Subversion Repositories oidplus

Rev

Rev 1066 | Rev 1184 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed

  1. <?php
  2.  
  3. /*
  4.  * OIDplus 2.0
  5.  * Copyright 2019 - 2022 Daniel Marschall, ViaThinkSoft
  6.  *
  7.  * Licensed under the Apache License, Version 2.0 (the "License");
  8.  * you may not use this file except in compliance with the License.
  9.  * You may obtain a copy of the License at
  10.  *
  11.  *     http://www.apache.org/licenses/LICENSE-2.0
  12.  *
  13.  * Unless required by applicable law or agreed to in writing, software
  14.  * distributed under the License is distributed on an "AS IS" BASIS,
  15.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16.  * See the License for the specific language governing permissions and
  17.  * limitations under the License.
  18.  */
  19.  
  20. use ViaThinkSoft\OIDplus\OIDplus;
  21. use ViaThinkSoft\OIDplus\OIDplusGui;
  22.  
  23. header('Content-Type:text/html; charset=UTF-8');
  24.  
  25. require_once __DIR__ . '/includes/oidplus.inc.php';
  26.  
  27. set_exception_handler(array(OIDplusGui::class, 'html_exception_handler'));
  28.  
  29. ob_start(); // allow cookie headers to be sent
  30.  
  31. OIDplus::init(true);
  32.  
  33. $static_node_id = isset($_REQUEST['goto']) ? $_REQUEST['goto'] : 'oidplus:system';
  34.  
  35. if (isset($_REQUEST['h404'])) {
  36.         $handled = false;
  37.         $plugins = OIDplus::getAllPlugins();
  38.         foreach ($plugins as $plugin) {
  39.                 if ($plugin->handle404($_REQUEST['h404'])) $handled = true;
  40.         }
  41.         if (!$handled) {
  42.                 header('Location:'.OIDplus::webpath().'?goto='.urlencode('oidplus:err:'.$_REQUEST['h404']));
  43.                 die();
  44.         }
  45. }
  46.  
  47. $static_node_id = OIDplus::prefilterQuery($static_node_id, false);
  48.  
  49. $static = OIDplus::gui()->generateContentPage($static_node_id);
  50. $page_title_2 = $static['title'];
  51. $static_icon = $static['icon'];
  52. $static_content = $static['text'];
  53.  
  54. if (!isset($_COOKIE['csrf_token'])) {
  55.         // This is the main CSRF token used for AJAX.
  56.         $token = OIDplus::authUtils()->genCSRFToken();
  57.         OIDplus::cookieUtils()->setcookie('csrf_token', $token, 0, false);
  58.         unset($token);
  59. }
  60.  
  61. if (!isset($_COOKIE['csrf_token_weak'])) {
  62.         // This CSRF token is created with SameSite=Lax and must be used
  63.         // for OAuth 2.0 redirects or similar purposes.
  64.         $token = OIDplus::authUtils()->genCSRFToken();
  65.         OIDplus::cookieUtils()->setcookie('csrf_token_weak', $token, 0, false, 'Lax');
  66.         unset($token);
  67. }
  68.  
  69. OIDplus::handleLangArgument();
  70.  
  71. $page_title_1 = OIDplus::gui()->combine_systemtitle_and_pagetitle(OIDplus::config()->getValue('system_title'), $page_title_2);
  72.  
  73. $cont = OIDplus::gui()->showMainPage($page_title_1, $page_title_2, $static_icon, $static_content, $extra_head_tags=array(), $static_node_id='');
  74.  
  75. OIDplus::invoke_shutdown();
  76.  
  77. echo $cont;
  78.