X-Git-Url: http://git.shiar.nl/minimedit.git/blobdiff_plain/7aa95dc7de12b20d7a2ae76eb6589947313b08ed..ed38c6a76767a893a319f7bfd9229b0dad6b08db:/page.php diff --git a/page.php b/page.php index 4bea9c6..f4d6057 100644 --- a/page.php +++ b/page.php @@ -83,6 +83,7 @@ set_include_path(implode(PATH_SEPARATOR, [ DOCROOT, __DIR__ ])); function fail($error) { + global $User, $Page, $Args; http_response_code(500); if (!isset($Article)) { $Article = new ArchiveArticle(NULL); @@ -90,8 +91,8 @@ function fail($error) } include_once 'page.inc.php'; ob_start(); - require_once '500.inc.html'; - print getoutput(['debug' => $error]); + require '500.inc.html'; + print getoutput(['debug' => htmlspecialchars($error)]); } set_exception_handler('fail'); @@ -121,38 +122,14 @@ $User = NULL; include_once 'auth.inc.php'; $Edit = isset($_GET['edit']); -# distinguish subpage Args from topmost Page script +# setup requested page $Args = ''; $Page = preg_replace('/\?.*/', '', @$_SERVER['PATH_INFO'] ?: $_SERVER['REQUEST_URI']); $Page = urldecode(trim($Page, '/')) ?: 'index'; -while (TRUE) { - if (file_exists("$Page/.private")) { - # access restriction - if (empty($User)) { - http_response_code(303); - $target = urlencode($_SERVER['REQUEST_URI']); - header("Location: /login?goto=$target"); - exit; - } - $PageAccess = $Page; - } - if (file_exists("$Page/index.php")) { - break; - } - - $up = strrpos($Page, '/'); - $Args = substr($Page, $up) . $Args; - $Page = substr($Page, 0, $up); - if ($up === FALSE) { - break; - } -} - -$staticpage = NULL; -if (file_exists("$Page$Args.html")) { - $staticpage = "$Page$Args.html"; +$staticpage = "$Page.html"; +if (file_exists($staticpage)) { if (is_link($staticpage)) { $target = preg_replace('/\.html$/', '', readlink($staticpage)); header("HTTP/1.1 302 Shorthand"); @@ -160,18 +137,28 @@ if (file_exists("$Page$Args.html")) { exit; } } -elseif (file_exists("$Page$Args/index.html")) { - $staticpage = "$Page$Args/index.html"; +elseif (file_exists("$Page/index.html")) { + $staticpage = "$Page/index.html"; } -elseif ($User and $User->admin("edit $Page$Args")) { - $staticpage = (file_exists("$Page/template.inc.html") ? "$Page/template.inc.html" : 'template.inc.html'); -} - -# prepare page contents require_once('article.inc.php'); $Article = new ArchiveArticle($staticpage); +$Page = $Article->handler; +$Args = $Article->path; + +if ($PageAccess = $Article->restricted) { + # access restriction + if (empty($User)) { + http_response_code(303); + $target = urlencode($Article->link); + header("Location: /login?goto=$target"); + exit; + } +} + +# prepare page contents + ob_start(); # page body $Place = [ 'user' => $User ? $User->login : '', @@ -190,6 +177,9 @@ if (isset($Article->raw)) { } $Article->raw = '
'."\n\n".$Article->raw."
\n\n"; } +elseif (!$Article->raw and $User and $User->admin("edit {$Article->link}")) { + $Article->raw(file_exists("$Page/template.inc.html") ? "$Page/template.inc.html" : 'template.inc.html'); +} # output dynamic and/or static html