Fixed bug #13262: replace hardcoded typo3/ with TYPO3_mainDir (Thanks to Georg Ringer)
[Packages/TYPO3.CMS.git] / typo3 / init.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 1999-2009 Kasper Skaarhoj (kasperYYYY@typo3.com)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 * A copy is found in the textfile GPL.txt and important notices to the license
17 * from the author is found in LICENSE.txt distributed with these scripts.
18 *
19 *
20 * This script is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * This copyright notice MUST APPEAR in all copies of the script!
26 ***************************************************************/
27 /**
28 * TYPO3 Backend initialization
29 *
30 * This script is called by every backend script.
31 * The script authenticates the backend user.
32 * In addition this script also initializes the database and other stuff by including the script localconf.php
33 *
34 * IMPORTANT:
35 * This script exits if no user is logged in!
36 * If you want the script to return even if no user is logged in,
37 * you must define the constant TYPO3_PROCEED_IF_NO_USER=1
38 * before you include this script.
39 *
40 *
41 * This script does the following:
42 * - extracts and defines path's
43 * - includes certain libraries
44 * - authenticates the user
45 * - sets the configuration values (localconf.php)
46 * - includes tables.php that sets more values and possibly overrides others
47 * - load the groupdata for the user and set filemounts / webmounts
48 *
49 * For a detailed description of this script, the scope of constants and variables in it,
50 * please refer to the document "Inside TYPO3"
51 *
52 * $Id$
53 * Revised for TYPO3 3.6 2/2003 by Kasper Skaarhoj
54 *
55 * @author Kasper Skaarhoj <kasperYYYY@typo3.com>
56 * @package TYPO3
57 * @subpackage core
58 */
59
60 // *******************************
61 // Checking PHP version
62 // *******************************
63 if (version_compare(phpversion(), '5.2', '<')) die ('TYPO3 requires PHP 5.2.0 or higher.');
64
65
66 // *******************************
67 // Set error reporting
68 // *******************************
69 if (defined('E_DEPRECATED')) {
70 error_reporting(E_ALL ^ E_NOTICE ^ E_DEPRECATED);
71 } else {
72 error_reporting(E_ALL ^ E_NOTICE);
73 }
74
75 // *******************************
76 // Prevent any unwanted output that may corrupt AJAX/compression. Note: this does
77 // not interfeer with "die()" or "echo"+"exit()" messages!
78 // *******************************
79 ob_start();
80
81 // *******************************
82 // Define constants
83 // *******************************
84 define('TYPO3_OS', stristr(PHP_OS,'win')&&!stristr(PHP_OS,'darwin')?'WIN':'');
85 define('TYPO3_MODE','BE');
86 define('PATH_thisScript',str_replace('//','/', str_replace('\\','/', (PHP_SAPI=='cgi'||PHP_SAPI=='isapi' ||PHP_SAPI=='cgi-fcgi')&&($_SERVER['ORIG_PATH_TRANSLATED']?$_SERVER['ORIG_PATH_TRANSLATED']:$_SERVER['PATH_TRANSLATED'])? ($_SERVER['ORIG_PATH_TRANSLATED']?$_SERVER['ORIG_PATH_TRANSLATED']:$_SERVER['PATH_TRANSLATED']):($_SERVER['ORIG_SCRIPT_FILENAME']?$_SERVER['ORIG_SCRIPT_FILENAME']:$_SERVER['SCRIPT_FILENAME']))));
87 define('TYPO3_mainDir', 'typo3/'); // This is the directory of the backend administration for the sites of this TYPO3 installation.
88
89
90 // *******************************
91 // Fix BACK_PATH, if the TYPO3_mainDir is set to something else than
92 // typo3/, this is a workaround because the conf.php of the old modules
93 // still have "typo3/" hardcoded. Can be removed once we don't have to worry about
94 // legacy modules (with conf.php and $BACK_PATH) anymore. See RFC / Bug #13262 for more details.
95 // *******************************
96 if (isset($BACK_PATH) && strlen($BACK_PATH) > 0 && TYPO3_mainDir != 'typo3/' && substr($BACK_PATH, -7) == '/typo3/') {
97 $BACK_PATH = substr($BACK_PATH, 0, -6) . TYPO3_mainDir;
98 }
99
100 // *******************************
101 // Checking path
102 // *******************************
103 $temp_path = str_replace('\\','/',dirname(PATH_thisScript).'/');
104 $temp_modPath='';
105 // If TYPO3_MOD_PATH is defined we must calculate the modPath since init.php must be included by a module
106 if (substr($temp_path,-strlen(TYPO3_mainDir))!=TYPO3_mainDir) {
107 if (defined('TYPO3_MOD_PATH')) {
108 if (substr($temp_path,-strlen(TYPO3_MOD_PATH))==TYPO3_MOD_PATH) {
109 $temp_path=substr($temp_path,0,-strlen(TYPO3_MOD_PATH));
110 $temp_modPath=TYPO3_MOD_PATH;
111 } elseif (substr(TYPO3_MOD_PATH,0,13)=='../typo3conf/' && (substr(TYPO3_MOD_PATH,3)==substr($temp_path,-strlen(substr(TYPO3_MOD_PATH,3))))) {
112 $temp_path = substr($temp_path,0,-strlen(substr(TYPO3_MOD_PATH,3))).TYPO3_mainDir;
113 $temp_modPath=TYPO3_MOD_PATH;
114 }
115 if (!@is_dir($temp_path)) {
116 $temp_path='';
117 }
118 }
119 }
120
121 // OUTPUT error message and exit if there are problems with the path. Otherwise define constants and continue.
122 if (!$temp_path || substr($temp_path,-strlen(TYPO3_mainDir))!=TYPO3_mainDir) { // This must be the case in order to proceed
123 if (TYPO3_OS=='WIN') {
124 $thisPath_base = basename(substr($temp_path,-strlen(TYPO3_mainDir)));
125 $mainPath_base = basename(TYPO3_mainDir);
126 if (!strcasecmp($thisPath, $mainPath)) { // Seems like the requested URL is not case-specific. This may happen on Windows only. -case. Otherwise, redirect to the correct URL. TYPO3_mainDir must be lower-case!!
127 $script_name = (PHP_SAPI=='cgi'||PHP_SAPI=='cgi-fcgi')&&($_SERVER['ORIG_PATH_INFO']?$_SERVER['ORIG_PATH_INFO']:$_SERVER['PATH_INFO']) ? ($_SERVER['ORIG_PATH_INFO']?$_SERVER['ORIG_PATH_INFO']:$_SERVER['PATH_INFO']) : ($_SERVER['ORIG_SCRIPT_NAME']?$_SERVER['ORIG_SCRIPT_NAME']:$_SERVER['SCRIPT_NAME']); // Copied from t3lib_div::getIndpEnv()
128 header('Location: '.str_replace($thisPath_base, $mainPath_base, $script_name));
129 exit;
130 }
131 }
132
133 echo 'Error in init.php: Path to TYPO3 main dir could not be resolved correctly. <br /><br />';
134
135 echo '<font color="red"><strong>';
136 if (strstr($temp_path,'typo3_src')) {
137 echo 'It seems you are trying to run the TYPO3 source libraries DIRECTLY! You cannot do that.<br />
138 Please read the installation documents for more information.';
139 } else {
140 echo 'This happens if the last '.strlen(TYPO3_mainDir).' characters of this path, '.$temp_path.' ($temp_path), is NOT "'.TYPO3_mainDir.'" for some reason.<br />
141 You may have a strange server configuration.
142 Or maybe you didn\'t set constant TYPO3_MOD_PATH in your module?';
143 }
144 echo '</strong></font>';
145
146 echo '<br /><br />If you want to debug this issue, please edit typo3/init.php of your TYPO3 source and search for the die() call right after this line (search for this text to find)...';
147
148 // Remove this line if you want to debug this problem a little more...
149 die();
150 echo '<br /><br /><strong>If you expect any help from anybody on this issue, you should save this page as an html document and send it along with your request for help!</strong>';
151 echo '<hr /><pre>';
152 print_r(array(
153 'TYPO3_OS'=>TYPO3_OS,
154 'PATH_thisScript'=>PATH_thisScript,
155 'php_sapi_name()'=>PHP_SAPI,
156 'TYPO3_MOD_PATH'=>TYPO3_MOD_PATH,
157 'PATH_TRANSLATED'=>$_SERVER['PATH_TRANSLATED'],
158 'SCRIPT_FILENAME'=>$_SERVER['SCRIPT_FILENAME']
159 ));
160 echo '</pre><hr />';
161 phpinfo();
162 exit;
163 } else {
164 define('PATH_typo3', $temp_path); // Abs. path of the TYPO3 admin dir (PATH_site + TYPO3_mainDir).
165 define('PATH_typo3_mod', $temp_modPath); // Relative path (from the PATH_typo3) to a properly configured module
166 define('PATH_site', substr(PATH_typo3,0,-strlen(TYPO3_mainDir))); // Abs. path to directory with the frontend (one above the admin-dir)
167 $temp_path_t3lib = @is_dir(PATH_site.'t3lib/') ? PATH_site.'t3lib/' : PATH_typo3.'t3lib/';
168 define('PATH_t3lib', $temp_path_t3lib); // Abs. path to t3lib/ (general TYPO3 library) within the TYPO3 admin dir
169 define('PATH_typo3conf', PATH_site.'typo3conf/'); // Abs. TYPO3 configuration path (local, not part of source)
170
171 if (!defined('PATH_tslib')) {
172 if (@is_dir(PATH_site . TYPO3_mainDir . 'sysext/cms/tslib/')) {
173 define('PATH_tslib', PATH_site . TYPO3_mainDir . 'sysext/cms/tslib/');
174 } elseif (@is_dir(PATH_site . 'tslib/')) {
175 define('PATH_tslib', PATH_site . 'tslib/');
176 }
177 }
178 }
179
180
181 // *************************************************
182 // t3lib_div + extention management class included
183 // *************************************************
184 require_once(PATH_t3lib.'class.t3lib_div.php'); // The standard-library is included
185 require_once(PATH_t3lib.'class.t3lib_extmgm.php'); // Extension API Management library included
186
187 // ****************************************************
188 // Include configuration (localconf + ext_localconf)
189 // ****************************************************
190 require(PATH_t3lib.'config_default.php');
191 if (!defined ('TYPO3_db')) die ('The configuration file was not included.');
192
193
194
195
196 // *********************
197 // Error & Exception handling
198 // *********************
199 if ($TYPO3_CONF_VARS['SC_OPTIONS']['errors']['exceptionHandler'] !== '') {
200 if ($TYPO3_CONF_VARS['SYS']['errorHandler'] !== '') {
201 // register an error handler for the given errorHandlerErrors
202 $errorHandler = t3lib_div::makeInstance($TYPO3_CONF_VARS['SYS']['errorHandler'], $TYPO3_CONF_VARS['SYS']['errorHandlerErrors']);
203 // set errors which will be converted in an exception
204 $errorHandler->setExceptionalErrors($TYPO3_CONF_VARS['SC_OPTIONS']['errors']['exceptionalErrors']);
205 }
206 $exceptionHandler = t3lib_div::makeInstance($TYPO3_CONF_VARS['SC_OPTIONS']['errors']['exceptionHandler']);
207 }
208
209 /** @var TYPO3_DB t3lib_db */
210 $TYPO3_DB = t3lib_div::makeInstance('t3lib_DB');
211 $TYPO3_DB->debugOutput = $TYPO3_CONF_VARS['SYS']['sqlDebug'];
212
213 $CLIENT = t3lib_div::clientInfo(); // $CLIENT includes information about the browser/user-agent
214 $PARSETIME_START = t3lib_div::milliseconds(); // Is set to the system time in milliseconds. This could be used to output script parsetime in the end of the script
215
216 // ***********************************
217 // Initializing the Caching System
218 // ***********************************
219
220 if (TYPO3_UseCachingFramework) {
221 $typo3CacheManager = t3lib_div::makeInstance('t3lib_cache_Manager');
222 $typo3CacheFactory = t3lib_div::makeInstance('t3lib_cache_Factory');
223 $typo3CacheFactory->setCacheManager($typo3CacheManager);
224
225 t3lib_cache::initPageCache();
226 t3lib_cache::initPageSectionCache();
227 t3lib_cache::initContentHashCache();
228 }
229 // *************************
230 // CLI dispatch processing
231 // *************************
232 if (defined('TYPO3_cliMode') && TYPO3_cliMode && basename(PATH_thisScript)=='cli_dispatch.phpsh') {
233 // First, take out the first argument (cli-key)
234 $temp_cliScriptPath = array_shift($_SERVER['argv']);
235 $temp_cliKey = array_shift($_SERVER['argv']);
236 array_unshift($_SERVER['argv'],$temp_cliScriptPath);
237
238 // If cli_key was found in configuration, then set up the cliInclude path and module name:
239 if ($temp_cliKey) {
240 if (is_array($TYPO3_CONF_VARS['SC_OPTIONS']['GLOBAL']['cliKeys'][$temp_cliKey])) {
241 define('TYPO3_cliInclude', t3lib_div::getFileAbsFileName($TYPO3_CONF_VARS['SC_OPTIONS']['GLOBAL']['cliKeys'][$temp_cliKey][0]));
242 $MCONF['name'] = $TYPO3_CONF_VARS['SC_OPTIONS']['GLOBAL']['cliKeys'][$temp_cliKey][1];
243 } else {
244 echo "The supplied 'cliKey' was not valid. Please use one of the available from this list:\n\n";
245 print_r(array_keys($TYPO3_CONF_VARS['SC_OPTIONS']['GLOBAL']['cliKeys']));
246 echo "\n";
247 exit;
248 }
249 } else {
250 echo "Please supply a 'cliKey' as first argument. The following are available:\n\n";
251 print_r($TYPO3_CONF_VARS['SC_OPTIONS']['GLOBAL']['cliKeys']);
252 echo "\n";
253 exit;
254 }
255 }
256
257
258 // **********************
259 // Check Hardcoded lock on BE:
260 // **********************
261 if ($TYPO3_CONF_VARS['BE']['adminOnly'] < 0) {
262 header('Status: 404 Not Found'); // Send Not Found header - if the webserver can make use of it...
263 header('Location: http://'); // Just point us away from here...
264 exit; // ... and exit good!
265 }
266 if (!(defined('TYPO3_cliMode') && TYPO3_cliMode) && @is_file(PATH_typo3conf.'LOCK_BACKEND')) {
267 if (TYPO3_PROCEED_IF_NO_USER == 2) {
268 // ajax poll for login, let him pass
269 } else {
270 $fContent = t3lib_div::getUrl(PATH_typo3conf.'LOCK_BACKEND');
271 if ($fContent) {
272 header('Location: '.$fContent); // Redirect
273 } else {
274 t3lib_BEfunc::typo3printError('Backend locked', 'Browser backend is locked for maintenance. Remove lock by removing the file "typo3conf/LOCK_BACKEND" or use CLI-scripts.');
275 }
276 exit;
277 }
278
279 }
280
281 // **********************
282 // Check IP
283 // **********************
284 if (trim($TYPO3_CONF_VARS['BE']['IPmaskList']) && !(defined('TYPO3_cliMode') && TYPO3_cliMode)) {
285 if (!t3lib_div::cmpIP(t3lib_div::getIndpEnv('REMOTE_ADDR'), $TYPO3_CONF_VARS['BE']['IPmaskList'])) {
286 header('Status: 404 Not Found'); // Send Not Found header - if the webserver can make use of it...
287 header('Location: http://'); // Just point us away from here...
288 exit; // ... and exit good!
289 }
290 }
291
292
293 // **********************
294 // Check SSL (https)
295 // **********************
296 if (intval($TYPO3_CONF_VARS['BE']['lockSSL']) && !(defined('TYPO3_cliMode') && TYPO3_cliMode)) {
297 if(intval($TYPO3_CONF_VARS['BE']['lockSSLPort'])) {
298 $sslPortSuffix = ':'.intval($TYPO3_CONF_VARS['BE']['lockSSLPort']);
299 } else {
300 $sslPortSuffix = '';
301 }
302 if ($TYPO3_CONF_VARS['BE']['lockSSL'] == 3) {
303 $requestStr = substr(t3lib_div::getIndpEnv('TYPO3_REQUEST_SCRIPT'), strlen(t3lib_div::getIndpEnv('TYPO3_SITE_URL').TYPO3_mainDir));
304 if($requestStr == 'index.php' && !t3lib_div::getIndpEnv('TYPO3_SSL')) {
305 list(,$url) = explode('://',t3lib_div::getIndpEnv('TYPO3_REQUEST_URL'),2);
306 list($server,$address) = explode('/',$url,2);
307 header('Location: https://'.$server.$sslPortSuffix.'/'.$address);
308 exit;
309 }
310 } elseif (!t3lib_div::getIndpEnv('TYPO3_SSL') ) {
311 if ($TYPO3_CONF_VARS['BE']['lockSSL'] == 2) {
312 list(,$url) = explode('://',t3lib_div::getIndpEnv('TYPO3_SITE_URL').TYPO3_mainDir,2);
313 list($server,$address) = explode('/',$url,2);
314 header('Location: https://'.$server.$sslPortSuffix.'/'.$address);
315 } else {
316 header('Status: 404 Not Found'); // Send Not Found header - if the webserver can make use of it...
317 header('Location: http://'); // Just point us away from here...
318 }
319 exit; // ... and exit good!
320 }
321 }
322
323
324 // *******************************
325 // Checking environment
326 // *******************************
327 if (isset($_POST['GLOBALS']) || isset($_GET['GLOBALS'])) die('You cannot set the GLOBALS-array from outside the script.');
328 if (!get_magic_quotes_gpc()) {
329 t3lib_div::addSlashesOnArray($_GET);
330 t3lib_div::addSlashesOnArray($_POST);
331 $HTTP_GET_VARS = $_GET;
332 $HTTP_POST_VARS = $_POST;
333 }
334
335
336 // ********************************************
337 // Check if the install script should be run:
338 // ********************************************
339 if (defined('TYPO3_enterInstallScript') && TYPO3_enterInstallScript) {
340 if(!t3lib_extMgm::isLoaded('install')) {
341 die('Install Tool is not loaded as an extension.<br />You must add the key "install" to the list of installed extensions in typo3conf/localconf.php, $TYPO3_CONF_VARS[\'EXT\'][\'extList\'].');
342 }
343
344 require_once(t3lib_extMgm::extPath('install').'mod/class.tx_install.php');
345 $install_check = t3lib_div::makeInstance('tx_install');
346 $install_check->allowUpdateLocalConf = 1;
347 $install_check->init();
348 exit;
349 }
350
351
352 // *************************
353 // Connect to the database
354 // *************************
355 if ($TYPO3_DB->sql_pconnect(TYPO3_db_host, TYPO3_db_username, TYPO3_db_password)) {
356 if (!TYPO3_db) {
357 t3lib_BEfunc::typo3PrintError('Database Error', 'No database selected');
358 exit;
359 } elseif (!$TYPO3_DB->sql_select_db(TYPO3_db)) {
360 t3lib_BEfunc::typo3PrintError('Database Error', 'Cannot connect to the current database, "' . TYPO3_db . '"');
361 exit;
362 }
363 } else {
364 t3lib_BEfunc::typo3PrintError('Database Error', 'The current username, password or host was not accepted when the connection to the database was attempted to be established!');
365 exit;
366 }
367
368
369 // *******************************
370 // Checks for proper browser
371 // *******************************
372 if (!$CLIENT['BROWSER'] && !(defined('TYPO3_cliMode') && TYPO3_cliMode)) {
373 t3lib_BEfunc::typo3PrintError ('Browser error','Your browser version looks incompatible with this TYPO3 version!',0);
374 exit;
375 }
376
377
378 // ****************************************************
379 // Include tables customization (tables + ext_tables)
380 // ****************************************************
381 include (TYPO3_tables_script ? PATH_typo3conf.TYPO3_tables_script : PATH_t3lib.'stddb/tables.php');
382 // Extension additions
383 if ($TYPO3_LOADED_EXT['_CACHEFILE']) {
384 include (PATH_typo3conf.$TYPO3_LOADED_EXT['_CACHEFILE'].'_ext_tables.php');
385 } else {
386 include (PATH_t3lib.'stddb/load_ext_tables.php');
387 }
388 // extScript
389 if (TYPO3_extTableDef_script) {
390 include (PATH_typo3conf.TYPO3_extTableDef_script);
391 }
392
393
394
395 // *******************************
396 // BackEnd User authentication
397 // *******************************
398 /*
399 NOTICE:
400 if constant TYPO3_PROCEED_IF_NO_USER is defined true (in the mainscript), this script will return even though a user did not log in!
401 */
402 $BE_USER = t3lib_div::makeInstance('t3lib_beUserAuth'); // New backend user object
403 $BE_USER->warningEmail = $TYPO3_CONF_VARS['BE']['warning_email_addr'];
404 $BE_USER->lockIP = $TYPO3_CONF_VARS['BE']['lockIP'];
405 $BE_USER->auth_timeout_field = intval($TYPO3_CONF_VARS['BE']['sessionTimeout']);
406 $BE_USER->OS = TYPO3_OS;
407 $BE_USER->start(); // Object is initialized
408 $BE_USER->checkCLIuser();
409 $BE_USER->backendCheckLogin(); // Checking if there's a user logged in
410
411 // Setting the web- and filemount global vars:
412 $WEBMOUNTS = $BE_USER->returnWebmounts(); // ! WILL INCLUDE deleted mount pages as well!
413 $FILEMOUNTS = $BE_USER->returnFilemounts();
414
415 // *******************************
416 // $GLOBALS['LANG'] initialisation
417 // *******************************
418 $GLOBALS['LANG'] = t3lib_div::makeInstance('language');
419 $GLOBALS['LANG']->init($BE_USER->uc['lang']);
420
421
422 // ****************
423 // CLI processing
424 // ****************
425 if (defined('TYPO3_cliMode') && TYPO3_cliMode) {
426 // Status output:
427 if (!strcmp($_SERVER['argv'][1],'status')) {
428 echo "Status of TYPO3 CLI script:\n\n";
429 echo "Username [uid]: ".$BE_USER->user['username']." [".$BE_USER->user['uid']."]\n";
430 echo "Database: ".TYPO3_db."\n";
431 echo "PATH_site: ".PATH_site."\n";
432 echo "\n";
433 exit;
434 }
435 }
436
437 // ****************
438 // compression
439 // ****************
440 ob_clean();
441 if (extension_loaded('zlib') && $TYPO3_CONF_VARS['BE']['compressionLevel']) {
442 if (t3lib_div::testInt($TYPO3_CONF_VARS['BE']['compressionLevel'])) {
443 @ini_set('zlib.output_compression_level', $TYPO3_CONF_VARS['BE']['compressionLevel']);
444 }
445 ob_start('ob_gzhandler');
446 }
447
448 ?>