Rev 866 | Rev 974 | Go to most recent revision | Only display areas with differences | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 866 | Rev 946 | ||
---|---|---|---|
1 | <?php |
1 | <?php |
2 | 2 | ||
3 | /* |
3 | /* |
4 | * OIDplus 2.0 |
4 | * OIDplus 2.0 |
5 | * Copyright 2019 - 2022 Daniel Marschall, ViaThinkSoft |
5 | * Copyright 2019 - 2022 Daniel Marschall, ViaThinkSoft |
6 | * |
6 | * |
7 | * Licensed under the Apache License, Version 2.0 (the "License"); |
7 | * Licensed under the Apache License, Version 2.0 (the "License"); |
8 | * you may not use this file except in compliance with the License. |
8 | * you may not use this file except in compliance with the License. |
9 | * You may obtain a copy of the License at |
9 | * You may obtain a copy of the License at |
10 | * |
10 | * |
11 | * http://www.apache.org/licenses/LICENSE-2.0 |
11 | * http://www.apache.org/licenses/LICENSE-2.0 |
12 | * |
12 | * |
13 | * Unless required by applicable law or agreed to in writing, software |
13 | * Unless required by applicable law or agreed to in writing, software |
14 | * distributed under the License is distributed on an "AS IS" BASIS, |
14 | * distributed under the License is distributed on an "AS IS" BASIS, |
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
16 | * See the License for the specific language governing permissions and |
16 | * See the License for the specific language governing permissions and |
17 | * limitations under the License. |
17 | * limitations under the License. |
18 | */ |
18 | */ |
19 | 19 | ||
20 | header('Content-Type:text/html; charset=UTF-8'); |
20 | header('Content-Type:text/html; charset=UTF-8'); |
21 | 21 | ||
22 | require_once __DIR__ . '/includes/oidplus.inc.php'; |
22 | require_once __DIR__ . '/includes/oidplus.inc.php'; |
23 | 23 | ||
24 | set_exception_handler(array('OIDplusGui', 'html_exception_handler')); |
24 | set_exception_handler(array('OIDplusGui', 'html_exception_handler')); |
25 | 25 | ||
26 | ob_start(); // allow cookie headers to be sent |
26 | ob_start(); // allow cookie headers to be sent |
27 | 27 | ||
28 | OIDplus::init(true); |
28 | OIDplus::init(true); |
29 | 29 | ||
30 | $static_node_id = isset($_REQUEST['goto']) ? $_REQUEST['goto'] : 'oidplus:system'; |
30 | $static_node_id = isset($_REQUEST['goto']) ? $_REQUEST['goto'] : 'oidplus:system'; |
31 | 31 | ||
- | 32 | if (isset($_REQUEST['h404'])) { |
|
- | 33 | $handled = false; |
|
- | 34 | $plugins = OIDplus::getPagePlugins(); |
|
- | 35 | foreach ($plugins as $plugin) { |
|
- | 36 | if ($plugin->handle404($_REQUEST['h404'])) $handled = true; |
|
- | 37 | } |
|
- | 38 | if (!$handled) { |
|
- | 39 | header('Location:'.OIDplus::webpath().'?goto='.urlencode('oidplus:err:'.$_REQUEST['h404'])); |
|
- | 40 | die(); |
|
- | 41 | } |
|
- | 42 | } |
|
- | 43 | ||
32 | $static_node_id = OIDplus::prefilterQuery($static_node_id, false); |
44 | $static_node_id = OIDplus::prefilterQuery($static_node_id, false); |
33 | 45 | ||
34 | $static = OIDplus::gui()->generateContentPage($static_node_id); |
46 | $static = OIDplus::gui()->generateContentPage($static_node_id); |
35 | $static_title = $static['title']; |
47 | $static_title = $static['title']; |
36 | $static_icon = $static['icon']; |
48 | $static_icon = $static['icon']; |
37 | $static_content = $static['text']; |
49 | $static_content = $static['text']; |
38 | 50 | ||
39 | if (!isset($_COOKIE['csrf_token'])) { |
51 | if (!isset($_COOKIE['csrf_token'])) { |
40 | // TODO: It is possible that you receive a "Missing or wrong CSRF Token" warning, |
52 | // TODO: It is possible that you receive a "Missing or wrong CSRF Token" warning, |
41 | // if you open a page that had a HTTPS cookie using HTTP. |
53 | // if you open a page that had a HTTPS cookie using HTTP. |
42 | // Chrome will then block "Set-Cookie" since the HTTP cookie would |
54 | // Chrome will then block "Set-Cookie" since the HTTP cookie would |
43 | // overwrite the HTTPS cookie. |
55 | // overwrite the HTTPS cookie. |
44 | // This is the main CSRF token used for AJAX. |
56 | // This is the main CSRF token used for AJAX. |
45 | $token = OIDplus::authUtils()->genCSRFToken(); |
57 | $token = OIDplus::authUtils()->genCSRFToken(); |
46 | OIDplus::cookieUtils()->setcookie('csrf_token', $token, 0, false); |
58 | OIDplus::cookieUtils()->setcookie('csrf_token', $token, 0, false); |
47 | unset($token); |
59 | unset($token); |
48 | } |
60 | } |
49 | 61 | ||
50 | if (!isset($_COOKIE['csrf_token_weak'])) { |
62 | if (!isset($_COOKIE['csrf_token_weak'])) { |
51 | // This CSRF token is created with SameSite=Lax and must be used |
63 | // This CSRF token is created with SameSite=Lax and must be used |
52 | // for OAuth 2.0 redirects or similar purposes. |
64 | // for OAuth 2.0 redirects or similar purposes. |
53 | $token = OIDplus::authUtils()->genCSRFToken(); |
65 | $token = OIDplus::authUtils()->genCSRFToken(); |
54 | OIDplus::cookieUtils()->setcookie('csrf_token_weak', $token, 0, false, 'Lax'); |
66 | OIDplus::cookieUtils()->setcookie('csrf_token_weak', $token, 0, false, 'Lax'); |
55 | unset($token); |
67 | unset($token); |
56 | } |
68 | } |
57 | 69 | ||
58 | OIDplus::handleLangArgument(); |
70 | OIDplus::handleLangArgument(); |
59 | 71 | ||
60 | function combine_systemtitle_and_pagetitle($systemtitle, $pagetitle) { |
72 | function combine_systemtitle_and_pagetitle($systemtitle, $pagetitle) { |
61 | // Please also change the function in oidplus_base.js |
73 | // Please also change the function in oidplus_base.js |
62 | if ($systemtitle == $pagetitle) { |
74 | if ($systemtitle == $pagetitle) { |
63 | return $systemtitle; |
75 | return $systemtitle; |
64 | } else { |
76 | } else { |
65 | return $pagetitle . ' - ' . $systemtitle; |
77 | return $pagetitle . ' - ' . $systemtitle; |
66 | } |
78 | } |
67 | } |
79 | } |
68 | 80 | ||
69 | // Get theme color (color of title bar) |
81 | // Get theme color (color of title bar) |
70 | $design_plugin = OIDplus::getActiveDesignPlugin(); |
82 | $design_plugin = OIDplus::getActiveDesignPlugin(); |
71 | $theme_color = is_null($design_plugin) ? '' : $design_plugin->getThemeColor(); |
83 | $theme_color = is_null($design_plugin) ? '' : $design_plugin->getThemeColor(); |
72 | 84 | ||
73 | $head_elems = array(); |
85 | $head_elems = array(); |
74 | $head_elems[] = '<meta http-equiv="Content-Type" content="text/html; charset=utf-8">'; |
86 | $head_elems[] = '<meta http-equiv="Content-Type" content="text/html; charset=utf-8">'; |
75 | $head_elems[] = '<meta name="OIDplus-SystemTitle" content="'.htmlentities(OIDplus::config()->getValue('system_title')).'">'; // Do not remove. This meta tag is acessed by oidplus_base.js |
87 | $head_elems[] = '<meta name="OIDplus-SystemTitle" content="'.htmlentities(OIDplus::config()->getValue('system_title')).'">'; // Do not remove. This meta tag is acessed by oidplus_base.js |
76 | if ($theme_color != '') $head_elems[] = '<meta name="theme-color" content="'.htmlentities($theme_color).'">'; |
88 | if ($theme_color != '') $head_elems[] = '<meta name="theme-color" content="'.htmlentities($theme_color).'">'; |
77 | $head_elems[] = '<meta name="viewport" content="width=device-width, initial-scale=1.0">'; |
89 | $head_elems[] = '<meta name="viewport" content="width=device-width, initial-scale=1.0">'; |
78 | $head_elems[] = '<title>'.htmlentities(combine_systemtitle_and_pagetitle(OIDplus::config()->getValue('system_title'), $static_title)).'</title>'; |
90 | $head_elems[] = '<title>'.htmlentities(combine_systemtitle_and_pagetitle(OIDplus::config()->getValue('system_title'), $static_title)).'</title>'; |
79 | $head_elems[] = '<script src="polyfill.min.js.php"></script>'; |
91 | $head_elems[] = '<script src="polyfill.min.js.php"></script>'; |
80 | $head_elems[] = OIDplus::getActiveCaptchaPlugin()->captchaDomHead(); |
92 | $head_elems[] = OIDplus::getActiveCaptchaPlugin()->captchaDomHead(); |
81 | $head_elems[] = '<script src="oidplus.min.js.php"></script>'; |
93 | $head_elems[] = '<script src="oidplus.min.js.php"></script>'; |
82 | $head_elems[] = '<link rel="stylesheet" href="oidplus.min.css.php">'; |
94 | $head_elems[] = '<link rel="stylesheet" href="oidplus.min.css.php">'; |
83 | $head_elems[] = '<link rel="shortcut icon" type="image/x-icon" href="favicon.ico.php">'; |
95 | $head_elems[] = '<link rel="shortcut icon" type="image/x-icon" href="favicon.ico.php">'; |
84 | $head_elems[] = '<link rel="canonical" href="'.htmlentities(OIDplus::canonicalURL()).'">'; |
96 | $head_elems[] = '<link rel="canonical" href="'.htmlentities(OIDplus::canonicalURL()).'">'; |
85 | 97 | ||
86 | $plugins = OIDplus::getPagePlugins(); |
98 | $plugins = OIDplus::getPagePlugins(); |
87 | foreach ($plugins as $plugin) { |
99 | foreach ($plugins as $plugin) { |
88 | $plugin->htmlHeaderUpdate($head_elems); |
100 | $plugin->htmlHeaderUpdate($head_elems); |
89 | } |
101 | } |
90 | 102 | ||
91 | // --- |
103 | // --- |
92 | 104 | ||
93 | echo "<!DOCTYPE html>\n"; |
105 | echo "<!DOCTYPE html>\n"; |
94 | 106 | ||
95 | echo "<html lang=\"".substr(OIDplus::getCurrentLang(),0,2)."\">\n"; |
107 | echo "<html lang=\"".substr(OIDplus::getCurrentLang(),0,2)."\">\n"; |
96 | echo "<head>\n"; |
108 | echo "<head>\n"; |
97 | echo "\t".implode("\n\t",$head_elems)."\n"; |
109 | echo "\t".implode("\n\t",$head_elems)."\n"; |
98 | echo "</head>\n"; |
110 | echo "</head>\n"; |
99 | 111 | ||
100 | echo "<body>\n"; |
112 | echo "<body>\n"; |
101 | 113 | ||
102 | echo '<div id="loading" style="display:none">Loading…</div>'; |
114 | echo '<div id="loading" style="display:none">Loading…</div>'; |
103 | 115 | ||
104 | echo '<div id="frames">'; |
116 | echo '<div id="frames">'; |
105 | echo '<div id="content_window" class="borderbox">'; |
117 | echo '<div id="content_window" class="borderbox">'; |
106 | 118 | ||
107 | echo '<h1 id="real_title">'; |
119 | echo '<h1 id="real_title">'; |
108 | if ($static_icon != '') echo '<img src="'.htmlentities($static_icon).'" width="48" height="48" alt=""> '; |
120 | if ($static_icon != '') echo '<img src="'.htmlentities($static_icon).'" width="48" height="48" alt=""> '; |
109 | echo htmlentities($static_title).'</h1>'; |
121 | echo htmlentities($static_title).'</h1>'; |
110 | echo '<div id="real_content">'.$static_content.'</div>'; |
122 | echo '<div id="real_content">'.$static_content.'</div>'; |
111 | if ((!isset($_SERVER['REQUEST_METHOD'])) || ($_SERVER['REQUEST_METHOD'] == 'GET')) { |
123 | if ((!isset($_SERVER['REQUEST_METHOD'])) || ($_SERVER['REQUEST_METHOD'] == 'GET')) { |
112 | echo '<br><p><img src="img/share.png" width="15" height="15" alt="'._L('Share').'"> <a href="?goto='.htmlentities($static_node_id).'" id="static_link" class="gray_footer_font">'._L('Static link to this page').'</a>'; |
124 | echo '<br><p><img src="img/share.png" width="15" height="15" alt="'._L('Share').'"> <a href="?goto='.htmlentities($static_node_id).'" id="static_link" class="gray_footer_font">'._L('Static link to this page').'</a>'; |
113 | echo '</p>'; |
125 | echo '</p>'; |
114 | } |
126 | } |
115 | echo '<br>'; |
127 | echo '<br>'; |
116 | 128 | ||
117 | echo '</div>'; |
129 | echo '</div>'; |
118 | 130 | ||
119 | echo '<div id="system_title_bar">'; |
131 | echo '<div id="system_title_bar">'; |
120 | 132 | ||
121 | echo '<div id="system_title_menu" onclick="mobileNavButtonClick(this)" onmouseenter="mobileNavButtonHover(this)" onmouseleave="mobileNavButtonHover(this)">'; |
133 | echo '<div id="system_title_menu" onclick="mobileNavButtonClick(this)" onmouseenter="mobileNavButtonHover(this)" onmouseleave="mobileNavButtonHover(this)">'; |
122 | echo ' <div id="bar1"></div>'; |
134 | echo ' <div id="bar1"></div>'; |
123 | echo ' <div id="bar2"></div>'; |
135 | echo ' <div id="bar2"></div>'; |
124 | echo ' <div id="bar3"></div>'; |
136 | echo ' <div id="bar3"></div>'; |
125 | echo '</div>'; |
137 | echo '</div>'; |
126 | 138 | ||
127 | echo '<div id="system_title_text">'; |
139 | echo '<div id="system_title_text">'; |
128 | echo ' <a '.OIDplus::gui()->link('oidplus:system').' id="system_title_a">'; |
140 | echo ' <a '.OIDplus::gui()->link('oidplus:system').' id="system_title_a">'; |
129 | echo ' <span id="system_title_logo"></span>'; |
141 | echo ' <span id="system_title_logo"></span>'; |
130 | echo ' <span id="system_title_1">'.htmlentities(OIDplus::getEditionInfo()['vendor'].' OIDplus 2.0').'</span><br>'; |
142 | echo ' <span id="system_title_1">'.htmlentities(OIDplus::getEditionInfo()['vendor'].' OIDplus 2.0').'</span><br>'; |
131 | echo ' <span id="system_title_2">'.htmlentities(OIDplus::config()->getValue('system_title')).'</span>'; |
143 | echo ' <span id="system_title_2">'.htmlentities(OIDplus::config()->getValue('system_title')).'</span>'; |
132 | echo ' </a>'; |
144 | echo ' </a>'; |
133 | echo '</div>'; |
145 | echo '</div>'; |
134 | 146 | ||
135 | echo '</div>'; |
147 | echo '</div>'; |
136 | 148 | ||
137 | echo OIDplus::gui()->getLanguageBox($static_node_id, true); |
149 | echo OIDplus::gui()->getLanguageBox($static_node_id, true); |
138 | 150 | ||
139 | echo '<div id="gotobox">'; |
151 | echo '<div id="gotobox">'; |
140 | echo '<input type="text" name="goto" id="gotoedit" value="'.htmlentities($static_node_id).'">'; |
152 | echo '<input type="text" name="goto" id="gotoedit" value="'.htmlentities($static_node_id).'">'; |
141 | echo '<input type="button" value="'._L('Go').'" onclick="gotoButtonClicked()" id="gotobutton">'; |
153 | echo '<input type="button" value="'._L('Go').'" onclick="gotoButtonClicked()" id="gotobutton">'; |
142 | echo '</div>'; |
154 | echo '</div>'; |
143 | 155 | ||
144 | echo '<div id="oidtree" class="borderbox">'; |
156 | echo '<div id="oidtree" class="borderbox">'; |
145 | //echo '<noscript>'; |
157 | //echo '<noscript>'; |
146 | //echo '<p><b>'._L('Please enable JavaScript to use all features').'</b></p>'; |
158 | //echo '<p><b>'._L('Please enable JavaScript to use all features').'</b></p>'; |
147 | //echo '</noscript>'; |
159 | //echo '</noscript>'; |
148 | OIDplus::menuUtils()->nonjs_menu(); |
160 | OIDplus::menuUtils()->nonjs_menu(); |
149 | echo '</div>'; |
161 | echo '</div>'; |
150 | 162 | ||
151 | echo '</div>'; |
163 | echo '</div>'; |
152 | 164 | ||
153 | echo "\n</body>\n"; |
165 | echo "\n</body>\n"; |
154 | echo "</html>\n"; |
166 | echo "</html>\n"; |
155 | 167 | ||
156 | $cont = ob_get_contents(); |
168 | $cont = ob_get_contents(); |
157 | ob_end_clean(); |
169 | ob_end_clean(); |
158 | 170 | ||
159 | OIDplus::invoke_shutdown(); |
171 | OIDplus::invoke_shutdown(); |
160 | 172 | ||
161 | $plugins = OIDplus::getPagePlugins(); |
173 | $plugins = OIDplus::getPagePlugins(); |
162 | foreach ($plugins as $plugin) { |
174 | foreach ($plugins as $plugin) { |
163 | $plugin->htmlPostprocess($cont); |
175 | $plugin->htmlPostprocess($cont); |
164 | } |
176 | } |
165 | 177 | ||
166 | echo $cont; |
178 | echo $cont; |
167 | 179 |