<?php
/**
*
* @package phpBB3
* @copyright (c) 2011 phpBB Group
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*
*/
/**
*/
if (!defined('IN_PHPBB'))
{
exit;
}
// Report all errors, except notices and deprecation messages
if (!defined('E_DEPRECATED'))
{
define('E_DEPRECATED', 8192);
}
$level = E_ALL & ~E_NOTICE & ~E_DEPRECATED;
if (version_compare(PHP_VERSION, '5.4.0-dev', '>='))
{
// PHP 5.4 adds E_STRICT to E_ALL.
// Our utf8 normalizer triggers E_STRICT output on PHP 5.4.
// Unfortunately it cannot be made E_STRICT-clean while
// continuing to work on PHP 4.
// Therefore, in phpBB 3.0.x we disable E_STRICT on PHP 5.4+,
// while phpBB 3.1 will fix utf8 normalizer.
// E_STRICT is defined starting with PHP 5
if (!defined('E_STRICT'))
{
define('E_STRICT', 2048);
}
$level &= ~E_STRICT;
}
error_reporting($level);
/*
* Remove variables created by register_globals from the global scope
* Thanks to Matt Kavanagh
*/
function deregister_globals()
{
$not_unset = array(
'GLOBALS' => true,
'_GET' => true,
'_POST' => true,
'_COOKIE' => true,
'_REQUEST' => true,
'_SERVER' => true,
'_SESSION' => true,
'_ENV' => true,
'_FILES' => true,
'phpEx' => true,
'phpbb_root_path' => true
);
// Not only will array_merge and array_keys give a warning if
// a parameter is not an array, array_merge will actually fail.
// So we check if _SESSION has been initialised.
if (!isset($_SESSION) || !is_array($_SESSION))
{
$_SESSION = array();
}
// Merge all into one extremely huge array; unset this later
$input = array_merge(
array_keys($_GET),
array_keys($_POST),
array_keys($_COOKIE),
array_keys($_SERVER),
array_keys($_SESSION),
array_keys($_ENV),
array_keys($_FILES)
);
foreach ($input as $varname)
{
if (isset($not_unset[$varname]))
{
// Hacking attempt. No point in continuing unless it's a COOKIE (so a cookie called GLOBALS doesn't lock users out completely)
if ($varname !== 'GLOBALS' || isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_SERVER['GLOBALS']) || isset($_SESSION['GLOBALS']) || isset($_ENV['GLOBALS']) || isset($_FILES['GLOBALS']))
{
exit;
}
else
{
$cookie = &$_COOKIE;
while (isset($cookie['GLOBALS']))
{
if (!is_array($cookie['GLOBALS']))
{
break;
}
foreach ($cookie['GLOBALS'] as $registered_var => $value)
{
if (!isset($not_unset[$registered_var]))
{
unset($GLOBALS[$registered_var]);
}
}
$cookie = &$cookie['GLOBALS'];
}
}
}
unset($GLOBALS[$varname]);
}
unset($input);
}
// Register globals and magic quotes have been dropped in PHP 5.4
if (version_compare(PHP_VERSION, '5.4.0-dev', '>='))
{
/**
* @ignore
*/
define('STRIP', false);
}
else
{
@set_magic_quotes_runtime(0);
// Be paranoid with passed vars
if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on' || !function_exists('ini_get'))
{
deregister_globals();
}
define('STRIP', (get_magic_quotes_gpc()) ? true : false);
}
// Prevent date/time functions from throwing E_WARNING on PHP 5.3 by setting a default timezone
if (function_exists('date_default_timezone_set') && function_exists('date_default_timezone_get'))
{
// For PHP 5.1.0 the date/time functions have been rewritten
// and setting a timezone is required prior to calling any date/time function.
// Since PHP 5.2.0 calls to date/time functions without having a timezone set
// result in E_STRICT errors being thrown.
// Note: We already exclude E_STRICT errors
// (to be exact: they are not included in E_ALL in PHP 5.2)
// In PHP 5.3.0 the error level has been raised to E_WARNING which causes problems
// because we show E_WARNING errors and do not set a default timezone.
// This is because we have our own timezone handling and work in UTC only anyway.
// So what we basically want to do is set our timezone to UTC,
// but we don't know what other scripts (such as bridges) are involved,
// so we check whether a timezone is already set by calling date_default_timezone_get().
// Unfortunately, date_default_timezone_get() itself might throw E_WARNING
// if no timezone has been set, so we have to keep it quiet with @.
// date_default_timezone_get() tries to guess the correct timezone first
// and then falls back to UTC when everything fails.
// We just set the timezone to whatever date_default_timezone_get() returns.
date_default_timezone_set(@date_default_timezone_get());
}
$starttime = explode(' ', microtime());
$starttime = $starttime[1] + $starttime[0];