2024-06-27 19:28:34 +00:00
|
|
|
<?php
|
2024-06-27 21:30:56 +00:00
|
|
|
|
2024-06-28 21:41:25 +00:00
|
|
|
$DOC_ROOT = $_SERVER['DOCUMENT_ROOT'];
|
|
|
|
|
2024-07-03 13:20:39 +00:00
|
|
|
require_once $DOC_ROOT . '/vendor/autoload.php';
|
2024-07-27 12:07:27 +00:00
|
|
|
use Intervention\Image\ImageManager;
|
2024-07-03 13:20:39 +00:00
|
|
|
|
2024-06-27 21:30:56 +00:00
|
|
|
// Includes
|
|
|
|
try {
|
2024-06-28 21:41:25 +00:00
|
|
|
require_once "config.php";
|
2024-06-27 21:30:56 +00:00
|
|
|
} catch (Error $e) {
|
|
|
|
echo "<b>Critical error:</b> " . $e->getMessage() . "<br />This isn't your fault. Please contact the developers.";
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
2024-06-28 18:28:28 +00:00
|
|
|
// Connect to database
|
|
|
|
try {
|
|
|
|
$pdo = new PDO(DB_DSN, DB_USERNAME, DB_PASSWORD, PDO_OPTIONS);
|
|
|
|
} catch (PDOException $e) {
|
2024-07-03 13:20:39 +00:00
|
|
|
echo "<b>Critical error:</b> " . $e->getMessage() . "<br />Please contact the developers.";
|
2024-06-28 18:28:28 +00:00
|
|
|
}
|
2024-06-27 21:30:56 +00:00
|
|
|
|
2024-07-27 12:07:27 +00:00
|
|
|
$bunny_client = new \Bunny\Storage\Client(BUNNY_ACCESS_KEY, BUNNY_STORAGE_ZONE, \Bunny\Storage\Region::STOCKHOLM);
|
|
|
|
|
2024-07-03 13:20:39 +00:00
|
|
|
require_once 'strings/en.php'; // This ensures strings will fall back to English if one is missing.
|
2024-06-28 21:41:25 +00:00
|
|
|
|
|
|
|
require_once 'common/strings.php';
|
2024-07-27 12:07:27 +00:00
|
|
|
require_once 'common/validation.php';
|
2024-06-28 21:41:25 +00:00
|
|
|
require_once 'common/database.php';
|
2024-07-27 12:07:27 +00:00
|
|
|
require_once 'common/account_utils.php';
|
2024-10-29 17:59:36 +00:00
|
|
|
require_once 'common/app_utils.php';
|
2024-07-27 12:07:27 +00:00
|
|
|
require_once 'common/files.php';
|
|
|
|
require_once 'common/misc.php';
|
|
|
|
|
|
|
|
$flash = [];
|
2024-06-28 21:41:25 +00:00
|
|
|
|
2024-06-27 21:30:56 +00:00
|
|
|
// Starts the session
|
2024-06-28 21:41:25 +00:00
|
|
|
// TODO: write this to use the database to work across more than one server (e.g. don't use PHP sessions)
|
2024-06-27 21:30:56 +00:00
|
|
|
session_start();
|
|
|
|
|
2024-07-05 11:04:25 +00:00
|
|
|
if (empty($_SESSION)) {
|
|
|
|
$_SESSION['auth'] = false;
|
|
|
|
$_SESSION['id'] = null;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!isset($_SESSION['lang'])) {
|
|
|
|
$_SESSION['lang'] = get_language_code_based_on_browser_locale();
|
|
|
|
}
|
|
|
|
|
2024-06-28 21:41:25 +00:00
|
|
|
$user = null;
|
|
|
|
|
|
|
|
if ($_SESSION['auth']) {
|
|
|
|
$user = get_user_by_id($_SESSION['id']);
|
2024-07-27 12:07:27 +00:00
|
|
|
$_SESSION['lang'] = $user['language'];
|
2024-06-28 21:41:25 +00:00
|
|
|
}
|
2024-06-27 21:30:56 +00:00
|
|
|
|
|
|
|
$uri_string = $_SERVER['REQUEST_URI']; // `/foo/bar?bar=foo&foo=bar`
|
|
|
|
$uri_explode = explode('?', $uri_string);
|
2024-06-28 21:41:25 +00:00
|
|
|
$path_raw = $uri_explode[0]; // `/foo/bar`
|
|
|
|
$path = explode('/', $path_raw);
|
2024-06-27 21:30:56 +00:00
|
|
|
|
2024-06-29 21:52:46 +00:00
|
|
|
if(isset($uri_explode[1])) {
|
|
|
|
$uri_string = $uri_explode[0];
|
|
|
|
$uri_explode = explode('&', $uri_explode[1]);
|
|
|
|
$query = array();
|
|
|
|
foreach($uri_explode as $string) {
|
|
|
|
$bits = explode('=', $string);
|
|
|
|
$query[$bits[0]] = $bits[1];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$query = array();
|
|
|
|
}
|
|
|
|
|
2024-06-27 21:30:56 +00:00
|
|
|
// Remove trailing slashes
|
2024-06-28 21:41:25 +00:00
|
|
|
if (str_ends_with($path_raw, '/') && $path_raw != '/') {
|
2024-06-27 21:30:56 +00:00
|
|
|
http_response_code(308);
|
2024-06-28 21:41:25 +00:00
|
|
|
header('Location: '.substr($path_raw,0, -1));
|
2024-06-27 21:30:56 +00:00
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
2024-07-05 11:04:25 +00:00
|
|
|
// If there's a 'lang' query param, change the language!
|
|
|
|
if (array_key_exists('lang', $query)) {
|
|
|
|
$_SESSION['lang'] = $query['lang'];
|
2024-07-27 12:07:27 +00:00
|
|
|
location($path_raw);
|
2024-07-05 11:04:25 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
patch_lang($_SESSION['lang']);
|
|
|
|
|
|
|
|
|
2024-06-27 21:30:56 +00:00
|
|
|
$routes = [
|
2024-10-29 17:59:36 +00:00
|
|
|
'' => function () { global $user; require 'views/home.php'; },
|
2024-07-27 12:07:27 +00:00
|
|
|
'admin' => function () {
|
2024-10-29 17:59:36 +00:00
|
|
|
global $path, $query, $DOC_ROOT, $flash, $user;
|
2024-07-27 12:07:27 +00:00
|
|
|
|
|
|
|
requires_auth();
|
|
|
|
requires_admin();
|
|
|
|
|
2024-10-29 17:59:36 +00:00
|
|
|
if (key_exists(2, $path)) {
|
|
|
|
switch ($path[2]) {
|
|
|
|
default: return 404;
|
|
|
|
case 'files':
|
|
|
|
require 'views/admin/files.php';
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
require 'views/admin/dashboard.php';
|
2024-07-27 12:07:27 +00:00
|
|
|
}
|
|
|
|
},
|
2024-07-03 13:20:39 +00:00
|
|
|
'api' => function () {
|
2024-10-29 17:59:36 +00:00
|
|
|
global $path, $query, $user;
|
2024-07-03 13:20:39 +00:00
|
|
|
|
|
|
|
unset($path[1]);
|
|
|
|
$path = array_values($path);
|
|
|
|
|
|
|
|
require 'api.php'; /* Handoff further routing to API script. */
|
|
|
|
},
|
2024-06-28 21:50:21 +00:00
|
|
|
'auth' => function () {
|
2024-10-29 17:59:36 +00:00
|
|
|
global $path, $query, $flash, $user;
|
2024-07-27 12:07:27 +00:00
|
|
|
|
|
|
|
switch ($path[2]) {
|
|
|
|
case 'signout':
|
|
|
|
require 'views/signedout.php';
|
|
|
|
break;
|
|
|
|
case 'signup':
|
|
|
|
require 'views/signup.php';
|
|
|
|
break;
|
|
|
|
case 'login':
|
|
|
|
require 'views/login.php';
|
|
|
|
break;
|
2024-10-29 17:59:36 +00:00
|
|
|
case 'oauth':
|
|
|
|
require 'views/oauth_login.php';
|
|
|
|
break;
|
2024-07-27 12:07:27 +00:00
|
|
|
default:
|
|
|
|
return 404;
|
2024-06-28 21:50:21 +00:00
|
|
|
}
|
2024-07-01 21:15:51 +00:00
|
|
|
exit();
|
2024-06-28 21:50:21 +00:00
|
|
|
},
|
2024-07-05 11:04:25 +00:00
|
|
|
'dashboard' => function () {
|
|
|
|
global $user;
|
|
|
|
requires_auth();
|
|
|
|
|
|
|
|
if (isset($path[2])) {
|
|
|
|
return 404;
|
|
|
|
}
|
|
|
|
|
|
|
|
require 'views/dashboard.php';
|
|
|
|
return 200;
|
|
|
|
},
|
2024-06-28 21:41:25 +00:00
|
|
|
'profile' => function () {
|
|
|
|
global $path, $user, $profile_owner; // don't forget this lol
|
2024-06-27 21:30:56 +00:00
|
|
|
|
2024-06-28 21:41:25 +00:00
|
|
|
if (isset($path[2])) {
|
2024-07-03 13:20:39 +00:00
|
|
|
if (isset($path[3])) {
|
|
|
|
return 404;
|
|
|
|
}
|
2024-07-27 12:07:27 +00:00
|
|
|
|
|
|
|
if ($path[2] == 'edit') {
|
|
|
|
requires_auth();
|
|
|
|
require 'views/profile_edit.php';
|
|
|
|
return 200;
|
|
|
|
}
|
|
|
|
|
2024-06-28 21:41:25 +00:00
|
|
|
$profile_owner = $path[2];
|
|
|
|
$profile_owner = get_user_by_id($profile_owner);
|
|
|
|
} else {
|
|
|
|
$profile_owner = $user;
|
|
|
|
}
|
|
|
|
|
|
|
|
require 'views/profile.php';
|
2024-07-03 13:20:39 +00:00
|
|
|
return 200;
|
2024-06-28 21:41:25 +00:00
|
|
|
},
|
2024-07-05 11:04:25 +00:00
|
|
|
'settings' => function () {
|
2024-10-29 17:59:36 +00:00
|
|
|
global $path, $flash, $user, $query;
|
2024-07-27 12:07:27 +00:00
|
|
|
if (isset($path[2])) {
|
|
|
|
switch ($path[2]) {
|
|
|
|
default: return 404;
|
|
|
|
case 'security':
|
|
|
|
require 'views/settings_security.php';
|
|
|
|
break;
|
|
|
|
case 'region':
|
|
|
|
require 'views/settings_region.php';
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
require 'views/settings.php';
|
|
|
|
}
|
2024-07-03 13:20:39 +00:00
|
|
|
}
|
2024-06-28 21:41:25 +00:00
|
|
|
];
|
2024-06-27 21:30:56 +00:00
|
|
|
|
2024-06-28 21:41:25 +00:00
|
|
|
if (array_key_exists($path[1], $routes)) {
|
|
|
|
$res = $routes[$path[1]]();
|
2024-06-27 21:30:56 +00:00
|
|
|
if ($res == 404) {
|
|
|
|
require "views/404.php";
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
require "views/404.php";
|
|
|
|
}
|
|
|
|
|