Rev 466 | Rev 476 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
2 | daniel-mar | 1 | <?php |
2 | |||
3 | /* |
||
4 | * OIDplus 2.0 |
||
5 | * Copyright 2019 Daniel Marschall, ViaThinkSoft |
||
6 | * |
||
7 | * Licensed under the Apache License, Version 2.0 (the "License"); |
||
8 | * you may not use this file except in compliance with the License. |
||
9 | * You may obtain a copy of the License at |
||
10 | * |
||
11 | * http://www.apache.org/licenses/LICENSE-2.0 |
||
12 | * |
||
13 | * Unless required by applicable law or agreed to in writing, software |
||
14 | * distributed under the License is distributed on an "AS IS" BASIS, |
||
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||
16 | * See the License for the specific language governing permissions and |
||
17 | * limitations under the License. |
||
18 | */ |
||
19 | |||
236 | daniel-mar | 20 | // Before we do ANYTHING, check for dependencies! Do not include anything (except the GMP supplement) yet. |
21 | |||
463 | daniel-mar | 22 | require_once __DIR__ . '/functions.inc.php'; // Required for _L() |
23 | |||
236 | daniel-mar | 24 | if (version_compare(PHP_VERSION, '7.0.0') < 0) { |
25 | // Reasons why we currently require PHP 7.0: |
||
26 | // - Return values (e.g. "function foo(): array") (added 2020-04-06 at the database classes) |
||
27 | // Note: By removing these return values (e.g. removing ": array"), you *might* be |
||
28 | // able to run OIDplus with PHP lower than version 7.0 (not tested) |
||
29 | // |
||
269 | daniel-mar | 30 | // Currently we do NOT require 7.1, because some (old-)stable distros are still using PHP 7.0 |
31 | // (e.g. Debian 9 which has LTS support till May 2022). |
||
32 | // Therefore we commented out following features which would require PHP 7.1: |
||
236 | daniel-mar | 33 | // - Nullable return values (e.g. "function foo(): ?array") |
464 | daniel-mar | 34 | // - void return value (e.g. "function foo(): void") |
35 | // - private/protected/public consts |
||
463 | daniel-mar | 36 | echo '<!DOCTYPE HTML>'; |
37 | echo '<html><head><title>'._L('OIDplus error').'</title></head><body>'; |
||
360 | daniel-mar | 38 | echo '<h1>'._L('OIDplus error').'</h1>'; |
39 | echo '<p>'._L('OIDplus requires at least PHP version %1! You are currently using version %2','7.0',PHP_VERSION).'</p>'."\n"; |
||
463 | daniel-mar | 40 | echo '</body></html>'; |
236 | daniel-mar | 41 | die(); |
42 | } |
||
43 | |||
44 | include_once __DIR__ . '/gmp_supplement.inc.php'; |
||
467 | daniel-mar | 45 | include_once __DIR__ . '/mbstring_supplement.inc.php'; |
236 | daniel-mar | 46 | |
463 | daniel-mar | 47 | require_once __DIR__ . '/oidplus_dependency.inc.php'; |
236 | daniel-mar | 48 | |
463 | daniel-mar | 49 | $missing_dependencies = oidplus_get_missing_dependencies(); |
236 | daniel-mar | 50 | |
51 | if (count($missing_dependencies) >= 1) { |
||
463 | daniel-mar | 52 | echo '<!DOCTYPE HTML>'; |
53 | echo '<html><head><title>'._L('OIDplus error').'</title></head><body>'; |
||
360 | daniel-mar | 54 | echo '<h1>'._L('OIDplus error').'</h1>'; |
55 | echo '<p>'._L('The following PHP extensions need to be installed in order to run OIDplus:').'</p>'; |
||
236 | daniel-mar | 56 | echo '<ul>'; |
57 | foreach ($missing_dependencies as $dependency) { |
||
463 | daniel-mar | 58 | echo '<li>'.$dependency.'<br><br></li>'; |
236 | daniel-mar | 59 | } |
60 | echo '</ul>'; |
||
463 | daniel-mar | 61 | echo '</body></html>'; |
236 | daniel-mar | 62 | die(); |
63 | } |
||
64 | |||
65 | unset($missing_dependencies); |
||
66 | |||
67 | // Now we can continue! |
||
68 | |||
444 | daniel-mar | 69 | if (PHP_SAPI != 'cli') { |
50 | daniel-mar | 70 | header('X-Content-Type-Options: nosniff'); |
71 | header('X-XSS-Protection: 1; mode=block'); |
||
178 | daniel-mar | 72 | header("Content-Security-Policy: default-src 'self' blob: https://fonts.gstatic.com https://www.google.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/; ". |
50 | daniel-mar | 73 | "style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com/; ". |
160 | daniel-mar | 74 | "img-src data: http: https:; ". |
75 | "script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.google.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://polyfill.io/; ". |
||
50 | daniel-mar | 76 | "frame-ancestors 'none'; ". |
77 | "object-src 'none'"); |
||
78 | header('X-Frame-Options: SAMEORIGIN'); |
||
79 | header('Referrer-Policy: no-referrer-when-downgrade'); |
||
80 | } |
||
2 | daniel-mar | 81 | |
419 | daniel-mar | 82 | require_once __DIR__ . '/../3p/0xbb/Sha3.php'; |
2 | daniel-mar | 83 | |
84 | require_once __DIR__ . '/oid_utils.inc.php'; |
||
16 | daniel-mar | 85 | require_once __DIR__ . '/uuid_utils.inc.php'; |
286 | daniel-mar | 86 | require_once __DIR__ . '/color_utils.inc.php'; |
17 | daniel-mar | 87 | require_once __DIR__ . '/ipv4_functions.inc.php'; |
88 | require_once __DIR__ . '/ipv6_functions.inc.php'; |
||
12 | daniel-mar | 89 | require_once __DIR__ . '/anti_xss.inc.php'; |
2 | daniel-mar | 90 | |
444 | daniel-mar | 91 | if (PHP_SAPI != 'cli') { |
315 | daniel-mar | 92 | if (!file_exists(__DIR__ . '/../3p/vts_vnag/vnag_framework.inc.php')) { |
93 | // This can happen if WebSVN did not catch the external SVN repository right |
||
94 | // If WebSVN was the reason, then we are safe to assume that writing is possible |
||
466 | daniel-mar | 95 | // Also, if OIDplus was checked out via GitHub (not recommended), |
96 | // then the external SVN repositories are not included, so this will get |
||
97 | // the third party scripts. |
||
315 | daniel-mar | 98 | @mkdir(__DIR__ . '/../3p/vts_vnag'); |
99 | @file_put_contents(__DIR__ . '/../3p/vts_vnag/vnag_framework.inc.php', file_get_contents('https://svn.viathinksoft.com/svn/vnag/trunk/framework/vnag_framework.inc.php')); |
||
100 | } |
||
310 | daniel-mar | 101 | include_once __DIR__ . '/../3p/vts_vnag/vnag_framework.inc.php'; |
260 | daniel-mar | 102 | } |
315 | daniel-mar | 103 | |
104 | if (!file_exists(__DIR__ . '/../3p/vts_fileformats/VtsFileTypeDetect.class.php')) { |
||
105 | // This can happen if WebSVN did not catch the external SVN repository right |
||
106 | // If WebSVN was the reason, then we are safe to assume that writing is possible |
||
466 | daniel-mar | 107 | // Also, if OIDplus was checked out via GitHub (not recommended), |
108 | // then the external SVN repositories are not included, so this will get |
||
109 | // the third party scripts. |
||
315 | daniel-mar | 110 | @mkdir(__DIR__ . '/../3p/vts_fileformats'); |
111 | foreach (array('VtsFileTypeDetect.class.php', 'filetypes.conf', 'mimetype_lookup.inc.php') as $file) { |
||
112 | @file_put_contents(__DIR__ . '/../3p/vts_fileformats/'.$file, file_get_contents('https://svn.viathinksoft.com/svn/fileformats/trunk/'.$file)); |
||
113 | } |
||
114 | } |
||
310 | daniel-mar | 115 | include_once __DIR__ . '/../3p/vts_fileformats/VtsFileTypeDetect.class.php'; |
260 | daniel-mar | 116 | |
2 | daniel-mar | 117 | // --- |
118 | |||
229 | daniel-mar | 119 | spl_autoload_register(function ($class_name) { |
444 | daniel-mar | 120 | static $class_refs = null; |
121 | |||
122 | if (is_null($class_refs)) { |
||
123 | $class_refs = array(); |
||
124 | |||
445 | daniel-mar | 125 | $class_files = array_merge( |
444 | daniel-mar | 126 | glob(__DIR__ . '/classes/'.'*'.'.class.php'), |
127 | glob(__DIR__ . '/../plugins/'.'*'.'/'.'*'.'/'.'*'.'.class.php') |
||
128 | ); |
||
445 | daniel-mar | 129 | foreach ($class_files as $filename) { |
130 | $cn = basename($filename, '.class.php'); |
||
131 | if (!isset($class_refs[$cn])) { |
||
132 | $class_refs[$cn] = $filename; |
||
133 | } |
||
444 | daniel-mar | 134 | } |
277 | daniel-mar | 135 | } |
444 | daniel-mar | 136 | |
137 | if (isset($class_refs[$class_name])) { |
||
138 | require_once $class_refs[$class_name]; |
||
139 | } |
||
419 | daniel-mar | 140 | }); |