X-Git-Url: http://git.shiar.nl/minimedit.git/blobdiff_plain/992858b68f3a1feaae7940026676497f74cdbdcf..76b939d83e563cb783d666c48b0fa9ffdac827e6:/page.php diff --git a/page.php b/page.php index 93b705f..f7c8f7d 100644 --- a/page.php +++ b/page.php @@ -2,133 +2,17 @@ error_reporting(E_ALL); ini_set('display_errors', TRUE); -function abort($body, $status = NULL) { - if ($status) header("HTTP/1.1 $status"); - print "$body\n"; - exit; -} - -function placeholder_include($name, $params = []) -{ - $path = stream_resolve_include_path("widget/$name.php"); - if (!file_exists($path)) { - return ''.$name.' ontbreekt'; - } - - ob_start(); - $Page = $GLOBALS['Page'] . $GLOBALS['Args']; - $Args = ''; - $Place = $GLOBALS['Place']; - foreach ($params as $param) { - if ($set = strpos($param, '=')) { - $Place[ substr($param, 0, $set) ] = substr($param, $set + 1); - } - elseif (!empty($param)) { - $Args .= '/'.$param; - } - } - try { - include "widget/$name.php"; - return ob_get_clean(); - } - catch (Exception $e) { - return sprintf('%s', - "fout in $name: {$e->getMessage()}" - ); - } -} - -function getoutput($blocks = []) -{ - $doc = ob_get_clean(); - - if (!empty($blocks['warn'])) { - $warn = '

[[warn]]

'; - if ($offset = strpos($doc, '')) { - $doc = substr_replace($doc, "\n\n".$warn, $offset + 5, 0); - } - else { - $doc = $warn . "\n\n" . $doc; - } - } - - # keep either login or logout parts depending on user level - global $User; - $hideclass = empty($User) ? 'login' : 'logout'; - $doc = preg_replace('{\s*<([a-z]+) class="'.$hideclass.'">.*?}s', '', $doc); - - return preg_replace_callback( - '{ (?%s', - is_numeric($name) ? '' : $placeholder, # edit replacement - preg_replace('{}', '', $html) # contents - ); - }, - $doc - ); -} - -# custom error handling - define('DOCROOT', getcwd()); set_include_path(implode(PATH_SEPARATOR, [ DOCROOT, __DIR__ ])); -function fail($error) -{ - global $User, $Page, $Args; - http_response_code(500); - if (!isset($Article)) { - $Article = new ArchiveArticle(NULL); - $Article->title = 'Fout'; - } - include_once 'page.inc.php'; - ob_start(); - require '500.inc.html'; - print getoutput(['debug' => htmlspecialchars($error)]); -} - -set_exception_handler('fail'); - -define('E_FATAL', E_ERROR | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR); - -set_error_handler(function ($level, $error, $file, $line) { - if ($level & E_FATAL) { - fail($error); - return; - } - return FALSE; -}); - -register_shutdown_function(function () { - # display failure page for fatal exceptions - $error = error_get_last(); - if (!($error['type'] & E_FATAL)) return; - fail("Fatal: $error[message] in $error[file]:$error[line]"); -}); - -error_reporting(error_reporting() & ~E_FATAL); - -# user login and control - -$User = NULL; -include_once 'auth.inc.php'; -$Edit = isset($_GET['edit']); +include_once 'error.inc.php'; # setup requested page -$Args = ''; -$Page = preg_replace('/\?.*/', '', @$_SERVER['PATH_INFO'] ?: $_SERVER['REQUEST_URI']); -$Page = urldecode(trim($Page, '/')) ?: 'index'; +$request = preg_replace('/\?.*/', '', @$_SERVER['PATH_INFO'] ?: $_SERVER['REQUEST_URI']); +$request = urldecode(trim($request, '/')) ?: 'index'; -$staticpage = "$Page.html"; +$staticpage = "$request.html"; if (file_exists($staticpage)) { if (is_link($staticpage)) { $target = preg_replace('/\.html$/', '', readlink($staticpage)); @@ -137,21 +21,22 @@ if (file_exists($staticpage)) { exit; } } -elseif (file_exists("$Page/index.html")) { - $staticpage = "$Page/index.html"; +elseif (file_exists("$request/index.html")) { + $staticpage = "$request/index.html"; } require_once('article.inc.php'); -$Article = new ArchiveArticle($staticpage); +$Page = new ArchiveArticle($staticpage); -$Page = $Article->handler; -$Args = $Article->path; +# user login and control + +include_once 'auth.inc.php'; // sets global $User -if ($PageAccess = $Article->restricted) { +if ($Page->restricted) { # access restriction - if (empty($User)) { + if (!$User->login) { http_response_code(303); - $target = urlencode($Article->link); + $target = urlencode($Page->link); header("Location: /login?goto=$target"); exit; } @@ -166,41 +51,35 @@ header(sprintf('Content-Security-Policy: %s', implode('; ', [ "frame-ancestors 'none'", # prevent malicious embedding ]))); -ob_start(); # page body -$Place = [ - 'user' => $User ? $User->login : '', +$Page->place += [ + 'user' => $User->login ?: '', 'url' => htmlspecialchars($_SERVER['REQUEST_URI']), ]; -if (isset($Article->raw)) { - if ($User and $User->admin("edit $Page$Args")) { - # restore meta tags in static contents for editing - foreach (array_reverse($Article->meta) as $metaprop => $val) { - $Article->raw = sprintf( - ''."\n", - $metaprop, $val - ) . $Article->raw; - } - } -} -elseif ($User and $User->admin("edit {$Article->link}")) { - $Article->raw(file_exists("$Page/template.inc.html") ? "$Page/template.inc.html" : 'template.inc.html'); +if ($User->admin("edit {$Page->link}")) { + include_once 'edit/head.inc.php'; } -if (isset($Article->raw)) { - $Article->raw = '
'."\n\n".$Article->raw."
\n\n"; + +if (isset($Page->raw)) { + $Page->raw = '
'."\n\n".$Page->raw."
\n\n"; } # output dynamic and/or static html -if (!$Page or require("./$Page/index.php")) { - # static contents - if (isset($Article->raw)) { - print $Article->raw; - } - else { +include_once 'format.inc.php'; + +ob_start(); +if ($Page->handler and !require("./{$Page->handler}/index.php")) { + # replace contents by code output on false return + $Page->raw = ob_get_clean(); +} +else { + # keep article contents + if (!isset($Page->body)) { # no resulting output http_response_code(404); @require '404.inc.html'; + $Page->raw = ob_get_clean() . $Page->raw; } }