Rev 1247 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
2 | daniel-mar | 1 | <?php |
2 | |||
3 | /* |
||
4 | * OIDplus 2.0 |
||
1321 | daniel-mar | 5 | * Copyright 2019 - 2023 Daniel Marschall, ViaThinkSoft |
2 | daniel-mar | 6 | * |
7 | * Licensed under the Apache License, Version 2.0 (the "License"); |
||
8 | * you may not use this file except in compliance with the License. |
||
9 | * You may obtain a copy of the License at |
||
10 | * |
||
11 | * http://www.apache.org/licenses/LICENSE-2.0 |
||
12 | * |
||
13 | * Unless required by applicable law or agreed to in writing, software |
||
14 | * distributed under the License is distributed on an "AS IS" BASIS, |
||
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||
16 | * See the License for the specific language governing permissions and |
||
17 | * limitations under the License. |
||
18 | */ |
||
19 | |||
1050 | daniel-mar | 20 | use ViaThinkSoft\OIDplus\OIDplus; |
21 | use ViaThinkSoft\OIDplus\OIDplusGui; |
||
22 | |||
207 | daniel-mar | 23 | header('Content-Type:text/html; charset=UTF-8'); |
2 | daniel-mar | 24 | |
207 | daniel-mar | 25 | require_once __DIR__ . '/includes/oidplus.inc.php'; |
26 | |||
1050 | daniel-mar | 27 | set_exception_handler(array(OIDplusGui::class, 'html_exception_handler')); |
240 | daniel-mar | 28 | |
207 | daniel-mar | 29 | ob_start(); // allow cookie headers to be sent |
30 | |||
120 | daniel-mar | 31 | OIDplus::init(true); |
32 | |||
1130 | daniel-mar | 33 | $static_node_id = $_REQUEST['goto'] ?? 'oidplus:system'; |
773 | daniel-mar | 34 | |
946 | daniel-mar | 35 | if (isset($_REQUEST['h404'])) { |
36 | $handled = false; |
||
1116 | daniel-mar | 37 | $plugins = OIDplus::getAllPlugins(); |
946 | daniel-mar | 38 | foreach ($plugins as $plugin) { |
39 | if ($plugin->handle404($_REQUEST['h404'])) $handled = true; |
||
40 | } |
||
41 | if (!$handled) { |
||
42 | header('Location:'.OIDplus::webpath().'?goto='.urlencode('oidplus:err:'.$_REQUEST['h404'])); |
||
43 | die(); |
||
44 | } |
||
45 | } |
||
46 | |||
1247 | daniel-mar | 47 | $static_node_id_original = $static_node_id; |
775 | daniel-mar | 48 | $static_node_id = OIDplus::prefilterQuery($static_node_id, false); |
1247 | daniel-mar | 49 | if ($static_node_id_original !== $static_node_id) { |
50 | // Redirect to the corrected query |
||
51 | $canonical_url = OIDplus::canonicalURL($static_node_id); |
||
52 | if ($canonical_url) { |
||
53 | header('Location:'.$canonical_url); |
||
54 | die(); |
||
1245 | daniel-mar | 55 | } |
1247 | daniel-mar | 56 | unset($canonical_url); |
1245 | daniel-mar | 57 | } |
1247 | daniel-mar | 58 | unset($static_node_id_original); |
1245 | daniel-mar | 59 | |
558 | daniel-mar | 60 | $static = OIDplus::gui()->generateContentPage($static_node_id); |
1066 | daniel-mar | 61 | $page_title_2 = $static['title']; |
120 | daniel-mar | 62 | $static_icon = $static['icon']; |
63 | $static_content = $static['text']; |
||
64 | |||
564 | daniel-mar | 65 | if (!isset($_COOKIE['csrf_token'])) { |
66 | // This is the main CSRF token used for AJAX. |
||
67 | $token = OIDplus::authUtils()->genCSRFToken(); |
||
68 | OIDplus::cookieUtils()->setcookie('csrf_token', $token, 0, false); |
||
69 | unset($token); |
||
70 | } |
||
71 | |||
72 | if (!isset($_COOKIE['csrf_token_weak'])) { |
||
73 | // This CSRF token is created with SameSite=Lax and must be used |
||
74 | // for OAuth 2.0 redirects or similar purposes. |
||
75 | $token = OIDplus::authUtils()->genCSRFToken(); |
||
76 | OIDplus::cookieUtils()->setcookie('csrf_token_weak', $token, 0, false, 'Lax'); |
||
77 | unset($token); |
||
78 | } |
||
79 | |||
362 | daniel-mar | 80 | OIDplus::handleLangArgument(); |
81 | |||
1066 | daniel-mar | 82 | $page_title_1 = OIDplus::gui()->combine_systemtitle_and_pagetitle(OIDplus::config()->getValue('system_title'), $page_title_2); |
120 | daniel-mar | 83 | |
1184 | daniel-mar | 84 | $cont = OIDplus::gui()->showMainPage($page_title_1, $page_title_2, $static_icon, $static_content, $extra_head_tags=array(), $static_node_id); |
142 | daniel-mar | 85 | |
1005 | daniel-mar | 86 | OIDplus::invoke_shutdown(); |
87 | |||
366 | daniel-mar | 88 | echo $cont; |