public function doGet(WebAppRequest $req, WebAppResponse $res)
{
$resource = substr(\Innomatic\Webapp\WebAppContainer::instance('\\Innomatic\\Webapp\\WebAppContainer')->getCurrentWebApp()->getHome(), 0, -1) . $req->getPathInfo();
// If this is a directory, check that a welcome file exists
if (is_dir($resource)) {
$this->welcomeFiles = \Innomatic\Webapp\WebAppContainer::instance('\\Innomatic\\Webapp\\WebAppContainer')->getCurrentWebApp()->getWelcomeFiles();
$path = $this->getRelativePath($req);
$welcomeFile = $this->findWelcomeFile($path);
if ($welcomeFile != null) {
$resource = $resource . $welcomeFile;
} else {
$res->sendError(WebAppResponse::SC_FORBIDDEN, $req->getRequestURI());
return;
}
}
// Make sure that this path exists on disk
if ($req->getPathInfo() == '/index' or !file_exists($resource . '.php')) {
$res->sendError(WebAppResponse::SC_NOT_FOUND, $req->getRequestURI());
return;
}
// Core directory is private
if (substr($req->getPathInfo(), 0, 6) == '/core/') {
$res->sendError(WebAppResponse::SC_FORBIDDEN, $req->getRequestURI());
return;
}
// Resource must reside inside the webapp
if (\Innomatic\Security\SecurityManager::isAboveBasePath($resource, \Innomatic\Webapp\WebAppContainer::instance('\\Innomatic\\Webapp\\WebAppContainer')->getCurrentWebApp()->getHome())) {
$res->sendError(WebAppResponse::SC_FORBIDDEN, $req->getRequestURI());
return;
}
include $resource . '.php';
}
protected function serveResource(WebAppRequest $request, WebAppResponse $response, $content)
{
//$webAppPath = $request->getUrlPath();
// identify the requested resource path
$path = $this->getRelativePath($request);
$resource = substr(\Innomatic\Webapp\WebAppContainer::instance('\\Innomatic\\Webapp\\WebAppContainer')->getCurrentWebApp()->getHome(), 0, -1) . $path;
// make sure that this path exists on disk
if (!file_exists($resource)) {
$response->sendError(WebAppResponse::SC_NOT_FOUND, $request->getRequestURI());
return;
}
// if this is a directory, first check welcome files...if that fails
// see if we can do a listing
if (is_dir($resource)) {
$welcomeFile = $this->findWelcomeFile($path);
if ($welcomeFile != null) {
$response->sendRedirect($this->getURL($request, $welcomeFile));
$response->flushBuffer();
return;
}
if ($this->listings == 'false') {
$response->sendError(WebAppResponse::SC_FORBIDDEN, $request->getRequestURI());
return;
} else {
if ($content) {
// serve up the directory listing
$response->setContentType('text/html');
echo $this->renderListing($request, $webAppPath, $path, $resource);
return;
}
}
}
if ($content) {
// we are serving up an actual file here, which we know exists
$contentType = \Innomatic\Webapp\WebAppContainer::instance('\\Innomatic\\Webapp\\WebAppContainer')->getCurrentWebApp()->getMimeType($resource);
if (!is_null($contentType)) {
$response->setContentType($contentType);
}
$response->addDateHeader('Last-Modified', filemtime($resource));
readfile($resource);
}
}
