projects/papa-kind-treff.info
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

dsfdsf

Browse Source
This commit is contained in:
Lars Gebhardt-Kusche
2026-01-12 01:12:08 +01:00
parent 2b4ed9d389
commit 7a7e09f6ec
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
public/index.php
View File

@@ -5,7 +5,11 @@ declare(strict_types=1);
require_once __DIR__ . '/../config/fileload.php'; require_once __DIR__ . '/../config/fileload.php';
// Staging-Access-Protection (Basic Auth) // Staging-Access-Protection (Basic Auth)
if (defined('APP_ENV') && APP_ENV === 'staging') { $uriPath = parse_url($_SERVER['REQUEST_URI'] ?? '/', PHP_URL_PATH) ?: '/';
$uriPath = preg_replace('~/{2,}~', '/', $uriPath);
$uriPath = trim($uriPath, '/');
$isRetoolPath = ($uriPath === 'retool' || str_starts_with($uriPath, 'retool/'));
if (defined('APP_ENV') && APP_ENV === 'staging' && !$isRetoolPath) {
$authUser = getenv('STAGING_AUTH_USER') ?: 'staging'; $authUser = getenv('STAGING_AUTH_USER') ?: 'staging';
$authPass = getenv('STAGING_AUTH_PASS') ?: 'staging123'; $authPass = getenv('STAGING_AUTH_PASS') ?: 'staging123';
$user = $_SERVER['PHP_AUTH_USER'] ?? null; $user = $_SERVER['PHP_AUTH_USER'] ?? null;
@@ -18,10 +22,6 @@ if (defined('APP_ENV') && APP_ENV === 'staging') {
} }
} }
$uriPath = parse_url($_SERVER['REQUEST_URI'] ?? '/', PHP_URL_PATH) ?: '/';
$uriPath = preg_replace('~/{2,}~', '/', $uriPath);
$uriPath = trim($uriPath, '/');
// Sicherheitscheck // Sicherheitscheck
if (str_contains($uriPath, '..')) { if (str_contains($uriPath, '..')) {
http_response_code(400); http_response_code(400);