131 lines
3.8 KiB
PHP
131 lines
3.8 KiB
PHP
<?php
|
|
// namespace
|
|
namespace sven\sys\sven;
|
|
|
|
/**
|
|
* web
|
|
*
|
|
* Handling all requests
|
|
*
|
|
* @package sven\sys\sven
|
|
* @copyright 2018 Ruben Meyer
|
|
* @author Ruben Meyer <contact@rxbn.de>
|
|
* @version 0.1.0
|
|
* @TODO Documentation
|
|
*/
|
|
class web {
|
|
|
|
public static $API = FALSE;
|
|
|
|
private $api_pattern = '%index_dir%/%file%';
|
|
private $file_pattern = '%index_dir%/pages/%file%';
|
|
|
|
public function __construct($index_dir) {
|
|
$file = "";
|
|
if(isset($_GET['file'])) $file = $_GET['file'];
|
|
else $file = 'index';
|
|
|
|
// check if it is a API request
|
|
if(utilities::startsWith($file, 'api') || utilities::startsWith($file, '/api')) self::$API = TRUE;
|
|
|
|
$file_pattern = str_replace('%index_dir%', $index_dir, (self::$API) ? $this->api_pattern : $this->file_pattern);
|
|
|
|
$auth = new \sven\sys\security\auth();
|
|
|
|
// if length of filename <= 255
|
|
if(strlen($file) <= 255) {
|
|
// if string ends with '/', remove it
|
|
if(utilities::endsWith($file, '/')) $file = substr($file, 0, -1);
|
|
|
|
// if string ends with '.html' OR with '.htm', remove it
|
|
if(utilities::endsWith($file, '.html')) $file = substr($file, 0, -5);
|
|
else if(utilities::endsWith($file, '.htm')) $file = substr($file, 0, -4);
|
|
else if(utilities::endsWith($file, '.php')) $file = substr($file, 0, -4);
|
|
} else {
|
|
if(!self::$API) $file = "errors/404";
|
|
else $file = "api/error/404";
|
|
}
|
|
|
|
$path = str_replace('%file%', $file, $file_pattern);
|
|
|
|
if(!self::$API) {
|
|
/**
|
|
* ////// // // ////// //////
|
|
* // // // // //
|
|
* ////// // // ////// //////
|
|
* // // // // //
|
|
* // // ////// ////// //////
|
|
*/
|
|
|
|
// path checking
|
|
if(file_exists($path.'.php')) $path .= '.php';
|
|
elseif(is_dir($path.'/') && file_exists($path.'/index.php')) $path .= '/index.php';
|
|
else $path = str_replace('%file%', './errors/404.php', $file_pattern);
|
|
|
|
require_once($path);
|
|
|
|
$this->loadTemplates($index_dir);
|
|
|
|
// setting login / logout text and links
|
|
if($auth->loggedIn()) {
|
|
\sven\sys\core::addReplacement('all', 'logInOutText', "Logout");
|
|
\sven\sys\core::addReplacement('all', 'logInOutLink', "/sven/logout");
|
|
} else {
|
|
\sven\sys\core::addReplacement('all', 'logInOutText', "Login");
|
|
\sven\sys\core::addReplacement('all', 'logInOutLink', "/sven/login");
|
|
}
|
|
} else {
|
|
/**
|
|
* ////// /////// // //////
|
|
* // // // // // //
|
|
* ////// ////// // //////
|
|
* // // // // //
|
|
* // // // // //////
|
|
*/
|
|
|
|
// path checking
|
|
if(file_exists($path.'.php')) $path .= '.php';
|
|
else $path = str_replace('%file%', 'api/error/404.php', $file_pattern);
|
|
|
|
require_once($path);
|
|
|
|
$arr = \sven\sys\core::rawApiOutput();
|
|
$arr->access = ($auth->loggedIn()) ? "granted" : "denied";
|
|
\sven\sys\core::replaceApiOutput($arr);
|
|
}
|
|
}
|
|
|
|
public function loadTemplates($index_dir) {
|
|
$file_pattern = str_replace('%index_dir%/pages', $index_dir.'/templates', $this->file_pattern);
|
|
|
|
foreach (glob(str_replace('%file%', '/*.php', $file_pattern)) as $path) {
|
|
require_once($path);
|
|
}
|
|
}
|
|
|
|
public static function setSecurityHeaders() {
|
|
$headers = [
|
|
//"key" => "value"
|
|
"X-Content-Type-Options" => "nosniff",
|
|
"X-Frame-Options" => "DENY",
|
|
"X-Powered-By" => false
|
|
];
|
|
//header(key: value, true);
|
|
foreach ($headers as $key => $value) {
|
|
if($value !== false)
|
|
header($key.": ".$value, true);
|
|
else
|
|
header_remove($key);
|
|
}
|
|
}
|
|
|
|
public static function getRequestBody($type = "json") {
|
|
if($type === "json") {
|
|
return json_decode(file_get_contents('php://input'));
|
|
}
|
|
}
|
|
|
|
};
|
|
|
|
?>
|