[[warn]]
'; + if ($offset = strpos($doc, '')) { + $doc = substr_replace($doc, "\n\n".$warn, $offset + 5, 0); + } + else { + $doc = $warn . "\n\n" . $doc; + } + } + return str_replace(array_keys($rep), array_values($rep), $doc); } +# custom error handling + +define('DOCROOT', getcwd().'/'); + function fail($error) { http_response_code(500); include_once 'page.inc.php'; ob_start(); - require_once './500.html'; + require_once DOCROOT.'500.html'; print getoutput(['debug' => $error]); } + set_exception_handler('fail'); define('E_FATAL', E_ERROR | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR); + +set_error_handler(function ($level, $error, $file, $line) { + if ($level & E_FATAL) { + fail($error); + return; + } + return FALSE; +}); + register_shutdown_function(function () { # display failure page for fatal exceptions $error = error_get_last(); if (!($error['type'] & E_FATAL)) return; fail("Fatal: $error[message] in $error[file]:$error[line]"); }); + error_reporting(error_reporting() & ~E_FATAL); +# user login and control + include_once 'auth.inc.php'; $Edit = isset($_GET['edit']); # distinguish subpage Args from topmost Page script $Args = ''; -$Page = preg_replace('/\?.*/', '', $_SERVER['REQUEST_URI']); +$Page = preg_replace('/\?.*/', '', @$_SERVER['PATH_INFO'] ?: $_SERVER['REQUEST_URI']); $Page = urldecode(trim($Page, '/')) ?: 'index'; while (TRUE) { if (file_exists("$Page/.private")) { # access restriction - if (!isset($User)) { - http_response_code(403); - include_once 'page.inc.php'; - ob_start(); - @require_once './403.html'; + if (empty($User)) { + http_response_code(303); + $target = urlencode($_SERVER['REQUEST_URI']); + header("Location: /login?goto=$target"); exit; } + $PageAccess = $Page; } if (file_exists("$Page.php")) { @@ -72,13 +99,13 @@ ob_start(); # inner html print '