/** * Initializes the environment: * * - Loads hooks * - Converts all input variables to the configured character set * * @return void */ public static function init() { if (self::$init === TRUE) { return; } // Test if the current environment is command-line self::$is_cli = PHP_SAPI === 'cli'; // Test if the current evironment is Windows self::$is_windows = DIRECTORY_SEPARATOR === '\\'; // Determine if the server supports UTF-8 natively utf8::$server_utf8 = extension_loaded('mbstring'); // Load the file path cache self::$file_path = Kohana::cache('kohana_file_paths'); // Load the configuration loader self::$config = new Kohana_Config_Loader(); // Import the main configuration locally $config = self::$config->kohana; // Set the default locale self::$default_locale = $config->default_locale; self::$save_cache = $config->save_cache; self::$charset = $config->charset; // Localize the environment self::locale($config->locale); // Set the enviroment time self::timezone($config->timezone); // Enable modules self::modules($config->modules); if ($hooks = self::list_files('hooks', TRUE)) { foreach ($hooks as $hook) { // Load each hook in the order they appear require $hook; } } // Convert global variables to current charset. $_GET = utf8::clean($_GET, self::$charset); $_POST = utf8::clean($_POST, self::$charset); $_SERVER = utf8::clean($_SERVER, self::$charset); // The system has been initialized self::$init = TRUE; }
/** * Initializes the environment: * * - Disables register_globals and magic_quotes_gpc * - Determines the current environment * - Set global settings * - Sanitizes GET, POST, and COOKIE variables * - Converts GET, POST, and COOKIE variables to the global character set * * Any of the global settings can be set here: * * > boolean "display_errors" : display errors and exceptions * > boolean "log_errors" : log errors and exceptions * > boolean "cache_paths" : cache the location of files between requests * > string "charset" : character set used for all input and output * * @param array global settings * @return void */ public static function init(array $settings = NULL) { static $_init; // This function can only be run once if ($_init === TRUE) { return; } if (isset($settings['profile'])) { // Enable profiling self::$profile = (bool) $settings['profile']; } if (self::$profile === TRUE) { // Start a new benchmark $benchmark = Profiler::start(__CLASS__, __FUNCTION__); } // The system will now be initialized $_init = TRUE; // Start an output buffer ob_start(); if (version_compare(PHP_VERSION, '6.0', '<=')) { // Disable magic quotes at runtime set_magic_quotes_runtime(0); } if (ini_get('register_globals')) { if (isset($_REQUEST['GLOBALS'])) { // Prevent malicious GLOBALS overload attack echo "Global variable overload attack detected! Request aborted.\n"; // Exit with an error status exit(1); } // Get the variable names of all globals $global_variables = array_keys($GLOBALS); // Remove the standard global variables from the list $global_variables = array_diff($global_vars, array('GLOBALS', '_REQUEST', '_GET', '_POST', '_FILES', '_COOKIE', '_SERVER', '_ENV', '_SESSION')); foreach ($global_variables as $name) { // Retrieve the global variable and make it null global ${$name}; ${$name} = NULL; // Unset the global variable, effectively disabling register_globals unset($GLOBALS[$name], ${$name}); } } // Determine if we are running in a command line environment self::$is_cli = PHP_SAPI === 'cli'; // Determine if we are running in a Windows environment self::$is_windows = DIRECTORY_SEPARATOR === '\\'; if (isset($settings['display_errors'])) { // Enable or disable the display of errors self::$display_errors = (bool) $settings['display_errors']; } if (isset($settings['cache_paths'])) { // Enable or disable the caching of paths self::$cache_paths = (bool) $settings['cache_paths']; } if (isset($settings['charset'])) { // Set the system character set self::$charset = strtolower($settings['charset']); } if (isset($settings['base_url'])) { // Set the base URL self::$base_url = rtrim($settings['base_url'], '/') . '/'; } // Determine if the extremely evil magic quotes are enabled self::$magic_quotes = (bool) get_magic_quotes_gpc(); // Sanitize all request variables $_GET = self::sanitize($_GET); $_POST = self::sanitize($_POST); $_COOKIE = self::sanitize($_COOKIE); // Load the logger self::$log = Kohana_Log::instance(); // Determine if this server supports UTF-8 natively utf8::$server_utf8 = extension_loaded('mbstring'); // Normalize all request variables to the current charset $_GET = utf8::clean($_GET, self::$charset); $_POST = utf8::clean($_POST, self::$charset); $_COOKIE = utf8::clean($_COOKIE, self::$charset); if (isset($benchmark)) { // Stop benchmarking Profiler::stop($benchmark); } }