lindeas
/
jilo-web
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases 7 Wiki Activity

Fixes index to allow plugins to have their own allowed/public urls

main
Yasen Pramatarov 2026-01-23 13:17:37 +02:00
parent 0ef061de56
commit c418337736
1 changed files with 19 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
public_html/index.php
View File

@ -112,13 +112,6 @@ if (!isset($page)) {
$page = 'dashboard';
}
// List of pages that don't require authentication
$public_pages = ['login', 'register', 'help', 'about', 'theme-asset', 'plugin-asset'];
// Let plugins filter/extend public_pages
$public_pages = filter_public_pages($public_pages);
$public_pages = PluginRouteRegistry::injectPublicPages($public_pages);
// Middleware pipeline for security, sanitization & CSRF
require_once APP_PATH . 'core/MiddlewarePipeline.php';
$pipeline = new \App\Core\MiddlewarePipeline();
@ -142,6 +135,24 @@ App::set('feedback', $system_messages);
require APP_PATH . 'includes/errors.php';
// Connect to DB via DatabaseConnector (before loading plugins so their hooks are available)
require_once APP_PATH . 'core/DatabaseConnector.php';
use App\Core\DatabaseConnector;
$db = DatabaseConnector::connect($config);
App::set('db', $db);
// Load enabled plugins (register routes/hooks) before applying public/allowed filters
$plugins_dir = dirname(__DIR__) . '/plugins/';
$enabled_plugins = PluginManager::load($plugins_dir);
$GLOBALS['enabled_plugins'] = $enabled_plugins;
// List of pages that don't require authentication
$public_pages = ['login', 'register', 'help', 'about', 'theme-asset', 'plugin-asset'];
// Let plugins filter/extend public_pages
$public_pages = filter_public_pages($public_pages);
$public_pages = PluginRouteRegistry::injectPublicPages($public_pages);
// list of available pages
// edit accordingly, add 'pages/PAGE.php'
$allowed_urls = [
@ -159,7 +170,7 @@ $allowed_urls = [
$allowed_urls = filter_allowed_urls($allowed_urls);
$allowed_urls = PluginRouteRegistry::injectAllowedPages($allowed_urls);
// Dispatch routing and auth
// Dispatch routing and auth (after plugins added public/allowed entries)
require_once APP_PATH . 'core/Router.php';
use App\Core\Router;
$currentUser = Router::checkAuth($config, $app_root, $public_pages, $page);
@ -167,17 +178,6 @@ if ($currentUser === null && $validSession) {
$currentUser = Session::getUsername();
}
// Connect to DB via DatabaseConnector
require_once APP_PATH . 'core/DatabaseConnector.php';
use App\Core\DatabaseConnector;
$db = DatabaseConnector::connect($config);
App::set('db', $db);
// Load enabled plugins (we need this after DB connection is established)
$plugins_dir = dirname(__DIR__) . '/plugins/';
$enabled_plugins = PluginManager::load($plugins_dir);
$GLOBALS['enabled_plugins'] = $enabled_plugins;
// Initialize Log throttler
require_once APP_PATH . 'core/LogThrottler.php';
use App\Core\LogThrottler;