aboutsummaryrefslogtreecommitdiffhomepage
path: root/init.php
diff options
context:
space:
mode:
Diffstat (limited to 'init.php')
-rw-r--r--init.php85
1 files changed, 85 insertions, 0 deletions
diff --git a/init.php b/init.php
new file mode 100644
index 00000000..f0b84368
--- /dev/null
+++ b/init.php
@@ -0,0 +1,85 @@
1<?php
2
3require_once __DIR__ . '/vendor/autoload.php';
4
5use Shaarli\ApplicationUtils;
6use Shaarli\Security\SessionManager;
7
8// Set 'UTC' as the default timezone if it is not defined in php.ini
9// See http://php.net/manual/en/datetime.configuration.php#ini.date.timezone
10if (date_default_timezone_get() == '') {
11 date_default_timezone_set('UTC');
12}
13
14// High execution time in case of problematic imports/exports.
15ini_set('max_input_time', '60');
16
17// Try to set max upload file size and read
18ini_set('memory_limit', '128M');
19ini_set('post_max_size', '16M');
20ini_set('upload_max_filesize', '16M');
21
22// See all error except warnings
23error_reporting(E_ALL^E_WARNING);
24
25// 3rd-party libraries
26if (! file_exists(__DIR__ . '/vendor/autoload.php')) {
27 header('Content-Type: text/plain; charset=utf-8');
28 echo "Error: missing Composer configuration\n\n"
29 ."If you installed Shaarli through Git or using the development branch,\n"
30 ."please refer to the installation documentation to install PHP"
31 ." dependencies using Composer:\n"
32 ."- https://shaarli.readthedocs.io/en/master/Server-configuration/\n"
33 ."- https://shaarli.readthedocs.io/en/master/Download-and-Installation/";
34 exit;
35}
36
37// Ensure the PHP version is supported
38try {
39 ApplicationUtils::checkPHPVersion('7.1', PHP_VERSION);
40} catch (Exception $exc) {
41 header('Content-Type: text/plain; charset=utf-8');
42 echo $exc->getMessage();
43 exit;
44}
45
46// Force cookie path (but do not change lifetime)
47$cookie = session_get_cookie_params();
48$cookiedir = '';
49if (dirname($_SERVER['SCRIPT_NAME']) != '/') {
50 $cookiedir = dirname($_SERVER["SCRIPT_NAME"]).'/';
51}
52// Set default cookie expiration and path.
53session_set_cookie_params($cookie['lifetime'], $cookiedir, $_SERVER['SERVER_NAME']);
54// Set session parameters on server side.
55// Use cookies to store session.
56ini_set('session.use_cookies', 1);
57// Force cookies for session (phpsessionID forbidden in URL).
58ini_set('session.use_only_cookies', 1);
59// Prevent PHP form using sessionID in URL if cookies are disabled.
60ini_set('session.use_trans_sid', false);
61
62define('SHAARLI_VERSION', ApplicationUtils::getVersion(__DIR__ .'/'. ApplicationUtils::$VERSION_FILE));
63
64session_name('shaarli');
65// Start session if needed (Some server auto-start sessions).
66if (session_status() == PHP_SESSION_NONE) {
67 session_start();
68}
69
70// Regenerate session ID if invalid or not defined in cookie.
71if (isset($_COOKIE['shaarli']) && !SessionManager::checkId($_COOKIE['shaarli'])) {
72 session_regenerate_id(true);
73 $_COOKIE['shaarli'] = session_id();
74}
75
76// LC_MESSAGES isn't defined without php-intl, in this case use LC_COLLATE locale instead.
77if (! defined('LC_MESSAGES')) {
78 define('LC_MESSAGES', LC_COLLATE);
79}
80
81// Prevent caching on client side or proxy: (yes, it's ugly)
82header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
83header("Cache-Control: no-store, no-cache, must-revalidate");
84header("Cache-Control: post-check=0, pre-check=0", false);
85header("Pragma: no-cache");