projects / moodle.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Coding stype cleanup
[moodle.git] / lib / setup.php
CommitLineData
da8759cb 1<?php
2/**
3 * setup.php - Sets up sessions, connects to databases and so on
4 *
75249234 5 * Normally this is only called by the main config.php file
6 * Normally this file does not need to be edited.
da8759cb 7 * @author Martin Dougiamas
8 * @version $Id$
9 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
10 * @package moodlecore
11 */
12
13////// DOCUMENTATION IN PHPDOC FORMAT FOR MOODLE GLOBALS AND COMMON OBJECT TYPES /////////////
14/**
735b8567 15 * $USER is a global instance of a typical $user record.
da8759cb 16 *
735b8567 17 * Items found in the user record:
da8759cb 18 * - $USER->emailstop - Does the user want email sent to them?
19 * - $USER->email - The user's email address.
20 * - $USER->id - The unique integer identified of this user in the 'user' table.
21 * - $USER->email - The user's email address.
22 * - $USER->firstname - The user's first name.
23 * - $USER->lastname - The user's last name.
24 * - $USER->username - The user's login username.
25 * - $USER->secret - The user's ?.
26 * - $USER->lang - The user's language choice.
27 *
75249234 28 * @global object(user) $USER
da8759cb 29 */
674fb525 30global $USER;
da8759cb 31/**
735b8567 32 * This global variable is read in from the 'config' table.
da8759cb 33 *
735b8567 34 * Some typical settings in the $CFG global:
da8759cb 35 * - $CFG->wwwroot - Path to moodle index directory in url format.
36 * - $CFG->dataroot - Path to moodle index directory on server's filesystem.
e57d9d69 37 * - $CFG->libdir - Path to moodle's library folder on server's filesystem.
da8759cb 38 *
674fb525 39 * @global object(cfg) $CFG
da8759cb 40 */
674fb525 41global $CFG;
da8759cb 42/**
43 * Definition of session type
75249234 44 * @global object(session) $SESSION
da8759cb 45 */
46global $SESSION;
6800d78e 47/**
419e1d93 48 * Definition of shared memory cache
49 */
50global $MCACHE;
da8759cb 51/**
52 * Definition of course type
75249234 53 * @global object(course) $COURSE
da8759cb 54 */
55global $COURSE;
f33e1ed4 56/**
57 * Database instances
58 * @global object(mdb) $DB
59 */
60global $DB;
da8759cb 61/**
62 * $THEME is a global that defines the site theme.
63 *
64 * Items found in the theme record:
65 * - $THEME->cellheading - Cell colors.
66 * - $THEME->cellheading2 - Alternate cell colors.
67 *
75249234 68 * @global object(theme) $THEME
da8759cb 69 */
70global $THEME;
f9903ed0 71
9d0dd812 72/**
6800d78e
FM		 73 * HTTPSPAGEREQUIRED is a global to define if the page being displayed must run under HTTPS.
74 *
9d0dd812 75 * It's primary goal is to allow 100% HTTPS pages when $CFG->loginhttps is enabled. Default to false.
76 * It's enabled only by the httpsrequired() function and used in some pages to update some URLs
77*/
78global $HTTPSPAGEREQUIRED;
79
11e7b506 80/** Full script path including all params, slash arguments, scheme and host.*/
81global $FULLME;
82/** Script path including query string and slash arguments without host. */
83global $ME;
84/** $FULLME without slasharguments and query string.*/
85global $FULLSCRIPT;
86/** Relative moodle script path "/course/view.php" */
87global $SCRIPT;
9d0dd812 88
36ec6afe 89 if (!isset($CFG->wwwroot)) {
a670108e 90 trigger_error('Fatal: $CFG->wwwroot is not configured! Exiting.');
36ec6afe 91 die;
92 }
75249234 93
a91b910e 94/// Detect CLI scripts - CLI scripts are executed from command line, do not have session and we do not want HTML in output
95 if (!defined('CLI_SCRIPT')) { // CLI_SCRIPT might be defined in 'fake' CLI scripts like admin/cron.php
96 if (isset($_SERVER['REMOTE_ADDR'])) {
97 define('CLI_SCRIPT', false);
98 } else {
99 define('CLI_SCRIPT', true);
100 }
101 }
102
133b5929 103/// sometimes default PHP settings are borked on shared hosting servers, I wonder why they have to do that??
104 @ini_set('precision', 14); // needed for upgrades and gradebook
105
106
a91b910e 107/// The current directory in PHP version 4.3.0 and above isn't necessarily the
108/// directory of the script when run from the command line. The require_once()
109/// would fail, so we'll have to chdir()
110 if (!isset($_SERVER['REMOTE_ADDR']) && isset($_SERVER['argv'][0])) {
111 chdir(dirname($_SERVER['argv'][0]));
112 }
113
114
220a90c5 115/// store settings from config.php in array in $CFG - we can use it later to detect problems and overrides
116 $CFG->config_php_settings = (array)$CFG;
117
9d0dd812 118/// Set httpswwwroot default value (this variable will replace $CFG->wwwroot
119/// inside some URLs used in HTTPSPAGEREQUIRED pages.
d3f9f1f8 120 $CFG->httpswwwroot = $CFG->wwwroot;
121
122 $CFG->libdir = $CFG->dirroot .'/lib';
123
124 require_once($CFG->libdir .'/setuplib.php'); // Functions that MUST be loaded first
9d0dd812 125
6800d78e
FM		 126/// Time to start counting
127 init_performance_info();
128
b8cea9b2 129
74944b73 130/// If there are any errors in the standard libraries we want to know!
346b1a24 131 error_reporting(E_ALL);
f9903ed0 132
d7196099 133/// Just say no to link prefetching (Moz prefetching, Google Web Accelerator, others)
0a194c4c 134/// http://www.google.com/webmasters/faq.html#prefetchblock
d7196099 135 if (!empty($_SERVER['HTTP_X_moz']) && $_SERVER['HTTP_X_moz'] === 'prefetch'){
6800d78e 136 header($_SERVER['SERVER_PROTOCOL'] . ' 404 Prefetch Forbidden');
d7196099 137 trigger_error('Prefetch request forbidden.');
138 exit;
139 }
140
dae73c05 141/// Define admin directory
dae73c05 142 if (!isset($CFG->admin)) { // Just in case it isn't defined in config.php
1040ea85 143 $CFG->admin = 'admin'; // This is relative to the wwwroot and dirroot
dae73c05 144 }
145
f33e1ed4 146 if (!isset($CFG->prefix)) { // Just in case it isn't defined in config.php
147 $CFG->prefix = '';
148 }
a8a71844 149
75249234 150/// Load up standard libraries
6aaa17c7 151 require_once($CFG->libdir .'/textlib.class.php'); // Functions to handle multibyte strings
da8759cb 152 require_once($CFG->libdir .'/weblib.php'); // Functions for producing HTML
8aff8482 153 require_once($CFG->libdir .'/dmllib.php'); // Database access
7e13be08 154 require_once($CFG->libdir .'/datalib.php'); // Legacy lib with a big-mix of functions.
c4d0753b 155 require_once($CFG->libdir .'/accesslib.php'); // Access control functions
156 require_once($CFG->libdir .'/deprecatedlib.php'); // Deprecated functions included for backward compatibility
da8759cb 157 require_once($CFG->libdir .'/moodlelib.php'); // Other general-purpose functions
0856223c 158 require_once($CFG->libdir .'/eventslib.php'); // Events functions
13534ef7 159 require_once($CFG->libdir .'/grouplib.php'); // Groups functions
6800d78e 160 require_once($CFG->libdir .'/sessionlib.php'); // All session and cookie related stuff
a4c371ec 161
7fc1a27d 162 //point pear include path to moodles lib/pear so that includes and requires will search there for files before anywhere else
163 //the problem is that we need specific version of quickforms and hacked excel files :-(
164 ini_set('include_path', $CFG->libdir.'/pear' . PATH_SEPARATOR . ini_get('include_path'));
647a1a82 165 //point zend include path to moodles lib/zend so that includes and requires will search there for files before anywhere else
166 ini_set('include_path', $CFG->libdir.'/zend' . PATH_SEPARATOR . ini_get('include_path'));
a4c371ec 167
251387d0 168/// set handler for uncought exceptions - equivalent to print_error() call
169 set_exception_handler('default_exception_handler');
170
fbf2c91e 171/// make sure PHP is not severly misconfigured
172 setup_validate_php_configuration();
173
f33e1ed4 174/// Connect to the database
175 setup_DB();
176
177/// Increase memory limits if possible
178 raise_memory_limit('96M'); // We should never NEED this much but just in case...
179
aa893d6b 180/// Disable errors for now - needed for installation when debug enabled in config.php
181 if (isset($CFG->debug)) {
182 $originalconfigdebug = $CFG->debug;
183 unset($CFG->debug);
184 } else {
185 $originalconfigdebug = -1;
186 }
187
74944b73 188/// Load up any configuration from the config table
c23b0ea1 189 try {
190 $CFG = get_config();
191 } catch (dml_read_exception $e) {
192 // most probably empty db, going to install soon
193 }
f9903ed0 194
a78bee28 195/// Verify upgrade is not running unless we are in a script that needs to execute in any case
196 if (!defined('NO_UPGRADE_CHECK') and isset($CFG->upgraderunning)) {
775f811a 197 if ($CFG->upgraderunning < time()) {
198 unset_config('upgraderunning');
199 } else {
200 print_error('upgraderunning');
201 }
202 }
203
ceff9307 204/// Turn on SQL logging if required
205 if (!empty($CFG->logsql)) {
f33e1ed4 206 $DB->set_logging(true);
ceff9307 207 }
1e3e716f 208
aa893d6b 209/// Prevent warnings from roles when upgrading with debug on
210 if (isset($CFG->debug)) {
211 $originaldatabasedebug = $CFG->debug;
212 unset($CFG->debug);
213 } else {
214 $originaldatabasedebug = -1;
6fbf8d8f 215 }
4fd7ccc0 216
217
cf8133c4 218/// For now, only needed under apache (and probably unstable in other contexts)
cf1348ca 219 if (function_exists('register_shutdown_function')) {
cf8133c4 220 register_shutdown_function('moodle_request_shutdown');
221 }
222
bac6d28a 223/// Defining the site
c23b0ea1 224 try {
225 $SITE = get_site();
226 } catch (dml_read_exception $e) {
227 $SITE = null;
228 }
229
230 if ($SITE) {
475e9de8 231 /**
232 * If $SITE global from {@link get_site()} is set then SITEID to $SITE->id, otherwise set to 1.
233 */
234 define('SITEID', $SITE->id);
508b76d9 235 /// And the 'default' course
236 $COURSE = clone($SITE); // For now. This will usually get reset later in require_login() etc.
475e9de8 237 } else {
238 /**
239 * @ignore
240 */
241 define('SITEID', 1);
508b76d9 242 /// And the 'default' course
243 $COURSE = new object; // no site created yet
244 $COURSE->id = 1;
475e9de8 245 }
475e9de8 246
7d0c81b3 247 // define SYSCONTEXTID in config.php if you want to save some queries (after install or upgrade!)
248 if (!defined('SYSCONTEXTID')) {
0ecff22d 249 get_system_context();
6dd34e93 250 }
475e9de8 251
aa893d6b 252/// Set error reporting back to normal
253 if ($originaldatabasedebug == -1) {
7eb0b60a 254 $CFG->debug = DEBUG_MINIMAL;
aa893d6b 255 } else {
256 $CFG->debug = $originaldatabasedebug;
257 }
258 if ($originalconfigdebug !== -1) {
6800d78e 259 $CFG->debug = $originalconfigdebug;
aa893d6b 260 }
261 unset($originalconfigdebug);
262 unset($originaldatabasedebug);
263 error_reporting($CFG->debug);
264
25338300 265
b3732604 266/// find out if PHP cofigured to display warnings
267 if (ini_get_bool('display_errors')) {
268 define('WARN_DISPLAY_ERRORS_ENABLED', true);
269 }
25338300 270/// If we want to display Moodle errors, then try and set PHP errors to match
6349a3ba 271 if (!isset($CFG->debugdisplay)) {
272 //keep it as is during installation
273 } else if (empty($CFG->debugdisplay)) {
25338300 274 @ini_set('display_errors', '0');
275 @ini_set('log_errors', '1');
276 } else {
277 @ini_set('display_errors', '1');
278 }
8f64ba04 279// Even when users want to see errors in the output,
280// some parts of Moodle cannot display them at all.
281// (Once we are XHTML strict compliant, debugdisplay
282// _must_ go away).
283 if (defined('MOODLE_SANE_OUTPUT')) {
284 @ini_set('display_errors', '0');
285 @ini_set('log_errors', '1');
286 }
25338300 287
f9955801 288/// detect unsupported upgrade jump as soon as possible - do not change anything, do not use system functions
2728a623 289 if (!empty($CFG->version) and $CFG->version < 2007101509) {
6d5a22b2 290 print_error('upgraderequires19', 'error');
f9955801 291 die;
292 }
293
419e1d93 294/// Shared-Memory cache init -- will set $MCACHE
295/// $MCACHE is a global object that offers at least add(), set() and delete()
296/// with similar semantics to the memcached PHP API http://php.net/memcache
392e7363 297/// Ensure we define rcache - so we can later check for it
298/// with a really fast and unambiguous $CFG->rcache === false
bb931a61 299 if (!empty($CFG->cachetype)) {
b1df0eb2 300 if (empty($CFG->rcache)) {
392e7363 301 $CFG->rcache = false;
302 } else {
303 $CFG->rcache = true;
304 }
305
306 // do not try to initialize if cache disabled
307 if (!$CFG->rcache) {
308 $CFG->cachetype = '';
309 }
310
bb931a61 311 if ($CFG->cachetype === 'memcached' && !empty($CFG->memcachedhosts)) {
312 if (!init_memcached()) {
313 debugging("Error initialising memcached");
0a2925be 314 $CFG->cachetype = '';
315 $CFG->rcache = false;
bb931a61 316 }
392e7363 317 } else if ($CFG->cachetype === 'eaccelerator') {
bb931a61 318 if (!init_eaccelerator()) {
319 debugging("Error initialising eaccelerator cache");
0a2925be 320 $CFG->cachetype = '';
6800d78e 321 $CFG->rcache = false;
bb931a61 322 }
323 }
392e7363 324
bb931a61 325 } else { // just make sure it is defined
326 $CFG->cachetype = '';
392e7363 327 $CFG->rcache = false;
2142d492 328 }
aa893d6b 329
0182c65c 330/// Set a default enrolment configuration (see bug 1598)
331 if (!isset($CFG->enrol)) {
a51e2a7f 332 $CFG->enrol = 'manual';
0182c65c 333 }
334
ed8365d9 335/// Set default enabled enrolment plugins
336 if (!isset($CFG->enrol_plugins_enabled)) {
337 $CFG->enrol_plugins_enabled = 'manual';
338 }
339
2e6d4273 340/// File permissions on created directories in the $CFG->dataroot
341
342 if (empty($CFG->directorypermissions)) {
343 $CFG->directorypermissions = 0777; // Must be octal (that's why it's here)
344 }
345
820743c5 346/// Calculate and set $CFG->ostype to be used everywhere. Possible values are:
347/// - WINDOWS: for any Windows flavour.
348/// - UNIX: for the rest
349/// Also, $CFG->os can continue being used if more specialization is required
323edd4b 350 if (stristr(PHP_OS, 'win') && !stristr(PHP_OS, 'darwin')) {
351 $CFG->ostype = 'WINDOWS';
352 } else {
353 $CFG->ostype = 'UNIX';
354 }
355 $CFG->os = PHP_OS;
820743c5 356
d21a5865 357/// Set up default frame target string, based on $CFG->framename
358 $CFG->frametarget = frametarget();
359
d6ead3a2 360/// Setup cache dir for Smarty and others
361 if (!file_exists($CFG->dataroot .'/cache')) {
362 make_upload_directory('cache');
363 }
364
de7e4ac9 365/// Configure ampersands in URLs
de7e4ac9 366 @ini_set('arg_separator.output', '&amp;');
367
e7aa5a88 368/// Work around for a PHP bug see MDL-11237
6800d78e 369 @ini_set('pcre.backtrack_limit', 20971520); // 20 MB
e7aa5a88 370
74944b73 371/// Location of standard files
da8759cb 372 $CFG->wordlist = $CFG->libdir .'/wordlist.txt';
373 $CFG->javascript = $CFG->libdir .'/javascript.php';
1040ea85 374 $CFG->moddata = 'moddata';
f9903ed0 375
8f64ba04 376// Alas, in some cases we cannot deal with magic_quotes.
377 if (defined('MOODLE_SANE_INPUT') && ini_get_bool('magic_quotes_gpc')) {
378 mdie("Facilities that require MOODLE_SANE_INPUT "
379 . "cannot work with magic_quotes_gpc. Please disable "
380 . "magic_quotes_gpc.");
381 }
294ce987 382/// A hack to get around magic_quotes_gpc being turned on
383/// It is strongly recommended to disable "magic_quotes_gpc"!
384 if (ini_get_bool('magic_quotes_gpc')) {
385 function stripslashes_deep($value) {
75249234 386 $value = is_array($value) ?
294ce987 387 array_map('stripslashes_deep', $value) :
388 stripslashes($value);
75249234 389 return $value;
24cc8ec9 390 }
294ce987 391 $_POST = array_map('stripslashes_deep', $_POST);
392 $_GET = array_map('stripslashes_deep', $_GET);
393 $_COOKIE = array_map('stripslashes_deep', $_COOKIE);
394 $_REQUEST = array_map('stripslashes_deep', $_REQUEST);
578dcc40 395 if (!empty($_SERVER['REQUEST_URI'])) {
294ce987 396 $_SERVER['REQUEST_URI'] = stripslashes($_SERVER['REQUEST_URI']);
578dcc40 397 }
398 if (!empty($_SERVER['QUERY_STRING'])) {
294ce987 399 $_SERVER['QUERY_STRING'] = stripslashes($_SERVER['QUERY_STRING']);
578dcc40 400 }
401 if (!empty($_SERVER['HTTP_REFERER'])) {
294ce987 402 $_SERVER['HTTP_REFERER'] = stripslashes($_SERVER['HTTP_REFERER']);
578dcc40 403 }
404 if (!empty($_SERVER['PATH_INFO'])) {
294ce987 405 $_SERVER['PATH_INFO'] = stripslashes($_SERVER['PATH_INFO']);
578dcc40 406 }
407 if (!empty($_SERVER['PHP_SELF'])) {
294ce987 408 $_SERVER['PHP_SELF'] = stripslashes($_SERVER['PHP_SELF']);
578dcc40 409 }
410 if (!empty($_SERVER['PATH_TRANSLATED'])) {
294ce987 411 $_SERVER['PATH_TRANSLATED'] = stripslashes($_SERVER['PATH_TRANSLATED']);
b62dff99 412 }
f98cfb53 413 }
414
415/// neutralise nasty chars in PHP_SELF
416 if (isset($_SERVER['PHP_SELF'])) {
417 $phppos = strpos($_SERVER['PHP_SELF'], '.php');
418 if ($phppos !== false) {
419 $_SERVER['PHP_SELF'] = substr($_SERVER['PHP_SELF'], 0, $phppos+4);
578dcc40 420 }
f98cfb53 421 unset($phppos);
aa6af0f8 422 }
7a302afc 423
9bda43e6 424/// initialise ME's
11e7b506 425 initialise_fullme();
f9903ed0 426
9bda43e6 427/// start session and prepare global $SESSION, $USER
428 session_get_instance();
429 $SESSION = &$_SESSION['SESSION'];
430 $USER = &$_SESSION['USER'];
431
18b9d664 432/// Load up theme variables (colours etc)
86cc3e75 433
434 if (!isset($CFG->themedir)) {
a44091bf 435 $CFG->themedir = $CFG->dirroot.'/theme';
436 $CFG->themewww = $CFG->wwwroot.'/theme';
86cc3e75 437 }
6800d78e 438 $CFG->httpsthemewww = $CFG->themewww;
86cc3e75 439
18b9d664 440 if (isset($_GET['theme'])) {
32e2b302 441 if ($CFG->allowthemechangeonurl || confirm_sesskey()) {
a44091bf 442 $themename = clean_param($_GET['theme'], PARAM_SAFEDIR);
443 if (($themename != '') and file_exists($CFG->themedir.'/'.$themename)) {
444 $SESSION->theme = $themename;
18b9d664 445 }
a44091bf 446 unset($themename);
18b9d664 447 }
448 }
449
450 if (!isset($CFG->theme)) {
34137668 451 $CFG->theme = 'standardwhite';
18b9d664 452 }
453
75249234 454/// Set language/locale of printed times. If user has chosen a language that
455/// that is different from the site language, then use the locale specified
339bb559 456/// in the language file. Otherwise, if the admin hasn't specified a locale
75249234 457/// then use the one from the default language. Otherwise (and this is the
339bb559 458/// majority of cases), use the stored locale specified by admin.
6800d78e 459 if (isset($_GET['lang']) && ($lang = clean_param($_GET['lang'], PARAM_SAFEDIR))) {
6ec7ca0f 460 if (file_exists($CFG->dataroot .'/lang/'. $lang) or file_exists($CFG->dirroot .'/lang/'. $lang)) {
32c60ce3 461 $SESSION->lang = $lang;
6800d78e 462 } else if (file_exists($CFG->dataroot.'/lang/'.$lang.'_utf8') or
748390cd 463 file_exists($CFG->dirroot .'/lang/'.$lang.'_utf8')) {
464 $SESSION->lang = $lang.'_utf8';
32c60ce3 465 }
3e9b5d5a 466 }
ab036ed9 467
468 setup_lang_from_browser();
469
6ec7ca0f 470 unset($lang);
ab036ed9 471
16ba7351 472 if (empty($CFG->lang)) {
6ec7ca0f 473 if (empty($SESSION->lang)) {
810944af 474 $CFG->lang = 'en_utf8';
6ec7ca0f 475 } else {
476 $CFG->lang = $SESSION->lang;
477 }
16ba7351 478 }
6800d78e 479
dcf6d93c 480 // set default locale and themes - might be changed again later from require_login()
481 course_setup();
1040ea85 482
1b813f5c 483 if (!empty($CFG->guestloginbutton)) {
484 if ($CFG->theme == 'standard' or $CFG->theme == 'standardwhite') { // Temporary measure to help with XHTML validation
485 if (isset($_SERVER['HTTP_USER_AGENT']) and empty($USER->id)) { // Allow W3CValidator in as user called w3cvalidator (or guest)
486 if ((strpos($_SERVER['HTTP_USER_AGENT'], 'W3C_Validator') !== false) or
487 (strpos($_SERVER['HTTP_USER_AGENT'], 'Cynthia') !== false )) {
488 if ($user = get_complete_user_data("username", "w3cvalidator")) {
489 $user->ignoresesskey = true;
490 } else {
491 $user = guest_user();
492 }
493 session_set_user($user);
9610a66e 494 }
495 }
496 }
497 }
498
a559eee6 499/// Apache log intergration. In apache conf file one can use ${MOODULEUSER}n in
500/// LogFormat to get the current logged in username in moodle.
ac0b19ff 501 if ($USER && function_exists('apache_note')
20e9d26f 502 && !empty($CFG->apacheloguser) && isset($USER->username)) {
2b287cac 503 $apachelog_userid = $USER->id;
ac0b19ff 504 $apachelog_username = clean_filename($USER->username);
505 $apachelog_name = '';
506 if (isset($USER->firstname)) {
507 // We can assume both will be set
508 // - even if to empty.
509 $apachelog_name = clean_filename($USER->firstname . " " .
510 $USER->lastname);
511 }
b7b64ff2 512 if (session_is_loggedinas()) {
513 $realuser = session_get_realuser();
6132768e 514 $apachelog_username = clean_filename($realuser->username." as ".$apachelog_username);
515 $apachelog_name = clean_filename($realuser->firstname." ".$realuser->lastname ." as ".$apachelog_name);
516 $apachelog_userid = clean_filename($realuser->id." as ".$apachelog_userid);
96e19e7b 517 }
5c5c16bb 518 switch ($CFG->apacheloguser) {
519 case 3:
2b287cac 520 $logname = $apachelog_username;
5c5c16bb 521 break;
522 case 2:
2b287cac 523 $logname = $apachelog_name;
5c5c16bb 524 break;
525 case 1:
526 default:
2b287cac 527 $logname = $apachelog_userid;
5c5c16bb 528 break;
529 }
530 apache_note('MOODLEUSER', $logname);
a559eee6 531 }
532
5982740d 533/// Adjust ALLOWED_TAGS
534 adjust_allowed_tags();
535
18259d4f 536/// Use a custom script replacement if one exists
537 if (!empty($CFG->customscripts)) {
538 if (($customscript = custom_script_path()) !== false) {
2b0b32d8 539 require ($customscript);
18259d4f 540 }
541 }
542
5035228f 543 // in the first case, ip in allowed list will be performed first
544 // for example, client IP is 192.168.1.1
545 // 192.168 subnet is an entry in allowed list
d255c6e9 546 // 192.168.1.1 is banned in blocked list
5035228f 547 // This ip will be banned finally
d255c6e9 548 if (!empty($CFG->allowbeforeblock)) { // allowed list processed before blocked list?
549 if (!empty($CFG->allowedip)) {
550 if (!remoteip_in_list($CFG->allowedip)) {
551 die(get_string('ipblocked', 'admin'));
552 }
ab99c8f0 553 }
d255c6e9 554 // need further check, client ip may a part of
555 // allowed subnet, but a IP address are listed
5035228f 556 // in blocked list.
d255c6e9 557 if (!empty($CFG->blockedip)) {
558 if (remoteip_in_list($CFG->blockedip)) {
559 die(get_string('ipblocked', 'admin'));
560 }
5035228f 561 }
d255c6e9 562
5035228f 563 } else {
564 // in this case, IPs in blocked list will be performed first
565 // for example, client IP is 192.168.1.1
566 // 192.168 subnet is an entry in blocked list
d255c6e9 567 // 192.168.1.1 is allowed in allowed list
5035228f 568 // This ip will be allowed finally
d255c6e9 569 if (!empty($CFG->blockedip)) {
570 if (remoteip_in_list($CFG->blockedip)) {
571 // if the allowed ip list is not empty
572 // IPs are not included in the allowed list will be
573 // blocked too
574 if (!empty($CFG->allowedip)) {
575 if (!remoteip_in_list($CFG->allowedip)) {
576 die(get_string('ipblocked', 'admin'));
577 }
578 } else {
579 die(get_string('ipblocked', 'admin'));
580 }
581 }
5035228f 582 }
d255c6e9 583 // if blocked list is null
584 // allowed list should be tested
585 if(!empty($CFG->allowedip)) {
586 if (!remoteip_in_list($CFG->allowedip)) {
587 die(get_string('ipblocked', 'admin'));
588 }
5035228f 589 }
d255c6e9 590
ab99c8f0 591 }
592
810944af 593/// note: we can not block non utf-8 installatrions here, because empty mysql database
594/// might be converted to utf-8 in admin/index.php during installation
d3f9f1f8 595?>
Moodle official production repository