1<?php
2
3/**
4 * Initialize some defaults needed for DokuWiki
5 */
6
7use dokuwiki\Extension\PluginController;
8use dokuwiki\ErrorHandler;
9use dokuwiki\Input\Input;
10use dokuwiki\Extension\Event;
11use dokuwiki\Extension\EventHandler;
12
13/**
14 * timing Dokuwiki execution
15 *
16 * @param integer $start
17 *
18 * @return mixed
19 */
20function delta_time($start = 0)
21{
22    return microtime(true) - ((float)$start);
23}
24define('DOKU_START_TIME', delta_time());
25
26global $config_cascade;
27$config_cascade = [];
28
29// if available load a preload config file
30$preload = fullpath(__DIR__) . '/preload.php';
31if (file_exists($preload)) include($preload);
32
33// define the include path
34if (!defined('DOKU_INC')) define('DOKU_INC', fullpath(__DIR__ . '/../') . '/');
35
36// define Plugin dir
37if (!defined('DOKU_PLUGIN'))  define('DOKU_PLUGIN', DOKU_INC . 'lib/plugins/');
38
39// define config path (packagers may want to change this to /etc/dokuwiki/)
40if (!defined('DOKU_CONF')) define('DOKU_CONF', DOKU_INC . 'conf/');
41
42// check for error reporting override or set error reporting to sane values
43if (!defined('DOKU_E_LEVEL') && file_exists(DOKU_CONF . 'report_e_all')) {
44    define('DOKU_E_LEVEL', E_ALL);
45}
46if (!defined('DOKU_E_LEVEL')) {
47    error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED);
48} else {
49    error_reporting(DOKU_E_LEVEL);
50}
51
52// autoloader
53require_once(DOKU_INC . 'inc/load.php');
54
55// avoid caching issues #1594
56header('Vary: Cookie');
57
58// init memory caches
59global $cache_revinfo;
60       $cache_revinfo = [];
61global $cache_wikifn;
62       $cache_wikifn = [];
63global $cache_cleanid;
64       $cache_cleanid = [];
65global $cache_authname;
66       $cache_authname = [];
67global $cache_metadata;
68       $cache_metadata = [];
69
70// always include 'inc/config_cascade.php'
71// previously in preload.php set fields of $config_cascade will be merged with the defaults
72include(DOKU_INC . 'inc/config_cascade.php');
73
74//prepare config array()
75global $conf;
76$conf = [];
77
78// load the global config file(s)
79foreach (['default', 'local', 'protected'] as $config_group) {
80    if (empty($config_cascade['main'][$config_group])) continue;
81    foreach ($config_cascade['main'][$config_group] as $config_file) {
82        if (file_exists($config_file)) {
83            include($config_file);
84        }
85    }
86}
87
88// precalculate file creation modes
89init_creationmodes();
90
91// make real paths and check them
92init_paths();
93init_files();
94
95//prepare license array()
96global $license;
97$license = [];
98
99// load the license file(s)
100foreach (['default', 'local'] as $config_group) {
101    if (empty($config_cascade['license'][$config_group])) continue;
102    foreach ($config_cascade['license'][$config_group] as $config_file) {
103        if (file_exists($config_file)) {
104            include($config_file);
105        }
106    }
107}
108
109// set timezone (as in pre 5.3.0 days)
110date_default_timezone_set(@date_default_timezone_get());
111
112
113// don't let cookies ever interfere with request vars
114$_REQUEST = array_merge($_GET, $_POST);
115// input handle class
116global $INPUT;
117$INPUT = new Input();
118
119
120// define baseURL
121if (!defined('DOKU_REL')) define('DOKU_REL', getBaseURL(false));
122if (!defined('DOKU_URL')) define('DOKU_URL', getBaseURL(true));
123if (!defined('DOKU_BASE')) {
124    if ($conf['canonical']) {
125        define('DOKU_BASE', DOKU_URL);
126    } else {
127        define('DOKU_BASE', DOKU_REL);
128    }
129}
130
131// define whitespace
132if (!defined('NL')) define('NL', "\n");
133if (!defined('DOKU_LF')) define('DOKU_LF', "\n");
134if (!defined('DOKU_TAB')) define('DOKU_TAB', "\t");
135
136// define cookie and session id, append server port when securecookie is configured FS#1664
137if (!defined('DOKU_COOKIE')) {
138    $serverPort = $_SERVER['SERVER_PORT'] ?? '';
139    define('DOKU_COOKIE', 'DW' . md5(DOKU_REL . (($conf['securecookie']) ? $serverPort : '')));
140    unset($serverPort);
141}
142
143// define main script
144if (!defined('DOKU_SCRIPT')) define('DOKU_SCRIPT', 'doku.php');
145
146if (!defined('DOKU_TPL')) {
147    /**
148     * @deprecated 2012-10-13 replaced by more dynamic method
149     * @see tpl_basedir()
150     */
151    define('DOKU_TPL', DOKU_BASE . 'lib/tpl/' . $conf['template'] . '/');
152}
153
154if (!defined('DOKU_TPLINC')) {
155    /**
156     * @deprecated 2012-10-13 replaced by more dynamic method
157     * @see tpl_incdir()
158     */
159    define('DOKU_TPLINC', DOKU_INC . 'lib/tpl/' . $conf['template'] . '/');
160}
161
162// make session rewrites XHTML compliant
163@ini_set('arg_separator.output', '&amp;');
164
165// make sure global zlib does not interfere FS#1132
166@ini_set('zlib.output_compression', 'off');
167
168// increase PCRE backtrack limit
169@ini_set('pcre.backtrack_limit', '20971520');
170
171// enable gzip compression if supported
172$httpAcceptEncoding = $_SERVER['HTTP_ACCEPT_ENCODING'] ?? '';
173$conf['gzip_output'] &= (strpos($httpAcceptEncoding, 'gzip') !== false);
174global $ACT;
175if (
176    $conf['gzip_output'] &&
177        !defined('DOKU_DISABLE_GZIP_OUTPUT') &&
178        function_exists('ob_gzhandler') &&
179        // Disable compression when a (compressed) sitemap might be delivered
180        // See https://bugs.dokuwiki.org/index.php?do=details&task_id=2576
181        $ACT != 'sitemap'
182) {
183    ob_start('ob_gzhandler');
184}
185
186// init session
187if (!headers_sent() && !defined('NOSESSION')) {
188    if (!defined('DOKU_SESSION_NAME'))     define('DOKU_SESSION_NAME', "DokuWiki");
189    if (!defined('DOKU_SESSION_LIFETIME')) define('DOKU_SESSION_LIFETIME', 0);
190    if (!defined('DOKU_SESSION_PATH')) {
191        $cookieDir = empty($conf['cookiedir']) ? DOKU_REL : $conf['cookiedir'];
192        define('DOKU_SESSION_PATH', $cookieDir);
193    }
194    if (!defined('DOKU_SESSION_DOMAIN'))   define('DOKU_SESSION_DOMAIN', '');
195
196    // start the session
197    init_session();
198
199    // load left over messages
200    if (isset($_SESSION[DOKU_COOKIE]['msg'])) {
201        $MSG = $_SESSION[DOKU_COOKIE]['msg'];
202        unset($_SESSION[DOKU_COOKIE]['msg']);
203    }
204}
205
206
207// we don't want a purge URL to be digged
208if (isset($_REQUEST['purge']) && !empty($_SERVER['HTTP_REFERER'])) unset($_REQUEST['purge']);
209
210
211// setup plugin controller class (can be overwritten in preload.php)
212global $plugin_controller_class, $plugin_controller;
213if (empty($plugin_controller_class)) $plugin_controller_class = PluginController::class;
214
215// from now on everything is an exception
216ErrorHandler::register();
217
218// disable gzip if not available
219define('DOKU_HAS_BZIP', function_exists('bzopen'));
220define('DOKU_HAS_GZIP', function_exists('gzopen'));
221if ($conf['compression'] == 'bz2' && !DOKU_HAS_BZIP) {
222    $conf['compression'] = 'gz';
223}
224if ($conf['compression'] == 'gz' && !DOKU_HAS_GZIP) {
225    $conf['compression'] = 0;
226}
227
228// initialize plugin controller
229$plugin_controller = new $plugin_controller_class();
230
231// initialize the event handler
232global $EVENT_HANDLER;
233$EVENT_HANDLER = new EventHandler();
234
235$local = $conf['lang'];
236Event::createAndTrigger('INIT_LANG_LOAD', $local, 'init_lang', true);
237
238
239// setup authentication system
240if (!defined('NOSESSION')) {
241    auth_setup();
242}
243
244// setup mail system
245mail_setup();
246
247$nil = null;
248Event::createAndTrigger('DOKUWIKI_INIT_DONE', $nil, null, false);
249
250/**
251 * Initializes the session
252 *
253 * Makes sure the passed session cookie is valid, invalid ones are ignored an a new session ID is issued
254 *
255 * @link http://stackoverflow.com/a/33024310/172068
256 * @link http://php.net/manual/en/session.configuration.php#ini.session.sid-length
257 */
258function init_session()
259{
260    global $conf;
261    session_name(DOKU_SESSION_NAME);
262    session_set_cookie_params([
263        'lifetime' => DOKU_SESSION_LIFETIME,
264        'path' => DOKU_SESSION_PATH,
265        'domain' => DOKU_SESSION_DOMAIN,
266        'secure' => ($conf['securecookie'] && \dokuwiki\Ip::isSsl()),
267        'httponly' => true,
268        'samesite' => 'Lax',
269    ]);
270
271    // make sure the session cookie contains a valid session ID
272    if (isset($_COOKIE[DOKU_SESSION_NAME]) && !preg_match('/^[-,a-zA-Z0-9]{22,256}$/', $_COOKIE[DOKU_SESSION_NAME])) {
273        unset($_COOKIE[DOKU_SESSION_NAME]);
274    }
275
276    session_start();
277}
278
279
280/**
281 * Checks paths from config file
282 */
283function init_paths()
284{
285    global $conf;
286
287    $paths = [
288        'datadir'   => 'pages',
289        'olddir'    => 'attic',
290        'mediadir'  => 'media',
291        'mediaolddir' => 'media_attic',
292        'metadir'   => 'meta',
293        'mediametadir' => 'media_meta',
294        'cachedir'  => 'cache',
295        'indexdir'  => 'index',
296        'lockdir'   => 'locks',
297        'tmpdir'    => 'tmp',
298        'logdir'    => 'log',
299    ];
300
301    foreach ($paths as $c => $p) {
302        $path = empty($conf[$c]) ? $conf['savedir'] . '/' . $p : $conf[$c];
303        $conf[$c] = init_path($path);
304        if (empty($conf[$c])) {
305            $path = fullpath($path);
306            nice_die("The $c ('$p') at $path is not found, isn't accessible or writable.
307                You should check your config and permission settings.
308                Or maybe you want to <a href=\"install.php\">run the
309                installer</a>?");
310        }
311    }
312
313    // path to old changelog only needed for upgrading
314    $conf['changelog_old'] = init_path(
315        $conf['changelog'] ?? $conf['savedir'] . '/changes.log'
316    );
317    if ($conf['changelog_old'] == '') {
318        unset($conf['changelog_old']);
319    }
320    // hardcoded changelog because it is now a cache that lives in meta
321    $conf['changelog'] = $conf['metadir'] . '/_dokuwiki.changes';
322    $conf['media_changelog'] = $conf['metadir'] . '/_media.changes';
323}
324
325/**
326 * Load the language strings
327 *
328 * @param string $langCode language code, as passed by event handler
329 */
330function init_lang($langCode)
331{
332    //prepare language array
333    global $lang, $config_cascade;
334    $lang = [];
335
336    //load the language files
337    require(DOKU_INC . 'inc/lang/en/lang.php');
338    foreach ($config_cascade['lang']['core'] as $config_file) {
339        if (file_exists($config_file . 'en/lang.php')) {
340            include($config_file . 'en/lang.php');
341        }
342    }
343
344    if ($langCode && $langCode != 'en') {
345        if (file_exists(DOKU_INC . "inc/lang/$langCode/lang.php")) {
346            require(DOKU_INC . "inc/lang/$langCode/lang.php");
347        }
348        foreach ($config_cascade['lang']['core'] as $config_file) {
349            if (file_exists($config_file . "$langCode/lang.php")) {
350                include($config_file . "$langCode/lang.php");
351            }
352        }
353    }
354}
355
356/**
357 * Checks the existence of certain files and creates them if missing.
358 */
359function init_files()
360{
361    global $conf;
362
363    $files = [$conf['indexdir'] . '/page.idx'];
364
365    foreach ($files as $file) {
366        if (!file_exists($file)) {
367            $fh = @fopen($file, 'a');
368            if ($fh) {
369                fclose($fh);
370                if ($conf['fperm']) chmod($file, $conf['fperm']);
371            } else {
372                nice_die("$file is not writable. Check your permissions settings!");
373            }
374        }
375    }
376}
377
378/**
379 * Returns absolute path
380 *
381 * This tries the given path first, then checks in DOKU_INC.
382 * Check for accessibility on directories as well.
383 *
384 * @author Andreas Gohr <andi@splitbrain.org>
385 *
386 * @param string $path
387 *
388 * @return bool|string
389 */
390function init_path($path)
391{
392    // check existence
393    $p = fullpath($path);
394    if (!file_exists($p)) {
395        $p = fullpath(DOKU_INC . $path);
396        if (!file_exists($p)) {
397            return '';
398        }
399    }
400
401    // check writability
402    if (!@is_writable($p)) {
403        return '';
404    }
405
406    // check accessability (execute bit) for directories
407    if (@is_dir($p) && !file_exists("$p/.")) {
408        return '';
409    }
410
411    return $p;
412}
413
414/**
415 * Sets the internal config values fperm and dperm which, when set,
416 * will be used to change the permission of a newly created dir or
417 * file with chmod. Considers the influence of the system's umask
418 * setting the values only if needed.
419 */
420function init_creationmodes()
421{
422    global $conf;
423
424    // Legacy support for old umask/dmask scheme
425    unset($conf['dmask']);
426    unset($conf['fmask']);
427    unset($conf['umask']);
428
429    $conf['fperm'] = false;
430    $conf['dperm'] = false;
431
432    // get system umask, fallback to 0 if none available
433    $umask = @umask();
434    if (!$umask) $umask = 0000;
435
436    // check what is set automatically by the system on file creation
437    // and set the fperm param if it's not what we want
438    $auto_fmode = 0666 & ~$umask;
439    if ($auto_fmode != $conf['fmode']) $conf['fperm'] = $conf['fmode'];
440
441    // check what is set automatically by the system on directory creation
442    // and set the dperm param if it's not what we want.
443    $auto_dmode = 0777 & ~$umask;
444    if ($auto_dmode != $conf['dmode']) $conf['dperm'] = $conf['dmode'];
445}
446
447/**
448 * Returns the full absolute URL to the directory where
449 * DokuWiki is installed in (includes a trailing slash)
450 *
451 * !! Can not access $_SERVER values through $INPUT
452 * !! here as this function is called before $INPUT is
453 * !! initialized.
454 *
455 * @author Andreas Gohr <andi@splitbrain.org>
456 *
457 * @param null|bool $abs Return an absolute URL? (null defaults to $conf['canonical'])
458 *
459 * @return string
460 */
461function getBaseURL($abs = null)
462{
463    global $conf;
464
465    $abs ??= $conf['canonical'];
466
467    if (!empty($conf['basedir'])) {
468        $dir = $conf['basedir'];
469    } elseif (substr($_SERVER['SCRIPT_NAME'], -4) == '.php') {
470        $dir = dirname($_SERVER['SCRIPT_NAME']);
471    } elseif (substr($_SERVER['PHP_SELF'], -4) == '.php') {
472        $dir = dirname($_SERVER['PHP_SELF']);
473    } elseif ($_SERVER['DOCUMENT_ROOT'] && $_SERVER['SCRIPT_FILENAME']) {
474        $dir = preg_replace(
475            '/^' . preg_quote($_SERVER['DOCUMENT_ROOT'], '/') . '/',
476            '',
477            $_SERVER['SCRIPT_FILENAME']
478        );
479        $dir = dirname('/' . $dir);
480    } else {
481        $dir = ''; //probably wrong, but we assume it's in the root
482    }
483
484    $dir = str_replace('\\', '/', $dir);             // bugfix for weird WIN behaviour
485    $dir = preg_replace('#//+#', '/', "/$dir/");     // ensure leading and trailing slashes
486
487    //handle script in lib/exe dir
488    $dir = preg_replace('!lib/exe/$!', '', $dir);
489
490    //handle script in lib/plugins dir
491    $dir = preg_replace('!lib/plugins/.*$!', '', $dir);
492
493    //finish here for relative URLs
494    if (!$abs) return $dir;
495
496    //use config if available, trim any slash from end of baseurl to avoid multiple consecutive slashes in the path
497    if (!empty($conf['baseurl'])) return rtrim($conf['baseurl'], '/') . $dir;
498
499    //split hostheader into host and port
500    $hostname = \dokuwiki\Ip::hostName();
501    $parsed_host = parse_url('http://' . $hostname);
502    $host = $parsed_host['host'] ?? '';
503    $port = $parsed_host['port'] ?? '';
504
505    if (!\dokuwiki\Ip::isSsl()) {
506        $proto = 'http://';
507        if ($port == '80') {
508            $port = '';
509        }
510    } else {
511        $proto = 'https://';
512        if ($port == '443') {
513            $port = '';
514        }
515    }
516
517    if ($port !== '') $port = ':' . $port;
518
519    return $proto . $host . $port . $dir;
520}
521
522/**
523 * @deprecated 2025-06-03
524 */
525function is_ssl()
526{
527    dbg_deprecated('Ip::isSsl()');
528    return \dokuwiki\Ip::isSsl();
529}
530
531/**
532 * checks it is windows OS
533 * @return bool
534 */
535function isWindows()
536{
537    return strtoupper(substr(PHP_OS, 0, 3)) === 'WIN';
538}
539
540/**
541 * print a nice message even if no styles are loaded yet.
542 *
543 * @param integer|string $msg
544 */
545function nice_die($msg)
546{
547    echo<<<EOT
548<!DOCTYPE html>
549<html>
550<head><title>DokuWiki Setup Error</title></head>
551<body style="font-family: Arial, sans-serif">
552    <div style="width:60%; margin: auto; background-color: #fcc;
553                border: 1px solid #faa; padding: 0.5em 1em;">
554        <h1 style="font-size: 120%">DokuWiki Setup Error</h1>
555        <p>$msg</p>
556    </div>
557</body>
558</html>
559EOT;
560    if (defined('DOKU_UNITTEST')) {
561        throw new RuntimeException('nice_die: ' . $msg);
562    }
563    exit(1);
564}
565
566/**
567 * A realpath() replacement
568 *
569 * This function behaves similar to PHP's realpath() but does not resolve
570 * symlinks or accesses upper directories
571 *
572 * @author Andreas Gohr <andi@splitbrain.org>
573 * @author <richpageau at yahoo dot co dot uk>
574 * @link   http://php.net/manual/en/function.realpath.php#75992
575 *
576 * @param string $path
577 * @param bool $exists
578 *
579 * @return bool|string
580 */
581function fullpath($path, $exists = false)
582{
583    static $run = 0;
584    $root  = '';
585    $iswin = (isWindows() || !empty($GLOBALS['DOKU_UNITTEST_ASSUME_WINDOWS']));
586
587    // find the (indestructable) root of the path - keeps windows stuff intact
588    if ($path[0] == '/') {
589        $root = '/';
590    } elseif ($iswin) {
591        // match drive letter and UNC paths
592        if (preg_match('!^([a-zA-z]:)(.*)!', $path, $match)) {
593            $root = $match[1] . '/';
594            $path = $match[2];
595        } elseif (preg_match('!^(\\\\\\\\[^\\\\/]+\\\\[^\\\\/]+[\\\\/])(.*)!', $path, $match)) {
596            $root = $match[1];
597            $path = $match[2];
598        }
599    }
600    $path = str_replace('\\', '/', $path);
601
602    // if the given path wasn't absolute already, prepend the script path and retry
603    if (!$root) {
604        $base = dirname($_SERVER['SCRIPT_FILENAME']);
605        $path = $base . '/' . $path;
606        if ($run == 0) { // avoid endless recursion when base isn't absolute for some reason
607            $run++;
608            return fullpath($path, $exists);
609        }
610    }
611    $run = 0;
612
613    // canonicalize
614    $path = explode('/', $path);
615    $newpath = [];
616    foreach ($path as $p) {
617        if ($p === '' || $p === '.') continue;
618        if ($p === '..') {
619            array_pop($newpath);
620            continue;
621        }
622        $newpath[] = $p;
623    }
624    $finalpath = $root . implode('/', $newpath);
625
626    // check for existence when needed (except when unit testing)
627    if ($exists && !defined('DOKU_UNITTEST') && !file_exists($finalpath)) {
628        return false;
629    }
630    return $finalpath;
631}
632