xref: /dokuwiki/index.php (revision 47de339b47c45069e8b9525bc0ef4396bcc60cfd) 
1<?php
2/**
3 * Forwarder/Router to doku.php
4 *
5 * In normal usage, this script simply redirects to doku.php. However it can also be used as a routing
6 * script with PHP's builtin webserver. It takes care of .htaccess compatible rewriting, directory/file
7 * access permission checking and passing on static files.
8 *
9 * Usage example:
10 *
11 *   php -S localhost:8000 index.php
12 *
13 * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
14 * @author     Andreas Gohr <andi@splitbrain.org>
15 */
16if(php_sapi_name() != 'cli-server') {
17    if(!defined('DOKU_INC')) define('DOKU_INC', dirname(__FILE__).'/');
18    require_once(DOKU_INC.'inc/init.php');
19
20    send_redirect(DOKU_URL.'doku.php');
21}
22
23# ROUTER starts below
24
25# avoid path traversal
26$_SERVER['SCRIPT_NAME'] = str_replace('/../', '/', $_SERVER['SCRIPT_NAME']);
27
28# routing aka. rewriting
29if(preg_match('/^\/_media\/(.*)/', $_SERVER['SCRIPT_NAME'], $m)) {
30    # media dispatcher
31    $_GET['media'] = $m[1];
32    require $_SERVER['DOCUMENT_ROOT'] . '/lib/exe/fetch.php';
33
34} else if(preg_match('/^\/_detail\/(.*)/', $_SERVER['SCRIPT_NAME'], $m)) {
35    # image detail view
36    $_GET['media'] = $m[1];
37    require $_SERVER['DOCUMENT_ROOT'] . '/lib/exe/detail.php';
38
39} else if(preg_match('/^\/_export\/([^\/]+)\/(.*)/', $_SERVER['SCRIPT_NAME'], $m)) {
40    # exports
41    $_GET['do'] = 'export_' . $m[1];
42    $_GET['id'] = $m[2];
43    require $_SERVER['DOCUMENT_ROOT'] . '/doku.php';
44
45} elseif($_SERVER['SCRIPT_NAME'] == '/index.php') {
46    # 404s are automatically mapped to index.php
47    if(isset($_SERVER['PATH_INFO'])) {
48        $_GET['id'] = $_SERVER['PATH_INFO'];
49    }
50    require $_SERVER['DOCUMENT_ROOT'] . '/doku.php';
51
52} else if(file_exists($_SERVER['DOCUMENT_ROOT'] . $_SERVER['SCRIPT_NAME'])) {
53    # existing files
54
55    # access limitiations
56    if(preg_match('/\/([\._]ht|README$|VERSION$|COPYING$)/', $_SERVER['SCRIPT_NAME']) or
57        preg_match('/^\/(data|conf|bin|inc)\//', $_SERVER['SCRIPT_NAME'])
58    ) {
59        die('Access denied');
60    }
61
62    if(substr($_SERVER['SCRIPT_NAME'], -4) == '.php') {
63        # php scripts
64        require $_SERVER['DOCUMENT_ROOT'] . $_SERVER['SCRIPT_NAME'];
65    } else {
66        # static files
67        return false;
68    }
69}
70# 404
71