115fae107Sandi<?php 215fae107Sandi/** 37aaab109SAndreas Gohr * Forwarder/Router to doku.php 47aaab109SAndreas Gohr * 57aaab109SAndreas Gohr * In normal usage, this script simply redirects to doku.php. However it can also be used as a routing 67aaab109SAndreas Gohr * script with PHP's builtin webserver. It takes care of .htaccess compatible rewriting, directory/file 77aaab109SAndreas Gohr * access permission checking and passing on static files. 87aaab109SAndreas Gohr * 97aaab109SAndreas Gohr * Usage example: 107aaab109SAndreas Gohr * 117aaab109SAndreas Gohr * php -S localhost:8000 index.php 1215fae107Sandi * 1315fae107Sandi * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 1415fae107Sandi * @author Andreas Gohr <andi@splitbrain.org> 1515fae107Sandi */ 167aaab109SAndreas Gohrif (php_sapi_name() != 'cli-server') { 177f4718ddSPhy if (!defined('DOKU_INC')) define('DOKU_INC', dirname(__FILE__) . '/'); 187f4718ddSPhy require_once(DOKU_INC . 'inc/init.php'); 197f4718ddSPhy 207f4718ddSPhy send_redirect(DOKU_URL . 'doku.php'); 217aaab109SAndreas Gohr} 227aaab109SAndreas Gohr 23*7f153c56SAndreas Gohr// ROUTER starts below 247aaab109SAndreas Gohr 25*7f153c56SAndreas Gohr// avoid path traversal 267aaab109SAndreas Gohr$_SERVER['SCRIPT_NAME'] = str_replace('/../', '/', $_SERVER['SCRIPT_NAME']); 277aaab109SAndreas Gohr 28*7f153c56SAndreas Gohr// routing aka. rewriting 297aaab109SAndreas Gohrif (preg_match('/^\/_media\/(.*)/', $_SERVER['SCRIPT_NAME'], $m)) { 30*7f153c56SAndreas Gohr // media dispatcher 317aaab109SAndreas Gohr $_GET['media'] = $m[1]; 327aaab109SAndreas Gohr require $_SERVER['DOCUMENT_ROOT'] . '/lib/exe/fetch.php'; 337aaab109SAndreas Gohr 347aaab109SAndreas Gohr} elseif (preg_match('/^\/_detail\/(.*)/', $_SERVER['SCRIPT_NAME'], $m)) { 35*7f153c56SAndreas Gohr // image detail view 367aaab109SAndreas Gohr $_GET['media'] = $m[1]; 377aaab109SAndreas Gohr require $_SERVER['DOCUMENT_ROOT'] . '/lib/exe/detail.php'; 387aaab109SAndreas Gohr 3962c31ba5SRainbow Spike} elseif (preg_match('/^\/_export\/([^\/]+)\/(.*)/', $_SERVER['SCRIPT_NAME'], $m)) { 40*7f153c56SAndreas Gohr // exports 417aaab109SAndreas Gohr $_GET['do'] = 'export_' . $m[1]; 427aaab109SAndreas Gohr $_GET['id'] = $m[2]; 437aaab109SAndreas Gohr require $_SERVER['DOCUMENT_ROOT'] . '/doku.php'; 447aaab109SAndreas Gohr 45*7f153c56SAndreas Gohr} elseif ( 46*7f153c56SAndreas Gohr $_SERVER['SCRIPT_NAME'] !== '/index.php' && 47*7f153c56SAndreas Gohr file_exists($_SERVER['DOCUMENT_ROOT'] . $_SERVER['SCRIPT_NAME']) 48*7f153c56SAndreas Gohr) { 49*7f153c56SAndreas Gohr // existing files 507aaab109SAndreas Gohr 51*7f153c56SAndreas Gohr // access limitiations 52*7f153c56SAndreas Gohr if (preg_match('/\/([._]ht|README$|VERSION$|COPYING$)/', $_SERVER['SCRIPT_NAME']) or 5373cc470bSAndreas Gohr preg_match('/^\/(data|conf|bin|inc)\//', $_SERVER['SCRIPT_NAME']) 547aaab109SAndreas Gohr ) { 557aaab109SAndreas Gohr die('Access denied'); 567aaab109SAndreas Gohr } 577aaab109SAndreas Gohr 587aaab109SAndreas Gohr if (substr($_SERVER['SCRIPT_NAME'], -4) == '.php') { 597aaab109SAndreas Gohr # php scripts 607aaab109SAndreas Gohr require $_SERVER['DOCUMENT_ROOT'] . $_SERVER['SCRIPT_NAME']; 617aaab109SAndreas Gohr } else { 627aaab109SAndreas Gohr # static files 637aaab109SAndreas Gohr return false; 647aaab109SAndreas Gohr } 65*7f153c56SAndreas Gohr} else { 66*7f153c56SAndreas Gohr // treat everything else as a potential wiki page 67*7f153c56SAndreas Gohr // working around https://bugs.php.net/bug.php?id=61286 68*7f153c56SAndreas Gohr if (isset($_SERVER['PATH_INFO'])) { 69*7f153c56SAndreas Gohr $_GET['id'] = $_SERVER['PATH_INFO']; 70*7f153c56SAndreas Gohr } else { 71*7f153c56SAndreas Gohr $_GET['id'] = $_SERVER['SCRIPT_NAME']; 727aaab109SAndreas Gohr } 73*7f153c56SAndreas Gohr 74*7f153c56SAndreas Gohr require $_SERVER['DOCUMENT_ROOT'] . '/doku.php'; 75*7f153c56SAndreas Gohr} 76