We are no longer offering accounts on this server. Consider https://gitlab.freedesktop.org/ as a place to host projects.

index.php 10.2 KB
Newer Older
Evan Prodromou's avatar
Evan Prodromou committed
1
<?php
2
/**
3
 * StatusNet - the distributed open-source microblogging tool
4
 * Copyright (C) 2008, 2009, StatusNet, Inc.
Evan Prodromou's avatar
Evan Prodromou committed
5
 *
Evan Prodromou's avatar
Evan Prodromou committed
6 7 8 9
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
Evan Prodromou's avatar
Evan Prodromou committed
10
 *
Evan Prodromou's avatar
Evan Prodromou committed
11 12 13 14
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
Evan Prodromou's avatar
Evan Prodromou committed
15
 *
Evan Prodromou's avatar
Evan Prodromou committed
16 17
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
Evan Prodromou's avatar
Evan Prodromou committed
18
 *
19 20
 * @category StatusNet
 * @package  StatusNet
21 22
 * @author   Brenda Wallace <shiny@cpan.org>
 * @author   Christopher Vollick <psycotica0@gmail.com>
23
 * @author   CiaranG <ciaran@ciarang.com>
24
 * @author   Craig Andrews <candrews@integralblue.com>
25
 * @author   Evan Prodromou <evan@controlezvous.ca>
26
 * @author   Gina Haeussge <osd@foosel.net>
27 28 29
 * @author   Jeffery To <jeffery.to@gmail.com>
 * @author   Mike Cochrane <mikec@mikenz.geek.nz>
 * @author   Robin Millette <millette@controlyourself.ca>
30
 * @author   Sarven Capadisli <csarven@controlyourself.ca>
31
 * @author   Tom Adams <tom@holizz.com>
32
 *
33
 * @license  GNU Affero General Public License http://www.gnu.org/licenses/
Evan Prodromou's avatar
Evan Prodromou committed
34
 */
Evan Prodromou's avatar
Evan Prodromou committed
35 36

define('INSTALLDIR', dirname(__FILE__));
Evan Prodromou's avatar
Evan Prodromou committed
37
define('STATUSNET', true);
38
define('LACONICA', true); // compatibility
Evan Prodromou's avatar
Evan Prodromou committed
39

40
require_once INSTALLDIR . '/lib/common.php';
Evan Prodromou's avatar
Evan Prodromou committed
41

42 43 44
$user = null;
$action = null;

45 46
function getPath($req)
{
47
    if ((common_config('site', 'fancy') || !array_key_exists('PATH_INFO', $_SERVER))
48
        && array_key_exists('p', $req)
49
    ) {
50
        return $req['p'];
51
    } else if (array_key_exists('PATH_INFO', $_SERVER)) {
52 53 54 55 56 57 58
        $path = $_SERVER['PATH_INFO'];
        $script = $_SERVER['SCRIPT_NAME'];
        if (substr($path, 0, mb_strlen($script)) == $script) {
            return substr($path, mb_strlen($script));
        } else {
            return $path;
        }
59
    } else {
60
        return null;
61 62
    }
}
63

Brenda Wallace's avatar
Brenda Wallace committed
64 65
/**
 * logs and then displays error messages
Brenda Wallace's avatar
Brenda Wallace committed
66 67
 *
 * @return void
Brenda Wallace's avatar
Brenda Wallace committed
68
 */
69 70
function handleError($error)
{
71 72 73 74
    if ($error->getCode() == DB_DATAOBJECT_ERROR_NODATA) {
        return;
    }

75
    $logmsg = "PEAR error: " . $error->getMessage();
Brenda Wallace's avatar
Brenda Wallace committed
76
    if (common_config('site', 'logdebug')) {
77 78
        $logmsg .= " : ". $error->getDebugInfo();
    }
79 80 81
    // DB queries often end up with a lot of newlines; merge to a single line
    // for easier grepability...
    $logmsg = str_replace("\n", " ", $logmsg);
82
    common_log(LOG_ERR, $logmsg);
83 84

    // @fixme backtrace output should be consistent with exception handling
Brenda Wallace's avatar
Brenda Wallace committed
85
    if (common_config('site', 'logdebug')) {
Evan Prodromou's avatar
Evan Prodromou committed
86
        $bt = $error->getBacktrace();
87 88
        foreach ($bt as $n => $line) {
            common_log(LOG_ERR, formatBacktraceLine($n, $line));
Evan Prodromou's avatar
Evan Prodromou committed
89 90
        }
    }
Evan Prodromou's avatar
Evan Prodromou committed
91
    if ($error instanceof DB_DataObject_Error
92 93 94 95 96 97 98 99 100 101 102 103 104
        || $error instanceof DB_Error
    ) {
        $msg = sprintf(
            _(
                'The database for %s isn\'t responding correctly, '.
                'so the site won\'t work properly. '.
                'The site admins probably know about the problem, '.
                'but you can contact them at %s to make sure. '.
                'Otherwise, wait a few minutes and try again.'
            ),
            common_config('site', 'name'),
            common_config('site', 'email')
        );
105
    } else {
106 107 108 109
        $msg = _(
            'An important error occured, probably related to email setup. '.
            'Check logfiles for more info..'
        );
110
    }
111 112 113 114 115

    $dac = new DBErrorAction($msg, 500);
    $dac->showPage();
    exit(-1);
}
116

117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148
/**
 * Format a backtrace line for debug output roughly like debug_print_backtrace() does.
 * Exceptions already have this built in, but PEAR error objects just give us the array.
 *
 * @param int $n line number
 * @param array $line per-frame array item from debug_backtrace()
 * @return string
 */
function formatBacktraceLine($n, $line)
{
    $out = "#$n ";
    if (isset($line['class'])) $out .= $line['class'];
    if (isset($line['type'])) $out .= $line['type'];
    if (isset($line['function'])) $out .= $line['function'];
    $out .= '(';
    if (isset($line['args'])) {
        $args = array();
        foreach ($line['args'] as $arg) {
            // debug_print_backtrace seems to use var_export
            // but this gets *very* verbose!
            $args[] = gettype($arg);
        }
        $out .= implode(',', $args);
    }
    $out .= ')';
    $out .= ' called at [';
    if (isset($line['file'])) $out .= $line['file'];
    if (isset($line['line'])) $out .= ':' . $line['line'];
    $out .= ']';
    return $out;
}

149
function setupRW()
150 151 152
{
    global $config;

153
    static $alwaysRW = array('session', 'remember_me');
154

155 156 157 158 159 160 161 162 163
    // We ensure that these tables always are used
    // on the master DB

    $config['db']['database_rw'] = $config['db']['database'];
    $config['db']['ini_rw'] = INSTALLDIR.'/classes/statusnet.ini';

    foreach ($alwaysRW as $table) {
        $config['db']['table_'.$table] = 'rw';
    }
164
}
165

166 167
function checkMirror($action_obj, $args)
{
168 169
    global $config;

170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185
    if (common_config('db', 'mirror') && $action_obj->isReadOnly($args)) {
        if (is_array(common_config('db', 'mirror'))) {
            // "load balancing", ha ha
            $arr = common_config('db', 'mirror');
            $k = array_rand($arr);
            $mirror = $arr[$k];
        } else {
            $mirror = common_config('db', 'mirror');
        }

        // everyone else uses the mirror

        $config['db']['database'] = $mirror;
    }
}

186 187
function isLoginAction($action)
{
188
    static $loginActions =  array('login', 'recoverpassword', 'api', 'doc', 'register', 'publicxrds');
189 190 191 192 193 194 195 196 197 198

    $login = null;

    if (Event::handle('LoginAction', array($action, &$login))) {
        $login = in_array($action, $loginActions);
    }

    return $login;
}

199 200
function main()
{
201 202 203 204 205 206
    // fake HTTP redirects using lighttpd's 404 redirects
    if (strpos($_SERVER['SERVER_SOFTWARE'], 'lighttpd') !== false) {
        $_lighty_url = $base_url.$_SERVER['REQUEST_URI'];
        $_lighty_url = @parse_url($_lighty_url);

        if ($_lighty_url['path'] != '/index.php' && $_lighty_url['path'] != '/') {
207
            $_lighty_path = preg_replace('/^'.preg_quote(common_config('site', 'path')).'\//', '', substr($_lighty_url['path'], 1));
208
            $_SERVER['QUERY_STRING'] = 'p='.$_lighty_path;
209
            if ($_lighty_url['query']) {
210
                $_SERVER['QUERY_STRING'] .= '&'.$_lighty_url['query'];
211
            }
212 213 214 215
            parse_str($_lighty_url['query'], $_lighty_query);
            foreach ($_lighty_query as $key => $val) {
                $_GET[$key] = $_REQUEST[$key] = $val;
            }
216
            $_GET['p'] = $_REQUEST['p'] = $_lighty_path;
217 218 219 220
        }
    }
    $_SERVER['REDIRECT_URL'] = preg_replace("/\?.+$/", "", $_SERVER['REQUEST_URI']);

221
    // quick check for fancy URL auto-detection support in installer.
222
    if (isset($_SERVER['REDIRECT_URL']) && (preg_replace("/^\/$/", "", (dirname($_SERVER['REQUEST_URI']))) . '/check-fancy') === $_SERVER['REDIRECT_URL']) {
223 224
        die("Fancy URL support detection succeeded. We suggest you enable this to get fancy (pretty) URLs.");
    }
225
    global $user, $action;
226

227
    Snapshot::check();
228

229
    if (!_have_config()) {
230 231 232 233 234 235
        $msg = sprintf(
            _(
                "No configuration file found. Try running ".
                "the installation program first."
            )
        );
236 237 238 239 240
        $sac = new ServerErrorAction($msg);
        $sac->showPage();
        return;
    }

241 242 243 244
    // For database errors

    PEAR::setErrorHandling(PEAR_ERROR_CALLBACK, 'handleError');

245 246 247 248
    // Make sure RW database is setup

    setupRW();

249
    // XXX: we need a little more structure in this script
250

251
    // get and cache current user (may hit RW!)
252

253
    $user = common_current_user();
Evan Prodromou's avatar
Evan Prodromou committed
254

255
    // initialize language env
Evan Prodromou's avatar
Evan Prodromou committed
256

257
    common_init_language();
Evan Prodromou's avatar
Evan Prodromou committed
258

259 260
    $path = getPath($_REQUEST);

Evan Prodromou's avatar
Evan Prodromou committed
261
    $r = Router::get();
262

263
    $args = $r->map($path);
Evan Prodromou's avatar
Evan Prodromou committed
264

265 266 267 268 269
    if (!$args) {
        $cac = new ClientErrorAction(_('Unknown page'), 404);
        $cac->showPage();
        return;
    }
270

271
    $args = array_merge($args, $_REQUEST);
272 273

    Event::handle('ArgsInitialize', array(&$args));
274

275
    $action = $args['action'];
276

277 278 279
    if (!$action || !preg_match('/^[a-zA-Z0-9_-]*$/', $action)) {
        common_redirect(common_local_url('public'));
        return;
280
    }
281

282 283 284
    // If the site is private, and they're not on one of the "public"
    // parts of the site, redirect to login

Evan Prodromou's avatar
Evan Prodromou committed
285 286
    if (!$user && common_config('site', 'private')
        && !isLoginAction($action)
287
        && !preg_match('/rss$/', $action)
288 289 290
        && $action != 'robotstxt'
        && !preg_match('/^Api/', $action)) {

291 292 293 294 295 296 297 298 299 300 301 302 303 304
        // set returnto
        $rargs =& common_copy_args($args);
        unset($rargs['action']);
        if (common_config('site', 'fancy')) {
            unset($rargs['p']);
        }
        if (array_key_exists('submit', $rargs)) {
            unset($rargs['submit']);
        }
        foreach (array_keys($_COOKIE) as $cookie) {
            unset($rargs[$cookie]);
        }
        common_set_returnto(common_local_url($action, $rargs));

305 306 307 308 309 310 311 312
        common_redirect(common_local_url('login'));
        return;
    }

    $action_class = ucfirst($action).'Action';

    if (!class_exists($action_class)) {
        $cac = new ClientErrorAction(_('Unknown action'), 404);
313
        $cac->showPage();
314 315 316
    } else {
        $action_obj = new $action_class();

317
        checkMirror($action_obj, $args);
318 319 320 321 322 323 324 325 326 327 328 329 330 331 332

        try {
            if ($action_obj->prepare($args)) {
                $action_obj->handle($args);
            }
        } catch (ClientException $cex) {
            $cac = new ClientErrorAction($cex->getMessage(), $cex->getCode());
            $cac->showPage();
        } catch (ServerException $sex) { // snort snort guffaw
            $sac = new ServerErrorAction($sex->getMessage(), $sex->getCode());
            $sac->showPage();
        } catch (Exception $ex) {
            $sac = new ServerErrorAction($ex->getMessage());
            $sac->showPage();
        }
333
    }
334
}
335

336 337
main();

338 339 340 341
// XXX: cleanup exit() calls or add an exit handler so
// this always gets called

Event::handle('CleanupPlugin');