search

Geeklog-Core / geeklog

Geeklog - The Secure CMS.
https://www.geeklog.net
24 stars 19 forks source link

URL routing does not work in an environment without $ _SERVER ['PATH_INFO'] #1055

Closed hirorongl closed 2 years ago

hirorongl commented 4 years ago

URL routing does not work in an environment without $ _SERVER ['PATH_INFO']

hirorongl commented 4 years ago 
---
 system/classes/router.class.php | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/system/classes/router.class.php b/system/classes/router.class.php
index 8f8316578..057207341 100644
--- a/system/classes/router.class.php
+++ b/system/classes/router.class.php
@@ -155,12 +155,21 @@ class Router
             return false;
         }

-        // $_SERVER['PATH_INFO'] is unavailable
-        if (!isset($_SERVER['PATH_INFO']) || empty($_SERVER['PATH_INFO'])) {
+        // $_SERVER['PATH_INFO'] > $_SERVER['SCRIPT_NAME'] is unavailable
+        $pathInfo = '';
+        if (empty($_SERVER['PATH_INFO'])) {
+            $pathInfo = $_SERVER['SCRIPT_NAME'];
+        } else {
+            $pathInfo = $_SERVER['PATH_INFO'];
+        }
+        if (empty($pathInfo)) {
+            if (self::$debug) {
+                COM_errorLog('PATH_INFO and SCRIPT_NAME = (empty)');
+            }
             return false;
         }

-        $pathInfo = COM_applyBasicFilter($_SERVER['PATH_INFO']);
+        $pathInfo = COM_applyBasicFilter($pathInfo);
         // Note: For URL Routing with no "Index.php" and when Geeklog site url has a sub directory the rules in the Route Manager
         // need to be updated to include the sub directory in the rule part only (not the route).
         // At some point we should look into striping the sub directory from the pathinfo for this case only instead of having the Admins do 
--
hirorongl commented 4 years ago

コミット&プルリクエストできなかったのでこちらで報告

eSilverStrike commented 4 years ago

@hirorongl and @mystralkk will doing this break anything in the url.class.php? The url.class.php depends a lot on $_SERVER['PATH_INFO']

Routing is so difficult to test to make sure it works on the most system possible.

hirorongl did you create a new route or are you using one of the preexisting ones? Does this change work with all the URL_Rewrite and url routing options with the items that support them like Articles, Staticpages, Topics (and topic navigation), Links , print pages, etc...

hirorongl commented 4 years ago

Test with staticpages

/admin/router.php

GET | /page/@page | /staticpages/index.php?page=@page
-- | -- | --
hirorongl commented 4 years ago

Apache2: 2.4.25 PHP: 7.4 (PHP-FPM)

Geeklog Configuration Enable URL Rewrite: True Enable URL Routing: Enabled(without "index.php")

.htaccess

<IfModule mod_rewrite.c>
    RewriteEngine On
#    RewriteBase /
    # Directs all Geeklog requests through the site index file
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)$ /index.php?/$1 [L]
</IfModule>

A sample of the contents of $ _SERVER when accessing the following URL with the above settings

URL1) https://dokoka.dom/index.php/page/test

$_SERVER = Array
(
    [PATH] => /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
    [TEMP] => /var/www/clients/client0/web2/tmp
    [TMPDIR] => /var/www/clients/client0/web2/tmp
    [TMP] => /var/www/clients/client0/web2/tmp
    [HOSTNAME] => 
    [USER] => web2
    [HOME] => /var/www/clients/client0/web2
    [PATH_TRANSLATED] => redirect:/index.php/test
    [PATH_INFO] => /page/test
    [SCRIPT_NAME] => /index.php
    [REQUEST_URI] => /index.php/page/test
    [QUERY_STRING] => 
    [REQUEST_METHOD] => GET
    [SERVER_PROTOCOL] => HTTP/1.1
    [GATEWAY_INTERFACE] => CGI/1.1
    [REMOTE_PORT] => 60223
    [SCRIPT_FILENAME] => /var/www/clients/client0/web2/web/index.php
    [SERVER_ADMIN] => webmaster@dokoka.dom
    [CONTEXT_DOCUMENT_ROOT] => /var/www/clients/client0/web2/web
    [CONTEXT_PREFIX] => 
    [REQUEST_SCHEME] => https
    [DOCUMENT_ROOT] => /var/www/clients/client0/web2/web
    [REMOTE_ADDR] => 11.22.33.44
    [SERVER_PORT] => 443
    [SERVER_ADDR] => 10.1.2.79
    [SERVER_NAME] => dokoka.dom
    [SERVER_SOFTWARE] => Apache
    [SERVER_SIGNATURE] => 
    [HTTP_UPGRADE_INSECURE_REQUESTS] => 1
    [HTTP_COOKIE] => theme=denim_three; language=japanese_utf-8; timezone=Asia%2FTokyo; gl_session=12204771; GLSESSION=p286vj251m0d8acjst6c8et4c45hqdh1qv15ia3f; geeklog=bc094d45df0b5738d101f6441c22add99a146a6a
    [HTTP_CONNECTION] => keep-alive
    [HTTP_ACCEPT_ENCODING] => gzip, deflate, br
    [HTTP_ACCEPT_LANGUAGE] => ja,en-US;q=0.7,en;q=0.3
    [HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
    [HTTP_USER_AGENT] => Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0
    [HTTP_HOST] => dokoka.dom
    [proxy-nokeepalive] => 1
    [SSL_TLS_SNI] => dokoka.dom
    [HTTPS] => on
    [SCRIPT_URI] => https://dokoka.dom/index.php/page/test
    [SCRIPT_URL] => /index.php/page/test
    [FCGI_ROLE] => RESPONDER
    [PHP_SELF] => /index.php/page/test
    [REQUEST_TIME_FLOAT] => 1586166562.8674
    [REQUEST_TIME] => 1586166562
)

URL2) https://dokoka.dom/page/test

$_SERVER = Array
(
    [PATH] => /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
    [TEMP] => /var/www/clients/client0/web2/tmp
    [TMPDIR] => /var/www/clients/client0/web2/tmp
    [TMP] => /var/www/clients/client0/web2/tmp
    [HOSTNAME] => 
    [USER] => web2
    [HOME] => /var/www/clients/client0/web2
    [SCRIPT_NAME] => /index.php
    [REQUEST_URI] => /page/test
    [QUERY_STRING] => /page/test
    [REQUEST_METHOD] => GET
    [SERVER_PROTOCOL] => HTTP/1.1
    [GATEWAY_INTERFACE] => CGI/1.1
    [REDIRECT_QUERY_STRING] => /page/test
    [REDIRECT_URL] => /page/test
    [REMOTE_PORT] => 62045
    [SCRIPT_FILENAME] => /var/www/clients/client0/web2/web/index.php
    [SERVER_ADMIN] => webmaster@dokoka.dom
    [CONTEXT_DOCUMENT_ROOT] => /var/www/clients/client0/web2/web
    [CONTEXT_PREFIX] => 
    [REQUEST_SCHEME] => https
    [DOCUMENT_ROOT] => /var/www/clients/client0/web2/web
    [REMOTE_ADDR] => 11.22.33.44
    [SERVER_PORT] => 443
    [SERVER_ADDR] => 10.1.2.79
    [SERVER_NAME] => dokoka.dom
    [SERVER_SOFTWARE] => Apache
    [SERVER_SIGNATURE] => 
    [HTTP_UPGRADE_INSECURE_REQUESTS] => 1
    [HTTP_COOKIE] => theme=denim_three; language=japanese_utf-8; timezone=Asia%2FTokyo; gl_session=12204771; GLSESSION=p286vj251m0d8acjst6c8et4c45hqdh1qv15ia3f; geeklog=bc094d45df0b5738d101f6441c22add99a146a6a
    [HTTP_CONNECTION] => keep-alive
    [HTTP_ACCEPT_ENCODING] => gzip, deflate, br
    [HTTP_ACCEPT_LANGUAGE] => ja,en-US;q=0.7,en;q=0.3
    [HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
    [HTTP_USER_AGENT] => Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0
    [HTTP_HOST] => dokoka.dom
    [proxy-nokeepalive] => 1
    [SSL_TLS_SNI] => dokoka.dom
    [HTTPS] => on
    [SCRIPT_URI] => https://dokoka.dom/page/test
    [SCRIPT_URL] => /page/test
    [REDIRECT_STATUS] => 200
    [REDIRECT_SSL_TLS_SNI] => dokoka.dom
    [REDIRECT_HTTPS] => on
    [REDIRECT_SCRIPT_URI] => https://dokoka.dom/page/test
    [REDIRECT_SCRIPT_URL] => /page/test
    [FCGI_ROLE] => RESPONDER
    [PHP_SELF] => /index.php
    [REQUEST_TIME_FLOAT] => 1586166661.149
    [REQUEST_TIME] => 1586166661
)
hirorongl commented 4 years ago

fix patch SCRIPT_NAME -> REQUEST_URI ?

eSilverStrike commented 4 years ago

That looks like it could be an option. Use REQUEST_URI when PATH_INFO is not available. It looks like REQUEST_URI should be available in all cases???

The last time I tested this code I had it working for the Geeklog.net apache server along with IIS using the included .htaccess and web.config files. Any changes we make we will have to to test on these systems as well to make sure it all works.

I tried to document everything as best I could in the docs: https://www.geeklog.net/docs/english/config.html#url-routing

It was really time consuming to test all combinations of the config settings along with the different web environment. Every little change I did to the code I ended up having to retest all the config options for URL_REWRITE And URL_Routing along with actually testing it for Articles, Staticpages, etc... etc..

Take a look at COM_getCurrentURL in lib-common. Maybe we can create a similar function that can be used by the router class and URL class, to either get the path_info or create it?

eSilverStrike commented 4 years ago

So looked into this a bit more.... The main code for retrieving variables that makes URL Rewrite and Routing work we would need to also modify the getArguments function found in the URL Class (along with the Dispatch function for the Router Class).

These require several global variables which are used depending on how the Apache or IIS web server is setup to retrieve the url variables passed via the URL.

$_SERVER['PATH_INFO'] $_ENV['ORIG_PATH_INFO'] $_SERVER['ORIG_PATH_INFO'] $_SERVER['SCRIPT_NAME']

I tried to find a solution online but didn't have much luck yet. I did find this get_path_info function though which could be a start:

https://github.com/osTicket/osTicket/issues/4090

This will probably be a complicated process to figure out for different webservers. I wonder if we should push this to Geeklgo 2.2.2 instead of trying to fit it into Geeklog 2.2.1sr1. (which should be released soon)

mystralkk commented 2 years ago

Tried to fix this issue with change set 58d56c1c61557e934c5d63d5e66f6e29d8281e6d

eSilverStrike commented 2 years ago

@hirorongl Are you able to test this fix?

eSilverStrike commented 2 years ago

@hirorongl hopefully you can confirm this soon. Thanks

eSilverStrike commented 2 years ago

Closing issue. Assumed fixed. Can be reopened if needed.