-
Notifications
You must be signed in to change notification settings - Fork 2
/
mainfile.php
80 lines (67 loc) · 3.32 KB
/
mainfile.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
<?php
/**
* API main configuration file
*
* You may not change or alter any portion of this comment or credits
* of supporting developers from this source code or any supporting source code
* which is considered copyrighted (c) material of the original comment or credit authors.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
*
* @copyright (c) 2000-2016 API Project (www.API.org)
* @license GNU GPL 2 (http://www.gnu.org/licenses/gpl-2.0.html)
*/
if (!defined('API_MAINFILE_INCLUDED')) {
define('API_MAINFILE_INCLUDED', 1);
// API Physical Paths
// Physical path to the API documents (served) directory WITHOUT trailing slash
define('API_ROOT_PATH', '/var/www/tracker.snails.email');
// For forward compatibility
// Physical path to the API library directory WITHOUT trailing slash
define('API_PATH', '/var/www/tracker.snails.email/data');
// Physical path to the API datafiles (writable) directory WITHOUT trailing slash
define('API_VAR_PATH', '/tmp');
// Alias of API_PATH, for compatibility, temporary solution
define('API_TRUST_PATH', API_PATH);
// URL Association for SSL and Protocol Compatibility
$http = 'http://';
if (!empty($_SERVER['HTTPS'])) {
$http = ($_SERVER['HTTPS'] === 'on') ? 'https://' : 'http://';
}
define('API_PROT', $http);
// API Virtual Path (URL)
// Virtual path to your main API directory WITHOUT trailing slash
// Example: define('API_URL', 'http://tracker.snails.email');
define('API_URL', 'http://tracker.snails.email');
// API Cookie Domain to specify when creating cookies. May be blank (i.e. for IP address host),
// full host from API_URL (i.e. www.example.com) or just the registered domain (i.e. example.com)
// to share cookies across multiple subdomains (i.e. www.example.com and blog.example.com)
define('API_COOKIE_DOMAIN', 'tracker.snails.email');
// Shall be handled later, don't forget!
define('API_CHECK_PATH', 0);
// Protect against external scripts execution if safe mode is not enabled
if (API_CHECK_PATH && !@ini_get('safe_mode')) {
if (function_exists('debug_backtrace')) {
$APIScriptPath = debug_backtrace();
if (!count($APIScriptPath)) {
die('API path check: this file cannot be requested directly');
}
$APIScriptPath = $APIScriptPath[0]['file'];
} else {
$APIScriptPath = isset($_SERVER['PATH_TRANSLATED']) ? $_SERVER['PATH_TRANSLATED'] : $_SERVER['SCRIPT_FILENAME'];
}
if (DIRECTORY_SEPARATOR !== '/') {
// IIS6 may double the \ chars
$APIScriptPath = str_replace(strpos($APIScriptPath, "\\\\", 2) ? "\\\\" : DIRECTORY_SEPARATOR, '/', $APIScriptPath);
}
if (strcasecmp(substr($APIScriptPath, 0, strlen(API_ROOT_PATH)), str_replace(DIRECTORY_SEPARATOR, '/', API_ROOT_PATH))) {
exit('API path check: Script is not inside API_ROOT_PATH and cannot run.');
}
}
// Secure file
require API_ROOT_PATH . '/include/dbconfig.php';
if (!isset($APIOption['nocommon']) && API_ROOT_PATH != '') {
include API_ROOT_PATH . '/include/common.php';
}
}