Restructured public folder and initialisation process.
This commit is contained in:
parent
c9993bf08b
commit
029c1ff20e
62 changed files with 210 additions and 331 deletions
223
misuzu.php
223
misuzu.php
|
@ -3,13 +3,8 @@ namespace Misuzu;
|
||||||
|
|
||||||
use Index\Autoloader;
|
use Index\Autoloader;
|
||||||
use Index\Environment;
|
use Index\Environment;
|
||||||
use Index\Data\ConnectionFailedException;
|
|
||||||
use Index\Data\DbTools;
|
use Index\Data\DbTools;
|
||||||
use Misuzu\Config\DbConfig;
|
use Misuzu\Config\DbConfig;
|
||||||
use Misuzu\Users\User;
|
|
||||||
use Misuzu\Users\UserNotFoundException;
|
|
||||||
use Misuzu\Users\UserSession;
|
|
||||||
use Misuzu\Users\UserSessionNotFoundException;
|
|
||||||
|
|
||||||
define('MSZ_STARTUP', microtime(true));
|
define('MSZ_STARTUP', microtime(true));
|
||||||
define('MSZ_ROOT', __DIR__);
|
define('MSZ_ROOT', __DIR__);
|
||||||
|
@ -33,38 +28,18 @@ Environment::setDebug(MSZ_DEBUG);
|
||||||
|
|
||||||
mb_internal_encoding('utf-8');
|
mb_internal_encoding('utf-8');
|
||||||
date_default_timezone_set('utc');
|
date_default_timezone_set('utc');
|
||||||
set_include_path(get_include_path() . PATH_SEPARATOR . MSZ_ROOT);
|
|
||||||
|
|
||||||
set_exception_handler(function(\Throwable $ex) {
|
require_once MSZ_ROOT . '/vendor/autoload.php';
|
||||||
if(MSZ_CLI) {
|
require_once MSZ_ROOT . '/utility.php';
|
||||||
echo (string)$ex;
|
require_once MSZ_SOURCE . '/perms.php';
|
||||||
} else {
|
require_once MSZ_SOURCE . '/manage.php';
|
||||||
http_response_code(500);
|
require_once MSZ_SOURCE . '/url.php';
|
||||||
ob_clean();
|
require_once MSZ_SOURCE . '/Forum/perms.php';
|
||||||
|
require_once MSZ_SOURCE . '/Forum/forum.php';
|
||||||
if(MSZ_DEBUG) {
|
require_once MSZ_SOURCE . '/Forum/leaderboard.php';
|
||||||
header('Content-Type: text/plain; charset=utf-8');
|
require_once MSZ_SOURCE . '/Forum/post.php';
|
||||||
echo (string)$ex;
|
require_once MSZ_SOURCE . '/Forum/topic.php';
|
||||||
} else {
|
require_once MSZ_SOURCE . '/Forum/validate.php';
|
||||||
header('Content-Type: text/html; charset=utf-8');
|
|
||||||
echo file_get_contents(MSZ_TEMPLATES . '/500.html');
|
|
||||||
}
|
|
||||||
}
|
|
||||||
exit;
|
|
||||||
});
|
|
||||||
|
|
||||||
require_once 'vendor/autoload.php';
|
|
||||||
|
|
||||||
require_once 'utility.php';
|
|
||||||
require_once 'src/perms.php';
|
|
||||||
require_once 'src/manage.php';
|
|
||||||
require_once 'src/url.php';
|
|
||||||
require_once 'src/Forum/perms.php';
|
|
||||||
require_once 'src/Forum/forum.php';
|
|
||||||
require_once 'src/Forum/leaderboard.php';
|
|
||||||
require_once 'src/Forum/post.php';
|
|
||||||
require_once 'src/Forum/topic.php';
|
|
||||||
require_once 'src/Forum/validate.php';
|
|
||||||
|
|
||||||
$dbConfig = parse_ini_file(MSZ_CONFIG . '/config.ini', true, INI_SCANNER_TYPED);
|
$dbConfig = parse_ini_file(MSZ_CONFIG . '/config.ini', true, INI_SCANNER_TYPED);
|
||||||
|
|
||||||
|
@ -86,179 +61,3 @@ $cfg = new DbConfig($db);
|
||||||
Mailer::init($cfg->scopeTo('mail'));
|
Mailer::init($cfg->scopeTo('mail'));
|
||||||
|
|
||||||
$msz = new MisuzuContext($db, $cfg);
|
$msz = new MisuzuContext($db, $cfg);
|
||||||
|
|
||||||
if(MSZ_CLI)
|
|
||||||
return;
|
|
||||||
|
|
||||||
// Everything below here should eventually be moved to index.php, probably only initialised when required.
|
|
||||||
// Serving things like the css/js doesn't need to initialise sessions.
|
|
||||||
|
|
||||||
ob_start();
|
|
||||||
|
|
||||||
if(file_exists(MSZ_ROOT . '/.migrating')) {
|
|
||||||
http_response_code(503);
|
|
||||||
if(!isset($_GET['_check'])) {
|
|
||||||
header('Content-Type: text/html; charset=utf-8');
|
|
||||||
echo file_get_contents(MSZ_TEMPLATES . '/503.html');
|
|
||||||
}
|
|
||||||
exit;
|
|
||||||
}
|
|
||||||
|
|
||||||
if(!MSZ_DEBUG) {
|
|
||||||
$twigCacheDirSfx = GitInfo::hash(true);
|
|
||||||
if(empty($twigCacheDirSfx))
|
|
||||||
$twigCacheDirSfx = md5(MSZ_ROOT);
|
|
||||||
|
|
||||||
$twigCache = sys_get_temp_dir() . '/msz-tpl-' . $twigCacheDirSfx;
|
|
||||||
if(!is_dir($twigCache))
|
|
||||||
mkdir($twigCache, 0775, true);
|
|
||||||
}
|
|
||||||
|
|
||||||
$globals = $cfg->getValues([
|
|
||||||
['site.name:s', 'Misuzu'],
|
|
||||||
'site.desc:s',
|
|
||||||
'site.url:s',
|
|
||||||
'sockChat.chatPath.normal:s',
|
|
||||||
'eeprom.path:s',
|
|
||||||
'eeprom.app:s',
|
|
||||||
['auth.secret:s', 'meow'],
|
|
||||||
['csrf.secret:s', 'soup'],
|
|
||||||
]);
|
|
||||||
|
|
||||||
Template::init($msz, $twigCache ?? null, MSZ_DEBUG);
|
|
||||||
|
|
||||||
Template::set('globals', [
|
|
||||||
'site_name' => $globals['site.name'],
|
|
||||||
'site_description' => $globals['site.desc'],
|
|
||||||
'site_url' => $globals['site.url'],
|
|
||||||
'site_chat' => $globals['sockChat.chatPath.normal'],
|
|
||||||
'eeprom' => [
|
|
||||||
'path' => $globals['eeprom.path'],
|
|
||||||
'app' => $globals['eeprom.app'],
|
|
||||||
],
|
|
||||||
]);
|
|
||||||
|
|
||||||
$mszAssetsInfo = json_decode(file_get_contents(MSZ_ASSETS . '/current.json'));
|
|
||||||
if(!empty($mszAssetsInfo))
|
|
||||||
Template::set('assets', $mszAssetsInfo);
|
|
||||||
unset($mszAssetsInfo);
|
|
||||||
|
|
||||||
Template::addPath(MSZ_TEMPLATES);
|
|
||||||
|
|
||||||
AuthToken::setSecretKey($globals['auth.secret']);
|
|
||||||
|
|
||||||
if(isset($_COOKIE['msz_uid']) && isset($_COOKIE['msz_sid'])) {
|
|
||||||
$authToken = new AuthToken;
|
|
||||||
$authToken->setUserId(filter_input(INPUT_COOKIE, 'msz_uid', FILTER_SANITIZE_NUMBER_INT) ?? 0);
|
|
||||||
$authToken->setSessionToken(filter_input(INPUT_COOKIE, 'msz_sid') ?? '');
|
|
||||||
|
|
||||||
if($authToken->isValid())
|
|
||||||
$authToken->applyCookie(strtotime('1 year'));
|
|
||||||
|
|
||||||
AuthToken::nukeCookieLegacy();
|
|
||||||
}
|
|
||||||
|
|
||||||
if(!isset($authToken))
|
|
||||||
$authToken = AuthToken::unpack(filter_input(INPUT_COOKIE, 'msz_auth') ?? '');
|
|
||||||
|
|
||||||
if($authToken->isValid()) {
|
|
||||||
$authToken->setCurrent();
|
|
||||||
|
|
||||||
try {
|
|
||||||
$sessionInfo = UserSession::byToken($authToken->getSessionToken());
|
|
||||||
if($sessionInfo->hasExpired()) {
|
|
||||||
$sessionInfo->delete();
|
|
||||||
} elseif($sessionInfo->getUserId() === $authToken->getUserId()) {
|
|
||||||
$userInfo = $sessionInfo->getUser();
|
|
||||||
if(!$userInfo->isDeleted()) {
|
|
||||||
$sessionInfo->setCurrent();
|
|
||||||
$userInfo->setCurrent();
|
|
||||||
$sessionInfo->bump($_SERVER['REMOTE_ADDR']);
|
|
||||||
|
|
||||||
if($sessionInfo->shouldBumpExpire())
|
|
||||||
$authToken->applyCookie($sessionInfo->getExpiresTime());
|
|
||||||
|
|
||||||
// only allow impersonation when super user
|
|
||||||
if($authToken->hasImpersonatedUserId() && $userInfo->isSuper()) {
|
|
||||||
$userInfoReal = $userInfo;
|
|
||||||
|
|
||||||
try {
|
|
||||||
$userInfo = User::byId($authToken->getImpersonatedUserId());
|
|
||||||
} catch(UserNotFoundException $ex) {
|
|
||||||
$userInfo = $userInfoReal;
|
|
||||||
$authToken->removeImpersonatedUserId();
|
|
||||||
$authToken->applyCookie();
|
|
||||||
}
|
|
||||||
|
|
||||||
$userInfo->setCurrent();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
} catch(UserNotFoundException $ex) {
|
|
||||||
UserSession::unsetCurrent();
|
|
||||||
User::unsetCurrent();
|
|
||||||
} catch(UserSessionNotFoundException $ex) {
|
|
||||||
UserSession::unsetCurrent();
|
|
||||||
User::unsetCurrent();
|
|
||||||
}
|
|
||||||
|
|
||||||
if(UserSession::hasCurrent()) {
|
|
||||||
$userInfo->bumpActivity($_SERVER['REMOTE_ADDR']);
|
|
||||||
} else
|
|
||||||
AuthToken::nukeCookie();
|
|
||||||
}
|
|
||||||
|
|
||||||
CSRF::init(
|
|
||||||
$globals['csrf.secret'],
|
|
||||||
(UserSession::hasCurrent() ? UserSession::getCurrent()->getToken() : ($_SERVER['REMOTE_ADDR'] ?? '::1'))
|
|
||||||
);
|
|
||||||
|
|
||||||
function mszLockdown(): void {
|
|
||||||
global $misuzuBypassLockdown, $cfg;
|
|
||||||
|
|
||||||
if($cfg->getBoolean('private.enabled')) {
|
|
||||||
$onLoginPage = $_SERVER['PHP_SELF'] === url('auth-login');
|
|
||||||
$onPasswordPage = parse_url($_SERVER['PHP_SELF'], PHP_URL_PATH) === url('auth-forgot');
|
|
||||||
$misuzuBypassLockdown = !empty($misuzuBypassLockdown) || $onLoginPage;
|
|
||||||
|
|
||||||
if(!$misuzuBypassLockdown) {
|
|
||||||
if(UserSession::hasCurrent()) {
|
|
||||||
['private.perm.cat' => $privatePermCat, 'private.perm.val' => $privatePermVal] = $cfg->getValues(['private.perm.cat:s', 'private.perm.val:i']);
|
|
||||||
|
|
||||||
if(!empty($privatePermCat) && $privatePermVal > 0) {
|
|
||||||
if(!perms_check_user($privatePermCat, User::getCurrent()->getId(), $privatePermVal)) {
|
|
||||||
// au revoir
|
|
||||||
UserSession::unsetCurrent();
|
|
||||||
User::unsetCurrent();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
} elseif(!$onLoginPage && !($onPasswordPage && $cfg->getBoolean('private.allow_password_reset', true))) {
|
|
||||||
url_redirect('auth-login');
|
|
||||||
exit;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if(parse_url($_SERVER['PHP_SELF'], PHP_URL_PATH) !== '/index.php')
|
|
||||||
mszLockdown();
|
|
||||||
|
|
||||||
if(!empty($userInfo))
|
|
||||||
Template::set('current_user', $userInfo);
|
|
||||||
if(!empty($userInfoReal))
|
|
||||||
Template::set('current_user_real', $userInfoReal);
|
|
||||||
|
|
||||||
$inManageMode = str_starts_with($_SERVER['REQUEST_URI'], '/manage');
|
|
||||||
$hasManageAccess = User::hasCurrent()
|
|
||||||
&& !User::getCurrent()->hasActiveWarning()
|
|
||||||
&& perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_GENERAL_CAN_MANAGE);
|
|
||||||
Template::set('has_manage_access', $hasManageAccess);
|
|
||||||
|
|
||||||
if($inManageMode) {
|
|
||||||
if(!$hasManageAccess) {
|
|
||||||
echo render_error(403);
|
|
||||||
exit;
|
|
||||||
}
|
|
||||||
|
|
||||||
Template::set('manage_menu', manage_get_menu(User::getCurrent()->getId()));
|
|
||||||
}
|
|
||||||
|
|
|
@ -2,7 +2,6 @@
|
||||||
namespace Misuzu;
|
namespace Misuzu;
|
||||||
|
|
||||||
$misuzuBypassLockdown = true;
|
$misuzuBypassLockdown = true;
|
||||||
require_once '../misuzu.php';
|
|
||||||
|
|
||||||
function ghcb_strip_prefix(string $line): string {
|
function ghcb_strip_prefix(string $line): string {
|
||||||
$findColon = mb_strpos($line, ':');
|
$findColon = mb_strpos($line, ':');
|
|
@ -1,6 +1,4 @@
|
||||||
<?php
|
<?php
|
||||||
namespace Misuzu;
|
namespace Misuzu;
|
||||||
|
|
||||||
require_once '../../misuzu.php';
|
|
||||||
|
|
||||||
url_redirect('auth-login');
|
url_redirect('auth-login');
|
|
@ -9,8 +9,6 @@ use Misuzu\Users\UserLoginAttempt;
|
||||||
use Misuzu\Users\UserSession;
|
use Misuzu\Users\UserSession;
|
||||||
use Misuzu\Users\UserSessionCreationFailedException;
|
use Misuzu\Users\UserSessionCreationFailedException;
|
||||||
|
|
||||||
require_once '../../misuzu.php';
|
|
||||||
|
|
||||||
if(UserSession::hasCurrent()) {
|
if(UserSession::hasCurrent()) {
|
||||||
url_redirect('index');
|
url_redirect('index');
|
||||||
return;
|
return;
|
|
@ -4,8 +4,6 @@ namespace Misuzu;
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
use Misuzu\Users\UserSession;
|
use Misuzu\Users\UserSession;
|
||||||
|
|
||||||
require_once '../../misuzu.php';
|
|
||||||
|
|
||||||
if(!UserSession::hasCurrent()) {
|
if(!UserSession::hasCurrent()) {
|
||||||
url_redirect('index');
|
url_redirect('index');
|
||||||
return;
|
return;
|
|
@ -9,8 +9,6 @@ use Misuzu\Users\UserRecoveryTokenNotFoundException;
|
||||||
use Misuzu\Users\UserRecoveryTokenCreationFailedException;
|
use Misuzu\Users\UserRecoveryTokenCreationFailedException;
|
||||||
use Misuzu\Users\UserSession;
|
use Misuzu\Users\UserSession;
|
||||||
|
|
||||||
require_once '../../misuzu.php';
|
|
||||||
|
|
||||||
if(UserSession::hasCurrent()) {
|
if(UserSession::hasCurrent()) {
|
||||||
url_redirect('settings-account');
|
url_redirect('settings-account');
|
||||||
return;
|
return;
|
|
@ -8,8 +8,6 @@ use Misuzu\Users\UserRole;
|
||||||
use Misuzu\Users\UserSession;
|
use Misuzu\Users\UserSession;
|
||||||
use Misuzu\Users\UserWarning;
|
use Misuzu\Users\UserWarning;
|
||||||
|
|
||||||
require_once '../../misuzu.php';
|
|
||||||
|
|
||||||
if(UserSession::hasCurrent()) {
|
if(UserSession::hasCurrent()) {
|
||||||
url_redirect('index');
|
url_redirect('index');
|
||||||
return;
|
return;
|
|
@ -3,8 +3,6 @@ namespace Misuzu;
|
||||||
|
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../misuzu.php';
|
|
||||||
|
|
||||||
if(!isset($userInfoReal) || !$authToken->hasImpersonatedUserId() || !CSRF::validateRequest()) {
|
if(!isset($userInfoReal) || !$authToken->hasImpersonatedUserId() || !CSRF::validateRequest()) {
|
||||||
url_redirect('index');
|
url_redirect('index');
|
||||||
return;
|
return;
|
|
@ -8,8 +8,6 @@ use Misuzu\Users\UserSessionCreationFailedException;
|
||||||
use Misuzu\Users\UserAuthSession;
|
use Misuzu\Users\UserAuthSession;
|
||||||
use Misuzu\Users\UserAuthSessionNotFoundException;
|
use Misuzu\Users\UserAuthSessionNotFoundException;
|
||||||
|
|
||||||
require_once '../../misuzu.php';
|
|
||||||
|
|
||||||
if(UserSession::hasCurrent()) {
|
if(UserSession::hasCurrent()) {
|
||||||
url_redirect('index');
|
url_redirect('index');
|
||||||
return;
|
return;
|
|
@ -4,8 +4,6 @@ namespace Misuzu;
|
||||||
use RuntimeException;
|
use RuntimeException;
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../misuzu.php';
|
|
||||||
|
|
||||||
// basing whether or not this is an xhr request on whether a referrer header is present
|
// basing whether or not this is an xhr request on whether a referrer header is present
|
||||||
// this page is never directy accessed, under normal circumstances
|
// this page is never directy accessed, under normal circumstances
|
||||||
$redirect = !empty($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : url('index');
|
$redirect = !empty($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : url('index');
|
|
@ -3,8 +3,6 @@ namespace Misuzu;
|
||||||
|
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../misuzu.php';
|
|
||||||
|
|
||||||
$forumId = !empty($_GET['f']) && is_string($_GET['f']) ? (int)$_GET['f'] : 0;
|
$forumId = !empty($_GET['f']) && is_string($_GET['f']) ? (int)$_GET['f'] : 0;
|
||||||
$forumId = max($forumId, 0);
|
$forumId = max($forumId, 0);
|
||||||
|
|
|
@ -3,8 +3,6 @@ namespace Misuzu;
|
||||||
|
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../misuzu.php';
|
|
||||||
|
|
||||||
$indexMode = !empty($_GET['m']) && is_string($_GET['m']) ? (string)$_GET['m'] : '';
|
$indexMode = !empty($_GET['m']) && is_string($_GET['m']) ? (string)$_GET['m'] : '';
|
||||||
$forumId = !empty($_GET['f']) && is_string($_GET['f']) ? (int)$_GET['f'] : 0;
|
$forumId = !empty($_GET['f']) && is_string($_GET['f']) ? (int)$_GET['f'] : 0;
|
||||||
|
|
|
@ -3,8 +3,6 @@ namespace Misuzu;
|
||||||
|
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_FORUM, User::getCurrent()->getId(), MSZ_PERM_FORUM_VIEW_LEADERBOARD)) {
|
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_FORUM, User::getCurrent()->getId(), MSZ_PERM_FORUM_VIEW_LEADERBOARD)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
||||||
return;
|
return;
|
|
@ -4,8 +4,6 @@ namespace Misuzu;
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
use Misuzu\Users\UserSession;
|
use Misuzu\Users\UserSession;
|
||||||
|
|
||||||
require_once '../../misuzu.php';
|
|
||||||
|
|
||||||
$postId = !empty($_GET['p']) && is_string($_GET['p']) ? (int)$_GET['p'] : 0;
|
$postId = !empty($_GET['p']) && is_string($_GET['p']) ? (int)$_GET['p'] : 0;
|
||||||
$postMode = !empty($_GET['m']) && is_string($_GET['m']) ? (string)$_GET['m'] : '';
|
$postMode = !empty($_GET['m']) && is_string($_GET['m']) ? (string)$_GET['m'] : '';
|
||||||
$submissionConfirmed = !empty($_GET['confirm']) && is_string($_GET['confirm']) && $_GET['confirm'] === '1';
|
$submissionConfirmed = !empty($_GET['confirm']) && is_string($_GET['confirm']) && $_GET['confirm'] === '1';
|
|
@ -4,8 +4,6 @@ namespace Misuzu;
|
||||||
use Misuzu\Parsers\Parser;
|
use Misuzu\Parsers\Parser;
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../misuzu.php';
|
|
||||||
|
|
||||||
$currentUser = User::getCurrent();
|
$currentUser = User::getCurrent();
|
||||||
|
|
||||||
if($currentUser === null) {
|
if($currentUser === null) {
|
|
@ -4,8 +4,6 @@ namespace Misuzu;
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
use Misuzu\Users\UserSession;
|
use Misuzu\Users\UserSession;
|
||||||
|
|
||||||
require_once '../../misuzu.php';
|
|
||||||
|
|
||||||
$postId = !empty($_GET['p']) && is_string($_GET['p']) ? (int)$_GET['p'] : 0;
|
$postId = !empty($_GET['p']) && is_string($_GET['p']) ? (int)$_GET['p'] : 0;
|
||||||
$topicId = !empty($_GET['t']) && is_string($_GET['t']) ? (int)$_GET['t'] : 0;
|
$topicId = !empty($_GET['t']) && is_string($_GET['t']) ? (int)$_GET['t'] : 0;
|
||||||
$moderationMode = !empty($_GET['m']) && is_string($_GET['m']) ? (string)$_GET['m'] : '';
|
$moderationMode = !empty($_GET['m']) && is_string($_GET['m']) ? (string)$_GET['m'] : '';
|
|
@ -8,8 +8,6 @@ use Misuzu\Changelog\Changelog;
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
use Misuzu\Users\UserNotFoundException;
|
use Misuzu\Users\UserNotFoundException;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_CHANGELOG, User::getCurrent()->getId(), MSZ_PERM_CHANGELOG_MANAGE_CHANGES)) {
|
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_CHANGELOG, User::getCurrent()->getId(), MSZ_PERM_CHANGELOG_MANAGE_CHANGES)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
||||||
return;
|
return;
|
|
@ -3,8 +3,6 @@ namespace Misuzu;
|
||||||
|
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_CHANGELOG, User::getCurrent()->getId(), MSZ_PERM_CHANGELOG_MANAGE_CHANGES)) {
|
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_CHANGELOG, User::getCurrent()->getId(), MSZ_PERM_CHANGELOG_MANAGE_CHANGES)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
||||||
return;
|
return;
|
|
@ -4,8 +4,6 @@ namespace Misuzu;
|
||||||
use RuntimeException;
|
use RuntimeException;
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_CHANGELOG, User::getCurrent()->getId(), MSZ_PERM_CHANGELOG_MANAGE_TAGS)) {
|
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_CHANGELOG, User::getCurrent()->getId(), MSZ_PERM_CHANGELOG_MANAGE_TAGS)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
||||||
return;
|
return;
|
|
@ -3,8 +3,6 @@ namespace Misuzu;
|
||||||
|
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_CHANGELOG, User::getCurrent()->getId(), MSZ_PERM_CHANGELOG_MANAGE_TAGS)) {
|
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_CHANGELOG, User::getCurrent()->getId(), MSZ_PERM_CHANGELOG_MANAGE_TAGS)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
||||||
return;
|
return;
|
|
@ -3,8 +3,6 @@ namespace Misuzu;
|
||||||
|
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_FORUM_MANAGE_FORUMS)) {
|
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_FORUM_MANAGE_FORUMS)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
||||||
return;
|
return;
|
|
@ -3,8 +3,6 @@ namespace Misuzu;
|
||||||
|
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_FORUM_MANAGE_FORUMS)) {
|
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_FORUM_MANAGE_FORUMS)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
||||||
return;
|
return;
|
|
@ -3,8 +3,6 @@ namespace Misuzu;
|
||||||
|
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_FORUM_TOPIC_REDIRS)) {
|
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_FORUM_TOPIC_REDIRS)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
||||||
return;
|
return;
|
|
@ -4,8 +4,6 @@ namespace Misuzu;
|
||||||
use RuntimeException;
|
use RuntimeException;
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_GENERAL_MANAGE_EMOTES)) {
|
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_GENERAL_MANAGE_EMOTES)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
||||||
return;
|
return;
|
|
@ -4,8 +4,6 @@ namespace Misuzu;
|
||||||
use RuntimeException;
|
use RuntimeException;
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_GENERAL_MANAGE_EMOTES)) {
|
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_GENERAL_MANAGE_EMOTES)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
||||||
return;
|
return;
|
|
@ -1,8 +1,6 @@
|
||||||
<?php
|
<?php
|
||||||
namespace Misuzu;
|
namespace Misuzu;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
$statistics = DB::query('
|
$statistics = DB::query('
|
||||||
SELECT
|
SELECT
|
||||||
(
|
(
|
|
@ -4,8 +4,6 @@ namespace Misuzu;
|
||||||
use Misuzu\Pagination;
|
use Misuzu\Pagination;
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_GENERAL_VIEW_LOGS)) {
|
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_GENERAL_VIEW_LOGS)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
||||||
return;
|
return;
|
|
@ -4,8 +4,6 @@ namespace Misuzu;
|
||||||
use Misuzu\Config\CfgTools;
|
use Misuzu\Config\CfgTools;
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent()
|
if(!User::hasCurrent()
|
||||||
|| !perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_GENERAL_MANAGE_CONFIG)) {
|
|| !perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_GENERAL_MANAGE_CONFIG)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
|
@ -4,8 +4,6 @@ namespace Misuzu;
|
||||||
use Misuzu\Config\DbConfig;
|
use Misuzu\Config\DbConfig;
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent()
|
if(!User::hasCurrent()
|
||||||
|| !perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_GENERAL_MANAGE_CONFIG)) {
|
|| !perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_GENERAL_MANAGE_CONFIG)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
|
@ -3,8 +3,6 @@ namespace Misuzu;
|
||||||
|
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent()
|
if(!User::hasCurrent()
|
||||||
|| !perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_GENERAL_MANAGE_CONFIG)) {
|
|| !perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_GENERAL_MANAGE_CONFIG)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
|
@ -1,6 +1,4 @@
|
||||||
<?php
|
<?php
|
||||||
namespace Misuzu;
|
namespace Misuzu;
|
||||||
|
|
||||||
require_once '../../misuzu.php';
|
|
||||||
|
|
||||||
url_redirect('manage-general-overview');
|
url_redirect('manage-general-overview');
|
|
@ -3,8 +3,6 @@ namespace Misuzu;
|
||||||
|
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_NEWS, User::getCurrent()->getId(), MSZ_PERM_NEWS_MANAGE_CATEGORIES)) {
|
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_NEWS, User::getCurrent()->getId(), MSZ_PERM_NEWS_MANAGE_CATEGORIES)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
||||||
return;
|
return;
|
|
@ -4,8 +4,6 @@ namespace Misuzu;
|
||||||
use RuntimeException;
|
use RuntimeException;
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_NEWS, User::getCurrent()->getId(), MSZ_PERM_NEWS_MANAGE_CATEGORIES)) {
|
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_NEWS, User::getCurrent()->getId(), MSZ_PERM_NEWS_MANAGE_CATEGORIES)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
||||||
return;
|
return;
|
|
@ -1,6 +1,4 @@
|
||||||
<?php
|
<?php
|
||||||
namespace Misuzu;
|
namespace Misuzu;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
url_redirect('manage-news-categories');
|
url_redirect('manage-news-categories');
|
|
@ -4,8 +4,6 @@ namespace Misuzu;
|
||||||
use RuntimeException;
|
use RuntimeException;
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_NEWS, User::getCurrent()->getId(), MSZ_PERM_NEWS_MANAGE_POSTS)) {
|
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_NEWS, User::getCurrent()->getId(), MSZ_PERM_NEWS_MANAGE_POSTS)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
||||||
return;
|
return;
|
|
@ -3,8 +3,6 @@ namespace Misuzu;
|
||||||
|
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_NEWS, User::getCurrent()->getId(), MSZ_PERM_NEWS_MANAGE_POSTS)) {
|
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_NEWS, User::getCurrent()->getId(), MSZ_PERM_NEWS_MANAGE_POSTS)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
||||||
return;
|
return;
|
|
@ -3,8 +3,6 @@ namespace Misuzu;
|
||||||
|
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_USER, User::getCurrent()->getId(), MSZ_PERM_USER_MANAGE_USERS)) {
|
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_USER, User::getCurrent()->getId(), MSZ_PERM_USER_MANAGE_USERS)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
||||||
return;
|
return;
|
|
@ -7,8 +7,6 @@ use Misuzu\Users\User;
|
||||||
use Misuzu\Users\UserRole;
|
use Misuzu\Users\UserRole;
|
||||||
use Misuzu\Users\UserRoleNotFoundException;
|
use Misuzu\Users\UserRoleNotFoundException;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_USER, User::getCurrent()->getId(), MSZ_PERM_USER_MANAGE_ROLES)) {
|
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_USER, User::getCurrent()->getId(), MSZ_PERM_USER_MANAGE_ROLES)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
||||||
return;
|
return;
|
|
@ -4,8 +4,6 @@ namespace Misuzu;
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
use Misuzu\Users\UserRole;
|
use Misuzu\Users\UserRole;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_USER, User::getCurrent()->getId(), MSZ_PERM_USER_MANAGE_ROLES)) {
|
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_USER, User::getCurrent()->getId(), MSZ_PERM_USER_MANAGE_ROLES)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
||||||
return;
|
return;
|
|
@ -7,8 +7,6 @@ use Misuzu\Users\UserNotFoundException;
|
||||||
use Misuzu\Users\UserRole;
|
use Misuzu\Users\UserRole;
|
||||||
use Misuzu\Users\UserRoleNotFoundException;
|
use Misuzu\Users\UserRoleNotFoundException;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_USER, User::getCurrent()->getId(), MSZ_PERM_USER_MANAGE_USERS)) {
|
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_USER, User::getCurrent()->getId(), MSZ_PERM_USER_MANAGE_USERS)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
||||||
return;
|
return;
|
|
@ -8,8 +8,6 @@ use Misuzu\Users\UserWarning;
|
||||||
use Misuzu\Users\UserWarningNotFoundException;
|
use Misuzu\Users\UserWarningNotFoundException;
|
||||||
use Misuzu\Users\UserWarningCreationFailedException;
|
use Misuzu\Users\UserWarningCreationFailedException;
|
||||||
|
|
||||||
require_once '../../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_USER, User::getCurrent()->getId(), MSZ_PERM_USER_MANAGE_WARNINGS)) {
|
if(!User::hasCurrent() || !perms_check_user(MSZ_PERMS_USER, User::getCurrent()->getId(), MSZ_PERM_USER_MANAGE_WARNINGS)) {
|
||||||
echo render_error(403);
|
echo render_error(403);
|
||||||
return;
|
return;
|
|
@ -5,8 +5,6 @@ use Misuzu\Users\User;
|
||||||
use Misuzu\Users\UserRole;
|
use Misuzu\Users\UserRole;
|
||||||
use Misuzu\Users\UserRoleNotFoundException;
|
use Misuzu\Users\UserRoleNotFoundException;
|
||||||
|
|
||||||
require_once '../misuzu.php';
|
|
||||||
|
|
||||||
$roleId = !empty($_GET['r']) && is_string($_GET['r']) ? (int)$_GET['r'] : UserRole::DEFAULT;
|
$roleId = !empty($_GET['r']) && is_string($_GET['r']) ? (int)$_GET['r'] : UserRole::DEFAULT;
|
||||||
$orderBy = !empty($_GET['ss']) && is_string($_GET['ss']) ? mb_strtolower($_GET['ss']) : '';
|
$orderBy = !empty($_GET['ss']) && is_string($_GET['ss']) ? mb_strtolower($_GET['ss']) : '';
|
||||||
$orderDir = !empty($_GET['sd']) && is_string($_GET['sd']) ? mb_strtolower($_GET['sd']) : '';
|
$orderDir = !empty($_GET['sd']) && is_string($_GET['sd']) ? mb_strtolower($_GET['sd']) : '';
|
|
@ -14,8 +14,6 @@ use Misuzu\Users\Assets\UserImageAssetInvalidTypeException;
|
||||||
use Misuzu\Users\Assets\UserImageAssetInvalidDimensionsException;
|
use Misuzu\Users\Assets\UserImageAssetInvalidDimensionsException;
|
||||||
use Misuzu\Users\Assets\UserImageAssetFileTooLargeException;
|
use Misuzu\Users\Assets\UserImageAssetFileTooLargeException;
|
||||||
|
|
||||||
require_once '../misuzu.php';
|
|
||||||
|
|
||||||
$userId = !empty($_GET['u']) && is_string($_GET['u']) ? trim($_GET['u']) : 0;
|
$userId = !empty($_GET['u']) && is_string($_GET['u']) ? trim($_GET['u']) : 0;
|
||||||
$profileMode = !empty($_GET['m']) && is_string($_GET['m']) ? (string)$_GET['m'] : '';
|
$profileMode = !empty($_GET['m']) && is_string($_GET['m']) ? (string)$_GET['m'] : '';
|
||||||
$isEditing = !empty($_GET['edit']) && is_string($_GET['edit']) ? (bool)$_GET['edit'] : !empty($_POST) && is_array($_POST);
|
$isEditing = !empty($_GET['edit']) && is_string($_GET['edit']) ? (bool)$_GET['edit'] : !empty($_POST) && is_array($_POST);
|
|
@ -5,8 +5,6 @@ use RuntimeException;
|
||||||
use Misuzu\Comments\CommentsCategory;
|
use Misuzu\Comments\CommentsCategory;
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
require_once '../misuzu.php';
|
|
||||||
|
|
||||||
$searchQuery = !empty($_GET['q']) && is_string($_GET['q']) ? $_GET['q'] : '';
|
$searchQuery = !empty($_GET['q']) && is_string($_GET['q']) ? $_GET['q'] : '';
|
||||||
|
|
||||||
if(!empty($searchQuery)) {
|
if(!empty($searchQuery)) {
|
|
@ -8,8 +8,6 @@ use Misuzu\Users\UserSession;
|
||||||
use chillerlan\QRCode\QRCode;
|
use chillerlan\QRCode\QRCode;
|
||||||
use chillerlan\QRCode\QROptions;
|
use chillerlan\QRCode\QROptions;
|
||||||
|
|
||||||
require_once '../../misuzu.php';
|
|
||||||
|
|
||||||
if(!UserSession::hasCurrent()) {
|
if(!UserSession::hasCurrent()) {
|
||||||
echo render_error(401);
|
echo render_error(401);
|
||||||
return;
|
return;
|
|
@ -7,8 +7,6 @@ use Index\IO\FileStream;
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
use Misuzu\Users\UserSession;
|
use Misuzu\Users\UserSession;
|
||||||
|
|
||||||
require_once '../../misuzu.php';
|
|
||||||
|
|
||||||
if(!UserSession::hasCurrent()) {
|
if(!UserSession::hasCurrent()) {
|
||||||
echo render_error(401);
|
echo render_error(401);
|
||||||
return;
|
return;
|
|
@ -3,8 +3,6 @@ namespace Misuzu;
|
||||||
|
|
||||||
use Misuzu\Users\UserSession;
|
use Misuzu\Users\UserSession;
|
||||||
|
|
||||||
require_once '../../misuzu.php';
|
|
||||||
|
|
||||||
if(!UserSession::hasCurrent()) {
|
if(!UserSession::hasCurrent()) {
|
||||||
echo render_error(401);
|
echo render_error(401);
|
||||||
return;
|
return;
|
|
@ -5,8 +5,6 @@ use Misuzu\Pagination;
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
use Misuzu\Users\UserLoginAttempt;
|
use Misuzu\Users\UserLoginAttempt;
|
||||||
|
|
||||||
require_once '../../misuzu.php';
|
|
||||||
|
|
||||||
$currentUser = User::getCurrent();
|
$currentUser = User::getCurrent();
|
||||||
|
|
||||||
if($currentUser === null) {
|
if($currentUser === null) {
|
|
@ -5,8 +5,6 @@ use Misuzu\Users\User;
|
||||||
use Misuzu\Users\UserSession;
|
use Misuzu\Users\UserSession;
|
||||||
use Misuzu\Users\UserSessionNotFoundException;
|
use Misuzu\Users\UserSessionNotFoundException;
|
||||||
|
|
||||||
require_once '../../misuzu.php';
|
|
||||||
|
|
||||||
if(!User::hasCurrent()) {
|
if(!User::hasCurrent()) {
|
||||||
echo render_error(401);
|
echo render_error(401);
|
||||||
return;
|
return;
|
|
@ -1,2 +0,0 @@
|
||||||
<?php
|
|
||||||
require_once __DIR__ . '/index.php';
|
|
|
@ -1,2 +0,0 @@
|
||||||
<?php
|
|
||||||
require_once __DIR__ . '/index.php';
|
|
|
@ -1,2 +0,0 @@
|
||||||
<?php
|
|
||||||
require_once __DIR__ . '/index.php';
|
|
200
public/index.php
200
public/index.php
|
@ -1,9 +1,207 @@
|
||||||
<?php
|
<?php
|
||||||
namespace Misuzu;
|
namespace Misuzu;
|
||||||
|
|
||||||
|
use Misuzu\Users\User;
|
||||||
|
use Misuzu\Users\UserSession;
|
||||||
|
|
||||||
require_once __DIR__ . '/../misuzu.php';
|
require_once __DIR__ . '/../misuzu.php';
|
||||||
|
|
||||||
|
set_exception_handler(function(\Throwable $ex) {
|
||||||
|
http_response_code(500);
|
||||||
|
ob_clean();
|
||||||
|
|
||||||
|
if(MSZ_DEBUG) {
|
||||||
|
header('Content-Type: text/plain; charset=utf-8');
|
||||||
|
echo (string)$ex;
|
||||||
|
} else {
|
||||||
|
header('Content-Type: text/html; charset=utf-8');
|
||||||
|
echo file_get_contents(MSZ_TEMPLATES . '/500.html');
|
||||||
|
}
|
||||||
|
exit;
|
||||||
|
});
|
||||||
|
|
||||||
|
// The whole wall of shit before the router setup and dispatch should be worked away
|
||||||
|
// Lockdown things should be middleware when there's no more legacy files
|
||||||
|
|
||||||
$request = \Index\Http\HttpRequest::fromRequest();
|
$request = \Index\Http\HttpRequest::fromRequest();
|
||||||
|
|
||||||
$msz->setUpHttp(str_contains($request->getPath(), '.php'));
|
ob_start();
|
||||||
|
|
||||||
|
if(file_exists(MSZ_ROOT . '/.migrating')) {
|
||||||
|
http_response_code(503);
|
||||||
|
if(!isset($_GET['_check'])) {
|
||||||
|
header('Content-Type: text/html; charset=utf-8');
|
||||||
|
echo file_get_contents(MSZ_TEMPLATES . '/503.html');
|
||||||
|
}
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!MSZ_DEBUG) {
|
||||||
|
$twigCacheDirSfx = GitInfo::hash(true);
|
||||||
|
if(empty($twigCacheDirSfx))
|
||||||
|
$twigCacheDirSfx = md5(MSZ_ROOT);
|
||||||
|
|
||||||
|
$twigCache = sys_get_temp_dir() . '/msz-tpl-' . $twigCacheDirSfx;
|
||||||
|
if(!is_dir($twigCache))
|
||||||
|
mkdir($twigCache, 0775, true);
|
||||||
|
}
|
||||||
|
|
||||||
|
$globals = $cfg->getValues([
|
||||||
|
['site.name:s', 'Misuzu'],
|
||||||
|
'site.desc:s',
|
||||||
|
'site.url:s',
|
||||||
|
'sockChat.chatPath.normal:s',
|
||||||
|
'eeprom.path:s',
|
||||||
|
'eeprom.app:s',
|
||||||
|
['auth.secret:s', 'meow'],
|
||||||
|
['csrf.secret:s', 'soup'],
|
||||||
|
'private.enabled:b',
|
||||||
|
]);
|
||||||
|
|
||||||
|
Template::init($msz, $twigCache ?? null, MSZ_DEBUG);
|
||||||
|
|
||||||
|
Template::set('globals', [
|
||||||
|
'site_name' => $globals['site.name'],
|
||||||
|
'site_description' => $globals['site.desc'],
|
||||||
|
'site_url' => $globals['site.url'],
|
||||||
|
'site_chat' => $globals['sockChat.chatPath.normal'],
|
||||||
|
'eeprom' => [
|
||||||
|
'path' => $globals['eeprom.path'],
|
||||||
|
'app' => $globals['eeprom.app'],
|
||||||
|
],
|
||||||
|
]);
|
||||||
|
|
||||||
|
$mszAssetsInfo = json_decode(file_get_contents(MSZ_ASSETS . '/current.json'));
|
||||||
|
if(!empty($mszAssetsInfo))
|
||||||
|
Template::set('assets', $mszAssetsInfo);
|
||||||
|
unset($mszAssetsInfo);
|
||||||
|
|
||||||
|
Template::addPath(MSZ_TEMPLATES);
|
||||||
|
|
||||||
|
AuthToken::setSecretKey($globals['auth.secret']);
|
||||||
|
|
||||||
|
if(isset($_COOKIE['msz_uid']) && isset($_COOKIE['msz_sid'])) {
|
||||||
|
$authToken = new AuthToken;
|
||||||
|
$authToken->setUserId(filter_input(INPUT_COOKIE, 'msz_uid', FILTER_SANITIZE_NUMBER_INT) ?? 0);
|
||||||
|
$authToken->setSessionToken(filter_input(INPUT_COOKIE, 'msz_sid') ?? '');
|
||||||
|
|
||||||
|
if($authToken->isValid())
|
||||||
|
$authToken->applyCookie(strtotime('1 year'));
|
||||||
|
|
||||||
|
AuthToken::nukeCookieLegacy();
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!isset($authToken))
|
||||||
|
$authToken = AuthToken::unpack(filter_input(INPUT_COOKIE, 'msz_auth') ?? '');
|
||||||
|
|
||||||
|
if($authToken->isValid()) {
|
||||||
|
$authToken->setCurrent();
|
||||||
|
|
||||||
|
try {
|
||||||
|
$sessionInfo = UserSession::byToken($authToken->getSessionToken());
|
||||||
|
if($sessionInfo->hasExpired()) {
|
||||||
|
$sessionInfo->delete();
|
||||||
|
} elseif($sessionInfo->getUserId() === $authToken->getUserId()) {
|
||||||
|
$userInfo = $sessionInfo->getUser();
|
||||||
|
if(!$userInfo->isDeleted()) {
|
||||||
|
$sessionInfo->setCurrent();
|
||||||
|
$userInfo->setCurrent();
|
||||||
|
$sessionInfo->bump($_SERVER['REMOTE_ADDR']);
|
||||||
|
|
||||||
|
if($sessionInfo->shouldBumpExpire())
|
||||||
|
$authToken->applyCookie($sessionInfo->getExpiresTime());
|
||||||
|
|
||||||
|
// only allow impersonation when super user
|
||||||
|
if($authToken->hasImpersonatedUserId() && $userInfo->isSuper()) {
|
||||||
|
$userInfoReal = $userInfo;
|
||||||
|
|
||||||
|
try {
|
||||||
|
$userInfo = User::byId($authToken->getImpersonatedUserId());
|
||||||
|
} catch(UserNotFoundException $ex) {
|
||||||
|
$userInfo = $userInfoReal;
|
||||||
|
$authToken->removeImpersonatedUserId();
|
||||||
|
$authToken->applyCookie();
|
||||||
|
}
|
||||||
|
|
||||||
|
$userInfo->setCurrent();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} catch(UserNotFoundException $ex) {
|
||||||
|
UserSession::unsetCurrent();
|
||||||
|
User::unsetCurrent();
|
||||||
|
} catch(UserSessionNotFoundException $ex) {
|
||||||
|
UserSession::unsetCurrent();
|
||||||
|
User::unsetCurrent();
|
||||||
|
}
|
||||||
|
|
||||||
|
if(UserSession::hasCurrent()) {
|
||||||
|
$userInfo->bumpActivity($_SERVER['REMOTE_ADDR']);
|
||||||
|
} else
|
||||||
|
AuthToken::nukeCookie();
|
||||||
|
}
|
||||||
|
|
||||||
|
CSRF::init(
|
||||||
|
$globals['csrf.secret'],
|
||||||
|
(UserSession::hasCurrent() ? UserSession::getCurrent()->getToken() : ($_SERVER['REMOTE_ADDR'] ?? '::1'))
|
||||||
|
);
|
||||||
|
|
||||||
|
if($globals['private.enabled']) {
|
||||||
|
$onLoginPage = $_SERVER['PHP_SELF'] === url('auth-login');
|
||||||
|
$onPasswordPage = parse_url($_SERVER['PHP_SELF'], PHP_URL_PATH) === url('auth-forgot');
|
||||||
|
$misuzuBypassLockdown = !empty($misuzuBypassLockdown) || $onLoginPage;
|
||||||
|
|
||||||
|
if(!$misuzuBypassLockdown) {
|
||||||
|
if(UserSession::hasCurrent()) {
|
||||||
|
['private.perm.cat' => $privatePermCat, 'private.perm.val' => $privatePermVal] = $cfg->getValues(['private.perm.cat:s', 'private.perm.val:i']);
|
||||||
|
|
||||||
|
if(!empty($privatePermCat) && $privatePermVal > 0) {
|
||||||
|
if(!perms_check_user($privatePermCat, User::getCurrent()->getId(), $privatePermVal)) {
|
||||||
|
// au revoir
|
||||||
|
UserSession::unsetCurrent();
|
||||||
|
User::unsetCurrent();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} elseif(!$onLoginPage && !($onPasswordPage && $cfg->getBoolean('private.allow_password_reset', true))) {
|
||||||
|
url_redirect('auth-login');
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!empty($userInfo))
|
||||||
|
Template::set('current_user', $userInfo);
|
||||||
|
if(!empty($userInfoReal))
|
||||||
|
Template::set('current_user_real', $userInfoReal);
|
||||||
|
|
||||||
|
$inManageMode = str_starts_with($_SERVER['REQUEST_URI'], '/manage');
|
||||||
|
$hasManageAccess = User::hasCurrent()
|
||||||
|
&& !User::getCurrent()->hasActiveWarning()
|
||||||
|
&& perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_GENERAL_CAN_MANAGE);
|
||||||
|
Template::set('has_manage_access', $hasManageAccess);
|
||||||
|
|
||||||
|
if($inManageMode) {
|
||||||
|
if(!$hasManageAccess) {
|
||||||
|
echo render_error(403);
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
Template::set('manage_menu', manage_get_menu(User::getCurrent()->getId()));
|
||||||
|
}
|
||||||
|
|
||||||
|
$mszRequestPath = $request->getPath();
|
||||||
|
$mszLegacyPathPrefix = MSZ_PUBLIC . '-legacy/';
|
||||||
|
$mszLegacyPath = realpath($mszLegacyPathPrefix . $mszRequestPath);
|
||||||
|
|
||||||
|
if(!empty($mszLegacyPath) && str_starts_with($mszLegacyPath, $mszLegacyPathPrefix)) {
|
||||||
|
if(is_dir($mszLegacyPath))
|
||||||
|
$mszLegacyPath .= '/index.php';
|
||||||
|
|
||||||
|
if(is_file($mszLegacyPath)) {
|
||||||
|
require_once $mszLegacyPath;
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$msz->setUpHttp(str_contains($mszRequestPath, '.php'));
|
||||||
$msz->dispatchHttp($request);
|
$msz->dispatchHttp($request);
|
||||||
|
|
|
@ -1,2 +0,0 @@
|
||||||
<?php
|
|
||||||
require_once __DIR__ . '/index.php';
|
|
|
@ -1,2 +0,0 @@
|
||||||
<?php
|
|
||||||
require_once __DIR__ . '/index.php';
|
|
|
@ -1,2 +0,0 @@
|
||||||
<?php
|
|
||||||
require_once __DIR__ . '/../index.php';
|
|
|
@ -1,2 +0,0 @@
|
||||||
<?php
|
|
||||||
require_once __DIR__ . '/../index.php';
|
|
|
@ -1,2 +0,0 @@
|
||||||
<?php
|
|
||||||
require_once __DIR__ . '/../index.php';
|
|
|
@ -1,2 +0,0 @@
|
||||||
<?php
|
|
||||||
require_once __DIR__ . '/../index.php';
|
|
|
@ -1,2 +0,0 @@
|
||||||
<?php
|
|
||||||
require_once __DIR__ . '/index.php';
|
|
|
@ -1,2 +0,0 @@
|
||||||
<?php
|
|
||||||
require_once __DIR__ . '/index.php';
|
|
|
@ -7,7 +7,6 @@ abstract class Handler {
|
||||||
protected MisuzuContext $context;
|
protected MisuzuContext $context;
|
||||||
|
|
||||||
public function __construct(MisuzuContext $context) {
|
public function __construct(MisuzuContext $context) {
|
||||||
\Misuzu\mszLockdown();
|
|
||||||
$this->context = $context;
|
$this->context = $context;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue