wiki.techinc.nl/index.php

<?php
# Main wiki script; see design.doc
#
$wgRequestTime = microtime();

## Enable this to debug total elimination of register_globals
#define( "DEBUG_GLOBALS", 1 );

if( defined('DEBUG_GLOBALS') ) error_reporting(E_ALL);

function &fix_magic_quotes( &$arr ) {
	foreach( $arr as $key => $val ) {
		if( is_array( $val ) ) {
			fix_magic_quotes( $arr[$key] );
		} else {
			$arr[$key] = stripslashes( $val );
		}
	}
	return $arr;
}

if ( get_magic_quotes_gpc() ) {
	fix_magic_quotes( $_COOKIE );
	fix_magic_quotes( $_ENV );
	fix_magic_quotes( $_GET );
	fix_magic_quotes( $_POST );
	fix_magic_quotes( $_REQUEST );
	fix_magic_quotes( $_SERVER );
} elseif( defined('DEBUG_GLOBALS') ) {
	die("DEBUG_GLOBALS: turn on magic_quotes_gpc" );
}

if( defined('DEBUG_GLOBALS') ) {
	if( ini_get( "register_globals" ) ) {
		die( "DEBUG_GLOBALS: turn off register_globals" );
	}
} elseif( !ini_get( "register_globals" ) ) {
	# Insecure, but at least it'll run
	import_request_variables( "GPC" );
}

unset( $IP );
ini_set( "allow_url_fopen", 0 ); # For security...
if(!file_exists("LocalSettings.php")) {
	die( "You'll have to <a href='$wgScriptPath/config/index.php'>set the wiki up</a> first!" );
}
include_once( "./LocalSettings.php" );

if( $wgSitename == "MediaWiki" ) {
	die( "You must set the site name in \$wgSitename before installation.\n\n" );
}

# PATH_SEPARATOR avaialble only from 4.3.0
$sep = (DIRECTORY_SEPARATOR == "\\") ? ";" : ":";
ini_set( "include_path", $IP . $sep . ini_get( "include_path" ) );

include_once( "Setup.php" );

wfProfileIn( "main-misc-setup" );
OutputPage::setEncodings(); # Not really used yet

# Query string fields
#
#global $action, $title, $search, $go, $target, $printable;
#global $returnto, $diff, $oldid, $curid;

$action = $_REQUEST['action'];
if( isset( $_SERVER['PATH_INFO'] ) ) {
	$title = substr( $_SERVER['PATH_INFO'], 1 );
} else {
	$title = $_REQUEST['title'];
}

# Placeholders in case of DB error
$wgTitle = Title::newFromText( wfMsg( "badtitle" ) );
$wgArticle = new Article($wgTitle);

$action = strtolower( trim( $action ) );
if ( "" == $action ) { $action = "view"; }
if ( !empty( $_REQUEST['printable'] ) && $_REQUEST['printable'] == "yes") {
	$wgOut->setPrintable();
}

if ( "" == $title && "delete" != $action ) {
	$wgTitle = Title::newFromText( wfMsg( "mainpage" ) );
} elseif ( !empty( $_REQUEST['curid'] ) ) {
	# URLs like this are generated by RC, because rc_title isn't always accurate
	$wgTitle = Title::newFromID( $_REQUEST['curid'] );
} else {
	$wgTitle = Title::newFromURL( $title );
}
wfProfileOut( "main-misc-setup" );

# If the user is not logged in, the Namespace:title of the article must be in the Read array in
#  order for the user to see it.
if ( !$wgUser->getID() && is_array( $wgWhitelistRead ) && $wgTitle) {
	if ( !in_array( $wgLang->getNsText( $wgTitle->getNamespace() ) . ":" . $wgTitle->getDBkey(), $wgWhitelistRead ) ) {
		$wgOut->loginToUse();
		$wgOut->output();
		exit;
	}
}

if ( !empty( $_REQUEST['search'] ) ) {
	if( isset($_REQUEST['fulltext']) ) {
		wfSearch( $_REQUEST['search'] );
	} else {
		wfGo( $_REQUEST['search'] );
	}
} else if( !$wgTitle or $wgTitle->getInterwiki() != "" or $wgTitle->getDBkey() == "" ) {
	$wgTitle = Title::newFromText( wfMsg( "badtitle" ) );
	$wgOut->errorpage( "badtitle", "badtitletext" );
} else if ( ( $action == "view" ) && $wgTitle->getPrefixedDBKey() != $title ) {
	/* redirect to canonical url, make it a 301 to allow caching */
	$wgOut->redirect( wfLocalUrl( $wgTitle->getPrefixedURL() ), '301');
} else if ( Namespace::getSpecial() == $wgTitle->getNamespace() ) {
	wfSpecialPage();
} else {
	if ( Namespace::getMedia() == $wgTitle->getNamespace() ) {
		$wgTitle = Title::makeTitle( Namespace::getImage(), $wgTitle->getDBkey() );
	}	
	
	switch( $wgTitle->getNamespace() ) {
	case 6:
		include_once( "ImagePage.php" );
		$wgArticle = new ImagePage( $wgTitle );
		break;
	default:
		$wgArticle = new Article( $wgTitle );
	}

	wfQuery("BEGIN", DB_WRITE);
	switch( $action ) {
		case "view":
		case "watch":
		case "unwatch":
		case "delete":
		case "revert":
		case "rollback":
		case "protect":
		case "unprotect":
			$wgArticle->$action();
			break;
		case "print":
			$wgArticle->view();
			break;
		case "edit":
		case "submit":
			if( !$wgCommandLineMode && !isset( $_COOKIE[ini_get("session.name")] ) ) {
				User::SetupSession();
			}
			include_once( "EditPage.php" );
			$editor = new EditPage( $wgArticle );
			$editor->$action();
			break;
		case "history":
			include_once( "PageHistory.php" );
			$history = new PageHistory( $wgArticle );
			$history->history();
			break;
		default:
			$wgOut->errorpage( "nosuchaction", "nosuchactiontext" );
	}
	wfQuery("COMMIT", DB_WRITE);
}

$wgOut->output();
foreach ( $wgDeferredUpdateList as $up ) { $up->doUpdate(); }
logProfilingData();
wfDebug( "Request ended normally\n" );
?>
using index.php and redirect.php instead of wiki.phtml and redirect.phtml keeping phtml stubs around for compatibility and CVS history 2004-02-28 03:04:02 +00:00			`<?php`
			`# Main wiki script; see design.doc`
			`#`
			`$wgRequestTime = microtime();`

Imported the register_globals hack from REL1_2. Also starting work on elimination of the use of import_request_variables (which gives us all the insecurity of register_globals). Uncomment the define of DEBUG_GLOBALS in index.php to turn on extra error reporting and trace down use of uninitialized variables and nassssty globals. Also rearranged the magic_quotes fixing, may not yet cover everything... 2004-03-08 01:51:32 +00:00			`## Enable this to debug total elimination of register_globals`
			`#define( "DEBUG_GLOBALS", 1 );`

			`if( defined('DEBUG_GLOBALS') ) error_reporting(E_ALL);`

			`function &fix_magic_quotes( &$arr ) {`
			`foreach( $arr as $key => $val ) {`
			`if( is_array( $val ) ) {`
			`fix_magic_quotes( $arr[$key] );`
			`} else {`
			`$arr[$key] = stripslashes( $val );`
			`}`
			`}`
			`return $arr;`
			`}`

			`if ( get_magic_quotes_gpc() ) {`
			`fix_magic_quotes( $_COOKIE );`
			`fix_magic_quotes( $_ENV );`
			`fix_magic_quotes( $_GET );`
			`fix_magic_quotes( $_POST );`
			`fix_magic_quotes( $_REQUEST );`
			`fix_magic_quotes( $_SERVER );`
			`} elseif( defined('DEBUG_GLOBALS') ) {`
			`die("DEBUG_GLOBALS: turn on magic_quotes_gpc" );`
			`}`

			`if( defined('DEBUG_GLOBALS') ) {`
			`if( ini_get( "register_globals" ) ) {`
			`die( "DEBUG_GLOBALS: turn off register_globals" );`
			`}`
			`} elseif( !ini_get( "register_globals" ) ) {`
			`# Insecure, but at least it'll run`
			`import_request_variables( "GPC" );`
			`}`

using index.php and redirect.php instead of wiki.phtml and redirect.phtml keeping phtml stubs around for compatibility and CVS history 2004-02-28 03:04:02 +00:00			`unset( $IP );`
			`ini_set( "allow_url_fopen", 0 ); # For security...`
Experimental in-place installer. Doesn't yet do any database setup, but does produce a LocalSettings.php that can successfully operate the wiki in the distribution directory structure. Note that the maintenance scripts may not all be fully armored against web access, and aren't set up to be run from the web by an actual administrator either. 2004-03-01 12:59:45 +00:00			`if(!file_exists("LocalSettings.php")) {`
Imported the register_globals hack from REL1_2. Also starting work on elimination of the use of import_request_variables (which gives us all the insecurity of register_globals). Uncomment the define of DEBUG_GLOBALS in index.php to turn on extra error reporting and trace down use of uninitialized variables and nassssty globals. Also rearranged the magic_quotes fixing, may not yet cover everything... 2004-03-08 01:51:32 +00:00			`die( "You'll have to <a href='$wgScriptPath/config/index.php'>set the wiki up</a> first!" );`
Experimental in-place installer. Doesn't yet do any database setup, but does produce a LocalSettings.php that can successfully operate the wiki in the distribution directory structure. Note that the maintenance scripts may not all be fully armored against web access, and aren't set up to be run from the web by an actual administrator either. 2004-03-01 12:59:45 +00:00			`}`
using index.php and redirect.php instead of wiki.phtml and redirect.phtml keeping phtml stubs around for compatibility and CVS history 2004-02-28 03:04:02 +00:00			`include_once( "./LocalSettings.php" );`

Double-check at runtime that sitename is set. Paranoia is good... if we don't do this, manual installs that are sloppy may introduce subtle bugs. 2004-02-29 08:06:49 +00:00			`if( $wgSitename == "MediaWiki" ) {`
			`die( "You must set the site name in \$wgSitename before installation.\n\n" );`
			`}`

Imported the register_globals hack from REL1_2. Also starting work on elimination of the use of import_request_variables (which gives us all the insecurity of register_globals). Uncomment the define of DEBUG_GLOBALS in index.php to turn on extra error reporting and trace down use of uninitialized variables and nassssty globals. Also rearranged the magic_quotes fixing, may not yet cover everything... 2004-03-08 01:51:32 +00:00			`# PATH_SEPARATOR avaialble only from 4.3.0`
			`$sep = (DIRECTORY_SEPARATOR == "\\") ? ";" : ":";`
			`ini_set( "include_path", $IP . $sep . ini_get( "include_path" ) );`
using index.php and redirect.php instead of wiki.phtml and redirect.phtml keeping phtml stubs around for compatibility and CVS history 2004-02-28 03:04:02 +00:00
			`include_once( "Setup.php" );`

			`wfProfileIn( "main-misc-setup" );`
			`OutputPage::setEncodings(); # Not really used yet`

			`# Query string fields`
			`#`
* Fixed magic quotes in $_REQUEST, in Setup.php * Converted many instances of globals from the query to $_REQUEST * Renamed near-useless Title::getURL() to Title::getPartialURL() * Created new Title::getURL(), to replace wfLocalUrl, wfLocalUrlE, wfFullUrl and wfFullUrlE. Replaced most instances throughout the code * In Parser.php, generalised stripping of <nowiki>, <pre> and <math> to allow more general use such as nesting * Moved body of Article::preSaveTransform to Parser.php * Put lots of comments in Title.php 2004-03-06 01:49:16 +00:00			`#global $action, $title, $search, $go, $target, $printable;`
			`#global $returnto, $diff, $oldid, $curid;`

			`$action = $_REQUEST['action'];`
Use PATH_INFO for prettier default URLs: index.php/Foo instead of index.php?title=Foo 2004-03-06 21:35:07 +00:00			`if( isset( $_SERVER['PATH_INFO'] ) ) {`
			`$title = substr( $_SERVER['PATH_INFO'], 1 );`
			`} else {`
			`$title = $_REQUEST['title'];`
			`}`
using index.php and redirect.php instead of wiki.phtml and redirect.phtml keeping phtml stubs around for compatibility and CVS history 2004-02-28 03:04:02 +00:00
			`# Placeholders in case of DB error`
			`$wgTitle = Title::newFromText( wfMsg( "badtitle" ) );`
			`$wgArticle = new Article($wgTitle);`

			`$action = strtolower( trim( $action ) );`
			`if ( "" == $action ) { $action = "view"; }`
Imported the register_globals hack from REL1_2. Also starting work on elimination of the use of import_request_variables (which gives us all the insecurity of register_globals). Uncomment the define of DEBUG_GLOBALS in index.php to turn on extra error reporting and trace down use of uninitialized variables and nassssty globals. Also rearranged the magic_quotes fixing, may not yet cover everything... 2004-03-08 01:51:32 +00:00			`if ( !empty( $_REQUEST['printable'] ) && $_REQUEST['printable'] == "yes") {`
			`$wgOut->setPrintable();`
			`}`
using index.php and redirect.php instead of wiki.phtml and redirect.phtml keeping phtml stubs around for compatibility and CVS history 2004-02-28 03:04:02 +00:00
			`if ( "" == $title && "delete" != $action ) {`
			`$wgTitle = Title::newFromText( wfMsg( "mainpage" ) );`
Imported the register_globals hack from REL1_2. Also starting work on elimination of the use of import_request_variables (which gives us all the insecurity of register_globals). Uncomment the define of DEBUG_GLOBALS in index.php to turn on extra error reporting and trace down use of uninitialized variables and nassssty globals. Also rearranged the magic_quotes fixing, may not yet cover everything... 2004-03-08 01:51:32 +00:00			`} elseif ( !empty( $_REQUEST['curid'] ) ) {`
using index.php and redirect.php instead of wiki.phtml and redirect.phtml keeping phtml stubs around for compatibility and CVS history 2004-02-28 03:04:02 +00:00			`# URLs like this are generated by RC, because rc_title isn't always accurate`
* Fixed magic quotes in $_REQUEST, in Setup.php * Converted many instances of globals from the query to $_REQUEST * Renamed near-useless Title::getURL() to Title::getPartialURL() * Created new Title::getURL(), to replace wfLocalUrl, wfLocalUrlE, wfFullUrl and wfFullUrlE. Replaced most instances throughout the code * In Parser.php, generalised stripping of <nowiki>, <pre> and <math> to allow more general use such as nesting * Moved body of Article::preSaveTransform to Parser.php * Put lots of comments in Title.php 2004-03-06 01:49:16 +00:00			`$wgTitle = Title::newFromID( $_REQUEST['curid'] );`
using index.php and redirect.php instead of wiki.phtml and redirect.phtml keeping phtml stubs around for compatibility and CVS history 2004-02-28 03:04:02 +00:00			`} else {`
			`$wgTitle = Title::newFromURL( $title );`
			`}`
			`wfProfileOut( "main-misc-setup" );`

Implemented '$wgWhitelistRead'. $wgWhitelistRead is now defined to be an optional array of namespace:pages a user may see unless they login. For example: $wgWhitelistRead = array ( ":Main_Page", "Special:Userlogin", "Wikipedia:Help" ); will restrict an anonymous user to only those pages. They are alerted that they must login, if the try to go to another page. If 'false', the default, the anonymous user may see all pages, except Sysop pages, of course. 2004-03-05 13:19:19 +00:00			`# If the user is not logged in, the Namespace:title of the article must be in the Read array in`
			`# order for the user to see it.`
			`if ( !$wgUser->getID() && is_array( $wgWhitelistRead ) && $wgTitle) {`
			`if ( !in_array( $wgLang->getNsText( $wgTitle->getNamespace() ) . ":" . $wgTitle->getDBkey(), $wgWhitelistRead ) ) {`
			`$wgOut->loginToUse();`
			`$wgOut->output();`
			`exit;`
			`}`
			`}`

Imported the register_globals hack from REL1_2. Also starting work on elimination of the use of import_request_variables (which gives us all the insecurity of register_globals). Uncomment the define of DEBUG_GLOBALS in index.php to turn on extra error reporting and trace down use of uninitialized variables and nassssty globals. Also rearranged the magic_quotes fixing, may not yet cover everything... 2004-03-08 01:51:32 +00:00			`if ( !empty( $_REQUEST['search'] ) ) {`
using index.php and redirect.php instead of wiki.phtml and redirect.phtml keeping phtml stubs around for compatibility and CVS history 2004-02-28 03:04:02 +00:00			`if( isset($_REQUEST['fulltext']) ) {`
* Fixed magic quotes in $_REQUEST, in Setup.php * Converted many instances of globals from the query to $_REQUEST * Renamed near-useless Title::getURL() to Title::getPartialURL() * Created new Title::getURL(), to replace wfLocalUrl, wfLocalUrlE, wfFullUrl and wfFullUrlE. Replaced most instances throughout the code * In Parser.php, generalised stripping of <nowiki>, <pre> and <math> to allow more general use such as nesting * Moved body of Article::preSaveTransform to Parser.php * Put lots of comments in Title.php 2004-03-06 01:49:16 +00:00			`wfSearch( $_REQUEST['search'] );`
using index.php and redirect.php instead of wiki.phtml and redirect.phtml keeping phtml stubs around for compatibility and CVS history 2004-02-28 03:04:02 +00:00			`} else {`
* Fixed magic quotes in $_REQUEST, in Setup.php * Converted many instances of globals from the query to $_REQUEST * Renamed near-useless Title::getURL() to Title::getPartialURL() * Created new Title::getURL(), to replace wfLocalUrl, wfLocalUrlE, wfFullUrl and wfFullUrlE. Replaced most instances throughout the code * In Parser.php, generalised stripping of <nowiki>, <pre> and <math> to allow more general use such as nesting * Moved body of Article::preSaveTransform to Parser.php * Put lots of comments in Title.php 2004-03-06 01:49:16 +00:00			`wfGo( $_REQUEST['search'] );`
using index.php and redirect.php instead of wiki.phtml and redirect.phtml keeping phtml stubs around for compatibility and CVS history 2004-02-28 03:04:02 +00:00			`}`
			`} else if( !$wgTitle or $wgTitle->getInterwiki() != "" or $wgTitle->getDBkey() == "" ) {`
			`$wgTitle = Title::newFromText( wfMsg( "badtitle" ) );`
			`$wgOut->errorpage( "badtitle", "badtitletext" );`
			`} else if ( ( $action == "view" ) && $wgTitle->getPrefixedDBKey() != $title ) {`
allow caching for permanent redirects 2004-03-01 22:16:39 +00:00			`/* redirect to canonical url, make it a 301 to allow caching */`
			`$wgOut->redirect( wfLocalUrl( $wgTitle->getPrefixedURL() ), '301');`
using index.php and redirect.php instead of wiki.phtml and redirect.phtml keeping phtml stubs around for compatibility and CVS history 2004-02-28 03:04:02 +00:00			`} else if ( Namespace::getSpecial() == $wgTitle->getNamespace() ) {`
			`wfSpecialPage();`
			`} else {`
			`if ( Namespace::getMedia() == $wgTitle->getNamespace() ) {`
			`$wgTitle = Title::makeTitle( Namespace::getImage(), $wgTitle->getDBkey() );`
			`}`

			`switch( $wgTitle->getNamespace() ) {`
			`case 6:`
			`include_once( "ImagePage.php" );`
			`$wgArticle = new ImagePage( $wgTitle );`
			`break;`
			`default:`
			`$wgArticle = new Article( $wgTitle );`
			`}`

			`wfQuery("BEGIN", DB_WRITE);`
			`switch( $action ) {`
			`case "view":`
			`case "watch":`
			`case "unwatch":`
			`case "delete":`
			`case "revert":`
			`case "rollback":`
			`case "protect":`
			`case "unprotect":`
			`$wgArticle->$action();`
			`break;`
			`case "print":`
			`$wgArticle->view();`
			`break;`
			`case "edit":`
			`case "submit":`
			`if( !$wgCommandLineMode && !isset( $_COOKIE[ini_get("session.name")] ) ) {`
			`User::SetupSession();`
			`}`
			`include_once( "EditPage.php" );`
			`$editor = new EditPage( $wgArticle );`
			`$editor->$action();`
			`break;`
			`case "history":`
			`include_once( "PageHistory.php" );`
			`$history = new PageHistory( $wgArticle );`
			`$history->history();`
			`break;`
			`default:`
			`$wgOut->errorpage( "nosuchaction", "nosuchactiontext" );`
			`}`
			`wfQuery("COMMIT", DB_WRITE);`
			`}`

			`$wgOut->output();`
			`foreach ( $wgDeferredUpdateList as $up ) { $up->doUpdate(); }`
			`logProfilingData();`
			`wfDebug( "Request ended normally\n" );`
			`?>`