[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-cvs] api/starter.inc.php, 1.1.1.1.2.33
From: |
nomail |
Subject: |
[Phpgroupware-cvs] api/starter.inc.php, 1.1.1.1.2.33 |
Date: |
Thu, 20 May 2004 15:03:35 -0000 |
Update of /api
Modified Files:
Branch: proposal-branch
starter.inc.php
date: 2004/04/16 20:59:49; author: seek3r; state: Exp; lines: +145 -111
Log Message:
bringing savannah cvs back up to date with what we were doing on our private
cvs server. We will not be doing dev from this cvs tree
=====================================================================
No syntax errors detected in -
=====================================================================
Index: api/starter.inc.php
diff -u api/starter.inc.php:1.1.1.1.2.32 api/starter.inc.php:1.1.1.1.2.33
--- api/starter.inc.php:1.1.1.1.2.32 Sun Feb 29 00:19:37 2004
+++ api/starter.inc.php Fri Apr 16 20:59:49 2004
@@ -43,8 +43,6 @@
exit;
}
- magic_quotes_runtime(false);
-
/****************************************************************************\
* Make sure we have a valid client type
*
\****************************************************************************/
@@ -56,19 +54,51 @@
/****************************************************************************\
* Load up the initial base environment
*
\****************************************************************************/
- /* Auto detect install paths */
- define('PHPGW_ROOT',getcwd());
- define('PHPGW_API',PHPGW_ROOT.'/api');
+ /* Auto detect install paths */
+ if(!defined('PHPGW_ROOT'))
+ {
+ define('PHPGW_ROOT',getcwd());
+ }
+ define('SEP',strpos(PHPGW_ROOT,'\\') === FALSE ? '/' : '\\');
+ define('PHPGW_API',PHPGW_ROOT.SEP.'api');
/* Load core support functions */
- include_once(PHPGW_API.'/core_functions.inc.php');
- include_once('class.xmltool.php');
+ if(!file_exists(PHPGW_API.SEP.'core_functions.inc.php'))
+ {
+ echo 'Something went wrong.<br>';
+ echo 'Please contact your System Administrator';
+ exit;
+ }
+ include_once(PHPGW_API.SEP.'core_functions.inc.php');
+ // load workarounds for old php versions
+ include_once(PHPGW_API.SEP.'workaround.inc.php');
+ include_once(PHPGW_API.SEP.'class.xmltool.php');
+
+ /* Clean up magic quotes */
+ fix_magic_quotes();
+
+
/****************************************************************************\
+ * If request is for XSLT then we want to fasttrack the request
*
+ * for performance reasons.
*
+
\****************************************************************************/
+ if ($_GET['showinfo'] == '1')
+ {
+ phpinfo();
+ exit;
+ }
+
+ if ($_GET['op'] == 'api.xslt.get')
+ {
+ execMethod('api.xslt.get', $_GET);
+ exit;
+ }
+
/****************************************************************************\
* START - Read and check config file
*
\****************************************************************************/
/* Read config data if the file exists*/
- $GLOBALS['missing_critical'] = False;
+ $GLOBALS['force_setup'] = false;
if(file_exists(PHPGW_ROOT.SEP.'config.inc.php'))
{
include_once(PHPGW_ROOT.SEP.'config.inc.php');
@@ -76,82 +106,74 @@
unset($phpgw_config);
/* Make sure we have a sane config file. */
- if(!isset($GLOBALS['phpgw_data']['server']['db_name']) ||
- !isset($GLOBALS['phpgw_data']['server']['db_user']) ||
- !isset($GLOBALS['phpgw_data']['server']['db_type']))
+ if(isset($GLOBALS['phpgw_data']['server']['db_name']) &&
+ isset($GLOBALS['phpgw_data']['server']['db_user']) &&
+ isset($GLOBALS['phpgw_data']['server']['db_type']))
{
- $GLOBALS['missing_critical'] = True;
+
if(!isset($GLOBALS['phpgw_data']['server']['default_anon_op']))
+ {
+
$GLOBALS['phpgw_data']['server']['default_anon_op'] = 'api.base.start';
+ }
}
- /* Check optional configs and set them if needed */
- if(!isset($GLOBALS['phpgw_data']['server']['default_anon_op']))
+ else
{
- $GLOBALS['phpgw_data']['server']['default_anon_op'] =
'api.base.start';
+ $GLOBALS['force_setup'] = true;
}
+ /* Check optional configs and set them if needed */
}
else
{
- $GLOBALS['missing_critical'] = True;
+ $GLOBALS['force_setup'] = true;
}
/****************************************************************************\
* END - Read and check config file
*
\****************************************************************************/
-
/****************************************************************************\
- * If request is for XSLT then we want to fasttrack the request
*
- * for performance reasons.
*
-
\****************************************************************************/
-
- if ($HTTP_GET_VARS['op'] == 'api.xslt.get')
- {
- $result = execmethod('api.xslt.get', $HTTP_GET_VARS);
- exit;
- }
+ /* Initiate error handler */
+ include_once(PHPGW_API.SEP.'errorhandler.inc.php');
/****************************************************************************\
* These lines load up the initial API and xml objects
*
\****************************************************************************/
/* Load main classes */
- $GLOBALS['phpgw'] = createobject('api_phpgw');
- $GLOBALS['msgbox'] = createobject('api_msgbox');
- $GLOBALS['phpgw']->db = createobject('api_db');
- $GLOBALS['phpgw']->debug = True;
+ $GLOBALS['phpgw'] = createObject('api_phpgw');
+ $GLOBALS['msgbox'] = createObject('api_msgbox');
+ if(!$GLOBALS['force_setup'])
+ {
+ require_once(PHPGW_API . SEP . 'db' . SEP . 'adodb.inc.php');
+ $db_details = $GLOBALS['phpgw_data']['server'];
+ $GLOBALS['phpgw']->db =
ADONewConnection($db_details['db_type']);
+
$GLOBALS['phpgw']->db->Connect($db_details['db_host'],$db_details['db_user'],$db_details['db_pass'],$db_details['db_name']);
+ }
+ $GLOBALS['phpgw']->debug = true;
/* Start output xmltool object */
- $GLOBALS['phpgw']->base_xml = createobject('api_xmltool');
- $GLOBALS['phpgw_xmldoc'] =
createobject('api_xmltool',array('node_type'=>'node','name'=>'PHPGW'));
- $GLOBALS['phpgw_xml_apinode'] =
createobject('api_xmltool',array('node_type'=>'node','name'=>'API'));
+ $GLOBALS['phpgw']->base_xml = createObject('api_xmltool');
+ $GLOBALS['phpgw_xmldoc'] =
createObject('api_xmltool',array('node_type'=>'node','name'=>'PHPGW'));
+ $GLOBALS['phpgw_xml_apinode'] =
createObject('api_xmltool',array('node_type'=>'node','name'=>'API'));
/****************************************************************************\
- * Register op, which is done by the interface constructor
*
+ * Register op, which is done by the interface constructor
*
\****************************************************************************/
- $GLOBALS['phpgw']->interface = createobject('api_interface');
+ $GLOBALS['phpgw']->interface = createObject('api_interface');
- $new_session = $GLOBALS['phpgw']->session =
createobject('api_sessions');
+ $new_session = $GLOBALS['phpgw']->session =
createObject('api_sessions');
/********************************************************************************\
* If some critical stuff is mising, such as the db and core tables,
then we *
* just force the user to the setup app and stage that we detect has the
problem *
\********************************************************************************/
- if($GLOBALS['missing_critical'])
- {
- $GLOBALS['phpgw_data']['api']['op'] = 'api.setup.start';
- $HTTP_GET_VARS['stage'] = 1;
- }
-
- $dbresult = $GLOBALS['phpgw']->db->execute('select * from
phpgw_acl',__LINE__,__FILE__);
- if (!$GLOBALS['missing_critical'] && ! $dbresult)
- {
- $GLOBALS['missing_critical'] = True;
- $GLOBALS['phpgw_data']['api']['op'] = 'api.setup.start';
- $HTTP_GET_VARS['stage'] = 2;
- }
-
- if (!$GLOBALS['missing_critical'] && $dbresult->RecordCount() == 0)
+ if(!$GLOBALS['force_setup'])
{
- $GLOBALS['missing_critical'] = True;
- $GLOBALS['phpgw_data']['api']['op'] = 'api.setup.start';
- $HTTP_GET_VARS['stage'] = 4;
+ $old_level = error_reporting(0);
+ $dbresult = $GLOBALS['phpgw']->db->Execute('select * from
phpgw_acl');
+ if (!$dbresult || $dbresult->EOF)
+ {
+ $GLOBALS['force_setup'] = true;
+ }
+ unset($dbresult);
+ error_reporting($old_level);
}
/**********************************************************************************\
@@ -159,24 +181,25 @@
* We start by checking the login, auth a login request and load up the
users stuff *
\**********************************************************************************/
- if(!$GLOBALS['missing_critical'])
+ if(!$GLOBALS['force_setup'])
{
if ($GLOBALS['phpgw_data']['api']['op'] == 'api.base.logout')
{
- execmethod($GLOBALS['phpgw_data']['api']['op']);
+ execMethod($GLOBALS['phpgw_data']['api']['op']);
}
/* Check the login */
$GLOBALS['phpgw']->check_login();
}
else
{
- $GLOBALS['phpgw']->lang = createobject('api_lang');
+ $GLOBALS['phpgw_data']['api']['op'] = 'api.setup.start';
+ $GLOBALS['phpgw']->lang = createObject('api_lang');
}
/************************************************************************\
* Additionally needed classes
*
\************************************************************************/
- $GLOBALS['phpgw']->hooks = createobject('api_hooks');
+ $GLOBALS['phpgw']->hooks = createObject('api_hooks');
/* make sure the op is set, or can be figured out */
$GLOBALS['phpgw']->check_op();
@@ -212,7 +235,7 @@
// Only do the following if the interface has loaded statecaching
if (is_object($GLOBALS['phpgw']->interface->statecache))
{
- $position_id =
get_var('position_id',array('POST','GET'),'string','##NOTSET##');
+ $position_id =
get_var('position_id',array('POST','GET'),'string');
if (strlen($position_id) && !
$GLOBALS['phpgw']->interface->statecache->data[$position_id])
{
@@ -221,7 +244,7 @@
// FIXME: The show hint should be something explaining
to the user reasons why the history could be lost.
// For example, opening pages in seperate windows then
returning to an older one where the history
// is out of date.
- $GLOBALS['msgbox']->add(lang('History not found: [
*Show hint* ]'),__LINE__,__FILE__,'fataldebug',"position_id: '" . $position_id
. "'");
+ $GLOBALS['msgbox']->add(lang('History not found: [
*Show hint* ]'),'fataldebug',"position_id: '" . $position_id . "'");
}
switch($methodname)
@@ -248,65 +271,76 @@
$inputs = $close_values;
break;
default:
-
$GLOBALS['phpgw']->interface->statecache->set();
+ $GLOBALS['phpgw']->interface->statecache->set();
}
}
-
- if ($GLOBALS['missing_critical'] ||
$GLOBALS['phpgw']->acl->check($methodname, 1))
+
+ if(!defined('PHPGW_LEGACY'))
{
- $GLOBALS['performance_timer']->start($methodname);
- /* FIXME NOTE FROM Seek3r: None of this code makes any sense.
From what I can see execMethod is already going to deal with this.
- So why would we do this beforehand? Just let execMethod do its
job.
-
- // FIXME: This explode happens FAR too much, this should ONLY
happen *1* time and everything
- // Should access those variables instead. Maybe make it a
constant for extra security. (jengo)
- list($a,$c,$m) = explode('.',$methodname);
-
- // We only want to test for attempts to access protected
methods, private methods are detected
- // in execMethod(). Protected methods are allowed to be called
by other apps / classes.
- // Whereas private methods are NEVER called except in that
class. I know this doesn't follow
- // normal OO rules. The names private and protected better
explain what they are and what
- // can call them. If you have some better naming convensions,
please, let me know. (jengo)
- if (substr($m,0,1) == '_' && substr($m,0,2) != '__')
- {
- $GLOBALS['msgbox']->add('Attempted access for a
protected method: ' . $methodname,__LINE__,__FILE__, 'fatal');
- $GLOBALS['phpgw']->interface->handle_result($result);
- }
- */
-
- $result = execMethod($methodname,$inputs);
- if($result == '##NOMETHOD##')
+ if ($GLOBALS['force_setup'] ||
$GLOBALS['phpgw']->acl->check($methodname, 1))
{
- if
(isset($HTTP_SESSION_VARS['phpgw_session']['prevop']))
- {
- $methodname =
$HTTP_SESSION_VARS['phpgw_session']['prevop'];
- }
- else
+ $GLOBALS['performance_timer']->start($methodname);
+ // FIXME: This explode happens FAR too much, this
should ONLY happen *1* time and everything
+ // Should access those variables instead. Maybe make
it a constant for extra security. (jengo)
+ list($a,$c,$m) = explode('.',$methodname);
+
+ // We only want to test for attempts to access
protected methods, private methods are detected
+ // in execMethod(). Protected methods are allowed to
be called by other apps / classes.
+ // Whereas private methods are NEVER called except in
that class. I know this doesn't follow
+ // normal OO rules. The names private and protected
better explain what they are and what
+ // can call them. If you have some better naming
convensions, please, let me know. (jengo)
+ if (substr($m,0,1) == '_' && substr($m,0,2) != '__')
{
- /* Otherwise then we try and keep the user in
the app and class they requested */
- $methodname =
$GLOBALS['phpgw_data']['flags']['req_app'].'.'.$GLOBALS['phpgw_data']['flags']['req_class'].'.start';
+ $GLOBALS['msgbox']->add('Attempted access for a
protected method: ' . $methodname, 'fatal');
+
$GLOBALS['phpgw']->interface->handle_result($result);
}
-
- $result = execMethod($methodname,$inputs, True);
-
- /* If the method still doesnt exist, then we try and
keep the user in the app they requested */
- if ($result == '##NOMETHOD##')
+ ob_start();
+ $result = execMethod($methodname,$inputs);
+
+ if($result == '##NOMETHOD##')
{
- $methodname =
$GLOBALS['phpgw_data']['flags']['req_app'].'.base.start';
- $result = execMethod($methodname,$inputs,
True);
-
+ if (isset($_SESSION['phpgw_session']['prevop']))
+ {
+ $methodname =
$_SESSION['phpgw_session']['prevop'];
+ }
+ else
+ {
+ /* Otherwise then we try and keep the
user in the app and class they requested */
+ $methodname =
$GLOBALS['phpgw_data']['flags']['req_app'].'.'.$GLOBALS['phpgw_data']['flags']['req_class'].'.start';
+ }
+
+ $result = execMethod($methodname,$inputs, true);
+
+ /* If the method still doesnt exist, then we
try and keep the user in the app they requested */
if ($result == '##NOMETHOD##')
{
- /* If the method still doesnt exist,
then just make sure result is empty */
- $result = '';
+ $methodname =
$GLOBALS['phpgw_data']['flags']['req_app'].'.base.start';
+ $result =
execMethod($methodname,$inputs, true);
+
+ if ($result == '##NOMETHOD##')
+ {
+ /* If the method still doesnt
exist, then just make sure result is empty */
+ $result = '';
+ }
}
}
+ $outputtrap = ob_get_contents();
+ if(!empty($outputtrap))
+ {
+ define('MISBEHAVEDAPP',true);
+
$GLOBALS['phpgw_xmldoc']->add_node($outputtrap,'APPHTML');
+ $_GET['fxsl'] = 2;
+ ob_clean();
+ }
+ ob_end_flush();
+
+ $GLOBALS['performance_timer']->stop($methodname);
}
- $GLOBALS['performance_timer']->stop($methodname);
- }
- else
- {
- $GLOBALS['phpgw']->interface->access_denied($methodname,
$inputs);
+ else
+ {
+
$GLOBALS['phpgw']->interface->access_denied($methodname, $inputs);
+ }
+
+ /* Now send the result to the XML */
+ $GLOBALS['phpgw']->interface->handle_result($result);
}
- /* Now send the result to the XML */
- $GLOBALS['phpgw']->interface->handle_result($result);
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Phpgroupware-cvs] api/starter.inc.php, 1.1.1.1.2.33,
nomail <=