evolution-cms
diff --git a/‎core/includes/define.inc.php
+32-27 b/‎core/includes/define.inc.php
+32-27
diff --git a/‎core/src/ExceptionHandler.php
+1-1 b/‎core/src/ExceptionHandler.php
+1-1
diff --git a/‎core/src/Middleware/VerifyCsrfToken.php
+1-1 b/‎core/src/Middleware/VerifyCsrfToken.php
+1-1
@@ -1,56 +1,57 @@
 <?php
+
 use Illuminate\Support\Str;
 
-if (! defined('HTTPS_PORT')) {
+if (!defined('HTTPS_PORT')) {
     define('HTTPS_PORT', env('HTTPS_PORT', '443')); //$https_port
 }
 
-if (! defined('SESSION_STORAGE')) {
+if (!defined('SESSION_STORAGE')) {
     define('SESSION_STORAGE', env('SESSION_STORAGE', 'default')); // $session_cookie_path
 }
 
-if (! defined('REDIS_HOST')) {
+if (!defined('REDIS_HOST')) {
     define('REDIS_HOST', env('REDIS_HOST', '127.0.0.1')); // $session_cookie_path
 }
 
-if (! defined('REDIS_PORT')) {
+if (!defined('REDIS_PORT')) {
     define('REDIS_PORT', env('REDIS_PORT', '6379')); // $session_cookie_path
 }
 
-if (! defined('SESSION_COOKIE_PATH')) {
+if (!defined('SESSION_COOKIE_PATH')) {
     define('SESSION_COOKIE_PATH', env('SESSION_COOKIE_PATH', '')); // $session_cookie_path
 }
 
-if (! defined('SESSION_COOKIE_DOMAIN')) {
+if (!defined('SESSION_COOKIE_DOMAIN')) {
     define('SESSION_COOKIE_DOMAIN', env('SESSION_COOKIE_DOMAIN', '')); //$session_cookie_domain
 }
 
-if (! defined('SESSION_COOKIE_NAME')) {
+if (!defined('SESSION_COOKIE_NAME')) {
     // For legacy extras not using startCMSSession
     define('SESSION_COOKIE_NAME', env('SESSION_COOKIE_NAME', genEvoSessionName())); // $site_sessionname
 }
 
-if (! defined('MODX_CLASS')) {
+if (!defined('MODX_CLASS')) {
     define('MODX_CLASS', env('MODX_CLASS', '\DocumentParser'));
 }
 
-if (! defined('MODX_SITE_HOSTNAMES')) {
+if (!defined('MODX_SITE_HOSTNAMES')) {
     define('MODX_SITE_HOSTNAMES', env('MODX_SITE_HOSTNAMES', ''));
 }
 
-if (! defined('MGR_DIR')) {
+if (!defined('MGR_DIR')) {
     define('MGR_DIR', env('MGR_DIR', 'manager'));
 }
 
-if (! defined('EVO_CORE_PATH')) {
+if (!defined('EVO_CORE_PATH')) {
     define('EVO_CORE_PATH', env('EVO_CORE_PATH', dirname(__DIR__) . '/'));
 }
 
-if (! defined('EVO_STORAGE_PATH')) {
+if (!defined('EVO_STORAGE_PATH')) {
     define('EVO_STORAGE_PATH', env('EVO_STORAGE_PATH', EVO_CORE_PATH . 'storage/'));
 }
 
-if (! defined('MODX_BASE_PATH') || ! defined('MODX_BASE_URL')) {
+if (!defined('MODX_BASE_PATH') || !defined('MODX_BASE_URL')) {
     // automatically assign base_path and base_url
     $script_name = str_replace(
         '\\',
@@ -87,7 +88,7 @@
 
     $url = implode($separator, $items);
 
-    $base_url = Str::finish(implode($separator, $items),'/');
+    $base_url = Str::finish(implode($separator, $items), '/');
     unset($separator);
 
     reset($items);
@@ -112,34 +113,38 @@
     unset($base_url);
 }
 
-if (! preg_match('/\/$/', MODX_BASE_PATH)) {
+if (!preg_match('/\/$/', MODX_BASE_PATH)) {
     throw new RuntimeException('Please, use trailing slash at the end of MODX_BASE_PATH');
 }
 
-if (! preg_match('/\/$/', MODX_BASE_URL)) {
+if (!preg_match('/\/$/', MODX_BASE_URL)) {
     throw new RuntimeException('Please, use trailing slash at the end of MODX_BASE_URL');
 }
 
-if (! defined('MODX_MANAGER_PATH')) {
+if (!defined('MODX_MANAGER_PATH')) {
     define('MODX_MANAGER_PATH', env('MODX_MANAGER_PATH', MODX_BASE_PATH . MGR_DIR . '/'));
 }
 
-if (! defined('MODX_SITE_URL')) {
+if (!defined('MODX_SITE_URL')) {
     // check for valid hostnames
     $site_hostname = 'localhost';
-    if (! is_cli()) {
+    if (!is_cli()) {
         $site_hostname = str_replace(
             ':' . $_SERVER['SERVER_PORT'],
             '',
             get_by_key($_SERVER, 'HTTP_HOST', $site_hostname)
         );
     }
     $site_hostnames = explode(',', MODX_SITE_HOSTNAMES);
-    if (! empty($site_hostnames[0]) && ! in_array($site_hostname, $site_hostnames)) {
+    if (!empty($site_hostnames[0]) && !in_array($site_hostname, $site_hostnames)) {
         $site_hostname = $site_hostnames[0];
     }
     unset($site_hostnames);
 
+    if (!isset($_SERVER['SERVER_PORT'])) {
+        $_SERVER['SERVER_PORT'] = 80;
+    }
+
     // assign site_url
     if ((isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) === 'on') ||
         $_SERVER['SERVER_PORT'] == HTTPS_PORT ||
@@ -155,10 +160,10 @@
         $site_url = str_replace(':' . $_SERVER['SERVER_PORT'], '', $site_url);
     }
 
-    if (! in_array((int)$_SERVER['SERVER_PORT'], [80, (int)HTTPS_PORT], true) &&
+    if (!in_array((int)$_SERVER['SERVER_PORT'], [80, (int)HTTPS_PORT], true) &&
         strtolower(get_by_key($_SERVER, 'HTTPS', 'off'))
     ) {
-        $site_url .=  ':' . $_SERVER['SERVER_PORT'];
+        $site_url .= ':' . $_SERVER['SERVER_PORT'];
     }
 
     $site_url .= MODX_BASE_URL;
@@ -167,25 +172,25 @@
     unset($site_url);
 }
 
-if (! preg_match('/\/$/', MODX_SITE_URL)) {
+if (!preg_match('/\/$/', MODX_SITE_URL)) {
     throw new RuntimeException('Please, use trailing slash at the end of MODX_SITE_URL');
 }
 
-if (! defined('MODX_MANAGER_URL')) {
+if (!defined('MODX_MANAGER_URL')) {
     define('MODX_MANAGER_URL', env('MODX_MANAGER_URL', MODX_SITE_URL . MGR_DIR . '/'));
 }
 
-if (! defined('MODX_SANITIZE_SEED')) {
+if (!defined('MODX_SANITIZE_SEED')) {
     define('MODX_SANITIZE_SEED', 'sanitize_seed_' . base_convert(md5(__FILE__), 16, 36));
 }
 
 if (is_cli()) {
     define('MODX_CLI', true);
-    if (! (defined('MODX_BASE_PATH') || defined('MODX_BASE_URL'))) {
+    if (!(defined('MODX_BASE_PATH') || defined('MODX_BASE_URL'))) {
         throw new RuntimeException('Please, define MODX_BASE_PATH and MODX_BASE_URL on cli mode');
     }
 
-    if (! defined('MODX_SITE_URL')) {
+    if (!defined('MODX_SITE_URL')) {
         throw new RuntimeException('Please, define MODX_SITE_URL on cli mode');
     }
 }
@@ -409,7 +409,7 @@ public function messageQuit(
             }
 
             echo "\n", $this->renderConsoleBacktrace($backtrace);
-        } else if ($this->shouldDisplay()) {
+        } else if (!$this->shouldDisplay()) {
             $version = isset($GLOBALS['modx_version']) ? $GLOBALS['modx_version'] : '';
             $release_date = isset($GLOBALS['release_date']) ? $GLOBALS['release_date'] : '';
 
 
@@ -6,7 +6,7 @@ class VerifyCsrfToken
 {
     public function handle($request, Closure $next)
     {
-        if ($_SESSION['_token'] !== $request->input('_token')) {
+        if ($request->has('_token') && isset($_SESSION['_token']) && $_SESSION['_token'] !== $request->input('_token')) {
             return \Response::json(['error' => 'CSRF token mismatch'], '403');
 
         }
Original file line number	Diff line number	Diff line change
`@@ -1,56 +1,57 @@`
`1`	`1`	`<?php`
	`2`	`+`
`2`	`3`	`use Illuminate\Support\Str;`
`3`	`4`
`4`		`-if (! defined('HTTPS_PORT')) {`
	`5`	`+if (!defined('HTTPS_PORT')) {`
`5`	`6`	`define('HTTPS_PORT', env('HTTPS_PORT', '443')); //$https_port`
`6`	`7`	`}`
`7`	`8`
`8`		`-if (! defined('SESSION_STORAGE')) {`
	`9`	`+if (!defined('SESSION_STORAGE')) {`
`9`	`10`	`define('SESSION_STORAGE', env('SESSION_STORAGE', 'default')); // $session_cookie_path`
`10`	`11`	`}`
`11`	`12`
`12`		`-if (! defined('REDIS_HOST')) {`
	`13`	`+if (!defined('REDIS_HOST')) {`
`13`	`14`	`define('REDIS_HOST', env('REDIS_HOST', '127.0.0.1')); // $session_cookie_path`
`14`	`15`	`}`
`15`	`16`
`16`		`-if (! defined('REDIS_PORT')) {`
	`17`	`+if (!defined('REDIS_PORT')) {`
`17`	`18`	`define('REDIS_PORT', env('REDIS_PORT', '6379')); // $session_cookie_path`
`18`	`19`	`}`
`19`	`20`
`20`		`-if (! defined('SESSION_COOKIE_PATH')) {`
	`21`	`+if (!defined('SESSION_COOKIE_PATH')) {`
`21`	`22`	`define('SESSION_COOKIE_PATH', env('SESSION_COOKIE_PATH', '')); // $session_cookie_path`
`22`	`23`	`}`
`23`	`24`
`24`		`-if (! defined('SESSION_COOKIE_DOMAIN')) {`
	`25`	`+if (!defined('SESSION_COOKIE_DOMAIN')) {`
`25`	`26`	`define('SESSION_COOKIE_DOMAIN', env('SESSION_COOKIE_DOMAIN', '')); //$session_cookie_domain`
`26`	`27`	`}`
`27`	`28`
`28`		`-if (! defined('SESSION_COOKIE_NAME')) {`
	`29`	`+if (!defined('SESSION_COOKIE_NAME')) {`
`29`	`30`	`// For legacy extras not using startCMSSession`
`30`	`31`	`define('SESSION_COOKIE_NAME', env('SESSION_COOKIE_NAME', genEvoSessionName())); // $site_sessionname`
`31`	`32`	`}`
`32`	`33`
`33`		`-if (! defined('MODX_CLASS')) {`
	`34`	`+if (!defined('MODX_CLASS')) {`
`34`	`35`	`define('MODX_CLASS', env('MODX_CLASS', '\DocumentParser'));`
`35`	`36`	`}`
`36`	`37`
`37`		`-if (! defined('MODX_SITE_HOSTNAMES')) {`
	`38`	`+if (!defined('MODX_SITE_HOSTNAMES')) {`
`38`	`39`	`define('MODX_SITE_HOSTNAMES', env('MODX_SITE_HOSTNAMES', ''));`
`39`	`40`	`}`
`40`	`41`
`41`		`-if (! defined('MGR_DIR')) {`
	`42`	`+if (!defined('MGR_DIR')) {`
`42`	`43`	`define('MGR_DIR', env('MGR_DIR', 'manager'));`
`43`	`44`	`}`
`44`	`45`
`45`		`-if (! defined('EVO_CORE_PATH')) {`
	`46`	`+if (!defined('EVO_CORE_PATH')) {`
`46`	`47`	`define('EVO_CORE_PATH', env('EVO_CORE_PATH', dirname(__DIR__) . '/'));`
`47`	`48`	`}`
`48`	`49`
`49`		`-if (! defined('EVO_STORAGE_PATH')) {`
	`50`	`+if (!defined('EVO_STORAGE_PATH')) {`
`50`	`51`	`define('EVO_STORAGE_PATH', env('EVO_STORAGE_PATH', EVO_CORE_PATH . 'storage/'));`
`51`	`52`	`}`
`52`	`53`
`53`		`-if (! defined('MODX_BASE_PATH') \|\| ! defined('MODX_BASE_URL')) {`
	`54`	`+if (!defined('MODX_BASE_PATH') \|\| !defined('MODX_BASE_URL')) {`
`54`	`55`	`// automatically assign base_path and base_url`
`55`	`56`	`$script_name = str_replace(`
`56`	`57`	`'\\',`
`@@ -87,7 +88,7 @@`
`87`	`88`
`88`	`89`	`$url = implode($separator, $items);`
`89`	`90`
`90`		`- $base_url = Str::finish(implode($separator, $items),'/');`
	`91`	`+ $base_url = Str::finish(implode($separator, $items), '/');`
`91`	`92`	`unset($separator);`
`92`	`93`
`93`	`94`	`reset($items);`
`@@ -112,34 +113,38 @@`
`112`	`113`	`unset($base_url);`
`113`	`114`	`}`
`114`	`115`
`115`		`-if (! preg_match('/\/$/', MODX_BASE_PATH)) {`
	`116`	`+if (!preg_match('/\/$/', MODX_BASE_PATH)) {`
`116`	`117`	`throw new RuntimeException('Please, use trailing slash at the end of MODX_BASE_PATH');`
`117`	`118`	`}`
`118`	`119`
`119`		`-if (! preg_match('/\/$/', MODX_BASE_URL)) {`
	`120`	`+if (!preg_match('/\/$/', MODX_BASE_URL)) {`
`120`	`121`	`throw new RuntimeException('Please, use trailing slash at the end of MODX_BASE_URL');`
`121`	`122`	`}`
`122`	`123`
`123`		`-if (! defined('MODX_MANAGER_PATH')) {`
	`124`	`+if (!defined('MODX_MANAGER_PATH')) {`
`124`	`125`	`define('MODX_MANAGER_PATH', env('MODX_MANAGER_PATH', MODX_BASE_PATH . MGR_DIR . '/'));`
`125`	`126`	`}`
`126`	`127`
`127`		`-if (! defined('MODX_SITE_URL')) {`
	`128`	`+if (!defined('MODX_SITE_URL')) {`
`128`	`129`	`// check for valid hostnames`
`129`	`130`	`$site_hostname = 'localhost';`
`130`		`- if (! is_cli()) {`
	`131`	`+ if (!is_cli()) {`
`131`	`132`	`$site_hostname = str_replace(`
`132`	`133`	`':' . $_SERVER['SERVER_PORT'],`
`133`	`134`	`'',`
`134`	`135`	`get_by_key($_SERVER, 'HTTP_HOST', $site_hostname)`
`135`	`136`	`);`
`136`	`137`	`}`
`137`	`138`	`$site_hostnames = explode(',', MODX_SITE_HOSTNAMES);`
`138`		`- if (! empty($site_hostnames[0]) && ! in_array($site_hostname, $site_hostnames)) {`
	`139`	`+ if (!empty($site_hostnames[0]) && !in_array($site_hostname, $site_hostnames)) {`
`139`	`140`	`$site_hostname = $site_hostnames[0];`
`140`	`141`	`}`
`141`	`142`	`unset($site_hostnames);`
`142`	`143`
	`144`	`+ if (!isset($_SERVER['SERVER_PORT'])) {`
	`145`	`+ $_SERVER['SERVER_PORT'] = 80;`
	`146`	`+ }`
	`147`	`+`
`143`	`148`	`// assign site_url`
`144`	`149`	`if ((isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) === 'on') \|\|`
`145`	`150`	`$_SERVER['SERVER_PORT'] == HTTPS_PORT \|\|`
`@@ -155,10 +160,10 @@`
`155`	`160`	`$site_url = str_replace(':' . $_SERVER['SERVER_PORT'], '', $site_url);`
`156`	`161`	`}`
`157`	`162`
`158`		`- if (! in_array((int)$_SERVER['SERVER_PORT'], [80, (int)HTTPS_PORT], true) &&`
	`163`	`+ if (!in_array((int)$_SERVER['SERVER_PORT'], [80, (int)HTTPS_PORT], true) &&`
`159`	`164`	`strtolower(get_by_key($_SERVER, 'HTTPS', 'off'))`
`160`	`165`	`) {`
`161`		`- $site_url .= ':' . $_SERVER['SERVER_PORT'];`
	`166`	`+ $site_url .= ':' . $_SERVER['SERVER_PORT'];`
`162`	`167`	`}`
`163`	`168`
`164`	`169`	`$site_url .= MODX_BASE_URL;`
`@@ -167,25 +172,25 @@`
`167`	`172`	`unset($site_url);`
`168`	`173`	`}`
`169`	`174`
`170`		`-if (! preg_match('/\/$/', MODX_SITE_URL)) {`
	`175`	`+if (!preg_match('/\/$/', MODX_SITE_URL)) {`
`171`	`176`	`throw new RuntimeException('Please, use trailing slash at the end of MODX_SITE_URL');`
`172`	`177`	`}`
`173`	`178`
`174`		`-if (! defined('MODX_MANAGER_URL')) {`
	`179`	`+if (!defined('MODX_MANAGER_URL')) {`
`175`	`180`	`define('MODX_MANAGER_URL', env('MODX_MANAGER_URL', MODX_SITE_URL . MGR_DIR . '/'));`
`176`	`181`	`}`
`177`	`182`
`178`		`-if (! defined('MODX_SANITIZE_SEED')) {`
	`183`	`+if (!defined('MODX_SANITIZE_SEED')) {`
`179`	`184`	`define('MODX_SANITIZE_SEED', 'sanitize_seed_' . base_convert(md5(__FILE__), 16, 36));`
`180`	`185`	`}`
`181`	`186`
`182`	`187`	`if (is_cli()) {`
`183`	`188`	`define('MODX_CLI', true);`
`184`		`- if (! (defined('MODX_BASE_PATH') \|\| defined('MODX_BASE_URL'))) {`
	`189`	`+ if (!(defined('MODX_BASE_PATH') \|\| defined('MODX_BASE_URL'))) {`
`185`	`190`	`throw new RuntimeException('Please, define MODX_BASE_PATH and MODX_BASE_URL on cli mode');`
`186`	`191`	`}`
`187`	`192`
`188`		`- if (! defined('MODX_SITE_URL')) {`
	`193`	`+ if (!defined('MODX_SITE_URL')) {`
`189`	`194`	`throw new RuntimeException('Please, define MODX_SITE_URL on cli mode');`
`190`	`195`	`}`
`191`	`196`	`}`
Original file line number	Diff line number	Diff line change
`@@ -409,7 +409,7 @@ public function messageQuit(`
`409`	`409`	`}`
`410`	`410`
`411`	`411`	`echo "\n", $this->renderConsoleBacktrace($backtrace);`
`412`		`- } else if ($this->shouldDisplay()) {`
	`412`	`+ } else if (!$this->shouldDisplay()) {`
`413`	`413`	`$version = isset($GLOBALS['modx_version']) ? $GLOBALS['modx_version'] : '';`
`414`	`414`	`$release_date = isset($GLOBALS['release_date']) ? $GLOBALS['release_date'] : '';`
`415`	`415`
Original file line number	Diff line number	Diff line change
`@@ -6,7 +6,7 @@ class VerifyCsrfToken`
`6`	`6`	`{`
`7`	`7`	`public function handle($request, Closure $next)`
`8`	`8`	`{`
`9`		`- if ($_SESSION['_token'] !== $request->input('_token')) {`
	`9`	`+ if ($request->has('_token') && isset($_SESSION['_token']) && $_SESSION['_token'] !== $request->input('_token')) {`
`10`	`10`	`return \Response::json(['error' => 'CSRF token mismatch'], '403');`
`11`	`11`
`12`	`12`	`}`