.inc.php spl_autoload_register(function ($class) { $file = 'inc/' . preg_replace('/[^a-z0-9]/', '', mb_strtolower($class)) . '.inc.php'; if (!file_exists($file)) return; require_once $file; }); if (($_GET['do'] ?? '') === '_https_magic') { Header('Access-Control-Allow-Origin: *'); Header('Content-Type: application/json'); $ut = floor(Util::osUptime() / 3); $str = Property::getServerIp() . serialize(Property::getVmStoreConfig()); die(json_encode([ 'a' => md5($ut . $str), 'b' => md5(($ut - 1) . $str), ])); } /** * Page class which all module's pages must be extending from */ abstract class Page { protected function doPreprocess() { } protected function doRender() { } protected function doAjax() { } public static function preprocess() { self::$instance->doPreprocess(); } public static function render() { $pageTitle = self::$module->getPageTitle(); if (!empty($pageTitle)) { Render::setTitle($pageTitle, false); } self::$instance->doRender(); } public static function ajax() { self::$instance->doAjax(); } public static function getModule() { return self::$module; } /** * @var \Page */ private static $instance = false; /** * @var \Module */ private static $module = false; public static function init() { $name = empty($_REQUEST['do']) ? 'Main' : $_REQUEST['do']; $name = preg_replace('/[^A-Za-z0-9_]/', '', $name); $name = strtolower($name); Module::init(); self::$module = Module::get($name); if (self::$module === false) { ErrorHandler::traceError('Invalid Module: ' . $name); } self::$module->activate(null, null); self::$instance = self::$module->newPage(); } } if (defined('CONFIG_DEBUG') && CONFIG_DEBUG) { set_error_handler(function ($errno, $errstr, $errfile, $errline) { if (preg_match('/^\[skip:\s*(\d+)\]\s*(.*)/is', $errstr, $out)) { $errstr = $out[2]; $trace = debug_backtrace(); $idx = (int)$out[1] + 1; if (count($trace) > $idx) { $errfile = $trace[$idx]['file']; $errline = $trace[$idx]['line']; } } global $SLX_ERRORS; $SLX_ERRORS[] = array( 'errno' => $errno, 'errstr' => $errstr, 'errfile' => $errfile, 'errline' => $errline, //'stack' => debug_backtrace(), // TODO ); return false; // Return false so the default error handler will kick in after this }); } // Set HSTS Header if client is using HTTPS if(!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') { if (Property::get('webinterface.https-hsts', 'False') !== 'True') { Header('Strict-Transport-Security: max-age=0', true); } else { Header('Strict-Transport-Security: max-age=15768000', true); } } Header('Expires: Wed, 29 Mar 2007 09:56:28 GMT'); Header("Cache-Control: max-age=0"); // Now determine which module to run Page::init(); // Deserialize any messages to display if (!AJAX && isset($_REQUEST['message'])) { Message::fromRequest(); } // CSRF/XSS check if ($_SERVER['REQUEST_METHOD'] === 'POST') { User::load(); if (!Util::verifyToken()) { if (AJAX) { die('CSRF/XSS? Missing token in POST request!'); } Util::redirect('?do=Main'); } } // AJAX Stuff? Just do so. Otherwise, run preprocessing if (AJAX) { ob_start('ob_gzhandler'); Page::ajax(); exit(0); } // Normal mode - preprocess first.... Page::preprocess(); // Render queued up messages at the top Message::renderList(); // Render page. If the module wants to output anything, it will be done here... Page::render(); // We're still executing - generate Main menu Dashboard::createMenu(); if (defined('CONFIG_DEBUG') && CONFIG_DEBUG) { if (empty($SLX_ERRORS)) { Message::addWarning('main.debug-mode'); } else { /** * Map an error code into an Error word. * * @param int $code Error code to map * @return string Readable error type */ function mapErrorCode(int $code): string { switch ($code) { case E_PARSE: case E_ERROR: case E_CORE_ERROR: case E_COMPILE_ERROR: case E_USER_ERROR: return 'Fatal Error'; case E_WARNING: case E_USER_WARNING: case E_COMPILE_WARNING: case E_RECOVERABLE_ERROR: return 'Warning'; case E_NOTICE: case E_USER_NOTICE: return 'Notice'; case E_STRICT: return 'Strict'; case E_DEPRECATED: case E_USER_DEPRECATED: return 'Deprecated'; default : return '??Error'; } } $dir = preg_quote(dirname(__FILE__), '#'); foreach ($SLX_ERRORS as &$err) { $err['errlevel'] = mapErrorCode($err['errno']); $err['errfile'] = preg_replace('#^' . $dir . '#', '', $err['errfile']); } unset($err, $dir); Render::addTemplate('php-errors', array('errors' => $SLX_ERRORS), 'main'); } } if (defined('CONFIG_FOOTER')) { Render::addTemplate('footer', array('text' => CONFIG_FOOTER), 'main'); } if (CONFIG_DEBUG) { $duration = microtime(true) - $global_start; Render::addTemplate('footer', array('text' => round($duration, 3) . 's, ' . Database::getQueryCount() . ' queries, ' . round(Database::getQueryTime(), 3) . 's query time total' ), 'main'); } // Redirect if not accessed via proper domain if ($_SERVER['REQUEST_METHOD'] === 'GET' && ($host = Util::shouldRedirectDomain()) !== null) { Render::addTemplate('domain-redirect-check', [ 'magic' => md5((string)floor(Util::osUptime() / 3) . Property::getServerIp() . serialize(Property::getVmStoreConfig())), 'host' => $host, ], 'main'); } // Send page to client. Render::output();