'be', 'api' => 'api', ); if(DEV_MODE) { $selectedArea = $areas[$domainParts[3]] ? $areas[$domainParts[3]] : 'fe'; } else { $selectedArea = $areas[$domainParts[2]] ? $areas[$domainParts[2]] : 'fe'; } try { $system = realpath($selectedArea . '/public/index.php'); $db = realpath("db.php"); define( ROOT, realpath($selectedArea) . '/' ); define( ROOT_PUBLIC, ROOT . '/public/' ); define( ROOT_WORK, ROOT . '/private/' ); define( ROOT_PUBLIC_FE, realpath('fe')."/public/"); define( ROOT_WORK_FE, realpath('fe')."/private/"); //we want to have just the domain, not regarding if we are on a subdomain // e.g. "voodoo-media.de" instead of "admin.voodoo-media.de", etc... if(DEV_MODE) { define(DOMAIN_URL, $domainParts[2].".".$domainParts[1].".".$domainParts[0]); } else { define(DOMAIN_URL, $domainParts[1].".".$domainParts[0]); } //explode by / to get the folders $folderparts = explode("/", $_SERVER['REQUEST_URI']); //always redirect "upload" to the frontend upload folder if($folderparts[1] == "upload") { $requestedFile = ROOT_PUBLIC_FE . $_SERVER['REQUEST_URI']; } else { $requestedFile = ROOT_PUBLIC . $_SERVER['REQUEST_URI']; } $parts = explode("?", $requestedFile, 2); $requestedFile = $parts[0]; $getParameters = $parts[1]; $requestedFile = urldecode($requestedFile); if(strpos($requestedFile, ROOT_PUBLIC) !== false AND strpos($requestedFile, ROOT_PUBLIC_FE) !== false) throw new Exception("Illegal file access."); //determine the real path $requestedFile = realpath($requestedFile); //deliver file only if its no directory and not the root index.php of a system if(_fileExists($requestedFile, false) AND ! is_dir($requestedFile) AND $requestedFile != realpath(ROOT_PUBLIC."/index.php")) { if(preg_match("/^.+\.php$/", $requestedFile)) { chdir(dirname($requestedFile)); require($requestedFile); } else { //set the appropriate header header("Content-Type: "._mime_content_type($requestedFile)); //read the file in 1024 byte chunks and echo it to the client $handle_fd = fopen($requestedFile, "rb"); while(($buf = fread($handle_fd, 1024)) != '') { echo $buf; } fclose($handle_fd); } die; } else if(strpos($requestedFile, ".css") !== false OR strpos($requestedFile, ".js") !== false OR strpos($requestedFile, ".jpg") !== false OR strpos($requestedFile, ".gif") !== false ) { header($_SERVER["SERVER_PROTOCOL"]." 404 Not Found"); exit; } if(_fileExists($db) && _fileExists($system)) { require($db); require($system); } } catch(Exception $e) { die($e->getMessage()); } function _fileExists($file, $die = true) { if(file_exists($file) && is_readable($file)) { return true; } else { if($die) throw new Exception($file . " does not exist."); } } function _mime_content_type($filename) { $mime_types = array( 'txt' => 'text/plain', 'htm' => 'text/html', 'html' => 'text/html', 'php' => 'text/html', 'css' => 'text/css', 'js' => 'application/javascript', 'json' => 'application/json', 'xml' => 'application/xml', 'swf' => 'application/x-shockwave-flash', 'flv' => 'video/x-flv', // images 'png' => 'image/png', 'jpe' => 'image/jpeg', 'jpeg' => 'image/jpeg', 'jpg' => 'image/jpeg', 'gif' => 'image/gif', 'bmp' => 'image/bmp', 'ico' => 'image/vnd.microsoft.icon', 'tiff' => 'image/tiff', 'tif' => 'image/tiff', 'svg' => 'image/svg+xml', 'svgz' => 'image/svg+xml', // archives 'zip' => 'application/zip', 'rar' => 'application/x-rar-compressed', 'exe' => 'application/x-msdownload', 'msi' => 'application/x-msdownload', 'cab' => 'application/vnd.ms-cab-compressed', // audio/video 'mp3' => 'audio/mpeg', 'qt' => 'video/quicktime', 'mov' => 'video/quicktime', // adobe 'pdf' => 'application/pdf', 'psd' => 'image/vnd.adobe.photoshop', 'ai' => 'application/postscript', 'eps' => 'application/postscript', 'ps' => 'application/postscript', // ms office 'doc' => 'application/msword', 'rtf' => 'application/rtf', 'xls' => 'application/vnd.ms-excel', 'ppt' => 'application/vnd.ms-powerpoint', // open office 'odt' => 'application/vnd.oasis.opendocument.text', 'ods' => 'application/vnd.oasis.opendocument.spreadsheet', ); $ext = strtolower(array_pop(explode('.',$filename))); if (array_key_exists($ext, $mime_types)) { return $mime_types[$ext]; } elseif (function_exists('finfo_open')) { $finfo = finfo_open(FILEINFO_MIME); $mimetype = finfo_file($finfo, $filename); finfo_close($finfo); return $mimetype; } else { $mimetype = mime_content_type($filename); return $mimetype; } } ?>