Subversion Repositories oidplus

Rev

Rev 488 | Rev 526 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed

  1. <?php
  2.  
  3. /*
  4.  * OIDplus 2.0
  5.  * Copyright 2019 - 2021 Daniel Marschall, ViaThinkSoft
  6.  *
  7.  * Licensed under the Apache License, Version 2.0 (the "License");
  8.  * you may not use this file except in compliance with the License.
  9.  * You may obtain a copy of the License at
  10.  *
  11.  *     http://www.apache.org/licenses/LICENSE-2.0
  12.  *
  13.  * Unless required by applicable law or agreed to in writing, software
  14.  * distributed under the License is distributed on an "AS IS" BASIS,
  15.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16.  * See the License for the specific language governing permissions and
  17.  * limitations under the License.
  18.  */
  19.  
  20. // Before we do ANYTHING, check for dependencies! Do not include anything (except the GMP supplement) yet.
  21.  
  22. define('INSIDE_OIDPLUS', true);
  23.  
  24. require_once __DIR__ . '/functions.inc.php'; // Required for _L()
  25.  
  26. if (version_compare(PHP_VERSION, '7.0.0') < 0) {
  27.         // Reasons why we currently require PHP 7.0:
  28.         // - Return values (e.g. "function foo(): array") (added 2020-04-06 at the database classes)
  29.         //   Note: By removing these return values (e.g. removing ": array"), you *might* be
  30.         //   able to run OIDplus with PHP lower than version 7.0 (not tested)
  31.         //
  32.         // Currently we do NOT require 7.1, because some (old-)stable distros are still using PHP 7.0
  33.         // (e.g. Debian 9 which has LTS support till May 2022).
  34.         // Therefore we commented out following features which would require PHP 7.1:
  35.         // - Nullable return values (e.g. "function foo(): ?array")
  36.         // - void return value (e.g. "function foo(): void")
  37.         // - private/protected/public consts
  38.         echo '<!DOCTYPE HTML>';
  39.         echo '<html><head><title>'._L('OIDplus error').'</title></head><body>';
  40.         echo '<h1>'._L('OIDplus error').'</h1>';
  41.         echo '<p>'._L('OIDplus requires at least PHP version %1! You are currently using version %2','7.0',PHP_VERSION).'</p>'."\n";
  42.         echo '</body></html>';
  43.         die();
  44. }
  45.  
  46. include_once __DIR__ . '/gmp_supplement.inc.php';
  47. include_once __DIR__ . '/mbstring_supplement.inc.php';
  48. include_once __DIR__ . '/simplexml_supplement.inc.php';
  49.  
  50. require_once __DIR__ . '/oidplus_dependency.inc.php';
  51.  
  52. $missing_dependencies = oidplus_get_missing_dependencies();
  53.  
  54. if (count($missing_dependencies) >= 1) {
  55.         echo '<!DOCTYPE HTML>';
  56.         echo '<html><head><title>'._L('OIDplus error').'</title></head><body>';
  57.         echo '<h1>'._L('OIDplus error').'</h1>';
  58.         echo '<p>'._L('The following PHP extensions need to be installed in order to run OIDplus:').'</p>';
  59.         echo '<ul>';
  60.         foreach ($missing_dependencies as $dependency) {
  61.                 echo '<li>'.$dependency.'<br><br></li>';
  62.         }
  63.         echo '</ul>';
  64.         echo '</body></html>';
  65.         die();
  66. }
  67.  
  68. unset($missing_dependencies);
  69.  
  70. // Now we can continue!
  71.  
  72. if (PHP_SAPI != 'cli') {
  73.         // TODO: Plugins should be able to extend CSP
  74.         header('X-Content-Type-Options: nosniff');
  75.         header('X-XSS-Protection: 1; mode=block');
  76.         header("Content-Security-Policy: default-src 'self' blob: https://fonts.gstatic.com https://www.google.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/; ".
  77.                "style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com/; ".
  78.                "img-src blob: data: http: https:; ".
  79.                "script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.google.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://polyfill.io/; ".
  80.                "frame-ancestors 'none'; ".
  81.                "object-src 'none'");
  82.         header('X-Frame-Options: SAMEORIGIN');
  83.         header('Referrer-Policy: no-referrer-when-downgrade');
  84. }
  85.  
  86. require_once __DIR__ . '/../3p/0xbb/Sha3.php';
  87.  
  88. require_once __DIR__ . '/oid_utils.inc.php';
  89. require_once __DIR__ . '/uuid_utils.inc.php';
  90. require_once __DIR__ . '/color_utils.inc.php';
  91. require_once __DIR__ . '/ipv4_functions.inc.php';
  92. require_once __DIR__ . '/ipv6_functions.inc.php';
  93. require_once __DIR__ . '/anti_xss.inc.php';
  94.  
  95. if (PHP_SAPI != 'cli') {
  96.         include_once __DIR__ . '/../3p/vts_vnag/vnag_framework.inc.php';
  97. }
  98.  
  99. include_once __DIR__ . '/../3p/vts_fileformats/VtsFileTypeDetect.class.php';
  100.  
  101. // ---
  102.  
  103. spl_autoload_register(function ($class_name) {
  104.         static $class_refs = null;
  105.  
  106.         if (is_null($class_refs)) {
  107.                 $class_refs = array();
  108.  
  109.                 $class_files = array_merge(
  110.                         glob(__DIR__ . '/classes/'.'*'.'.class.php'),
  111.                         glob(__DIR__ . '/../plugins/'.'*'.'/'.'*'.'/'.'*'.'.class.php')
  112.                 );
  113.                 foreach ($class_files as $filename) {
  114.                         $cn = basename($filename, '.class.php');
  115.                         if (!isset($class_refs[$cn])) {
  116.                                 $class_refs[$cn] = $filename;
  117.                         }
  118.                 }
  119.         }
  120.  
  121.         if (isset($class_refs[$class_name])) {
  122.                 require_once $class_refs[$class_name];
  123.         }
  124. });
  125.