From d91ddffa8961b8382d95495ca7559d495a1decff Mon Sep 17 00:00:00 2001 From: Jon Stovell Date: Sun, 26 Nov 2023 18:55:03 -0700 Subject: [PATCH 1/2] Defends against issues when people use SSI within the forum SSI functions aren't meant to be used from within the forum, but people try to do so anyway. This helps prevent some problems that can arise if they do. It's still not recommended to do so, though. Signed-off-by: Jon Stovell --- SSI.php | 7 ++----- Sources/ServerSideIncludes.php | 15 +++++++++++++++ 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/SSI.php b/SSI.php index 5331590d25..7acda7dd79 100644 --- a/SSI.php +++ b/SSI.php @@ -29,13 +29,10 @@ * @version 3.0 Alpha 1 */ -// Don't do anything if SMF is already loaded. -if (defined('SMF')) { - return true; +if (!defined('SMF')) { + define('SMF', 'SSI'); } -define('SMF', 'SSI'); - // Initialize. require_once __DIR__ . '/index.php'; diff --git a/Sources/ServerSideIncludes.php b/Sources/ServerSideIncludes.php index 2dd9535e02..1f12c668c7 100644 --- a/Sources/ServerSideIncludes.php +++ b/Sources/ServerSideIncludes.php @@ -2604,6 +2604,21 @@ public static function recentAttachments($num_attachments = 10, $attachment_ext */ public function __construct() { + // SSI isn't meant to be used from within the forum, + // but apparently someone is doing so anyway... + if (defined('SMF') && SMF !== 'SSI') { + if (!self::$setup_done) { + IntegrationHook::call('integrate_SSI'); + } + + self::$setup_done = true; + } + + // Don't do the setup steps more than once. + if (self::$setup_done) { + return; + } + foreach ($this->ssi_globals as $var) { if (isset($GLOBALS[$var])) { if ($var === 'ssi_on_error_method') { From 3589f775db6bc4b40902e3c22303829da78a2cac Mon Sep 17 00:00:00 2001 From: Jon Stovell Date: Tue, 28 Nov 2023 10:53:09 -0700 Subject: [PATCH 2/2] Updates index.php to match our coding standard Signed-off-by: Jon Stovell --- index.php | 76 ++++++++++++++++++++++++++++++++----------------------- 1 file changed, 45 insertions(+), 31 deletions(-) diff --git a/index.php b/index.php index ab1e5c9006..9b3ceab616 100644 --- a/index.php +++ b/index.php @@ -29,104 +29,118 @@ * 1. Define some constants we need. */ -if (!defined('SMF')) +if (!defined('SMF')) { define('SMF', 1); +} -if (!defined('SMF_VERSION')) +if (!defined('SMF_VERSION')) { define('SMF_VERSION', '3.0 Alpha 1'); +} -if (!defined('SMF_FULL_VERSION')) +if (!defined('SMF_FULL_VERSION')) { define('SMF_FULL_VERSION', 'SMF ' . SMF_VERSION); +} -if (!defined('SMF_SOFTWARE_YEAR')) +if (!defined('SMF_SOFTWARE_YEAR')) { define('SMF_SOFTWARE_YEAR', '2023'); +} -if (!defined('JQUERY_VERSION')) +if (!defined('JQUERY_VERSION')) { define('JQUERY_VERSION', '3.6.3'); +} -if (!defined('POSTGRE_TITLE')) +if (!defined('POSTGRE_TITLE')) { define('POSTGRE_TITLE', 'PostgreSQL'); +} -if (!defined('MYSQL_TITLE')) +if (!defined('MYSQL_TITLE')) { define('MYSQL_TITLE', 'MySQL'); +} -if (!defined('SMF_USER_AGENT')) +if (!defined('SMF_USER_AGENT')) { define('SMF_USER_AGENT', 'Mozilla/5.0 (' . php_uname('s') . ' ' . php_uname('m') . ') AppleWebKit/605.1.15 (KHTML, like Gecko) SMF/' . strtr(SMF_VERSION, ' ', '.')); +} -if (!defined('TIME_START')) +if (!defined('TIME_START')) { define('TIME_START', microtime(true)); +} -if (!defined('SMF_SETTINGS_FILE')) +if (!defined('SMF_SETTINGS_FILE')) { define('SMF_SETTINGS_FILE', __DIR__ . '/Settings.php'); +} -if (!defined('SMF_SETTINGS_BACKUP_FILE')) +if (!defined('SMF_SETTINGS_BACKUP_FILE')) { define('SMF_SETTINGS_BACKUP_FILE', dirname(SMF_SETTINGS_FILE) . '/' . pathinfo(SMF_SETTINGS_FILE, PATHINFO_FILENAME) . '_bak.php'); +} /* * 2. Load the Settings.php file. */ -if (!is_file(SMF_SETTINGS_FILE) || !is_readable(SMF_SETTINGS_FILE)) +if (!is_file(SMF_SETTINGS_FILE) || !is_readable(SMF_SETTINGS_FILE)) { die('File not readable: ' . basename(SMF_SETTINGS_FILE)); +} // Don't load it twice. -if (in_array(SMF_SETTINGS_FILE, get_included_files())) +if (in_array(SMF_SETTINGS_FILE, get_included_files())) { return; +} // If anything goes wrong loading Settings.php, make sure the admin knows it. -if (SMF === 1) -{ +if (SMF === 1) { error_reporting(E_ALL); ob_start(); } // This is wrapped in a closure to keep the global namespace clean. -call_user_func(function() -{ - require_once(SMF_SETTINGS_FILE); +call_user_func(function () { + require_once SMF_SETTINGS_FILE; // Ensure $sourcedir is valid. - $sourcedir = rtrim($sourcedir, "\\/"); - if ((empty($sourcedir) || !is_dir(realpath($sourcedir)))) - { - $boarddir = rtrim($boarddir, "\\/"); + $sourcedir = rtrim($sourcedir, '\\/'); + + if ((empty($sourcedir) || !is_dir(realpath($sourcedir)))) { + $boarddir = rtrim($boarddir, '\\/'); - if (empty($boarddir) || !is_dir(realpath($boarddir))) + if (empty($boarddir) || !is_dir(realpath($boarddir))) { $boarddir = __DIR__; + } - if (is_dir($boarddir . '/Sources')) + if (is_dir($boarddir . '/Sources')) { $sourcedir = $boarddir . '/Sources'; + } } // We need this class, or nothing works. - if (!is_file($sourcedir . '/Config.php') || !is_readable($sourcedir . '/Config.php')) + if (!is_file($sourcedir . '/Config.php') || !is_readable($sourcedir . '/Config.php')) { die('File not readable: (Sources)/Config.php'); + } // Pass all the settings to SMF\Config. - require_once($sourcedir . '/Config.php'); + require_once $sourcedir . '/Config.php'; SMF\Config::set(get_defined_vars()); }); // Devs want all error messages, but others don't. -if (SMF === 1) +if (SMF === 1) { error_reporting(!empty(SMF\Config::$db_show_debug) ? E_ALL : E_ALL & ~E_DEPRECATED); +} /* * 3. Load some other essential includes. */ -require_once(SMF\Config::$sourcedir . '/Autoloader.php'); +require_once SMF\Config::$sourcedir . '/Autoloader.php'; // Ensure we don't trip over disabled internal functions -require_once(SMF\Config::$sourcedir . '/Subs-Compat.php'); +require_once SMF\Config::$sourcedir . '/Subs-Compat.php'; /********************************************************************* * From this point forward, do stuff specific to normal forum loading. *********************************************************************/ -if (SMF === 1) -{ +if (SMF === 1) { (new SMF\Forum())->execute(); }