web-base/index.php

107 lines
3.5 KiB
PHP

<?php
include_once 'Core/core.php';
include_once 'Core/datetime.php';
include_once 'Core/constants.php';
define("WEBROOT", realpath("."));
if (is_file("MAINTENANCE") && !in_array($_SERVER['REMOTE_ADDR'], ['127.0.0.1', '::1'])) {
http_response_code(503);
\Core\Objects\Router\StaticFileRoute::serveStatic(WEBROOT . "/static/maintenance.html");
die();
}
use Core\Configuration\Configuration;
use Core\Objects\Context;
use Core\Objects\Router\Router;
if (!is_readable(getClassPath(Configuration::class))) {
header("Content-Type: application/json");
http_response_code(500);
die(json_encode(createError("Configuration class is not readable, check permissions before proceeding.")));
}
$context = Context::instance();
$sql = $context->initSQL();
$settings = $context->getSettings();
$context->parseCookies();
$currentHostName = getCurrentHostName();
$installation = !$sql || ($sql->isConnected() && !$settings->isInstalled());
$requestedUri = $_GET["site"] ?? $_GET["api"] ?? null;
if (!is_string($requestedUri)) {
$requestedUri = $_SERVER["REQUEST_URI"];
}
if ($installation) {
$requestedUri = Router::cleanURL($requestedUri);
if ($requestedUri !== "" && $requestedUri !== "index.php") {
$response = "Redirecting to <a href=\"/\">/</a>";
header("Location: /");
} else {
$document = new \Core\Documents\Install(new Router($context));
$response = $document->load();
}
} else {
$router = null;
$routerCacheClass = '\Site\Cache\RouterCache';
$routerCachePath = getClassPath($routerCacheClass);
if (is_file($routerCachePath)) {
@include_once $routerCachePath;
if (class_exists($routerCacheClass)) {
$router = new $routerCacheClass($context);
}
}
if ($router === null) {
$req = new \Core\API\Routes\GenerateCache($context);
if ($req->execute()) {
$router = $req->getRouter();
} else {
$message = "Unable to generate router cache: " . $req->getLastError();
$response = (new Router($context))->returnStatusCode(500, [ "message" => $message ]);
}
}
if ($router !== null) {
$logger = $router->getLogger();
if ((!isset($_GET["site"]) || $_GET["site"] === "/") && isset($_GET["error"]) &&
is_string($_GET["error"]) && preg_match("/^\d+$/", $_GET["error"])) {
$response = $router->returnStatusCode(intval($_GET["error"]));
} else {
try {
$pathParams = [];
$route = $router->run($requestedUri, $pathParams);
if ($route === null) {
$response = $router->returnStatusCode(404);
} else if (!$settings->isTrustedDomain($currentHostName)) {
$error = "Untrusted Origin. Adjust the 'trusted_domains' setting " .
"to include the current host '$currentHostName' or contact the administrator to resolve this issue";
if ($route instanceof \Core\Objects\Router\ApiRoute) {
header("Content-Type: application/json");
http_response_code(403);
$response = json_encode(createError($error));
} else {
$response = $router->returnStatusCode(403, ["message" => $error]);
}
$logger->warning("The site was accessed by an untrusted domain: $currentHostName");
} else {
$response = $route->call($router, $pathParams);
}
} catch (\Throwable $e) {
http_response_code(500);
$logger->severe($e);
$response = $router->returnStatusCode(500);
}
}
} else {
http_response_code(500);
$response = "Router could not be instantiated.";
}
}
$context->sendCookies();
die($response);