Merge pull request #7914 from Sesquipedalian/ssi_defensive

SimpleMachines · Nov 29, 2023 · 4dd7e46 · 4dd7e46
2 parents 16483a1 + 3589f77
commit 4dd7e46
Show file tree

Hide file tree

Showing 3 changed files with 62 additions and 36 deletions.
diff --git a/SSI.php b/SSI.php
@@ -29,13 +29,10 @@
  * @version 3.0 Alpha 1
  */
 
-// Don't do anything if SMF is already loaded.
-if (defined('SMF')) {
-	return true;
+if (!defined('SMF')) {
+	define('SMF', 'SSI');
 }
 
-define('SMF', 'SSI');
-
 // Initialize.
 require_once __DIR__ . '/index.php';
 

diff --git a/Sources/ServerSideIncludes.php b/Sources/ServerSideIncludes.php
@@ -2604,6 +2604,21 @@ public static function recentAttachments($num_attachments = 10, $attachment_ext
 	 */
 	public function __construct()
 	{
+		// SSI isn't meant to be used from within the forum,
+		// but apparently someone is doing so anyway...
+		if (defined('SMF') && SMF !== 'SSI') {
+			if (!self::$setup_done) {
+				IntegrationHook::call('integrate_SSI');
+			}
+
+			self::$setup_done = true;
+		}
+
+		// Don't do the setup steps more than once.
+		if (self::$setup_done) {
+			return;
+		}
+
 		foreach ($this->ssi_globals as $var) {
 			if (isset($GLOBALS[$var])) {
 				if ($var === 'ssi_on_error_method') {

diff --git a/index.php b/index.php
@@ -29,104 +29,118 @@
  * 1. Define some constants we need.
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	define('SMF', 1);
+}
 
-if (!defined('SMF_VERSION'))
+if (!defined('SMF_VERSION')) {
 	define('SMF_VERSION', '3.0 Alpha 1');
+}
 
-if (!defined('SMF_FULL_VERSION'))
+if (!defined('SMF_FULL_VERSION')) {
 	define('SMF_FULL_VERSION', 'SMF ' . SMF_VERSION);
+}
 
-if (!defined('SMF_SOFTWARE_YEAR'))
+if (!defined('SMF_SOFTWARE_YEAR')) {
 	define('SMF_SOFTWARE_YEAR', '2023');
+}
 
-if (!defined('JQUERY_VERSION'))
+if (!defined('JQUERY_VERSION')) {
 	define('JQUERY_VERSION', '3.6.3');
+}
 
-if (!defined('POSTGRE_TITLE'))
+if (!defined('POSTGRE_TITLE')) {
 	define('POSTGRE_TITLE', 'PostgreSQL');
+}
 
-if (!defined('MYSQL_TITLE'))
+if (!defined('MYSQL_TITLE')) {
 	define('MYSQL_TITLE', 'MySQL');
+}
 
-if (!defined('SMF_USER_AGENT'))
+if (!defined('SMF_USER_AGENT')) {
 	define('SMF_USER_AGENT', 'Mozilla/5.0 (' . php_uname('s') . ' ' . php_uname('m') . ') AppleWebKit/605.1.15 (KHTML, like Gecko)  SMF/' . strtr(SMF_VERSION, ' ', '.'));
+}
 
-if (!defined('TIME_START'))
+if (!defined('TIME_START')) {
 	define('TIME_START', microtime(true));
+}
 
-if (!defined('SMF_SETTINGS_FILE'))
+if (!defined('SMF_SETTINGS_FILE')) {
 	define('SMF_SETTINGS_FILE', __DIR__ . '/Settings.php');
+}
 
-if (!defined('SMF_SETTINGS_BACKUP_FILE'))
+if (!defined('SMF_SETTINGS_BACKUP_FILE')) {
 	define('SMF_SETTINGS_BACKUP_FILE', dirname(SMF_SETTINGS_FILE) . '/' . pathinfo(SMF_SETTINGS_FILE, PATHINFO_FILENAME) . '_bak.php');
+}
 
 /*
  * 2. Load the Settings.php file.
  */
 
-if (!is_file(SMF_SETTINGS_FILE) || !is_readable(SMF_SETTINGS_FILE))
+if (!is_file(SMF_SETTINGS_FILE) || !is_readable(SMF_SETTINGS_FILE)) {
 	die('File not readable: ' . basename(SMF_SETTINGS_FILE));
+}
 
 // Don't load it twice.
-if (in_array(SMF_SETTINGS_FILE, get_included_files()))
+if (in_array(SMF_SETTINGS_FILE, get_included_files())) {
 	return;
+}
 
 // If anything goes wrong loading Settings.php, make sure the admin knows it.
-if (SMF === 1)
-{
+if (SMF === 1) {
 	error_reporting(E_ALL);
 	ob_start();
 }
 
 // This is wrapped in a closure to keep the global namespace clean.
-call_user_func(function()
-{
-	require_once(SMF_SETTINGS_FILE);
+call_user_func(function () {
+	require_once SMF_SETTINGS_FILE;
 
 	// Ensure $sourcedir is valid.
-	$sourcedir = rtrim($sourcedir, "\\/");
-	if ((empty($sourcedir) || !is_dir(realpath($sourcedir))))
-	{
-		$boarddir = rtrim($boarddir, "\\/");
+	$sourcedir = rtrim($sourcedir, '\\/');
+
+	if ((empty($sourcedir) || !is_dir(realpath($sourcedir)))) {
+		$boarddir = rtrim($boarddir, '\\/');
 
-		if (empty($boarddir) || !is_dir(realpath($boarddir)))
+		if (empty($boarddir) || !is_dir(realpath($boarddir))) {
 			$boarddir = __DIR__;
+		}
 
-		if (is_dir($boarddir . '/Sources'))
+		if (is_dir($boarddir . '/Sources')) {
 			$sourcedir = $boarddir . '/Sources';
+		}
 	}
 
 	// We need this class, or nothing works.
-	if (!is_file($sourcedir . '/Config.php') || !is_readable($sourcedir . '/Config.php'))
+	if (!is_file($sourcedir . '/Config.php') || !is_readable($sourcedir . '/Config.php')) {
 		die('File not readable: (Sources)/Config.php');
+	}
 
 	// Pass all the settings to SMF\Config.
-	require_once($sourcedir . '/Config.php');
+	require_once $sourcedir . '/Config.php';
 	SMF\Config::set(get_defined_vars());
 });
 
 // Devs want all error messages, but others don't.
-if (SMF === 1)
+if (SMF === 1) {
 	error_reporting(!empty(SMF\Config::$db_show_debug) ? E_ALL : E_ALL & ~E_DEPRECATED);
+}
 
 /*
  * 3. Load some other essential includes.
  */
 
-require_once(SMF\Config::$sourcedir . '/Autoloader.php');
+require_once SMF\Config::$sourcedir . '/Autoloader.php';
 
 // Ensure we don't trip over disabled internal functions
-require_once(SMF\Config::$sourcedir . '/Subs-Compat.php');
+require_once SMF\Config::$sourcedir . '/Subs-Compat.php';
 
 
 /*********************************************************************
  * From this point forward, do stuff specific to normal forum loading.
  *********************************************************************/
 
-if (SMF === 1)
-{
+if (SMF === 1) {
 	(new SMF\Forum())->execute();
 }