| [ Index ] |
PHP Cross Reference of Unnamed Project |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * 4 * @package phpBB3 5 * @copyright (c) 2011 phpBB Group 6 * @license http://opensource.org/licenses/gpl-license.php GNU Public License 7 * 8 */ 9 10 /** 11 */ 12 if (!defined('IN_PHPBB')) 13 { 14 exit; 15 } 16 17 // Report all errors, except notices and deprecation messages 18 if (!defined('E_DEPRECATED')) 19 { 20 define('E_DEPRECATED', 8192); 21 } 22 $level = E_ALL & ~E_NOTICE & ~E_DEPRECATED; 23 if (version_compare(PHP_VERSION, '5.4.0-dev', '>=')) 24 { 25 // PHP 5.4 adds E_STRICT to E_ALL. 26 // Our utf8 normalizer triggers E_STRICT output on PHP 5.4. 27 // Unfortunately it cannot be made E_STRICT-clean while 28 // continuing to work on PHP 4. 29 // Therefore, in phpBB 3.0.x we disable E_STRICT on PHP 5.4+, 30 // while phpBB 3.1 will fix utf8 normalizer. 31 // E_STRICT is defined starting with PHP 5 32 if (!defined('E_STRICT')) 33 { 34 define('E_STRICT', 2048); 35 } 36 $level &= ~E_STRICT; 37 } 38 error_reporting($level); 39 40 /* 41 * Remove variables created by register_globals from the global scope 42 * Thanks to Matt Kavanagh 43 */ 44 function deregister_globals() 45 { 46 $not_unset = array( 47 'GLOBALS' => true, 48 '_GET' => true, 49 '_POST' => true, 50 '_COOKIE' => true, 51 '_REQUEST' => true, 52 '_SERVER' => true, 53 '_SESSION' => true, 54 '_ENV' => true, 55 '_FILES' => true, 56 'phpEx' => true, 57 'phpbb_root_path' => true 58 ); 59 60 // Not only will array_merge and array_keys give a warning if 61 // a parameter is not an array, array_merge will actually fail. 62 // So we check if _SESSION has been initialised. 63 if (!isset($_SESSION) || !is_array($_SESSION)) 64 { 65 $_SESSION = array(); 66 } 67 68 // Merge all into one extremely huge array; unset this later 69 $input = array_merge( 70 array_keys($_GET), 71 array_keys($_POST), 72 array_keys($_COOKIE), 73 array_keys($_SERVER), 74 array_keys($_SESSION), 75 array_keys($_ENV), 76 array_keys($_FILES) 77 ); 78 79 foreach ($input as $varname) 80 { 81 if (isset($not_unset[$varname])) 82 { 83 // Hacking attempt. No point in continuing unless it's a COOKIE (so a cookie called GLOBALS doesn't lock users out completely) 84 if ($varname !== 'GLOBALS' || isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_SERVER['GLOBALS']) || isset($_SESSION['GLOBALS']) || isset($_ENV['GLOBALS']) || isset($_FILES['GLOBALS'])) 85 { 86 exit; 87 } 88 else 89 { 90 $cookie = &$_COOKIE; 91 while (isset($cookie['GLOBALS'])) 92 { 93 if (!is_array($cookie['GLOBALS'])) 94 { 95 break; 96 } 97 98 foreach ($cookie['GLOBALS'] as $registered_var => $value) 99 { 100 if (!isset($not_unset[$registered_var])) 101 { 102 unset($GLOBALS[$registered_var]); 103 } 104 } 105 $cookie = &$cookie['GLOBALS']; 106 } 107 } 108 } 109 110 unset($GLOBALS[$varname]); 111 } 112 113 unset($input); 114 } 115 116 // Register globals and magic quotes have been dropped in PHP 5.4 117 if (version_compare(PHP_VERSION, '5.4.0-dev', '>=')) 118 { 119 /** 120 * @ignore 121 */ 122 define('STRIP', false); 123 } 124 else 125 { 126 @set_magic_quotes_runtime(0); 127 128 // Be paranoid with passed vars 129 if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on' || !function_exists('ini_get')) 130 { 131 deregister_globals(); 132 } 133 134 define('STRIP', (get_magic_quotes_gpc()) ? true : false); 135 } 136 137 // Prevent date/time functions from throwing E_WARNING on PHP 5.3 by setting a default timezone 138 if (function_exists('date_default_timezone_set') && function_exists('date_default_timezone_get')) 139 { 140 // For PHP 5.1.0 the date/time functions have been rewritten 141 // and setting a timezone is required prior to calling any date/time function. 142 143 // Since PHP 5.2.0 calls to date/time functions without having a timezone set 144 // result in E_STRICT errors being thrown. 145 // Note: We already exclude E_STRICT errors 146 // (to be exact: they are not included in E_ALL in PHP 5.2) 147 148 // In PHP 5.3.0 the error level has been raised to E_WARNING which causes problems 149 // because we show E_WARNING errors and do not set a default timezone. 150 // This is because we have our own timezone handling and work in UTC only anyway. 151 152 // So what we basically want to do is set our timezone to UTC, 153 // but we don't know what other scripts (such as bridges) are involved, 154 // so we check whether a timezone is already set by calling date_default_timezone_get(). 155 156 // Unfortunately, date_default_timezone_get() itself might throw E_WARNING 157 // if no timezone has been set, so we have to keep it quiet with @. 158 159 // date_default_timezone_get() tries to guess the correct timezone first 160 // and then falls back to UTC when everything fails. 161 // We just set the timezone to whatever date_default_timezone_get() returns. 162 date_default_timezone_set(@date_default_timezone_get()); 163 } 164 165 $starttime = explode(' ', microtime()); 166 $starttime = $starttime[1] + $starttime[0];
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Oct 2 15:03:47 2013 | Cross-referenced by PHPXref 0.7.1 |