-
-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathindex.php
154 lines (130 loc) · 4.55 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
<?php
/**
* @file index.php
* @created_on 2018-05-27
* @updated_on 2020-06-14
* @author Go Namhyeon <[email protected]>
* @brief ReasonableFramework is RVHM structured PHP framework with common security
* @cvs https://github.com/gnh1201/reasonableframework
* @sponsor https://patreon.com/catswords (with advanced security)
*/
define("_DEF_VSPF_", true); // compatible to VSPF
define("_DEF_RSF_", true); // compatible to RSF
define("APP_DEVELOPMENT", false); // set the status of development
define("DOC_EOL", "\r\n"); // set the 'end of line'
define("CORS_DOMAINS", false); // common security: allow origin domains (e.g. example.org,*.example.org)
define("PHP_FIREWALL_REQUEST_URI", strip_tags($_SERVER['REQUEST_URI'])); // advanced security
define("PHP_FIREWALL_ACTIVATION", false); // advanced security
define("PHP_DDOS_PROTECTION", false); // advanced security
// development mode
if(APP_DEVELOPMENT == true) {
error_reporting(E_ALL);
@ini_set("log_errors", 1);
@ini_set("error_log", sprintf("%s/storage/sandbox/logs/error.log", getcwd()));
} else {
error_reporting(E_ERROR | E_PARSE);
}
@ini_set("display_errors", 1);
// CORS Security (https or http)
if(CORS_DOMAINS !== false) {
$domains = explode(",", CORS_DOMAINS);
$_origin = array_key_exists("HTTP_ORIGIN", $_SERVER) ? $_SERVER['HTTP_ORIGIN'] : "";
$origins = array();
if(!in_array("*", $domains)) {
foreach($domains as $domain) {
if(!empty($domain)) {
if(substr($domain, 0, 2) == "*.") { // support wildcard
$needle = substr($domain, 1);
$length = strlen($needle);
if(substr($_origin, -$length) === $needle) {
$origins[] = $_origin;
}
} else {
$origins[] = sprintf("https://%s", $domain);
$origins[] = sprintf("http://%s", $domain);
}
}
}
if(count($origins) > 0) {
if(in_array($_origin, $origins)) {
header(sprintf("Access-Control-Allow-Origin: %s", $_origin));
} else {
header(sprintf("Access-Control-Allow-Origin: %s", $origins[0]));
}
}
} else {
header("Access-Control-Allow-Origin: *");
}
}
// set shared vars
$shared_vars = array();
// define system modules
$load_systems = array("base", "storage", "config", "security", "database", "uri", "logger");
// load system modules
foreach($load_systems as $system_name) {
$system_inc_file = "./system/" . $system_name . ".php";
if(file_exists($system_inc_file)) {
if($system_name == "base") {
include($system_inc_file);
register_loaded("system", $system_inc_file);
} else {
loadModule($system_name);
}
} else {
echo "ERROR: Dose not exists " . $system_inc_file;
exit;
}
}
// get config
$config = get_config();
// get requests
$requests = get_requests();
// get PID(Process ID)
set_shared_var("mypid", getmypid());
// set database connection
// variable _unset_dbc: will not connect to database
$_unset_dbc = get_requested_value("_unset_dbc");
if(empty($_unset_dbc)) {
set_shared_var("dbc", get_db_connect());
}
// set max_execution_time
$max_execution_time = get_value_in_array("max_execution_time", $config, -1);
set_max_execution_time($max_execution_time);
// set memory limit
$memory_limit = get_value_in_array("memory_limit", $config, -1);
set_memory_limit($memory_limit);
// set upload max filesize
$upload_max_filesize = get_value_in_array("upload_max_filesize", $config, -1);
set_upload_max_filesize($upload_max_filesize);
// set post max size
$post_max_size = get_value_in_array("post_max_size", $config, -1);
set_post_max_size($post_max_size);
// start session
start_isolated_session();
// set autoloader
if(!array_key_empty("enable_autoload", $config)) {
set_autoloader();
}
// set timezone
$default_timezone = get_value_in_array("timezone", $config, "UTC");
date_default_timezone_set($default_timezone);
// write visit log
$log_mode_visit = get_value_in_array("log_mode_visit", $config, "");
write_visit_log($log_mode_visit);
// get requested route
$route = read_route();
// advanced security: PHP firewall
if(PHP_FIREWALL_ACTIVATION !== false) {
loadHelper("php-firewall.lnk");
}
// advanced security: DDOS protection
if(PHP_DDOS_PROTECTION !== false) {
loadHelper("php-ddos.lnk");
}
// load route
if(!loadRoute($route, $shared_vars)) {
loadRoute("errors/404", $shared_vars);
}
// disconnect database
close_db_connect();
// EOF