1 files changed, 94 insertions, 42 deletions
diff --git a/index.php b/index.php
index f3bf699f3c1..b368462371d 100644
--- a/index.php
+++ b/index.php
@@ -1,56 +1,108 @@
 <?php
+
+declare(strict_types=1);
+
 /**
- * @author Jörn Friedrich Dreyer <jfd@butonic.de>
- * @author Lukas Reschke <lukas@owncloud.com>
- * @author Morris Jobke <hey@morrisjobke.de>
- * @author Robin Appelman <icewind@owncloud.com>
- * @author Thomas Müller <thomas.mueller@tmit.eu>
- * @author Vincent Petry <pvince81@owncloud.com>
- *
- * @copyright Copyright (c) 2016, ownCloud, Inc.
- * @license AGPL-3.0
- *
- * This code is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License, version 3,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License, version 3,
- * along with this program.  If not, see <http://www.gnu.org/licenses/>
- *
+ * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
+ * SPDX-License-Identifier: AGPL-3.0-only
  */
 
-// Show warning if a PHP version below 5.4.0 is used, this has to happen here
-// because base.php will already use 5.4 syntax.
-if (version_compare(PHP_VERSION, '5.4.0') === -1) {
-	echo 'This version of ownCloud requires at least PHP 5.4.0<br/>';
-	echo 'You are currently running ' . PHP_VERSION . '. Please update your PHP version.';
-	return;
-}
+require_once __DIR__ . '/lib/versioncheck.php';
+
+use OC\ServiceUnavailableException;
+use OC\User\LoginException;
+use OCP\HintException;
+use OCP\IRequest;
+use OCP\Security\Bruteforce\MaxDelayReached;
+use OCP\Server;
+use OCP\Template\ITemplateManager;
+use Psr\Log\LoggerInterface;
 
 try {
-	
-	require_once 'lib/base.php';
+	require_once __DIR__ . '/lib/base.php';
 
 	OC::handleRequest();
-
-} catch(\OC\ServiceUnavailableException $ex) {
-	\OCP\Util::logException('index', $ex);
+} catch (ServiceUnavailableException $ex) {
+	Server::get(LoggerInterface::class)->error($ex->getMessage(), [
+		'app' => 'index',
+		'exception' => $ex,
+	]);
 
 	//show the user a detailed error page
-	OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE);
-	OC_Template::printExceptionErrorPage($ex);
-} catch (\OC\HintException $ex) {
-	OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE);
-	OC_Template::printErrorPage($ex->getMessage(), $ex->getHint());
+	Server::get(ITemplateManager::class)->printExceptionErrorPage($ex, 503);
+} catch (HintException $ex) {
+	try {
+		Server::get(ITemplateManager::class)->printErrorPage($ex->getMessage(), $ex->getHint(), 503);
+	} catch (Exception $ex2) {
+		try {
+			Server::get(LoggerInterface::class)->error($ex->getMessage(), [
+				'app' => 'index',
+				'exception' => $ex,
+			]);
+			Server::get(LoggerInterface::class)->error($ex2->getMessage(), [
+				'app' => 'index',
+				'exception' => $ex2,
+			]);
+		} catch (Throwable $e) {
+			// no way to log it properly - but to avoid a white page of death we try harder and ignore this one here
+		}
+
+		//show the user a detailed error page
+		Server::get(ITemplateManager::class)->printExceptionErrorPage($ex, 500);
+	}
+} catch (LoginException $ex) {
+	$request = Server::get(IRequest::class);
+	/**
+	 * Routes with the @CORS annotation and other API endpoints should
+	 * not return a webpage, so we only print the error page when html is accepted,
+	 * otherwise we reply with a JSON array like the SecurityMiddleware would do.
+	 */
+	if (stripos($request->getHeader('Accept'), 'html') === false) {
+		http_response_code(401);
+		header('Content-Type: application/json; charset=utf-8');
+		echo json_encode(['message' => $ex->getMessage()]);
+		exit();
+	}
+	Server::get(ITemplateManager::class)->printErrorPage($ex->getMessage(), $ex->getMessage(), 401);
+} catch (MaxDelayReached $ex) {
+	$request = Server::get(IRequest::class);
+	/**
+	 * Routes with the @CORS annotation and other API endpoints should
+	 * not return a webpage, so we only print the error page when html is accepted,
+	 * otherwise we reply with a JSON array like the BruteForceMiddleware would do.
+	 */
+	if (stripos($request->getHeader('Accept'), 'html') === false) {
+		http_response_code(429);
+		header('Content-Type: application/json; charset=utf-8');
+		echo json_encode(['message' => $ex->getMessage()]);
+		exit();
+	}
+	http_response_code(429);
+	Server::get(ITemplateManager::class)->printGuestPage('core', '429');
 } catch (Exception $ex) {
-	\OCP\Util::logException('index', $ex);
+	Server::get(LoggerInterface::class)->error($ex->getMessage(), [
+		'app' => 'index',
+		'exception' => $ex,
+	]);
 
 	//show the user a detailed error page
-	OC_Response::setStatus(OC_Response::STATUS_INTERNAL_SERVER_ERROR);
-	OC_Template::printExceptionErrorPage($ex);
+	Server::get(ITemplateManager::class)->printExceptionErrorPage($ex, 500);
+} catch (Error $ex) {
+	try {
+		Server::get(LoggerInterface::class)->error($ex->getMessage(), [
+			'app' => 'index',
+			'exception' => $ex,
+		]);
+	} catch (Error $e) {
+		http_response_code(500);
+		header('Content-Type: text/plain; charset=utf-8');
+		print("Internal Server Error\n\n");
+		print("The server encountered an internal error and was unable to complete your request.\n");
+		print("Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report.\n");
+		print("More details can be found in the webserver log.\n");
+
+		throw $ex;
+	}
+	Server::get(ITemplateManager::class)->printExceptionErrorPage($ex, 500);
 }