[$pages[$pageElements[0]]['title'] ?? pageNotFound()], 'page_metadata' => $pages[$pageElements[0]], 'terminal' => $pageElements[0] !== 'index' ]; } $result = $pages['index']['title']; if (!isset($pageElements[1])) unset($pages['index']); else $pages = $pages[array_shift($pageElements)] ?? []; $results = getPageInformations($pages, $pageElements); $results['titles_lineage'][] = $result; return $results; } $pageInformations = getPageInformations(PAGES, PAGE_LINEAGE); define('TITLES_LINEAGE', array_reverse($pageInformations['titles_lineage'])); define('PAGE_METADATA', $pageInformations['page_metadata']); define('PAGE_TERMINAL', $pageInformations['terminal']); if (isset($_SERVER['SERVER_NAME']) !== true) exit('Missing $_SERVER[\'SERVER_NAME\']'); if (in_array($_SERVER['SERVER_NAME'], CONF['common']['public_domains'], true) !== true) exit('The current $_SERVER[\'SERVER_NAME\'] is not allowed in configuration.'); define('SERVER_NAME', $_SERVER['SERVER_NAME']); const SESSION_COOKIE_NAME = 'servnest-session-key'; function startSession(): void { session_start([ 'name' => SESSION_COOKIE_NAME, 'sid_length' => 64, 'sid_bits_per_character' => 6, 'cookie_secure' => true, 'cookie_httponly' => true, 'cookie_samesite' => 'Strict', 'cookie_path' => CONF['common']['prefix'] . '/', 'cookie_lifetime' => 432000, // = 60*60*24*5 = 5 days 'gc_maxlifetime' => 10800, 'use_strict_mode' => true, 'use_cookies' => true, 'use_only_cookies' => true, ]); } if (isset($_COOKIE[SESSION_COOKIE_NAME])) startSession(); // Resume session if (isset($_SESSION['id'])) { if (!isset(query('select', 'users', ['id' => $_SESSION['id']], ['id'])[0])) logout(); // Decrypt display username if (!isset($_COOKIE['display-username-decryption-key'])) output(403, 'The display username decryption key has not been sent.'); $decryption_result = sodium_crypto_aead_xchacha20poly1305_ietf_decrypt( $_SESSION['display-username-cyphertext'], '', $_SESSION['display-username-nonce'], base64_decode($_COOKIE['display-username-decryption-key']) ); if ($decryption_result === false) output(403, 'Unable to decrypt display username.'); define('DISPLAY_USERNAME', htmlspecialchars($decryption_result)); // Enable not already enabled services for this user $user_services = array_filter(explode(',', query('select', 'users', ['id' => $_SESSION['id']], ['services'])[0])); foreach (SERVICES_USER as $service) if (!in_array($service, $user_services, true) AND CONF['common']['services'][$service] === 'enabled') { $user_services[] = $service; DB->prepare('UPDATE users SET services = :services WHERE id = :id') ->execute([':services' => implode(',', $user_services), ':id' => $_SESSION['id']]); if ($service === 'ht') htSetupUserFs($_SESSION['id']); } } function displayFinalMessage(?array $data): void { if (isset($data['final_message'])) { echo $data['final_message']; unset($data['final_message']); } } if ($_POST !== []) { if (!in_array(CONF['common']['services']['auth'], ['enabled', 'no-registration'], true) OR (in_array(SERVICE, SERVICES_USER, true) AND CONF['common']['services'][SERVICE] !== 'enabled')) output(503, _('This service is currently under maintenance. No action can be taken on it until an administrator finishes repairing it.')); // Protect against cross-site request forgery if a POST request is received if (isset($_SERVER['HTTP_SEC_FETCH_SITE']) !== true) output(403, 'The Sec-Fetch-Site HTTP header is required when submitting a POST request to prevent Cross-Site Request Forgery (CSRF).'); if (!in_array($_SERVER['HTTP_SEC_FETCH_SITE'], ['none', 'same-origin'], true)) output(403, 'The Sec-Fetch-Site HTTP header must be same-origin or none when submitting a POST request to prevent Cross-Site Request Forgery (CSRF).'); if (PAGE_METADATA['require-login'] ?? true AND !isset($_SESSION['id'])) output(403, _('You need to be logged in to do this.')); if (file_exists(ROOT_PATH . '/pg-act/' . PAGE_ADDRESS . '.php')) require ROOT_PATH . '/pg-act/' . PAGE_ADDRESS . '.php'; } function displayPage(?array $data): never { require ROOT_PATH . '/view.php'; exit(); } displayPage($data ??= NULL);