Merge branch 'dev' into feature-limit-admin-domains

include/php/classes/Router.php

@@ -0,0 +1,192 @@
+<?php
+
+class Router
+{
+	/**
+	 * @var array
+	 */
+	private static $routes = array();
+
+
+	/**
+	 * @var array
+	 */
+	private static $errorPages = array(
+		404 => 'include/php/pages/404.php',
+		403 => 'include/php/pages/not-allowed.php'
+	);
+
+
+	private function __construct()
+	{
+	}
+
+	private function __clone()
+	{
+	}
+
+
+	/**
+	 * @param string|array $methods
+	 * @param string $pattern
+	 * @param callable|array|string $routeConfig
+	 * @param array $permission
+	 */
+	public static function addRoute($methods, $pattern, $routeConfig, $permission = null)
+	{
+		if(!is_array($methods)){
+			$methods = array($methods);
+		}
+
+		$config = array(
+			'pattern' => $pattern,
+			'config' => $routeConfig,
+			'permission' => $permission,
+		);
+
+		foreach($methods as $method){
+			$method = strtoupper($method);
+
+			if(!isset(static::$routes[$method])){
+				static::$routes[$method] = array();
+			}
+
+			static::$routes[$method][] = $config;
+		}
+	}
+
+
+	/**
+	 * @param string $pattern
+	 * @param callable|array|string $routeConfig
+	 * @param array $permission
+	 */
+	public static function addGet($pattern, $routeConfig, $permission = null)
+	{
+		static::addRoute('GET', $pattern, $routeConfig, $permission);
+	}
+
+
+	/**
+	 * @param string $pattern
+	 * @param callable|array|string $routeConfig
+	 * @param array $permission
+	 */
+	public static function addPost($pattern, $routeConfig, $permission = null)
+	{
+		static::addRoute('POST', $pattern, $routeConfig, $permission);
+	}
+
+
+	/**
+	 * @param string $pattern
+	 * @param callable|array|string $routeConfig
+	 * @param array $permission
+	 */
+	public static function addMixed($pattern, $routeConfig, $permission = null)
+	{
+		static::addRoute(array('GET', 'POST'), $pattern, $routeConfig, $permission);
+	}
+
+
+	/**
+	 * @param string $url
+	 * @param string $method
+	 *
+	 * @return string
+	 */
+	public static function execute($url, $method = 'GET')
+	{
+		$method = strtoupper($method);
+
+		if(!in_array($method, array('GET', 'POST')) && !isset(self::$routes[$method])){
+			return 'Unsupported HTTP method.';
+		}
+
+		foreach(self::$routes[$method] as $route){
+			if(rtrim($route['pattern'], '/') === rtrim($url, '/')){
+				if(!is_null($route['permission'])){
+					if(!Auth::isLoggedIn() || !Auth::hasPermission($route['permission'])){
+						return static::loadAndBufferOutput(static::$errorPages[403]);
+					}
+				}
+
+				return static::resolveRouteConfig($route['config']);
+			}
+		}
+
+		return static::loadAndBufferOutput(static::$errorPages[404]);
+	}
+
+	/**
+	 * @return string
+	 */
+	public static function executeCurrentRequest()
+	{
+		return static::execute(
+			static::getCurrentUrlPath(),
+			isset($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : 'GET'
+		);
+	}
+
+
+	/**
+	 * @param bool $removeGetParameters
+	 *
+	 * @return string
+	 */
+	public static function getCurrentUrlPath($removeGetParameters = true)
+	{
+		$baseUrl = parse_url(FRONTEND_BASE_PATH);
+		$basePath = isset($baseUrl['path']) ? rtrim($baseUrl['path'], '/') : '';
+
+		$url = $_SERVER['REQUEST_URI'];
+
+		if($removeGetParameters){
+			$url = preg_replace('/\?.*/', '', $url); // Trim GET Parameters
+		}
+
+		// Trim all leading slashes
+		$url = rtrim($url, '/');
+
+		if(!empty($basePath) && ($basePathPos = strpos($url, $basePath)) === 0){
+			$url = substr($url, strlen($basePath));
+		}
+
+		return $url;
+	}
+
+
+	/**
+	 * @param array $config
+	 *
+	 * @return string
+	 */
+	public static function resolveRouteConfig($config)
+	{
+		if(is_string($config)){
+			if(file_exists($config)){
+				return static::loadAndBufferOutput($config);
+			}
+		}
+
+		return static::loadAndBufferOutput(static::$errorPages[404]);
+	}
+
+	/**
+	 * @param string $file
+	 * @param array $variables
+	 *
+	 * @return string
+	 */
+	public static function loadAndBufferOutput($file, $variables = array())
+	{
+		ob_start();
+
+		extract($variables);
+
+		require $file;
+
+		return ob_get_clean();
+	}
+}

include/php/default.inc.php

@@ -46,3 +46,7 @@ if($db->connect_errno > 0){
 Auth::init();
 
 
+/**
+ * Setup routes
+ */
+require_once 'include/php/routes.inc.php';

include/php/routes.inc.php

@@ -0,0 +1,37 @@
+<?php
+
+// Home
+Router::addGet('/', 'include/php/pages/start.php');
+
+/**
+ * Auth
+ */
+Router::addMixed('/login', 'include/php/pages/login.php');
+Router::addGet('/logout', 'include/php/pages/logout.php');
+
+/**
+ * Private area
+ */
+Router::addGet('/private', 'include/php/pages/private/start.php', User::ROLE_USER);
+Router::addMixed('/private/changepass', 'include/php/pages/private/changepass.php', User::ROLE_USER);
+
+
+/**
+ * Admin area
+ */
+Router::addGet('/admin', 'include/php/pages/admin/start.php', User::ROLE_ADMIN);
+
+// Users / Mailboxes
+Router::addGet('/admin/listusers', 'include/php/pages/admin/listusers.php', User::ROLE_ADMIN);
+Router::addMixed('/admin/edituser', 'include/php/pages/admin/edituser.php', User::ROLE_ADMIN);
+Router::addMixed('/admin/deleteuser', 'include/php/pages/admin/deleteuser.php', User::ROLE_ADMIN);
+
+// Domains
+Router::addGet('/admin/listdomains', 'include/php/pages/admin/listdomains.php', User::ROLE_ADMIN);
+Router::addMixed('/admin/deletedomain', 'include/php/pages/admin/deletedomain.php', User::ROLE_ADMIN);
+Router::addMixed('/admin/createdomain', 'include/php/pages/admin/createdomain.php', User::ROLE_ADMIN);
+
+// Redirects
+Router::addGet('/admin/listredirects', 'include/php/pages/admin/listredirects.php', User::ROLE_ADMIN);
+Router::addMixed('/admin/editredirect', 'include/php/pages/admin/editredirect.php', User::ROLE_ADMIN);
+Router::addMixed('/admin/deleteredirect', 'include/php/pages/admin/deleteredirect.php', User::ROLE_ADMIN);

include/php/template/footer.php

@@ -1,8 +0,0 @@
-	</div> <!-- Closing content -->
-
-	<div id="footer">
-		Software by Thomas Leister and contributors<br/> WebMUM on GitHub:
-		<a href="https://git.io/v2fQg">https://github.com/ThomasLeister/webmum</a> | License: MIT
-	</div>
-</body>
-</html>

include/php/template/header.php → include/php/template/layout.php

@@ -41,4 +41,13 @@
 		</div>
 	</div>
 
-	<div id="content"> <!-- Opening content -->
+	<div id="content">
+		<?php echo $content; ?>
+	</div>
+
+	<div id="footer">
+		Software by Thomas Leister and contributors<br/> WebMUM on GitHub:
+		<a href="https://git.io/v2fQg">https://github.com/ThomasLeister/webmum</a> | License: MIT
+	</div>
+</body>
+</html>

index.php

@@ -4,139 +4,20 @@ session_start();
 session_regenerate_id();
 
 
-define("BACKEND_BASE_PATH", preg_replace("#index.php#", "", $_SERVER['SCRIPT_FILENAME']));
-
-
-require_once 'include/php/default.inc.php';
-
-
-/**
- * @param string $file
- * @return string
- */
-function loadAndBufferOutput($file)
-{
-	ob_start();
-
-	require $file;
-
-	return ob_get_clean();
-}
-
-
-/**
- * @param string $url
- * @return string
- */
-function loadPageByRoute($url)
-{
-	$file = 'include/php/pages/404.php';
-
-	$routes = array(
-		'/login/' => 'include/php/pages/login.php',
-		'/logout/' => 'include/php/pages/logout.php',
-		'/' => 'include/php/pages/start.php',
-	);
-
-	$adminRoutes = array(
-		'/admin/' => 'include/php/pages/admin/start.php',
-		'/admin/listusers/' => 'include/php/pages/admin/listusers.php',
-		'/admin/edituser/' => 'include/php/pages/admin/edituser.php',
-		'/admin/deleteuser/' => 'include/php/pages/admin/deleteuser.php',
-		'/admin/listdomains/' => 'include/php/pages/admin/listdomains.php',
-		'/admin/deletedomain/' => 'include/php/pages/admin/deletedomain.php',
-		'/admin/createdomain/' => 'include/php/pages/admin/createdomain.php',
-		'/admin/listredirects/' => 'include/php/pages/admin/listredirects.php',
-		'/admin/editredirect/' => 'include/php/pages/admin/editredirect.php',
-		'/admin/deleteredirect/' => 'include/php/pages/admin/deleteredirect.php',
-	);
-
-	$userRoutes = array(
-		'/private/' => 'include/php/pages/private/start.php',
-		'/private/changepass/' => 'include/php/pages/private/changepass.php',
-	);
-
-
-	if(preg_match("/^\/private(.*)$/", $url) == 1){
-		// Page is user page
-		if(Auth::hasPermission(User::ROLE_USER)){
-			if(isset($userRoutes[$url])){
-				$file = $userRoutes[$url];
-			}
-		}
-		else{
-			$file = 'include/php/pages/not-allowed.php';
-		}
-	}
-	else if(preg_match("/^\/admin(.*)$/", $url) == 1){
-		// Page is admin page
-		if(Auth::hasPermission(User::ROLE_ADMIN)){
-			if(isset($adminRoutes[$url])){
-				$file = $adminRoutes[$url];
-			}
-		}
-		else{
-			$file = 'include/php/pages/not-allowed.php';
-		}
-	}
-	else{
-		// Page is public accessible
-		if(isset($routes[$url])){
-			$file = $routes[$url];
-		}
-	}
-
-	if(file_exists($file)){
-		return loadAndBufferOutput($file);
-	}
-
-	die('Page file "'.$file.'" couldn\'t be found');
-}
-
 /**
- * @param bool $removeGetParameters
- *
- * @return string
+ * Loading system
  */
-function getCurrentUrlPath($removeGetParameters = true)
-{
-	$baseUrl = parse_url(FRONTEND_BASE_PATH);
-	$basePath = isset($baseUrl['path']) ? rtrim($baseUrl['path'], '/') : '';
-
-	$url = $_SERVER['REQUEST_URI'];
-
-	if($removeGetParameters) {
-		$url = preg_replace('/\?.*/', '', $url); // Trim GET Parameters
-	}
-
-	// Trim all leading slashes
-	$url = rtrim($url, '/');
-
-	if(!empty($basePath) && ($basePathPos = strpos($url, $basePath)) === 0){
-		$url = substr($url, strlen($basePath));
-	}
+require_once 'include/php/default.inc.php';
 
-	return $url;
-}
 
 /**
- * @return string
- */
-function preparedUrlForRouting()
-{
-	return getCurrentUrlPath(true).'/';
-}
-
-
-/*
- * Build page
+ * Handle request
  */
-
-$content = loadPageByRoute(
-	preparedUrlForRouting()
-);
-
-$header = loadAndBufferOutput('include/php/template/header.php');
-$footer = loadAndBufferOutput('include/php/template/footer.php');
-
-echo $header.$content.$footer;
+$content = Router::executeCurrentRequest();
+
+echo Router::loadAndBufferOutput(
+	'include/php/template/layout.php',
+	array(
+		'content' => $content,
+	)
+);