Subversion Repositories oidplus

Rev

Rev 698 | Rev 778 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed

  1. <?php
  2.  
  3. /*
  4.  * OIDplus 2.0
  5.  * Copyright 2019 - 2021 Daniel Marschall, ViaThinkSoft
  6.  *
  7.  * Licensed under the Apache License, Version 2.0 (the "License");
  8.  * you may not use this file except in compliance with the License.
  9.  * You may obtain a copy of the License at
  10.  *
  11.  *     http://www.apache.org/licenses/LICENSE-2.0
  12.  *
  13.  * Unless required by applicable law or agreed to in writing, software
  14.  * distributed under the License is distributed on an "AS IS" BASIS,
  15.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16.  * See the License for the specific language governing permissions and
  17.  * limitations under the License.
  18.  */
  19.  
  20. // Before we do ANYTHING, check for dependencies! Do not include anything (except the GMP supplement) yet.
  21.  
  22. define('INSIDE_OIDPLUS', true);
  23.  
  24. require_once __DIR__ . '/functions.inc.php'; // Required for _L()
  25.  
  26. if (version_compare(PHP_VERSION, '7.0.0') < 0) {
  27.         // More information about the required PHP version:
  28.         // doc/developer_notes/php7_compat
  29.         echo '<!DOCTYPE HTML>';
  30.         echo '<html><head><title>'._L('OIDplus error').'</title></head><body>';
  31.         echo '<h1>'._L('OIDplus error').'</h1>';
  32.         echo '<p>'._L('OIDplus requires at least PHP version %1! You are currently using version %2','7.0',PHP_VERSION).'</p>'."\n";
  33.         echo '</body></html>';
  34.         die();
  35. }
  36.  
  37. require_once __DIR__ . '/../vendor/autoload.php';
  38.  
  39. include_once __DIR__ . '/../vendor/danielmarschall/php_utils/gmp_supplement.inc.php';
  40. include_once __DIR__ . '/../vendor/symfony/polyfill-mbstring/bootstrap.php';
  41. include_once __DIR__ . '/../vendor/danielmarschall/php_utils/simplexml_supplement.inc.php';
  42.  
  43. require_once __DIR__ . '/oidplus_dependency.inc.php';
  44.  
  45. $missing_dependencies = oidplus_get_missing_dependencies();
  46.  
  47. if (count($missing_dependencies) >= 1) {
  48.         echo '<!DOCTYPE HTML>';
  49.         echo '<html><head><title>'._L('OIDplus error').'</title></head><body>';
  50.         echo '<h1>'._L('OIDplus error').'</h1>';
  51.         echo '<p>'._L('The following PHP extensions need to be installed in order to run OIDplus:').'</p>';
  52.         echo '<ul>';
  53.         foreach ($missing_dependencies as $dependency) {
  54.                 echo '<li>'.$dependency.'<br><br></li>';
  55.         }
  56.         echo '</ul>';
  57.         echo '</body></html>';
  58.         die();
  59. }
  60.  
  61. unset($missing_dependencies);
  62.  
  63. // Now we can continue!
  64.  
  65. if (PHP_SAPI != 'cli') {
  66.         // TODO: Plugins should be able to extend CSP
  67.         header('X-Content-Type-Options: nosniff');
  68.         header('X-XSS-Protection: 1; mode=block');
  69.         header("Content-Security-Policy: default-src 'self' blob: https://fonts.gstatic.com https://www.google.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/; ".
  70.                "style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com/; ".
  71.                "img-src blob: data: http: https:; ".
  72.                "script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.google.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://polyfill.io/; ".
  73.                "frame-ancestors 'none'; ".
  74.                "object-src 'none'");
  75.         header('X-Frame-Options: SAMEORIGIN');
  76.         header('Referrer-Policy: no-referrer-when-downgrade');
  77.         header('Cache-control: no-cache');
  78.         header('Cache-control: no-store');
  79.         header('Pragma: no-cache');
  80.         header('Expires: 0');
  81. }
  82.  
  83. require_once __DIR__ . '/../vendor/danielmarschall/php_utils/oid_utils.inc.php';
  84. require_once __DIR__ . '/../vendor/danielmarschall/php_utils/xml_utils.inc.php';
  85. require_once __DIR__ . '/../vendor/danielmarschall/uuid_mac_utils/includes/uuid_utils.inc.php';
  86. require_once __DIR__ . '/../vendor/danielmarschall/php_utils/color_utils.inc.php';
  87. require_once __DIR__ . '/../vendor/danielmarschall/php_utils/ipv4_functions.inc.php';
  88. require_once __DIR__ . '/../vendor/danielmarschall/php_utils/ipv6_functions.inc.php';
  89. require_once __DIR__ . '/../vendor/danielmarschall/php_utils/anti_xss.inc.php';
  90. include_once __DIR__ . '/../vendor/danielmarschall/php_utils/git_utils.inc.php';
  91. include_once __DIR__ . '/../vendor/danielmarschall/php_utils/svn_utils.inc.php';
  92.  
  93. // ---
  94.  
  95. spl_autoload_register(function ($class_name) {
  96.         static $class_refs = null;
  97.  
  98.         if (is_null($class_refs)) {
  99.                 $valid_plugin_folders = array(
  100.                         'adminPages',
  101.                         'auth',
  102.                         'database',
  103.                         'design',
  104.                         'language',
  105.                         'logger',
  106.                         'objectTypes',
  107.                         'publicPages',
  108.                         'raPages',
  109.                         'sqlSlang',
  110.                         'captcha'
  111.                 );
  112.  
  113.                 $func = function(&$class_refs, $class_files, $namespace='') {
  114.                         foreach ($class_files as $filename) {
  115.                                 $cn = strtolower(basename($filename));
  116.                                 $cn = preg_replace('@(\\.class){0,1}\\.php$@', '', $cn);
  117.                                 if (!empty($namespace)) {
  118.                                         if (substr($namespace,-1,1) !== '\\') $namespace .= '\\';
  119.                                         $cn = strtolower($namespace) . $cn;
  120.                                 }
  121.                                 if (!isset($class_refs[$cn])) {
  122.                                         $class_refs[$cn] = $filename;
  123.                                 }
  124.                         }
  125.                 };
  126.  
  127.                 $class_files = array();
  128.  
  129.                 // Global namespace / OIDplus
  130.                 // (the last has the highest priority)
  131.                 foreach ($valid_plugin_folders as $folder) {
  132.                         $class_files = array_merge($class_files, glob(__DIR__ . '/../plugins/'.'*'.'/'.$folder.'/'.'*'.'/'.'*'.'.class.php'));
  133.                 }
  134.                 $class_files = array_merge($class_files, glob(__DIR__ . '/classes/'.'*'.'.class.php'));
  135.                 $class_files = array_merge($class_files, glob(__DIR__ . '/../vendor/danielmarschall/fileformats/'.'*'.'.class.php'));
  136.                 $class_files = array_merge($class_files, glob(__DIR__ . '/../vendor/danielmarschall/php_utils/'.'*'.'.class.php'));
  137.                 $func($class_refs, $class_files);
  138.         }
  139.  
  140.         $class_name = strtolower($class_name);
  141.         if (isset($class_refs[$class_name])) {
  142.                 require $class_refs[$class_name];
  143.                 unset($class_refs[$class_name]); // this emulates a "require_once" and is faster
  144.         }
  145. });
  146.