Skip to content

Commit

Permalink
Support direct access via index.php
Browse files Browse the repository at this point in the history
  • Loading branch information
@Steveorevo
Steveorevo committed Sep 8, 2023
1 parent 57ce493 commit 8cfd869
Show file tree
Hide file tree
Showing 2 changed files with 32 additions and 0 deletions.
14 changes: 14 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -139,6 +139,20 @@ global $hcpp;
$results = $hcpp->run( 'username', 'll' );
```

 
### Invoking Plugins Directly
You can invoke your plugins directly by simply including an `index.php` file within your plugin folder. Only index.php is accessible via the URL of the Hestia Control Panel + your plugin's name as a GET load parameter. For instance (given your control panel is at https://local.dev.cc:8083), if you wanted to furnish AJAX responses or serve arbitrary content, your plugin's index.php file would be accessible via:

```
https://local.dev.cc:8083/pluginable.php?load=myplugin
```

The above URL would execute and serve the file at:

```
/usr/local/hestia/plugins/myplugin/index.php
```

 
### Hosted Site Prepends and Appends
The HestiaCP Pluginable project includes special functionality for processing [PHP auto prepend and auto append directives](https://www.php.net/manual/en/ini.core.php#ini.auto-prepend-file). This functionality allows a plugin to execute isolated code that is not apart of Hestia Control Panel actions, nor has access to the global $hcpp object; but rather as apart of all hosted sites running PHP. This feature is commonly used by anti-malware scanning applications (such as [WordFence](https://www.wordfence.com/help/firewall/optimizing-the-firewall/), [ISPProtect](https://ispprotect.com/ispprotect-bandaemon/), etc.), performance metric/tuning apps, or freemium hosting providers that wish to inject ads and other functionality into existing websites.
Expand Down
18 changes: 18 additions & 0 deletions hooks/pluginable.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -968,3 +968,21 @@ function str_starts_with($haystack, $needle) {
return $args;
} );
}

// Allow loading a plugin's index.php file if requested, sanitize request
if ( php_sapi_name() !== 'cli' ) {
if ( isset( $_GET['load'] ) ) {
$load = $_GET['load'];
$load = str_replace(array('/', '\\'), '', $load);
if (empty($load) || !preg_match('/^[A-Za-z0-9_-]+$/', $load)) {
echo "Invalid plugin specified.";
} else {
$load = "/usr/local/hestia/plugins/$load/index.php";
if ( file_exists( $load ) ) {
require_once( $load );
}else{
echo "Plugin not found.";
}
}
}
}

0 comments on commit 8cfd869

Please sign in to comment.