2 rcs_id('$Id: IniConfig.php,v 1.77 2005-01-31 12:14:15 rurban Exp $');
5 * A configurator intended to read its config from a PHP-style INI file,
6 * instead of a PHP file.
8 * Pass a filename to the IniConfig() function and it will read all it's
9 * definitions from there, all by itself, and proceed to do a mass-define
10 * of all valid PHPWiki config items. In this way, we can hopefully be
11 * totally backwards-compatible with the old index.php method, while still
12 * providing a much tastier on-going experience.
14 * @author: Joby Walker, Reini Urban, Matthew Palmer
17 * Copyright 2004 $ThePhpWikiProgrammingTeam
19 * This file is part of PhpWiki.
21 * PhpWiki is free software; you can redistribute it and/or modify
22 * it under the terms of the GNU General Public License as published by
23 * the Free Software Foundation; either version 2 of the License, or
24 * (at your option) any later version.
26 * PhpWiki is distributed in the hope that it will be useful,
27 * but WITHOUT ANY WARRANTY; without even the implied warranty of
28 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
29 * GNU General Public License for more details.
31 * You should have received a copy of the GNU General Public License
32 * along with PhpWiki; if not, write to the Free Software
33 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
38 * - Convert the value lists to provide defaults, so that every "if
39 * (defined())" and "if (!defined())" can fuck off to the dismal hole
41 * - config.ini => config.php dumper for faster startup. (really faster? to time)
44 * - Old-style index.php => config/config.ini converter.
46 * - Don't use too much globals for easier integration into other projects
47 * (namespace pollution). (gforge, phpnuke, postnuke, phpBB2, carolina, ...)
48 * Use one global $phpwiki object instead which holds the cfg vars, constants
49 * and all other globals.
50 * (global $FieldSeparator, $charset, $WikiNameRegexp, $KeywordLinkRegexp;
51 * global $DisabledActions, $DBParams, $LANG, $AllActionPages)
53 * - Resurrect the larger "config object" code (in config/) so it'll aid the
54 * GUI config writers, and allow us to do proper validation and default
57 * - Get rid of WikiNameRegexp and KeywordLinkRegexp as globals by finding
58 * everywhere that uses them as variables and modify the code to use
59 * them as constants. Will involve hacking around
60 * pcre_fix_posix_classes (probably with redefines()).
63 include_once (dirname(__FILE__)."/config.php");
64 include_once (dirname(__FILE__)."/FileFinder.php");
67 * Speed-up iniconfig loading.
69 * Dump the static parts of the parsed config/config.ini settings to a fast-loadable config.php file.
70 * The dynamic parts are then evaluated as before.
71 * Requires write-permissions to config/config.php
73 function save_dump($file) {
74 $vars =& $GLOBALS; // copy + unset not possible
76 foreach (array("SERVER","ENV","GET","POST","REQUEST","COOKIE","FILES") as $key) {
77 $ignore["HTTP_".$key."_VARS"]++;
80 foreach (array("HTTP_POST_FILES","GLOBALS","RUNTIMER","ErrorManager",'RCS_IDS','LANG',
81 'HOME_PAGE','request','SCRIPT_NAME','VIRTUAL_PATH','SCRIPT_FILENAME') as $key)
83 $fp = fopen($file, "wb");
84 fwrite($fp,"<?php\n");
85 fwrite($fp,"function wiki_configrestore(){\n");
86 //TODO: optimize this by removing ignore, big serialized array and merge into existing GLOBALS
87 foreach ($vars as $var => $val) {
89 fwrite($fp, "\$GLOBALS['".$var."']=unserialize(\"".addslashes(serialize($val))."\");\n");
91 // cannot be optimized, maybe leave away predefined consts somehow
92 foreach (get_defined_constants() as $var => $val) {
93 if (substr($var,0,4) != "PHP_" and substr($var,0,2) != "E_" and substr($var,0,2) != "T_" and substr($var,0,2) != "M_")
94 fwrite($fp, "if(!defined('".$var."')) define('".$var."',unserialize(\"".addslashes(serialize($val))."\"));\n");
96 fwrite($fp, "return 'noerr';}");
101 function IniConfig($file) {
103 // check config/config.php dump for faster startup
104 $dump = substr($file, 0, -3)."php";
105 if (isWindows($dump)) $dump = str_replace("/","\\",$dump);
106 if (file_exists($dump) and is_readable($dump) and sort_file_mtime($dump, $file) < 0) {
108 if (function_exists('wiki_configrestore') and (wiki_configrestore() === 'noerr')) {
109 fixup_dynamic_configs();
114 if (!file_exists($file)) {
115 // first-time installer detection here...
116 // similar to SetupWiki()
117 include(dirname(__FILE__)."/install.php");
118 trigger_error("Datasource file '$file' does not exist", E_USER_ERROR);
122 // List of all valid config options to be define()d which take "values" (not
123 // booleans). Needs to be categorised, and generally made a lot tidier.
124 $_IC_VALID_VALUE = array
125 ('WIKI_NAME', 'ADMIN_USER', 'ADMIN_PASSWD',
126 'DEFAULT_DUMP_DIR', 'HTML_DUMP_DIR',
127 'HTML_DUMP_SUFFIX', 'MAX_UPLOAD_SIZE', 'MINOR_EDIT_TIMEOUT',
128 'ACCESS_LOG', 'CACHE_CONTROL', 'CACHE_CONTROL_MAX_AGE',
129 'COOKIE_EXPIRATION_DAYS', 'COOKIE_DOMAIN',
130 'PASSWORD_LENGTH_MINIMUM', 'USER_AUTH_POLICY',
132 'EDITING_POLICY', 'THEME', 'CHARSET',
133 'WIKI_PGSRC', 'DEFAULT_WIKI_PGSRC',
134 'ALLOWED_PROTOCOLS', 'INLINE_IMAGES', 'SUBPAGE_SEPARATOR', /*'KEYWORDS',*/
136 //'DATABASE_PREFIX', 'DATABASE_DSN', 'DATABASE_TYPE', 'DATABASE_DBHANDLER',
137 'INTERWIKI_MAP_FILE', 'COPYRIGHTPAGE_TITLE', 'COPYRIGHTPAGE_URL',
138 'AUTHORPAGE_TITLE', 'AUTHORPAGE_URL',
140 'PLUGIN_CACHED_DATABASE', 'PLUGIN_CACHED_FILENAME_PREFIX',
141 'PLUGIN_CACHED_HIGHWATER', 'PLUGIN_CACHED_LOWWATER', 'PLUGIN_CACHED_MAXLIFETIME',
142 'PLUGIN_CACHED_MAXARGLEN', 'PLUGIN_CACHED_IMGTYPES',
144 'SERVER_NAME','SERVER_PORT','SCRIPT_NAME', 'DATA_PATH', 'PHPWIKI_DIR', 'VIRTUAL_PATH',
147 // Optional values which need to be defined.
148 // These are not defined in config-default.ini and empty if not defined.
149 $_IC_OPTIONAL_VALUE = array
151 'DEBUG', 'TEMP_DIR', 'DEFAULT_LANGUAGE',
152 'LDAP_AUTH_HOST','LDAP_SET_OPTION','LDAP_BASE_DN', 'LDAP_AUTH_USER',
153 'LDAP_AUTH_PASSWORD','LDAP_SEARCH_FIELD','LDAP_OU_GROUP','LDAP_OU_USERS',
154 'AUTH_USER_FILE','DBAUTH_AUTH_DSN',
155 'IMAP_AUTH_HOST', 'POP3_AUTH_HOST',
156 'AUTH_USER_FILE', 'AUTH_GROUP_FILE', 'AUTH_SESS_USER', 'AUTH_SESS_LEVEL',
157 'GOOGLE_LICENSE_KEY','FORTUNE_DIR',
158 'DISABLE_GETIMAGESIZE','DBADMIN_USER','DBADMIN_PASSWD',
159 'SESSION_SAVE_PATH', 'TOOLBAR_PAGELINK_PULLDOWN'
162 // List of all valid config options to be define()d which take booleans.
163 $_IC_VALID_BOOL = array
164 ('ENABLE_USER_NEW', 'ENABLE_PAGEPERM', 'ENABLE_EDIT_TOOLBAR', 'JS_SEARCHREPLACE',
165 'ENABLE_XHTML_XML', 'ENABLE_DOUBLECLICKEDIT',
166 'USECACHE', 'WIKIDB_NOCACHE_MARKUP',
167 'ENABLE_REVERSE_DNS', 'ENCRYPTED_PASSWD', 'ZIPDUMP_AUTH',
168 'ENABLE_RAW_HTML', 'ENABLE_RAW_HTML_LOCKEDONLY', 'ENABLE_RAW_HTML_SAFE',
169 'STRICT_MAILABLE_PAGEDUMPS', 'COMPRESS_OUTPUT',
170 'ALLOW_ANON_USER', 'ALLOW_ANON_EDIT',
171 'ALLOW_BOGO_LOGIN', 'ALLOW_USER_PASSWORDS',
172 'AUTH_USER_FILE_STORABLE', 'ALLOW_HTTP_AUTH_LOGIN',
173 'ALLOW_USER_LOGIN', 'ALLOW_LDAP_LOGIN', 'ALLOW_IMAP_LOGIN',
174 'WARN_NONPUBLIC_INTERWIKIMAP', 'USE_PATH_INFO',
175 'DISABLE_HTTP_REDIRECT',
176 'PLUGIN_CACHED_USECACHE', 'PLUGIN_CACHED_FORCE_SYNCMAP',
177 'BLOG_EMPTY_DEFAULT_PREFIX', 'DATABASE_PERSISTENT'
180 $rs = @parse_ini_file($file);
181 $rsdef = @parse_ini_file(dirname(__FILE__)."/../config/config-default.ini");
182 foreach ($rsdef as $k => $v) {
184 $rs[$k] = constant($k);
185 } elseif (!isset($rs[$k])) {
189 unset($k); unset($v);
191 foreach ($_IC_VALID_VALUE as $item) {
192 if (defined($item)) {
196 if (array_key_exists($item, $rs)) {
197 define($item, $rs[$item]);
199 //} elseif (array_key_exists($item, $rsdef)) {
200 // define($item, $rsdef[$item]);
201 // calculate them later or not at all:
202 } elseif (in_array($item,
203 array('DATABASE_PREFIX', 'SERVER_NAME', 'SERVER_PORT',
204 'SCRIPT_NAME', 'DATA_PATH', 'PHPWIKI_DIR', 'VIRTUAL_PATH',
205 'LDAP_AUTH_HOST','IMAP_AUTH_HOST','POP3_AUTH_HOST',
206 'PLUGIN_CACHED_CACHE_DIR')))
210 trigger_error(sprintf("missing config setting for %s",$item));
215 // Boolean options are slightly special - if they're set to any of
216 // '', 'false', '0', or 'no' (all case-insensitive) then the value will
217 // be a boolean false, otherwise if there is anything set it'll
219 foreach ($_IC_VALID_BOOL as $item) {
220 if (defined($item)) {
224 if (array_key_exists($item, $rs)) {
226 //} elseif (array_key_exists($item, $rsdef)) {
227 // $val = $rsdef[$item];
229 $val = false; //trigger_error(sprintf("missing boolean config setting for %s",$item));
232 // calculate them later: old or dynamic constants
233 if (!array_key_exists($item, $rs) and
234 in_array($item, array('USE_PATH_INFO', 'USE_DB_SESSION',
235 'ALLOW_HTTP_AUTH_LOGIN', 'ALLOW_LDAP_LOGIN',
236 'ALLOW_IMAP_LOGIN', 'ALLOW_USER_LOGIN',
237 'REQUIRE_SIGNIN_BEFORE_EDIT',
238 'WIKIDB_NOCACHE_MARKUP')))
243 define($item, false);
245 elseif (strtolower($val) == 'false' ||
246 strtolower($val) == 'no' ||
250 define($item, false);
261 foreach (array('DATABASE_TYPE' => 'dbtype',
262 'DATABASE_DSN' => 'dsn',
263 'DATABASE_SESSION_TABLE' => 'db_session_table',
264 'DATABASE_DBA_HANDLER' => 'dba_handler',
265 'DATABASE_DIRECTORY' => 'directory',
266 'DATABASE_TIMEOUT' => 'timeout',
267 'DATABASE_PREFIX' => 'prefix')
270 if (defined($item)) {
271 $DBParams[$k] = constant($item);
273 } elseif (array_key_exists($item, $rs)) {
274 $DBParams[$k] = $rs[$item];
275 define($item, $rs[$item]);
277 } elseif (array_key_exists($item, $rsdef)) {
278 $DBParams[$k] = $rsdef[$item];
279 define($item, $rsdef[$item]);
280 unset($rsdef[$item]);
283 if (!in_array(DATABASE_TYPE, array('SQL','ADODB','dba','file','cvs')))
284 trigger_error(sprintf(_("Invalid DATABASE_TYPE=%s. Choose one of %s"),
285 DATABASE_TYPE, "SQL,ADODB,dba,file,cvs"));
286 // USE_DB_SESSION default logic:
287 if (!defined('USE_DB_SESSION')) {
288 if ($DBParams['db_session_table']
289 and in_array($DBParams['dbtype'], array('SQL','ADODB'))) {
290 define('USE_DB_SESSION', true);
291 } elseif ($DBParams['dbtype'] == 'dba' and check_php_version(4,1,2)) {
292 define('USE_DB_SESSION', true);
294 define('USE_DB_SESSION', false);
297 unset($item); unset($k);
300 global $ExpireParams;
301 foreach (array('major','minor','author') as $major) {
302 foreach (array('max_age','min_age','min_keep','keep','max_keep') as $max) {
303 $item = strtoupper($major) . '_'. strtoupper($max);
304 if (defined($item)) $val = constant($item);
305 elseif (array_key_exists($item, $rs))
307 elseif (array_key_exists($item, $rsdef))
308 $val = $rsdef[$item];
309 if (!isset($ExpireParams[$major]))
310 $ExpireParams[$major] = array();
311 $ExpireParams[$major][$max] = $val;
315 unset($item); unset($major); unset($max);
317 // User authentication
318 if (!isset($GLOBALS['USER_AUTH_ORDER']))
319 if (isset($rs['USER_AUTH_ORDER']))
320 $GLOBALS['USER_AUTH_ORDER'] = preg_split('/\s*:\s*/',
321 $rs['USER_AUTH_ORDER']);
323 $GLOBALS['USER_AUTH_ORDER'] = array("PersonalPage");
325 // Now it's the external DB authentication stuff's turn
326 if (in_array('Db', $GLOBALS['USER_AUTH_ORDER']) && empty($rs['DBAUTH_AUTH_DSN'])) {
327 $rs['DBAUTH_AUTH_DSN'] = $DBParams['dsn'];
330 global $DBAuthParams;
331 $DBAP_MAP = array('DBAUTH_AUTH_DSN' => 'auth_dsn',
332 'DBAUTH_AUTH_CHECK' => 'auth_check',
333 'DBAUTH_AUTH_USER_EXISTS' => 'auth_user_exists',
334 'DBAUTH_AUTH_CRYPT_METHOD' => 'auth_crypt_method',
335 'DBAUTH_AUTH_UPDATE' => 'auth_update',
336 'DBAUTH_AUTH_CREATE' => 'auth_create',
337 'DBAUTH_PREF_SELECT' => 'pref_select',
338 'DBAUTH_PREF_UPDATE' => 'pref_update',
339 'DBAUTH_IS_MEMBER' => 'is_member',
340 'DBAUTH_GROUP_MEMBERS' => 'group_members',
341 'DBAUTH_USER_GROUPS' => 'user_groups'
343 foreach ($DBAP_MAP as $rskey => $apkey) {
344 if (defined($rskey)) {
345 $DBAuthParams[$apkey] = constant($rskey);
346 } elseif (isset($rs[$rskey])) {
347 $DBAuthParams[$apkey] = $rs[$rskey];
348 define($rskey, $rs[$rskey]);
349 } elseif (isset($rsdef[$rskey])) {
350 $DBAuthParams[$apkey] = $rsdef[$rskey];
351 define($rskey, $rsdef[$rskey]);
355 unset($rskey); unset($apkey);
357 // TODO: Currently unsupported on non-SQL
358 if (!empty($rs['ACCESS_LOG_SQL'])) {
359 if (!in_array(DATABASE_TYPE, array('SQL','ADODB')))
360 define('ACCESS_LOG_SQL', 0);
362 // SQL defaults to ACCESS_LOG_SQL = 2
364 define('ACCESS_LOG_SQL', in_array(DATABASE_TYPE, array('SQL','ADODB')) ? 2 : 0);
367 // optional values will be set to '' to simplify the logic.
368 foreach ($_IC_OPTIONAL_VALUE as $item) {
369 if (defined($item)) {
373 if (array_key_exists($item, $rs)) {
374 define($item, $rs[$item]);
382 global $LDAP_SET_OPTION;
383 if (defined('LDAP_SET_OPTION') and LDAP_SET_OPTION) {
384 $optlist = preg_split('/\s*:\s*/', LDAP_SET_OPTION);
385 foreach ($optlist as $opt) {
386 $bits = preg_split('/\s*=\s*/', $opt, 2);
387 if (count($bits) == 2) {
388 if (is_string($bits[0]) and defined($bits[0]))
389 $bits[0] = constant($bits[0]);
390 $LDAP_SET_OPTION[$bits[0]] = $bits[1];
393 // Possibly throw some sort of error?
396 unset($opt); unset($bits);
399 // Default Wiki pages to force loading from pgsrc
400 global $GenericPages;
401 $GenericPages = preg_split('/\s*:\s*/', @$rs['DEFAULT_WIKI_PAGES']);
403 // Wiki name regexp: Should be a define(), but might needed to be changed at runtime
404 // (different LC_CHAR need different posix classes)
405 global $WikiNameRegexp;
406 $WikiNameRegexp = constant('WIKI_NAME_REGEXP');
407 if (!trim($WikiNameRegexp))
408 $WikiNameRegexp = '(?<![[:alnum:]])(?:[[:upper:]][[:lower:]]+){2,}(?![[:alnum:]])';
410 // got rid of global $KeywordLinkRegexp by using a TextSearchQuery instead of "Category:Topic"
411 if (!isset($rs['KEYWORDS'])) $rs['KEYWORDS'] = @$rsdef['KEYWORDS'];
412 if (!isset($rs['KEYWORDS'])) $rs['KEYWORDS'] = "Category* OR Topic*";
413 if ($rs['KEYWORDS'] == 'Category:Topic') $rs['KEYWORDS'] = "Category* OR Topic*";
414 if (!defined('KEYWORDS')) define('KEYWORDS', $rs['KEYWORDS']);
415 //if (empty($keywords)) $keywords = array("Category","Topic");
416 //$KeywordLinkRegexp = '(?<=' . implode('|^', $keywords) . ')[[:upper:]].*$';
418 // TODO: can this be a constant?
419 global $DisabledActions;
420 if (!array_key_exists('DISABLED_ACTIONS', $rs) and array_key_exists('DISABLED_ACTIONS', $rsdef))
421 $rs['DISABLED_ACTIONS'] = @$rsdef['DISABLED_ACTIONS'];
422 if (array_key_exists('DISABLED_ACTIONS', $rs))
423 $DisabledActions = preg_split('/\s*:\s*/', $rs['DISABLED_ACTIONS']);
425 global $PLUGIN_CACHED_IMGTYPES;
426 $PLUGIN_CACHED_IMGTYPES = preg_split('/\s*[|:]\s*/', PLUGIN_CACHED_IMGTYPES);
427 if (empty($rs['PLUGIN_CACHED_CACHE_DIR']) and !empty($rsdef['PLUGIN_CACHED_CACHE_DIR']))
428 $rs['PLUGIN_CACHED_CACHE_DIR'] = $rsdef['PLUGIN_CACHED_CACHE_DIR'];
429 if (empty($rs['PLUGIN_CACHED_CACHE_DIR'])) {
430 if (!empty($rs['INCLUDE_PATH'])) {
431 ini_set('include_path', $rs['INCLUDE_PATH']);
433 if (!FindFile('/tmp/cache', 1)) { // [29ms]
434 if (!FindFile('/tmp', 1)) {
437 mkdir('/tmp/cache', 777);
439 // will throw an error if not exists.
440 define('PLUGIN_CACHED_CACHE_DIR', FindFile('/tmp/cache',false,1));
442 define('PLUGIN_CACHED_CACHE_DIR', $rs['PLUGIN_CACHED_CACHE_DIR']);
443 // will throw an error if not exists.
444 FindFile(PLUGIN_CACHED_CACHE_DIR);
447 // process the rest of the config.ini settings:
448 foreach ($rs as $item => $v) {
449 if (defined($item)) {
455 unset($item); unset($v);
460 fixup_static_configs(); //[1ms]
461 // Dump all globals and constants
462 // The question is if reading this is faster then doing IniConfig() + fixup_static_configs()
463 if (is_writable($dump)) {
466 // store locale[] in config.php? This is too problematic.
467 fixup_dynamic_configs(); // [100ms]
470 // moved from lib/config.php [1ms]
471 function fixup_static_configs() {
472 global $FieldSeparator, $charset, $WikiNameRegexp, $KeywordLinkRegexp, $AllActionPages;
473 global $HTTP_SERVER_VARS, $DBParams, $LANG;
475 // init FileFinder to add proper include paths
476 FindFile("lib/interwiki.map",true);
478 // "\x80"-"\x9f" (and "\x00" - "\x1f") are non-printing control
479 // chars in iso-8859-*
480 // $FieldSeparator = "\263"; // this is a superscript 3 in ISO-8859-1.
481 // $FieldSeparator = "\xFF"; // this byte should never appear in utf-8
482 // FIXME: get rid of constant. pref is dynamic and language specific
484 // Disabled: Let the admin decide which charset.
485 //if (isset($LANG) and in_array($LANG,array('zh')))
486 // $charset = 'utf-8';
487 if (strtolower($charset) == 'utf-8')
488 $FieldSeparator = "\xFF";
490 $FieldSeparator = "\x81";
492 $AllActionPages = explode(':',
493 'AllPages:BackLinks:CreatePage:DebugInfo:EditMetaData:FindPage:'
494 .'FullRecentChanges:FullTextSearch:FuzzyPages:InterWikiSearch:'
495 .'LikePages:MostPopular:'
496 .'OrphanedPages:PageDump:PageHistory:PageInfo:RandomPage:RateIt:'
497 .'RecentChanges:RecentEdits:RecentComments:RelatedChanges:TitleSearch:'
498 .'TranslateText:UpLoad:UserPreferences:WantedPages:WhoIsOnline:'
499 .'PhpWikiAdministration/Remove:PhpWikiAdministration/Chmod:'
500 .'PhpWikiAdministration/Rename:PhpWikiAdministration/Replace:'
501 .'PhpWikiAdministration/SetAcl:PhpWikiAdministration/Chown'
504 // If user has not defined PHPWIKI_DIR, and we need it
505 if (!defined('PHPWIKI_DIR') and !file_exists("themes/default")) {
506 $themes_dir = FindFile("themes");
507 define('PHPWIKI_DIR', dirname($themes_dir));
510 // If user has not defined DATA_PATH, we want to use relative URLs.
511 if (!defined('DATA_PATH')) {
512 // fix similar to the one suggested by jkalmbach for
513 // installations in the webrootdir, like "http://phpwiki.org/HomePage"
514 if (!defined('SCRIPT_NAME'))
515 define('SCRIPT_NAME', deduce_script_name());
516 $temp = dirname(SCRIPT_NAME);
517 if ( ($temp == '/') || ($temp == '\\') )
519 define('DATA_PATH', $temp);
522 define('DATA_PATH', '..');
526 //////////////////////////////////////////////////////////////////
529 if (empty($DBParams['dbtype']))
530 $DBParams['dbtype'] = 'dba';
532 if (!defined('THEME'))
533 define('THEME', 'default');
535 // check whether the crypt() function is needed and present
536 if (defined('ENCRYPTED_PASSWD') && !function_exists('crypt')) {
537 $error = sprintf("Encrypted passwords cannot be used: %s.",
538 "'function crypt()' not available in this version of php");
539 trigger_error($error);
542 if (!defined('ADMIN_PASSWD') or ADMIN_PASSWD == '')
543 trigger_error("The admin password cannot be empty. Please update your config/config.ini");
545 if (defined('USE_DB_SESSION') and USE_DB_SESSION) {
546 if (! $DBParams['db_session_table'] ) {
547 $DBParams['db_session_table'] = @$DBParams['prefix'] . 'session';
548 trigger_error(sprintf("DATABASE_SESSION_TABLE configuration set to %s.",
549 $DBParams['db_session_table']),
554 if (!defined('ENABLE_USER_NEW')) define('ENABLE_USER_NEW',true);
555 if (!defined('ALLOW_USER_LOGIN'))
556 define('ALLOW_USER_LOGIN', defined('ALLOW_USER_PASSWORDS') && ALLOW_USER_PASSWORDS);
557 if (!defined('ALLOW_ANON_USER')) define('ALLOW_ANON_USER', true);
558 if (!defined('ALLOW_ANON_EDIT')) define('ALLOW_ANON_EDIT', false);
559 if (!defined('REQUIRE_SIGNIN_BEFORE_EDIT')) define('REQUIRE_SIGNIN_BEFORE_EDIT', ! ALLOW_ANON_EDIT);
560 if (!defined('ALLOW_BOGO_LOGIN')) define('ALLOW_BOGO_LOGIN', true);
561 if (!ENABLE_USER_NEW) {
562 if (!defined('ALLOW_HTTP_AUTH_LOGIN'))
563 define('ALLOW_HTTP_AUTH_LOGIN', false);
564 if (!defined('ALLOW_LDAP_LOGIN'))
565 define('ALLOW_LDAP_LOGIN', function_exists('ldap_connect') and defined('LDAP_AUTH_HOST'));
566 if (!defined('ALLOW_IMAP_LOGIN'))
567 define('ALLOW_IMAP_LOGIN', function_exists('imap_open') and defined('IMAP_AUTH_HOST'));
570 if (ALLOW_USER_LOGIN and !empty($DBAuthParams) and empty($DBAuthParams['auth_dsn'])) {
571 if (isset($DBParams['dsn']))
572 $DBAuthParams['auth_dsn'] = $DBParams['dsn'];
577 * Define constants which are client or request specific and should not be dumped statically.
578 * Such as the language, and the virtual and server paths, which might be overridden
579 * by startup scripts for wiki farms.
581 function fixup_dynamic_configs() {
582 global $WikiNameRegexp, $KeywordLinkRegexp;
583 global $HTTP_SERVER_VARS, $DBParams, $LANG;
585 if (defined('INCLUDE_PATH'))
586 ini_set('include_path', INCLUDE_PATH);
587 if (defined('SESSION_SAVE_PATH'))
588 ini_set('session.save_path', SESSION_SAVE_PATH);
589 if (!defined('DEFAULT_LANGUAGE')) // not needed anymore
590 define('DEFAULT_LANGUAGE', ''); // detect from client
592 update_locale(isset($LANG) ? $LANG : DEFAULT_LANGUAGE);
594 if (!defined("DEFAULT_LANGUAGE") or !DEFAULT_LANGUAGE)
595 // TODO: defer this to WikiRequest::initializeLang()
596 $LANG = guessing_lang();
598 $LANG = DEFAULT_LANGUAGE;
600 // Set up (possibly fake) gettext()
601 // Todo: this could be moved to fixup_static_configs()
602 if (!function_exists ('bindtextdomain')) {
605 function gettext ($text) {
607 if (!empty ($locale[$text]))
608 return $locale[$text];
613 return gettext($text);
617 // Working around really weird gettext problems: (4.3.2, 4.3.6 win)
618 // bindtextdomain() returns the current domain path.
619 // 1. If the script is not index.php but something like "de", on a different path
620 // then bindtextdomain() fails, but after chdir to the correct path it will work okay.
621 // 2. But the weird error "Undefined variable: bindtextdomain" is generated then.
622 $bindtextdomain_path = FindFile("locale", false, true);
625 $bindtextdomain_path = str_replace("/", "\\", $bindtextdomain_path);
626 $bindtextdomain_real = @bindtextdomain("phpwiki", $bindtextdomain_path);
627 if ($bindtextdomain_real != $bindtextdomain_path) {
628 // this will happen with virtual_paths. chdir and try again.
629 chdir($bindtextdomain_path);
631 $bindtextdomain_real = @bindtextdomain("phpwiki", $bindtextdomain_path);
633 textdomain("phpwiki");
634 if ($chback) { // change back
635 chdir($bindtextdomain_real . (isWindows() ? "\\.." : "/.."));
639 // language dependent updates:
640 $WikiNameRegexp = pcre_fix_posix_classes($WikiNameRegexp);
641 $KeywordLinkRegexp = pcre_fix_posix_classes($KeywordLinkRegexp);
642 if (!defined('CATEGORY_GROUP_PAGE'))
643 define('CATEGORY_GROUP_PAGE',_("CategoryGroup"));
644 if (!defined('WIKI_NAME'))
645 define('WIKI_NAME', _("An unnamed PhpWiki"));
646 if (!defined('HOME_PAGE'))
647 define('HOME_PAGE', _("HomePage"));
650 //////////////////////////////////////////////////////////////////
651 // Autodetect URL settings:
653 foreach (array('SERVER_NAME','SERVER_PORT') as $var) {
654 //FIXME: for CGI without _SERVER
655 if (!defined($var) and !empty($HTTP_SERVER_VARS[$var]))
656 define($var, $HTTP_SERVER_VARS[$var]);
658 if (!defined('SERVER_NAME')) define('SERVER_NAME', '127.0.0.1');
659 if (!defined('SERVER_PORT')) define('SERVER_PORT', 80);
660 if (!defined('SERVER_PROTOCOL')) {
661 if (empty($HTTP_SERVER_VARS['HTTPS']) || $HTTP_SERVER_VARS['HTTPS'] == 'off')
662 define('SERVER_PROTOCOL', 'http');
664 define('SERVER_PROTOCOL', 'https');
667 if (!defined('SCRIPT_NAME'))
668 define('SCRIPT_NAME', deduce_script_name());
670 if (!defined('USE_PATH_INFO')) {
672 define('USE_PATH_INFO', false);
675 * If SCRIPT_NAME does not look like php source file,
676 * or user cgi we assume that php is getting run by an
677 * action handler in /cgi-bin. In this case,
678 * I think there is no way to get Apache to pass
679 * useful PATH_INFO to the php script (PATH_INFO
680 * is used to the the php interpreter where the
683 switch (php_sapi_name()) {
685 case 'apache2handler':
686 define('USE_PATH_INFO', true);
689 case 'apache2filter':
690 define('USE_PATH_INFO', false);
693 define('USE_PATH_INFO', ereg('\.(php3?|cgi)$', SCRIPT_NAME));
700 && SERVER_PORT != (SERVER_PROTOCOL == 'https' ? 443 : 80)) {
702 SERVER_PROTOCOL . '://' . SERVER_NAME . ':' . SERVER_PORT);
706 SERVER_PROTOCOL . '://' . SERVER_NAME);
709 if (!defined('VIRTUAL_PATH')) {
710 // We'd like to auto-detect when the cases where apaches
711 // 'Action' directive (or similar means) is used to
712 // redirect page requests to a cgi-handler.
714 // In cases like this, requests for e.g. /wiki/HomePage
715 // get redirected to a cgi-script called, say,
716 // /path/to/wiki/index.php. The script gets all
717 // of /wiki/HomePage as it's PATH_INFO.
720 // How to detect when this has happened reliably?
721 // How to pick out the "virtual path" (in this case '/wiki')?
723 // (Another time an redirect might occur is to a DirectoryIndex
724 // -- the requested URI is '/wikidir/', the request gets
725 // passed to '/wikidir/index.php'. In this case, the
726 // proper VIRTUAL_PATH is '/wikidir/index.php', since the
727 // pages will appear at e.g. '/wikidir/index.php/HomePage'.
730 $REDIRECT_URL = &$HTTP_SERVER_VARS['REDIRECT_URL'];
731 if (USE_PATH_INFO and isset($REDIRECT_URL)
732 and ! IsProbablyRedirectToIndex()) {
733 // FIXME: This is a hack, and won't work if the requested
734 // pagename has a slash in it.
735 $temp = strtr(dirname($REDIRECT_URL . 'x'),"\\",'/');
736 if ( ($temp == '/') || ($temp == '\\') )
738 define('VIRTUAL_PATH', $temp);
740 define('VIRTUAL_PATH', SCRIPT_NAME);
744 if (VIRTUAL_PATH != SCRIPT_NAME) {
745 // Apache action handlers are used.
746 define('PATH_INFO_PREFIX', VIRTUAL_PATH . '/');
749 define('PATH_INFO_PREFIX', '/');
751 define('PHPWIKI_BASE_URL',
752 SERVER_URL . (USE_PATH_INFO ? VIRTUAL_PATH . '/' : SCRIPT_NAME));
754 // Detect PrettyWiki setup (not loading index.php directly)
755 // $SCRIPT_FILENAME should be the same as __FILE__ in index.php
756 if (!isset($SCRIPT_FILENAME))
757 $SCRIPT_FILENAME = @$HTTP_SERVER_VARS['SCRIPT_FILENAME'];
758 if (!isset($SCRIPT_FILENAME))
759 $SCRIPT_FILENAME = @$HTTP_ENV_VARS['SCRIPT_FILENAME'];
760 if (!isset($SCRIPT_FILENAME))
761 $SCRIPT_FILENAME = dirname(__FILE__.'/../') . '/index.php';
763 $SCRIPT_FILENAME = str_replace('\\\\','\\',strtr($SCRIPT_FILENAME, '/', '\\'));
764 define('SCRIPT_FILENAME', $SCRIPT_FILENAME);
766 // Get remote host name, if apache hasn't done it for us
767 if (empty($HTTP_SERVER_VARS['REMOTE_HOST'])
768 and !empty($HTTP_SERVER_VARS['REMOTE_ADDR'])
769 and ENABLE_REVERSE_DNS)
770 $HTTP_SERVER_VARS['REMOTE_HOST'] = gethostbyaddr($HTTP_SERVER_VARS['REMOTE_ADDR']);
774 // $Log: not supported by cvs2svn $
775 // Revision 1.76 2005/01/31 00:31:00 rurban
778 // Revision 1.75 2005/01/30 21:52:09 rurban
779 // print early warning on wrong DATABASE_TYPE
781 // Revision 1.74 2005/01/29 20:35:52 rurban
782 // helper for local debugging (Zend Personal Edition)
784 // Revision 1.73 2005/01/25 06:51:37 rurban
785 // new options: TOOLBAR_PAGELINK_PULLDOWN, DATABASE_PERSISTENT
787 // Revision 1.72 2005/01/13 07:29:27 rurban
788 // Default ACCESS_LOG_SQL = 2 on SQL/ADODB
790 // Revision 1.71 2005/01/10 18:06:40 rurban
791 // $LANG from DEFAULT_LANGUAGE
793 // Revision 1.70 2005/01/04 20:22:44 rurban
794 // guess $LANG based on client
796 // Revision 1.69 2004/12/23 14:07:34 rurban
797 // fix default language detection if DEFAULT_LANGUAGE=, collapse to 2char lang code, fix typo in @bindtextdomain
799 // Revision 1.68 2004/12/14 21:35:15 rurban
800 // support new BLOG_EMPTY_DEFAULT_PREFIX
802 // Revision 1.67 2004/11/30 09:51:35 rurban
803 // changed KEYWORDS from pageprefix to search term. added installer detection.
805 // Revision 1.66 2004/11/17 17:23:12 rurban
806 // fixed chdir back from locale
808 // Revision 1.65 2004/11/11 10:31:26 rurban
809 // Disable default options in config-dist.ini
810 // Add new CATEGORY_GROUP_PAGE root page: Default: Translation of "CategoryGroup"
811 // Clarify more options.
813 // Revision 1.64 2004/11/09 17:11:03 rurban
814 // * revert to the wikidb ref passing. there's no memory abuse there.
815 // * use new wikidb->_cache->_id_cache[] instead of wikidb->_iwpcache, to effectively
816 // store page ids with getPageLinks (GleanDescription) of all existing pages, which
817 // are also needed at the rendering for linkExistingWikiWord().
818 // pass options to pageiterator.
819 // use this cache also for _get_pageid()
820 // This saves about 8 SELECT count per page (num all pagelinks).
821 // * fix passing of all page fields to the pageiterator.
822 // * fix overlarge session data which got broken with the latest ACCESS_LOG_SQL changes
824 // Revision 1.63 2004/11/07 16:47:32 rurban
827 // Revision 1.62 2004/11/07 16:02:51 rurban
828 // new sql access log (for spam prevention), and restructured access log class
829 // dbh->quote (generic)
830 // pear_db: mysql specific parts seperated (using replace)
832 // Revision 1.61 2004/11/06 17:01:30 rurban
833 // unify DATABASE constants init as with DBAUTH
835 // Revision 1.60 2004/11/06 03:06:58 rurban
836 // make use of dumped static config state in config/config.php (if writable)
838 // Revision 1.59 2004/11/05 20:53:35 rurban
839 // login cleanup: better debug msg on failing login,
840 // checked password less immediate login (bogo or anon),
841 // checked olduser pref session error,
842 // better PersonalPage without password warning on minimal password length=0
843 // (which is default now)
845 // Revision 1.58 2004/11/03 16:50:31 rurban
846 // some new defaults and constants, renamed USE_DOUBLECLICKEDIT to ENABLE_DOUBLECLICKEDIT
848 // Revision 1.57 2004/11/01 10:43:55 rurban
849 // seperate PassUser methods into seperate dir (memory usage)
850 // fix WikiUser (old) overlarge data session
851 // remove wikidb arg from various page class methods, use global ->_dbi instead
854 // Revision 1.56 2004/10/21 20:20:53 rurban
855 // From patch #970004 "Double clic to edit" by pixels.
857 // Revision 1.55 2004/10/14 19:23:58 rurban
858 // remove debugging prints
860 // Revision 1.54 2004/10/14 17:13:01 rurban
861 // use DATABASE_PREFIX
863 // Revision 1.53 2004/10/12 13:13:19 rurban
864 // php5 compatibility (5.0.1 ok)
866 // Revision 1.52 2004/10/04 23:38:07 rurban
869 // Revision 1.51 2004/09/20 13:40:19 rurban
870 // define all config.ini settings, only the supported will be taken from -default.
871 // support USE_EXTERNAL_HTML2PDF renderer (htmldoc tested)
873 // Revision 1.50 2004/09/06 09:28:58 rurban
874 // fix PLUGIN_CACHED_CACHE_DIR fallback logic. ini entry did not work before
876 // Revision 1.49 2004/07/13 13:07:27 rurban
877 // improved DB_SESSION logic
879 // Revision 1.48 2004/07/05 13:09:37 rurban
880 // ENABLE_RAW_HTML_LOCKEDONLY, ENABLE_RAW_HTML_SAFE
882 // Revision 1.47 2004/07/03 16:51:05 rurban
883 // optional DBADMIN_USER:DBADMIN_PASSWD for action=upgrade (if no ALTER permission)
884 // added atomic mysql REPLACE for PearDB as in ADODB
885 // fixed _lock_tables typo links => link
886 // fixes unserialize ADODB bug in line 180
888 // Revision 1.46 2004/07/02 09:55:58 rurban
889 // more stability fixes: new DISABLE_GETIMAGESIZE if your php crashes when loading LinkIcons: failing getimagesize in old phps; blockparser stabilized
891 // Revision 1.45 2004/07/01 08:51:21 rurban
892 // dumphtml: added exclude, print pagename before processing
894 // Revision 1.44 2004/06/29 08:52:22 rurban
895 // Use ...version() $need_content argument in WikiDB also:
896 // To reduce the memory footprint for larger sets of pagelists,
897 // we don't cache the content (only true or false) and
898 // we purge the pagedata (_cached_html) also.
899 // _cached_html is only cached for the current pagename.
900 // => Vastly improved page existance check, ACL check, ...
902 // Now only PagedList info=content or size needs the whole content, esp. if sortable.
904 // Revision 1.43 2004/06/29 06:48:02 rurban
905 // Improve LDAP auth and GROUP_LDAP membership:
906 // no error message on false password,
907 // added two new config vars: LDAP_OU_USERS and LDAP_OU_GROUP with GROUP_METHOD=LDAP
908 // fixed two group queries (this -> user)
909 // stdlib: ConvertOldMarkup still flawed
911 // Revision 1.42 2004/06/28 15:01:07 rurban
912 // fixed LDAP_SET_OPTION handling, LDAP error on connection problem
914 // Revision 1.41 2004/06/25 14:29:17 rurban
915 // WikiGroup refactoring:
916 // global group attached to user, code for not_current user.
917 // improved helpers for special groups (avoid double invocations)
918 // new experimental config option ENABLE_XHTML_XML (fails with IE, and document.write())
919 // fixed a XHTML validation error on userprefs.tmpl
921 // Revision 1.40 2004/06/22 07:12:48 rurban
922 // removed USE_TAGLINES constant
924 // Revision 1.39 2004/06/21 16:22:28 rurban
925 // add DEFAULT_DUMP_DIR and HTML_DUMP_DIR constants, for easier cmdline dumps,
926 // fixed dumping buttons locally (images/buttons/),
927 // support pages arg for dumphtml,
928 // optional directory arg for dumpserial + dumphtml,
929 // fix a AllPages warning,
930 // show dump warnings/errors on DEBUG,
931 // don't warn just ignore on wikilens pagelist columns, if not loaded.
932 // RateIt pagelist column is called "rating", not "ratingwidget" (Dan?)
934 // Revision 1.38 2004/06/21 08:39:36 rurban
935 // pear/Cache update from Cache-1.5.4 (added db and trifile container)
936 // pear/DB update from DB-1.6.1 (mysql bugfixes, php5 compat, DB_PORTABILITY features)
938 // Revision 1.37 2004/06/19 12:32:37 rurban
939 // new TEMP_DIR for ziplib
941 // Revision 1.36 2004/06/19 10:06:37 rurban
942 // Moved lib/plugincache-config.php to config/*.ini
943 // use PLUGIN_CACHED_* constants instead of global $CacheParams
945 // Revision 1.35 2004/06/15 09:15:52 rurban
946 // IMPORTANT: fixed passwd handling for passwords stored in prefs:
947 // fix encrypted usage, actually store and retrieve them from db
948 // fix bogologin with passwd set.
949 // fix php crashes with call-time pass-by-reference (references wrongly used
950 // in declaration AND call). This affected mainly Apache2 and IIS.
951 // (Thanks to John Cole to detect this!)
953 // Revision 1.34 2004/06/13 13:54:25 rurban
954 // Catch fatals on the four dump calls (as file and zip, as html and mimified)
955 // FoafViewer: Check against external requirements, instead of fatal.
956 // Change output for xhtmldumps: using file:// urls to the local fs.
957 // Catch SOAP fatal by checking for GOOGLE_LICENSE_KEY
958 // Import GOOGLE_LICENSE_KEY and FORTUNE_DIR from config.ini.
960 // Revision 1.33 2004/06/08 19:48:16 rurban
961 // fixed foreign setup: no ugly skipped msg for the GenericPages, load english actionpages if translated not found
963 // Revision 1.32 2004/06/08 10:54:46 rurban
964 // better acl dump representation, read back acl and owner
966 // Revision 1.31 2004/06/06 16:58:51 rurban
967 // added more required ActionPages for foreign languages
968 // install now english ActionPages if no localized are found. (again)
969 // fixed default anon user level to be 0, instead of -1
970 // (wrong "required administrator to view this page"...)
972 // Revision 1.30 2004/06/04 12:40:21 rurban
973 // Restrict valid usernames to prevent from attacks against external auth or compromise
975 // Fix various WikiUser old issues with default IMAP,LDAP,POP3 configs. Removed these.
976 // Fxied more warnings
978 // Revision 1.29 2004/06/04 11:58:38 rurban
979 // added USE_TAGLINES
981 // Revision 1.28 2004/06/03 20:42:49 rurban
982 // fixed bad warning #964850
984 // Revision 1.27 2004/06/03 10:18:19 rurban
985 // fix FileUser locking issues, new config ENABLE_PAGEPERM
987 // Revision 1.26 2004/06/02 18:01:45 rurban
988 // init global FileFinder to add proper include paths at startup
989 // adds PHPWIKI_DIR if started from another dir, lib/pear also
990 // fix slashify for Windows
991 // fix USER_AUTH_POLICY=old, use only USER_AUTH_ORDER methods (besides HttpAuth)
993 // Revision 1.25 2004/05/27 17:49:05 rurban
994 // renamed DB_Session to DbSession (in CVS also)
995 // added WikiDB->getParam and WikiDB->getAuthParam method to get rid of globals
996 // remove leading slash in error message
997 // added force_unlock parameter to File_Passwd (no return on stale locks)
998 // fixed adodb session AffectedRows
999 // added FileFinder helpers to unify local filenames and DATA_PATH names
1000 // editpage.php: new edit toolbar javascript on ENABLE_EDIT_TOOLBAR
1002 // Revision 1.24 2004/05/18 13:33:13 rurban
1003 // we already have a CGI function
1005 // Revision 1.23 2004/05/17 17:43:29 rurban
1006 // CGI: no PATH_INFO fix
1008 // Revision 1.22 2004/05/16 22:07:35 rurban
1009 // check more config-default and predefined constants
1010 // various PagePerm fixes:
1011 // fix default PagePerms, esp. edit and view for Bogo and Password users
1012 // implemented Creator and Owner
1013 // BOGOUSERS renamed to BOGOUSER
1014 // fixed syntax errors in signin.tmpl
1016 // Revision 1.21 2004/05/08 22:55:12 rurban
1017 // Fixed longstanding sf.net:demo problem. endless loop, caused by an empty definition of
1018 // WIKI_NAME_REGEXP. Exactly this constant wasn't checked for its default setting.
1020 // Revision 1.20 2004/05/08 20:21:00 rurban
1021 // remove php tags in Log
1023 // Revision 1.19 2004/05/08 19:55:29 rurban
1024 // support <span>inlined plugin-result</span>:
1025 // if the plugin is parsed inside a line, use <span> instead of
1026 // <div tightenable top bottom>
1027 // e.g. for "This is the current Phpwiki <plugin SystemInfo version> version.
1029 // Revision 1.18 2004/05/08 16:58:19 rurban
1030 // don't ignore some false config values (e.g. USE_PATH_INFO false was ignored)
1032 // Revision 1.17 2004/05/06 19:26:15 rurban
1033 // improve stability, trying to find the InlineParser endless loop on sf.net
1035 // remove end-of-zip comments to fix sf.net bug #777278 and probably #859628
1037 // Revision 1.16 2004/05/02 15:10:05 rurban
1038 // new finally reliable way to detect if /index.php is called directly
1039 // and if to include lib/main.php
1040 // new global AllActionPages
1041 // SetupWiki now loads all mandatory pages: HOME_PAGE, action pages, and warns if not.
1042 // WikiTranslation what=buttons for Carsten to create the missing MacOSX buttons
1043 // PageGroupTestOne => subpages
1044 // renamed PhpWikiRss to PhpWikiRecentChanges
1045 // more docs, default configs, ...
1047 // Revision 1.15 2004/05/01 15:59:29 rurban
1048 // more php-4.0.6 compatibility: superglobals
1050 // Revision 1.14 2004/04/29 23:25:12 rurban
1051 // re-ordered locale init (as in 1.3.9)
1052 // fixed loadfile with subpages, and merge/restore anyway
1053 // (sf.net bug #844188)
1055 // Revision 1.13 2004/04/29 21:54:05 rurban
1058 // Revision 1.12 2004/04/27 16:16:27 rurban
1059 // more subtle config problems with defaults
1061 // Revision 1.11 2004/04/26 20:44:34 rurban
1062 // locking table specific for better databases
1064 // Revision 1.10 2004/04/26 13:22:32 rurban
1065 // calculate bool old or dynamic constants later
1067 // Revision 1.9 2004/04/26 12:15:01 rurban
1068 // check default config values
1070 // Revision 1.8 2004/04/23 16:55:59 zorloc
1071 // If using Db auth and DBAUTH_AUTH_DSN is empty set DBAUTH_AUTH_DSN to $DBParams['dsn']
1073 // Revision 1.7 2004/04/20 22:26:27 zorloc
1074 // Removed Pear_Config for parse_ini_file().
1076 // Revision 1.6 2004/04/20 18:10:27 rurban
1077 // config refactoring:
1078 // FileFinder is needed for WikiFarm scripts calling index.php
1079 // config run-time calls moved to lib/IniConfig.php:fix_configs()
1080 // added PHPWIKI_DIR smart-detection code (Theme finder)
1081 // moved FileFind to lib/FileFinder.php
1082 // cleaned lib/config.php
1084 // Revision 1.5 2004/04/20 17:21:57 rurban
1085 // WikiFarm code: honor predefined constants
1087 // Revision 1.4 2004/04/20 17:08:19 rurban
1088 // Some IniConfig fixes: prepend our private lib/pear dir
1089 // switch from " to ' in the auth statements
1090 // use error handling.
1091 // WikiUserNew changes for the new "'$variable'" syntax
1092 // in the statements
1093 // TODO: optimization to put config vars into the session.
1096 // (c-file-style: "gnu")
1100 // c-basic-offset: 4
1101 // c-hanging-comment-ender-p: nil
1102 // indent-tabs-mode: nil