[[warn]]

'; if ($offset = strpos($doc, '')) { $doc = substr_replace($doc, "\n\n".$warn, $offset + 5, 0); } else { $doc = $warn . "\n\n" . $doc; } } # keep either login or logout parts depending on user level global $User; $hideclass = $User && property_exists($User, 'login') && $User->login ? 'logout' : 'login'; $doc = preg_replace('{\s*<([a-z]+) class="'.$hideclass.'">.*?}s', '', $doc); return preg_replace_callback( '{ \[\[ ([^] ]+) ([^]]*) \]\] }x', function ($sub) use ($blocks) { list ($placeholder, $name, $params) = $sub; $html = $blocks[$name] ?? placeholder_include($name, explode(' ', $params)); if (empty($html) or $html[0] != '<') { $html = "$html"; } $attr = sprintf(' data-dyn="%s"', is_numeric($name) ? '' : $name.$params); # contents with identifier in first tag return preg_replace( '/(?=>)/', $attr, $html, 1); }, $doc ); } # custom error handling define('DOCROOT', getcwd()); set_include_path(implode(PATH_SEPARATOR, [ DOCROOT, __DIR__ ])); function fail($error) { global $User, $Page; http_response_code(500); if (!isset($Page)) { require_once('article.inc.php'); $Page = new ArchiveArticle(NULL); $Page->title = 'Fout'; } include_once 'page.inc.php'; ob_start(); require '500.inc.html'; print getoutput(['debug' => htmlspecialchars($error)]); } set_exception_handler('fail'); define('E_FATAL', E_ERROR | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR); set_error_handler(function ($level, $error, $file, $line) { if ($level & E_FATAL) { fail($error); return; } return FALSE; }); register_shutdown_function(function () { # display failure page for fatal exceptions $error = error_get_last(); if (!($error['type'] & E_FATAL)) return; fail("Fatal: $error[message] in $error[file]:$error[line]"); }); error_reporting(error_reporting() & ~E_FATAL); # user login and control include_once 'auth.inc.php'; // sets global $User $Edit = isset($_GET['edit']); # setup requested page $request = preg_replace('/\?.*/', '', @$_SERVER['PATH_INFO'] ?: $_SERVER['REQUEST_URI']); $request = urldecode(trim($request, '/')) ?: 'index'; $staticpage = "$request.html"; if (file_exists($staticpage)) { if (is_link($staticpage)) { $target = preg_replace('/\.html$/', '', readlink($staticpage)); header("HTTP/1.1 302 Shorthand"); header("Location: $target"); exit; } } elseif (file_exists("$request/index.html")) { $staticpage = "$request/index.html"; } require_once('article.inc.php'); $Page = new ArchiveArticle($staticpage); if ($Page->restricted) { # access restriction if (!$User->login) { http_response_code(303); $target = urlencode($Page->link); header("Location: /login?goto=$target"); exit; } } # prepare page contents header(sprintf('Content-Security-Policy: %s', implode('; ', [ "default-src 'self' 'unsafe-inline' http://cdn.ckeditor.com", # some overrides remain "img-src 'self' data: http://cdn.ckeditor.com", # inline svg (in css) "base-uri 'self'", # only local pages "frame-ancestors 'none'", # prevent malicious embedding ]))); ob_start(); # page body $Place = [ 'user' => $User->login ?: '', 'url' => htmlspecialchars($_SERVER['REQUEST_URI']), ]; if (!isset($Page->raw) and $User->admin("edit {$Page->link}")) { # open bottom template as initial contents $template = 'template.inc.html'; if ($Page->handler and file_exists("{$Page->handler}/$template")) { $template = "{$Page->handler}/$template"; } $Page->raw($template); $Page->meta['article:published_time'] = date('Y-m-d h:i:s O'); $Page->meta['article:author'] = '/' . $User->dir; } if (isset($Page->raw)) { if ($User->admin("edit {$Page->link}")) { # restore meta tags in static contents for editing foreach (array_reverse($Page->meta) as $metaprop => $val) { $Page->raw = sprintf( ''."\n", $metaprop, $val ) . $Page->raw; } } $Page->raw = '

'."\n\n".$Page->raw."

\n\n"; } # output dynamic and/or static html if (!$Page->handler or require("./{$Page->handler}/index.php")) { # static contents if (isset($Page->raw)) { print $Page->raw; } else { # no resulting output http_response_code(404); @require '404.inc.html'; } } include_once 'page.inc.php';