diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/Authentication.php | 4 | ||||
| -rw-r--r-- | lib/Configuration.php | 7 | ||||
| -rw-r--r-- | lib/html.php | 38 |
3 files changed, 46 insertions, 3 deletions
diff --git a/lib/Authentication.php b/lib/Authentication.php index 1ae26edf..172836b2 100644 --- a/lib/Authentication.php +++ b/lib/Authentication.php @@ -58,7 +58,9 @@ class Authentication if (Configuration::getConfig('authentication', 'enable') === true) { if (!Authentication::verifyPrompt()) { header('WWW-Authenticate: Basic realm="RSS-Bridge"', true, 401); - die('Please authenticate in order to access this instance !'); + $message = 'Please authenticate in order to access this instance !'; + print $message; + exit; } } } diff --git a/lib/Configuration.php b/lib/Configuration.php index 2680ce3e..000b8bd5 100644 --- a/lib/Configuration.php +++ b/lib/Configuration.php @@ -317,7 +317,10 @@ final class Configuration */ private static function reportError($message) { - header('Content-Type: text/plain', true, 500); - die('Configuration error' . PHP_EOL . $message); + http_response_code(500); + print render('error.html.php', [ + 'message' => "Configuration error: $message", + ]); + exit; } } diff --git a/lib/html.php b/lib/html.php index 324b7dc2..fa448a31 100644 --- a/lib/html.php +++ b/lib/html.php @@ -12,6 +12,44 @@ * @link https://github.com/rss-bridge/rss-bridge */ +function render(string $template, array $context = []): string +{ + $context['page'] = render_template($template, $context); + return render_template('base.html.php', $context); +} + +function render_template(string $template, array $context = []): string +{ + if (isset($context['template'])) { + throw new \Exception("Don't use `template` as a context key"); + } + extract($context); + ob_start(); + try { + require __DIR__ . '/../templates/' . $template; + } catch (\Throwable $e) { + ob_end_clean(); + throw $e; + } + return ob_get_clean(); +} + +/** + * Escape for html context + */ +function e(string $s): string +{ + return htmlspecialchars($s, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8'); +} + +/** + * Explicitly don't escape + */ +function raw(string $s): string +{ + return $s; +} + /** * Removes unwanted tags from a given HTML text. * |