Restructured public folder and initialisation process.
This commit is contained in:
parent
67b41379e5
commit
a09c8b7ef6
62 changed files with 210 additions and 331 deletions
223
misuzu.php
223
misuzu.php
|
|
@ -3,13 +3,8 @@ namespace Misuzu;
|
|||
|
||||
use Index\Autoloader;
|
||||
use Index\Environment;
|
||||
use Index\Data\ConnectionFailedException;
|
||||
use Index\Data\DbTools;
|
||||
use Misuzu\Config\DbConfig;
|
||||
use Misuzu\Users\User;
|
||||
use Misuzu\Users\UserNotFoundException;
|
||||
use Misuzu\Users\UserSession;
|
||||
use Misuzu\Users\UserSessionNotFoundException;
|
||||
|
||||
define('MSZ_STARTUP', microtime(true));
|
||||
define('MSZ_ROOT', __DIR__);
|
||||
|
|
@ -33,38 +28,18 @@ Environment::setDebug(MSZ_DEBUG);
|
|||
|
||||
mb_internal_encoding('utf-8');
|
||||
date_default_timezone_set('utc');
|
||||
set_include_path(get_include_path() . PATH_SEPARATOR . MSZ_ROOT);
|
||||
|
||||
set_exception_handler(function(\Throwable $ex) {
|
||||
if(MSZ_CLI) {
|
||||
echo (string)$ex;
|
||||
} else {
|
||||
http_response_code(500);
|
||||
ob_clean();
|
||||
|
||||
if(MSZ_DEBUG) {
|
||||
header('Content-Type: text/plain; charset=utf-8');
|
||||
echo (string)$ex;
|
||||
} else {
|
||||
header('Content-Type: text/html; charset=utf-8');
|
||||
echo file_get_contents(MSZ_TEMPLATES . '/500.html');
|
||||
}
|
||||
}
|
||||
exit;
|
||||
});
|
||||
|
||||
require_once 'vendor/autoload.php';
|
||||
|
||||
require_once 'utility.php';
|
||||
require_once 'src/perms.php';
|
||||
require_once 'src/manage.php';
|
||||
require_once 'src/url.php';
|
||||
require_once 'src/Forum/perms.php';
|
||||
require_once 'src/Forum/forum.php';
|
||||
require_once 'src/Forum/leaderboard.php';
|
||||
require_once 'src/Forum/post.php';
|
||||
require_once 'src/Forum/topic.php';
|
||||
require_once 'src/Forum/validate.php';
|
||||
require_once MSZ_ROOT . '/vendor/autoload.php';
|
||||
require_once MSZ_ROOT . '/utility.php';
|
||||
require_once MSZ_SOURCE . '/perms.php';
|
||||
require_once MSZ_SOURCE . '/manage.php';
|
||||
require_once MSZ_SOURCE . '/url.php';
|
||||
require_once MSZ_SOURCE . '/Forum/perms.php';
|
||||
require_once MSZ_SOURCE . '/Forum/forum.php';
|
||||
require_once MSZ_SOURCE . '/Forum/leaderboard.php';
|
||||
require_once MSZ_SOURCE . '/Forum/post.php';
|
||||
require_once MSZ_SOURCE . '/Forum/topic.php';
|
||||
require_once MSZ_SOURCE . '/Forum/validate.php';
|
||||
|
||||
$dbConfig = parse_ini_file(MSZ_CONFIG . '/config.ini', true, INI_SCANNER_TYPED);
|
||||
|
||||
|
|
@ -86,179 +61,3 @@ $cfg = new DbConfig($db);
|
|||
Mailer::init($cfg->scopeTo('mail'));
|
||||
|
||||
$msz = new MisuzuContext($db, $cfg);
|
||||
|
||||
if(MSZ_CLI)
|
||||
return;
|
||||
|
||||
// Everything below here should eventually be moved to index.php, probably only initialised when required.
|
||||
// Serving things like the css/js doesn't need to initialise sessions.
|
||||
|
||||
ob_start();
|
||||
|
||||
if(file_exists(MSZ_ROOT . '/.migrating')) {
|
||||
http_response_code(503);
|
||||
if(!isset($_GET['_check'])) {
|
||||
header('Content-Type: text/html; charset=utf-8');
|
||||
echo file_get_contents(MSZ_TEMPLATES . '/503.html');
|
||||
}
|
||||
exit;
|
||||
}
|
||||
|
||||
if(!MSZ_DEBUG) {
|
||||
$twigCacheDirSfx = GitInfo::hash(true);
|
||||
if(empty($twigCacheDirSfx))
|
||||
$twigCacheDirSfx = md5(MSZ_ROOT);
|
||||
|
||||
$twigCache = sys_get_temp_dir() . '/msz-tpl-' . $twigCacheDirSfx;
|
||||
if(!is_dir($twigCache))
|
||||
mkdir($twigCache, 0775, true);
|
||||
}
|
||||
|
||||
$globals = $cfg->getValues([
|
||||
['site.name:s', 'Misuzu'],
|
||||
'site.desc:s',
|
||||
'site.url:s',
|
||||
'sockChat.chatPath.normal:s',
|
||||
'eeprom.path:s',
|
||||
'eeprom.app:s',
|
||||
['auth.secret:s', 'meow'],
|
||||
['csrf.secret:s', 'soup'],
|
||||
]);
|
||||
|
||||
Template::init($msz, $twigCache ?? null, MSZ_DEBUG);
|
||||
|
||||
Template::set('globals', [
|
||||
'site_name' => $globals['site.name'],
|
||||
'site_description' => $globals['site.desc'],
|
||||
'site_url' => $globals['site.url'],
|
||||
'site_chat' => $globals['sockChat.chatPath.normal'],
|
||||
'eeprom' => [
|
||||
'path' => $globals['eeprom.path'],
|
||||
'app' => $globals['eeprom.app'],
|
||||
],
|
||||
]);
|
||||
|
||||
$mszAssetsInfo = json_decode(file_get_contents(MSZ_ASSETS . '/current.json'));
|
||||
if(!empty($mszAssetsInfo))
|
||||
Template::set('assets', $mszAssetsInfo);
|
||||
unset($mszAssetsInfo);
|
||||
|
||||
Template::addPath(MSZ_TEMPLATES);
|
||||
|
||||
AuthToken::setSecretKey($globals['auth.secret']);
|
||||
|
||||
if(isset($_COOKIE['msz_uid']) && isset($_COOKIE['msz_sid'])) {
|
||||
$authToken = new AuthToken;
|
||||
$authToken->setUserId(filter_input(INPUT_COOKIE, 'msz_uid', FILTER_SANITIZE_NUMBER_INT) ?? 0);
|
||||
$authToken->setSessionToken(filter_input(INPUT_COOKIE, 'msz_sid') ?? '');
|
||||
|
||||
if($authToken->isValid())
|
||||
$authToken->applyCookie(strtotime('1 year'));
|
||||
|
||||
AuthToken::nukeCookieLegacy();
|
||||
}
|
||||
|
||||
if(!isset($authToken))
|
||||
$authToken = AuthToken::unpack(filter_input(INPUT_COOKIE, 'msz_auth') ?? '');
|
||||
|
||||
if($authToken->isValid()) {
|
||||
$authToken->setCurrent();
|
||||
|
||||
try {
|
||||
$sessionInfo = UserSession::byToken($authToken->getSessionToken());
|
||||
if($sessionInfo->hasExpired()) {
|
||||
$sessionInfo->delete();
|
||||
} elseif($sessionInfo->getUserId() === $authToken->getUserId()) {
|
||||
$userInfo = $sessionInfo->getUser();
|
||||
if(!$userInfo->isDeleted()) {
|
||||
$sessionInfo->setCurrent();
|
||||
$userInfo->setCurrent();
|
||||
$sessionInfo->bump($_SERVER['REMOTE_ADDR']);
|
||||
|
||||
if($sessionInfo->shouldBumpExpire())
|
||||
$authToken->applyCookie($sessionInfo->getExpiresTime());
|
||||
|
||||
// only allow impersonation when super user
|
||||
if($authToken->hasImpersonatedUserId() && $userInfo->isSuper()) {
|
||||
$userInfoReal = $userInfo;
|
||||
|
||||
try {
|
||||
$userInfo = User::byId($authToken->getImpersonatedUserId());
|
||||
} catch(UserNotFoundException $ex) {
|
||||
$userInfo = $userInfoReal;
|
||||
$authToken->removeImpersonatedUserId();
|
||||
$authToken->applyCookie();
|
||||
}
|
||||
|
||||
$userInfo->setCurrent();
|
||||
}
|
||||
}
|
||||
}
|
||||
} catch(UserNotFoundException $ex) {
|
||||
UserSession::unsetCurrent();
|
||||
User::unsetCurrent();
|
||||
} catch(UserSessionNotFoundException $ex) {
|
||||
UserSession::unsetCurrent();
|
||||
User::unsetCurrent();
|
||||
}
|
||||
|
||||
if(UserSession::hasCurrent()) {
|
||||
$userInfo->bumpActivity($_SERVER['REMOTE_ADDR']);
|
||||
} else
|
||||
AuthToken::nukeCookie();
|
||||
}
|
||||
|
||||
CSRF::init(
|
||||
$globals['csrf.secret'],
|
||||
(UserSession::hasCurrent() ? UserSession::getCurrent()->getToken() : ($_SERVER['REMOTE_ADDR'] ?? '::1'))
|
||||
);
|
||||
|
||||
function mszLockdown(): void {
|
||||
global $misuzuBypassLockdown, $cfg;
|
||||
|
||||
if($cfg->getBoolean('private.enabled')) {
|
||||
$onLoginPage = $_SERVER['PHP_SELF'] === url('auth-login');
|
||||
$onPasswordPage = parse_url($_SERVER['PHP_SELF'], PHP_URL_PATH) === url('auth-forgot');
|
||||
$misuzuBypassLockdown = !empty($misuzuBypassLockdown) || $onLoginPage;
|
||||
|
||||
if(!$misuzuBypassLockdown) {
|
||||
if(UserSession::hasCurrent()) {
|
||||
['private.perm.cat' => $privatePermCat, 'private.perm.val' => $privatePermVal] = $cfg->getValues(['private.perm.cat:s', 'private.perm.val:i']);
|
||||
|
||||
if(!empty($privatePermCat) && $privatePermVal > 0) {
|
||||
if(!perms_check_user($privatePermCat, User::getCurrent()->getId(), $privatePermVal)) {
|
||||
// au revoir
|
||||
UserSession::unsetCurrent();
|
||||
User::unsetCurrent();
|
||||
}
|
||||
}
|
||||
} elseif(!$onLoginPage && !($onPasswordPage && $cfg->getBoolean('private.allow_password_reset', true))) {
|
||||
url_redirect('auth-login');
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if(parse_url($_SERVER['PHP_SELF'], PHP_URL_PATH) !== '/index.php')
|
||||
mszLockdown();
|
||||
|
||||
if(!empty($userInfo))
|
||||
Template::set('current_user', $userInfo);
|
||||
if(!empty($userInfoReal))
|
||||
Template::set('current_user_real', $userInfoReal);
|
||||
|
||||
$inManageMode = str_starts_with($_SERVER['REQUEST_URI'], '/manage');
|
||||
$hasManageAccess = User::hasCurrent()
|
||||
&& !User::getCurrent()->hasActiveWarning()
|
||||
&& perms_check_user(MSZ_PERMS_GENERAL, User::getCurrent()->getId(), MSZ_PERM_GENERAL_CAN_MANAGE);
|
||||
Template::set('has_manage_access', $hasManageAccess);
|
||||
|
||||
if($inManageMode) {
|
||||
if(!$hasManageAccess) {
|
||||
echo render_error(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
Template::set('manage_menu', manage_get_menu(User::getCurrent()->getId()));
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue