Dotclear

source: inc/load_plugin_file.php @ 3961:5ae0cfbf756a

Revision 3961:5ae0cfbf756a, 2.6 KB checked in by franck <carnet.franck.paul@…>, 7 years ago (diff)

No need of /font neither /swf local folders - we will see later if we still need anything else…
RevLine 
[0]1<?php
[3731]2/**
3 * @package Dotclear
4 * @subpackage Core
5 *
6 * @copyright Olivier Meunier & Association Dotclear
7 * @copyright GPL-2.0-only
8 */
[0]9
10if (@is_dir('/usr/lib/clearbricks')) {
[3730]11    define('CLEARBRICKS_PATH', '/usr/lib/clearbricks');
12} elseif (is_dir(dirname(__FILE__) . '/libs/clearbricks')) {
13    define('CLEARBRICKS_PATH', dirname(__FILE__) . '/libs/clearbricks');
[0]14} elseif (isset($_SERVER['CLEARBRICKS_PATH']) && is_dir($_SERVER['CLEARBRICKS_PATH'])) {
[3730]15    define('CLEARBRICKS_PATH', $_SERVER['CLEARBRICKS_PATH']);
[0]16}
17
18if (!defined('CLEARBRICKS_PATH') || !is_dir(CLEARBRICKS_PATH)) {
[3730]19    exit('No clearbricks path defined');
[0]20}
21
[3730]22require CLEARBRICKS_PATH . '/_common.php';
[0]23
24if (isset($_SERVER['DC_RC_PATH'])) {
[3730]25    define('DC_RC_PATH', $_SERVER['DC_RC_PATH']);
[0]26} elseif (isset($_SERVER['REDIRECT_DC_RC_PATH'])) {
[3730]27    define('DC_RC_PATH', $_SERVER['REDIRECT_DC_RC_PATH']);
[0]28} else {
[3730]29    define('DC_RC_PATH', dirname(__FILE__) . '/config.php');
[0]30}
31
32if (!is_file(DC_RC_PATH)) {
[3730]33    trigger_error('Unable to open config file', E_USER_ERROR);
34    exit;
[0]35}
36
37require DC_RC_PATH;
38
39if (empty($_GET['pf'])) {
[3730]40    header('Content-Type: text/plain');
41    http::head(404, 'Not Found');
42    exit;
[0]43}
44
[3020]45// $_GET['v'] : version in url to bypass cache in case of dotclear upgrade or in dev mode
[3022]46// but don't care of value
[3730]47if (isset($_GET['v'])) {
[3022]48    unset($_GET['v']);
49}
50
51// Only $_GET['pf'] is allowed in URL
[3730]52if (count($_GET) > 1) {
[1116]53    header('Content-Type: text/plain');
[3730]54    http::head(403, 'Forbidden');
[1116]55    exit;
[1115]56}
57
[3960]58$allow_types = ['png', 'jpg', 'jpeg', 'gif', 'css', 'js', 'swf', 'svg', 'woff', 'woff2', 'ttf', 'otf', 'eot'];
[0]59
60$pf = path::clean($_GET['pf']);
61
[3730]62$paths = array_reverse(explode(PATH_SEPARATOR, DC_PLUGINS_ROOT));
[0]63
[2804]64# Adding some folders here to load some stuff
[3730]65$paths[] = dirname(__FILE__) . '/js';
66$paths[] = dirname(__FILE__) . '/css';
[2800]67
[3730]68foreach ($paths as $m) {
69    $PF = path::real($m . '/' . $pf);
[2566]70
[3730]71    if ($PF !== false) {
72        break;
73    }
[0]74}
75unset($paths);
76
77if ($PF === false || !is_file($PF) || !is_readable($PF)) {
[3730]78    header('Content-Type: text/plain');
79    http::head(404, 'Not Found');
80    exit;
[0]81}
82
[3730]83if (!in_array(files::getExtension($PF), $allow_types)) {
84    header('Content-Type: text/plain');
85    http::head(404, 'Not Found');
86    exit;
[0]87}
88
[3730]89http::$cache_max_age = 7 * 24 * 60 * 60; // One week cache for plugin's files served by ?pf=… is better than old 2 hours
[3874]90http::cache(array_merge([$PF], get_included_files()));
[0]91
[3730]92header('Content-Type: ' . files::getMimeType($PF));
[3143]93// Content-length is not mandatory and must be the exact size of content transfered AFTER possible compression (gzip, deflate, …)
94//header('Content-Length: '.filesize($PF));
[0]95readfile($PF);
96exit;
Note: See TracBrowser for help on using the repository browser.

Sites map