115fae107Sandi<?php 215fae107Sandi/** 3*7aaab109SAndreas Gohr * Forwarder/Router to doku.php 4*7aaab109SAndreas Gohr * 5*7aaab109SAndreas Gohr * In normal usage, this script simply redirects to doku.php. However it can also be used as a routing 6*7aaab109SAndreas Gohr * script with PHP's builtin webserver. It takes care of .htaccess compatible rewriting, directory/file 7*7aaab109SAndreas Gohr * access permission checking and passing on static files. 8*7aaab109SAndreas Gohr * 9*7aaab109SAndreas Gohr * Usage example: 10*7aaab109SAndreas Gohr * 11*7aaab109SAndreas Gohr * php -S localhost:8000 index.php 1215fae107Sandi * 1315fae107Sandi * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 1415fae107Sandi * @author Andreas Gohr <andi@splitbrain.org> 1515fae107Sandi */ 16*7aaab109SAndreas Gohrif(php_sapi_name() != 'cli-server') { 17f3f0262cSandi header("Location: doku.php"); 18*7aaab109SAndreas Gohr exit; 19*7aaab109SAndreas Gohr} 20*7aaab109SAndreas Gohr 21*7aaab109SAndreas Gohr# ROUTER starts below 22*7aaab109SAndreas Gohr 23*7aaab109SAndreas Gohr# avoid path traversal 24*7aaab109SAndreas Gohr$_SERVER['SCRIPT_NAME'] = str_replace('/../', '/', $_SERVER['SCRIPT_NAME']); 25*7aaab109SAndreas Gohr 26*7aaab109SAndreas Gohr# routing aka. rewriting 27*7aaab109SAndreas Gohrif(preg_match('/^\/_media\/(.*)/', $_SERVER['SCRIPT_NAME'], $m)) { 28*7aaab109SAndreas Gohr # media dispatcher 29*7aaab109SAndreas Gohr $_GET['media'] = $m[1]; 30*7aaab109SAndreas Gohr require $_SERVER['DOCUMENT_ROOT'] . '/lib/exe/fetch.php'; 31*7aaab109SAndreas Gohr 32*7aaab109SAndreas Gohr} else if(preg_match('/^\/_detail\/(.*)/', $_SERVER['SCRIPT_NAME'], $m)) { 33*7aaab109SAndreas Gohr # image detail view 34*7aaab109SAndreas Gohr $_GET['media'] = $m[1]; 35*7aaab109SAndreas Gohr require $_SERVER['DOCUMENT_ROOT'] . '/lib/exe/detail.php'; 36*7aaab109SAndreas Gohr 37*7aaab109SAndreas Gohr} else if(preg_match('/^\/_media\/(.*)/', $_SERVER['SCRIPT_NAME'], $m)) { 38*7aaab109SAndreas Gohr # exports 39*7aaab109SAndreas Gohr $_GET['do'] = 'export_' . $m[1]; 40*7aaab109SAndreas Gohr $_GET['id'] = $m[2]; 41*7aaab109SAndreas Gohr require $_SERVER['DOCUMENT_ROOT'] . '/doku.php'; 42*7aaab109SAndreas Gohr 43*7aaab109SAndreas Gohr} elseif($_SERVER['SCRIPT_NAME'] == '/index.php') { 44*7aaab109SAndreas Gohr # 404s are automatically mapped to index.php 45*7aaab109SAndreas Gohr if(isset($_SERVER['PATH_INFO'])) { 46*7aaab109SAndreas Gohr $_GET['id'] = $_SERVER['PATH_INFO']; 47*7aaab109SAndreas Gohr } 48*7aaab109SAndreas Gohr require $_SERVER['DOCUMENT_ROOT'] . '/doku.php'; 49*7aaab109SAndreas Gohr 50*7aaab109SAndreas Gohr} else if(file_exists($_SERVER['DOCUMENT_ROOT'] . $_SERVER['SCRIPT_NAME'])) { 51*7aaab109SAndreas Gohr # existing files 52*7aaab109SAndreas Gohr 53*7aaab109SAndreas Gohr # access limitiations 54*7aaab109SAndreas Gohr if(preg_match('/\/([\._]ht|README$|VERSION$|COPYING$)/', $_SERVER['SCRIPT_NAME']) or 55*7aaab109SAndreas Gohr preg_match('/^\/(data\/|conf\/|bin\/|inc\/|install.php)/', $_SERVER['SCRIPT_NAME']) 56*7aaab109SAndreas Gohr ) { 57*7aaab109SAndreas Gohr die('Access denied'); 58*7aaab109SAndreas Gohr } 59*7aaab109SAndreas Gohr 60*7aaab109SAndreas Gohr if(substr($_SERVER['SCRIPT_NAME'], -4) == '.php') { 61*7aaab109SAndreas Gohr # php scripts 62*7aaab109SAndreas Gohr require $_SERVER['DOCUMENT_ROOT'] . $_SERVER['SCRIPT_NAME']; 63*7aaab109SAndreas Gohr } else { 64*7aaab109SAndreas Gohr # static files 65*7aaab109SAndreas Gohr return false; 66*7aaab109SAndreas Gohr } 67*7aaab109SAndreas Gohr} 68*7aaab109SAndreas Gohr# 404 69