index.php line 138

Open in your IDE?
  1. <?php
  2. use Customize\Kernel;
  3. use Eccube\Service\SystemService;
  4. use Symfony\Component\ErrorHandler\Debug;
  5. use Dotenv\Dotenv;
  6. use Symfony\Component\HttpFoundation\Request;
  7. use Symfony\Component\HttpFoundation\IpUtils;
  8. // システム要件チェック
  9. if (version_compare(PHP_VERSION'7.4.0') < 0) {
  10.     die('Your PHP installation is too old. EC-CUBE requires at least PHP 7.4.0. See the <a href="https://doc4.ec-cube.net/quickstart/requirement" target="_blank">system requirements</a> page for more information.');
  11. }
  12. $autoload __DIR__.'/vendor/autoload.php';
  13. if (!file_exists($autoload) && !is_readable($autoload)) {
  14.     die('Composer is not installed.');
  15. }
  16. require $autoload;
  17. // The check is to ensure we don't use .env in production
  18. if (!isset($_SERVER['APP_ENV'])) {
  19.     if (!class_exists(Dotenv::class)) {
  20.         throw new \RuntimeException('APP_ENV environment variable is not defined. You need to define environment variables for configuration or add "symfony/dotenv" as a Composer dependency to load variables from a .env file.');
  21.     }
  22.     if (file_exists(__DIR__.'/.env')) {
  23.         (Dotenv::createUnsafeMutable(__DIR__))->load();
  24.         if (strpos(getenv('DATABASE_URL'), 'sqlite') !== false && !extension_loaded('pdo_sqlite')) {
  25.             (Dotenv::createUnsafeMutable(__DIR__'.env.install'))->load();
  26.         }
  27.     } else {
  28.         (Dotenv::createUnsafeMutable(__DIR__'.env.install'))->load();
  29.     }
  30. }
  31. error_reporting(E_ALL & ~E_DEPRECATED & ~E_USER_DEPRECATED);
  32. $env = isset($_SERVER['APP_ENV']) ? $_SERVER['APP_ENV'] : 'dev';
  33. $debug = isset($_SERVER['APP_DEBUG']) ? $_SERVER['APP_DEBUG'] : ('prod' !== $env);
  34. if ($debug) {
  35.     umask(0000);
  36.     Debug::enable();
  37. }
  38. if (!isset($_SERVER['TRUSTED_PROXIES'])) {
  39.     $_SERVER['TRUSTED_PROXIES'] = getenv('TRUSTED_PROXIES');
  40. }
  41. $trustedProxies = isset($_SERVER['TRUSTED_PROXIES']) ? $_SERVER['TRUSTED_PROXIES'] : false;
  42. if ($trustedProxies) {
  43.     Request::setTrustedProxies(explode(','$trustedProxies), Request::HEADER_X_FORWARDED_ALL Request::HEADER_X_FORWARDED_HOST);
  44. }
  45. $trustedHosts = isset($_SERVER['TRUSTED_HOSTS']) ? $_SERVER['TRUSTED_HOSTS'] : false;
  46. if ($trustedHosts) {
  47.     Request::setTrustedHosts(explode(','$trustedHosts));
  48. }
  49. // リバースプロキシ×SSL接続対応
  50. if (!isset($_SERVER['HTTPS']) || ($https $_SERVER['HTTPS']) !== 'https') {
  51.     try {
  52.         // リバースプロキシ×SSL接続対応: 環境毎の設定
  53.         if (($remoteAddr $_SERVER['REMOTE_ADDR'])) {
  54.             //
  55.             switch (true) {
  56.                 case isset($_SERVER['HTTP_X_AMZN_TRACE_ID']):
  57.                     // Internet --> ELB --> Application (production, staging).
  58.                     Request::setTrustedProxies([
  59.                         '127.0.0.1',
  60.                         $remoteAddr,
  61.                     ], Request::HEADER_X_FORWARDED_AWS_ELB);
  62.                     break;
  63.                 case ($trustedProxies Request::getTrustedProxies())
  64.                   && ($httpXForwardedFor $_SERVER['HTTP_X_FORWARDED_FOR'] ?? $_SERVER['REMOTE_ADDR'])
  65.                   && (IpUtils::checkIp($httpXForwardedFor$trustedProxies)):
  66.                     // Internal network --> nginx-proxy --> Application (production, staging).
  67.                 case ($trustedProxies Request::getTrustedProxies())
  68.                   && ($httpHost $_SERVER['HTTP_HOST'])
  69.                   && (IpUtils::checkIp($httpHost$trustedProxies)):
  70.                     // Internal network --> Application (production, staging).
  71.                     if ((($ua $_SERVER['HTTP_USER_AGENT']) === 'ELB-HealthChecker/2.0')
  72.                         && (IpUtils::checkIp($remoteAddr$trustedProxies))) {
  73.                         // ELB Health Check
  74.                         Request::setTrustedProxies([
  75.                             '127.0.0.1',
  76.                             $remoteAddr,
  77.                         ], Request::HEADER_X_FORWARDED_AWS_ELB);
  78.                         //
  79.                         $_SERVER['HTTP_X_FORWARDED_PROTO'] = 'https';
  80.                         $_SERVER['HTTP_X_FORWARDED_PORT'] = '443';
  81.                     } else {
  82.                         // Internet --> nginx-proxy --> Application (development).
  83.                         Request::setTrustedProxies([
  84.                             '127.0.0.1',
  85.                             $remoteAddr,
  86.                         ], Request::HEADER_X_FORWARDED_ALL Request::HEADER_X_FORWARDED_HOST);
  87.                     }
  88.                     break;
  89.                 default:
  90.                     throw new Exception("trusted proxies verification failed. due to:\n" var_export(compact('trustedProxies''httpXForwardedFor'), true));
  91.             }
  92.         } else {
  93.             throw new Exception("get the server var “REMOTE_ADDR” failed.");
  94.         }
  95.         //
  96.         $_SERVER['HTTPS'] = 'on';
  97.     } catch (Exception $e) {
  98.         error_log("The request is not from trusted proxies. due to:\n" $e->getMessage());
  99.     }
  100. }
  101. $request Request::createFromGlobals();
  102. $maintenanceFile env('ECCUBE_MAINTENANCE_FILE_PATH'__DIR__.'/.maintenance');
  103. if (file_exists($maintenanceFile)) {
  104.     $pathInfo \rawurldecode($request->getPathInfo());
  105.     $adminPath env('ECCUBE_ADMIN_ROUTE''admin');
  106.     $adminPath '/'.\trim($adminPath'/').'/';
  107.     if (\strpos($pathInfo$adminPath) !== 0) {
  108.         $maintenanceContents file_get_contents($maintenanceFile);
  109.         $maintenanceToken explode(':'$maintenanceContents)[1] ?? null;
  110.         $tokenInCookie $request->cookies->get(SystemService::MAINTENANCE_TOKEN_KEY);
  111.         if ($tokenInCookie === null || $tokenInCookie !== $maintenanceToken) {
  112.             $locale env('ECCUBE_LOCALE');
  113.             $templateCode env('ECCUBE_TEMPLATE_CODE');
  114.             $baseUrl \htmlspecialchars(\rawurldecode($request->getBaseUrl()), ENT_QUOTES);
  115.             header('HTTP/1.1 503 Service Temporarily Unavailable');
  116.             require __DIR__.'/maintenance.php';
  117.             return;
  118.         }
  119.     }
  120. }
  121. $kernel = new Kernel($env$debug);
  122. $response $kernel->handle($request);
  123. $response->send();
  124. $kernel->terminate($request$response);