Commit | Line | Data |
---|---|---|
b62f8858 | 1 | <?php |
2 | /*************************************************************************** | |
179afa7f | 3 | * Copyright (C) 2003-2008 Polytechnique.org * |
b62f8858 | 4 | * http://opensource.polytechnique.org/ * |
5 | * * | |
6 | * This program is free software; you can redistribute it and/or modify * | |
7 | * it under the terms of the GNU General Public License as published by * | |
8 | * the Free Software Foundation; either version 2 of the License, or * | |
9 | * (at your option) any later version. * | |
10 | * * | |
11 | * This program is distributed in the hope that it will be useful, * | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of * | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * | |
14 | * GNU General Public License for more details. * | |
15 | * * | |
16 | * You should have received a copy of the GNU General Public License * | |
17 | * along with this program; if not, write to the Free Software * | |
18 | * Foundation, Inc., * | |
19 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * | |
20 | ***************************************************************************/ | |
21 | ||
a0f05027 | 22 | define('PL_DO_AUTH', 300); |
b62f8858 | 23 | define('PL_FORBIDDEN', 403); |
24 | define('PL_NOT_FOUND', 404); | |
25 | ||
26 | class Platal | |
27 | { | |
2b1ee50b | 28 | private $__mods; |
29 | private $__hooks; | |
b62f8858 | 30 | |
8fc4efa3 | 31 | protected $https; |
32 | ||
2b1ee50b | 33 | public $ns; |
34 | public $path; | |
35 | public $argv; | |
b62f8858 | 36 | |
abde67b1 FB |
37 | static private $_page = null; |
38 | ||
2b1ee50b | 39 | public function __construct() |
b62f8858 | 40 | { |
c0799142 | 41 | global $platal, $session, $globals; |
abde67b1 FB |
42 | $platal =& $this; |
43 | $globalclass = PL_GLOBALS_CLASS; | |
44 | $globals = new $globalclass(); | |
45 | $sessionclass = PL_SESSION_CLASS; | |
46 | $session = new $sessionclass(); | |
c0799142 FB |
47 | if (!$session->startAvailableAuth()) { |
48 | Platal::page()->trigError('Données d\'authentification invalide.'); | |
49 | } | |
abde67b1 | 50 | |
e77c7ea2 | 51 | $modules = func_get_args(); |
2b1ee50b | 52 | if (is_array($modules[0])) { |
53 | $modules = $modules[0]; | |
54 | } | |
27472b85 | 55 | $this->path = trim(Get::_get('n', null), '/'); |
b62f8858 | 56 | |
57 | $this->__mods = array(); | |
58 | $this->__hooks = array(); | |
b62f8858 | 59 | |
5de0b7e1 | 60 | array_unshift($modules, 'core'); |
e77c7ea2 | 61 | foreach ($modules as $module) { |
a18afbdc | 62 | $module = strtolower($module); |
c807f50d | 63 | $this->__mods[$module] = $m = PLModule::factory($module); |
b62f8858 | 64 | $this->__hooks += $m->handlers(); |
b62f8858 | 65 | } |
fe556813 | 66 | |
fe556813 FB |
67 | if ($globals->mode == '') { |
68 | pl_redirect('index.html'); | |
69 | } | |
b62f8858 | 70 | } |
71 | ||
2b1ee50b | 72 | public function pl_self($n = null) |
d1ebc57a | 73 | { |
74 | if (is_null($n)) | |
75 | return $this->path; | |
76 | ||
77 | if ($n >= 0) | |
78 | return join('/', array_slice($this->argv, 0, $n + 1)); | |
79 | ||
80 | if ($n <= -count($this->argv)) | |
81 | return $this->argv[0]; | |
82 | ||
83 | return join('/', array_slice($this->argv, 0, $n)); | |
84 | } | |
85 | ||
2b1ee50b | 86 | protected function find_hook() |
b62f8858 | 87 | { |
88 | $p = $this->path; | |
89 | ||
4a5fb34b | 90 | while ($p) { |
b62f8858 | 91 | if (array_key_exists($p, $this->__hooks)) |
92 | break; | |
93 | ||
94 | $p = substr($p, 0, strrpos($p, '/')); | |
95 | } | |
7c6e0aff | 96 | |
b62f8858 | 97 | if (empty($this->__hooks[$p])) { |
7c6e0aff | 98 | return null; |
b62f8858 | 99 | } |
100 | ||
15a094c0 | 101 | $hook = $this->__hooks[$p]; |
102 | ||
103 | if (!is_callable($hook['hook'])) { | |
7c6e0aff | 104 | return null; |
105 | } | |
106 | ||
8fc4efa3 | 107 | $this->https = ($hook['type'] & NO_HTTPS) ? false : true; |
7c6e0aff | 108 | $this->argv = explode('/', substr($this->path, strlen($p))); |
109 | $this->argv[0] = $p; | |
110 | ||
111 | return $hook; | |
112 | } | |
113 | ||
2b1ee50b | 114 | protected function find_nearest_key($key, array &$array) |
409de7a7 | 115 | { |
0d602b8f | 116 | $keys = array_keys($array); |
409de7a7 | 117 | if (in_array($key, $keys)) { |
118 | return $key; | |
119 | } | |
0d602b8f | 120 | |
338a5934 | 121 | if (($pos = strpos($key, '.php')) !== false) { |
122 | $key = substr($key, 0, $pos); | |
123 | } | |
124 | ||
0d602b8f | 125 | $has_end = in_array("#final#", $keys); |
126 | if (strlen($key) > 24 && $has_end) { | |
127 | return "#final#"; | |
128 | } | |
129 | ||
409de7a7 | 130 | foreach ($keys as $k) { |
0d602b8f | 131 | if ($k == "#final#") { |
132 | continue; | |
133 | } | |
951db8e3 | 134 | $lev = levenshtein($key, $k); |
a1b4fd8a | 135 | |
6d407683 FB |
136 | if ((!isset($val) || $lev < $val) |
137 | && ($lev <= strlen($k)/2 || strpos($k, $key) !== false || strpos($key, $k) !== false)) { | |
951db8e3 | 138 | $val = $lev; |
139 | $best = $k; | |
409de7a7 | 140 | } |
141 | } | |
0d602b8f | 142 | if (!isset($best) && $has_end) { |
409de7a7 | 143 | return "#final#"; |
a1b4fd8a | 144 | } else if (isset($best)) { |
951db8e3 | 145 | return $best; |
409de7a7 | 146 | } |
147 | return null; | |
148 | } | |
149 | ||
02838718 | 150 | public function near_hook() |
409de7a7 | 151 | { |
152 | $hooks = array(); | |
6d407683 | 153 | $leafs = array(); |
409de7a7 | 154 | foreach ($this->__hooks as $hook=>$handler) { |
a1b4fd8a | 155 | if (!$this->check_perms($handler['perms'])) { |
0d602b8f | 156 | continue; |
157 | } | |
409de7a7 | 158 | $parts = split('/', $hook); |
159 | $place =& $hooks; | |
160 | foreach ($parts as $part) { | |
161 | if (!isset($place[$part])) { | |
162 | $place[$part] = array(); | |
163 | } | |
eaf30d86 | 164 | $place =& $place[$part]; |
409de7a7 | 165 | } |
6d407683 FB |
166 | $leaf = $parts[count($parts)-1]; |
167 | if (!isset($leafs[$leaf])) { | |
168 | $leafs[$leaf] = $hook; | |
169 | } else if (is_array($leafs[$leaf])) { | |
170 | $leafs[$leaf][] = $hook; | |
171 | } else { | |
172 | $leafs[$leaf] = array($hook, $leafs[$leaf]); | |
173 | } | |
409de7a7 | 174 | $place["#final#"] = array(); |
175 | } | |
176 | ||
6d407683 | 177 | // search for the nearest full path |
409de7a7 | 178 | $p = split('/', $this->path); |
179 | $place =& $hooks; | |
180 | $link = ''; | |
409de7a7 | 181 | foreach ($p as $k) { |
0d602b8f | 182 | if (!isset($ended)) { |
409de7a7 | 183 | $key = $this->find_nearest_key($k, $place); |
6b8d257b | 184 | } else { |
185 | $key = $k; | |
409de7a7 | 186 | } |
6b8d257b | 187 | if ($key == "#final#") { |
6b8d257b | 188 | if (!array_key_exists($link, $this->__hooks)) { |
6d407683 FB |
189 | $link = ''; |
190 | break; | |
6b8d257b | 191 | } |
0d602b8f | 192 | $key = $k; |
193 | $ended = true; | |
409de7a7 | 194 | } |
195 | if (!is_null($key)) { | |
196 | if (!empty($link)) { | |
197 | $link .= '/'; | |
198 | } | |
199 | $link .= $key; | |
200 | $place =& $place[$key]; | |
201 | } else { | |
6d407683 FB |
202 | $link = ''; |
203 | break; | |
409de7a7 | 204 | } |
205 | } | |
6d407683 FB |
206 | if ($link == $this->path) { |
207 | $link = ''; | |
208 | } | |
209 | if ($link && levenshtein($link, $this->path) < strlen($link)/3) { | |
338a5934 | 210 | return $link; |
211 | } | |
6d407683 FB |
212 | |
213 | // search for missing namespace (the given name is a leaf) | |
214 | $leaf = array_shift($p); | |
215 | $args = count($p) ? '/' . implode('/', $p) : ''; | |
216 | if (isset($leafs[$leaf]) && !is_array($leafs[$leaf]) && $leafs[$leaf] != $this->path) { | |
217 | return $leafs[$leaf] . $args; | |
218 | } | |
219 | unset($val); | |
220 | $best = null; | |
221 | foreach ($leafs as $k=>&$path) { | |
222 | if (is_array($path)) { | |
223 | continue; | |
224 | } | |
225 | $lev = levenshtein($leaf, $k); | |
226 | ||
227 | if ((!isset($val) || $lev < $val) | |
228 | && ($lev <= strlen($k)/2 || strpos($k, $leaf) !== false || strpos($leaf, $k) !== false)) { | |
229 | $val = $lev; | |
230 | $best = $path; | |
231 | } | |
232 | } | |
233 | return $best == null ? ( $link ? $link : null ) : $best . $args; | |
409de7a7 | 234 | } |
235 | ||
bf517daf | 236 | protected function check_perms($perms) |
237 | { | |
238 | if (!$perms) { // No perms, no check | |
239 | return true; | |
240 | } | |
241 | $s_perms = S::v('perms'); | |
aa5836d7 | 242 | return $s_perms->hasFlagCombination($perms); |
bf517daf | 243 | } |
244 | ||
04334c61 | 245 | private function call_hook(PlPage &$page) |
7c6e0aff | 246 | { |
247 | $hook = $this->find_hook(); | |
409de7a7 | 248 | if (empty($hook)) { |
15a094c0 | 249 | return PL_NOT_FOUND; |
250 | } | |
abde67b1 | 251 | global $globals, $session; |
8fc4efa3 | 252 | if ($this->https && !$_SERVER['HTTPS'] && $globals->core->secure_domain) { |
253 | http_redirect('https://' . $globals->core->secure_domain . $_SERVER['REQUEST_URI']); | |
254 | } | |
15a094c0 | 255 | |
ef42a9d6 | 256 | $args = $this->argv; |
257 | $args[0] =& $page; | |
b62f8858 | 258 | |
cab08090 | 259 | if ($hook['auth'] > S::v('auth', AUTH_PUBLIC)) { |
8fc4efa3 | 260 | if ($hook['type'] & DO_AUTH) { |
c0799142 | 261 | if (!$session->start($hook['auth'])) { |
94c63478 | 262 | $this->force_login($page); |
263 | } | |
264 | } else { | |
265 | return PL_FORBIDDEN; | |
63528107 | 266 | } |
b62f8858 | 267 | } |
bf517daf | 268 | if ($hook['auth'] != AUTH_PUBLIC && !$this->check_perms($hook['perms'])) { |
5777e7fc | 269 | return PL_FORBIDDEN; |
270 | } | |
271 | ||
a0f05027 | 272 | $val = call_user_func_array($hook['hook'], $args); |
a96c675c | 273 | if ($val == PL_DO_AUTH) { |
a0f05027 | 274 | // The handler need a better auth with the current args |
c0799142 | 275 | if (!$session->start($hook['auth'])) { |
a0f05027 | 276 | $this->force_login($page); |
277 | } | |
278 | $val = call_user_func_array($hook['hook'], $args); | |
279 | } | |
280 | return $val; | |
b62f8858 | 281 | } |
282 | ||
04334c61 | 283 | public function force_login(PlPage &$page) |
63528107 | 284 | { |
c3063cd3 | 285 | header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden'); |
aa5f19ae | 286 | if (S::logged()) { |
8b1f8e12 | 287 | $page->changeTpl('core/password_prompt_logged.tpl'); |
c99ef281 | 288 | $page->addJsLink('do_challenge_response_logged.js'); |
63528107 | 289 | } else { |
8b1f8e12 | 290 | $page->changeTpl('core/password_prompt.tpl'); |
c99ef281 | 291 | $page->addJsLink('do_challenge_response.js'); |
1f6a041e | 292 | } |
293 | $page->assign('platal', $this); | |
63528107 | 294 | $page->run(); |
295 | } | |
296 | ||
2b1ee50b | 297 | public function run() |
b62f8858 | 298 | { |
abde67b1 | 299 | $page =& self::page(); |
b62f8858 | 300 | |
301 | if (empty($this->path)) { | |
c9178c75 | 302 | $this->path = 'index'; |
303 | } | |
304 | ||
e979cd2b | 305 | $page->assign('platal', $this); |
b62f8858 | 306 | switch ($this->call_hook($page)) { |
307 | case PL_FORBIDDEN: | |
308 | $this->__mods['core']->handler_403($page); | |
309 | break; | |
310 | ||
311 | case PL_NOT_FOUND: | |
312 | $this->__mods['core']->handler_404($page); | |
313 | break; | |
314 | } | |
e979cd2b | 315 | |
316 | $page->assign('platal', $this); | |
b62f8858 | 317 | $page->run(); |
318 | } | |
8d8f7607 | 319 | |
fbc210fa | 320 | public function on_subscribe($forlife, $uid, $promo, $pass) |
8d8f7607 | 321 | { |
322 | $args = func_get_args(); | |
323 | foreach ($this->__mods as $mod) { | |
324 | if (!is_callable($mod, 'on_subscribe')) | |
325 | continue; | |
326 | call_user_func_array(array($mod, 'on_subscribe'), $args); | |
327 | } | |
328 | } | |
abde67b1 FB |
329 | |
330 | static public function &page() | |
331 | { | |
332 | global $platal, $page; | |
333 | if (is_null(self::$_page)) { | |
334 | $pageclass = PL_PAGE_CLASS; | |
335 | $page = new $pageclass(); | |
336 | self::$_page =& $page; | |
337 | } | |
338 | return self::$_page; | |
339 | } | |
47fa97fe FB |
340 | |
341 | static public function &session() | |
342 | { | |
343 | global $session; | |
344 | return $session; | |
345 | } | |
346 | ||
347 | static public function &globals() | |
348 | { | |
349 | global $globals; | |
350 | return $globals; | |
351 | } | |
b62f8858 | 352 | } |
353 | ||
a7de4ef7 | 354 | // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: |
b62f8858 | 355 | ?> |