/** * [Load correct controller from sections] * @return [void] */ protected function loadController() { /** * First, if it's an embed HTML request (js, css, others...), * then load directly requested file, not a controller. */ preg_match_all("/\\.[^\\.]*\$/", empty(self::$sections) ? "index.php" : array_reverse(self::$sections)[0], $file_Extention); if (!empty($file_Extention[0]) && !in_array(str_replace(".", "", $file_Extention[0][0]), array('php', 'html', 'phtml', '.locale', '.template'))) { //Logging request self::log(date("Y/m/d-H:i:s") . " - Ressrce request from " . $_SERVER['REMOTE_ADDR'] . " - " . Site::getRequest()); $sections = self::$sections; // UGLY Label ... To improve later with a dedicated recursive function LABEL_loadController_ReduceSectionsByOne: //TODO : PHP<5.3 ? $fileToLoad = HTML_DIR . $GLOBALS['config']['HTML']['template'] . "/"; foreach ($sections as $section) { if (empty($section)) { continue; } if (is_dir($fileToLoad . $section)) { $fileToLoad .= $section . "/"; } elseif (is_file($fileToLoad . $section) && $section == (empty(self::$sections) ? "index.php" : array_reverse(self::$sections)[0])) { $fileToLoad .= $section; break; } } if (file_exists($fileToLoad) && is_file($fileToLoad)) { $contentType = array_pop(explode('.', self::$request)); if (array_key_exists(strtolower($contentType), $GLOBALS['config']['HTML']['filetypes'])) { header("Content-type: " . $GLOBALS['config']['HTML']['filetypes'][strtolower($contentType)]); } else { header("Content-type: " . finfo_file(finfo_open(FILEINFO_MIME_TYPE), $fileToLoad)); } echo file_get_contents($fileToLoad); } elseif (count($sections) > 1) { $sections = array_slice($sections, 1); goto LABEL_loadController_ReduceSectionsByOne; } else { Site::error(Site::HTTP_error, "404", $GLOBALS['config']['errors']['http']['404']); } /** * Second, if the ressource requested isn't an html/css whatsoever file, * load the corresponding PHP controller */ } else { $this->findController(); //Logging request self::log(date("Y/m/d-H:i:s") . " - Primary request from " . $_SERVER['REMOTE_ADDR'] . " - " . Site::getRequest()); if (file_exists(self::$path_to_controller . self::$controller_file_to_load)) { /** * Quick check on controller's syntax. * TODO : manage includes / requires */ $shell = shell_exec(PHP_BINDIR . '/php -l "' . self::$path_to_controller . self::$controller_file_to_load . '"'); $error_msg = preg_replace("/Errors parsing.*\$/", "", $shell, -1, $count); if ($shell === NULL) { Debug::write("PHP binary couldn't be found. Can't check requested controller.", 0); } else { if ($count > 0) { Site::error(Site::app_error, "Syntax error in controller", trim($error_msg)); } } /** * If syntax checks are ok, loads controller */ include self::$path_to_controller . self::$controller_file_to_load; // TODO : check syntax try { $controller = new self::$controller_name_to_load(); // FIXME: PHP<5.3? } catch (PDOException $e) { CoreController::stopCapturing(); Site::error(Site::app_error, "Database error", $GLOBALS['config']['security']['displayExplicitErrors'] === true ? $e->getMessage() : $GLOBALS['config']['errors']['framework']['503']); exit; /* TODO : do not catch general exceptions ? */ } catch (Exception $e) { CoreController::stopCapturing(); Site::error(Site::site_error, "Exception thrown in loaded controller", $GLOBALS['config']['security']['displayExplicitErrors'] === true ? $e->getMessage() : $GLOBALS['config']['errors']['framework']['502']); exit; } if (method_exists($controller, 'displayView')) { $controller->displayView(); } } else { $this->error(Site::app_error, "501", $GLOBALS['config']['errors']['framework']['501'] . " " . self::$controller_name_to_load); } } }
*/ if (isset($GLOBALS['config']['DEBUG']['enabled']) && $GLOBALS['config']['DEBUG']['enabled'] == true) { Debug::build(); } /** * Security checks * Keep in mind it just does a BASIC check on world-permission on files/folders under DOCUMENT_ROOT ; and a quick check on php.ini */ if ($GLOBALS['config']['security']['skipLocalChecks'] === false) { //Setup CoreController::startCapturing(); $successful_Check = true; /** * php.ini config */ echo "<u>Checking php.ini file ...</u><br />"; php_iniChecks(); echo "******************<br />"; /** * File rights */ echo "<u>Checking file permissions ...</u><br />"; localSecurityChecks(ROOT_DIR); // Can be found in FUNCTIONS_DIR . security.php //Cleaning $output = CoreController::stopCapturing(); if ($GLOBALS["successful_Check"] === false) { Site::error(Site::app_error, "Some misconfiguration were detected. <br />Please fix them in order to run this framework safely", $output); } unset($successful_Check, $checks); }