Rev 698 | Rev 778 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 2 | daniel-mar | 1 | <?php |
| 2 | |||
| 3 | /* |
||
| 4 | * OIDplus 2.0 |
||
| 511 | daniel-mar | 5 | * Copyright 2019 - 2021 Daniel Marschall, ViaThinkSoft |
| 2 | daniel-mar | 6 | * |
| 7 | * Licensed under the Apache License, Version 2.0 (the "License"); |
||
| 8 | * you may not use this file except in compliance with the License. |
||
| 9 | * You may obtain a copy of the License at |
||
| 10 | * |
||
| 11 | * http://www.apache.org/licenses/LICENSE-2.0 |
||
| 12 | * |
||
| 13 | * Unless required by applicable law or agreed to in writing, software |
||
| 14 | * distributed under the License is distributed on an "AS IS" BASIS, |
||
| 15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||
| 16 | * See the License for the specific language governing permissions and |
||
| 17 | * limitations under the License. |
||
| 18 | */ |
||
| 19 | |||
| 236 | daniel-mar | 20 | // Before we do ANYTHING, check for dependencies! Do not include anything (except the GMP supplement) yet. |
| 21 | |||
| 511 | daniel-mar | 22 | define('INSIDE_OIDPLUS', true); |
| 23 | |||
| 463 | daniel-mar | 24 | require_once __DIR__ . '/functions.inc.php'; // Required for _L() |
| 25 | |||
| 236 | daniel-mar | 26 | if (version_compare(PHP_VERSION, '7.0.0') < 0) { |
| 597 | daniel-mar | 27 | // More information about the required PHP version: |
| 28 | // doc/developer_notes/php7_compat |
||
| 463 | daniel-mar | 29 | echo '<!DOCTYPE HTML>'; |
| 30 | echo '<html><head><title>'._L('OIDplus error').'</title></head><body>'; |
||
| 360 | daniel-mar | 31 | echo '<h1>'._L('OIDplus error').'</h1>'; |
| 32 | echo '<p>'._L('OIDplus requires at least PHP version %1! You are currently using version %2','7.0',PHP_VERSION).'</p>'."\n"; |
||
| 463 | daniel-mar | 33 | echo '</body></html>'; |
| 236 | daniel-mar | 34 | die(); |
| 35 | } |
||
| 36 | |||
| 597 | daniel-mar | 37 | require_once __DIR__ . '/../vendor/autoload.php'; |
| 38 | |||
| 603 | daniel-mar | 39 | include_once __DIR__ . '/../vendor/danielmarschall/php_utils/gmp_supplement.inc.php'; |
| 597 | daniel-mar | 40 | include_once __DIR__ . '/../vendor/symfony/polyfill-mbstring/bootstrap.php'; |
| 603 | daniel-mar | 41 | include_once __DIR__ . '/../vendor/danielmarschall/php_utils/simplexml_supplement.inc.php'; |
| 236 | daniel-mar | 42 | |
| 463 | daniel-mar | 43 | require_once __DIR__ . '/oidplus_dependency.inc.php'; |
| 236 | daniel-mar | 44 | |
| 463 | daniel-mar | 45 | $missing_dependencies = oidplus_get_missing_dependencies(); |
| 236 | daniel-mar | 46 | |
| 47 | if (count($missing_dependencies) >= 1) { |
||
| 463 | daniel-mar | 48 | echo '<!DOCTYPE HTML>'; |
| 49 | echo '<html><head><title>'._L('OIDplus error').'</title></head><body>'; |
||
| 360 | daniel-mar | 50 | echo '<h1>'._L('OIDplus error').'</h1>'; |
| 51 | echo '<p>'._L('The following PHP extensions need to be installed in order to run OIDplus:').'</p>'; |
||
| 236 | daniel-mar | 52 | echo '<ul>'; |
| 53 | foreach ($missing_dependencies as $dependency) { |
||
| 463 | daniel-mar | 54 | echo '<li>'.$dependency.'<br><br></li>'; |
| 236 | daniel-mar | 55 | } |
| 56 | echo '</ul>'; |
||
| 463 | daniel-mar | 57 | echo '</body></html>'; |
| 236 | daniel-mar | 58 | die(); |
| 59 | } |
||
| 60 | |||
| 61 | unset($missing_dependencies); |
||
| 62 | |||
| 63 | // Now we can continue! |
||
| 64 | |||
| 444 | daniel-mar | 65 | if (PHP_SAPI != 'cli') { |
| 476 | daniel-mar | 66 | // TODO: Plugins should be able to extend CSP |
| 50 | daniel-mar | 67 | header('X-Content-Type-Options: nosniff'); |
| 68 | header('X-XSS-Protection: 1; mode=block'); |
||
| 178 | daniel-mar | 69 | header("Content-Security-Policy: default-src 'self' blob: https://fonts.gstatic.com https://www.google.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/; ". |
| 50 | daniel-mar | 70 | "style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com/; ". |
| 476 | daniel-mar | 71 | "img-src blob: data: http: https:; ". |
| 160 | daniel-mar | 72 | "script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.google.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://polyfill.io/; ". |
| 50 | daniel-mar | 73 | "frame-ancestors 'none'; ". |
| 74 | "object-src 'none'"); |
||
| 75 | header('X-Frame-Options: SAMEORIGIN'); |
||
| 76 | header('Referrer-Policy: no-referrer-when-downgrade'); |
||
| 641 | daniel-mar | 77 | header('Cache-control: no-cache'); |
| 78 | header('Cache-control: no-store'); |
||
| 79 | header('Pragma: no-cache'); |
||
| 80 | header('Expires: 0'); |
||
| 50 | daniel-mar | 81 | } |
| 2 | daniel-mar | 82 | |
| 603 | daniel-mar | 83 | require_once __DIR__ . '/../vendor/danielmarschall/php_utils/oid_utils.inc.php'; |
| 606 | daniel-mar | 84 | require_once __DIR__ . '/../vendor/danielmarschall/php_utils/xml_utils.inc.php'; |
| 603 | daniel-mar | 85 | require_once __DIR__ . '/../vendor/danielmarschall/uuid_mac_utils/includes/uuid_utils.inc.php'; |
| 86 | require_once __DIR__ . '/../vendor/danielmarschall/php_utils/color_utils.inc.php'; |
||
| 87 | require_once __DIR__ . '/../vendor/danielmarschall/php_utils/ipv4_functions.inc.php'; |
||
| 88 | require_once __DIR__ . '/../vendor/danielmarschall/php_utils/ipv6_functions.inc.php'; |
||
| 89 | require_once __DIR__ . '/../vendor/danielmarschall/php_utils/anti_xss.inc.php'; |
||
| 660 | daniel-mar | 90 | include_once __DIR__ . '/../vendor/danielmarschall/php_utils/git_utils.inc.php'; |
| 698 | daniel-mar | 91 | include_once __DIR__ . '/../vendor/danielmarschall/php_utils/svn_utils.inc.php'; |
| 2 | daniel-mar | 92 | |
| 93 | // --- |
||
| 94 | |||
| 229 | daniel-mar | 95 | spl_autoload_register(function ($class_name) { |
| 444 | daniel-mar | 96 | static $class_refs = null; |
| 97 | |||
| 98 | if (is_null($class_refs)) { |
||
| 526 | daniel-mar | 99 | $valid_plugin_folders = array( |
| 100 | 'adminPages', |
||
| 101 | 'auth', |
||
| 102 | 'database', |
||
| 103 | 'design', |
||
| 104 | 'language', |
||
| 105 | 'logger', |
||
| 106 | 'objectTypes', |
||
| 107 | 'publicPages', |
||
| 108 | 'raPages', |
||
| 702 | daniel-mar | 109 | 'sqlSlang', |
| 110 | 'captcha' |
||
| 526 | daniel-mar | 111 | ); |
| 112 | |||
| 571 | daniel-mar | 113 | $func = function(&$class_refs, $class_files, $namespace='') { |
| 114 | foreach ($class_files as $filename) { |
||
| 115 | $cn = strtolower(basename($filename)); |
||
| 116 | $cn = preg_replace('@(\\.class){0,1}\\.php$@', '', $cn); |
||
| 117 | if (!empty($namespace)) { |
||
| 118 | if (substr($namespace,-1,1) !== '\\') $namespace .= '\\'; |
||
| 119 | $cn = strtolower($namespace) . $cn; |
||
| 120 | } |
||
| 121 | if (!isset($class_refs[$cn])) { |
||
| 122 | $class_refs[$cn] = $filename; |
||
| 123 | } |
||
| 124 | } |
||
| 125 | }; |
||
| 126 | |||
| 527 | daniel-mar | 127 | $class_files = array(); |
| 571 | daniel-mar | 128 | |
| 129 | // Global namespace / OIDplus |
||
| 632 | daniel-mar | 130 | // (the last has the highest priority) |
| 526 | daniel-mar | 131 | foreach ($valid_plugin_folders as $folder) { |
| 635 | daniel-mar | 132 | $class_files = array_merge($class_files, glob(__DIR__ . '/../plugins/'.'*'.'/'.$folder.'/'.'*'.'/'.'*'.'.class.php')); |
| 526 | daniel-mar | 133 | } |
| 527 | daniel-mar | 134 | $class_files = array_merge($class_files, glob(__DIR__ . '/classes/'.'*'.'.class.php')); |
| 597 | daniel-mar | 135 | $class_files = array_merge($class_files, glob(__DIR__ . '/../vendor/danielmarschall/fileformats/'.'*'.'.class.php')); |
| 603 | daniel-mar | 136 | $class_files = array_merge($class_files, glob(__DIR__ . '/../vendor/danielmarschall/php_utils/'.'*'.'.class.php')); |
| 571 | daniel-mar | 137 | $func($class_refs, $class_files); |
| 277 | daniel-mar | 138 | } |
| 444 | daniel-mar | 139 | |
| 527 | daniel-mar | 140 | $class_name = strtolower($class_name); |
| 444 | daniel-mar | 141 | if (isset($class_refs[$class_name])) { |
| 527 | daniel-mar | 142 | require $class_refs[$class_name]; |
| 143 | unset($class_refs[$class_name]); // this emulates a "require_once" and is faster |
||
| 444 | daniel-mar | 144 | } |
| 530 | daniel-mar | 145 | }); |