From 8da1e8078ffc9345e4b5213945bc33215d20ef38 Mon Sep 17 00:00:00 2001 From: Nao Date: Sat, 22 Mar 2014 19:27:48 +0100 Subject: [PATCH] - Removed $sourcedir entirely, replaced by APP_DIR. Fixed some SSI issues in the process. (SSI.php, index.php, Load.php, ManageErrors.php, ManagePaid.php, ManagePlugins.php, ManageSearch.php, Subs-Admin.php, Subs-Captcha.php, Subs.php, Aeva-Embed.php, Aeva-Gallery2.php, ManageMedia3.php) * Another $boardurl to ROOT. Also removed ROOT_DIR being redefined (discarded error.) (QueryString.php) --- SSI.php | 15 +++++++++------ core/app/Load.php | 4 +--- core/app/ManageErrors.php | 4 ++-- core/app/ManagePaid.php | 10 ++++------ core/app/ManagePlugins.php | 2 +- core/app/ManageSearch.php | 10 ++++------ core/app/QueryString.php | 5 ++--- core/app/Subs-Admin.php | 8 ++++---- core/app/Subs-Captcha.php | 6 ++---- core/app/Subs.php | 10 ++++------ core/app/media/Aeva-Embed.php | 18 +++++++++--------- core/app/media/Aeva-Gallery2.php | 9 +++------ core/app/media/ManageMedia3.php | 20 +++++++++----------- index.php | 19 ++++++++++--------- 14 files changed, 64 insertions(+), 76 deletions(-) diff --git a/SSI.php b/SSI.php index 1efe4988..d92ba476 100644 --- a/SSI.php +++ b/SSI.php @@ -12,12 +12,12 @@ if (defined('WEDGE')) return; -const WEDGE = 'SSI'; +define('WEDGE', 'SSI'); // We're going to want a few globals... these are all set later. global $settings, $context, $sc, $topic, $board, $txt; global $time_start, $maintenance, $msubject, $mmessage, $mbname; -global $boardurl, $boarddir, $sourcedir, $webmaster_email, $cookiename; +global $boardurl, $boarddir, $webmaster_email, $cookiename; global $db_server, $db_connection, $db_name, $db_user, $db_prefix, $db_persist; global $db_error_send, $db_last_error, $ssi_db_user, $ssi_db_passwd, $db_passwd; @@ -30,10 +30,17 @@ $time_start = microtime(true); +define('ROOT_DIR', str_replace('\\', '/', dirname(__FILE__))); +define('APP_DIR', ROOT_DIR . '/core/app'); + // Get the forum's settings for database and file paths. require_once(dirname(__FILE__) . '/Settings.php'); require_once(dirname(__FILE__) . '/index.php'); +$boarddir = ROOT_DIR; +foreach (array('cache' => 'gz', 'css' => 'gz/css', 'js' => 'gz/js') as $var => $path) + ${$var . 'dir'} = ROOT_DIR . '/' . $path; + $ssi_error_reporting = error_reporting(E_ALL | E_STRICT); /* Set this to one of three values depending on what you want to happen in the case of a fatal error. @@ -48,10 +55,6 @@ if ($maintenance == 2 && (!isset($ssi_maintenance_off) || $ssi_maintenance_off !== true)) exit($mmessage); -// Fix for using the current directory as a path. -if ($sourcedir[0] === '.' && $sourcedir[1] !== '.') - $sourcedir = dirname(__FILE__) . substr($sourcedir, 1); - // Load the important includes. loadSource(array( 'Class-System', diff --git a/core/app/Load.php b/core/app/Load.php index 0dfb9b85..b19b60b1 100644 --- a/core/app/Load.php +++ b/core/app/Load.php @@ -1991,9 +1991,7 @@ function loadLanguage($template_name, $lang = '', $fatal = true, $force_reload = */ function loadSearchAPI($api) { - global $sourcedir; - - $file = $sourcedir . '/SearchAPI-' . ucwords($api) . '.php'; + $file = APP_DIR . '/SearchAPI-' . ucwords($api) . '.php'; if (!file_exists($file)) return false; @include($file); diff --git a/core/app/ManageErrors.php b/core/app/ManageErrors.php index a7a86e4e..c689dc11 100644 --- a/core/app/ManageErrors.php +++ b/core/app/ManageErrors.php @@ -633,7 +633,7 @@ function updateErrorCount($count = 0) function ViewFile() { - global $context, $txt, $boarddir, $sourcedir, $cachedir; + global $context, $txt, $boarddir, $cachedir; loadTemplate('GenericPopup'); loadLanguage('Help'); @@ -646,7 +646,7 @@ function ViewFile() $basename = strtolower(basename($file)); // Make sure the file we are looking for is one they are allowed to look at - if (strrchr($basename, '.') != '.php' || $basename == 'settings.php' || $basename == 'settings_bak.php' || !strhas($file, array(realpath($boarddir), realpath($sourcedir), realpath($cachedir . '/php'))) || !is_readable($file)) + if (strrchr($basename, '.') != '.php' || $basename == 'settings.php' || $basename == 'settings_bak.php' || !strhas($file, array(realpath($boarddir), realpath(APP_DIR), realpath($cachedir . '/php'))) || !is_readable($file)) fatal_lang_error('error_bad_file', true, array(htmlspecialchars(base64_decode($_REQUEST['file'])))); // Get the min and max lines diff --git a/core/app/ManagePaid.php b/core/app/ManagePaid.php index c0429893..1f8572c5 100644 --- a/core/app/ManagePaid.php +++ b/core/app/ManagePaid.php @@ -1814,23 +1814,21 @@ function loadSubscriptions() // Load all the payment gateways. function loadPaymentGateways() { - global $sourcedir; - $gateways = array(); - if ($dh = scandir($sourcedir)) + if ($dh = scandir(APP_DIR)) { foreach ($dh as $file) { - if (is_file($sourcedir . '/' . $file) && preg_match('~Subscriptions-([A-Za-z\d]+)\.php$~', $file, $matches)) + if (is_file(APP_DIR . '/' . $file) && preg_match('~Subscriptions-([A-Za-z\d]+)\.php$~', $file, $matches)) { // Check this is definitely a valid gateway! - $fp = fopen($sourcedir . '/' . $file, 'rb'); + $fp = fopen(APP_DIR . '/' . $file, 'rb'); $header = fread($fp, 4096); fclose($fp); if (strpos($header, '// Wedge Payment Gateway: ' . strtolower($matches[1])) !== false) { - require_once($sourcedir . '/' . $file); + require_once(APP_DIR . '/' . $file); $gateways[] = array( 'filename' => $file, diff --git a/core/app/ManagePlugins.php b/core/app/ManagePlugins.php index 8f9d85a4..a6565501 100644 --- a/core/app/ManagePlugins.php +++ b/core/app/ManagePlugins.php @@ -1435,7 +1435,7 @@ function executePluginScript($type, $file) fatal_lang_error('fatal_install_' . $type . '_missing', false, empty($file) ? $txt['not_applicable'] : htmlspecialchars($file)); // This is just here as reference for what is available. - global $txt, $boarddir, $sourcedir, $settings, $context; + global $txt, $boarddir, $settings, $context; require($full_path); } } diff --git a/core/app/ManageSearch.php b/core/app/ManageSearch.php index fe47daa5..e3014082 100644 --- a/core/app/ManageSearch.php +++ b/core/app/ManageSearch.php @@ -528,23 +528,21 @@ function CreateMessageIndex() // Get the installed APIs. function loadAllSearchAPIs() { - global $sourcedir; - $apis = array(); - if ($dh = scandir($sourcedir)) + if ($dh = scandir(APP_DIR)) { foreach ($dh as $file) { - if (is_file($sourcedir . '/' . $file) && preg_match('~SearchAPI-([A-Za-z\d_]+)\.php$~', $file, $matches)) + if (is_file(APP_DIR . '/' . $file) && preg_match('~SearchAPI-([A-Za-z\d_]+)\.php$~', $file, $matches)) { // Check this is definitely a valid API! - $fp = fopen($sourcedir . '/' . $file, 'rb'); + $fp = fopen(APP_DIR . '/' . $file, 'rb'); $header = fread($fp, 4096); fclose($fp); if (strpos($header, 'class ' . strtolower($matches[1]) . '_search') !== false) { - require_once($sourcedir . '/' . $file); + require_once(APP_DIR . '/' . $file); $index_name = strtolower($matches[1]); $search_class_name = $index_name . '_search'; diff --git a/core/app/QueryString.php b/core/app/QueryString.php index d2e305d1..2c0f6cac 100644 --- a/core/app/QueryString.php +++ b/core/app/QueryString.php @@ -76,7 +76,6 @@ function loadPaths() // All done? No changin' the URLs? Okay, we can now define our constants... define('SCRIPT', $scripturl); define('ROOT', $boardurl); - define('ROOT_DIR', $boarddir); define('TEMPLATES', ROOT . '/core/html'); define('TEMPLATES_DIR', ROOT_DIR . '/core/html'); define('SKINS', ROOT . '/core/skins'); define('SKINS_DIR', ROOT_DIR . '/core/skins'); define('LANGUAGES', ROOT . '/core/languages'); define('LANGUAGES_DIR', ROOT_DIR . '/core/languages'); @@ -110,7 +109,7 @@ function loadPaths() */ function cleanRequest() { - global $board, $topic, $boardurl, $boarddir, $settings, $context, $action_list; + global $board, $topic, $boarddir, $settings, $context, $action_list; // These were deprecated years ago. Save some memory. unset($GLOBALS['HTTP_POST_VARS'], $GLOBALS['HTTP_POST_FILES']); @@ -209,7 +208,7 @@ function cleanRequest() // $_SERVER['HTTP_HOST'] = strpos($_SERVER['HTTP_HOST'], ':') === false ? $_SERVER['HTTP_HOST'] : substr($_SERVER['HTTP_HOST'], 0, strpos($_SERVER['HTTP_HOST'], ':')); $do_pretty = !empty($settings['pretty_enable_filters']); if ($do_pretty) - $query_string = str_replace(substr($boardurl, strpos($boardurl, '://') + 3), '/', $full_request); + $query_string = str_replace(substr(ROOT, strpos(ROOT, '://') + 3), '/', $full_request); $board = 0; if (isset($_GET['board']) && is_numeric($_GET['board'])) diff --git a/core/app/Subs-Admin.php b/core/app/Subs-Admin.php index dc3a08d9..f8e03b2c 100644 --- a/core/app/Subs-Admin.php +++ b/core/app/Subs-Admin.php @@ -140,7 +140,7 @@ function getServerVersions($checkFor) // Search through source, theme and language files to determine their version. function getFileVersions(&$versionOptions) { - global $boarddir, $sourcedir; + global $boarddir; // Default place to find the languages would be the default theme dir. $lang_dir = LANGUAGES_DIR; @@ -182,13 +182,13 @@ function getFileVersions(&$versionOptions) } // Load all the files in the core/app directory, except for this file and the redirect. - $sources_dir = dir($sourcedir); + $sources_dir = dir(APP_DIR); while ($entry = $sources_dir->read()) { - if (substr($entry, -4) === '.php' && !is_dir($sourcedir . '/' . $entry) && $entry !== 'index.php') + if (substr($entry, -4) === '.php' && !is_dir(APP_DIR . '/' . $entry) && $entry !== 'index.php') { // Read the first 4k from the file.... enough for the header. - $fp = fopen($sourcedir . '/' . $entry, 'rb'); + $fp = fopen(APP_DIR . '/' . $entry, 'rb'); $header = fread($fp, 4096); fclose($fp); diff --git a/core/app/Subs-Captcha.php b/core/app/Subs-Captcha.php index 04d6cf3f..e7d378a7 100644 --- a/core/app/Subs-Captcha.php +++ b/core/app/Subs-Captcha.php @@ -48,17 +48,15 @@ function showCodeImage($code) function loadCaptchaTypes() { - global $sourcedir; - $captcha_types = array(); - if ($dh = scandir($sourcedir . '/captcha')) + if ($dh = scandir(APP_DIR . '/captcha')) { foreach ($dh as $file) { if (!is_dir($file) && preg_match('~captcha-([A-Za-z\d_]+)\.php$~', $file, $matches)) { // Check this is definitely a valid API! - $fp = fopen($sourcedir . '/captcha/' . $file, 'rb'); + $fp = fopen(APP_DIR . '/captcha/' . $file, 'rb'); $header = fread($fp, 4096); fclose($fp); diff --git a/core/app/Subs.php b/core/app/Subs.php index 406fca25..d95784e8 100644 --- a/core/app/Subs.php +++ b/core/app/Subs.php @@ -2419,11 +2419,9 @@ function call_lang_hook($hook, $plugin_id = '') */ function add_hook($hook, $function, $file = '', $register = true) { - global $settings, $sourcedir; + global $settings; - if (!empty($file) && !file_exists($sourcedir . '/' . ($file = trim($file)) . '.php')) - $file = ''; - if (strpos($file, '|') !== false) + if (!empty($file) && (strpos($file, '|') !== false || !file_exists(APP_DIR . '/' . ($file = trim($file)) . '.php'))) $file = ''; $function .= '|' . $file; @@ -2462,9 +2460,9 @@ function add_hook($hook, $function, $file = '', $register = true) */ function remove_hook($hook, $function, $file = '') { - global $settings, $sourcedir; + global $settings; - if (!empty($file) && !file_exists($sourcedir . '/' . ($file = trim($file)) . '.php')) + if (!empty($file) && !file_exists(APP_DIR . '/' . ($file = trim($file)) . '.php')) $file = ''; $function .= '|' . $file; diff --git a/core/app/media/Aeva-Embed.php b/core/app/media/Aeva-Embed.php index c5794c78..6282e6ec 100644 --- a/core/app/media/Aeva-Embed.php +++ b/core/app/media/Aeva-Embed.php @@ -15,14 +15,14 @@ // Main auto embed function function aeva_main($message) { - global $context, $settings, $sites, $upto, $sourcedir; + global $context, $settings, $sites, $upto; // Auto-embedding is disabled. We shouldn't have got this far, but if we have... get out of here. if (empty($settings['embed_enabled'])) return $message; // Attempt to load all Enabled Sites, if not already loaded - if (empty($sites) && file_exists($sourcedir . '/media/Aeva-Sites.php')) + if (empty($sites) && file_exists(APP_DIR . '/media/Aeva-Sites.php')) loadSource('media/Aeva-Sites'); // Are we checking a link in the media gallery? We'd best avoid JavaScript then. @@ -34,7 +34,7 @@ function aeva_main($message) if (empty($sites)) { loadSource( - file_exists($sourcedir . '/media/Aeva-Sites-Custom.php') ? array('media/Subs-Aeva-Sites', 'media/Aeva-Sites-Custom') : 'media/Subs-Aeva-Sites' + file_exists(APP_DIR . '/media/Aeva-Sites-Custom.php') ? array('media/Subs-Aeva-Sites', 'media/Aeva-Sites-Custom') : 'media/Subs-Aeva-Sites' ); // We're using the full version, so we just keep allowed local embeds and popular sites. @@ -847,7 +847,7 @@ function embed_lookups_match($input) // Called on both quick reply and full posting function aeva_onposting($input) { - global $settings, $sites, $sourcedir; + global $settings, $sites; // Exit if all three are disabled: // - Lookups (retrieve final URL, check whether embeds are allowed, etc.) @@ -872,14 +872,14 @@ function aeva_onposting($input) $input = aeva_protection($array, $input, false); // Attempt to load - Enabled Sites - if (empty($sites) && file_exists($sourcedir . '/media/Aeva-Sites.php')) + if (empty($sites) && file_exists(APP_DIR . '/media/Aeva-Sites.php')) loadSource('media/Aeva-Sites'); // If we can't use generated version (either just after install, OR permissions meant generated // version couldn't be created, OR it can't be found), load the full un-optimized version. if (empty($sites)) loadSource( - file_exists($sourcedir . '/media/Aeva-Sites-Custom.php') ? array('media/Subs-Aeva-Sites', 'media/Aeva-Sites-Custom') : 'media/Subs-Aeva-Sites' + file_exists(APP_DIR . '/media/Aeva-Sites-Custom.php') ? array('media/Subs-Aeva-Sites', 'media/Aeva-Sites-Custom') : 'media/Subs-Aeva-Sites' ); // Noob users might have included the full embed code provided by the site @@ -1099,7 +1099,7 @@ function aeva_embed_video($message, $id_media = 0, $id_preview = 0) function aeva_check_embed_link($link) { - global $sites, $boardurl, $settings, $sourcedir; + global $sites, $boardurl, $settings; if (empty($settings['embed_enabled'])) return false; @@ -1119,12 +1119,12 @@ function aeva_check_embed_link($link) return true; unset($x); - if (empty($sites) && file_exists($sourcedir . '/media/Aeva-Sites.php')) + if (empty($sites) && file_exists(APP_DIR . '/media/Aeva-Sites.php')) loadSource('media/Aeva-Sites'); if (empty($sites)) loadSource( - file_exists($sourcedir . '/media/Aeva-Sites-Custom.php') ? array('media/Subs-Aeva-Sites', 'media/Aeva-Sites-Custom') : 'media/Subs-Aeva-Sites' + file_exists(APP_DIR . '/media/Aeva-Sites-Custom.php') ? array('media/Subs-Aeva-Sites', 'media/Aeva-Sites-Custom') : 'media/Subs-Aeva-Sites' ); $link = preg_replace(array('~\[url=([^]]*)][^[]*\[/url]~', '~\[url]([^[]*)\[/url]~'), '$1', $link); diff --git a/core/app/media/Aeva-Gallery2.php b/core/app/media/Aeva-Gallery2.php index 49124b1b..a63eb96d 100644 --- a/core/app/media/Aeva-Gallery2.php +++ b/core/app/media/Aeva-Gallery2.php @@ -2189,7 +2189,7 @@ function aeva_massUpload() // Modifying item's title? function aeva_massUploadFinish() { - global $galurl, $sourcedir; + global $galurl; // Unset it unset($_POST['submit_title_update']); @@ -2253,11 +2253,8 @@ function aeva_massUploadFinish() aeva_modifyItem($iOpts); } - if (file_exists($sourcedir . '/media/Aeva-Foxy.php')) - { - loadSource('media/Aeva-Foxy'); - aeva_foxy_notify_items($album, $act_items); - } + loadSource('media/Aeva-Foxy'); + aeva_foxy_notify_items($album, $act_items); // Bye Bye redirectexit($galurl . 'sa=album;in=' . $album); diff --git a/core/app/media/ManageMedia3.php b/core/app/media/ManageMedia3.php index 4130bb15..677a9e58 100644 --- a/core/app/media/ManageMedia3.php +++ b/core/app/media/ManageMedia3.php @@ -16,7 +16,7 @@ // Handles the admin pages function aeva_admin_embed() { - global $context, $txt, $settings, $sourcedir; + global $context, $txt, $settings; wetem::load('aeva_form'); wetem::outer('aeva_admin_enclose_table'); @@ -100,10 +100,10 @@ function aeva_admin_embed() $definitions = 'default'; // Attempt to load enabled sites - if (file_exists($sourcedir . '/media/Subs-Aeva-Generated-Sites.php')) - rename($sourcedir . '/media/Subs-Aeva-Generated-Sites.php', $sourcedir . '/media/Aeva-Sites.php'); - if (file_exists($sourcedir . '/media/Aeva-Sites.php')) - include($sourcedir . '/media/Aeva-Sites.php'); + if (file_exists(APP_DIR . '/media/Subs-Aeva-Generated-Sites.php')) + rename(APP_DIR . '/media/Subs-Aeva-Generated-Sites.php', APP_DIR . '/media/Aeva-Sites.php'); + if (file_exists(APP_DIR . '/media/Aeva-Sites.php')) + include(APP_DIR . '/media/Aeva-Sites.php'); // Site definitions if (empty($sites)) @@ -129,16 +129,16 @@ function aeva_admin_embed() $sites = array(); // Load the FULL definitions into the $sites static - @include($sourcedir . '/media/Subs-Aeva-Sites.php'); + @include(APP_DIR . '/media/Subs-Aeva-Sites.php'); // Checkall helps us decide whether to make the checkboxes all checked $checkall = array('pop' => true, 'video' => true, 'audio' => true, 'adult' => true, 'other' => true); // Create arrays to store bits of information/organize them into various sections $stypes = array('local', 'pop', 'video', 'audio', 'adult', 'other'); - if (file_exists($sourcedir . '/media/Aeva-Sites-Custom.php')) + if (file_exists(APP_DIR . '/media/Aeva-Sites-Custom.php')) { - @include($sourcedir . '/media/Aeva-Sites-Custom.php'); + @include(APP_DIR . '/media/Aeva-Sites-Custom.php'); $checkall['custom'] = true; $stypes[] = 'custom'; } @@ -351,10 +351,8 @@ function aeva_prepare_sites(&$original_array, $type, $is_sites, &$checkall) // Generates the file containing optimized arrays (ONLY enabled sites with only necessary information function aeva_write_file($arrays) { - global $sourcedir; - // Filename - $filename = $sourcedir . '/media/Aeva-Sites.php'; + $filename = APP_DIR . '/media/Aeva-Sites.php'; // Chmod - suppress errors, especially for Windows @chmod($filename, 0777); diff --git a/index.php b/index.php index 4edb44d8..1403f6c9 100644 --- a/index.php +++ b/index.php @@ -25,6 +25,7 @@ ob_start(); define('ROOT_DIR', str_replace('\\', '/', dirname(__FILE__))); +define('APP_DIR', ROOT_DIR . '/core/app'); // Is it our first run..? if (!file_exists(ROOT_DIR . '/Settings.php')) @@ -40,7 +41,7 @@ // Crucial paths. $boarddir = ROOT_DIR; -foreach (array('source' => 'core/app', 'cache' => 'gz', 'css' => 'gz/css', 'js' => 'gz/js') as $var => $path) +foreach (array('cache' => 'gz', 'css' => 'gz/css', 'js' => 'gz/js') as $var => $path) ${$var . 'dir'} = ROOT_DIR . '/' . $path; // And important files. @@ -165,7 +166,7 @@ // $source_name can be a string or an array of strings. function loadSource($source_name) { - global $sourcedir, $cachedir, $db_show_debug; + global $db_show_debug; static $done = array(); foreach ((array) $source_name as $file) @@ -174,17 +175,17 @@ function loadSource($source_name) continue; $done[$file] = true; if (defined('WEDGE_INSTALL') || strpos($file, 'getid3') !== false) - $cache = $sourcedir . '/' . $file . '.php'; + $cache = APP_DIR . '/' . $file . '.php'; else { - $cache = $cachedir . '/app/' . str_replace(array('/', '..'), array('_', 'UP'), $file) . '.php'; - if (!file_exists($cache) || filemtime($cache) < filemtime($sourcedir . '/' . $file . '.php')) + $cache = ROOT_DIR . '/gz/app/' . str_replace(array('/', '..'), array('_', 'UP'), $file) . '.php'; + if (!file_exists($cache) || filemtime($cache) < filemtime(APP_DIR . '/' . $file . '.php')) { - copy($sourcedir . '/' . $file . '.php', $cache); + copy(APP_DIR . '/' . $file . '.php', $cache); // !! Disabling this temporarily (until I add a setting for it), to get proper line numbers when debugging. if (false && empty($db_show_debug)) { - require_once($sourcedir . '/Subs-MinifyPHP.php'); + require_once(APP_DIR . '/Subs-MinifyPHP.php'); minify_php($cache); } } @@ -264,7 +265,7 @@ function determine_action($action) function index_action($hook_action = 'default_action') { - global $settings, $sourcedir; + global $settings; // Some plugins may want to specify default "front page" behavior through the 'default_action' hook, and/or a // last-minute fallback ('fallback_action'). If they do, they shall return the name of the function they want to call. @@ -273,7 +274,7 @@ function index_action($hook_action = 'default_action') return $func; // Otherwise, if the admin specified a custom homepage, fall back to it. - if (isset($settings['default_index']) && file_exists($sourcedir . '/' . $settings['default_index'] . '.php')) + if (isset($settings['default_index']) && file_exists(APP_DIR . '/' . $settings['default_index'] . '.php')) { loadSource($settings['default_index']); return $settings['default_index'];