Mercurial > defr > drupal > core

comparison includes/bootstrap.inc @ 13:8b6c45761e01 6.6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Drupal 6.6
author Franck Deroche <webmaster@defr.org>
date Tue, 23 Dec 2008 14:32:33 +0100
parents 589fb7c02327
children 4347c45bb494
comparison
equal deleted inserted replaced
12:4ca9f57cc4d4 13:8b6c45761e01
1 <?php 1 <?php
2 // $Id: bootstrap.inc,v 1.206.2.4 2008/08/18 18:56:30 dries Exp $ 2 // $Id: bootstrap.inc,v 1.206.2.6 2008/10/22 19:26:01 goba Exp $
3 3
4 /** 4 /**
5 * @file 5 * @file
6 * Functions that need to be loaded on every Drupal request. 6 * Functions that need to be loaded on every Drupal request.
7 */ 7 */
236 return $conf; 236 return $conf;
237 } 237 }
238 238
239 $confdir = 'sites'; 239 $confdir = 'sites';
240 $uri = explode('/', $_SERVER['SCRIPT_NAME'] ? $_SERVER['SCRIPT_NAME'] : $_SERVER['SCRIPT_FILENAME']); 240 $uri = explode('/', $_SERVER['SCRIPT_NAME'] ? $_SERVER['SCRIPT_NAME'] : $_SERVER['SCRIPT_FILENAME']);
241 if (strpos($_SERVER['HTTP_HOST'], '/') !== FALSE) {
242 // A HTTP_HOST containing slashes may be an attack and is invalid.
243 header('HTTP/1.1 400 Bad Request');
244 exit;
245 }
241 $server = explode('.', implode('.', array_reverse(explode(':', rtrim($_SERVER['HTTP_HOST'], '.'))))); 246 $server = explode('.', implode('.', array_reverse(explode(':', rtrim($_SERVER['HTTP_HOST'], '.')))));
242 for ($i = count($uri) - 1; $i > 0; $i--) { 247 for ($i = count($uri) - 1; $i > 0; $i--) {
243 for ($j = count($server); $j > 0; $j--) { 248 for ($j = count($server); $j > 0; $j--) {
244 $dir = implode('.', array_slice($server, -$j)) . implode('.', array_slice($uri, 0, $i)); 249 $dir = implode('.', array_slice($server, -$j)) . implode('.', array_slice($uri, 0, $i));
245 if (file_exists("$confdir/$dir/settings.php") || (!$require_settings && file_exists("$confdir/$dir"))) { 250 if (file_exists("$confdir/$dir/settings.php") || (!$require_settings && file_exists("$confdir/$dir"))) {
616 && $if_none_match == $etag // etag must match 621 && $if_none_match == $etag // etag must match
617 && $if_modified_since == $last_modified) { // if-modified-since must match 622 && $if_modified_since == $last_modified) { // if-modified-since must match
618 header('HTTP/1.1 304 Not Modified'); 623 header('HTTP/1.1 304 Not Modified');
619 // All 304 responses must send an etag if the 200 response for the same object contained an etag 624 // All 304 responses must send an etag if the 200 response for the same object contained an etag
620 header("Etag: $etag"); 625 header("Etag: $etag");
621 exit(); 626 return;
622 } 627 }
623 628
624 // Send appropriate response: 629 // Send appropriate response:
625 header("Last-Modified: $last_modified"); 630 header("Last-Modified: $last_modified");
626 header("ETag: $etag"); 631 header("ETag: $etag");