diff options
author | Pierre Schmitz <pierre@archlinux.de> | 2011-06-22 11:28:20 +0200 |
---|---|---|
committer | Pierre Schmitz <pierre@archlinux.de> | 2011-06-22 11:28:20 +0200 |
commit | 9db190c7e736ec8d063187d4241b59feaf7dc2d1 (patch) | |
tree | 46d1a0dee7febef5c2d57a9f7b972be16a163b3d /includes/WebStart.php | |
parent | 78677c7bbdcc9739f6c10c75935898a20e1acd9e (diff) |
update to MediaWiki 1.17.0
Diffstat (limited to 'includes/WebStart.php')
-rw-r--r-- | includes/WebStart.php | 64 |
1 files changed, 36 insertions, 28 deletions
diff --git a/includes/WebStart.php b/includes/WebStart.php index d62b4a62..b5140718 100644 --- a/includes/WebStart.php +++ b/includes/WebStart.php @@ -1,14 +1,18 @@ <?php - -# This does the initial setup for a web request. It does some security checks, -# starts the profiler and loads the configuration, and optionally loads -# Setup.php depending on whether MW_NO_SETUP is defined. +/** + * This does the initial setup for a web request. + * It does some security checks, starts the profiler and loads the + * configuration, and optionally loads Setup.php depending on whether + * MW_NO_SETUP is defined. + * + * @file + */ # Protect against register_globals # This must be done before any globals are set by the code if ( ini_get( 'register_globals' ) ) { if ( isset( $_REQUEST['GLOBALS'] ) ) { - die( '<a href="http://www.hardened-php.net/index.76.html">$GLOBALS overwrite vulnerability</a>'); + die( '<a href="http://www.hardened-php.net/globals-problem">$GLOBALS overwrite vulnerability</a>'); } $verboten = array( 'GLOBALS', @@ -30,7 +34,7 @@ if ( ini_get( 'register_globals' ) ) { ); foreach ( $_REQUEST as $name => $value ) { if( in_array( $name, $verboten ) ) { - header( "HTTP/1.x 500 Internal Server Error" ); + header( "HTTP/1.1 500 Internal Server Error" ); echo "register_globals security paranoia: trying to overwrite superglobals, aborting."; die( -1 ); } @@ -85,44 +89,47 @@ if ( !function_exists( 'version_compare' ) exit; } -# Test for PHP bug which breaks PHP 5.0.x on 64-bit... -# As of 1.8 this breaks lots of common operations instead -# of just some rare ones like export. -$borked = str_replace( 'a', 'b', array( -1 => -1 ) ); -if( !isset( $borked[-1] ) ) { - echo "PHP 5.0.x is buggy on your 64-bit system; you must upgrade to PHP 5.1.x\n" . - "or higher. ABORTING. (http://bugs.php.net/bug.php?id=34879 for details)\n"; - exit; -} - # Start the autoloader, so that extensions can derive classes from core files require_once( "$IP/includes/AutoLoader.php" ); +# Load default settings +require_once( "$IP/includes/DefaultSettings.php" ); if ( defined( 'MW_CONFIG_CALLBACK' ) ) { # Use a callback function to configure MediaWiki - require_once( "$IP/includes/DefaultSettings.php" ); - call_user_func( MW_CONFIG_CALLBACK ); + $callback = MW_CONFIG_CALLBACK; + # PHP 5.1 doesn't support "class::method" for call_user_func, so split it + if ( strpos( $callback, '::' ) !== false ) { + $callback = explode( '::', $callback, 2); + } + call_user_func( $callback ); } else { - # LocalSettings.php is the per site customization file. If it does not exit - # the wiki installer need to be launched or the generated file moved from - # ./config/ to ./ - if( !file_exists( "$IP/LocalSettings.php" ) ) { - require_once( "$IP/includes/DefaultSettings.php" ); # used for printing the version + if ( !defined('MW_CONFIG_FILE') ) + define('MW_CONFIG_FILE', "$IP/LocalSettings.php"); + + # LocalSettings.php is the per site customization file. If it does not exist + # the wiki installer needs to be launched or the generated file uploaded to + # the root wiki directory + if( !file_exists( MW_CONFIG_FILE ) ) { require_once( "$IP/includes/templates/NoLocalSettings.php" ); die(); } # Include site settings. $IP may be changed (hopefully before the AutoLoader is invoked) - require_once( "$IP/LocalSettings.php" ); + require_once( MW_CONFIG_FILE ); } + +if ( $wgEnableSelenium ) { + require_once( "$IP/includes/SeleniumWebSettings.php" ); +} + wfProfileOut( 'WebStart.php-conf' ); wfProfileIn( 'WebStart.php-ob_start' ); # Initialise output buffering -if ( ob_get_level() ) { - # Someone's been mixing configuration data with code! - # How annoying. -} elseif ( !defined( 'MW_NO_OUTPUT_BUFFER' ) ) { +# Check that there is no previous output or previously set up buffers, because +# that would cause us to potentially mix gzip and non-gzip output, creating a +# big mess. +if ( !defined( 'MW_NO_OUTPUT_BUFFER' ) && ob_get_level() == 0 ) { require_once( "$IP/includes/OutputHandler.php" ); ob_start( 'wfOutputHandler' ); } @@ -131,3 +138,4 @@ wfProfileOut( 'WebStart.php-ob_start' ); if ( !defined( 'MW_NO_SETUP' ) ) { require_once( "$IP/includes/Setup.php" ); } + |