diff --git a/app/ConnectionProvider.php b/app/ConnectionProvider.php new file mode 100644 index 0000000..dd68bdc --- /dev/null +++ b/app/ConnectionProvider.php @@ -0,0 +1,11 @@ + [ + 'economy' => 'Api\\Economy', + 'economylandtool' => 'Api\\EconomyLandTool', + 'economylandtool.php' => 'Api\\EconomyLandTool', + 'getAccessList' => 'Api\\GetAccessList', + 'onlineDisplay' => 'Api\\OnlineDisplay', + 'viewerWelcomeSite' => 'Api\\ViewerWelcomePage', + 'runCron' => 'Api\\CronStarter' + ], + 'page' => [ + 'dashboard' => 'Page\\Dashboard', + 'forgot' => 'Page\\ForgotPassword', + 'friends' => 'Page\\Friends', + 'groups' => 'Page\\Groups', + 'identities' => 'Page\\Identities', + 'login' => 'Page\\Login', + 'profile' => 'Page\\Profile', + 'regions' => 'Page\\Regions', + 'register' => 'Page\\Register', + 'reset-password' => 'Page\\ResetPassword', + 'user-online-state' => 'Page\\OnlineUsers', + 'users' => 'Page\\ManageUsers' + ] + ]; + + public function __construct($basedir) + { + $this->templateDir = $basedir.DIRECTORY_SEPARATOR.'templates'; + require $basedir.DIRECTORY_SEPARATOR.'config.php'; + $this->config = $RUNTIME; + } + + public function db(): PDO + { + if ($this->db == null) { + $this->db = new PDO('mysql:host='.$this->config['mysql']['host'].';dbname='.$this->config['mysql']['db'], + $this->config['mysql']['user'], + $this->config['mysql']['password']); + } + + return $this->db; + } + + public function config($key): string|array|int + { + return $this->config[strtolower($key)]; + } + + public function csrfField(): string + { + return ''; + } + + public function template($name): TemplateBuilder + { + return (new TemplateBuilder($this->templateDir, $name))->vars([ + 'domain' => $this->config['domain'], + 'title' => 'MCP', + 'admin' => isset($_SESSION['LEVEL']) && $_SESSION['LEVEL'] > 100 + ])->unsafeVar('csrf', $this->csrfField()); + } + + public function handleRequest() + { + $reqClass = 'Mcp\\Page\\Error'; + if (empty($_GET)) { + $reqClass = 'Mcp\\'.$this::ROUTES['page'][array_key_first($this::ROUTES['page'])]; + } else { + if (isset($_GET['logout'])) { + session_start(); + session_destroy(); + header('Location: /'); + return; + } + + foreach ($this::ROUTES as $type => $routes) { + if (isset($_GET[$type])) { + if (strlen($_GET[$type]) <= 100 && preg_match('/^[0-9a-zA-Z-_.]+$/', $_GET[$type]) && isset($routes[$_GET[$type]])) { + $reqClass = 'Mcp\\'.$routes[$_GET[$type]]; + } + break; + } + } + } + + (new $reqClass($this))->handleRequest(); + } + +} diff --git a/app/RequestHandler.php b/app/RequestHandler.php new file mode 100644 index 0000000..9a356c0 --- /dev/null +++ b/app/RequestHandler.php @@ -0,0 +1,54 @@ +app = $app; + $this->middleware = $mw; + } + + public function handleRequest(): void + { + if ($_SERVER['REQUEST_METHOD'] != 'GET' && $_SERVER['REQUEST_METHOD'] != 'POST') { + http_response_code(400); + exit(); + } + + if ($this->middleware != null) { + try { + if (!$this->middleware->canAccess()) { + $this->middleware->handleUnauthorized(); + exit(); + } + } catch (Exception $e) { + error_log("Middleware handling raised an exception: " + $e->getMessage()); + http_response_code(500); + exit(); + } + } + + $_SERVER['REQUEST_METHOD'] == 'GET' ? $this->get() : $this->post(); + } + + public function get(): void + { + http_response_code(405); + } + + public function post(): void + { + http_response_code(405); + } + +} diff --git a/public/index.php b/public/index.php new file mode 100644 index 0000000..a7a26ab --- /dev/null +++ b/public/index.php @@ -0,0 +1,11 @@ +handleRequest();