Blame | Last modification | View Log | Download
<?php
// +-----------------------------------------------------------------------+
// | PhpWebGallery - a PHP based picture gallery |
// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
// | branch : BSF (Best So Far)
// | file : $RCSfile: common.inc.php,v $
// | last update : $Date: 2005/01/08 23:32:25 $
// | last modifier : $Author: plg $
// | revision : $Revision: 1.18 $
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify |
// | it under the terms of the GNU General Public License as published by |
// | the Free Software Foundation |
// | |
// | This program is distributed in the hope that it will be useful, but |
// | WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
// | General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
if (!defined('PHPWG_ROOT_PATH'))
{
die('Hacking attempt!');
}
// determine the initial instant to indicate the generation time of this page
$t1 = explode( ' ', microtime() );
$t2 = explode( '.', $t1[0] );
$t2 = $t1[1].'.'.$t2[1];
set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
//
// addslashes to vars if magic_quotes_gpc is off this is a security
// precaution to prevent someone trying to break out of a SQL statement.
//
if( !get_magic_quotes_gpc() )
{
if( is_array( $_GET ) )
{
while( list($k, $v) = each($_GET) )
{
if( is_array($_GET[$k]) )
{
while( list($k2, $v2) = each($_GET[$k]) )
{
$_GET[$k][$k2] = addslashes($v2);
}
@reset($_GET[$k]);
}
else
{
$_GET[$k] = addslashes($v);
}
}
@reset($_GET);
}
if( is_array($_POST) )
{
while( list($k, $v) = each($_POST) )
{
if( is_array($_POST[$k]) )
{
while( list($k2, $v2) = each($_POST[$k]) )
{
$_POST[$k][$k2] = addslashes($v2);
}
@reset($_POST[$k]);
}
else
{
$_POST[$k] = addslashes($v);
}
}
@reset($_POST);
}
if( is_array($_COOKIE) )
{
while( list($k, $v) = each($_COOKIE) )
{
if( is_array($_COOKIE[$k]) )
{
while( list($k2, $v2) = each($_COOKIE[$k]) )
{
$_COOKIE[$k][$k2] = addslashes($v2);
}
@reset($_COOKIE[$k]);
}
else
{
$_COOKIE[$k] = addslashes($v);
}
}
@reset($_COOKIE);
}
}
//
// Define some basic configuration arrays this also prevents malicious
// rewriting of language and otherarray values via URI params
//
$conf = array();
$page = array();
$user = array();
$lang = array();
include(PHPWG_ROOT_PATH .'include/mysql.inc.php');
if (!defined('PHPWG_INSTALLED'))
{
header('Location: install.php');
exit;
}
include(PHPWG_ROOT_PATH . 'include/constants.php');
include(PHPWG_ROOT_PATH . 'include/config.inc.php');
include(PHPWG_ROOT_PATH . 'include/functions.inc.php');
include(PHPWG_ROOT_PATH . 'include/template.php');
// Database connection
mysql_connect( $cfgHote, $cfgUser, $cfgPassword )
or die ( "Could not connect to database server" );
mysql_select_db( $cfgBase )
or die ( "Could not connect to database" );
//
// Setup gallery wide options, if this fails then we output a CRITICAL_ERROR
// since basic gallery information is not available
//
$query = '
SELECT param,value
FROM '.CONFIG_TABLE.'
;';
if (!($result = pwg_query($query)))
{
die("Could not query config information");
}
while ( $row =mysql_fetch_array( $result ) )
{
if ( isset( $row['value'] ) )
{
$conf[$row['param']] = $row['value'];
}
else
{
$conf[$row['param']] = '';
}
// If the field is true or false, the variable is transformed into a
// boolean value.
if ( $conf[$row['param']] == 'true' or $conf[$row['param']] == 'false' )
{
$conf[$row['param']] = get_boolean( $conf[$row['param']] );
}
}
include(PHPWG_ROOT_PATH.'include/user.inc.php');
?>