page.php

   1 <?php
   2 error_reporting(E_ALL);
   3 ini_set('display_errors', TRUE);
   4
   5 function abort($body, $status = NULL) {
   6         if ($status) header("HTTP/1.1 $status");
   7         print "$body\n";
   8         exit;
   9 }
  10
  11 function getoutput($blocks = [])
  12 {
  13         $doc = ob_get_clean();
  14
  15         if (!empty($blocks['warn'])) {
  16                 $warn = '<p class="warn">[[warn]]</p>';
  17                 if ($offset = strpos($doc, '</h2>')) {
  18                         $doc = substr_replace($doc, "\n\n".$warn, $offset + 5, 0);
  19                 }
  20                 else {
  21                         $doc = $warn . "\n\n" . $doc;
  22                 }
  23         }
  24
  25         return preg_replace_callback(
  26                 '< \[\[ ([^] ]+) ([^]]*) \]\] >x',
  27                 function ($sub) use ($blocks) {
  28                         list ($placeholder, $name, $params) = $sub;
  29                         if (isset($blocks[$name])) {
  30                                 $html = $blocks[$name];
  31                         }
  32                         elseif (file_exists("$name.php")) {
  33                                 ob_start();
  34                                 $Page = $GLOBALS['Page'];
  35                                 $Args = $GLOBALS['Args'];
  36                                 foreach (explode(' ', $params) as $param) {
  37                                         if ($set = strpos($param, '=')) {
  38                                                 $_GET[ substr($param, 0, $set) ] = substr($param, $set + 1);
  39                                         }
  40                                         elseif (!empty($param)) {
  41                                                 $Args .= '/'.$param;
  42                                         }
  43                                 }
  44                                 include "$name.php";
  45                                 $html = ob_get_clean();
  46                         }
  47                         else {
  48                                 $html = '<strong class="warn"><em>'.$name.'</em> ontbreekt</strong>';
  49                         }
  50                         return sprintf('<!--BLOCK:%s-->%s<!--/-->',
  51                                 is_numeric($name) ? '' : $placeholder, # edit replacement
  52                                 preg_replace('{<!--[^-]*-->}', '', $html) # contents
  53                         );
  54                 },
  55                 $doc
  56         );
  57 }
  58
  59 # custom error handling
  60
  61 define('DOCROOT', getcwd().'/');
  62
  63 function fail($error)
  64 {
  65         http_response_code(500);
  66         include_once 'page.inc.php';
  67         ob_start();
  68         require_once DOCROOT.'500.html';
  69         print getoutput(['debug' => $error]);
  70 }
  71
  72 set_exception_handler('fail');
  73
  74 define('E_FATAL', E_ERROR | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR);
  75
  76 set_error_handler(function ($level, $error, $file, $line) {
  77         if ($level & E_FATAL) {
  78                 fail($error);
  79                 return;
  80         }
  81         return FALSE;
  82 });
  83
  84 register_shutdown_function(function () {
  85         # display failure page for fatal exceptions
  86         $error = error_get_last();
  87         if (!($error['type'] & E_FATAL)) return;
  88         fail("Fatal: $error[message] in $error[file]:$error[line]");
  89 });
  90
  91 error_reporting(error_reporting() & ~E_FATAL);
  92
  93 # user login and control
  94
  95 include_once 'auth.inc.php';
  96 $Edit = isset($_GET['edit']);
  97
  98 # distinguish subpage Args from topmost Page script
  99
 100 $Args = '';
 101 $Page = preg_replace('/\?.*/', '', @$_SERVER['PATH_INFO'] ?: $_SERVER['REQUEST_URI']);
 102 $Page = urldecode(trim($Page, '/')) ?: 'index';
 103 while (TRUE) {
 104         if (file_exists("$Page/.private")) {
 105                 # access restriction
 106                 if (empty($User)) {
 107                         http_response_code(303);
 108                         $target = urlencode($_SERVER['REQUEST_URI']);
 109                         header("Location: /login?goto=$target");
 110                         exit;
 111                 }
 112                 $PageAccess = $Page;
 113         }
 114
 115         if (file_exists("$Page/index.php")) {
 116                 break;
 117         }
 118
 119         $up = strrpos($Page, '/');
 120         $Args = substr($Page, $up) . $Args;
 121         $Page = substr($Page, 0, $up);
 122         if ($up === FALSE) {
 123                 break;
 124         }
 125 }
 126
 127 # load static contents
 128
 129 ob_start(); # page body
 130 ob_start(); # inner html
 131 print '<div class="static">'."\n\n";
 132
 133 $found = FALSE;
 134 if (file_exists("$Page$Args.html")) {
 135         $found = include "./$Page$Args.html";
 136 }
 137 elseif (file_exists("$Page$Args/index.html")) {
 138         $found = include "./$Page$Args/index.html";
 139 }
 140 elseif (!empty($User['admin'])) {
 141         $found = include (file_exists("$Page/template.html") ? "$Page/template.html" : './template.html');
 142 }
 143
 144 print "</div>\n\n";
 145
 146 # execute dynamic code
 147
 148 $Place = [
 149         'user'  => $User['name'],
 150         'url'   => htmlspecialchars($_SERVER['REQUEST_URI']),
 151 ];
 152
 153 if ($Page) {
 154         $found |= require "./$Page/index.php";
 155 }
 156
 157 # global html
 158
 159 if (!$found) {
 160         # no resulting output
 161         http_response_code(404);
 162         @require "./404.html";
 163 }
 164
 165 include_once 'page.inc.php';
 166