From 52b077a48c743ba4d08ac00520a0bf1ef6deef5f Mon Sep 17 00:00:00 2001 From: Thomas Lange Date: Fri, 24 Feb 2017 21:27:59 +0100 Subject: Initial commit. --- core/application.php | 136 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 136 insertions(+) create mode 100644 core/application.php (limited to 'core/application.php') diff --git a/core/application.php b/core/application.php new file mode 100644 index 0000000..58dd728 --- /dev/null +++ b/core/application.php @@ -0,0 +1,136 @@ +] # +#%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%# +# # +# This file is included by each file from the system or admin directory. # +# # +#%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%# + +#=============================================================================== +# Document root +#=============================================================================== +define('ROOT', dirname(__DIR__).'/'); + +#=============================================================================== +# Autoload register for classes +#=============================================================================== +spl_autoload_register(function($classname) { + $classname = str_replace('\\', '/', $classname); + require_once "namespace/{$classname}.php"; +}); + +#=============================================================================== +# Exception handler for non-caught exceptions +#=============================================================================== +set_exception_handler(function($Exception) { + http_response_code(503); + exit($Exception->getMessage()); +}); + +#=============================================================================== +# Initialize HTTP class and remove all arrays from $_GET and $_POST +#=============================================================================== +HTTP::init($_GET, $_POST, $_FILES, TRUE); + +#=============================================================================== +# Include configuration +#=============================================================================== +require_once 'configuration.php'; + +#=============================================================================== +# Overwrite configuration if admin +#=============================================================================== +if(defined('ADMINISTRATION') AND ADMINISTRATION === TRUE) { + + #=========================================================================== + # Enable sessions + #=========================================================================== + session_start(); + + #=========================================================================== + # Authentication check + #=========================================================================== + if(defined('AUTHENTICATION') AND !Application::isAuthenticated()) { + HTTP::redirect(Application::getAdminURL('auth.php')); + } + + #=========================================================================== + # Overwrite configuration + #=========================================================================== + Application::set('CORE.LANGUAGE', Application::get('ADMIN.LANGUAGE')); + Application::set('TEMPLATE.NAME', Application::get('ADMIN.TEMPLATE')); + Application::set('TEMPLATE.LANG', Application::get('ADMIN.LANGUAGE')); +} + +#=============================================================================== +# Include functions +#=============================================================================== +require_once 'functions.php'; + +#=============================================================================== +# TRY: PDOException +#=============================================================================== +try { + $Language = Application::getLanguage(); + $Database = Application::getDatabase(); + + $Database->setAttribute($Database::ATTR_DEFAULT_FETCH_MODE, $Database::FETCH_OBJ); + $Database->setAttribute($Database::ATTR_ERRMODE, $Database::ERRMODE_EXCEPTION); +} + +#=============================================================================== +# CATCH: PDOException +#=============================================================================== +catch(PDOException $Exception) { + http_response_code(503); + exit("PDO database connection error: {$Exception->getMessage()}"); +} + +#=============================================================================== +# Check if "304 Not Modified" and ETag header should be send +#=============================================================================== +if(Application::get('CORE.SEND_304') === TRUE AND !defined('ADMINISTRATION')) { + #=========================================================================== + # Select edit time from last edited items (page, post, user) + #=========================================================================== + $execute = 'SELECT time_update FROM %s ORDER BY time_update DESC LIMIT 1'; + + $PageStatement = $Database->query(sprintf($execute, Page\Attribute::TABLE)); + $PostStatement = $Database->query(sprintf($execute, Post\Attribute::TABLE)); + $UserStatement = $Database->query(sprintf($execute, User\Attribute::TABLE)); + + #=========================================================================== + # Define HTTP ETag header identifier + #=========================================================================== + $HTTP_ETAG_IDENTIFIER = sha1(implode(NULL, [ + serialize(Application::getConfiguration()), + $PageStatement->fetchColumn(), + $PostStatement->fetchColumn(), + $UserStatement->fetchColumn(), + 'CUSTOM-STRING-0123456789' + ])); + + #=========================================================================== + # Send ETag header within the HTTP response + #=========================================================================== + HTTP::responseHeader(HTTP::HEADER_ETAG, "\"{$HTTP_ETAG_IDENTIFIER}\""); + + #=========================================================================== + # Validate ETag header from the HTTP request + #=========================================================================== + if(isset($_SERVER['HTTP_IF_NONE_MATCH'])) { + $HTTP_IF_NONE_MATCH = $_SERVER['HTTP_IF_NONE_MATCH']; + $HTTP_IF_NONE_MATCH = trim($HTTP_IF_NONE_MATCH, '"'); + + # If the server adds the extensions to the response header + $HTTP_IF_NONE_MATCH = rtrim($HTTP_IF_NONE_MATCH, '-br'); + $HTTP_IF_NONE_MATCH = rtrim($HTTP_IF_NONE_MATCH, '-gzip'); + + if($HTTP_IF_NONE_MATCH === $HTTP_ETAG_IDENTIFIER) { + http_response_code(304); + exit(); + } + } +} +?> \ No newline at end of file -- cgit v1.2.3