index.php line 137

Open in your IDE?
  1. <?php
  3. use Customize\Kernel;
  4. use Eccube\Service\SystemService;
  5. use Symfony\Component\ErrorHandler\Debug;
  6. use Dotenv\Dotenv;
  7. use Symfony\Component\HttpFoundation\Request;
  8. use Symfony\Component\HttpFoundation\IpUtils;
  10. // システム要件チェック
  11. if (version_compare(PHP_VERSION'7.4.0') < 0) {
  12.     die('Your PHP installation is too old. EC-CUBE requires at least PHP 7.4.0. See the <a href="https://doc4.ec-cube.net/quickstart/requirement" target="_blank">system requirements</a> page for more information.');
  13. }
  15. $autoload __DIR__.'/vendor/autoload.php';
  17. if (!file_exists($autoload) && !is_readable($autoload)) {
  18.     die('Composer is not installed.');
  19. }
  20. require $autoload;
  22. // The check is to ensure we don't use .env in production
  23. if (!isset($_SERVER['APP_ENV'])) {
  24.     if (!class_exists(Dotenv::class)) {
  25.         throw new \RuntimeException('APP_ENV environment variable is not defined. You need to define environment variables for configuration or add "symfony/dotenv" as a Composer dependency to load variables from a .env file.');
  26.     }
  28.     if (file_exists(__DIR__.'/.env')) {
  29.         (Dotenv::createUnsafeMutable(__DIR__))->load();
  31.         if (strpos(getenv('DATABASE_URL'), 'sqlite') !== false && !extension_loaded('pdo_sqlite')) {
  32.             (Dotenv::createUnsafeMutable(__DIR__'.env.install'))->load();
  33.         }
  34.     } else {
  35.         (Dotenv::createUnsafeMutable(__DIR__'.env.install'))->load();
  36.     }
  37. }
  38. error_reporting(E_ALL & ~E_DEPRECATED & ~E_USER_DEPRECATED);
  40. $env = isset($_SERVER['APP_ENV']) ? $_SERVER['APP_ENV'] : 'dev';
  41. $debug = isset($_SERVER['APP_DEBUG']) ? $_SERVER['APP_DEBUG'] : ('prod' !== $env);
  43. if ($debug) {
  44.     umask(0000);
  46.     Debug::enable();
  47. }
  49. if (!isset($_SERVER['TRUSTED_PROXIES'])) {
  50.     $_SERVER['TRUSTED_PROXIES'] = getenv('TRUSTED_PROXIES');
  51. }
  53. $trustedProxies = isset($_SERVER['TRUSTED_PROXIES']) ? $_SERVER['TRUSTED_PROXIES'] : false;
  54. if ($trustedProxies) {
  55.     Request::setTrustedProxies(explode(','$trustedProxies), Request::HEADER_X_FORWARDED_ALL Request::HEADER_X_FORWARDED_HOST);
  56. }
  58. $trustedHosts = isset($_SERVER['TRUSTED_HOSTS']) ? $_SERVER['TRUSTED_HOSTS'] : false;
  59. if ($trustedHosts) {
  60.     Request::setTrustedHosts(explode(','$trustedHosts));
  61. }
  62. // リバースプロキシ×SSL接続対応
  63. if (!isset($_SERVER['HTTPS']) || ($https $_SERVER['HTTPS']) !== 'https') {
  64.     try {
  65.         // リバースプロキシ×SSL接続対応: 環境毎の設定
  66.         if (($remoteAddr $_SERVER['REMOTE_ADDR'])) {
  67.             //
  68.             switch (true) {
  69.                 case isset($_SERVER['HTTP_X_AMZN_TRACE_ID']):
  70.                     // Internet --> ELB --> Application (production, staging).
  71.                     Request::setTrustedProxies([
  72.                         '127.0.0.1',
  73.                         $remoteAddr,
  74.                     ], Request::HEADER_X_FORWARDED_AWS_ELB);
  75.                     break;
  76.                 case ($trustedProxies Request::getTrustedProxies())
  77.                   && ($httpXForwardedFor $_SERVER['HTTP_X_FORWARDED_FOR'] ?? $_SERVER['REMOTE_ADDR'])
  78.                   && (IpUtils::checkIp($httpXForwardedFor$trustedProxies)):
  79.                     // Internal network --> nginx-proxy --> Application (production, staging).
  80.                 case ($trustedProxies Request::getTrustedProxies())
  81.                   && ($httpHost $_SERVER['HTTP_HOST'])
  82.                   && (IpUtils::checkIp($httpHost$trustedProxies)):
  83.                     // Internal network --> Application (production, staging).
  84.                     if ((($ua $_SERVER['HTTP_USER_AGENT']) === 'ELB-HealthChecker/2.0')
  85.                         && (IpUtils::checkIp($remoteAddr$trustedProxies))) {
  86.                         // ELB Health Check
  87.                         Request::setTrustedProxies([
  88.                             '127.0.0.1',
  89.                             $remoteAddr,
  90.                         ], Request::HEADER_X_FORWARDED_AWS_ELB);
  91.                         //
  92.                         $_SERVER['HTTP_X_FORWARDED_PROTO'] = 'https';
  93.                         $_SERVER['HTTP_X_FORWARDED_PORT'] = '443';
  94.                     } else {
  95.                         // Internet --> nginx-proxy --> Application (development).
  96.                         Request::setTrustedProxies([
  97.                             '127.0.0.1',
  98.                             $remoteAddr,
  99.                         ], Request::HEADER_X_FORWARDED_ALL Request::HEADER_X_FORWARDED_HOST);
  100.                     }
  101.                     break;
  102.                 default:
  103.                     throw new Exception("trusted proxies verification failed. due to:\n" var_export(compact('trustedProxies''httpXForwardedFor'), true));
  104.             }
  105.         } else {
  106.             throw new Exception("get the server var “REMOTE_ADDR” failed.");
  107.         }
  108.         //
  109.         $_SERVER['HTTPS'] = 'on';
  110.     } catch (Exception $e) {
  111.         error_log("The request is not from trusted proxies. due to:\n" $e->getMessage());
  112.     }
  113. }
  114. $request Request::createFromGlobals();
  116. $maintenanceFile env('ECCUBE_MAINTENANCE_FILE_PATH'__DIR__.'/.maintenance');
  118. if (file_exists($maintenanceFile)) {
  119.     $pathInfo \rawurldecode($request->getPathInfo());
  120.     $adminPath env('ECCUBE_ADMIN_ROUTE''admin');
  121.     $adminPath '/'.\trim($adminPath'/').'/';
  122.     if (\strpos($pathInfo$adminPath) !== 0) {
  123.         $maintenanceContents file_get_contents($maintenanceFile);
  124.         $maintenanceToken explode(':'$maintenanceContents)[1] ?? null;
  125.         $tokenInCookie $request->cookies->get(SystemService::MAINTENANCE_TOKEN_KEY);
  126.         if ($tokenInCookie === null || $tokenInCookie !== $maintenanceToken) {
  127.             $locale env('ECCUBE_LOCALE');
  128.             $templateCode env('ECCUBE_TEMPLATE_CODE');
  129.             $baseUrl \htmlspecialchars(\rawurldecode($request->getBaseUrl()), ENT_QUOTES);
  131.             header('HTTP/1.1 503 Service Temporarily Unavailable');
  132.             require __DIR__.'/maintenance.php';
  133.             return;
  134.         }
  135.     }
  136. }
  137. $kernel = new Kernel($env$debug);
  138. $response $kernel->handle($request);
  139. $response->send();
  140. $kernel->terminate($request$response);