summaryrefslogtreecommitdiff
path: root/index.php
blob: 4880d5ccca916213767200368167852ca1609b51 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
<?php
// What directory are we in on the server? /////////////////////////////////////
define('BASEPATH', dirname(__FILE__));

// Check for xss attacks. //////////////////////////////////////////////////////
$xss_file = BASEPATH.'/xss-check.php';
if (file_exists($xss_file)) {
	require($xss_file);
	if (xss_attack()) {
		echo "execution halted to prevent XSS attack.";
		exit();
	}
}
unset($xss_file);

// Decide where to look for things. ////////////////////////////////////////////
$app_path = glob(BASEPATH.'/apps/*');
array_unshift($app_path, BASEPATH.'/lpf');

$libpath = array();
$modelpath = array();
$viewpath = array();
$controllerpath = array();
$pluginpath = array();

foreach ($app_path as $dir) {
	if (is_dir($dir.'/lib'        )) { $libpath[]        = $dir.'/lib'; }
	if (is_dir($dir.'/ext'        )) { $libpath[]        = $dir.'/ext'; }
	if (is_dir($dir.'/models'     )) { $modelpath[]      = $dir.'/models'; }
	if (is_dir($dir.'/views'      )) { $viewpath[]       = $dir.'/views'; }
	if (is_dir($dir.'/controllers')) { $controllerpath[] = $dir.'/controllers'; }
	if (is_dir($dir.'/plugins'    )) { $controllerpath[] = $dir.'/plugins'; }
}
unset($app_path);

define('LIBPATH',       implode(PATH_SEPARATOR, $libpath       )); unset($libpath);
define('MODELPATH',     implode(PATH_SEPARATOR, $modelpath     )); unset($modelpath);
/*define('VIEWPATH',      implode(PATH_SEPARATOR, $viewpath      ));*/ unset($viewpath);
define('VIEWPATH', BASEPATH.'/apps/um/views');
define('CONTROLLERPATH',implode(PATH_SEPARATOR, $controllerpath)); unset($controllerpath);
define('PLUGINPATH',    implode(PATH_SEPARATOR, $pluginpath    )); unset($pluginpath);

set_include_path(get_include_path()
                 .PATH_SEPARATOR.LIBPATH
                 .PATH_SEPARATOR.MODELPATH
                 .PATH_SEPARATOR.CONTROLLERPATH
                 .PATH_SEPARATOR.PLUGINPATH
                 );

// Figure what page is trying to be loaded. ////////////////////////////////////
// We don't have to do any check if it's a real file being looked for, if the
// requested page exists as a real file, .htaccess won't even let us load
@$PAGE_RAW = $_GET['p'];
$PAGE_PARTS = explode('/', $PAGE_RAW);
$FILE = array_pop($PAGE_PARTS);
$regex = '@([^.]*)\\.(.*)@';
if (preg_match($regex, $FILE, $matches)) {
	@$FILE = $matches[1];
	@$EXT  = $matches[2];
	array_push($PAGE_PARTS, $FILE);
	$PAGE = implode('/', $PAGE_PARTS);
} else {
	$PAGE = $PAGE_RAW;
}
unset($PAGE_RAW); unset($PAGE_PARTS); unset($FILE); unset($regex);

if ($PAGE=='') $PAGE = 'index';
define('PAGE', $PAGE); unset($PAGE);
define('PAGE_EXT', $EXT); unset($EXT);

// Include base MVC classes ////////////////////////////////////////////////////
require_once('Model.class.php');
require_once('View.class.php');
require_once('Controller.class.php');

// Check if we have a database configuration ///////////////////////////////////
$conf_file = BASEPATH.'/conf.php';
if (file_exists($conf_file)) {
	require_once('Database.class.php');
	new Database($conf_file);
	session_start();
} else {
	$view = new View('no-conf');
	$view->show(array());
	exit();
}
unset($conf_file);

// Kludgy ugly hacky hack //////////////////////////////////////////////////////
require_once('ContactMethod.class.php');
require(BASEPATH.'/conf-contacts.php');

// Business ////////////////////////////////////////////////////////////////////
require_once('Router.class.php');
$router = new Router(CONTROLLERPATH);
$router->route(PAGE);