suk-ws.sync/ph-Bookshelf
1
0
Fork 0
mirror of https://github.com/suk-ws/ph-Bookshelf.git synced 2025-02-24 07:00:51 +08:00
Code Issues Releases Activity

fix file read out of website root

Browse Source
This commit is contained in:
A.C.Sukazyo Eyre 2023-04-04 21:08:08 +08:00
parent f92d488b6e
commit b4badd5fb0
Signed by: Eyre_S
GPG Key ID: C17CE40291207874
8 changed files with 109 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
index.php
View File

@ -6,6 +6,8 @@ require "./vendor/autoload.php";
use SukWs\Bookshelf\Data\PageMeta; use SukWs\Bookshelf\Data\PageMeta;
use SukWs\Bookshelf\Data\SiteConfig\RobotsPolicy; use SukWs\Bookshelf\Data\SiteConfig\RobotsPolicy;
use SukWs\Bookshelf\Data\SiteMeta; use SukWs\Bookshelf\Data\SiteMeta;
use SukWs\Bookshelf\Resource\Assets;
use SukWs\Bookshelf\Resource\Data;
use SukWs\Bookshelf\Utils\PageParse; use SukWs\Bookshelf\Utils\PageParse;
use SukWs\Bookshelf\Web\Main; use SukWs\Bookshelf\Web\Main;
@ -26,11 +28,11 @@ try {
switch ($policy) { switch ($policy) {
case RobotsPolicy::allow: case RobotsPolicy::allow:
exit(file_get_contents("./assets/robots.allow")); exit(Assets::get("robots.allow")->get_content());
case RobotsPolicy::deny: case RobotsPolicy::deny:
exit(file_get_contents("./assets/robots.deny")); exit(Assets::get("robots.deny")->get_content());
case RobotsPolicy::file: case RobotsPolicy::file:
exit(file_get_contents("./data/robots.txt")); exit(Data::get("./data/robots.txt")->get_content());
case RobotsPolicy::raw: case RobotsPolicy::raw:
exit(SiteMeta::getConfigurationLevelShelf("site.robots")); exit(SiteMeta::getConfigurationLevelShelf("site.robots"));
} }

10
src/Data/PageMeta.php
View File

@ -6,6 +6,7 @@ use Exception;
use SukWs\Bookshelf\Data\SiteConfig\ConfigName; use SukWs\Bookshelf\Data\SiteConfig\ConfigName;
use SukWs\Bookshelf\Element\BookContent\BookContented; use SukWs\Bookshelf\Element\BookContent\BookContented;
use SukWs\Bookshelf\Element\BookContent\Page; use SukWs\Bookshelf\Element\BookContent\Page;
use SukWs\Bookshelf\Resource\Data;
use SukWs\Bookshelf\Utils\Markdown\Markdown; use SukWs\Bookshelf\Utils\Markdown\Markdown;
use SukWs\Bookshelf\Utils\PageParse; use SukWs\Bookshelf\Utils\PageParse;
use SukWs\Bookshelf\Utils\RequestNotExistException; use SukWs\Bookshelf\Utils\RequestNotExistException;
@ -45,7 +46,8 @@ class PageMeta {
} else { } else {
self::$page_id = $uri[1]; self::$page_id = $uri[1];
} }
if ($content = @file_get_contents(self::getPagePath("md"))) { if ($data = Data::get(self::getPagePath("md"))) {
if ($content = $data->get_content())
self::$page_data = (new Markdown())->parse($content); self::$page_data = (new Markdown())->parse($content);
} else { } else {
return false; return false;
@ -89,9 +91,9 @@ class PageMeta {
} }
public static function prismTheme (): string { public static function prismTheme (): string {
$theme = trim(self::getConfigurationLevelPage(ConfigName::prism_theme)); $theme = self::getConfigurationLevelPage(ConfigName::prism_theme);
if (empty($theme)) return "prism-material-light"; if (empty($theme)) return "prism-material-light";
return $theme; return trim($theme);
} }
/** /**
@ -115,7 +117,7 @@ class PageMeta {
} }
public static function getPagePath (?string $extension = null): string { public static function getPagePath (?string $extension = null): string {
return "./data/" . self::$bookId . "/" . self::$page_id . ($extension == null ? "" : ".".$extension); return self::$bookId . "/" . self::$page_id . ($extension == null ? "" : ".".$extension);
} }
} }

14
src/Data/SiteMeta.php
View File

@ -6,6 +6,8 @@ use Exception;
use SukWs\Bookshelf\Data\SiteConfig\ConfigName; use SukWs\Bookshelf\Data\SiteConfig\ConfigName;
use SukWs\Bookshelf\Data\SiteConfig\RobotsPolicy; use SukWs\Bookshelf\Data\SiteConfig\RobotsPolicy;
use SukWs\Bookshelf\Element\Bookshelf; use SukWs\Bookshelf\Element\Bookshelf;
use SukWs\Bookshelf\Resource\Assets;
use SukWs\Bookshelf\Resource\Data;
class SiteMeta { class SiteMeta {
@ -23,7 +25,7 @@ class SiteMeta {
* @throws Exception * @throws Exception
*/ */
public static function load (): void { public static function load (): void {
self::$BOOKSHELF = Bookshelf::parseString(file_get_contents("./data/bookshelf.xml")); self::$BOOKSHELF = Bookshelf::parseString(Data::get("bookshelf.xml")->get_content());
} }
public static function getBookshelf(): Bookshelf { public static function getBookshelf(): Bookshelf {
@ -80,13 +82,15 @@ class SiteMeta {
} }
public static function getCustomCssContent (string $id): string { public static function getCustomCssContent (string $id): string {
if (!file_exists("./data/$id.css")) return ""; $assets = Data::get($id.".css");
return file_get_contents("./data/$id.css"); if ($assets === false) return "";
else return $assets->get_content();
} }
public static function getCustomScriptContent (string $id): string { public static function getCustomScriptContent (string $id): string {
if (!file_exists("./data/$id.js")) return ""; $assets = Data::get($id.".js");
return file_get_contents("./data/$id.js"); if ($assets === false) return "";
else return $assets->get_content();
} }
public static function getUserThemes (): string { public static function getUserThemes (): string {

3
src/Element/Book.php
View File

@ -6,6 +6,7 @@ use SukWs\Bookshelf\Data\PageMeta;
use DOMNode; use DOMNode;
use SukWs\Bookshelf\Element\BookContent\BookContented; use SukWs\Bookshelf\Element\BookContent\BookContented;
use Exception; use Exception;
use SukWs\Bookshelf\Resource\Data;
class Book { class Book {
@ -79,7 +80,7 @@ class Book {
* @throws Exception * @throws Exception
*/ */
public function getContentedNode (): BookContented { public function getContentedNode (): BookContented {
return BookContented::parseString(file_get_contents("./data/$this->id/book.xml")); return BookContented::parseString(Data::get($this->id."/book.xml")->get_content());
} }
} }

35
src/Resource/Assets.php Normal file
View File

@ -0,0 +1,35 @@
<?php
namespace SukWs\Bookshelf\Resource;
class Assets {
private const root = './assets/';
private readonly string $path;
private function __construct ($path) {
$this->path = $path;
}
public function get_content(): string|false {
return file_get_contents($this->path);
}
public static function get(string $id): Assets|false {
$path = realpath(self::root.$id);
if ($path !== false && self::checkSafety($path)) {
return new Assets($path);
}
return false;
}
private static function getRealRootPath(): string {
return realpath(self::root);
}
private static function checkSafety (string $checked): bool {
return str_starts_with(realpath($checked), self::getRealRootPath());
}
}

35
src/Resource/Data.php Normal file
View File

@ -0,0 +1,35 @@
<?php
namespace SukWs\Bookshelf\Resource;
class Data {
private const root = './data/';
private readonly string $path;
private function __construct ($path) {
$this->path = $path;
}
public function get_content(): string {
return file_get_contents($this->path);
}
public static function get(string $id): Data|false {
$path = realpath(self::root.$id);
if ($path !== false && self::checkSafety($path)) {
return new Data($path);
}
return false;
}
private static function getRealRootPath(): string {
return realpath(self::root);
}
private static function checkSafety (string $checked): bool {
return str_starts_with(realpath($checked), self::getRealRootPath());
}
}

14
src/Resource/Resource.php Normal file
View File

@ -0,0 +1,14 @@
<?php
namespace SukWs\Bookshelf\Resource;
class Resource {
public static function getRealRootPath (): string {
return realpath("./");
}
public static function checkSafety (string $checked): bool {
return str_starts_with(realpath($checked), self::getRealRootPath());
}
}

4
src/Utils/PageParse.php
View File

@ -2,6 +2,8 @@
namespace SukWs\Bookshelf\Utils; namespace SukWs\Bookshelf\Utils;
use SukWs\Bookshelf\Resource\Resource;
class PageParse { class PageParse {
/** /**
@ -20,7 +22,7 @@ class PageParse {
// 将utf8编码转换成gbk编码否则中文名称的文件无法打开 // 将utf8编码转换成gbk编码否则中文名称的文件无法打开
// $filePath = iconv('UTF-8', 'gbk', $filePath); // $filePath = iconv('UTF-8', 'gbk', $filePath);
// 检查文件是否可读 // 检查文件是否可读
if (!is_file($filePath) || !is_readable($filePath)) { if (!is_file($filePath) || !is_readable($filePath) || !Resource::checkSafety($filePath)) {
exit("File Can't Read!"); exit("File Can't Read!");
} }
// 判定文件类型 // 判定文件类型