. '.
                  'The site admins probably know about the problem, '.
                  'but you can contact them at %2$s to make sure. '.
                  'Otherwise, wait a few minutes and try again.'
123 124 125 126
                ),
                common_config('site', 'name'),
                common_config('site', 'email')
            );
127 128 129

            $dac = new DBErrorAction($msg, 500);
            $dac->showPage();
130
        } else {
131 132
            $sac = new ServerErrorAction($error->getMessage(), 500, $error);
            $sac->showPage();
133 134 135
        }

    } catch (Exception $e) {
136
        // TRANS: Error message.
137 138
        echo _('An error occurred.');
    }
139 140
    exit(-1);
}
141

142 143
set_exception_handler('handleError');

144 145 146 147 148
// quick check for fancy URL auto-detection support in installer.
if (preg_replace("/\?.+$/", "", $_SERVER['REQUEST_URI']) === preg_replace("/^\/$/", "", (dirname($_SERVER['REQUEST_URI']))) . '/check-fancy') {
    die("Fancy URL support detection succeeded. We suggest you enable this to get fancy (pretty) URLs.");
}

149 150
require_once INSTALLDIR . '/lib/common.php';

151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182
/**
 * Format a backtrace line for debug output roughly like debug_print_backtrace() does.
 * Exceptions already have this built in, but PEAR error objects just give us the array.
 *
 * @param int $n line number
 * @param array $line per-frame array item from debug_backtrace()
 * @return string
 */
function formatBacktraceLine($n, $line)
{
    $out = "#$n ";
    if (isset($line['class'])) $out .= $line['class'];
    if (isset($line['type'])) $out .= $line['type'];
    if (isset($line['function'])) $out .= $line['function'];
    $out .= '(';
    if (isset($line['args'])) {
        $args = array();
        foreach ($line['args'] as $arg) {
            // debug_print_backtrace seems to use var_export
            // but this gets *very* verbose!
            $args[] = gettype($arg);
        }
        $out .= implode(',', $args);
    }
    $out .= ')';
    $out .= ' called at [';
    if (isset($line['file'])) $out .= $line['file'];
    if (isset($line['line'])) $out .= ':' . $line['line'];
    $out .= ']';
    return $out;
}

183
function setupRW()
184 185 186
{
    global $config;

187
    static $alwaysRW = array('session', 'remember_me');
188

189
    $rwdb = $config['db']['database'];
190

191
    if (Event::handle('StartReadWriteTables', array(&$alwaysRW, &$rwdb))) {
192

193 194 195 196 197 198 199 200 201 202 203
        // We ensure that these tables always are used
        // on the master DB

        $config['db']['database_rw'] = $rwdb;
        $config['db']['ini_rw'] = INSTALLDIR.'/classes/statusnet.ini';

        foreach ($alwaysRW as $table) {
            $config['db']['table_'.$table] = 'rw';
        }

        Event::handle('EndReadWriteTables', array($alwaysRW, $rwdb));
204
    }
205 206

    return;
207
}
208

209 210
function isLoginAction($action)
{
211
    static $loginActions =  array('login', 'recoverpassword', 'api', 'doc', 'register', 'publicxrds', 'otp', 'opensearch', 'rsd');
212 213 214 215 216 217 218 219 220 221

    $login = null;

    if (Event::handle('LoginAction', array($action, &$login))) {
        $login = in_array($action, $loginActions);
    }

    return $login;
}

222 223
function main()
{
224
    global $user, $action;
225

226
    if (!_have_config()) {
227
        $msg = sprintf(
228
            // TRANS: Error message displayed when there is no StatusNet configuration file.
229 230
            _("No configuration file found. Try running ".
              "the installation program first."
231 232
            )
        );
233 234 235 236 237
        $sac = new ServerErrorAction($msg);
        $sac->showPage();
        return;
    }

238 239 240 241
    // Make sure RW database is setup

    setupRW();

242
    // XXX: we need a little more structure in this script
243

244
    // get and cache current user (may hit RW!)
245

246
    $user = common_current_user();
Evan Prodromou's avatar
Evan Prodromou committed
247

248
    // initialize language env
Evan Prodromou's avatar
Evan Prodromou committed
249

250
    common_init_language();
Evan Prodromou's avatar
Evan Prodromou committed
251

252 253
    $path = getPath($_REQUEST);

Evan Prodromou's avatar
Evan Prodromou committed
254
    $r = Router::get();
255

256
    $args = $r->map($path);
Evan Prodromou's avatar
Evan Prodromou committed
257

258
    if (!$args) {
259
        // TRANS: Error message displayed when trying to access a non-existing page.
260 261 262 263
        $cac = new ClientErrorAction(_('Unknown page'), 404);
        $cac->showPage();
        return;
    }
264

265 266 267
    $site_ssl = common_config('site', 'ssl');

    // If the request is HTTP and it should be HTTPS...
mattl's avatar
mattl committed
268
    if ($site_ssl != 'never' && !GNUsocial::isHTTPS() && common_is_sensitive($args['action'])) {
269 270 271
        common_redirect(common_local_url($args['action'], $args));
    }

272
    $args = array_merge($args, $_REQUEST);
273 274

    Event::handle('ArgsInitialize', array(&$args));
275

276
    $action = basename($args['action']);
277

278 279
    if (!$action || !preg_match('/^[a-zA-Z0-9_-]*$/', $action)) {
        common_redirect(common_local_url('public'));
280
    }
281

282 283 284
    // If the site is private, and they're not on one of the "public"
    // parts of the site, redirect to login

Evan Prodromou's avatar
Evan Prodromou committed
285 286
    if (!$user && common_config('site', 'private')
        && !isLoginAction($action)
287
        && !preg_match('/rss$/', $action)
288 289 290
        && $action != 'robotstxt'
        && !preg_match('/^Api/', $action)) {

291 292 293 294 295 296 297 298 299 300 301 302 303 304
        // set returnto
        $rargs =& common_copy_args($args);
        unset($rargs['action']);
        if (common_config('site', 'fancy')) {
            unset($rargs['p']);
        }
        if (array_key_exists('submit', $rargs)) {
            unset($rargs['submit']);
        }
        foreach (array_keys($_COOKIE) as $cookie) {
            unset($rargs[$cookie]);
        }
        common_set_returnto(common_local_url($action, $rargs));

305 306 307 308 309 310
        common_redirect(common_local_url('login'));
    }

    $action_class = ucfirst($action).'Action';

    if (!class_exists($action_class)) {
311
        // TRANS: Error message displayed when trying to perform an undefined action.
312
        $cac = new ClientErrorAction(_('Unknown action'), 404);
313
        $cac->showPage();
314 315
    } else {
        try {
316
            call_user_func("$action_class::run", $args);
317 318 319 320
        } catch (ClientException $cex) {
            $cac = new ClientErrorAction($cex->getMessage(), $cex->getCode());
            $cac->showPage();
        } catch (ServerException $sex) { // snort snort guffaw
321
            $sac = new ServerErrorAction($sex->getMessage(), $sex->getCode(), $sex);
322 323
            $sac->showPage();
        } catch (Exception $ex) {
324
            $sac = new ServerErrorAction($ex->getMessage(), 500, $ex);
325 326
            $sac->showPage();
        }
327
    }
328
}
329

330 331
main();

332 333 334 335
// XXX: cleanup exit() calls or add an exit handler so
// this always gets called

Event::handle('CleanupPlugin');