0xjjpa · August 9, 2012 14:24
diff --git a/index.php b/index.php
 <?php

 /**
 * xBoilerplate: Xodoa Boilerplate
 *
 * @category xBoilerPlate
 * @package  Xodoa
 * @copyright Copyright (c) 2007-2012 Xodoa (http://xodoa.com)
 * @author   Nicolas Ruflin <[email protected]>
 */

 ini_set('error_log', dirname(__DIR__) . '/tmp/error.log');

 error_reporting(E_ALL|E_STRICT);

 // adds elasticsearch to the include path
 set_include_path(get_include_path() . PATH_SEPARATOR . realpath(dirname(__FILE__) . '/../lib'));

 function xodoa_autoload($class) {
 	$file = str_replace('_', '/', $class) . '.php';
 	require_once $file;
 }

 //spl_autoload_register('xodoa_autoload');

 include('../vendor/centralway/xBoilerplate/autoload.php');

 $content = '';
 try {

    if ($_SERVER['REDIRECT_URL']){
        $uri = parse_url($_SERVER['REDIRECT_URL']);
    } else {
        $uri = parse_url($_SERVER['REQUEST_URI']);
    }
 	$xBoilerplate = xBoilerplate::getInstance()->pageStart($uri['path'], $_GET, __DIR__);

 	/**
 	 * if is a request to the API we don't need to render anything
 	 * we just need to go directly to the API and it will do the rest
 	 */
 	if (substr($uri['path'], 1,3) == 'api') {
 		require_once('page/api.php');
 	} else if (substr($uri['path'], 1,3) == 'css') {
 		// Load css
 		header('Content-Type: text/css');
 		$content = $xBoilerplate->loadCss(substr($uri['path'], 5));
 	} else if (substr($uri['path'], 1,2) == 'js') {
 		// load js
 		header('Content-Type: text/javascript');
 		$content = $xBoilerplate->loadJs(substr($uri['path'], 4));
 	} else {
 		//Exclude URL Paths, that don't require login -> HACKED
        if(strpos($uri['path'],"browser-check") !== false || 
        	strpos($uri['path'],"screens") !== false || 
        	strpos($uri['path'],"tools") !== false || 
        	$xBoilerplate->_page == 'login') {
            $content = $xBoilerplate->render();
        } else {
 			//gets the login singleton
 			$login = My_Login_Login::getInstance();

            //if the user is loged in renders normaly
            if ($login->isLogedin()) {
                $content = $xBoilerplate->render();
            }
            //renders the login page
            else {
 				header('Location: http://' . $_SERVER['HTTP_HOST'] . '/login');
            }
        }



 	}
 } catch(Exception $e) {
 	error_log(print_r($e, true));
 }

 echo $content;
	<?php

	/**
	* xBoilerplate: Xodoa Boilerplate
	*
	* @category xBoilerPlate
	* @package Xodoa
	* @copyright Copyright (c) 2007-2012 Xodoa (http://xodoa.com)
	* @author Nicolas Ruflin <[email protected]>
	*/

	ini_set('error_log', dirname(__DIR__) . '/tmp/error.log');

	error_reporting(E_ALL\|E_STRICT);

	// adds elasticsearch to the include path
	set_include_path(get_include_path() . PATH_SEPARATOR . realpath(dirname(__FILE__) . '/../lib'));

	function xodoa_autoload($class) {
	$file = str_replace('_', '/', $class) . '.php';
	require_once $file;
	}

	//spl_autoload_register('xodoa_autoload');

	include('../vendor/centralway/xBoilerplate/autoload.php');

	$content = '';
	try {

	if ($_SERVER['REDIRECT_URL']){
	$uri = parse_url($_SERVER['REDIRECT_URL']);
	} else {
	$uri = parse_url($_SERVER['REQUEST_URI']);
	}
	$xBoilerplate = xBoilerplate::getInstance()->pageStart($uri['path'], $_GET, __DIR__);

	/**
	* if is a request to the API we don't need to render anything
	* we just need to go directly to the API and it will do the rest
	*/
	if (substr($uri['path'], 1,3) == 'api') {
	require_once('page/api.php');
	} else if (substr($uri['path'], 1,3) == 'css') {
	// Load css
	header('Content-Type: text/css');
	$content = $xBoilerplate->loadCss(substr($uri['path'], 5));
	} else if (substr($uri['path'], 1,2) == 'js') {
	// load js
	header('Content-Type: text/javascript');
	$content = $xBoilerplate->loadJs(substr($uri['path'], 4));
	} else {
	//Exclude URL Paths, that don't require login -> HACKED
	if(strpos($uri['path'],"browser-check") !== false \|\|
	strpos($uri['path'],"screens") !== false \|\|
	strpos($uri['path'],"tools") !== false \|\|
	$xBoilerplate->_page == 'login') {
	$content = $xBoilerplate->render();
	} else {
	//gets the login singleton
	$login = My_Login_Login::getInstance();

	//if the user is loged in renders normaly
	if ($login->isLogedin()) {
	$content = $xBoilerplate->render();
	}
	//renders the login page
	else {
	header('Location: http://' . $_SERVER['HTTP_HOST'] . '/login');
	}
	}



	}
	} catch(Exception $e) {
	error_log(print_r($e, true));
	}

	echo $content;