function lovd_getProjectFile() { // Gets project file name (file name including possible project subdirectory). // 2015-03-05; 3.0-13; When running an import, this function is called very often, so let's cache this function's results. static $sProjectFile; if ($sProjectFile) { return $sProjectFile; } $sDir = rtrim(dirname($_SERVER['SCRIPT_NAME']), '/') . '/'; // /LOVDv.3.0/install/ or / $sProjectDir = lovd_cleanDirName($sDir . ROOT_PATH); // /LOVDv.3.0/ or / $sDir = substr($sDir, strlen($sProjectDir) - 1); // /install/ or / // You need to use SCRIPT_FILENAME here, because SCRIPT_NAME can lose the .php extension. $sProjectFile = $sDir . basename($_SERVER['SCRIPT_FILENAME']); // /install/index.php or /variants.php return $sProjectFile; }
// The following applies only if the system is fully installed. if (!defined('NOT_INSTALLED')) { // Load session data. require ROOT_PATH . 'inc-auth.php'; // If we're read only, log user out when lower than Manager. if ($_AUTH && $_CONF['lovd_read_only'] && $_AUTH['level'] < LEVEL_MANAGER) { // We won't let the user know, because this usually only happens when a // new message has appeared that sets the installation to read-only. // So let's hope the new message on the screen attracks attention and // that it speaks for itself. // (In principle, it can also happen when an existing message is edited // to lock the installation.) $_AUTH = false; } // Define $_PE ($_PATH_ELEMENTS) and CURRENT_PATH. $sPath = preg_replace('/^' . preg_quote(lovd_getInstallURL(false), '/') . '/', '', lovd_cleanDirName(rawurldecode($_SERVER['REQUEST_URI']))); // 'login' or 'genes?create' or 'users/00001?edit' $aPath = explode('?', $sPath); // Cut off the Query string, that will be handled later. $_PE = explode('/', rtrim($aPath[0], '/')); // array('login') or array('genes') or array('users', '00001') // XSS check on the elements. foreach ($_PE as $key => $val) { if ($val !== strip_tags($val)) { $_PE[$key] = ''; } } if (isset($_SETT['objectid_length'][$_PE[0]]) && isset($_PE[1]) && ctype_digit($_PE[1])) { $_PE[1] = sprintf('%0' . $_SETT['objectid_length'][$_PE[0]] . 'd', $_PE[1]); } define('CURRENT_PATH', implode('/', $_PE));