*/ ini_set('display_errors', '1'); ini_set('display_startup_errors', '1'); error_reporting(E_ALL); if(php_sapi_name() != 'cli-server') { header("Location: doku.php"); exit; } # ROUTER starts below # avoid path traversal $_SERVER['SCRIPT_NAME'] = str_replace('/../', '/', $_SERVER['SCRIPT_NAME']); # routing aka. rewriting if(preg_match('/^\/_media\/(.*)/', $_SERVER['SCRIPT_NAME'], $m)) { # media dispatcher $_GET['media'] = $m[1]; require $_SERVER['DOCUMENT_ROOT'] . '/lib/exe/fetch.php'; } else if(preg_match('/^\/_detail\/(.*)/', $_SERVER['SCRIPT_NAME'], $m)) { # image detail view $_GET['media'] = $m[1]; require $_SERVER['DOCUMENT_ROOT'] . '/lib/exe/detail.php'; } else if(preg_match('/^\/_media\/(.*)/', $_SERVER['SCRIPT_NAME'], $m)) { # exports $_GET['do'] = 'export_' . $m[1]; $_GET['id'] = $m[2]; require $_SERVER['DOCUMENT_ROOT'] . '/doku.php'; } elseif($_SERVER['SCRIPT_NAME'] == '/index.php') { # 404s are automatically mapped to index.php if(isset($_SERVER['PATH_INFO'])) { $_GET['id'] = $_SERVER['PATH_INFO']; } require $_SERVER['DOCUMENT_ROOT'] . '/doku.php'; } else if(file_exists($_SERVER['DOCUMENT_ROOT'] . $_SERVER['SCRIPT_NAME'])) { # existing files # access limitiations if(preg_match('/\/([\._]ht|README$|VERSION$|COPYING$)/', $_SERVER['SCRIPT_NAME']) or preg_match('/^\/(data|conf|bin|inc)\//', $_SERVER['SCRIPT_NAME']) ) { die('Access denied'); } if(substr($_SERVER['SCRIPT_NAME'], -4) == '.php') { # php scripts require $_SERVER['DOCUMENT_ROOT'] . $_SERVER['SCRIPT_NAME']; } else { # static files return false; } } # 404