115fae107Sandi<?php 215fae107Sandi/** 37aaab109SAndreas Gohr * Forwarder/Router to doku.php 47aaab109SAndreas Gohr * 57aaab109SAndreas Gohr * In normal usage, this script simply redirects to doku.php. However it can also be used as a routing 67aaab109SAndreas Gohr * script with PHP's builtin webserver. It takes care of .htaccess compatible rewriting, directory/file 77aaab109SAndreas Gohr * access permission checking and passing on static files. 87aaab109SAndreas Gohr * 97aaab109SAndreas Gohr * Usage example: 107aaab109SAndreas Gohr * 117aaab109SAndreas Gohr * php -S localhost:8000 index.php 1215fae107Sandi * 1315fae107Sandi * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 1415fae107Sandi * @author Andreas Gohr <andi@splitbrain.org> 1515fae107Sandi */ 167aaab109SAndreas Gohrif(php_sapi_name() != 'cli-server') { 177f4718ddSPhy if(!defined('DOKU_INC')) define('DOKU_INC', dirname(__FILE__).'/'); 187f4718ddSPhy require_once(DOKU_INC.'inc/init.php'); 197f4718ddSPhy 20*aceca2ebSSchplurtz le Déboulonné send_redirect(wl($conf['start'])); 217aaab109SAndreas Gohr} 227aaab109SAndreas Gohr 237aaab109SAndreas Gohr# ROUTER starts below 247aaab109SAndreas Gohr 257aaab109SAndreas Gohr# avoid path traversal 267aaab109SAndreas Gohr$_SERVER['SCRIPT_NAME'] = str_replace('/../', '/', $_SERVER['SCRIPT_NAME']); 277aaab109SAndreas Gohr 287aaab109SAndreas Gohr# routing aka. rewriting 297aaab109SAndreas Gohrif(preg_match('/^\/_media\/(.*)/', $_SERVER['SCRIPT_NAME'], $m)) { 307aaab109SAndreas Gohr # media dispatcher 317aaab109SAndreas Gohr $_GET['media'] = $m[1]; 327aaab109SAndreas Gohr require $_SERVER['DOCUMENT_ROOT'] . '/lib/exe/fetch.php'; 337aaab109SAndreas Gohr 347aaab109SAndreas Gohr} else if(preg_match('/^\/_detail\/(.*)/', $_SERVER['SCRIPT_NAME'], $m)) { 357aaab109SAndreas Gohr # image detail view 367aaab109SAndreas Gohr $_GET['media'] = $m[1]; 377aaab109SAndreas Gohr require $_SERVER['DOCUMENT_ROOT'] . '/lib/exe/detail.php'; 387aaab109SAndreas Gohr 3962c31ba5SRainbow Spike} else if(preg_match('/^\/_export\/([^\/]+)\/(.*)/', $_SERVER['SCRIPT_NAME'], $m)) { 407aaab109SAndreas Gohr # exports 417aaab109SAndreas Gohr $_GET['do'] = 'export_' . $m[1]; 427aaab109SAndreas Gohr $_GET['id'] = $m[2]; 437aaab109SAndreas Gohr require $_SERVER['DOCUMENT_ROOT'] . '/doku.php'; 447aaab109SAndreas Gohr 457aaab109SAndreas Gohr} elseif($_SERVER['SCRIPT_NAME'] == '/index.php') { 467aaab109SAndreas Gohr # 404s are automatically mapped to index.php 477aaab109SAndreas Gohr if(isset($_SERVER['PATH_INFO'])) { 487aaab109SAndreas Gohr $_GET['id'] = $_SERVER['PATH_INFO']; 497aaab109SAndreas Gohr } 507aaab109SAndreas Gohr require $_SERVER['DOCUMENT_ROOT'] . '/doku.php'; 517aaab109SAndreas Gohr 527aaab109SAndreas Gohr} else if(file_exists($_SERVER['DOCUMENT_ROOT'] . $_SERVER['SCRIPT_NAME'])) { 537aaab109SAndreas Gohr # existing files 547aaab109SAndreas Gohr 557aaab109SAndreas Gohr # access limitiations 567aaab109SAndreas Gohr if(preg_match('/\/([\._]ht|README$|VERSION$|COPYING$)/', $_SERVER['SCRIPT_NAME']) or 5773cc470bSAndreas Gohr preg_match('/^\/(data|conf|bin|inc)\//', $_SERVER['SCRIPT_NAME']) 587aaab109SAndreas Gohr ) { 597aaab109SAndreas Gohr die('Access denied'); 607aaab109SAndreas Gohr } 617aaab109SAndreas Gohr 627aaab109SAndreas Gohr if(substr($_SERVER['SCRIPT_NAME'], -4) == '.php') { 637aaab109SAndreas Gohr # php scripts 647aaab109SAndreas Gohr require $_SERVER['DOCUMENT_ROOT'] . $_SERVER['SCRIPT_NAME']; 657aaab109SAndreas Gohr } else { 667aaab109SAndreas Gohr # static files 677aaab109SAndreas Gohr return false; 687aaab109SAndreas Gohr } 697aaab109SAndreas Gohr} 707aaab109SAndreas Gohr# 404 71