]> git.openstreetmap.org Git - nominatim.git/blobdiff - lib/init-website.php
setup: escape arguments when executing shell commands (psql, createdb)
[nominatim.git] / lib / init-website.php
index e47b73fb4bfa0d29b53f19c0c481e70d460a061c..23c15ba81b3b3dc0253c0d26fc88cc2a282b8dc8 100644 (file)
 <?php
-       require_once('init.php');
-
-       if (CONST_NoAccessControl)
-       {
-               header("Access-Control-Allow-Origin: *");
-               header("Access-Control-Allow-Methods: OPTIONS,GET");
-               if (!empty($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
-               {
-                       header("Access-Control-Allow-Headers: ".$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']);
-               }
-       }
-       if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') exit;
-
-       if (CONST_ClosedForIndexing && strpos(CONST_ClosedForIndexingExceptionIPs, ','.$_SERVER["REMOTE_ADDR"].',') === false)
-       {
-               echo "Closed for re-indexing...";
-               exit;
-       }
-
-       $aBucketKeys = array();
-
-       if (isset($_SERVER["HTTP_REFERER"])) $aBucketKeys[] = str_replace('www.','',strtolower(parse_url($_SERVER["HTTP_REFERER"], PHP_URL_HOST)));
-       if (isset($_SERVER["REMOTE_ADDR"])) $aBucketKeys[] = $_SERVER["REMOTE_ADDR"];
-       if (isset($_GET["email"])) $aBucketKeys[] = $_GET["email"];
-
-       $fBucketVal = doBucket($aBucketKeys, 
-                       (defined('CONST_ConnectionBucket_PageType')?constant('CONST_ConnectionBucket_Cost_'.CONST_ConnectionBucket_PageType):1) + user_busy_cost(),
-                       CONST_ConnectionBucket_LeakRate, CONST_ConnectionBucket_BlockLimit);
-
-       if ($fBucketVal > CONST_ConnectionBucket_WaitLimit && $fBucketVal < CONST_ConnectionBucket_BlockLimit)
-       {
-               $m = getBucketMemcache();
-               $iCurrentSleeping = $m->increment('sleepCounter');
-               if (false === $iCurrentSleeping)
-               {
-                       $m->add('sleepCounter', 0);
-                       $iCurrentSleeping = $m->increment('sleepCounter');
-               }
-               if ($iCurrentSleeping >= CONST_ConnectionBucket_MaxSleeping || isBucketSleeping($aBucketKeys))
-               {
-                       // Too many threads sleeping already.  This becomes a hard block.
-                       $fBucketVal = doBucket($aBucketKeys, CONST_ConnectionBucket_BlockLimit, CONST_ConnectionBucket_LeakRate, CONST_ConnectionBucket_BlockLimit);
-               }
-               else
-               {
-                       setBucketSleeping($aBucketKeys, true);
-                       sleep(($fBucketVal - CONST_ConnectionBucket_WaitLimit)/CONST_ConnectionBucket_LeakRate);
-                       $fBucketVal = doBucket($aBucketKeys, CONST_ConnectionBucket_LeakRate, CONST_ConnectionBucket_LeakRate, CONST_ConnectionBucket_BlockLimit);
-                       setBucketSleeping($aBucketKeys, false);
-               }
-               $m->decrement('sleepCounter');
-       }
-
-       if (strpos(CONST_BlockedIPs, ','.$_SERVER["REMOTE_ADDR"].',') !== false || $fBucketVal >= CONST_ConnectionBucket_BlockLimit)
-       {
-               echo "Your IP has been blocked. \n";
-               echo CONST_BlockMessage;
-               exit;
-       }
-
-       header('Content-type: text/html; charset=utf-8');
 
+require_once('init.php');
+require_once('ParameterParser.php');
+require_once(CONST_Debug ? 'DebugHtml.php' : 'DebugNone.php');
+
+/***************************************************************************
+ *
+ * Error handling functions
+ *
+ */
+
+function userError($sMsg)
+{
+    throw new Exception($sMsg, 400);
+}
+
+
+function exception_handler_html($exception)
+{
+    http_response_code($exception->getCode());
+    header('Content-type: text/html; charset=UTF-8');
+    include(CONST_BasePath.'/lib/template/error-html.php');
+    exit();
+}
+
+function exception_handler_json($exception)
+{
+    http_response_code($exception->getCode());
+    header('Content-type: application/json; charset=utf-8');
+    include(CONST_BasePath.'/lib/template/error-json.php');
+    exit();
+}
+
+function exception_handler_xml($exception)
+{
+    http_response_code($exception->getCode());
+    header('Content-type: text/xml; charset=utf-8');
+    echo '<?xml version="1.0" encoding="UTF-8" ?>'."\n";
+    include(CONST_BasePath.'/lib/template/error-xml.php');
+    exit();
+}
+
+function shutdown_exception_handler_html()
+{
+    $error = error_get_last();
+    if ($error !== null && $error['type'] === E_ERROR) {
+        exception_handler_html(new Exception($error['message'], 500));
+    }
+}
+
+function shutdown_exception_handler_xml()
+{
+    $error = error_get_last();
+    if ($error !== null && $error['type'] === E_ERROR) {
+        exception_handler_xml(new Exception($error['message'], 500));
+    }
+}
+
+function shutdown_exception_handler_json()
+{
+    $error = error_get_last();
+    if ($error !== null && $error['type'] === E_ERROR) {
+        exception_handler_json(new Exception($error['message'], 500));
+    }
+}
+
+
+function set_exception_handler_by_format($sFormat = null)
+{
+    // Multiple calls to register_shutdown_function will cause multiple callbacks
+    // to be executed, we only want the last executed. Thus we don't want to register
+    // one by default without an explicit $sFormat set.
+
+    if (!isset($sFormat)) {
+        set_exception_handler('exception_handler_html');
+    } elseif ($sFormat == 'html') {
+        set_exception_handler('exception_handler_html');
+        register_shutdown_function('shutdown_exception_handler_html');
+    } elseif ($sFormat == 'xml') {
+        set_exception_handler('exception_handler_xml');
+        register_shutdown_function('shutdown_exception_handler_xml');
+    } else {
+        set_exception_handler('exception_handler_json');
+        register_shutdown_function('shutdown_exception_handler_json');
+    }
+}
+// set a default
+set_exception_handler_by_format();
+
+
+/***************************************************************************
+ * HTTP Reply header setup
+ */
+
+if (CONST_NoAccessControl) {
+    header('Access-Control-Allow-Origin: *');
+    header('Access-Control-Allow-Methods: OPTIONS,GET');
+    if (!empty($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'])) {
+        header('Access-Control-Allow-Headers: '.$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']);
+    }
+}
+if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'OPTIONS') exit;
+
+if (CONST_Debug) header('Content-type: text/html; charset=utf-8');