From d65b7bcc55852b24e54d45a7c745210215bea019 Mon Sep 17 00:00:00 2001 From: Yasen Pramatarov Date: Tue, 17 Jun 2025 12:23:13 +0300 Subject: [PATCH] Fixes index to work with latest session and config changes --- public_html/index.php | 82 +++++++++++++++++++++++++++---------------- 1 file changed, 52 insertions(+), 30 deletions(-) diff --git a/public_html/index.php b/public_html/index.php index 5e22ac0..aa5da5c 100644 --- a/public_html/index.php +++ b/public_html/index.php @@ -16,17 +16,34 @@ //ini_set('display_startup_errors', 1); //error_reporting(E_ALL); +// Prepare config loader +require_once __DIR__ . '/../app/core/ConfigLoader.php'; +use App\Core\ConfigLoader; + +// Load configuration +$config = ConfigLoader::loadConfig([ + __DIR__ . '/../app/config/jilo-web.conf.php', + __DIR__ . '/../jilo-web.conf.php', + '/srv/jilo-web/jilo-web.conf.php', + '/opt/jilo-web/jilo-web.conf.php', +]); + +// Make config available globally +$GLOBALS['config'] = $config; + +// Expose config file path for pages +$config_file = ConfigLoader::getConfigPath(); +$localConfigPath = str_replace(__DIR__ . '/..', '', $config_file); + +// Set app root with default +$app_root = $config['folder'] ?? '/'; + // Preparing plugins and hooks -// Initialize HookDispatcher and plugin system require_once __DIR__ . '/../app/core/HookDispatcher.php'; require_once __DIR__ . '/../app/core/PluginManager.php'; use App\Core\HookDispatcher; use App\Core\PluginManager; -// Initialize themes system -require_once __DIR__ . '/../app/helpers/theme.php'; -use app\Helpers\Theme; - // Global allowed URLs registration register_hook('filter_allowed_urls', function($urls) { if (isset($GLOBALS['plugin_controllers']) && is_array($GLOBALS['plugin_controllers'])) { @@ -72,6 +89,11 @@ ob_start(); // Start session before any session-dependent code require_once '../app/classes/session.php'; + +// Initialize themes system after session is started +require_once __DIR__ . '/../app/helpers/theme.php'; +use app\Helpers\Theme; + Session::startSession(); // Define page variable early via sanitize @@ -81,6 +103,12 @@ if (!isset($page)) { $page = 'dashboard'; } +// List of pages that don't require authentication +$public_pages = ['login', 'help', 'about']; + +// Let plugins filter/extend public_pages +$public_pages = filter_public_pages($public_pages); + // Middleware pipeline for security, sanitization & CSRF require_once __DIR__ . '/../app/core/MiddlewarePipeline.php'; $pipeline = new \App\Core\MiddlewarePipeline(); @@ -90,11 +118,18 @@ $pipeline->add(function() { return true; }); -// Check session validity -$validSession = Session::isValidSession(); +// For public pages, we don't need to validate the session +// The Router will handle authentication for protected pages +$validSession = false; +$userId = null; -// Get user ID early if session is valid -$userId = $validSession ? Session::getUserId() : null; +// Only check session for non-public pages +if (!in_array($page, $public_pages)) { + $validSession = Session::isValidSession(true); + if ($validSession) { + $userId = Session::getUserId(); + } +} // Initialize feedback message system require_once '../app/classes/feedback.php'; @@ -118,27 +153,7 @@ $allowed_urls = [ // Let plugins filter/extend allowed_urls $allowed_urls = filter_allowed_urls($allowed_urls); -require_once __DIR__ . '/../app/core/ConfigLoader.php'; -use App\Core\ConfigLoader; - -// Load configuration -$config = ConfigLoader::loadConfig([ - __DIR__ . '/../app/config/jilo-web.conf.php', - __DIR__ . '/../jilo-web.conf.php', - '/srv/jilo-web/jilo-web.conf.php', - '/opt/jilo-web/jilo-web.conf.php', -]); -// Expose config file path for pages -$config_file = ConfigLoader::getConfigPath(); -$localConfigPath = str_replace(__DIR__ . '/..', '', $config_file); - -$app_root = $config['folder']; - -// List of pages that don't require authentication -$public_pages = ['login', 'help', 'about']; - -// Let plugins filter/extend public_pages -$public_pages = filter_public_pages($public_pages); +// Config and app_root are now set at the top of the file // Dispatch routing and auth require_once __DIR__ . '/../app/core/Router.php'; @@ -210,12 +225,19 @@ $platformDetails = $platformObject->getPlatformDetails($platform_id); // logout is a special case, as we can't use session vars for notices if ($page == 'logout') { + // Save config before destroying session + $savedConfig = $config; + // clean up session Session::destroySession(); // start new session for the login page Session::startSession(); + // Restore config to global scope + $config = $savedConfig; + $GLOBALS['config'] = $config; + setcookie('username', "", time() - 100, $config['folder'], $config['domain'], isset($_SERVER['HTTPS']), true); // Log successful logout