summaryrefslogtreecommitdiffstats
path: root/app/index.php
blob: 13b6779b8791549a12f2388ce702639a602fb2ba (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
<?php

/*
 * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
 * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
 * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
 * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
 * OTHER DEALINGS IN THE SOFTWARE.
 *
 * For more information, please refer to UNLICENSE
 */

require_once "class/database.class.php";
require_once "class/settings.class.php";
require_once "class/user.class.php";

/*
 * This file is the entry-point to the Scrott application.  main() will
 * make a few assertions and figure out which content is being requested.
 */
function main(array $argv) : void
{
    try
    {
        /* assert the database configuration is present */
        if (!database::checkConfig())
        {
            require "view/dbconfig.php";
            return;
        }

        /* assert we are running over HTTPS (if enabled) */
        if (settings::sslOnly())
            require_https();

        /* assert that a user is logged in */
        if (!($user = user::getCurrent()))
        {
            require "view/login.php";
            return;
        }

        setPageObj($user);

        /* no arguments?  display dashboard */
        if (count($argv) == 0)
        {
            setPageName("<i>Dashboard</i>");
            require "view/dashboard.php";
            return;
        }

        switch ($argv[0])
        {
            case "logout":
                /* logout user */
                user::setCurrent();
                location("/");
                break;

            case "admin":
                /* check permissions */
                if ($user->admin == 0)
                    location("/");

                setPageName("<i>Administration</i>");
                require "view/administration.php";
                break;

            case "deleteaccount":
                setPageName("<i>Leaving Scrott</i>");
                require "view/deleteaccount.php";
                break;

            case "groups":
                setPageName("<i>Groups</i>");
                require "view/groups.php";
                break;

            case "pads":
                setPageName("<i>Pads</i>");
                require "view/pads.php";
                break;

            default:
                /* view object */
                if (table::isGUID($argv[0]))
                {
                    /* check permissions */
                    if (!$user->canAccess(new obj($argv[0])))
                    {
                        /* TODO - use notice modal instead of an exception */
                        throw new Exception("You do not have access permission for the requested object");
                    }

                    /* setup page */
                    switch (obj::typeOf($argv[0]))
                    {
                        case "pad":
                            $obj = new pad($argv[0]);
                            setPageObj($obj);
                            setPageName($obj->name);
                            require "view/pad.php";
                            break;
                    }
                }
        }
    }

    catch (Exception $e)
    {
        require "view/except.php";
    }
}

$tokens = explode("/", $_SERVER['PATH_INFO']);
main(array_values(array_filter($tokens)));

?>