2022-09-01 02:21:17 +00:00
< ? php
define ( " CONF " , parse_ini_file ( __DIR__ . " /config.ini " , true , INI_SCANNER_TYPED ));
foreach ( array_diff ( scandir ( CONF [ 'common' ][ 'root_path' ] . " /fn " ), array ( '..' , '.' )) as $file )
require CONF [ 'common' ][ 'root_path' ] . '/fn/' . $file ;
2022-09-12 23:09:40 +00:00
require " pages.php " ;
2022-09-01 02:21:17 +00:00
define ( " DB_PATH " , CONF [ 'common' ][ 'root_path' ] . " /db/niver.db " );
2022-09-12 23:09:40 +00:00
const PLACEHOLDER_DOMAIN = 'example' ; // From RFC2606: Reserved Top Level DNS Names > 2. TLDs for Testing, & Documentation Examples
const PLACEHOLDER_IPV6 = '2001:db8::3' ; // From RFC3849: IPv6 Address Prefix Reserved for Documentation
const PLACEHOLDER_IPV4 = '203.0.113.42' ; // From RFC5737: IPv4 Address Blocks Reserved for Documentation
2022-09-01 02:21:17 +00:00
if ( $_SERVER [ 'REQUEST_URI' ] === '/sftpgo-auth.php' )
return ;
$pageAddress = substr ( $_SERVER [ 'REQUEST_URI' ], strlen ( CONF [ 'common' ][ 'prefix' ]) + 1 );
if ( strpos ( $pageAddress , " ? " ) !== false ) {
parse_str ( substr ( $pageAddress , strpos ( $pageAddress , " ? " ) + 1 ), $_GET );
$pageAddress = substr ( $pageAddress , 0 , strpos ( $pageAddress , " ? " ));
}
2022-09-09 18:15:10 +00:00
define ( " PAGE_URL " , $pageAddress );
define ( " PAGE_ADDRESS " , $pageAddress . (( substr ( $pageAddress , - 1 ) === '/' OR $pageAddress === '' ) ? 'index' : '' ));
define ( " PAGE_LINEAGE " , explode ( '/' , PAGE_ADDRESS ));
2022-09-01 02:21:17 +00:00
define ( " SERVICE " , dirname ( PAGE_ADDRESS ));
define ( " PAGE " , basename ( PAGE_ADDRESS , '.php' ));
2022-09-16 22:49:07 +00:00
$pageMetadata = [];
function getPageInformations ( $pages , $pageElements ) {
global $pageMetadata ;
2022-10-12 22:40:19 +00:00
if ( ! isset ( $pages [ 'index' ]) OR $pageElements [ 0 ] === 'index' )
2022-09-16 22:49:07 +00:00
return [
'titles_lineage' => [ $pages [ $pageElements [ 0 ]][ 'title' ] ? ? false ],
'page_metadata' => $pages [ $pageElements [ 0 ]] ? ? NULL
];
2022-09-15 19:23:49 +00:00
$result = $pages [ 'index' ][ 'title' ];
2022-09-09 18:16:48 +00:00
if ( ! isset ( $pageElements [ 1 ]))
2022-09-15 19:23:49 +00:00
unset ( $pages [ 'index' ]);
2022-09-09 18:16:48 +00:00
else
2022-09-15 19:23:49 +00:00
$pages = $pages [ array_shift ( $pageElements )] ? ? false ;
2022-09-16 22:49:07 +00:00
$results = getPageInformations ( $pages , $pageElements );
$results [ 'titles_lineage' ][] = $result ;
2022-09-09 18:16:48 +00:00
return $results ;
2022-09-09 18:15:10 +00:00
}
2022-09-16 22:49:07 +00:00
$pageInformations = getPageInformations ( PAGES , PAGE_LINEAGE );
define ( 'TITLES_LINEAGE' , array_reverse ( $pageInformations [ 'titles_lineage' ]));
define ( 'PAGE_METADATA' , $pageInformations [ 'page_metadata' ]);
2022-09-09 18:15:10 +00:00
2022-09-09 20:15:52 +00:00
if ( ! TITLES_LINEAGE [ array_key_last ( TITLES_LINEAGE )]) {
http_response_code ( 404 );
exit ( 'Page not found.' );
}
2022-09-09 19:53:31 +00:00
if (
isset ( $_COOKIE [ 'niver-session-key' ]) // Resume session
OR
2022-09-12 23:09:40 +00:00
( isset ( $_POST [ 'username' ]) AND in_array ( PAGE_URL , [ 'auth/login' , 'auth/register' ])) // Start new session
2022-09-09 19:53:31 +00:00
) {
session_start ([
'name' => 'niver-session-key' ,
'sid_length' => 64 ,
'sid_bits_per_character' => 6 ,
'cookie_secure' => true ,
'cookie_httponly' => true ,
'cookie_samesite' => 'Strict' ,
'cookie_path' => CONF [ 'common' ][ 'prefix' ] . '/' ,
'cookie_lifetime' => 432000 , // = 60*60*24*5 = 5 days
'gc_maxlifetime' => 10800 ,
'use_strict_mode' => true ,
'use_cookies' => true ,
'use_only_cookies' => true ,
]);
}
?>
<! DOCTYPE html >
< html lang = " fr " < ? php if ( ! empty ( SERVICE )) echo ' class="' . SERVICE . '"' ; ?> >
< head >
< meta charset = " utf-8 " >
< title >< ? php
foreach ( array_reverse ( TITLES_LINEAGE ) as $id => $title )
echo strip_tags ( $title ) . ( array_key_last ( TITLES_LINEAGE ) === $id ? '' : ' < ' );
?> </title>
< ? php
2022-10-06 19:37:20 +00:00
foreach ( glob ( 'css/*.css' ) as $cssPath )
echo ' <link type="text/css" rel="stylesheet" media="screen" href="' . CONF [ 'common' ][ 'prefix' ] . '/' . $cssPath . '">' . " \n " ;
2022-09-09 19:53:31 +00:00
?>
< meta name = " viewport " content = " width=device-width, initial-scale=1 " >
</ head >
< body >
< header >
< p >
< ? php if ( isset ( $_SESSION [ 'username' ])) { ?>
🆔 < strong >< ? = $_SESSION [ 'username' ] ?> </strong> <a class='auth' href='<?= CONF['common']['prefix'] ?>/auth/logout'>Se déconnecter</a>
< ? php } else { ?>
< span aria - hidden = " true " > 👻 </ span >< em > Anonyme </ em > < a class = " auth " href = " <?= redirUrl('auth/login') ?> " > Se connecter </ a >
< ? php } ?>
</ p >
< nav >
< ? php
foreach ( TITLES_LINEAGE as $id => $title ) {
$lastTitle = ( TITLES_LINEAGE [ array_key_last ( TITLES_LINEAGE )] === $title );
echo '<ul><li>' . ( $lastTitle ? '<h1>' : '' ) . '<a' . (( $id === 0 ) ? ' class="niver"' : '' ) . ' href="' . CONF [ 'common' ][ 'prefix' ] . ( $lastTitle ? '/' . PAGE_URL : '/' . implode ( '/' , array_slice ( PAGE_LINEAGE , 0 , $id )) . (( $lastTitle OR $id === 0 ) ? '' : '/' )) . '">' . $title . '</a>' . ( $lastTitle ? '</h1>' : '' ) . " \n " ;
}
echo str_repeat ( '</li></ul>' , count ( TITLES_LINEAGE ));
?>
</ nav >
</ header >
< main >
< ? php
if ( in_array ( SERVICE , [ 'reg' , 'ns' , 'ht' ]) AND CONF [ SERVICE ][ 'enabled' ] !== true )
2022-09-15 17:17:48 +00:00
output ( 403 , 'Ce service est désactivé.' );
2022-09-09 19:53:31 +00:00
// Protect against cross-site request forgery if a POST request is received
if ( empty ( $_POST ) === false AND ( isset ( $_SERVER [ 'HTTP_SEC_FETCH_SITE' ]) !== true OR $_SERVER [ 'HTTP_SEC_FETCH_SITE' ] !== " same-origin " ))
2022-09-15 17:17:48 +00:00
output ( 403 , 'Anti-<abbr title="Cross-Site Request Forgery">CSRF</abbr> verification failed ! (Wrong or unset <code>Sec-Fetch-Site</code> HTTP header)' );
2022-09-01 02:21:17 +00:00
2022-09-07 16:44:49 +00:00
function executePage () {
require " pages/ " . PAGE_ADDRESS . " .php " ;
2022-09-09 19:53:31 +00:00
global $final_message ;
echo $final_message ? ? '' ;
?>
</ main >
2022-10-07 19:25:15 +00:00
< footer >
2022-10-31 22:49:48 +00:00
< small >< a rel = " external " href = " https://code.antopie.org/niver/niver " class = " niver " > Code source </ a > sous < abbr title = " Cooperative Nonviolent Public License No Attribution version 7 ou plus " > CNPL - NAv7 +</ abbr >.</ small >
2022-10-07 19:25:15 +00:00
</ footer >
2022-09-09 19:53:31 +00:00
</ body >
</ html >
< ? php
exit ();
2022-09-07 16:44:49 +00:00
}
executePage ();