blob: 13b6779b8791549a12f2388ce702639a602fb2ba (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
<?php
/*
* SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
* IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
* OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
* ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
* OTHER DEALINGS IN THE SOFTWARE.
*
* For more information, please refer to UNLICENSE
*/
require_once "class/database.class.php";
require_once "class/settings.class.php";
require_once "class/user.class.php";
/*
* This file is the entry-point to the Scrott application. main() will
* make a few assertions and figure out which content is being requested.
*/
function main(array $argv) : void
{
try
{
/* assert the database configuration is present */
if (!database::checkConfig())
{
require "view/dbconfig.php";
return;
}
/* assert we are running over HTTPS (if enabled) */
if (settings::sslOnly())
require_https();
/* assert that a user is logged in */
if (!($user = user::getCurrent()))
{
require "view/login.php";
return;
}
setPageObj($user);
/* no arguments? display dashboard */
if (count($argv) == 0)
{
setPageName("<i>Dashboard</i>");
require "view/dashboard.php";
return;
}
switch ($argv[0])
{
case "logout":
/* logout user */
user::setCurrent();
location("/");
break;
case "admin":
/* check permissions */
if ($user->admin == 0)
location("/");
setPageName("<i>Administration</i>");
require "view/administration.php";
break;
case "deleteaccount":
setPageName("<i>Leaving Scrott</i>");
require "view/deleteaccount.php";
break;
case "groups":
setPageName("<i>Groups</i>");
require "view/groups.php";
break;
case "pads":
setPageName("<i>Pads</i>");
require "view/pads.php";
break;
default:
/* view object */
if (table::isGUID($argv[0]))
{
/* check permissions */
if (!$user->canAccess(new obj($argv[0])))
{
/* TODO - use notice modal instead of an exception */
throw new Exception("You do not have access permission for the requested object");
}
/* setup page */
switch (obj::typeOf($argv[0]))
{
case "pad":
$obj = new pad($argv[0]);
setPageObj($obj);
setPageName($obj->name);
require "view/pad.php";
break;
}
}
}
}
catch (Exception $e)
{
require "view/except.php";
}
}
$tokens = explode("/", $_SERVER['PATH_INFO']);
main(array_values(array_filter($tokens)));
?>
|