From 63c0cf521f8097b0dadaf1228176dc38c7d897f6 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Thu, 15 May 2014 18:28:24 +0200 Subject: Working on config.tgz composition through config modules --- index.php | 38 +++++++++++++++++++++----------------- 1 file changed, 21 insertions(+), 17 deletions(-) (limited to 'index.php') diff --git a/index.php b/index.php index d693b9e8..d50d1d71 100644 --- a/index.php +++ b/index.php @@ -2,37 +2,41 @@ error_reporting(E_ALL); -require_once('inc/user.inc.php'); -require_once('inc/render.inc.php'); -require_once('inc/menu.inc.php'); -require_once('inc/util.inc.php'); -require_once('inc/message.inc.php'); -require_once('inc/db.inc.php'); -require_once('inc/permission.inc.php'); -require_once('inc/crypto.inc.php'); -require_once('inc/validator.inc.php'); +// Autoload classes from ./inc which adhere to naming scheme .inc.php +function slxAutoloader($class) { + $file = 'inc/' . preg_replace('/[^a-z0-9]/', '', mb_strtolower($class)) . '.inc.php'; + if (!file_exists($file)) return; + require_once $file; +} + +spl_autoload_register('slxAutoloader'); if (empty($_REQUEST['do'])) { // No specific module - set default - $module = 'main'; + $moduleName = 'main'; } else { - $module = preg_replace('/[^a-z]/', '', $_REQUEST['do']); + $moduleName = preg_replace('/[^a-z]/', '', $_REQUEST['do']); } -$module = 'modules/' . $module . '.inc.php'; +$modulePath = 'modules/' . $moduleName . '.inc.php'; -if (!file_exists($module)) { - Util::traceError('Invalid module: ' . $module); +if (!file_exists($modulePath)) { + Util::traceError('Invalid module: ' . $moduleName); } -// Display any messages +// Deserialize any messages if (isset($_REQUEST['message'])) { Message::fromRequest(); } +// CSRF/XSS +if ($_SERVER['REQUEST_METHOD'] === 'POST' && !Util::verifyToken()) { + Util::redirect('?do=' . $moduleName); +} + // Load module - it will execute pre-processing, or act upon request parameters -require_once($module); -unset($module); +require_once($modulePath); +unset($modulePath); // Main menu $menu = new Menu; -- cgit v1.2.3-55-g7522