/** * Starts the application. * * Starts to process the request. The request will be processed using these * steps: * - If `TI_REQURLKEY` is not defined, this function will call enableWebUI. * This should not happen after the installation succeeded. * - If the request path starts with `TI_ADMIN_PATH` and a matching file in * the `assets` folder exists, it will be served. * - If the request path starts with `TI_ADMIN_PATH`, enableWebUI will be * called in order to provide the administration interface. * - If the requested path is considered equal to the base path of this * application, this function will process the request as specified with * the `home_action` option. * - Finally, this function uses {@link Database\LinksTableAdapter::resolvePath} * to find the target the given path should redirect to. * - If the previous step fails, a 404 error will be issued and a related * page will be shown. */ public static function start() { $currURL = URL::getCurrent(); if (!defined('TI_REQURLKEY')) { $path = isset($_GET['_webuipath']) ? $_GET['_webuipath'] : ''; return self::enableWebUI($path, $_GET); } $router = Router::fromGeneratedURL($currURL, TI_REQURLKEY); $match = $router->match(TI_ADMIN_PATH . '/assets/%%'); if ($match !== false) { $assetdir = realpath(Application::$rootDir . '/assets/'); $filepath = realpath($assetdir . '/' . $match[0]); if ($filepath !== false) { if (strpos($filepath, $assetdir) !== 0) { die('Attack attempt: directory traversal attack'); } if (file_exists($filepath) && is_file($filepath)) { header('Content-Type: ' . MimeContentTypes::getForFile($filepath)); readfile($filepath); exit; } } } $match = $router->match(TI_ADMIN_PATH . '/%%?'); if ($match !== false) { return self::enableWebUI($match[0], $router->getParameters()); } $dbc = self::dbConnection(); $path = implode('/', $router->getPathElements()); if ($path === '') { $opts = $dbc->options()->getOptions(array('home_action', 'home_target')); $target = WebUI\Page::getURL(''); switch ($opts['home_action']) { case 'redirect': $target = URL::parse($opts['home_target'], 'http'); break; } $target->redirectTo(); } else { $link = $dbc->links()->resolvePath($path); if (!$link) { $nfp = WebUI\NotFoundPage::getInstance($path, array()); self::startWebUI($nfp, array()); exit; } header('Location: ' . $link->resolved, 302); } }