bb-settings.php

Revision 1659, 27.0 kB (checked in by mdawaffe, 1 day ago)
run validate_file before prepending with BB_PLUGIN_DIR, BB_CORE_PLUGIN_DIR. Fixes #928
Property svn:eol-style set to `native`

Line
1	<?php
2	/**
3	* Used to setup and fix common variables and include
4	* the bbPress and BackPress procedural and class libraries.
5	*
6	* You should not have to change this file, some configuration
7	* is possible in bb-config.php
8	*
9	* @package bbPress
10	*/
11
12
13
14	/**
15	* Low level reasons to die
16	*/
17
18	// Die if PHP is not new enough
19	if ( version_compare(PHP_VERSION, '4.3', '<') )
20	die(sprintf('Your server is running PHP version %s but bbPress requires at least 4.3', PHP_VERSION) );
21
22	// Die if called directly
23	if ( !defined('BB_PATH') )
24	die('This file cannot be called directly.');
25
26
27
28	// Modify error reporting levels to exclude PHP notices
29	error_reporting(E_ALL ^ E_NOTICE);
30
31	/**
32	* bb_unregister_GLOBALS() - Turn register globals off
33	*
34	* @access private
35	* @return null Will return null if register_globals PHP directive was disabled
36	*/
37	function bb_unregister_GLOBALS() {
38	if ( !ini_get('register_globals') )
39	return;
40
41	if ( isset($_REQUEST['GLOBALS']) )
42	die('GLOBALS overwrite attempt detected');
43
44	// Variables that shouldn't be unset
45	$noUnset = array('GLOBALS', '_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES', 'bb_table_prefix', 'bb');
46
47	$input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES, isset($_SESSION) && is_array($_SESSION) ? $_SESSION : array());
48	foreach ( $input as $k => $v )
49	if ( !in_array($k, $noUnset) && isset($GLOBALS[$k]) ) {
50	$GLOBALS[$k] = NULL;
51	unset($GLOBALS[$k]);
52	}
53	}
54	bb_unregister_GLOBALS();
55
56
57
58	/**
59	* bb_timer_start() - PHP 4 standard microtime start capture
60	*
61	* @access private
62	* @global int $bb_timestart Seconds and Microseconds added together from when function is called
63	* @return bool Always returns true
64	*/
65	function bb_timer_start() {
66	global $bb_timestart;
67	$mtime = explode(' ', microtime() );
68	$bb_timestart = $mtime[1] + $mtime[0];
69	return true;
70	}
71	bb_timer_start();
72
73
74
75	/**
76	* Whether the server software is IIS or something else
77	* @global bool $is_IIS
78	*/
79	$is_IIS = strstr($_SERVER['SERVER_SOFTWARE'], 'Microsoft-IIS') ? 1 : 0;
80
81
82
83	/**
84	* Stabilise $_SERVER variables in various PHP environments
85	*/
86
87	// Fix for IIS, which doesn't set REQUEST_URI
88	if ( empty( $_SERVER['REQUEST_URI'] ) ) {
89
90	// IIS Mod-Rewrite
91	if (isset($_SERVER['HTTP_X_ORIGINAL_URL'])) {
92	$_SERVER['REQUEST_URI'] = $_SERVER['HTTP_X_ORIGINAL_URL'];
93	}
94	// IIS Isapi_Rewrite
95	else if (isset($_SERVER['HTTP_X_REWRITE_URL'])) {
96	$_SERVER['REQUEST_URI'] = $_SERVER['HTTP_X_REWRITE_URL'];
97	}
98	else
99	{
100	// Use ORIG_PATH_INFO if there is no PATH_INFO
101	if ( !isset($_SERVER['PATH_INFO']) && isset($_SERVER['ORIG_PATH_INFO']) )
102	$_SERVER['PATH_INFO'] = $_SERVER['ORIG_PATH_INFO'];
103
104	// Some IIS + PHP configurations puts the script-name in the path-info (No need to append it twice)
105	if ( isset($_SERVER['PATH_INFO']) ) {
106	if ( $_SERVER['PATH_INFO'] == $_SERVER['SCRIPT_NAME'] )
107	$_SERVER['REQUEST_URI'] = $_SERVER['PATH_INFO'];
108	else
109	$_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'] . $_SERVER['PATH_INFO'];
110	}
111
112	// Append the query string if it exists and isn't null
113	if (isset($_SERVER['QUERY_STRING']) && !empty($_SERVER['QUERY_STRING'])) {
114	$_SERVER['REQUEST_URI'] .= '?' . $_SERVER['QUERY_STRING'];
115	}
116	}
117	}
118
119	// Fix for PHP as CGI hosts that set SCRIPT_FILENAME to something ending in php.cgi for all requests
120	if ( isset($_SERVER['SCRIPT_FILENAME']) && ( strpos($_SERVER['SCRIPT_FILENAME'], 'php.cgi') == strlen($_SERVER['SCRIPT_FILENAME']) - 7 ) )
121	$_SERVER['SCRIPT_FILENAME'] = $_SERVER['PATH_TRANSLATED'];
122
123	// Fix for Dreamhost and other PHP as CGI hosts
124	if (strpos($_SERVER['SCRIPT_NAME'], 'php.cgi') !== false)
125	unset($_SERVER['PATH_INFO']);
126
127	// Fix empty PHP_SELF
128	$PHP_SELF = $_SERVER['PHP_SELF'];
129	if ( empty($PHP_SELF) )
130	$_SERVER['PHP_SELF'] = $PHP_SELF = preg_replace("/(\?.*)?$/",'',$_SERVER["REQUEST_URI"]);
131
132
133
134	/**
135	* Let bbPress know what we are up to at the moment
136	*/
137
138	/**
139	* Whether the current script is in the admin area or not
140	*/
141	if ( !defined( 'BB_IS_ADMIN' ) )
142	define( 'BB_IS_ADMIN', false );
143
144	/**
145	* Whether the current script is part of the installation process or not
146	* @since 1.0-beta
147	*/
148	if ( !defined( 'BB_INSTALLING' ) )
149	define( 'BB_INSTALLING', false );
150
151
152
153	/**
154	* Define include paths and load core BackPress libraries
155	*/
156
157	/**
158	* The bbPress includes path relative to BB_PATH
159	*/
160	define('BB_INC', 'bb-includes/');
161
162	/**
163	* The full path to the BackPress libraries
164	*/
165	if ( !defined( 'BACKPRESS_PATH' ) )
166	define( 'BACKPRESS_PATH', BB_PATH . BB_INC . 'backpress/' );
167
168	// Load core BackPress functions
169	require( BACKPRESS_PATH . 'functions.core.php' );
170	require( BACKPRESS_PATH . 'functions.compat.php' );
171
172	// WP_Error
173	if ( !class_exists( 'WP_Error' ) )
174	require( BACKPRESS_PATH . 'class.wp-error.php' );
175
176
177
178	/**
179	* Set up database parameters based on config and initialise
180	*/
181
182	/**
183	* Define the full path to the database class
184	*/
185	if ( !defined('BB_DATABASE_CLASS_INCLUDE') )
186	define('BB_DATABASE_CLASS_INCLUDE', BACKPRESS_PATH . 'class.bpdb-multi.php' );
187
188	// Load the database class
189	if ( BB_DATABASE_CLASS_INCLUDE )
190	require( BB_DATABASE_CLASS_INCLUDE );
191
192	/**
193	* Define the name of the database class
194	*/
195	if ( !defined( 'BB_DATABASE_CLASS' ) )
196	define( 'BB_DATABASE_CLASS', 'BPDB_Multi' );
197
198	// Die if there is no database table prefix
199	if ( !$bb_table_prefix )
200	die('You must specify a table prefix in your <code>bb-config.php</code> file.');
201
202	// Setup the global database connection
203	$bbdb_class = BB_DATABASE_CLASS;
204	$bbdb =& new $bbdb_class( array(
205	'name' => BBDB_NAME,
206	'user' => BBDB_USER,
207	'password' => BBDB_PASSWORD,
208	'host' => BBDB_HOST,
209	'charset' => defined( 'BBDB_CHARSET' ) ? BBDB_CHARSET : false,
210	'collate' => defined( 'BBDB_COLLATE' ) ? BBDB_COLLATE : false
211	) );
212	unset($bbdb_class);
213
214	/**
215	* bbPress tables
216	*/
217	$bbdb->tables = array(
218	'forums' => false,
219	'meta' => false,
220	'posts' => false,
221	'tagged' => false, // Deprecated
222	'tags' => false, // Deprecated
223	'terms' => false,
224	'term_relationships' => false,
225	'term_taxonomy' => false,
226	'topics' => false,
227	'topicmeta' => false, // Deprecated
228	'users' => false,
229	'usermeta' => false
230	);
231
232	/**
233	* Define BackPress Database errors if not already done - no internationalisation at this stage
234	*/
235	if (!defined('BPDB__CONNECT_ERROR_MESSAGE'))
236	define(BPDB__CONNECT_ERROR_MESSAGE, 'ERROR: Error establishing a database connection');
237	if (!defined('BPDB__CONNECT_ERROR_MESSAGE'))
238	define(BPDB__SELECT_ERROR_MESSAGE, 'ERROR: Can\'t select database.');
239	if (!defined('BPDB__ERROR_STRING'))
240	define(BPDB__ERROR_STRING, 'ERROR: bbPress database error - "%s" for query "%s" via caller "%s"');
241	if (!defined('BPDB__ERROR_HTML'))
242	define(BPDB__ERROR_HTML, '<div id="error"><p class="bpdberror"><strong>Database error:</strong> [%s]<br /><code>%s</code><br />Caller: %s</p></div>');
243	if (!defined('BPDB__DB_VERSION_ERROR'))
244	define(BPDB__DB_VERSION_ERROR, 'ERROR: bbPress requires MySQL 4.0.0 or higher');
245
246	// Set the prefix on the tables
247	if ( is_wp_error( $bbdb->set_prefix( $bb_table_prefix ) ) )
248	die('Your table prefix may only contain letters, numbers and underscores.');
249
250
251
252	/**
253	* Load core bbPress libraries
254	*/
255
256	require( BB_PATH . BB_INC . 'wp-functions.php');
257	require( BB_PATH . BB_INC . 'functions.php');
258	require( BB_PATH . BB_INC . 'classes.php');
259
260
261
262	/**
263	* Load API and object handling BackPress libraries
264	*/
265
266	// Plugin API
267	if ( !function_exists( 'add_filter' ) )
268	require( BACKPRESS_PATH . 'functions.plugin-api.php' );
269
270	// Object Cache
271	if ( !class_exists( 'WP_Object_Cache' ) ) {
272	require( BACKPRESS_PATH . 'class.wp-object-cache.php' );
273	require( BACKPRESS_PATH . 'functions.wp-object-cache.php' );
274	}
275	if ( !isset($wp_object_cache) )
276	wp_cache_init();
277
278
279
280	/**
281	* Determine language settings and load i10n libraries as required
282	*/
283
284	/**
285	* The full path to the directory containing language files
286	*/
287	if ( !defined('BB_LANG_DIR') )
288	if ( defined('BBLANGDIR') ) // User has set old constant
289	// TODO: Completely remove old constants on version 1.0
290	define('BB_LANG_DIR', BBLANGDIR);
291	else
292	define('BB_LANG_DIR', BB_PATH . BB_INC . 'languages/'); // absolute path with trailing slash
293
294	/**
295	* The language in which to display bbPress
296	*/
297	if ( !defined('BB_LANG') && defined('BBLANG') && '' != BBLANG ) { // User has set old constant
298	// TODO: Completely remove old constants on version 1.0
299	define('BB_LANG', BBLANG);
300	}
301	if ( defined('BB_LANG') && '' != BB_LANG ) {
302	if ( !class_exists( 'gettext_reader' ) )
303	require( BACKPRESS_PATH . 'class.gettext-reader.php' );
304	if ( !class_exists( 'StreamReader' ) )
305	require( BACKPRESS_PATH . 'class.streamreader.php' );
306	}
307
308	// Is WordPress loaded
309	if ( !defined('BB_IS_WP_LOADED') )
310	define('BB_IS_WP_LOADED', defined('DB_NAME'));
311
312	// Only load these if WordPress isn't loaded
313	if ( !BB_IS_WP_LOADED ) {
314	require( BACKPRESS_PATH . 'functions.kses.php');
315	require( BB_PATH . BB_INC . 'l10n.php');
316	}
317
318
319
320	/**
321	* Routines related to installation
322	*/
323
324	// Load BB_CHANNELS_INCLUDE if it exists, must be done before the install is completed
325	if ( defined( 'BB_CHANNELS_INCLUDE' ) && file_exists( BB_CHANNELS_INCLUDE ) && !is_dir( BB_CHANNELS_INCLUDE ) )
326	require( BB_CHANNELS_INCLUDE );
327
328	// If there is no forum table in the database then redirect to the installer
329	if ( !BB_INSTALLING && !bb_is_installed() ) {
330	$link = preg_replace('\|(/bb-admin)?/[^/]+?$\|', '/', $_SERVER['PHP_SELF']) . 'bb-admin/install.php';
331	require( BB_PATH . BB_INC . 'pluggable.php');
332	wp_redirect($link);
333	die();
334	}
335
336	// Make sure the new meta table exists - very ugly
337	// TODO: consider seperating into external upgrade script for 1.0
338	$bbdb->suppress_errors();
339	if ( !BB_INSTALLING && !bb_get_option_from_db( 'bb_db_version' ) ) {
340	$meta_exists = $bbdb->query("SELECT * FROM $bbdb->meta LIMIT 1");
341	if (!$meta_exists) {
342	$topicmeta_exists = $bbdb->query("SELECT * FROM $bbdb->topicmeta LIMIT 1");
343	if ($topicmeta_exists) {
344	require('bb-admin/upgrade-schema.php');
345	// Create the meta table
346	$bbdb->query($bb_queries['meta']);
347	// Copy options
348	$bbdb->query("INSERT INTO `$bbdb->meta` (`meta_key`, `meta_value`) SELECT `meta_key`, `meta_value` FROM `$bbdb->topicmeta` WHERE `topic_id` = 0;");
349	// Copy topic meta
350	$bbdb->query("INSERT INTO `$bbdb->meta` (`object_id`, `meta_key`, `meta_value`) SELECT `topic_id`, `meta_key`, `meta_value` FROM `$bbdb->topicmeta` WHERE `topic_id` != 0;");
351	// Entries with an object_id are topic meta at this stage
352	$bbdb->query("UPDATE `$bbdb->meta` SET `object_type` = 'bb_topic' WHERE `object_id` != 0");
353	}
354	unset($topicmeta_exists);
355	}
356	unset($meta_exists);
357	}
358	$bbdb->suppress_errors(false);
359
360	// Setup some variables in the $bb class if they don't exist - some of these are deprecated
361	foreach ( array('use_cache' => false, 'debug' => false, 'static_title' => false, 'load_options' => true, 'email_login' => false) as $o => $oo)
362	if ( !isset($bb->$o) )
363	$bb->$o = $oo;
364	unset($o, $oo);
365
366	// Disable plugins during installation
367	if ( BB_INSTALLING ) {
368	foreach ( array('active_plugins') as $i )
369	$bb->$i = false;
370	unset($i);
371	}
372
373
374
375	/**
376	* Load additional bbPress libraries
377	*/
378
379	require( BB_PATH . BB_INC . 'formatting-functions.php');
380	require( BB_PATH . BB_INC . 'template-functions.php');
381	require( BB_PATH . BB_INC . 'capabilities.php');
382	require( BB_PATH . BB_INC . 'cache.php'); // Deprecating
383	require( BB_PATH . BB_INC . 'deprecated.php');
384
385	/**
386	* Old cache global object for backwards compatibility
387	*/
388	$bb_cache = new BB_Cache();
389
390	// Cache options from the database
391	if ( $bb->load_options ) {
392	$bbdb->suppress_errors();
393	bb_cache_all_options();
394	$bbdb->suppress_errors(false);
395	}
396
397	require( BB_PATH . BB_INC . 'default-filters.php');
398	require( BB_PATH . BB_INC . 'script-loader.php');
399
400	// Sanitise external input
401	$_GET = bb_global_sanitize($_GET);
402	$_POST = bb_global_sanitize($_POST);
403	$_COOKIE = bb_global_sanitize($_COOKIE, false);
404	$_SERVER = bb_global_sanitize($_SERVER);
405
406	/**
407	* Set the URI and derivitaves
408	*/
409	if ( $bb->uri = bb_get_option('uri') ) {
410	$bb->uri = rtrim($bb->uri, '/') . '/';
411
412	if ( preg_match( '@^(https?://[^/]+)((?:/.)/{1,1})$@i', $bb->uri, $matches ) ) {
413	// Used when setting up cookie domain
414	$bb->domain = $matches[1];
415	// Used when setting up cookie paths
416	$bb->path = $matches[2];
417	}
418	unset($matches);
419	} else {
420	// Backwards compatibility
421	// These were never set in the database
422	// TODO: Completely remove old constants on version 1.0
423	if ( isset($bb->domain) ) {
424	$bb->domain = rtrim( trim( $bb->domain ), '/' );
425	}
426	if ( isset($bb->path) ) {
427	$bb->path = trim($bb->path);
428	if ( $bb->path != '/' ) $bb->path = '/' . trim($bb->path, '/') . '/';
429	}
430	// We need both to build a uri
431	if ( $bb->domain && $bb->path ) {
432	$bb->uri = $bb->domain . $bb->path;
433	}
434	}
435
436	// Die if no URI
437	if ( !BB_INSTALLING && !$bb->uri ) {
438	bb_die( __('Could not determine site URI') );
439	}
440
441	/**
442	* BB_FORCE_SSL_USER_FORMS - Whether to force use of ssl on user forms like login, registration and profile editing
443	**/
444	if ( !defined('BB_FORCE_SSL_USER_FORMS') ) {
445	define('BB_FORCE_SSL_USER_FORMS', false);
446	}
447	bb_force_ssl_user_forms(BB_FORCE_SSL_USER_FORMS);
448
449	/**
450	* BB_FORCE_SSL_ADMIN - Whether to force use of ssl in the admin area
451	**/
452	if ( !defined('BB_FORCE_SSL_ADMIN') ) {
453	define('BB_FORCE_SSL_ADMIN', false);
454	}
455	bb_force_ssl_admin(BB_FORCE_SSL_ADMIN);
456
457
458
459	/**
460	* Define theme and plugin constants
461	*/
462
463	/**
464	* Full path to the location of the core plugins directory
465	*/
466	define('BB_CORE_PLUGIN_DIR', BB_PATH . 'bb-plugins/');
467
468	/**
469	* Full URL of the core plugins directory
470	*/
471	define('BB_CORE_PLUGIN_URL', $bb->uri . 'bb-plugins/');
472
473	/**
474	* Full path to the location of the core themes directory
475	*/
476	define('BB_CORE_THEME_DIR', BB_PATH . 'bb-templates/');
477
478	/**
479	* Full URL of the core themes directory
480	*/
481	define('BB_CORE_THEME_URL', $bb->uri . 'bb-templates/');
482
483	/**
484	* The default theme
485	*/
486	define('BB_DEFAULT_THEME', 'core#kakumei');
487
488	/**
489	* Full path to the location of the default theme directory
490	*/
491	define('BB_DEFAULT_THEME_DIR', BB_CORE_THEME_DIR . 'kakumei/');
492
493	/**
494	* Full URL of the default theme directory
495	*/
496	define('BB_DEFAULT_THEME_URL', BB_CORE_THEME_URL . 'kakumei/');
497
498	/**
499	* Full path to the location of the user plugins directory
500	*/
501	if ( !defined('BB_PLUGIN_DIR') )
502	if ( defined('BBPLUGINDIR') ) // User has set old constant
503	// TODO: Completely remove old constants on version 1.0
504	define('BB_PLUGIN_DIR', BBPLUGINDIR);
505	else
506	define('BB_PLUGIN_DIR', BB_PATH . 'my-plugins/');
507
508	/**
509	* Full URL of the user plugins directory
510	*/
511	if ( !defined('BB_PLUGIN_URL') )
512	if ( defined('BBPLUGINURL') ) // User has set old constant
513	// TODO: Completely remove old constants on version 1.0
514	define('BB_PLUGIN_URL', BBPLUGINURL);
515	else
516	define('BB_PLUGIN_URL', $bb->uri . 'my-plugins/');
517
518	/**
519	* Full path to the location of the user themes directory
520	*/
521	if ( !defined('BB_THEME_DIR') )
522	if ( defined('BBTHEMEDIR') ) // User has set old constant
523	// TODO: Completely remove old constants on version 1.0
524	define('BB_THEME_DIR', BBTHEMEDIR);
525	else
526	define('BB_THEME_DIR', BB_PATH . 'my-templates/');
527
528	/**
529	* Full URL of the user themes directory
530	*/
531	if ( !defined('BB_THEME_URL') )
532	if ( defined('BBTHEMEURL') ) // User has set old constant
533	// TODO: Completely remove old constants on version 1.0
534	define('BB_THEME_URL', BBTHEMEURL);
535	else
536	define('BB_THEME_URL', $bb->uri . 'my-templates/');
537
538
539
540	/**
541	* Add custom tables if present
542	*/
543
544	// Resolve the various ways custom user tables might be setup
545	bb_set_custom_user_tables();
546
547	// Add custom databases if required
548	if (isset($bb->custom_databases))
549	foreach ($bb->custom_databases as $connection => $database)
550	$bbdb->add_db_server($connection, $database);
551	unset($connection, $database);
552
553	// Add custom tables if required
554	if (isset($bb->custom_tables)) {
555	$bbdb->tables = array_merge($bbdb->tables, $bb->custom_tables);
556	if ( is_wp_error( $bbdb->set_prefix( $bb_table_prefix ) ) )
557	die(__('Your user table prefix may only contain letters, numbers and underscores.'));
558	}
559
560
561
562	/**
563	* Sort out cookies so they work with WordPress (if required)
564	* Note that database integration is no longer a pre-requisite for cookie integration
565	*/
566
567	$bb->wp_siteurl = bb_get_option('wp_siteurl');
568	if ( $bb->wp_siteurl ) {
569	$bb->wp_siteurl = rtrim($bb->wp_siteurl, '/') . '/';
570	}
571
572	$bb->wp_home = bb_get_option('wp_home');
573	if ( $bb->wp_home ) {
574	$bb->wp_home = rtrim($bb->wp_home, '/') . '/';
575	}
576
577	$bb->wp_cookies_integrated = false;
578	$bb->cookiedomain = bb_get_option('cookiedomain');
579	if ( $bb->wp_siteurl && $bb->wp_home ) {
580	if ( $bb->cookiedomain ) {
581	$bb->wp_cookies_integrated = true;
582	} else {
583	$cookiedomain = bb_get_common_domains($bb->uri, $bb->wp_home);
584	if ( bb_match_domains($bb->uri, $bb->wp_home) ) {
585	$bb->cookiepath = bb_get_common_paths($bb->uri, $bb->wp_home);
586	$bb->wp_cookies_integrated = true;
587	} elseif ($cookiedomain && strpos($cookiedomain, '.') !== false) {
588	$bb->cookiedomain = '.' . $cookiedomain;
589	$bb->cookiepath = bb_get_common_paths($bb->uri, $bb->wp_home);
590	$bb->wp_cookies_integrated = true;
591	}
592	unset($cookiedomain);
593	}
594	}
595
596	define('BB_HASH', $bb->wp_cookies_integrated ? md5(rtrim($bb->wp_siteurl, '/')) : md5(rtrim($bb->uri, '/')));
597	// Deprecated setting
598	// TODO: Completely remove old constants on version 1.0
599	$bb->usercookie = bb_get_option('usercookie');
600	if ( !$bb->usercookie ) {
601	$bb->usercookie = ( $bb->wp_cookies_integrated ? 'wordpressuser_' : 'bb_user_' ) . BB_HASH;