Rev 698 | Rev 778 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
2 | daniel-mar | 1 | <?php |
2 | |||
3 | /* |
||
4 | * OIDplus 2.0 |
||
511 | daniel-mar | 5 | * Copyright 2019 - 2021 Daniel Marschall, ViaThinkSoft |
2 | daniel-mar | 6 | * |
7 | * Licensed under the Apache License, Version 2.0 (the "License"); |
||
8 | * you may not use this file except in compliance with the License. |
||
9 | * You may obtain a copy of the License at |
||
10 | * |
||
11 | * http://www.apache.org/licenses/LICENSE-2.0 |
||
12 | * |
||
13 | * Unless required by applicable law or agreed to in writing, software |
||
14 | * distributed under the License is distributed on an "AS IS" BASIS, |
||
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||
16 | * See the License for the specific language governing permissions and |
||
17 | * limitations under the License. |
||
18 | */ |
||
19 | |||
236 | daniel-mar | 20 | // Before we do ANYTHING, check for dependencies! Do not include anything (except the GMP supplement) yet. |
21 | |||
511 | daniel-mar | 22 | define('INSIDE_OIDPLUS', true); |
23 | |||
463 | daniel-mar | 24 | require_once __DIR__ . '/functions.inc.php'; // Required for _L() |
25 | |||
236 | daniel-mar | 26 | if (version_compare(PHP_VERSION, '7.0.0') < 0) { |
597 | daniel-mar | 27 | // More information about the required PHP version: |
28 | // doc/developer_notes/php7_compat |
||
463 | daniel-mar | 29 | echo '<!DOCTYPE HTML>'; |
30 | echo '<html><head><title>'._L('OIDplus error').'</title></head><body>'; |
||
360 | daniel-mar | 31 | echo '<h1>'._L('OIDplus error').'</h1>'; |
32 | echo '<p>'._L('OIDplus requires at least PHP version %1! You are currently using version %2','7.0',PHP_VERSION).'</p>'."\n"; |
||
463 | daniel-mar | 33 | echo '</body></html>'; |
236 | daniel-mar | 34 | die(); |
35 | } |
||
36 | |||
597 | daniel-mar | 37 | require_once __DIR__ . '/../vendor/autoload.php'; |
38 | |||
603 | daniel-mar | 39 | include_once __DIR__ . '/../vendor/danielmarschall/php_utils/gmp_supplement.inc.php'; |
597 | daniel-mar | 40 | include_once __DIR__ . '/../vendor/symfony/polyfill-mbstring/bootstrap.php'; |
603 | daniel-mar | 41 | include_once __DIR__ . '/../vendor/danielmarschall/php_utils/simplexml_supplement.inc.php'; |
236 | daniel-mar | 42 | |
463 | daniel-mar | 43 | require_once __DIR__ . '/oidplus_dependency.inc.php'; |
236 | daniel-mar | 44 | |
463 | daniel-mar | 45 | $missing_dependencies = oidplus_get_missing_dependencies(); |
236 | daniel-mar | 46 | |
47 | if (count($missing_dependencies) >= 1) { |
||
463 | daniel-mar | 48 | echo '<!DOCTYPE HTML>'; |
49 | echo '<html><head><title>'._L('OIDplus error').'</title></head><body>'; |
||
360 | daniel-mar | 50 | echo '<h1>'._L('OIDplus error').'</h1>'; |
51 | echo '<p>'._L('The following PHP extensions need to be installed in order to run OIDplus:').'</p>'; |
||
236 | daniel-mar | 52 | echo '<ul>'; |
53 | foreach ($missing_dependencies as $dependency) { |
||
463 | daniel-mar | 54 | echo '<li>'.$dependency.'<br><br></li>'; |
236 | daniel-mar | 55 | } |
56 | echo '</ul>'; |
||
463 | daniel-mar | 57 | echo '</body></html>'; |
236 | daniel-mar | 58 | die(); |
59 | } |
||
60 | |||
61 | unset($missing_dependencies); |
||
62 | |||
63 | // Now we can continue! |
||
64 | |||
444 | daniel-mar | 65 | if (PHP_SAPI != 'cli') { |
476 | daniel-mar | 66 | // TODO: Plugins should be able to extend CSP |
50 | daniel-mar | 67 | header('X-Content-Type-Options: nosniff'); |
68 | header('X-XSS-Protection: 1; mode=block'); |
||
178 | daniel-mar | 69 | header("Content-Security-Policy: default-src 'self' blob: https://fonts.gstatic.com https://www.google.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/; ". |
50 | daniel-mar | 70 | "style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com/; ". |
476 | daniel-mar | 71 | "img-src blob: data: http: https:; ". |
160 | daniel-mar | 72 | "script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.google.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://polyfill.io/; ". |
50 | daniel-mar | 73 | "frame-ancestors 'none'; ". |
74 | "object-src 'none'"); |
||
75 | header('X-Frame-Options: SAMEORIGIN'); |
||
76 | header('Referrer-Policy: no-referrer-when-downgrade'); |
||
641 | daniel-mar | 77 | header('Cache-control: no-cache'); |
78 | header('Cache-control: no-store'); |
||
79 | header('Pragma: no-cache'); |
||
80 | header('Expires: 0'); |
||
50 | daniel-mar | 81 | } |
2 | daniel-mar | 82 | |
603 | daniel-mar | 83 | require_once __DIR__ . '/../vendor/danielmarschall/php_utils/oid_utils.inc.php'; |
606 | daniel-mar | 84 | require_once __DIR__ . '/../vendor/danielmarschall/php_utils/xml_utils.inc.php'; |
603 | daniel-mar | 85 | require_once __DIR__ . '/../vendor/danielmarschall/uuid_mac_utils/includes/uuid_utils.inc.php'; |
86 | require_once __DIR__ . '/../vendor/danielmarschall/php_utils/color_utils.inc.php'; |
||
87 | require_once __DIR__ . '/../vendor/danielmarschall/php_utils/ipv4_functions.inc.php'; |
||
88 | require_once __DIR__ . '/../vendor/danielmarschall/php_utils/ipv6_functions.inc.php'; |
||
89 | require_once __DIR__ . '/../vendor/danielmarschall/php_utils/anti_xss.inc.php'; |
||
660 | daniel-mar | 90 | include_once __DIR__ . '/../vendor/danielmarschall/php_utils/git_utils.inc.php'; |
698 | daniel-mar | 91 | include_once __DIR__ . '/../vendor/danielmarschall/php_utils/svn_utils.inc.php'; |
2 | daniel-mar | 92 | |
93 | // --- |
||
94 | |||
229 | daniel-mar | 95 | spl_autoload_register(function ($class_name) { |
444 | daniel-mar | 96 | static $class_refs = null; |
97 | |||
98 | if (is_null($class_refs)) { |
||
526 | daniel-mar | 99 | $valid_plugin_folders = array( |
100 | 'adminPages', |
||
101 | 'auth', |
||
102 | 'database', |
||
103 | 'design', |
||
104 | 'language', |
||
105 | 'logger', |
||
106 | 'objectTypes', |
||
107 | 'publicPages', |
||
108 | 'raPages', |
||
702 | daniel-mar | 109 | 'sqlSlang', |
110 | 'captcha' |
||
526 | daniel-mar | 111 | ); |
112 | |||
571 | daniel-mar | 113 | $func = function(&$class_refs, $class_files, $namespace='') { |
114 | foreach ($class_files as $filename) { |
||
115 | $cn = strtolower(basename($filename)); |
||
116 | $cn = preg_replace('@(\\.class){0,1}\\.php$@', '', $cn); |
||
117 | if (!empty($namespace)) { |
||
118 | if (substr($namespace,-1,1) !== '\\') $namespace .= '\\'; |
||
119 | $cn = strtolower($namespace) . $cn; |
||
120 | } |
||
121 | if (!isset($class_refs[$cn])) { |
||
122 | $class_refs[$cn] = $filename; |
||
123 | } |
||
124 | } |
||
125 | }; |
||
126 | |||
527 | daniel-mar | 127 | $class_files = array(); |
571 | daniel-mar | 128 | |
129 | // Global namespace / OIDplus |
||
632 | daniel-mar | 130 | // (the last has the highest priority) |
526 | daniel-mar | 131 | foreach ($valid_plugin_folders as $folder) { |
635 | daniel-mar | 132 | $class_files = array_merge($class_files, glob(__DIR__ . '/../plugins/'.'*'.'/'.$folder.'/'.'*'.'/'.'*'.'.class.php')); |
526 | daniel-mar | 133 | } |
527 | daniel-mar | 134 | $class_files = array_merge($class_files, glob(__DIR__ . '/classes/'.'*'.'.class.php')); |
597 | daniel-mar | 135 | $class_files = array_merge($class_files, glob(__DIR__ . '/../vendor/danielmarschall/fileformats/'.'*'.'.class.php')); |
603 | daniel-mar | 136 | $class_files = array_merge($class_files, glob(__DIR__ . '/../vendor/danielmarschall/php_utils/'.'*'.'.class.php')); |
571 | daniel-mar | 137 | $func($class_refs, $class_files); |
277 | daniel-mar | 138 | } |
444 | daniel-mar | 139 | |
527 | daniel-mar | 140 | $class_name = strtolower($class_name); |
444 | daniel-mar | 141 | if (isset($class_refs[$class_name])) { |
527 | daniel-mar | 142 | require $class_refs[$class_name]; |
143 | unset($class_refs[$class_name]); // this emulates a "require_once" and is faster |
||
444 | daniel-mar | 144 | } |
530 | daniel-mar | 145 | }); |