xref: /dokuwiki/inc/init.php (revision 1490c177a0ca4ece26d483758a02b2f93a1441e0) 
1<?php
2/**
3 * Initialize some defaults needed for DokuWiki
4 */
5
6use dokuwiki\Extension\Event;
7use dokuwiki\Extension\EventHandler;
8
9/**
10 * timing Dokuwiki execution
11 *
12 * @param integer $start
13 *
14 * @return mixed
15 */
16function delta_time($start=0) {
17    return microtime(true)-((float)$start);
18}
19define('DOKU_START_TIME', delta_time());
20
21global $config_cascade;
22$config_cascade = array();
23
24// if available load a preload config file
25$preload = fullpath(dirname(__FILE__)).'/preload.php';
26if (file_exists($preload)) include($preload);
27
28// define the include path
29if(!defined('DOKU_INC')) define('DOKU_INC',fullpath(dirname(__FILE__).'/../').'/');
30
31// define Plugin dir
32if(!defined('DOKU_PLUGIN'))  define('DOKU_PLUGIN',DOKU_INC.'lib/plugins/');
33
34// define config path (packagers may want to change this to /etc/dokuwiki/)
35if(!defined('DOKU_CONF')) define('DOKU_CONF',DOKU_INC.'conf/');
36
37// check for error reporting override or set error reporting to sane values
38if (!defined('DOKU_E_LEVEL') && file_exists(DOKU_CONF.'report_e_all')) {
39    define('DOKU_E_LEVEL', E_ALL);
40}
41if (!defined('DOKU_E_LEVEL')) {
42    error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICT);
43} else {
44    error_reporting(DOKU_E_LEVEL);
45}
46
47// avoid caching issues #1594
48header('Vary: Cookie');
49
50// init memory caches
51global $cache_revinfo;
52       $cache_revinfo = array();
53global $cache_wikifn;
54       $cache_wikifn = array();
55global $cache_cleanid;
56       $cache_cleanid = array();
57global $cache_authname;
58       $cache_authname = array();
59global $cache_metadata;
60       $cache_metadata = array();
61
62// always include 'inc/config_cascade.php'
63// previously in preload.php set fields of $config_cascade will be merged with the defaults
64include(DOKU_INC.'inc/config_cascade.php');
65
66//prepare config array()
67global $conf;
68$conf = array();
69
70// load the global config file(s)
71foreach (array('default','local','protected') as $config_group) {
72    if (empty($config_cascade['main'][$config_group])) continue;
73    foreach ($config_cascade['main'][$config_group] as $config_file) {
74        if (file_exists($config_file)) {
75            include($config_file);
76        }
77    }
78}
79
80//prepare license array()
81global $license;
82$license = array();
83
84// load the license file(s)
85foreach (array('default','local') as $config_group) {
86    if (empty($config_cascade['license'][$config_group])) continue;
87    foreach ($config_cascade['license'][$config_group] as $config_file) {
88        if(file_exists($config_file)){
89            include($config_file);
90        }
91    }
92}
93
94// set timezone (as in pre 5.3.0 days)
95date_default_timezone_set(@date_default_timezone_get());
96
97// define baseURL
98if(!defined('DOKU_REL')) define('DOKU_REL',getBaseURL(false));
99if(!defined('DOKU_URL')) define('DOKU_URL',getBaseURL(true));
100if(!defined('DOKU_BASE')){
101    if($conf['canonical']){
102        define('DOKU_BASE',DOKU_URL);
103    }else{
104        define('DOKU_BASE',DOKU_REL);
105    }
106}
107
108// define whitespace
109if(!defined('NL')) define ('NL',"\n");
110if(!defined('DOKU_LF')) define ('DOKU_LF',"\n");
111if(!defined('DOKU_TAB')) define ('DOKU_TAB',"\t");
112
113// define cookie and session id, append server port when securecookie is configured FS#1664
114if (!defined('DOKU_COOKIE')) {
115    $serverPort = isset($_SERVER['SERVER_PORT']) ? $_SERVER['SERVER_PORT'] : '';
116    define('DOKU_COOKIE', 'DW' . md5(DOKU_REL . (($conf['securecookie']) ? $serverPort : '')));
117    unset($serverPort);
118}
119
120// define main script
121if(!defined('DOKU_SCRIPT')) define('DOKU_SCRIPT','doku.php');
122
123if(!defined('DOKU_TPL')) {
124    /**
125     * @deprecated 2012-10-13 replaced by more dynamic method
126     * @see tpl_basedir()
127     */
128    define('DOKU_TPL', DOKU_BASE.'lib/tpl/'.$conf['template'].'/');
129}
130
131if(!defined('DOKU_TPLINC')) {
132    /**
133     * @deprecated 2012-10-13 replaced by more dynamic method
134     * @see tpl_incdir()
135     */
136    define('DOKU_TPLINC', DOKU_INC.'lib/tpl/'.$conf['template'].'/');
137}
138
139// make session rewrites XHTML compliant
140@ini_set('arg_separator.output', '&amp;');
141
142// make sure global zlib does not interfere FS#1132
143@ini_set('zlib.output_compression', 'off');
144
145// increase PCRE backtrack limit
146@ini_set('pcre.backtrack_limit', '20971520');
147
148// enable gzip compression if supported
149$httpAcceptEncoding = isset($_SERVER['HTTP_ACCEPT_ENCODING']) ? $_SERVER['HTTP_ACCEPT_ENCODING'] : '';
150$conf['gzip_output'] &= (strpos($httpAcceptEncoding, 'gzip') !== false);
151global $ACT;
152if ($conf['gzip_output'] &&
153        !defined('DOKU_DISABLE_GZIP_OUTPUT') &&
154        function_exists('ob_gzhandler') &&
155        // Disable compression when a (compressed) sitemap might be delivered
156        // See https://bugs.dokuwiki.org/index.php?do=details&task_id=2576
157        $ACT != 'sitemap') {
158    ob_start('ob_gzhandler');
159}
160
161// init session
162if(!headers_sent() && !defined('NOSESSION')) {
163    if(!defined('DOKU_SESSION_NAME'))     define ('DOKU_SESSION_NAME', "DokuWiki");
164    if(!defined('DOKU_SESSION_LIFETIME')) define ('DOKU_SESSION_LIFETIME', 0);
165    if(!defined('DOKU_SESSION_PATH')) {
166        $cookieDir = empty($conf['cookiedir']) ? DOKU_REL : $conf['cookiedir'];
167        define ('DOKU_SESSION_PATH', $cookieDir);
168    }
169    if(!defined('DOKU_SESSION_DOMAIN'))   define ('DOKU_SESSION_DOMAIN', '');
170
171    // start the session
172    init_session();
173
174    // load left over messages
175    if(isset($_SESSION[DOKU_COOKIE]['msg'])) {
176        $MSG = $_SESSION[DOKU_COOKIE]['msg'];
177        unset($_SESSION[DOKU_COOKIE]['msg']);
178    }
179}
180
181// don't let cookies ever interfere with request vars
182$_REQUEST = array_merge($_GET,$_POST);
183
184// we don't want a purge URL to be digged
185if(isset($_REQUEST['purge']) && !empty($_SERVER['HTTP_REFERER'])) unset($_REQUEST['purge']);
186
187// precalculate file creation modes
188init_creationmodes();
189
190// make real paths and check them
191init_paths();
192init_files();
193
194// setup plugin controller class (can be overwritten in preload.php)
195global $plugin_controller_class, $plugin_controller;
196if (empty($plugin_controller_class)) $plugin_controller_class = dokuwiki\Extension\PluginController::class;
197
198// load libraries
199require_once(DOKU_INC.'vendor/autoload.php');
200require_once(DOKU_INC.'inc/load.php');
201
202// from now on everything is an exception
203\dokuwiki\ErrorHandler::register();
204
205// disable gzip if not available
206define('DOKU_HAS_BZIP', function_exists('bzopen'));
207define('DOKU_HAS_GZIP', function_exists('gzopen'));
208if($conf['compression'] == 'bz2' && !DOKU_HAS_BZIP) {
209    $conf['compression'] = 'gz';
210}
211if($conf['compression'] == 'gz' && !DOKU_HAS_GZIP) {
212    $conf['compression'] = 0;
213}
214
215// input handle class
216global $INPUT;
217$INPUT = new \dokuwiki\Input\Input();
218
219// initialize plugin controller
220$plugin_controller = new $plugin_controller_class();
221
222// initialize the event handler
223global $EVENT_HANDLER;
224$EVENT_HANDLER = new EventHandler();
225
226$local = $conf['lang'];
227Event::createAndTrigger('INIT_LANG_LOAD', $local, 'init_lang', true);
228
229
230// setup authentication system
231if (!defined('NOSESSION')) {
232    auth_setup();
233}
234
235// setup mail system
236mail_setup();
237
238$nil = null;
239Event::createAndTrigger('DOKUWIKI_INIT_DONE', $nil, null, false);
240
241/**
242 * Initializes the session
243 *
244 * Makes sure the passed session cookie is valid, invalid ones are ignored an a new session ID is issued
245 *
246 * @link http://stackoverflow.com/a/33024310/172068
247 * @link http://php.net/manual/en/session.configuration.php#ini.session.sid-length
248 */
249function init_session() {
250    global $conf;
251    session_name(DOKU_SESSION_NAME);
252    session_set_cookie_params([
253        'lifetime' => DOKU_SESSION_LIFETIME,
254        'path' => DOKU_SESSION_PATH,
255        'domain' => DOKU_SESSION_DOMAIN,
256        'secure' => ($conf['securecookie'] && is_ssl()),
257        'httponly' => true,
258        'samesite' => 'Lax',
259    ]);
260
261    // make sure the session cookie contains a valid session ID
262    if(isset($_COOKIE[DOKU_SESSION_NAME]) && !preg_match('/^[-,a-zA-Z0-9]{22,256}$/', $_COOKIE[DOKU_SESSION_NAME])) {
263        unset($_COOKIE[DOKU_SESSION_NAME]);
264    }
265
266    session_start();
267}
268
269
270/**
271 * Checks paths from config file
272 */
273function init_paths(){
274    global $conf;
275
276    $paths = [
277        'datadir'   => 'pages',
278        'olddir'    => 'attic',
279        'mediadir'  => 'media',
280        'mediaolddir' => 'media_attic',
281        'metadir'   => 'meta',
282        'mediametadir' => 'media_meta',
283        'cachedir'  => 'cache',
284        'indexdir'  => 'index',
285        'lockdir'   => 'locks',
286        'tmpdir'    => 'tmp',
287        'logdir'    => 'log',
288    ];
289
290    foreach($paths as $c => $p) {
291        $path = empty($conf[$c]) ? $conf['savedir'].'/'.$p : $conf[$c];
292        $conf[$c] = init_path($path);
293        if(empty($conf[$c])) {
294            $path = fullpath($path);
295            nice_die("The $c ('$p') at $path is not found, isn't accessible or writable.
296                You should check your config and permission settings.
297                Or maybe you want to <a href=\"install.php\">run the
298                installer</a>?");
299        }
300    }
301
302    // path to old changelog only needed for upgrading
303    $conf['changelog_old'] = init_path(
304        (isset($conf['changelog'])) ? ($conf['changelog']) : ($conf['savedir'] . '/changes.log')
305    );
306    if ($conf['changelog_old']=='') { unset($conf['changelog_old']); }
307    // hardcoded changelog because it is now a cache that lives in meta
308    $conf['changelog'] = $conf['metadir'].'/_dokuwiki.changes';
309    $conf['media_changelog'] = $conf['metadir'].'/_media.changes';
310}
311
312/**
313 * Load the language strings
314 *
315 * @param string $langCode language code, as passed by event handler
316 */
317function init_lang($langCode) {
318    //prepare language array
319    global $lang, $config_cascade;
320    $lang = array();
321
322    //load the language files
323    require(DOKU_INC.'inc/lang/en/lang.php');
324    foreach ($config_cascade['lang']['core'] as $config_file) {
325        if (file_exists($config_file . 'en/lang.php')) {
326            include($config_file . 'en/lang.php');
327        }
328    }
329
330    if ($langCode && $langCode != 'en') {
331        if (file_exists(DOKU_INC."inc/lang/$langCode/lang.php")) {
332            require(DOKU_INC."inc/lang/$langCode/lang.php");
333        }
334        foreach ($config_cascade['lang']['core'] as $config_file) {
335            if (file_exists($config_file . "$langCode/lang.php")) {
336                include($config_file . "$langCode/lang.php");
337            }
338        }
339    }
340}
341
342/**
343 * Checks the existence of certain files and creates them if missing.
344 */
345function init_files(){
346    global $conf;
347
348    $files = array($conf['indexdir'].'/page.idx');
349
350    foreach($files as $file){
351        if(!file_exists($file)){
352            $fh = @fopen($file,'a');
353            if($fh){
354                fclose($fh);
355                if($conf['fperm']) chmod($file, $conf['fperm']);
356            }else{
357                nice_die("$file is not writable. Check your permissions settings!");
358            }
359        }
360    }
361}
362
363/**
364 * Returns absolute path
365 *
366 * This tries the given path first, then checks in DOKU_INC.
367 * Check for accessibility on directories as well.
368 *
369 * @author Andreas Gohr <andi@splitbrain.org>
370 *
371 * @param string $path
372 *
373 * @return bool|string
374 */
375function init_path($path){
376    // check existence
377    $p = fullpath($path);
378    if(!file_exists($p)){
379        $p = fullpath(DOKU_INC.$path);
380        if(!file_exists($p)){
381            return '';
382        }
383    }
384
385    // check writability
386    if(!@is_writable($p)){
387        return '';
388    }
389
390    // check accessability (execute bit) for directories
391    if(@is_dir($p) && !file_exists("$p/.")){
392        return '';
393    }
394
395    return $p;
396}
397
398/**
399 * Sets the internal config values fperm and dperm which, when set,
400 * will be used to change the permission of a newly created dir or
401 * file with chmod. Considers the influence of the system's umask
402 * setting the values only if needed.
403 */
404function init_creationmodes(){
405    global $conf;
406
407    // Legacy support for old umask/dmask scheme
408    unset($conf['dmask']);
409    unset($conf['fmask']);
410    unset($conf['umask']);
411
412    $conf['fperm'] = false;
413    $conf['dperm'] = false;
414
415    // get system umask, fallback to 0 if none available
416    $umask = @umask();
417    if(!$umask) $umask = 0000;
418
419    // check what is set automatically by the system on file creation
420    // and set the fperm param if it's not what we want
421    $auto_fmode = 0666 & ~$umask;
422    if($auto_fmode != $conf['fmode']) $conf['fperm'] = $conf['fmode'];
423
424    // check what is set automatically by the system on directory creation
425    // and set the dperm param if it's not what we want.
426    $auto_dmode = 0777 & ~$umask;
427    if($auto_dmode != $conf['dmode']) $conf['dperm'] = $conf['dmode'];
428}
429
430/**
431 * Returns the full absolute URL to the directory where
432 * DokuWiki is installed in (includes a trailing slash)
433 *
434 * !! Can not access $_SERVER values through $INPUT
435 * !! here as this function is called before $INPUT is
436 * !! initialized.
437 *
438 * @author Andreas Gohr <andi@splitbrain.org>
439 *
440 * @param null|string $abs
441 *
442 * @return string
443 */
444function getBaseURL($abs=null){
445    global $conf;
446    //if canonical url enabled always return absolute
447    if(is_null($abs)) $abs = $conf['canonical'];
448
449    if(!empty($conf['basedir'])){
450        $dir = $conf['basedir'];
451    }elseif(substr($_SERVER['SCRIPT_NAME'],-4) == '.php'){
452        $dir = dirname($_SERVER['SCRIPT_NAME']);
453    }elseif(substr($_SERVER['PHP_SELF'],-4) == '.php'){
454        $dir = dirname($_SERVER['PHP_SELF']);
455    }elseif($_SERVER['DOCUMENT_ROOT'] && $_SERVER['SCRIPT_FILENAME']){
456        $dir = preg_replace ('/^'.preg_quote($_SERVER['DOCUMENT_ROOT'],'/').'/','',
457                $_SERVER['SCRIPT_FILENAME']);
458        $dir = dirname('/'.$dir);
459    }else{
460        $dir = '.'; //probably wrong
461    }
462
463    $dir = str_replace('\\','/',$dir);             // bugfix for weird WIN behaviour
464    $dir = preg_replace('#//+#','/',"/$dir/");     // ensure leading and trailing slashes
465
466    //handle script in lib/exe dir
467    $dir = preg_replace('!lib/exe/$!','',$dir);
468
469    //handle script in lib/plugins dir
470    $dir = preg_replace('!lib/plugins/.*$!','',$dir);
471
472    //finish here for relative URLs
473    if(!$abs) return $dir;
474
475    //use config if available, trim any slash from end of baseurl to avoid multiple consecutive slashes in the path
476    if(!empty($conf['baseurl'])) return rtrim($conf['baseurl'],'/').$dir;
477
478    //split hostheader into host and port
479    if(isset($_SERVER['HTTP_HOST'])){
480        $parsed_host = parse_url('http://'.$_SERVER['HTTP_HOST']);
481        $host = isset($parsed_host['host']) ? $parsed_host['host'] : null;
482        $port = isset($parsed_host['port']) ? $parsed_host['port'] : null;
483    }elseif(isset($_SERVER['SERVER_NAME'])){
484        $parsed_host = parse_url('http://'.$_SERVER['SERVER_NAME']);
485        $host = isset($parsed_host['host']) ? $parsed_host['host'] : null;
486        $port = isset($parsed_host['port']) ? $parsed_host['port'] : null;
487    }else{
488        $host = php_uname('n');
489        $port = '';
490    }
491
492    if(is_null($port)){
493        $port = '';
494    }
495
496    if(!is_ssl()){
497        $proto = 'http://';
498        if ($port == '80') {
499            $port = '';
500        }
501    }else{
502        $proto = 'https://';
503        if ($port == '443') {
504            $port = '';
505        }
506    }
507
508    if($port !== '') $port = ':'.$port;
509
510    return $proto.$host.$port.$dir;
511}
512
513/**
514 * Check if accessed via HTTPS
515 *
516 * Apache leaves ,$_SERVER['HTTPS'] empty when not available, IIS sets it to 'off'.
517 * 'false' and 'disabled' are just guessing
518 *
519 * @returns bool true when SSL is active
520 */
521function is_ssl() {
522    // check if we are behind a reverse proxy
523    if(isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
524        if($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
525            return true;
526        } else {
527            return false;
528        }
529    }
530    if(!isset($_SERVER['HTTPS']) ||
531        preg_match('/^(|off|false|disabled)$/i', $_SERVER['HTTPS'])) {
532        return false;
533    } else {
534        return true;
535    }
536}
537
538/**
539 * checks it is windows OS
540 * @return bool
541 */
542function isWindows() {
543    return (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? true : false;
544}
545
546/**
547 * print a nice message even if no styles are loaded yet.
548 *
549 * @param integer|string $msg
550 */
551function nice_die($msg){
552    echo<<<EOT
553<!DOCTYPE html>
554<html>
555<head><title>DokuWiki Setup Error</title></head>
556<body style="font-family: Arial, sans-serif">
557    <div style="width:60%; margin: auto; background-color: #fcc;
558                border: 1px solid #faa; padding: 0.5em 1em;">
559        <h1 style="font-size: 120%">DokuWiki Setup Error</h1>
560        <p>$msg</p>
561    </div>
562</body>
563</html>
564EOT;
565    if(defined('DOKU_UNITTEST')) {
566        throw new RuntimeException('nice_die: '.$msg);
567    }
568    exit(1);
569}
570
571/**
572 * A realpath() replacement
573 *
574 * This function behaves similar to PHP's realpath() but does not resolve
575 * symlinks or accesses upper directories
576 *
577 * @author Andreas Gohr <andi@splitbrain.org>
578 * @author <richpageau at yahoo dot co dot uk>
579 * @link   http://php.net/manual/en/function.realpath.php#75992
580 *
581 * @param string $path
582 * @param bool $exists
583 *
584 * @return bool|string
585 */
586function fullpath($path,$exists=false){
587    static $run = 0;
588    $root  = '';
589    $iswin = (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN' || !empty($GLOBALS['DOKU_UNITTEST_ASSUME_WINDOWS']));
590
591    // find the (indestructable) root of the path - keeps windows stuff intact
592    if($path[0] == '/'){
593        $root = '/';
594    }elseif($iswin){
595        // match drive letter and UNC paths
596        if(preg_match('!^([a-zA-z]:)(.*)!',$path,$match)){
597            $root = $match[1].'/';
598            $path = $match[2];
599        }else if(preg_match('!^(\\\\\\\\[^\\\\/]+\\\\[^\\\\/]+[\\\\/])(.*)!',$path,$match)){
600            $root = $match[1];
601            $path = $match[2];
602        }
603    }
604    $path = str_replace('\\','/',$path);
605
606    // if the given path wasn't absolute already, prepend the script path and retry
607    if(!$root){
608        $base = dirname($_SERVER['SCRIPT_FILENAME']);
609        $path = $base.'/'.$path;
610        if($run == 0){ // avoid endless recursion when base isn't absolute for some reason
611            $run++;
612            return fullpath($path,$exists);
613        }
614    }
615    $run = 0;
616
617    // canonicalize
618    $path=explode('/', $path);
619    $newpath=array();
620    foreach($path as $p) {
621        if ($p === '' || $p === '.') continue;
622        if ($p==='..') {
623            array_pop($newpath);
624            continue;
625        }
626        array_push($newpath, $p);
627    }
628    $finalpath = $root.implode('/', $newpath);
629
630    // check for existence when needed (except when unit testing)
631    if($exists && !defined('DOKU_UNITTEST') && !file_exists($finalpath)) {
632        return false;
633    }
634    return $finalpath;
635}
636
637