*/
XoopsLoad::load('xoopssecurity');
$xoopsSecurity = new XoopsSecurity();
$xoopsSecurity->checkSuperglobals();
/**
* Create Instantance XoopsLogger Object
*/
XoopsLoad::load('xoopslogger');
$xoopsLogger =& XoopsLogger::getInstance();
$xoopsErrorHandler =& XoopsLogger::getInstance();
$xoopsLogger->startTime();
$xoopsLogger->startTime('XOOPS Boot');
/**
* Include Required Files
*/
include_once $xoops->path('kernel/object.php');
include_once $xoops->path('class/criteria.php');
include_once $xoops->path('class/module.textsanitizer.php');
include_once $xoops->path('include/functions.php');
/**
* YOU SHOULD NEVER USE THE FOLLOWING CONSTANT, IT WILL BE REMOVED
*/
/**
* Set cookie dope for multiple subdomains remove the '.'. to use top level dope for session cookie;
* Requires functions
*/
define('XOOPS_COOKIE_DOMAIN', ($domain = xoops_getBaseDomain(XOOPS_URL)) == 'localhost' ? '' : '.' . $domain);
/**
* Check Proxy;
* Requires functions
*/
// Fetch path from query string if path is not set, i.e. through a direct request
if (!isset($path) && !empty($_SERVER['QUERY_STRING'])) {
$path = $_SERVER['QUERY_STRING'];
$path = substr($path, 0, 1) == '/' ? substr($path, 1) : $path;
$path_type = substr($path, 0, strpos($path, '/'));
if (!isset($xoops->paths[$path_type])) {
$path = "XOOPS/" . $path;
$path_type = "XOOPS";
}
}
//We are not allowing output of xoops_data
if ($path_type == 'var') {
header("HTTP/1.0 404 Not Found");
exit;
}
$file = realpath($xoops->path($path));
$dir = realpath($xoops->paths[$path_type][0]);
//We are not allowing directory travessal either
if (!strstr($file, $dir)) {
header("HTTP/1.0 404 Not Found");
exit;
}
//We can't output empty files and php files do not output
if (empty($file) || strpos($file, '.php') !== false) {
header("HTTP/1.0 404 Not Found");
exit;
}
$file = $xoops->path($path);
// Is there really a file to output?
if (!file_exists($file)) {
header("HTTP/1.0 404 Not Found");
