X-Git-Url: http://git.shiar.nl/minimedit.git/blobdiff_plain/6413bd827c1245654f5cef0198ba5bb69a5f3863..1b6e24cdaae9bf6bf6a990fe9227cb50f5d29d92:/page.php diff --git a/page.php b/page.php index d2532a5..12e0690 100644 --- a/page.php +++ b/page.php @@ -83,6 +83,7 @@ set_include_path(implode(PATH_SEPARATOR, [ DOCROOT, __DIR__ ])); function fail($error) { + global $User, $Page, $Args; http_response_code(500); if (!isset($Article)) { $Article = new ArchiveArticle(NULL); @@ -91,7 +92,7 @@ function fail($error) include_once 'page.inc.php'; ob_start(); require '500.inc.html'; - print getoutput(['debug' => $error]); + print getoutput(['debug' => htmlspecialchars($error)]); } set_exception_handler('fail'); @@ -121,38 +122,14 @@ $User = NULL; include_once 'auth.inc.php'; $Edit = isset($_GET['edit']); -# distinguish subpage Args from topmost Page script +# setup requested page $Args = ''; $Page = preg_replace('/\?.*/', '', @$_SERVER['PATH_INFO'] ?: $_SERVER['REQUEST_URI']); $Page = urldecode(trim($Page, '/')) ?: 'index'; -while (TRUE) { - if (file_exists("$Page/.private")) { - # access restriction - if (empty($User)) { - http_response_code(303); - $target = urlencode($_SERVER['REQUEST_URI']); - header("Location: /login?goto=$target"); - exit; - } - $PageAccess = $Page; - } - - if (file_exists("$Page/index.php")) { - break; - } - - $up = strrpos($Page, '/'); - $Args = substr($Page, $up) . $Args; - $Page = substr($Page, 0, $up); - if ($up === FALSE) { - break; - } -} -$staticpage = NULL; -if (file_exists("$Page$Args.html")) { - $staticpage = "$Page$Args.html"; +$staticpage = "$Page.html"; +if (file_exists($staticpage)) { if (is_link($staticpage)) { $target = preg_replace('/\.html$/', '', readlink($staticpage)); header("HTTP/1.1 302 Shorthand"); @@ -160,18 +137,28 @@ if (file_exists("$Page$Args.html")) { exit; } } -elseif (file_exists("$Page$Args/index.html")) { - $staticpage = "$Page$Args/index.html"; -} -elseif ($User and $User->admin("edit $Page$Args")) { - $staticpage = (file_exists("$Page/template.inc.html") ? "$Page/template.inc.html" : 'template.inc.html'); +elseif (file_exists("$Page/index.html")) { + $staticpage = "$Page/index.html"; } -# prepare page contents - require_once('article.inc.php'); $Article = new ArchiveArticle($staticpage); +$Page = $Article->handler; +$Args = $Article->path; + +if ($PageAccess = $Article->restricted) { + # access restriction + if (empty($User)) { + http_response_code(303); + $target = urlencode($Article->link); + header("Location: /login?goto=$target"); + exit; + } +} + +# prepare page contents + ob_start(); # page body $Place = [ 'user' => $User ? $User->login : '', @@ -188,6 +175,11 @@ if (isset($Article->raw)) { ) . $Article->raw; } } +} +elseif ($User and $User->admin("edit {$Article->link}")) { + $Article->raw(file_exists("$Page/template.inc.html") ? "$Page/template.inc.html" : 'template.inc.html'); +} +if (isset($Article->raw)) { $Article->raw = '
'."\n\n".$Article->raw."
\n\n"; }