Pepperminty-Wiki/core/50-security.php

<?php


//////////////////////////////////////
///// Extra consistency measures /////
//////////////////////////////////////

// CHANGED: The search redirector has now been moved to below the module registration system, as it was causing a warning here

// Redirect the user to the login page if:
//  - A login is required to view this wiki
//  - The user isn't already requesting the login page
// Note we use $_GET here because $env->action isn't populated at this point
if(
    !is_cli() &&
    $settings->require_login_view === true && // If this site requires a login in order to view pages
   !$env->is_logged_in && // And the user isn't logged in
   !in_array($_GET["action"], [ "login", "checklogin", "opensearch-description", "invindex-rebuild", "stats-update" ])) // And the user isn't trying to login, or get the opensearch description, or access actions that apply their own access rules
{
	// Redirect the user to the login page
	http_response_code(307);
	header("x-login-required: yes");
	$url = "?action=login&returnto=" . rawurlencode($_SERVER["REQUEST_URI"]) . "&required=true";
	header("location: $url");
	exit(page_renderer::render("Login required - $settings->sitename", "<p>$settings->sitename requires that you login before you are able to access it.</p>
		<p><a href='$url'>Login</a>.</p>"));
}
//////////////////////////////////////
//////////////////////////////////////
Split core.php up into 16(!) different files. This has been a looong time in coming. 1.9K links is _far_ too much for any file. 2019-03-02 16:45:34 +00:00			`<?php`


			`//////////////////////////////////////`
			`///// Extra consistency measures /////`
			`//////////////////////////////////////`

			`// CHANGED: The search redirector has now been moved to below the module registration system, as it was causing a warning here`

			`// Redirect the user to the login page if:`
			`// - A login is required to view this wiki`
			`// - The user isn't already requesting the login page`
			`// Note we use $_GET here because $env->action isn't populated at this point`
Implement basic Pepperminty Wiki CLI & shell :D The BkTree tester gave me the idea. No longer will you have to hope that search indexing will complete in time and adjust the maximum execution time for larger wikis..... when that's implemented. 2020-03-10 01:47:40 +00:00			`if(`
			`!is_cli() &&`
			`$settings->require_login_view === true && // If this site requires a login in order to view pages`
Split core.php up into 16(!) different files. This has been a looong time in coming. 1.9K links is _far_ too much for any file. 2019-03-02 16:45:34 +00:00			`!$env->is_logged_in && // And the user isn't logged in`
			`!in_array($_GET["action"], [ "login", "checklogin", "opensearch-description", "invindex-rebuild", "stats-update" ])) // And the user isn't trying to login, or get the opensearch description, or access actions that apply their own access rules`
			`{`
			`// Redirect the user to the login page`
			`http_response_code(307);`
			`header("x-login-required: yes");`
			`$url = "?action=login&returnto=" . rawurlencode($_SERVER["REQUEST_URI"]) . "&required=true";`
			`header("location: $url");`
			`exit(page_renderer::render("Login required - $settings->sitename", "<p>$settings->sitename requires that you login before you are able to access it.</p>`
			`<p><a href='$url'>Login</a>.</p>"));`
			`}`
			`//////////////////////////////////////`
			`//////////////////////////////////////`