2. TLDs for Testing, & Documentation Examples const PLACEHOLDER_IPV6 = '2001:db8::3'; // From RFC3849: IPv6 Address Prefix Reserved for Documentation const PLACEHOLDER_IPV4 = '203.0.113.42'; // From RFC5737: IPv4 Address Blocks Reserved for Documentation if ($_SERVER['REQUEST_URI'] === '/sftpgo-auth.php') return; $pageAddress = substr($_SERVER['REQUEST_URI'], strlen(CONF['common']['prefix']) + 1); if (strpos($pageAddress, '?') !== false) { parse_str(substr($pageAddress, strpos($pageAddress, '?') + 1), $_GET); $pageAddress = substr($pageAddress, 0, strpos($pageAddress, '?')); } define('PAGE_URL', $pageAddress); define('PAGE_ADDRESS', $pageAddress . ((substr($pageAddress, -1) === '/' OR $pageAddress === '') ? 'index' : '')); define('PAGE_LINEAGE', explode('/', PAGE_ADDRESS)); define('SERVICE', dirname(PAGE_ADDRESS)); define('PAGE', basename(PAGE_ADDRESS, '.php')); function getPageInformations($pages, $pageElements) { if (!isset($pages['index']) OR $pageElements[0] === 'index') return [ 'titles_lineage' => [$pages[$pageElements[0]]['title'] ?? false], 'page_metadata' => $pages[$pageElements[0]] ?? NULL ]; $result = $pages['index']['title']; if (!isset($pageElements[1])) unset($pages['index']); else $pages = $pages[array_shift($pageElements)] ?? false; $results = getPageInformations($pages, $pageElements); $results['titles_lineage'][] = $result; return $results; } $pageInformations = getPageInformations(PAGES, PAGE_LINEAGE); define('TITLES_LINEAGE', array_reverse($pageInformations['titles_lineage'])); define('PAGE_METADATA', $pageInformations['page_metadata']); if (!TITLES_LINEAGE[array_key_last(TITLES_LINEAGE)]) { http_response_code(404); exit('Page not found.'); } const SESSION_COOKIE_NAME = 'niver-session-key'; if ( isset($_COOKIE[SESSION_COOKIE_NAME]) // Resume session OR (isset($_POST['username']) AND in_array(PAGE_URL, ['auth/login', 'auth/register'])) // Start new session ) { session_start([ 'name' => SESSION_COOKIE_NAME, 'sid_length' => 64, 'sid_bits_per_character' => 6, 'cookie_secure' => true, 'cookie_httponly' => true, 'cookie_samesite' => 'Strict', 'cookie_path' => CONF['common']['prefix'] . '/', 'cookie_lifetime' => 432000, // = 60*60*24*5 = 5 days 'gc_maxlifetime' => 10800, 'use_strict_mode' => true, 'use_cookies' => true, 'use_only_cookies' => true, ]); } ?> > <?php foreach(array_reverse(TITLES_LINEAGE) as $id => $title) echo strip_tags($title) . (array_key_last(TITLES_LINEAGE) === $id ? '' : ' < '); ?> ' . LF; ?>

👤 ' : '' ?> Se déconnecter Anonyme Se connecter

Sec-Fetch-Site HTTP header is required when submitting a POST request to prevent Cross-Site Request Forgery (CSRF).'); if ($_SERVER['HTTP_SEC_FETCH_SITE'] !== 'same-origin') output(403, 'The Sec-Fetch-Site HTTP header must be same-origin when submitting a POST request to prevent Cross-Site Request Forgery (CSRF).'); } if (isset($_SERVER['SERVER_NAME']) !== true) output(500, 'Missing $_SERVER[\'SERVER_NAME\']'); if (in_array($_SERVER['SERVER_NAME'], CONF['common']['public_domains'], true) !== true) output(500, 'The current server name is not allowed in configuration.'); define('SERVER_NAME', $_SERVER['SERVER_NAME']); function displayFinalMessage() { global $final_message; echo $final_message ?? ''; $final_message = NULL; } function executePage() { require 'pages/' . PAGE_ADDRESS . '.php'; displayFinalMessage(); ?>