Rev 1066 | Rev 1130 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 2 | daniel-mar | 1 | <?php |
| 2 | |||
| 3 | /* |
||
| 4 | * OIDplus 2.0 |
||
| 773 | daniel-mar | 5 | * Copyright 2019 - 2022 Daniel Marschall, ViaThinkSoft |
| 2 | daniel-mar | 6 | * |
| 7 | * Licensed under the Apache License, Version 2.0 (the "License"); |
||
| 8 | * you may not use this file except in compliance with the License. |
||
| 9 | * You may obtain a copy of the License at |
||
| 10 | * |
||
| 11 | * http://www.apache.org/licenses/LICENSE-2.0 |
||
| 12 | * |
||
| 13 | * Unless required by applicable law or agreed to in writing, software |
||
| 14 | * distributed under the License is distributed on an "AS IS" BASIS, |
||
| 15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||
| 16 | * See the License for the specific language governing permissions and |
||
| 17 | * limitations under the License. |
||
| 18 | */ |
||
| 19 | |||
| 1050 | daniel-mar | 20 | use ViaThinkSoft\OIDplus\OIDplus; |
| 21 | use ViaThinkSoft\OIDplus\OIDplusGui; |
||
| 22 | |||
| 207 | daniel-mar | 23 | header('Content-Type:text/html; charset=UTF-8'); |
| 2 | daniel-mar | 24 | |
| 207 | daniel-mar | 25 | require_once __DIR__ . '/includes/oidplus.inc.php'; |
| 26 | |||
| 1050 | daniel-mar | 27 | set_exception_handler(array(OIDplusGui::class, 'html_exception_handler')); |
| 240 | daniel-mar | 28 | |
| 207 | daniel-mar | 29 | ob_start(); // allow cookie headers to be sent |
| 30 | |||
| 120 | daniel-mar | 31 | OIDplus::init(true); |
| 32 | |||
| 33 | $static_node_id = isset($_REQUEST['goto']) ? $_REQUEST['goto'] : 'oidplus:system'; |
||
| 773 | daniel-mar | 34 | |
| 946 | daniel-mar | 35 | if (isset($_REQUEST['h404'])) { |
| 36 | $handled = false; |
||
| 1116 | daniel-mar | 37 | $plugins = OIDplus::getAllPlugins(); |
| 946 | daniel-mar | 38 | foreach ($plugins as $plugin) { |
| 39 | if ($plugin->handle404($_REQUEST['h404'])) $handled = true; |
||
| 40 | } |
||
| 41 | if (!$handled) { |
||
| 42 | header('Location:'.OIDplus::webpath().'?goto='.urlencode('oidplus:err:'.$_REQUEST['h404'])); |
||
| 43 | die(); |
||
| 44 | } |
||
| 45 | } |
||
| 46 | |||
| 775 | daniel-mar | 47 | $static_node_id = OIDplus::prefilterQuery($static_node_id, false); |
| 773 | daniel-mar | 48 | |
| 558 | daniel-mar | 49 | $static = OIDplus::gui()->generateContentPage($static_node_id); |
| 1066 | daniel-mar | 50 | $page_title_2 = $static['title']; |
| 120 | daniel-mar | 51 | $static_icon = $static['icon']; |
| 52 | $static_content = $static['text']; |
||
| 53 | |||
| 564 | daniel-mar | 54 | if (!isset($_COOKIE['csrf_token'])) { |
| 55 | // This is the main CSRF token used for AJAX. |
||
| 56 | $token = OIDplus::authUtils()->genCSRFToken(); |
||
| 57 | OIDplus::cookieUtils()->setcookie('csrf_token', $token, 0, false); |
||
| 58 | unset($token); |
||
| 59 | } |
||
| 60 | |||
| 61 | if (!isset($_COOKIE['csrf_token_weak'])) { |
||
| 62 | // This CSRF token is created with SameSite=Lax and must be used |
||
| 63 | // for OAuth 2.0 redirects or similar purposes. |
||
| 64 | $token = OIDplus::authUtils()->genCSRFToken(); |
||
| 65 | OIDplus::cookieUtils()->setcookie('csrf_token_weak', $token, 0, false, 'Lax'); |
||
| 66 | unset($token); |
||
| 67 | } |
||
| 68 | |||
| 362 | daniel-mar | 69 | OIDplus::handleLangArgument(); |
| 70 | |||
| 1066 | daniel-mar | 71 | $page_title_1 = OIDplus::gui()->combine_systemtitle_and_pagetitle(OIDplus::config()->getValue('system_title'), $page_title_2); |
| 120 | daniel-mar | 72 | |
| 1066 | daniel-mar | 73 | $cont = OIDplus::gui()->showMainPage($page_title_1, $page_title_2, $static_icon, $static_content, $extra_head_tags=array(), $static_node_id=''); |
| 142 | daniel-mar | 74 | |
| 1005 | daniel-mar | 75 | OIDplus::invoke_shutdown(); |
| 76 | |||
| 366 | daniel-mar | 77 | echo $cont; |