WebSVN – oidplus – Diff – /trunk/index.php


<?php
 
/*
 * OIDplus 2.0
 * Copyright 2019 - 2022 Daniel Marschall, ViaThinkSoft
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
 
header('Content-Type:text/html; charset=UTF-8');
 
require_once __DIR__ . '/includes/oidplus.inc.php';
 
set_exception_handler(array('OIDplusGui', 'html_exception_handler'));
 
ob_start(); // allow cookie headers to be sent
 
OIDplus::init(true);
 
$static_node_id = isset($_REQUEST['goto']) ? $_REQUEST['goto'] : 'oidplus:system';
 
if (isset($_REQUEST['h404'])) {
        $handled = false;
        $plugins = OIDplus::getPagePlugins();
        foreach ($plugins as $plugin) {
                if ($plugin->handle404($_REQUEST['h404'])) $handled = true;
        }
        if (!$handled) {
                header('Location:'.OIDplus::webpath().'?goto='.urlencode('oidplus:err:'.$_REQUEST['h404']));
                die();
        }
}
 
$static_node_id = OIDplus::prefilterQuery($static_node_id, false);
 
$static = OIDplus::gui()->generateContentPage($static_node_id);
$static_title = $static['title'];
$static_icon = $static['icon'];
$static_content = $static['text'];
 
if (!isset($_COOKIE['csrf_token'])) {
        // TODO: It is possible that you receive a "Missing or wrong CSRF Token" warning,
        //       if you open a page that had a HTTPS cookie using HTTP.
        //       Chrome will then block "Set-Cookie" since the HTTP cookie would
        //       overwrite the HTTPS cookie.
        // This is the main CSRF token used for AJAX.
        $token = OIDplus::authUtils()->genCSRFToken();
        OIDplus::cookieUtils()->setcookie('csrf_token', $token, 0, false);
        unset($token);
}
 
if (!isset($_COOKIE['csrf_token_weak'])) {
        // This CSRF token is created with SameSite=Lax and must be used
        // for OAuth 2.0 redirects or similar purposes.
        $token = OIDplus::authUtils()->genCSRFToken();
        OIDplus::cookieUtils()->setcookie('csrf_token_weak', $token, 0, false, 'Lax');
        unset($token);
}
 
OIDplus::handleLangArgument();
 
function combine_systemtitle_and_pagetitle($systemtitle, $pagetitle) {
        // Please also change the function in oidplus_base.js
        if ($systemtitle == $pagetitle) {
                return $systemtitle;
        } else {
                return $pagetitle . ' - ' . $systemtitle;
        }
}
 
// Get theme color (color of title bar)
$design_plugin = OIDplus::getActiveDesignPlugin();
$theme_color = is_null($design_plugin) ? '' : $design_plugin->getThemeColor();
 
$head_elems = array();
$head_elems[] = '<meta http-equiv="Content-Type" content="text/html; charset=utf-8">';
$head_elems[] = '<meta name="OIDplus-SystemTitle" content="'.htmlentities(OIDplus::config()->getValue('system_title')).'">'; // Do not remove. This meta tag is acessed by oidplus_base.js
if ($theme_color != '') $head_elems[] = '<meta name="theme-color" content="'.htmlentities($theme_color).'">';
$head_elems[] = '<meta name="viewport" content="width=device-width, initial-scale=1.0">';
$head_elems[] = '<title>'.htmlentities(combine_systemtitle_and_pagetitle(OIDplus::config()->getValue('system_title'), $static_title)).'</title>';
$head_elems[] = '<script src="polyfill.min.js.php"></script>';
$head_elems[] = OIDplus::getActiveCaptchaPlugin()->captchaDomHead();
$head_elems[] = '<script src="oidplus.min.js.php"></script>';
$head_elems[] = '<link rel="stylesheet" href="oidplus.min.css.php">';
$head_elems[] = '<link rel="shortcut icon" type="image/x-icon" href="favicon.ico.php">';
$head_elems[] = '<link rel="canonical" href="'.htmlentities(OIDplus::canonicalURL()).'">';
 
$plugins = OIDplus::getPagePlugins();
foreach ($plugins as $plugin) {
        $plugin->htmlHeaderUpdate($head_elems);
}
 
// ---
 
echo "<!DOCTYPE html>\n";
 
echo "<html lang=\"".substr(OIDplus::getCurrentLang(),0,2)."\">\n";
echo "<head>\n";
echo "\t".implode("\n\t",$head_elems)."\n";
echo "</head>\n";
 
echo "<body>\n";
 
echo '<div id="loading" style="display:none">Loading&#8230;</div>';
 
echo '<div id="frames">';
echo '<div id="content_window" class="borderbox">';
 
echo '<h1 id="real_title">';
if ($static_icon != '') echo '<img src="'.htmlentities($static_icon).'" width="48" height="48" alt=""> ';
echo htmlentities($static_title).'</h1>';
echo '<div id="real_content">'.$static_content.'</div>';
if ((!isset($_SERVER['REQUEST_METHOD'])) || ($_SERVER['REQUEST_METHOD'] == 'GET')) {
        echo '<br><p><img src="img/share.png" width="15" height="15" alt="'._L('Share').'"> <a href="?goto='.htmlentities($static_node_id).'" id="static_link" class="gray_footer_font">'._L('Static link to this page').'</a>';
        echo '</p>';
}
echo '<br>';
 
echo '</div>';
 
echo '<div id="system_title_bar">';
 
echo '<div id="system_title_menu" onclick="mobileNavButtonClick(this)" onmouseenter="mobileNavButtonHover(this)" onmouseleave="mobileNavButtonHover(this)">';
echo '  <div id="bar1"></div>';
echo '  <div id="bar2"></div>';
echo '  <div id="bar3"></div>';
echo '</div>';
 
echo '<div id="system_title_text">';
echo '  <a '.OIDplus::gui()->link('oidplus:system').' id="system_title_a">';
echo '          <span id="system_title_logo"></span>';
echo '          <span id="system_title_1">'.htmlentities(OIDplus::getEditionInfo()['vendor'].' OIDplus 2.0').'</span><br>';
echo '          <span id="system_title_2">'.htmlentities(OIDplus::config()->getValue('system_title')).'</span>';
echo '  </a>';
echo '</div>';
 
echo '</div>';
 
echo OIDplus::gui()->getLanguageBox($static_node_id, true);
 
echo '<div id="gotobox">';
echo '<input type="text" name="goto" id="gotoedit" value="'.htmlentities($static_node_id).'">';
echo '<input type="button" value="'._L('Go').'" onclick="gotoButtonClicked()" id="gotobutton">';
echo '</div>';
 
echo '<div id="oidtree" class="borderbox">';
//echo '<noscript>';
//echo '<p><b>'._L('Please enable JavaScript to use all features').'</b></p>';
//echo '</noscript>';
OIDplus::menuUtils()->nonjs_menu();
echo '</div>';
 
echo '</div>';
 
echo "\n</body>\n";
echo "</html>\n";
 
$cont = ob_get_contents();
ob_end_clean();
 
OIDplus::invoke_shutdown();
 
$plugins = OIDplus::getPagePlugins();
foreach ($plugins as $plugin) {
        $plugin->htmlPostprocess($cont);
}
 
echo $cont;
 

Subversion Repositories oidplus

oidplus/trunk/index.php – Rev 866 → 946

Rev 866		Rev 946
1	<?php	1	<?php
2		2
3	/*	3	/*
4	* OIDplus 2.0	4	* OIDplus 2.0
5	* Copyright 2019 - 2022 Daniel Marschall, ViaThinkSoft	5	* Copyright 2019 - 2022 Daniel Marschall, ViaThinkSoft
6	*	6	*
7	* Licensed under the Apache License, Version 2.0 (the "License");	7	* Licensed under the Apache License, Version 2.0 (the "License");
8	* you may not use this file except in compliance with the License.	8	* you may not use this file except in compliance with the License.
9	* You may obtain a copy of the License at	9	* You may obtain a copy of the License at
10	*	10	*
11	* http://www.apache.org/licenses/LICENSE-2.0	11	* http://www.apache.org/licenses/LICENSE-2.0
12	*	12	*
13	* Unless required by applicable law or agreed to in writing, software	13	* Unless required by applicable law or agreed to in writing, software
14	* distributed under the License is distributed on an "AS IS" BASIS,	14	* distributed under the License is distributed on an "AS IS" BASIS,
15	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.	15	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16	* See the License for the specific language governing permissions and	16	* See the License for the specific language governing permissions and
17	* limitations under the License.	17	* limitations under the License.
18	*/	18	*/
19		19
20	header('Content-Type:text/html; charset=UTF-8');	20	header('Content-Type:text/html; charset=UTF-8');
21		21
22	require_once __DIR__ . '/includes/oidplus.inc.php';	22	require_once __DIR__ . '/includes/oidplus.inc.php';
23		23
24	set_exception_handler(array('OIDplusGui', 'html_exception_handler'));	24	set_exception_handler(array('OIDplusGui', 'html_exception_handler'));
25		25
26	ob_start(); // allow cookie headers to be sent	26	ob_start(); // allow cookie headers to be sent
27		27
28	OIDplus::init(true);	28	OIDplus::init(true);
29		29
30	$static_node_id = isset($_REQUEST['goto']) ? $_REQUEST['goto'] : 'oidplus:system';	30	$static_node_id = isset($_REQUEST['goto']) ? $_REQUEST['goto'] : 'oidplus:system';
31		31
-		32	if (isset($_REQUEST['h404'])) {
-		33	$handled = false;
-		34	$plugins = OIDplus::getPagePlugins();
-		35	foreach ($plugins as $plugin) {
-		36	if ($plugin->handle404($_REQUEST['h404'])) $handled = true;
-		37	}
-		38	if (!$handled) {
-		39	header('Location:'.OIDplus::webpath().'?goto='.urlencode('oidplus:err:'.$_REQUEST['h404']));
-		40	die();
-		41	}
-		42	}
-		43
32	$static_node_id = OIDplus::prefilterQuery($static_node_id, false);	44	$static_node_id = OIDplus::prefilterQuery($static_node_id, false);
33		45
34	$static = OIDplus::gui()->generateContentPage($static_node_id);	46	$static = OIDplus::gui()->generateContentPage($static_node_id);
35	$static_title = $static['title'];	47	$static_title = $static['title'];
36	$static_icon = $static['icon'];	48	$static_icon = $static['icon'];
37	$static_content = $static['text'];	49	$static_content = $static['text'];
38		50
39	if (!isset($_COOKIE['csrf_token'])) {	51	if (!isset($_COOKIE['csrf_token'])) {
40	// TODO: It is possible that you receive a "Missing or wrong CSRF Token" warning,	52	// TODO: It is possible that you receive a "Missing or wrong CSRF Token" warning,
41	// if you open a page that had a HTTPS cookie using HTTP.	53	// if you open a page that had a HTTPS cookie using HTTP.
42	// Chrome will then block "Set-Cookie" since the HTTP cookie would	54	// Chrome will then block "Set-Cookie" since the HTTP cookie would
43	// overwrite the HTTPS cookie.	55	// overwrite the HTTPS cookie.
44	// This is the main CSRF token used for AJAX.	56	// This is the main CSRF token used for AJAX.
45	$token = OIDplus::authUtils()->genCSRFToken();	57	$token = OIDplus::authUtils()->genCSRFToken();
46	OIDplus::cookieUtils()->setcookie('csrf_token', $token, 0, false);	58	OIDplus::cookieUtils()->setcookie('csrf_token', $token, 0, false);
47	unset($token);	59	unset($token);
48	}	60	}
49		61
50	if (!isset($_COOKIE['csrf_token_weak'])) {	62	if (!isset($_COOKIE['csrf_token_weak'])) {
51	// This CSRF token is created with SameSite=Lax and must be used	63	// This CSRF token is created with SameSite=Lax and must be used
52	// for OAuth 2.0 redirects or similar purposes.	64	// for OAuth 2.0 redirects or similar purposes.
53	$token = OIDplus::authUtils()->genCSRFToken();	65	$token = OIDplus::authUtils()->genCSRFToken();
54	OIDplus::cookieUtils()->setcookie('csrf_token_weak', $token, 0, false, 'Lax');	66	OIDplus::cookieUtils()->setcookie('csrf_token_weak', $token, 0, false, 'Lax');
55	unset($token);	67	unset($token);
56	}	68	}
57		69
58	OIDplus::handleLangArgument();	70	OIDplus::handleLangArgument();
59		71
60	function combine_systemtitle_and_pagetitle($systemtitle, $pagetitle) {	72	function combine_systemtitle_and_pagetitle($systemtitle, $pagetitle) {
61	// Please also change the function in oidplus_base.js	73	// Please also change the function in oidplus_base.js
62	if ($systemtitle == $pagetitle) {	74	if ($systemtitle == $pagetitle) {
63	return $systemtitle;	75	return $systemtitle;
64	} else {	76	} else {
65	return $pagetitle . ' - ' . $systemtitle;	77	return $pagetitle . ' - ' . $systemtitle;
66	}	78	}
67	}	79	}
68		80
69	// Get theme color (color of title bar)	81	// Get theme color (color of title bar)
70	$design_plugin = OIDplus::getActiveDesignPlugin();	82	$design_plugin = OIDplus::getActiveDesignPlugin();
71	$theme_color = is_null($design_plugin) ? '' : $design_plugin->getThemeColor();	83	$theme_color = is_null($design_plugin) ? '' : $design_plugin->getThemeColor();
72		84
73	$head_elems = array();	85	$head_elems = array();
74	$head_elems[] = '<meta http-equiv="Content-Type" content="text/html; charset=utf-8">';	86	$head_elems[] = '<meta http-equiv="Content-Type" content="text/html; charset=utf-8">';
75	$head_elems[] = '<meta name="OIDplus-SystemTitle" content="'.htmlentities(OIDplus::config()->getValue('system_title')).'">'; // Do not remove. This meta tag is acessed by oidplus_base.js	87	$head_elems[] = '<meta name="OIDplus-SystemTitle" content="'.htmlentities(OIDplus::config()->getValue('system_title')).'">'; // Do not remove. This meta tag is acessed by oidplus_base.js
76	if ($theme_color != '') $head_elems[] = '<meta name="theme-color" content="'.htmlentities($theme_color).'">';	88	if ($theme_color != '') $head_elems[] = '<meta name="theme-color" content="'.htmlentities($theme_color).'">';
77	$head_elems[] = '<meta name="viewport" content="width=device-width, initial-scale=1.0">';	89	$head_elems[] = '<meta name="viewport" content="width=device-width, initial-scale=1.0">';
78	$head_elems[] = '<title>'.htmlentities(combine_systemtitle_and_pagetitle(OIDplus::config()->getValue('system_title'), $static_title)).'</title>';	90	$head_elems[] = '<title>'.htmlentities(combine_systemtitle_and_pagetitle(OIDplus::config()->getValue('system_title'), $static_title)).'</title>';
79	$head_elems[] = '<script src="polyfill.min.js.php"></script>';	91	$head_elems[] = '<script src="polyfill.min.js.php"></script>';
80	$head_elems[] = OIDplus::getActiveCaptchaPlugin()->captchaDomHead();	92	$head_elems[] = OIDplus::getActiveCaptchaPlugin()->captchaDomHead();
81	$head_elems[] = '<script src="oidplus.min.js.php"></script>';	93	$head_elems[] = '<script src="oidplus.min.js.php"></script>';
82	$head_elems[] = '<link rel="stylesheet" href="oidplus.min.css.php">';	94	$head_elems[] = '<link rel="stylesheet" href="oidplus.min.css.php">';
83	$head_elems[] = '<link rel="shortcut icon" type="image/x-icon" href="favicon.ico.php">';	95	$head_elems[] = '<link rel="shortcut icon" type="image/x-icon" href="favicon.ico.php">';
84	$head_elems[] = '<link rel="canonical" href="'.htmlentities(OIDplus::canonicalURL()).'">';	96	$head_elems[] = '<link rel="canonical" href="'.htmlentities(OIDplus::canonicalURL()).'">';
85		97
86	$plugins = OIDplus::getPagePlugins();	98	$plugins = OIDplus::getPagePlugins();
87	foreach ($plugins as $plugin) {	99	foreach ($plugins as $plugin) {
88	$plugin->htmlHeaderUpdate($head_elems);	100	$plugin->htmlHeaderUpdate($head_elems);
89	}	101	}
90		102
91	// ---	103	// ---
92		104
93	echo "<!DOCTYPE html>\n";	105	echo "<!DOCTYPE html>\n";
94		106
95	echo "<html lang=\"".substr(OIDplus::getCurrentLang(),0,2)."\">\n";	107	echo "<html lang=\"".substr(OIDplus::getCurrentLang(),0,2)."\">\n";
96	echo "<head>\n";	108	echo "<head>\n";
97	echo "\t".implode("\n\t",$head_elems)."\n";	109	echo "\t".implode("\n\t",$head_elems)."\n";
98	echo "</head>\n";	110	echo "</head>\n";
99		111
100	echo "<body>\n";	112	echo "<body>\n";
101		113
102	echo '<div id="loading" style="display:none">Loading…</div>';	114	echo '<div id="loading" style="display:none">Loading…</div>';
103		115
104	echo '<div id="frames">';	116	echo '<div id="frames">';
105	echo '<div id="content_window" class="borderbox">';	117	echo '<div id="content_window" class="borderbox">';
106		118
107	echo '<h1 id="real_title">';	119	echo '<h1 id="real_title">';
108	if ($static_icon != '') echo '<img src="'.htmlentities($static_icon).'" width="48" height="48" alt=""> ';	120	if ($static_icon != '') echo '<img src="'.htmlentities($static_icon).'" width="48" height="48" alt=""> ';
109	echo htmlentities($static_title).'</h1>';	121	echo htmlentities($static_title).'</h1>';
110	echo '<div id="real_content">'.$static_content.'</div>';	122	echo '<div id="real_content">'.$static_content.'</div>';
111	if ((!isset($_SERVER['REQUEST_METHOD'])) \|\| ($_SERVER['REQUEST_METHOD'] == 'GET')) {	123	if ((!isset($_SERVER['REQUEST_METHOD'])) \|\| ($_SERVER['REQUEST_METHOD'] == 'GET')) {
112	echo '<br><p><img src="img/share.png" width="15" height="15" alt="'._L('Share').'"> <a href="?goto='.htmlentities($static_node_id).'" id="static_link" class="gray_footer_font">'._L('Static link to this page').'</a>';	124	echo '<br><p><img src="img/share.png" width="15" height="15" alt="'._L('Share').'"> <a href="?goto='.htmlentities($static_node_id).'" id="static_link" class="gray_footer_font">'._L('Static link to this page').'</a>';
113	echo '</p>';	125	echo '</p>';
114	}	126	}
115	echo '<br>';	127	echo '<br>';
116		128
117	echo '</div>';	129	echo '</div>';
118		130
119	echo '<div id="system_title_bar">';	131	echo '<div id="system_title_bar">';
120		132
121	echo '<div id="system_title_menu" onclick="mobileNavButtonClick(this)" onmouseenter="mobileNavButtonHover(this)" onmouseleave="mobileNavButtonHover(this)">';	133	echo '<div id="system_title_menu" onclick="mobileNavButtonClick(this)" onmouseenter="mobileNavButtonHover(this)" onmouseleave="mobileNavButtonHover(this)">';
122	echo ' <div id="bar1"></div>';	134	echo ' <div id="bar1"></div>';
123	echo ' <div id="bar2"></div>';	135	echo ' <div id="bar2"></div>';
124	echo ' <div id="bar3"></div>';	136	echo ' <div id="bar3"></div>';
125	echo '</div>';	137	echo '</div>';
126		138
127	echo '<div id="system_title_text">';	139	echo '<div id="system_title_text">';
128	echo ' <a '.OIDplus::gui()->link('oidplus:system').' id="system_title_a">';	140	echo ' <a '.OIDplus::gui()->link('oidplus:system').' id="system_title_a">';
129	echo ' <span id="system_title_logo"></span>';	141	echo ' <span id="system_title_logo"></span>';
130	echo ' <span id="system_title_1">'.htmlentities(OIDplus::getEditionInfo()['vendor'].' OIDplus 2.0').'</span><br>';	142	echo ' <span id="system_title_1">'.htmlentities(OIDplus::getEditionInfo()['vendor'].' OIDplus 2.0').'</span><br>';
131	echo ' <span id="system_title_2">'.htmlentities(OIDplus::config()->getValue('system_title')).'</span>';	143	echo ' <span id="system_title_2">'.htmlentities(OIDplus::config()->getValue('system_title')).'</span>';
132	echo ' </a>';	144	echo ' </a>';
133	echo '</div>';	145	echo '</div>';
134		146
135	echo '</div>';	147	echo '</div>';
136		148
137	echo OIDplus::gui()->getLanguageBox($static_node_id, true);	149	echo OIDplus::gui()->getLanguageBox($static_node_id, true);
138		150
139	echo '<div id="gotobox">';	151	echo '<div id="gotobox">';
140	echo '<input type="text" name="goto" id="gotoedit" value="'.htmlentities($static_node_id).'">';	152	echo '<input type="text" name="goto" id="gotoedit" value="'.htmlentities($static_node_id).'">';
141	echo '<input type="button" value="'._L('Go').'" onclick="gotoButtonClicked()" id="gotobutton">';	153	echo '<input type="button" value="'._L('Go').'" onclick="gotoButtonClicked()" id="gotobutton">';
142	echo '</div>';	154	echo '</div>';
143		155
144	echo '<div id="oidtree" class="borderbox">';	156	echo '<div id="oidtree" class="borderbox">';
145	//echo '<noscript>';	157	//echo '<noscript>';
146	//echo '<p><b>'._L('Please enable JavaScript to use all features').'</b></p>';	158	//echo '<p><b>'._L('Please enable JavaScript to use all features').'</b></p>';
147	//echo '</noscript>';	159	//echo '</noscript>';
148	OIDplus::menuUtils()->nonjs_menu();	160	OIDplus::menuUtils()->nonjs_menu();
149	echo '</div>';	161	echo '</div>';
150		162
151	echo '</div>';	163	echo '</div>';
152		164
153	echo "\n</body>\n";	165	echo "\n</body>\n";
154	echo "</html>\n";	166	echo "</html>\n";
155		167
156	$cont = ob_get_contents();	168	$cont = ob_get_contents();
157	ob_end_clean();	169	ob_end_clean();
158		170
159	OIDplus::invoke_shutdown();	171	OIDplus::invoke_shutdown();
160		172
161	$plugins = OIDplus::getPagePlugins();	173	$plugins = OIDplus::getPagePlugins();
162	foreach ($plugins as $plugin) {	174	foreach ($plugins as $plugin) {
163	$plugin->htmlPostprocess($cont);	175	$plugin->htmlPostprocess($cont);
164	}	176	}
165		177
166	echo $cont;	178	echo $cont;
167		179