2008-05-08 01:48:07 +09:00
|
|
|
<?php
|
2008-12-21 09:23:32 +09:00
|
|
|
/**
|
2009-08-26 07:14:12 +09:00
|
|
|
* StatusNet - the distributed open-source microblogging tool
|
2009-08-26 07:12:20 +09:00
|
|
|
* Copyright (C) 2008, 2009, StatusNet, Inc.
|
2008-05-21 04:14:12 +09:00
|
|
|
*
|
2008-05-15 04:26:48 +09:00
|
|
|
* This program is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU Affero General Public License as published by
|
|
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
|
|
* (at your option) any later version.
|
2008-05-21 04:14:12 +09:00
|
|
|
*
|
2008-05-15 04:26:48 +09:00
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU Affero General Public License for more details.
|
2008-05-21 04:14:12 +09:00
|
|
|
*
|
2008-05-15 04:26:48 +09:00
|
|
|
* You should have received a copy of the GNU Affero General Public License
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
2009-09-16 11:30:52 +09:00
|
|
|
*
|
2009-09-13 17:15:21 +09:00
|
|
|
* @category StatusNet
|
|
|
|
* @package StatusNet
|
2009-09-19 09:28:08 +09:00
|
|
|
* @author Brenda Wallace <shiny@cpan.org>
|
2010-06-08 13:27:10 +09:00
|
|
|
* @author Brion Vibber <brion@pobox.com>
|
2009-09-19 09:28:08 +09:00
|
|
|
* @author Christopher Vollick <psycotica0@gmail.com>
|
2009-09-17 17:15:15 +09:00
|
|
|
* @author CiaranG <ciaran@ciarang.com>
|
2009-09-19 09:28:08 +09:00
|
|
|
* @author Craig Andrews <candrews@integralblue.com>
|
2009-09-17 17:15:15 +09:00
|
|
|
* @author Evan Prodromou <evan@controlezvous.ca>
|
2009-09-19 09:28:08 +09:00
|
|
|
* @author Gina Haeussge <osd@foosel.net>
|
2010-06-08 13:27:10 +09:00
|
|
|
* @author James Walker <walkah@walkah.net>
|
2009-09-17 17:15:15 +09:00
|
|
|
* @author Jeffery To <jeffery.to@gmail.com>
|
|
|
|
* @author Mike Cochrane <mikec@mikenz.geek.nz>
|
|
|
|
* @author Robin Millette <millette@controlyourself.ca>
|
2009-09-19 09:28:08 +09:00
|
|
|
* @author Sarven Capadisli <csarven@controlyourself.ca>
|
2009-09-17 17:15:15 +09:00
|
|
|
* @author Tom Adams <tom@holizz.com>
|
2010-06-08 13:27:10 +09:00
|
|
|
* @author Zach Copley <zach@status.net>
|
2010-05-28 07:26:47 +09:00
|
|
|
* @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
|
2010-01-12 11:31:49 +09:00
|
|
|
*
|
2009-09-19 09:28:08 +09:00
|
|
|
* @license GNU Affero General Public License http://www.gnu.org/licenses/
|
2008-05-15 04:26:48 +09:00
|
|
|
*/
|
2008-05-08 01:48:07 +09:00
|
|
|
|
2011-02-01 03:59:38 +09:00
|
|
|
$_startTime = microtime(true);
|
2011-02-01 06:12:56 +09:00
|
|
|
$_perfCounters = array();
|
2011-02-01 03:59:38 +09:00
|
|
|
|
2016-01-29 04:31:46 +09:00
|
|
|
// We provide all our dependencies through our own autoload.
|
|
|
|
// This will probably be configurable for distributing with
|
|
|
|
// system packages (like with Debian apt etc. where included
|
|
|
|
// libraries are maintained through repositories)
|
|
|
|
set_include_path('.'); // mainly fixes an issue where /usr/share/{pear,php*}/DB/DataObject.php is _old_ on various systems...
|
|
|
|
|
2008-05-08 01:48:07 +09:00
|
|
|
define('INSTALLDIR', dirname(__FILE__));
|
2013-09-18 07:35:49 +09:00
|
|
|
define('GNUSOCIAL', true);
|
|
|
|
define('STATUSNET', true); // compatibility
|
2008-05-08 01:48:07 +09:00
|
|
|
|
2009-02-11 12:32:38 +09:00
|
|
|
$user = null;
|
|
|
|
$action = null;
|
|
|
|
|
2009-02-12 04:45:06 +09:00
|
|
|
function getPath($req)
|
|
|
|
{
|
2011-10-03 22:15:53 +09:00
|
|
|
$p = null;
|
|
|
|
|
2009-02-21 06:44:56 +09:00
|
|
|
if ((common_config('site', 'fancy') || !array_key_exists('PATH_INFO', $_SERVER))
|
2009-09-13 17:31:19 +09:00
|
|
|
&& array_key_exists('p', $req)
|
2009-09-13 17:32:58 +09:00
|
|
|
) {
|
2011-10-03 22:15:53 +09:00
|
|
|
$p = $req['p'];
|
2009-02-21 06:44:56 +09:00
|
|
|
} else if (array_key_exists('PATH_INFO', $_SERVER)) {
|
2009-09-20 04:06:16 +09:00
|
|
|
$path = $_SERVER['PATH_INFO'];
|
|
|
|
$script = $_SERVER['SCRIPT_NAME'];
|
|
|
|
if (substr($path, 0, mb_strlen($script)) == $script) {
|
2011-10-03 22:26:42 +09:00
|
|
|
$p = substr($path, mb_strlen($script) + 1);
|
2009-09-20 04:06:16 +09:00
|
|
|
} else {
|
2011-10-03 22:15:53 +09:00
|
|
|
$p = $path;
|
2009-09-20 04:06:16 +09:00
|
|
|
}
|
2009-02-11 12:32:38 +09:00
|
|
|
} else {
|
2011-10-03 22:15:53 +09:00
|
|
|
$p = null;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Trim all initial '/'
|
|
|
|
|
2011-10-03 22:26:42 +09:00
|
|
|
$p = ltrim($p, '/');
|
2011-10-03 22:15:53 +09:00
|
|
|
|
|
|
|
return $p;
|
2009-02-11 12:32:38 +09:00
|
|
|
}
|
2009-02-10 01:46:26 +09:00
|
|
|
|
2009-10-03 13:40:53 +09:00
|
|
|
/**
|
|
|
|
* logs and then displays error messages
|
2009-10-03 13:48:38 +09:00
|
|
|
*
|
|
|
|
* @return void
|
2009-10-03 13:40:53 +09:00
|
|
|
*/
|
2009-02-12 04:45:06 +09:00
|
|
|
function handleError($error)
|
|
|
|
{
|
2010-03-02 11:40:42 +09:00
|
|
|
try {
|
2009-02-12 04:45:06 +09:00
|
|
|
|
2010-03-02 11:40:42 +09:00
|
|
|
if ($error->getCode() == DB_DATAOBJECT_ERROR_NODATA) {
|
|
|
|
return;
|
2010-03-02 11:40:42 +09:00
|
|
|
}
|
2010-03-17 08:23:19 +09:00
|
|
|
|
2016-02-26 22:53:12 +09:00
|
|
|
$logmsg = "Exception thrown: " . _ve($error->getMessage());
|
2010-03-02 11:40:42 +09:00
|
|
|
if ($error instanceof PEAR_Exception && common_config('site', 'logdebug')) {
|
2016-02-26 22:53:12 +09:00
|
|
|
$logmsg .= " PEAR: ". $error->toText();
|
2010-03-02 11:40:42 +09:00
|
|
|
}
|
|
|
|
// DB queries often end up with a lot of newlines; merge to a single line
|
|
|
|
// for easier grepability...
|
|
|
|
$logmsg = str_replace("\n", " ", $logmsg);
|
|
|
|
common_log(LOG_ERR, $logmsg);
|
|
|
|
|
|
|
|
// @fixme backtrace output should be consistent with exception handling
|
|
|
|
if (common_config('site', 'logdebug')) {
|
|
|
|
$bt = $error->getTrace();
|
|
|
|
foreach ($bt as $n => $line) {
|
|
|
|
common_log(LOG_ERR, formatBacktraceLine($n, $line));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if ($error instanceof DB_DataObject_Error
|
|
|
|
|| $error instanceof DB_Error
|
|
|
|
|| ($error instanceof PEAR_Exception && $error->getCode() == -24)
|
|
|
|
) {
|
2010-03-02 11:53:10 +09:00
|
|
|
//If we run into a DB error, assume we can't connect to the DB at all
|
|
|
|
//so set the current user to null, so we don't try to access the DB
|
|
|
|
//while rendering the error page.
|
|
|
|
global $_cur;
|
|
|
|
$_cur = null;
|
|
|
|
|
2010-03-02 11:40:42 +09:00
|
|
|
$msg = sprintf(
|
2011-04-04 07:41:21 +09:00
|
|
|
// TRANS: Database error message.
|
2011-04-04 08:01:42 +09:00
|
|
|
_('The database for %1$s is not responding correctly, '.
|
|
|
|
'so the site will not work properly. '.
|
|
|
|
'The site admins probably know about the problem, '.
|
|
|
|
'but you can contact them at %2$s to make sure. '.
|
|
|
|
'Otherwise, wait a few minutes and try again.'
|
2010-03-02 11:40:42 +09:00
|
|
|
),
|
|
|
|
common_config('site', 'name'),
|
|
|
|
common_config('site', 'email')
|
|
|
|
);
|
2011-07-27 07:56:04 +09:00
|
|
|
|
2016-01-14 10:47:28 +09:00
|
|
|
$erraction = new DBErrorAction($msg, 500);
|
|
|
|
} elseif ($error instanceof ClientException) {
|
|
|
|
$erraction = new ClientErrorAction($error->getMessage(), $error->getCode());
|
|
|
|
} elseif ($error instanceof ServerException) {
|
|
|
|
$erraction = new ServerErrorAction($error->getMessage(), $error->getCode(), $error);
|
2010-03-02 11:40:42 +09:00
|
|
|
} else {
|
2016-01-14 10:47:28 +09:00
|
|
|
// If it wasn't specified more closely which kind of exception it was
|
|
|
|
$erraction = new ServerErrorAction($error->getMessage(), 500, $error);
|
2010-03-02 11:40:42 +09:00
|
|
|
}
|
2016-01-14 10:47:28 +09:00
|
|
|
$erraction->showPage();
|
2010-03-02 11:40:42 +09:00
|
|
|
|
|
|
|
} catch (Exception $e) {
|
2011-04-04 07:41:21 +09:00
|
|
|
// TRANS: Error message.
|
2010-03-02 11:40:42 +09:00
|
|
|
echo _('An error occurred.');
|
2016-01-14 10:47:28 +09:00
|
|
|
exit(-1);
|
2010-03-02 11:40:42 +09:00
|
|
|
}
|
2009-02-12 04:45:06 +09:00
|
|
|
exit(-1);
|
|
|
|
}
|
2008-08-06 12:45:15 +09:00
|
|
|
|
2010-03-02 11:40:42 +09:00
|
|
|
set_exception_handler('handleError');
|
|
|
|
|
2014-07-10 20:10:48 +09:00
|
|
|
// quick check for fancy URL auto-detection support in installer.
|
|
|
|
if (preg_replace("/\?.+$/", "", $_SERVER['REQUEST_URI']) === preg_replace("/^\/$/", "", (dirname($_SERVER['REQUEST_URI']))) . '/check-fancy') {
|
|
|
|
die("Fancy URL support detection succeeded. We suggest you enable this to get fancy (pretty) URLs.");
|
|
|
|
}
|
|
|
|
|
2010-03-02 11:40:42 +09:00
|
|
|
require_once INSTALLDIR . '/lib/common.php';
|
|
|
|
|
2009-11-18 02:07:44 +09:00
|
|
|
/**
|
|
|
|
* Format a backtrace line for debug output roughly like debug_print_backtrace() does.
|
|
|
|
* Exceptions already have this built in, but PEAR error objects just give us the array.
|
|
|
|
*
|
|
|
|
* @param int $n line number
|
|
|
|
* @param array $line per-frame array item from debug_backtrace()
|
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
function formatBacktraceLine($n, $line)
|
|
|
|
{
|
|
|
|
$out = "#$n ";
|
|
|
|
if (isset($line['class'])) $out .= $line['class'];
|
|
|
|
if (isset($line['type'])) $out .= $line['type'];
|
|
|
|
if (isset($line['function'])) $out .= $line['function'];
|
|
|
|
$out .= '(';
|
|
|
|
if (isset($line['args'])) {
|
|
|
|
$args = array();
|
|
|
|
foreach ($line['args'] as $arg) {
|
|
|
|
// debug_print_backtrace seems to use var_export
|
|
|
|
// but this gets *very* verbose!
|
|
|
|
$args[] = gettype($arg);
|
|
|
|
}
|
|
|
|
$out .= implode(',', $args);
|
|
|
|
}
|
|
|
|
$out .= ')';
|
|
|
|
$out .= ' called at [';
|
|
|
|
if (isset($line['file'])) $out .= $line['file'];
|
|
|
|
if (isset($line['line'])) $out .= ':' . $line['line'];
|
|
|
|
$out .= ']';
|
|
|
|
return $out;
|
|
|
|
}
|
|
|
|
|
2010-01-29 06:52:05 +09:00
|
|
|
function setupRW()
|
2009-06-27 22:20:24 +09:00
|
|
|
{
|
|
|
|
global $config;
|
|
|
|
|
2010-01-14 09:26:46 +09:00
|
|
|
static $alwaysRW = array('session', 'remember_me');
|
2009-06-27 22:20:24 +09:00
|
|
|
|
2011-05-07 09:18:38 +09:00
|
|
|
$rwdb = $config['db']['database'];
|
2010-01-29 04:27:35 +09:00
|
|
|
|
2011-05-07 09:18:38 +09:00
|
|
|
if (Event::handle('StartReadWriteTables', array(&$alwaysRW, &$rwdb))) {
|
2010-01-29 04:27:35 +09:00
|
|
|
|
2011-05-07 09:18:38 +09:00
|
|
|
// We ensure that these tables always are used
|
|
|
|
// on the master DB
|
|
|
|
|
|
|
|
$config['db']['database_rw'] = $rwdb;
|
|
|
|
$config['db']['ini_rw'] = INSTALLDIR.'/classes/statusnet.ini';
|
|
|
|
|
|
|
|
foreach ($alwaysRW as $table) {
|
|
|
|
$config['db']['table_'.$table] = 'rw';
|
|
|
|
}
|
|
|
|
|
|
|
|
Event::handle('EndReadWriteTables', array($alwaysRW, $rwdb));
|
2010-01-29 04:27:35 +09:00
|
|
|
}
|
2011-05-07 09:18:38 +09:00
|
|
|
|
|
|
|
return;
|
2010-01-29 06:52:05 +09:00
|
|
|
}
|
2010-01-29 04:27:35 +09:00
|
|
|
|
2009-08-05 00:13:47 +09:00
|
|
|
function isLoginAction($action)
|
|
|
|
{
|
2013-10-01 00:13:03 +09:00
|
|
|
static $loginActions = array('login', 'recoverpassword', 'api', 'doc', 'register', 'publicxrds', 'otp', 'opensearch', 'rsd');
|
2009-08-05 00:13:47 +09:00
|
|
|
|
|
|
|
$login = null;
|
|
|
|
|
|
|
|
if (Event::handle('LoginAction', array($action, &$login))) {
|
|
|
|
$login = in_array($action, $loginActions);
|
|
|
|
}
|
|
|
|
|
|
|
|
return $login;
|
|
|
|
}
|
|
|
|
|
2009-02-12 04:45:06 +09:00
|
|
|
function main()
|
|
|
|
{
|
2009-06-27 23:43:58 +09:00
|
|
|
global $user, $action;
|
2008-08-06 12:45:15 +09:00
|
|
|
|
2009-03-04 23:24:33 +09:00
|
|
|
if (!_have_config()) {
|
2009-09-13 17:31:19 +09:00
|
|
|
$msg = sprintf(
|
2011-04-04 07:41:21 +09:00
|
|
|
// TRANS: Error message displayed when there is no StatusNet configuration file.
|
2011-04-04 08:01:42 +09:00
|
|
|
_("No configuration file found. Try running ".
|
|
|
|
"the installation program first."
|
2009-09-13 17:31:19 +09:00
|
|
|
)
|
|
|
|
);
|
2009-03-04 23:24:33 +09:00
|
|
|
$sac = new ServerErrorAction($msg);
|
|
|
|
$sac->showPage();
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2010-01-29 06:52:05 +09:00
|
|
|
// Make sure RW database is setup
|
|
|
|
|
|
|
|
setupRW();
|
|
|
|
|
2009-02-11 12:32:38 +09:00
|
|
|
// XXX: we need a little more structure in this script
|
2008-08-06 12:45:15 +09:00
|
|
|
|
2010-01-29 06:52:05 +09:00
|
|
|
// get and cache current user (may hit RW!)
|
2008-08-06 12:45:15 +09:00
|
|
|
|
2009-02-11 12:32:38 +09:00
|
|
|
$user = common_current_user();
|
2008-05-19 23:12:19 +09:00
|
|
|
|
2009-02-11 12:32:38 +09:00
|
|
|
// initialize language env
|
2008-05-19 23:12:19 +09:00
|
|
|
|
2009-02-11 12:32:38 +09:00
|
|
|
common_init_language();
|
2008-12-04 03:34:32 +09:00
|
|
|
|
2009-02-11 12:32:38 +09:00
|
|
|
$path = getPath($_REQUEST);
|
|
|
|
|
2009-02-11 14:45:11 +09:00
|
|
|
$r = Router::get();
|
2008-12-04 03:24:21 +09:00
|
|
|
|
2009-02-11 12:32:38 +09:00
|
|
|
$args = $r->map($path);
|
2008-05-08 01:48:07 +09:00
|
|
|
|
2010-10-21 09:22:34 +09:00
|
|
|
// If the request is HTTP and it should be HTTPS...
|
2016-02-10 09:05:02 +09:00
|
|
|
if (GNUsocial::useHTTPS() && !GNUsocial::isHTTPS()) {
|
2010-10-21 09:22:34 +09:00
|
|
|
common_redirect(common_local_url($args['action'], $args));
|
|
|
|
}
|
|
|
|
|
2009-02-11 12:32:38 +09:00
|
|
|
$args = array_merge($args, $_REQUEST);
|
2009-05-16 04:07:23 +09:00
|
|
|
|
|
|
|
Event::handle('ArgsInitialize', array(&$args));
|
2009-02-10 01:46:26 +09:00
|
|
|
|
2013-08-30 06:30:04 +09:00
|
|
|
$action = basename($args['action']);
|
2008-12-21 09:23:32 +09:00
|
|
|
|
2009-02-11 12:32:38 +09:00
|
|
|
if (!$action || !preg_match('/^[a-zA-Z0-9_-]*$/', $action)) {
|
|
|
|
common_redirect(common_local_url('public'));
|
2008-12-21 09:23:32 +09:00
|
|
|
}
|
2009-02-09 21:15:52 +09:00
|
|
|
|
2009-02-11 12:32:38 +09:00
|
|
|
// If the site is private, and they're not on one of the "public"
|
|
|
|
// parts of the site, redirect to login
|
|
|
|
|
2009-09-16 11:30:52 +09:00
|
|
|
if (!$user && common_config('site', 'private')
|
|
|
|
&& !isLoginAction($action)
|
2009-09-13 17:31:19 +09:00
|
|
|
&& !preg_match('/rss$/', $action)
|
2010-02-01 00:12:26 +09:00
|
|
|
&& $action != 'robotstxt'
|
|
|
|
&& !preg_match('/^Api/', $action)) {
|
|
|
|
|
2009-12-17 15:38:14 +09:00
|
|
|
// set returnto
|
|
|
|
$rargs =& common_copy_args($args);
|
|
|
|
unset($rargs['action']);
|
|
|
|
if (common_config('site', 'fancy')) {
|
|
|
|
unset($rargs['p']);
|
|
|
|
}
|
|
|
|
if (array_key_exists('submit', $rargs)) {
|
|
|
|
unset($rargs['submit']);
|
|
|
|
}
|
|
|
|
foreach (array_keys($_COOKIE) as $cookie) {
|
|
|
|
unset($rargs[$cookie]);
|
|
|
|
}
|
|
|
|
common_set_returnto(common_local_url($action, $rargs));
|
|
|
|
|
2009-02-11 12:32:38 +09:00
|
|
|
common_redirect(common_local_url('login'));
|
|
|
|
}
|
|
|
|
|
|
|
|
$action_class = ucfirst($action).'Action';
|
|
|
|
|
|
|
|
if (!class_exists($action_class)) {
|
2011-04-04 07:41:21 +09:00
|
|
|
// TRANS: Error message displayed when trying to perform an undefined action.
|
2016-01-14 10:47:28 +09:00
|
|
|
throw new ClientException(_('Unknown action'), 404);
|
2008-12-21 09:23:32 +09:00
|
|
|
}
|
2016-01-14 10:47:28 +09:00
|
|
|
|
|
|
|
call_user_func("$action_class::run", $args);
|
2009-02-09 21:15:52 +09:00
|
|
|
}
|
2009-02-09 22:44:30 +09:00
|
|
|
|
2009-02-11 12:32:38 +09:00
|
|
|
main();
|
|
|
|
|
2009-02-09 22:44:30 +09:00
|
|
|
// XXX: cleanup exit() calls or add an exit handler so
|
|
|
|
// this always gets called
|
|
|
|
|
|
|
|
Event::handle('CleanupPlugin');
|