X-Git-Url: http://git.shiar.nl/minimedit.git/blobdiff_plain/6a69016b8fcb74f31c133425812fa885968261ec..cd02b996a05cf2996b3974d9ba942f714e9666e3:/page.php

diff --git a/page.php b/page.php
index dc7f012..20f8244 100644
--- a/page.php
+++ b/page.php
@@ -16,12 +16,14 @@ function getoutput($blocks = [])
 
 # custom error handling
 
+define('DOCROOT', getcwd().'/');
+
 function fail($error)
 {
 	http_response_code(500);
 	include_once 'page.inc.php';
 	ob_start();
-	require_once './500.html';
+	require_once DOCROOT.'500.html';
 	print getoutput(['debug' => $error]);
 }
 
@@ -54,18 +56,18 @@ $Edit = isset($_GET['edit']);
 # distinguish subpage Args from topmost Page script
 
 $Args = '';
-$Page = preg_replace('/\?.*/', '', $_SERVER['REQUEST_URI']);
+$Page = preg_replace('/\?.*/', '', @$_SERVER['PATH_INFO'] ?: $_SERVER['REQUEST_URI']);
 $Page = urldecode(trim($Page, '/')) ?: 'index';
 while (TRUE) {
 	if (file_exists("$Page/.private")) {
 		# access restriction
-		if (!isset($User)) {
-			http_response_code(403);
-			include_once 'page.inc.php';
-			ob_start();
-			@require_once './403.html';
+		if (empty($User)) {
+			http_response_code(303);
+			$target = urlencode($_SERVER['REQUEST_URI']);
+			header("Location: /login?goto=$target");
 			exit;
 		}
+		$PageAccess = $Page;
 	}
 
 	if (file_exists("$Page.php")) {
@@ -93,7 +95,7 @@ if (file_exists("$Page$Args/index.html")) {
 elseif (file_exists("$Page$Args.html")) {
 	$found = include "./$Page$Args.html";
 }
-elseif (isset($User) and $User['admin']) {
+elseif (!empty($User['admin'])) {
 	$found = include (file_exists("$Page/template.html") ? "$Page/template.html" : './template.html');
 }
 
@@ -102,7 +104,7 @@ print "</div>\n\n";
 # execute dynamic code
 
 if ($Page) {
-	$found |= @require "./$Page.php";
+	$found |= require "./$Page.php";
 }
 
 # global html