url=[^&?]*)(?.*[&?]url=.*)$/', $_SERVER['QUERY_STRING'], $results) ) { $queryString = $results['query'].'&'.$results['url']; $parseQuery($queryString); } $url = $_GET['url']; // IIS includes get variables in url $i = strpos($url, '?'); if($i !== false) { $url = substr($url, 0, $i); } // Lighttpd and PHP 5.4's built-in webserver use this } else { // Get raw URL -- still needs to be decoded below (after parsing out query string). $url = $_SERVER['REQUEST_URI']; // Querystring args need to be explicitly parsed if(strpos($url,'?') !== false) { list($url, $query) = explode('?',$url,2); $parseQuery($query); } // Decode URL now that it has been separated from query string. $url = urldecode($url); // Pass back to the webserver for files that exist if(php_sapi_name() === 'cli-server' && file_exists(BASE_PATH . $url) && is_file(BASE_PATH . $url)) { return false; } } // Remove base folders from the URL if webroot is hosted in a subfolder if (substr(strtolower($url), 0, strlen(BASE_URL)) == strtolower(BASE_URL)) $url = substr($url, strlen(BASE_URL)); /** * Include SilverStripe's core code */ require_once('core/startup/ConfirmationTokenChain.php'); require_once('core/startup/ErrorControlChain.php'); require_once('core/startup/ParameterConfirmationToken.php'); require_once('core/startup/URLConfirmationToken.php'); // Prepare tokens and execute chain $confirmationTokenChain = new ConfirmationTokenChain(); $confirmationTokenChain->pushToken(new URLConfirmationToken('dev/build')); foreach (array('isTest', 'isDev', 'flush') as $parameter) { $confirmationTokenChain->pushToken(new ParameterConfirmationToken($parameter)); } $chain = new ErrorControlChain(); $chain ->then(function($chain) use ($confirmationTokenChain) { if ($confirmationTokenChain->suppressionRequired()) { $confirmationTokenChain->suppressTokens(); } else { // If no redirection is necessary then we can disable error supression $chain->setSuppression(false); } // Load in core require_once('core/Core.php'); // Connect to database require_once('model/DB.php'); global $databaseConfig; if ($databaseConfig) DB::connect($databaseConfig); // Check if a token is requesting a redirect if (!$confirmationTokenChain->reloadRequired()) return; // Otherwise, we start up the session if needed if(!isset($_SESSION) && Session::request_contains_session_id()) { Session::start(); } // Next, check if we're in dev mode, or the database doesn't have any security data, or we are admin if (Director::isDev() || !Security::database_is_ready() || Permission::check('ADMIN')) { return $confirmationTokenChain->reloadWithToken(); } // Fail and redirect the user to the login page $params = array_merge($_GET, $confirmationTokenChain->params(false)); if (isset($params['url'])) { unset($params['url']); } $backURL = $confirmationTokenChain->getRedirectUrlBase() . '?' . http_build_query($params); $loginPage = Director::absoluteURL(Security::config()->get('login_url')); $loginPage .= "?BackURL=" . urlencode($backURL); header('location: '.$loginPage, true, 302); die; }) // Finally if a token was requested but there was an error while figuring out if it's allowed, do it anyway ->thenIfErrored(function() use ($confirmationTokenChain){ if ($confirmationTokenChain->reloadRequired()) { $confirmationTokenChain->reloadWithToken(); } }) ->execute(); global $databaseConfig; // Redirect to the installer if no database is selected if(!isset($databaseConfig) || !isset($databaseConfig['database']) || !$databaseConfig['database']) { if(!file_exists(BASE_PATH . '/install.php')) { header($_SERVER['SERVER_PROTOCOL'] . " 500 Server Error"); die('SilverStripe Framework requires a $databaseConfig defined.'); } $s = (isset($_SERVER['SSL']) || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')) ? 's' : ''; $installURL = "http$s://" . $_SERVER['HTTP_HOST'] . BASE_URL . '/install.php'; // The above dirname() will equate to "\" on Windows when installing directly from http://localhost (not using // a sub-directory), this really messes things up in some browsers. Let's get rid of the backslashes $installURL = str_replace('\\', '', $installURL); header("Location: $installURL"); die(); } // Direct away - this is the "main" function, that hands control to the appropriate controller DataModel::set_inst(new DataModel()); Director::direct($url, DataModel::inst());