index.php

  1. 7.x index.php
  2. 6.x index.php
  3. 4.x index.php
  4. 5.x index.php

The primary entry point for FlightPath.

This script will determine which page the user is trying to view, and display it for them.

File

index.php
View source
  1. <?php
  2. /**
  3. * @file
  4. * The primary entry point for FlightPath.
  5. *
  6. * This script will determine which page the user is trying to view,
  7. * and display it for them.
  8. */
  9. // __AUTOLOAD NOT NEEDED. JUST LOAD THE ALL_CLASSES.PHP FILE.
  10. /**
  11. * This function makes sure we auto-load our classes, if we need to.
  12. * Largely used when loading objects our of our SESSION cache.
  13. */
  14. //function __autoload($class) {
  15. // Load all of the classes, as well as the custom classes.
  16. require_once("classes/all_classes.php");
  17. //}
  18. // Make sure our cookies are the most secure possible:
  19. ini_set('session.cookie_httponly', 'On');
  20. if( (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off') || $_SERVER['SERVER_PORT'] == 443 ){
  21. //enable secure cookies, since we are on HTTPS.
  22. ini_set('session.cookie_secure', 'On');
  23. }
  24. // Should we init the session using a specific session_id?
  25. if (@$_GET['fp_session_str'] != '') {
  26. // For security, the fp_session_str is made of several pieces so we can be sure it is authentic
  27. // and not a hacker trying to imitate a known user's session_id.
  28. require_once("includes/misc.inc"); // Bring in the functions we need so we can validate the fp_session_str
  29. // We will validate now and retrieve the PHP session_id from it, or FALSE.
  30. $session_id = fp_get_session_id_from_str($_GET['fp_session_str']);
  31. if ($session_id) {
  32. session_id($session_id);
  33. }
  34. else {
  35. // The session did not validate. This might be a hacking attempt. Kill the script.
  36. die("Error: Session could not be validated by FlightPath (index.php). If this continues, contact your IT administrator.");
  37. }
  38. }
  39. session_start();
  40. // Set headers for maximum security
  41. header("Cache-control: no-cache, no-store, must-revalidate"); // HTTP 1.1
  42. header("Pragma: no-cache"); // HTTP 1.0
  43. header("X-XSS-Protection: 1");
  44. header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past, to ensure it expires when we close the browser.
  45. header('X-Frame-Options: SAMEORIGIN'); // No iframes except from the same website origins.
  46. // If the user is requesting a "clean URLs" check, display a simple success message.
  47. if (isset($_REQUEST["q"]) && $_REQUEST["q"] == "test-clean-urls/check") {
  48. print "CLEAN URLS CHECK SUCCESSFUL";
  49. die;
  50. }
  51. // If the settings.php file doesn't exist, then FlightPath must not be installed,
  52. // and we should redirect to install.php.
  53. if (!file_exists("custom/settings.php")) {
  54. header ("Location: install.php");
  55. die;
  56. }
  57. require_once("bootstrap.inc");
  58. // For development reasons only:
  59. // To rebuild the cache on every page load, uncomment the following line
  60. // menu_rebuild_cache();
  61. // FlightPath will now look at the request in the query to decide what page we are going to display.
  62. $page = menu_execute_page_request();
  63. if (!is_int($page)) {
  64. // Display the page!
  65. fp_display_page($page);
  66. }
  67. else {
  68. if ($page == MENU_NOT_FOUND) {
  69. display_not_found();
  70. }
  71. else if ($page == MENU_ACCESS_DENIED) {
  72. display_access_denied();
  73. }
  74. }
  75. // Call hook_exit as we leave the page.
  76. invoke_hook("exit");