misuzu/misuzu.php
2023-07-18 21:48:44 +00:00

264 lines
8.3 KiB
PHP

<?php
namespace Misuzu;
use Index\Autoloader;
use Index\Environment;
use Index\Data\ConnectionFailedException;
use Index\Data\DbTools;
use Misuzu\Config\DbConfig;
use Misuzu\Users\User;
use Misuzu\Users\UserNotFoundException;
use Misuzu\Users\UserSession;
use Misuzu\Users\UserSessionNotFoundException;
define('MSZ_STARTUP', microtime(true));
define('MSZ_ROOT', __DIR__);
define('MSZ_CLI', PHP_SAPI === 'cli');
define('MSZ_DEBUG', is_file(MSZ_ROOT . '/.debug'));
define('MSZ_PUBLIC', MSZ_ROOT . '/public');
define('MSZ_SOURCE', MSZ_ROOT . '/src');
define('MSZ_LIBRARIES', MSZ_ROOT . '/lib');
define('MSZ_CONFIG', MSZ_ROOT . '/config');
define('MSZ_TEMPLATES', MSZ_ROOT . '/templates');
define('MSZ_MIGRATIONS', MSZ_ROOT . '/database');
define('MSZ_ASSETS', MSZ_ROOT . '/assets');
define('MSZ_NDX_PATH', MSZ_LIBRARIES . '/index');
define('MSZ_NDX_PATH_DEV', MSZ_LIBRARIES . '/index-dev');
require_once (MSZ_DEBUG && is_dir(MSZ_NDX_PATH_DEV) ? MSZ_NDX_PATH_DEV : MSZ_NDX_PATH) . '/index.php';
Autoloader::addNamespace(__NAMESPACE__, MSZ_SOURCE);
Environment::setDebug(MSZ_DEBUG);
mb_internal_encoding('utf-8');
date_default_timezone_set('utc');
set_include_path(get_include_path() . PATH_SEPARATOR . MSZ_ROOT);
set_exception_handler(function(\Throwable $ex) {
if(MSZ_CLI) {
echo (string)$ex;
} else {
http_response_code(500);
ob_clean();
if(MSZ_DEBUG) {
header('Content-Type: text/plain; charset=utf-8');
echo (string)$ex;
} else {
header('Content-Type: text/html; charset=utf-8');
echo file_get_contents(MSZ_TEMPLATES . '/500.html');
}
}
exit;
});
require_once 'vendor/autoload.php';
require_once 'utility.php';
require_once 'src/perms.php';
require_once 'src/manage.php';
require_once 'src/url.php';
require_once 'src/Forum/perms.php';
require_once 'src/Forum/forum.php';
require_once 'src/Forum/leaderboard.php';
require_once 'src/Forum/post.php';
require_once 'src/Forum/topic.php';
require_once 'src/Forum/validate.php';
$dbConfig = parse_ini_file(MSZ_CONFIG . '/config.ini', true, INI_SCANNER_TYPED);
if(empty($dbConfig)) {
echo 'Database config is missing.';
exit;
}
define('MSZ_DB_INIT', 'SET SESSION time_zone = \'+00:00\', sql_mode = \'STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION\';');
$db = DbTools::create($dbConfig['dsn']);
$db->execute(MSZ_DB_INIT);
DB::init(DbTools::parse($dbConfig['dsn']));
DB::exec(MSZ_DB_INIT);
$cfg = new DbConfig($db);
Mailer::init($cfg->scopeTo('mail'));
$msz = new MisuzuContext($db, $cfg);
if(MSZ_CLI)
return;
// Everything below here should eventually be moved to index.php, probably only initialised when required.
// Serving things like the css/js doesn't need to initialise sessions.
ob_start();
if(file_exists(MSZ_ROOT . '/.migrating')) {
http_response_code(503);
if(!isset($_GET['_check'])) {
header('Content-Type: text/html; charset=utf-8');
echo file_get_contents(MSZ_TEMPLATES . '/503.html');
}
exit;
}
if(!MSZ_DEBUG) {
$twigCacheDirSfx = GitInfo::hash(true);
if(empty($twigCacheDirSfx))
$twigCacheDirSfx = md5(MSZ_ROOT);
$twigCache = sys_get_temp_dir() . '/msz-tpl-' . $twigCacheDirSfx;
if(!is_dir($twigCache))
mkdir($twigCache, 0775, true);
}
$globals = $cfg->getValues([
['site.name:s', 'Misuzu'],
'site.desc:s',
'site.url:s',
'sockChat.chatPath.normal:s',
'eeprom.path:s',
'eeprom.app:s',
['auth.secret:s', 'meow'],
['csrf.secret:s', 'soup'],
]);
Template::init($msz, $twigCache ?? null, MSZ_DEBUG);
Template::set('globals', [
'site_name' => $globals['site.name'],
'site_description' => $globals['site.desc'],
'site_url' => $globals['site.url'],
'site_chat' => $globals['sockChat.chatPath.normal'],
'eeprom' => [
'path' => $globals['eeprom.path'],
'app' => $globals['eeprom.app'],
],
]);
$mszAssetsInfo = json_decode(file_get_contents(MSZ_ASSETS . '/current.json'));
if(!empty($mszAssetsInfo))
Template::set('assets', $mszAssetsInfo);
unset($mszAssetsInfo);
Template::addPath(MSZ_TEMPLATES);
AuthToken::setSecretKey($globals['auth.secret']);
if(isset($_COOKIE['msz_uid']) && isset($_COOKIE['msz_sid'])) {
$authToken = new AuthToken;
$authToken->setUserId(filter_input(INPUT_COOKIE, 'msz_uid', FILTER_SANITIZE_NUMBER_INT) ?? 0);
$authToken->setSessionToken(filter_input(INPUT_COOKIE, 'msz_sid') ?? '');
if($authToken->isValid())
$authToken->applyCookie(strtotime('1 year'));
AuthToken::nukeCookieLegacy();
}
if(!isset($authToken))
$authToken = AuthToken::unpack(filter_input(INPUT_COOKIE, 'msz_auth') ?? '');
if($authToken->isValid()) {
$authToken->setCurrent();
try {
$sessionInfo = UserSession::byToken($authToken->getSessionToken());
if($sessionInfo->hasExpired()) {
$sessionInfo->delete();
} elseif($sessionInfo->getUserId() === $authToken->getUserId()) {
$userInfo = $sessionInfo->getUser();
if(!$userInfo->isDeleted()) {
$sessionInfo->setCurrent();
$userInfo->setCurrent();
$sessionInfo->bump($_SERVER['REMOTE_ADDR']);
if($sessionInfo->shouldBumpExpire())
$authToken->applyCookie($sessionInfo->getExpiresTime());
// only allow impersonation when super user
if($authToken->hasImpersonatedUserId() && $userInfo->isSuper()) {
$userInfoReal = $userInfo;
try {
$userInfo = User::byId($authToken->getImpersonatedUserId());
} catch(UserNotFoundException $ex) {
$userInfo = $userInfoReal;
$authToken->removeImpersonatedUserId();
$authToken->applyCookie();
}
$userInfo->setCurrent();
}
}
}
} catch(UserNotFoundException $ex) {
UserSession::unsetCurrent();
User::unsetCurrent();
} catch(UserSessionNotFoundException $ex) {
UserSession::unsetCurrent();
User::unsetCurrent();
}
if(UserSession::hasCurrent()) {
$userInfo->bumpActivity($_SERVER['REMOTE_ADDR']);
} else
AuthToken::nukeCookie();
}
CSRF::init(
$globals['csrf.secret'],
(UserSession::hasCurrent() ? UserSession::getCurrent()->getToken() : ($_SERVER['REMOTE_ADDR'] ?? '::1'))
);
function mszLockdown(): void {
global $misuzuBypassLockdown, $cfg;
if($cfg->getBoolean('private.enabled')) {
$onLoginPage = $_SERVER['PHP_SELF'] === url('auth-login');
$onPasswordPage = parse_url($_SERVER['PHP_SELF'], PHP_URL_PATH) === url('auth-forgot');
$misuzuBypassLockdown = !empty($misuzuBypassLockdown) || $onLoginPage;
if(!$misuzuBypassLockdown) {
if(UserSession::hasCurrent()) {
['private.perm.cat' => $privatePermCat, 'private.perm.val' => $privatePermVal] = $cfg->getValues(['private.perm.cat:s', 'private.perm.val:i']);
if(!empty($privatePermCat) && $privatePermVal > 0) {
if(!perms_check_user($privatePermCat, User::getCurrent()->getId(), $privatePermVal)) {
// au revoir
UserSession::unsetCurrent();
User::unsetCurrent();
}
}
} elseif(!$onLoginPage && !($onPasswordPage && $cfg->getBoolean('private.allow_password_reset', true))) {
url_redirect('auth-login');
exit;
}
}
}
}
if(parse_url($_SERVER['PHP_SELF'], PHP_URL_PATH) !== '/index.php')
mszLockdown();
if(!empty($userInfo))
Template::set('current_user', $userInfo);
if(!empty($userInfoReal))
Template::set('current_user_real', $userInfoReal);
$inManageMode = str_starts_with($_SERVER['REQUEST_URI'], '/manage');
$hasManageAccess = User::hasCurrent()
&& !User::getCurrent()->hasActiveWarning()
&& perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_GENERAL_CAN_MANAGE);
Template::set('has_manage_access', $hasManageAccess);
if($inManageMode) {
if(!$hasManageAccess) {
echo render_error(403);
exit;
}
Template::set('manage_menu', manage_get_menu(User::getCurrent()->getId()));
}