Commit acf4dc927bb27d90865626602137629fb203f2c7
1 parent
2acacd1a
fix: add admin portal routing to start.php
Showing
1 changed file
with
51 additions
and
0 deletions
| @@ -655,6 +655,57 @@ $http_worker->onMessage = function ($connection, $request) use ($config, $authSe | @@ -655,6 +655,57 @@ $http_worker->onMessage = function ($connection, $request) use ($config, $authSe | ||
| 655 | return; | 655 | return; |
| 656 | } | 656 | } |
| 657 | 657 | ||
| 658 | + // 4. Admin Portal | ||
| 659 | + if (strpos($path, '/admin/') === 0) { | ||
| 660 | + $file = __DIR__ . $path; | ||
| 661 | + | ||
| 662 | + // Prevent directory traversal | ||
| 663 | + if (strpos(realpath($file), realpath(__DIR__ . '/admin')) !== 0) { | ||
| 664 | + $connection->send(new \Workerman\Protocols\Http\Response(403, [], 'Forbidden')); | ||
| 665 | + return; | ||
| 666 | + } | ||
| 667 | + | ||
| 668 | + if (is_file($file)) { | ||
| 669 | + $ext = pathinfo($file, PATHINFO_EXTENSION); | ||
| 670 | + | ||
| 671 | + // Serve Static Assets directly | ||
| 672 | + if ($ext !== 'php') { | ||
| 673 | + $mime = 'text/plain'; | ||
| 674 | + if ($ext === 'css') | ||
| 675 | + $mime = 'text/css'; | ||
| 676 | + if ($ext === 'js') | ||
| 677 | + $mime = 'application/javascript'; | ||
| 678 | + if ($ext === 'png') | ||
| 679 | + $mime = 'image/png'; | ||
| 680 | + | ||
| 681 | + $connection->send(new \Workerman\Protocols\Http\Response( | ||
| 682 | + 200, | ||
| 683 | + ['Content-Type' => $mime], | ||
| 684 | + file_get_contents($file) | ||
| 685 | + )); | ||
| 686 | + return; | ||
| 687 | + } | ||
| 688 | + | ||
| 689 | + // Execute PHP Files (Simple CGI Emulation) | ||
| 690 | + if ($ext === 'php') { | ||
| 691 | + ob_start(); | ||
| 692 | + try { | ||
| 693 | + // Make request variables available to the included script | ||
| 694 | + // Workerman already populates $_GET, $_POST, $_COOKIE, $_SERVER, $_FILES locally for the worker context | ||
| 695 | + // But we explicitly ensure it inside the closure | ||
| 696 | + | ||
| 697 | + require $file; | ||
| 698 | + $content = ob_get_clean(); | ||
| 699 | + $connection->send(new \Workerman\Protocols\Http\Response(200, [], $content)); | ||
| 700 | + } catch (\Throwable $e) { | ||
| 701 | + ob_end_clean(); | ||
| 702 | + $connection->send(new \Workerman\Protocols\Http\Response(500, [], "Internal Server Error: " . $e->getMessage())); | ||
| 703 | + } | ||
| 704 | + return; | ||
| 705 | + } | ||
| 706 | + } | ||
| 707 | + } | ||
| 708 | + | ||
| 658 | $connection->send("Moltbot Relay HTTP Server"); | 709 | $connection->send("Moltbot Relay HTTP Server"); |
| 659 | }; | 710 | }; |
| 660 | 711 |
Please
register
or
login
to post a comment