then(function($chain) use ($token){ if (isset($_GET['flush']) && !$token->tokenProvided()) { unset($_GET['flush']); } else { $chain->setSuppression(false); } }) // Then load in core ->then(function(){ require_once('core/Core.php'); }) // Then build the URL (even if Core didn't load beyond setting BASE_URL) ->thenAlways(function(){ global $url; // IIS will sometimes generate this. if(!empty($_SERVER['HTTP_X_ORIGINAL_URL'])) { $_SERVER['REQUEST_URI'] = $_SERVER['HTTP_X_ORIGINAL_URL']; } // Apache rewrite rules use this if (isset($_GET['url'])) { $url = $_GET['url']; // IIS includes get variables in url $i = strpos($url, '?'); if($i !== false) { $url = substr($url, 0, $i); } // Lighttpd uses this } else { if(strpos($_SERVER['REQUEST_URI'],'?') !== false) { list($url, $query) = explode('?', $_SERVER['REQUEST_URI'], 2); parse_str($query, $_GET); if ($_GET) $_REQUEST = array_merge((array)$_REQUEST, (array)$_GET); } else { $url = $_SERVER["REQUEST_URI"]; } } // Remove base folders from the URL if webroot is hosted in a subfolder if (substr(strtolower($url), 0, strlen(BASE_URL)) == strtolower(BASE_URL)) $url = substr($url, strlen(BASE_URL)); }) // Then start up the database ->then(function(){ if (isset($_GET['debug_profile'])) { Profiler::init(); Profiler::mark('all_execution'); Profiler::mark('main.php init'); } require_once('model/DB.php'); global $databaseConfig; if (isset($_GET['debug_profile'])) Profiler::mark('DB::connect'); if ($databaseConfig) DB::connect($databaseConfig); if (isset($_GET['debug_profile'])) Profiler::unmark('DB::connect'); }) // Then if a flush was requested, redirect to it ->then(function($chain) use ($token){ if ($token->parameterProvided() && !$token->tokenProvided()) { // First, check if we're in dev mode, or the database doesn't have any security data $canFlush = Director::isDev() || !Security::database_is_ready(); // Otherwise, we start up the session if needed, then check for admin if (!$canFlush) { if(!isset($_SESSION) && (isset($_COOKIE[session_name()]) || isset($_REQUEST[session_name()]))) { Session::start(); } if (Permission::check('ADMIN')) { $canFlush = true; } else { $loginPage = Director::absoluteURL(Config::inst()->get('Security', 'login_url')); $loginPage .= "?BackURL=" . urlencode($_SERVER['REQUEST_URI']); header('location: '.$loginPage, true, 302); die; } } // And if we can flush, reload with an authority token if ($canFlush) $token->reloadWithToken(); } }) // Finally if a flush was requested but there was an error while figuring out if it's allowed, do it anyway ->thenIfErrored(function() use ($token){ if ($token->parameterProvided() && !$token->tokenProvided()) { $token->reloadWithToken(); } }) ->execute(); // Redirect to the installer if no database is selected if(!isset($databaseConfig) || !isset($databaseConfig['database']) || !$databaseConfig['database']) { if(!file_exists(BASE_PATH . '/install.php')) { die('SilverStripe Framework requires a $databaseConfig defined.'); } $s = (isset($_SERVER['SSL']) || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')) ? 's' : ''; $installURL = "http$s://" . $_SERVER['HTTP_HOST'] . BASE_URL . '/install.php'; // The above dirname() will equate to "\" on Windows when installing directly from http://localhost (not using // a sub-directory), this really messes things up in some browsers. Let's get rid of the backslashes $installURL = str_replace('\\', '', $installURL); header("Location: $installURL"); die(); } if (isset($_GET['debug_profile'])) Profiler::unmark('main.php init'); // Direct away - this is the "main" function, that hands control to the appropriate controller DataModel::set_inst(new DataModel()); Director::direct($url, DataModel::inst()); if (isset($_GET['debug_profile'])) { Profiler::unmark('all_execution'); if(!Director::isLive()) { Profiler::show(isset($_GET['profile_trace'])); } }