3 * pre.php - Automatically prepend to every page.
5 * Copyright 1999-2001, VA Linux Systems
6 * Copyright 2010, Roland Mas <lolando@debian.org>
7 * Copyright (C) 2012 Alain Peyrat - Alcatel-Lucent
9 * This file is part of FusionForge. FusionForge is free software;
10 * you can redistribute it and/or modify it under the terms of the
11 * GNU General Public License as published by the Free Software
12 * Foundation; either version 2 of the Licence, or (at your option)
15 * FusionForge is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License along
21 * with FusionForge; if not, write to the Free Software Foundation, Inc.,
22 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 require_once $gfcommon.'include/escapingUtils.php';
25 require_once $gfcommon.'include/utils.php';
27 // Declare and init variables to store messages
30 require_once $gfcommon.'include/escapingUtils.php';
31 require_once $gfcommon.'include/config.php';
33 if (isset($_SERVER) && array_key_exists('PHP_SELF', $_SERVER) && $_SERVER['PHP_SELF']) {
34 $_SERVER['PHP_SELF'] = htmlspecialchars($_SERVER['PHP_SELF']);
37 if (isset($GLOBALS) && array_key_exists('PHP_SELF', $GLOBALS) && $GLOBALS['PHP_SELF']) {
38 $GLOBALS['PHP_SELF'] = htmlspecialchars($GLOBALS['PHP_SELF']);
41 // Block link prefetching (Moz prefetching, Google Web Accelerator, others)
42 // http://www.google.com/webmasters/faq.html#prefetchblock
43 if (getStringFromServer('HTTP_X_moz') === 'prefetch'){
44 header(getStringFromServer('SERVER_PROTOCOL') . ' 404 Prefetch Forbidden');
45 trigger_error('Prefetch request forbidden.');
49 if (!isset($no_gz_buffer) || !$no_gz_buffer) {
50 ob_start("ob_gzhandler");
53 // Database access and other passwords when on the web
54 function setconfigfromenv ($sec, $var, $serv, $env) {
55 if (getenv ('SERVER_SOFTWARE')) {
56 if (function_exists ('apache_request_headers')) {
57 $headers = apache_request_headers() ;
62 if (isset ($headers[$serv])) {
63 forge_define_config_item ($var, $sec,
68 if (isset ($_ENV[$env])) {
69 forge_define_config_item ($var, $sec,
76 function setconfigfromoldsources ($sec, $var, $serv, $env, $glob) {
77 if (setconfigfromenv($sec, $var, $serv, $env)) {
80 if (isset ($GLOBALS[$glob])) {
81 forge_define_config_item ($var, $sec,
88 if (isset($gfcgfile) && file_exists ($gfcgfile)) {
89 require_once $gfcgfile ;
91 setconfigfromoldsources ('core', 'database_host',
92 'GForgeDbhost', 'sys_gfdbhost', 'sys_dbhost') ;
93 setconfigfromoldsources ('core', 'database_port',
94 'GForgeDbport', 'sys_gfdbport', 'sys_dbport') ;
95 setconfigfromoldsources ('core', 'database_name',
96 'GForgeDbname', 'sys_gfdbname', 'sys_dbname') ;
97 setconfigfromoldsources ('core', 'database_user',
98 'GForgeDbuser', 'sys_gfdbuser', 'sys_dbuser') ;
99 setconfigfromoldsources ('core', 'database_password',
100 'GForgeDbpasswd', 'sys_gfdbpasswd', 'sys_dbpasswd') ;
101 setconfigfromoldsources ('core', 'ldap_password',
102 'GForgeLdapPasswd', 'sys_gfldap_passwd', NULL) ;
103 setconfigfromoldsources ('core', 'jabber_password',
104 'GForgeJabberPasswd', 'sys_gfjabber_pass', NULL) ;
106 forge_define_config_item ('source_path', 'core', $fusionforge_basedir) ;
107 forge_define_config_item ('data_path', 'core', '/var/lib/gforge') ;
108 forge_define_config_item ('chroot', 'core', '$core/data_path/chroot') ;
109 forge_define_config_item ('config_path', 'core', '/etc/gforge') ;
111 require_once $gfcommon.'include/config-vars.php';
113 setconfigfromenv ('core', 'database_host',
114 'GForgeDbhost', 'sys_gfdbhost') ;
115 setconfigfromenv ('core', 'database_port',
116 'GForgeDbport', 'sys_gfdbport') ;
117 setconfigfromenv ('core', 'database_name',
118 'GForgeDbname', 'sys_gfdbname') ;
119 setconfigfromenv ('core', 'database_user',
120 'GForgeDbuser', 'sys_gfdbuser') ;
121 setconfigfromenv ('core', 'database_password',
122 'GForgeDbpasswd', 'sys_gfdbpasswd') ;
123 setconfigfromenv ('core', 'ldap_password',
124 'GForgeLdapPasswd', 'sys_gfldap_passwd') ;
125 setconfigfromenv ('core', 'jabber_password',
126 'GForgeJabberPasswd', 'sys_gfjabber_pass') ;
127 setconfigfromenv ('core', 'session_key',
128 'GForgeSessionKey', 'sys_session_key') ;
131 forge_read_config_file ($gfconfig.'/config.ini') ;
133 if (($ecf = forge_get_config ('extra_config_files')) != NULL) {
134 $ecfa = explode (',', $ecf) ;
135 foreach ($ecfa as $cf) {
137 forge_read_config_file ($cf) ;
140 if (($ecd = forge_get_config ('extra_config_dirs')) != NULL) {
141 $ecda = explode (',', $ecd) ;
142 foreach ($ecda as $cd) {
144 forge_read_config_dir ($cd) ;
148 forge_define_config_item ('installation_environment', 'core', 'production') ;
149 $installation_environment = forge_get_config ('installation_environment') ;
150 if ($installation_environment == 'development' || $installation_environment == 'integration')
151 $default_sysdebug_enable = 'true';
153 $default_sysdebug_enable = 'false';
154 forge_define_config_item ('sysdebug_enable', 'core', $default_sysdebug_enable) ;
155 forge_set_config_item_bool ('sysdebug_enable', 'core') ;
156 forge_define_config_item ('sysdebug_phphandler', 'core', 'true') ;
157 forge_set_config_item_bool ('sysdebug_phphandler', 'core') ;
158 forge_define_config_item ('sysdebug_backtraces', 'core', 'false') ;
159 forge_set_config_item_bool ('sysdebug_backtraces', 'core') ;
160 forge_define_config_item ('sysdebug_ignored', 'core', 'false') ;
161 forge_set_config_item_bool ('sysdebug_ignored', 'core') ;
162 forge_define_config_item ('sysdebug_dberrors', 'core', 'true') ;
163 forge_set_config_item_bool ('sysdebug_dberrors', 'core') ;
164 forge_define_config_item ('sysdebug_dbquery', 'core', 'false') ;
165 forge_set_config_item_bool ('sysdebug_dbquery', 'core') ;
166 forge_define_config_item ('sysdebug_xmlstarlet', 'core', 'false') ;
167 forge_set_config_item_bool ('sysdebug_xmlstarlet', 'core') ;
168 // Load extra func to add extras func like debug
169 $sysdebug_enable = forge_get_config('sysdebug_enable');
173 * we could use xhtml-rdfa-1.dtd but would need to
174 * mirror the entire XHTML/1.1 shebang then, too
177 'dtdfile' => 'xhtml1-strict.dtd',
178 'doctype' => '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">'
180 /* the original XHTML/1.0 Transitional */
181 'transitional-orig' => array(
182 'dtdfile' => 'xhtml1-transitional.dtd',
183 'doctype' => '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">'
185 /* XHTML/1.0 Transitional + RDFa 1.0 */
186 'transitional' => array(
187 'dtdfile' => 'xhtml10t-rdfa10.dtd',
188 'doctype' => '<!DOCTYPE html SYSTEM "http://evolvis.org/DTD/xhtml10t-rdfa10.dtd">'
192 $sysXMLNSs = 'xmlns="http://www.w3.org/1999/xhtml"';
193 if (!$sysdebug_enable || !forge_get_config('sysdebug_xmlstarlet')) {
195 'dc' => 'http://purl.org/dc/elements/1.1/',
196 'doap' => 'http://usefulinc.com/ns/doap#',
197 'foaf' => 'http://xmlns.com/foaf/0.1/',
198 'planetforge' => 'http://coclico-project.org/ontology/planetforge#',
199 'sioc' => 'http://rdfs.org/sioc/ns#',
200 ) as $key => $value) {
201 $sysXMLNSs .= ' xmlns:' . $key . '="' . $value . '"';
205 if ($sysdebug_enable && getenv('SERVER_SOFTWARE')) {
206 require $gfcommon.'include/extras-debug.php';
208 $sysdebug_dberrors = false;
209 $sysdebug_dbquery = false;
211 function sysdebug_off($hdr=false, $replace=true, $resp=false) {
212 if ($hdr !== false) {
213 if ($resp === false) {
214 header($hdr, $replace);
216 header($hdr, $replace, $resp);
222 function sysdebug_lazymode($enable) {
225 function sysdebug_ajaxbody($enable=true) {
230 // Get constants used for flags or status
231 require $gfcommon.'include/constants.php';
234 // Base error library for new objects
235 require_once $gfcommon.'include/Error.class.php';
237 // Database abstraction
238 // From here database is required
239 if (forge_get_config('database_name') != "") {
240 require_once $gfcommon.'include/database-pgsql.php';
242 // Authentication and access control
243 require_once $gfcommon.'include/session.php';
244 require_once $gfcommon.'include/RBACEngine.class.php';
248 require_once $gfcommon.'include/System.class.php';
249 forge_define_config_item('account_manager_type', 'core', 'UNIX') ;
250 require_once $gfcommon.'include/system/'.forge_get_config('account_manager_type').'.class.php';
251 $amt = forge_get_config('account_manager_type') ;
254 // User-related classes and functions
255 require_once $gfcommon.'include/User.class.php';
257 // Project-related classes and functions
258 require_once $gfcommon.'include/Group.class.php';
260 // Permission-related functions
261 require_once $gfcommon.'include/Permission.class.php';
264 require_once $gfcommon.'include/Plugin.class.php' ;
265 require_once $gfcommon.'include/PluginManager.class.php' ;
267 // SCM-specific plugins subsystem
268 require_once $gfcommon.'include/SCMPlugin.class.php' ;
270 // SysAuth-specific plugins subsystem
271 require_once $gfcommon.'include/SysAuthPlugin.class.php' ;
273 // Authentication-specific plugins subsystem
274 require_once $gfcommon.'include/AuthPlugin.class.php' ;
276 if (getenv ('FUSIONFORGE_NO_PLUGINS') != 'true') {
277 setup_plugin_manager () ;
281 if (forge_get_config('use_jabber')) {
282 require_once $gfcommon.'include/Jabber.class.php';
285 ini_set('date.timezone', forge_get_config ('default_timezone'));
287 if (isset($_SERVER['SERVER_SOFTWARE'])) { // We're on the web
288 // Detect upload larger that upload allowed size.
289 if ( $_SERVER['REQUEST_METHOD'] == 'POST' && empty($_POST) &&
290 empty($_FILES) && $_SERVER['CONTENT_LENGTH'] > 0 )
292 $error_msg = sprintf(_('Posted data is too large. %1$s exceeds the maximum size of %2$s'),
293 human_readable_bytes($_SERVER['CONTENT_LENGTH']), human_readable_bytes(util_get_maxuploadfilesize()));
296 // exit_error() and variants (for the web)
297 require_once $gfcommon.'include/exit.php';
299 // Library to determine browser settings
300 require_once $gfwww.'include/browser.php';
302 // HTML layout class, may be overriden by the Theme class
303 require_once $gfwww.'include/Layout.class.php';
305 // Various HTML libs like button bar, themable
306 require_once $gfwww.'include/html.php';
308 // Forms key generation
309 require_once $gfcommon.'include/forms.php';
311 // Determine if there's a web session running
314 plugin_hook('after_session_set');
317 if (!session_loggedin() && forge_get_config ('force_login') == 1 ) {
318 $expl_pathinfo = explode('/',getStringFromServer('REQUEST_URI'));
319 if (getStringFromServer('REQUEST_URI')!='/' && $expl_pathinfo[1]!='account' && $expl_pathinfo[1]!='export' && $expl_pathinfo[1]!='plugins') exit_not_logged_in();
320 // Show proj* export even if not logged in when force login
321 // If not default web project page would be broken
322 if ($expl_pathinfo[1]=='export' && !preg_match('/^proj/', $expl_pathinfo[2])) exit_not_logged_in();
323 // We must let auth plugins go further
324 if ($expl_pathinfo[1]=='plugins' && !preg_match('/^auth/', $expl_pathinfo[2])) exit_not_logged_in();
327 // Insert this page view into the database
328 require_once $gfcommon.'include/logger.php';
330 // If logged in, set up a $LUSER var referencing
331 // the logged in user's object
333 if (session_loggedin()) {
334 $LUSER =& session_get_user();
335 $use_tooltips = $LUSER->usesTooltips();
336 header('Cache-Control: private');
337 $x_theme = $LUSER->setUpTheme();
340 $x_theme = forge_get_config('default_theme');
342 require_once forge_get_config('themes_root').'/'.$x_theme.'/Theme.class.php';
343 $HTML = new Theme () ;
344 $HTML->_theme = $x_theme;
346 } else { // Script run from cron or a command line
347 require_once $gfcommon.'include/squal_exit.php';
351 require_once $gfcommon.'include/gettext.php';
352 require_once $gfcommon.'include/group_section_texts.php';
354 setup_tz_from_context();
355 setup_gettext_from_context();
359 $feedback = htmlspecialchars(getStringFromRequest('feedback', $feedback));
360 $error_msg = htmlspecialchars(getStringFromRequest('error_msg', $error_msg));
361 $warning_msg = htmlspecialchars(getStringFromRequest('warning_msg', $warning_msg));
368 $LUSER - Logged in user object
375 // c-file-style: "bsd"