Fixed basepath bug and added security tips
This commit is contained in:
Chris
parent
140681593c
commit
f3d7866b37
16
Route.php
16
Route.php
|
|
@ -39,15 +39,9 @@ class Route{
|
|||
|
||||
foreach(self::$routes as $route){
|
||||
|
||||
if(Config::get('basepath')){
|
||||
|
||||
//Add / if its not empty
|
||||
if($route['expression']!=''){
|
||||
$route['expression'] = '/'.$route['expression'];
|
||||
}
|
||||
|
||||
//Add basepath to matching string
|
||||
if(Config::get('basepath')&&Config::get('basepath')!=''&&Config::get('basepath')!='/'){
|
||||
$route['expression'] = '('.Config::get('basepath').')'.$route['expression'];
|
||||
|
||||
}
|
||||
|
||||
//Add 'find string start' automatically
|
||||
|
|
@ -55,15 +49,15 @@ class Route{
|
|||
|
||||
//Add 'find string end' automatically
|
||||
$route['expression'] = $route['expression'].'$';
|
||||
|
||||
|
||||
//echo $route['expression'].'<br/>';
|
||||
|
||||
|
||||
//check match
|
||||
if(preg_match('#'.$route['expression'].'#',self::$path,$matches)){
|
||||
|
||||
array_shift($matches);//Always remove first element. This contains the whole string
|
||||
|
||||
if(Config::get('basepath')){
|
||||
if(Config::get('basepath')&&Config::get('basepath')!=''&&Config::get('basepath')!='/'){
|
||||
|
||||
array_shift($matches);//Remove Basepath
|
||||
|
||||
|
|
|
|||
23
index.php
23
index.php
|
|
@ -4,8 +4,12 @@
|
|||
include('Config.php');
|
||||
include('Route.php');
|
||||
|
||||
//config
|
||||
Config::set('basepath','/api/v1');
|
||||
//configure basepath
|
||||
|
||||
//If your script lives in the web root folder use a / , leave it empty or do not define this config
|
||||
Config::set('basepath','/');
|
||||
//If your script lives in a subfolder for example you can use the following example
|
||||
//Config::set('basepath','/api/v1');
|
||||
|
||||
//init routing
|
||||
Route::init();
|
||||
|
|
@ -28,7 +32,10 @@ Route::add('/test.html',function(){
|
|||
echo 'Hello from test.html';
|
||||
});
|
||||
|
||||
//complex route with parameter
|
||||
//complex route with parameter
|
||||
//be aware that (.*) will trigger on / too for example: /user/foo/bar/edit
|
||||
//also users could inject mysql-code if you use (.*)
|
||||
//you should better use a saver expression like /user/([0-9]*)/edit or /user/([A-Za-z]*)/edit
|
||||
Route::add('/user/(.*)/edit',function($id){
|
||||
//Do something
|
||||
echo 'Edit user with id '.$id.'<br/>';
|
||||
|
|
@ -52,16 +59,6 @@ Route::add('/(.*)/(.*)/(.*)/(.*)',function($var1,$var2,$var3,$var4){
|
|||
echo 'You have entered: '.$var1.' / '.$var2.' / '.$var3.' / '.$var4.'<br/>';
|
||||
});
|
||||
|
||||
Route::add('/api/v1/deployment/(.*)',function($id){
|
||||
//Do something
|
||||
echo $id;
|
||||
});
|
||||
|
||||
Route::add('/deployment/(.*)',function($id){
|
||||
//Do something
|
||||
echo $id;
|
||||
});
|
||||
|
||||
//Add a 404 Not found Route
|
||||
Route::add404(function($url){
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user