X-Git-Url: http://git.shiar.net/minimedit.git/blobdiff_plain/6a69016b8fcb74f31c133425812fa885968261ec..31c579d01b42a898bae845825f41f92e19c588e2:/page.php

diff --git a/page.php b/page.php
index dc7f012..21cc0a0 100644
--- a/page.php
+++ b/page.php
@@ -16,12 +16,14 @@ function getoutput($blocks = [])
 
 # custom error handling
 
+define('DOCROOT', getcwd().'/');
+
 function fail($error)
 {
 	http_response_code(500);
 	include_once 'page.inc.php';
 	ob_start();
-	require_once './500.html';
+	require_once DOCROOT.'500.html';
 	print getoutput(['debug' => $error]);
 }
 
@@ -54,18 +56,18 @@ $Edit = isset($_GET['edit']);
 # distinguish subpage Args from topmost Page script
 
 $Args = '';
-$Page = preg_replace('/\?.*/', '', $_SERVER['REQUEST_URI']);
+$Page = preg_replace('/\?.*/', '', @$_SERVER['PATH_INFO'] ?: $_SERVER['REQUEST_URI']);
 $Page = urldecode(trim($Page, '/')) ?: 'index';
 while (TRUE) {
 	if (file_exists("$Page/.private")) {
 		# access restriction
 		if (!isset($User)) {
-			http_response_code(403);
-			include_once 'page.inc.php';
-			ob_start();
-			@require_once './403.html';
+			http_response_code(303);
+			$target = urlencode($_SERVER['REQUEST_URI']);
+			header("Location: /login?goto=$target");
 			exit;
 		}
+		$PageAccess = $Page;
 	}
 
 	if (file_exists("$Page.php")) {
@@ -102,7 +104,7 @@ print "</div>\n\n";
 # execute dynamic code
 
 if ($Page) {
-	$found |= @require "./$Page.php";
+	$found |= require "./$Page.php";
 }
 
 # global html