1<?php 2 3use phpweb\UserPreferences; 4 5require_once __DIR__ . '/../src/autoload.php'; 6 7// Compress all pages, if ext/zlib is available on the mirror 8// XXX Deactivated by sas, causes errors towards delivery machines 9// ini_set("zlib.output_compression", 1); 10 11// See http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9 12// for cache control header descriptions (used in many places on the site). 13 14// Provide default content-type, charset and language information 15// Manual pages will override this, and maybe others too 16header("Content-language: en"); 17header("Content-type: text/html; charset=utf-8"); 18 19// Opt out of FLoC 20header("Permissions-Policy: interest-cohort=()"); 21 22/* Fix Silly Same Origin Policies */ 23(function (): void { 24 if (!isset($_SERVER["HTTP_ORIGIN"])) { 25 return; 26 } 27 28 $host = parse_url($_SERVER["HTTP_ORIGIN"]); 29 if (strncmp(strrev($host["host"]), strrev("php.net"), strlen("php.net")) != 0) { 30 if ($host["host"] != $_SERVER["SERVER_NAME"]) { 31 exit(10); 32 } 33 } 34 if (isset($host["port"])) { 35 $hostname = $host["host"] . ":" . $host["port"]; 36 } else { 37 $hostname = $host["host"]; 38 } 39 40 header("Access-Control-Allow-Origin: http://$hostname"); 41 if (isset($_SERVER["HTTP_ACCESS_CONTROL_REQUEST_HEADERS"])) { 42 $headers = $_SERVER["HTTP_ACCESS_CONTROL_REQUEST_HEADERS"]; 43 $headers = str_replace(["\r", "\n", "\0"], "", $headers); 44 header("Access-Control-Allow-Headers: $headers"); 45 } 46})(); 47 48/* Clickjacking workaround. Nothing should be in a frame so it could technically be 'deny' 49 * but it doesn't make any difference anyway */ 50header("X-Frame-Options: SAMEORIGIN"); 51 52// Be 100% sure the timezone is set 53if (ini_get("date.timezone") === "" && function_exists("date_default_timezone_set")) { 54 date_default_timezone_set("UTC"); 55} 56 57/* Compatibility with the PHP webserver.. */ 58if (!isset($_SERVER["SERVER_ADDR"])) { 59 $_SERVER["SERVER_ADDR"] = "127.0.0.1"; 60} 61 62// As of PHP 5.3.0 multibyte sequence errors are no longer 63// silent. Prior to that version this bitfield does not exist 64// so define it to prevent notices on older versions 65if (!defined("ENT_IGNORE")) { 66 define("ENT_IGNORE", 0); 67} 68 69// Prevent cross site scripting problems 70unset($RSIDEBAR_DATA); 71unset($SIDEBAR_DATA); 72unset($SEARCH_BASE); 73unset($LANG); 74unset($COUNTRY); 75unset($ONLOAD); 76unset($LAST_UPDATED); 77 78// Load the My PHP.net settings before any includes 79myphpnet_load(); 80 81// Site details (mirror site information) 82include __DIR__ . '/site.inc'; 83 84// Choose language used for translated parts 85include __DIR__ . '/langchooser.inc'; 86 87// Get country of the user and set it in a cookie 88include __DIR__ . '/ip-to-country.inc'; 89 90// Common layout functions 91include __DIR__ . '/layout.inc'; 92 93// This file is generated on rsync.php.net and propagated 94// from there. It just defines $LAST_UPDATED, which is the 95// mirror's last updated time. 96include __DIR__ . '/last_updated.inc'; 97 98// ----------------------------------------------------------------------------- 99 100// Load in the user preferences 101function myphpnet_load(): void 102{ 103 UserPreferences::$languageCode = ''; 104 UserPreferences::$searchType = UserPreferences::URL_NONE; 105 UserPreferences::$isUserGroupTipsEnabled = false; 106 107 if (!isset($_COOKIE['MYPHPNET']) || !is_string($_COOKIE['MYPHPNET']) || $_COOKIE['MYPHPNET'] === '') { 108 return; 109 } 110 111 /** 112 * 0 - Language code 113 * 1 - URL search fallback 114 * 2 - Mirror site (removed) 115 * 3 - User Group tips 116 * 4 - Documentation developmental server (removed) 117 */ 118 $preferences = explode(",", $_COOKIE['MYPHPNET']); 119 UserPreferences::$languageCode = $preferences[0] ?? ''; 120 if (isset($preferences[1]) && in_array($preferences[1], [UserPreferences::URL_FUNC, UserPreferences::URL_MANUAL], true)) { 121 UserPreferences::$searchType = $preferences[1]; 122 } 123 124 UserPreferences::$isUserGroupTipsEnabled = isset($preferences[3]) && $preferences[3]; 125} 126 127// Get preferred language code 128function myphpnet_language(): string 129{ 130 return UserPreferences::$languageCode; 131} 132 133// Set URL search fallback preference 134function myphpnet_urlsearch($type = false) 135{ 136 // Set type if specified and if correct 137 if ($type && in_array($type, [UserPreferences::URL_FUNC, UserPreferences::URL_MANUAL], true)) { 138 UserPreferences::$searchType = $type; 139 } 140 141 return UserPreferences::$searchType; 142} 143 144function myphpnet_showug($enable = null) { 145 if (isset($_GET["showug"])) { 146 $enable = true; 147 } 148 149 if (is_bool($enable)) { 150 UserPreferences::$isUserGroupTipsEnabled = $enable; 151 } 152 153 // Show the ug tips to lucky few, depending on time. 154 if ($_SERVER["REQUEST_TIME"] % 10) { 155 UserPreferences::$isUserGroupTipsEnabled = true; 156 } 157 158 return UserPreferences::$isUserGroupTipsEnabled; 159} 160 161// Save user settings in cookie 162function myphpnet_save(): void 163{ 164 /** 165 * 0 - Language code 166 * 1 - URL search fallback 167 * 2 - Mirror site (removed) 168 * 3 - User Group tips 169 * 4 - Documentation developmental server (removed) 170 */ 171 $preferences = [ 172 UserPreferences::$languageCode, 173 UserPreferences::$searchType, 174 '', 175 UserPreferences::$isUserGroupTipsEnabled, 176 ]; 177 178 // Set all the preferred values for a year 179 mirror_setcookie("MYPHPNET", join(",", $preferences), 60 * 60 * 24 * 365); 180} 181 182// Embed Google Custom Search engine 183function google_cse(): void { 184 $cse_snippet = <<<EOF 185 <noscript> 186 php.net's search functionality requires JavaScript to operate. Please enable 187 JavaScript and reload to continue. 188 </noscript> 189 <script> 190 (function() { 191 var cx = '011570197911755000456:fip9wopfz_u'; 192 var gcse = document.createElement('script'); 193 gcse.type = 'text/javascript'; 194 gcse.async = true; 195 gcse.src = 'https://cse.google.com/cse.js?cx=' + cx; 196 var s = document.getElementsByTagName('script')[0]; 197 s.parentNode.insertBefore(gcse, s); 198 })(); 199 </script> 200 <div class="gcse-search" data-linktarget></div> 201 EOF; 202 203 echo $cse_snippet; 204} 205