public function reload()
{
$_SESSION['config'] = $this->getAll();
$language = $this->get('language', 'en_US');
if ($language !== 'en_US') {
\Translator\load($language);
}
}
public function beforeAction($controller, $action)
{
$this->session->open(dirname($_SERVER['PHP_SELF']));
if (!isset($_SESSION['user']) && !$this->noAuthAllowed($controller, $action)) {
$this->response->redirect('?controller=user&action=login');
}
// Load translations
$language = $this->config->get('language', 'en_US');
if ($language !== 'en_US') {
\Translator\load($language);
}
$this->response->csp();
$this->response->nosniff();
$this->response->xss();
$this->response->hsts();
$this->response->xframe();
}
/**
* Method executed before each action
*
* @access public
*/
public function beforeAction($controller, $action)
{
// Start the session
$this->session->open(BASE_URL_DIRECTORY, SESSION_SAVE_PATH);
// HTTP secure headers
$this->response->csp();
$this->response->nosniff();
$this->response->xss();
$this->response->hsts();
$this->response->xframe();
// Load translations
$language = $this->config->get('language', 'en_US');
if ($language !== 'en_US') {
\Translator\load($language);
}
// Set timezone
date_default_timezone_set($this->config->get('timezone', 'UTC'));
// Authentication
if (!$this->acl->isLogged() && !$this->acl->isPublicAction($controller, $action)) {
// Try the remember me authentication first
if (!$this->rememberMe->authenticate()) {
// Redirect to the login form if not authenticated
$this->response->redirect('?controller=user&action=login');
} else {
$this->lastLogin->create(\Model\LastLogin::AUTH_REMEMBER_ME, $this->acl->getUserId(), $this->user->getIpAddress(), $this->user->getUserAgent());
}
} else {
if ($this->rememberMe->hasCookie()) {
$this->rememberMe->refresh();
}
}
// Check if the user is allowed to see this page
if (!$this->acl->isPageAccessAllowed($controller, $action)) {
$this->response->redirect('?controller=user&action=forbidden');
}
// Attach events for automatic actions
$this->action->attachEvents();
}
Response\redirect('?action=login');
}
}
// These actions are considered to be safe even for unauthenticated users
$safe_actions = array('login', 'bookmark-feed', 'select-db', 'logout', 'notfound');
if (!Model\User\is_loggedin() && !in_array($action, $safe_actions)) {
if (!Model\RememberMe\authenticate()) {
Model\User\logout();
Response\redirect('?action=login');
}
} elseif (Model\RememberMe\has_cookie()) {
Model\RememberMe\refresh();
}
// Load translations
$language = Model\Config\get('language') ?: 'en_US';
Translator\load($language);
// Set timezone
date_default_timezone_set(Model\Config\get('timezone') ?: 'UTC');
// HTTP secure headers
Response\csp(array('media-src' => '*', 'img-src' => '*', 'frame-src' => Model\Config\get_iframe_whitelist(), 'referrer' => 'no-referrer'));
Response\xframe();
Response\xss();
Response\nosniff();
if (ENABLE_HSTS && Helper\is_secure_connection()) {
Response\hsts();
}
});
// Show help
Router\get_action('show-help', function () {
Response\html(Template\load('show_help'));
});
