Beispiel #1
0
 public function serve($content, $modified = false)
 {
     $cache_last_modified = $modified ? time() : filemtime($this->path);
     $header_modified_since = strtotime(\Input::server('HTTP_IF_MODIFIED_SINCE', 0));
     $status = 200;
     // Set the response headers for cache etc
     $headers = array('Cache-Control' => 'public', 'Last-Modified' => gmdate('D, d M Y H:i:s', $cache_last_modified) . ' GMT', 'Content-Type' => $this->content_type, 'X-UA-Compatible' => 'IE=edge');
     // Still call the before method on the controller... is this a good idea? Perhaps not.
     /* if (isset($this->request) && $controller = $this->request->controller_instance) {
     			if (method_exists($controller, 'before')) $controller->before($content);
     		} */
     // Return 304 not modified if the content hasn't changed, but only if the profiler isn't enabled.
     if (!\Fuel::$profiling) {
         $headers['Content-Length'] = strlen($content);
         if ($header_modified_since >= $cache_last_modified) {
             header('HTTP/1.1 304 Not Modified');
             exit;
         }
     }
     // Send the response
     \Response::forge($content, $status, $headers)->send(true);
     if (\Fuel::$profiling) {
         \Profiler::mark('CMF Cache Served');
     }
     exit;
 }
Beispiel #2
0
 protected function respondWithArray(array $array, array $headers = [])
 {
     $mimeTypeRaw = Input::server('HTTP_ACCEPT', '*/*');
     // If its empty or has */* then default to JSON
     if ($mimeTypeRaw === '*/*') {
         $mimeType = 'application/json';
     } else {
         // You'll probably want to do something intelligent with charset if provided
         // This chapter just assumes UTF8 everything everywhere
         $mimeParts = (array) explode(';', $mimeTypeRaw);
         $mimeType = strtolower($mimeParts[0]);
     }
     switch ($mimeType) {
         case 'application/json':
             $contentType = 'application/json';
             $content = json_encode($array);
             break;
         case 'application/x-yaml':
             $contentType = 'application/x-yaml';
             $dumper = new YamlDumper();
             $content = $dumper->dump($array, 2);
             break;
         default:
             $contentType = 'application/json';
             $content = json_encode(['error' => ['code' => static::CODE_INVALID_MIME_TYPE, 'http_code' => 415, 'message' => sprintf('Content of type %s is not supported.', $mimeType)]]);
     }
     $response = Response::make($content, $this->statusCode, $headers);
     $response->header('Content-Type', $contentType);
     return $response;
 }
Beispiel #3
0
 public function before()
 {
     parent::before();
     $flag = $this->getNotOpenidAllowed();
     if ($flag) {
         return;
     }
     if (!\Session::get('wechat', false) && !\Input::get('openid', false)) {
         //获取到openid之后跳转的参数列表
         //$params = \handler\mp\UrlTool::createLinkstring(\Input::get());
         //本站域名
         $baseUrl = \Config::get('base_url');
         $url = $baseUrl . \Input::server('REQUEST_URI');
         $toUrl = urlencode($url);
         $callback = "{$baseUrl}wxapi/oauth2_callback?to_url={$toUrl}";
         $account = \Session::get('WXAccount', \Model_WXAccount::find(1));
         $url = \handler\mp\Tool::createOauthUrlForCode($account->app_id, $callback);
         \Response::redirect($url);
     } else {
         if (!\Session::get('wechat', false)) {
             $wxopenid = \Model_WechatOpenid::query()->where(['openid' => \Input::get('openid')])->get_one();
             if (!$wxopenid) {
                 \Session::set_flash('msg', ['status' => 'err', 'msg' => '未找到您的微信信息,无法确认您的身份! 系统无法为您提供服务!', 'title' => '拒绝服务']);
                 return $this->show_mesage();
             }
             \Session::set('wechat', $wxopenid->wechat);
             \Session::set('OpenID', $wxopenid);
             \Auth::force_login($wxopenid->wechat->user_id);
         } else {
             if (!\Auth::check() && \Session::get('wechat')->user_id) {
                 \Auth::force_login(\Session::get('wechat')->user_id);
             }
         }
     }
 }
 public function resetAction()
 {
     $token = "?token=" . Input::get("token");
     $errors = new MessageBag();
     if ($old = Input::old("errors")) {
         $errors = $old;
     }
     $data = ["token" => $token, "errors" => $errors];
     if (Input::server("REQUEST_METHOD") == "POST") {
         $validator = Validator::make(Input::all(), ["email" => "required|email", "password" => "required|min:6", "password_confirmation" => "required|same:password", "token" => "required|exists:token,token"]);
         if ($validator->passes()) {
             $credentials = ["email" => Input::get("email")];
             Password::reset($credentials, function ($user, $password) {
                 $user->password = Hash::make($password);
                 $user->save();
                 Auth::login($user);
                 return Redirect::route("user/profile");
             });
         }
         $data["email"] = Input::get("email");
         $data["errors"] = $validator->errors();
         return Redirect::to(URL::route("user/reset") . $token)->withInput($data);
     }
     return View::make("user/reset", $data);
 }
Beispiel #5
0
 /**
  * Returns the full uri with query as a string
  *
  * @return  string
  */
 public static function string_with_query(array $query_data = array(), $is_return_full_path = false)
 {
     $return = $is_return_full_path ? static::base_path(static::string()) : static::string();
     if ($query_data) {
         $return .= '?' . http_build_query($query_data);
     } elseif ($query = \Input::server('QUERY_STRING')) {
         $return .= '?' . $query;
     }
     return $return;
 }
Beispiel #6
0
 /**
  * setup the class
  *
  * @return void
  */
 private function __construct()
 {
     //get the current uri
     $this->uri_segments = $this->arguments = Uri::segments();
     //get the current uri
     $this->uri = rtrim(Uri::full(), '/');
     $this->request_type = Input::server('request_method');
     //get the route map from the config
     $this->route_map = Config::settings('routeMap');
     //add any additional routes, adding them to the route map
     $this->routeMap();
 }
Beispiel #7
0
 public static function create_url()
 {
     $base_url = '';
     if (\Input::server('http_host')) {
         $base_url .= \Input::protocol() . '://' . \Input::server('http_host');
     }
     if (\Input::server('script_name')) {
         $base_url .= str_replace('\\', '/', dirname(\Input::server('script_name')));
         // Add a slash if it is missing
         $base_url = rtrim($base_url, '/') . '/';
     }
     return $base_url;
 }
Beispiel #8
0
 /**
  * Extcute Ext Direct functions
  */
 public function action_index()
 {
     if (Input::server('HTTP_HOST') === 'localhost') {
         // for local development
         $url = parse_url(Input::server('HTTP_ORIGIN'));
         header('Access-Control-Allow-Credentials: true');
         if (isset($url['port'])) {
             header('Access-Control-Allow-Origin: http://localhost:' . $url['port']);
         } else {
             header('Access-Control-Allow-Origin: http://localhost');
         }
         header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept');
         header('Access-Control-Allow-Methods: GET, PUT, POST, DELETE, HEAD, OPTIONS');
     }
     $isForm = false;
     $isUpload = false;
     $post_data = file_get_contents("php://input");
     if ($post_data) {
         header('Content-Type: text/javascript');
         $data = json_decode($post_data);
     } else {
         if (isset($_POST['extAction'])) {
             // form post
             $isForm = true;
             $isUpload = $_POST['extUpload'] == 'true';
             $data = new BogusAction();
             $data->action = $_POST['extAction'];
             $data->method = $_POST['extMethod'];
             $data->tid = isset($_POST['extTID']) ? $_POST['extTID'] : null;
             $data->data = array($_POST, $_FILES);
         } else {
             die('Invalid request.');
         }
     }
     $response = null;
     if (is_array($data)) {
         $response = array();
         foreach ($data as $d) {
             $response[] = $this->doRpc($d);
         }
     } else {
         $response = $this->doRpc($data);
     }
     if ($isForm && $isUpload) {
         echo '<html><body><textarea>';
         echo json_encode($response);
         echo '</textarea></body></html>';
     } else {
         echo json_encode($response);
     }
 }
 public function loginAction()
 {
     if (Input::server("REQUEST_METHOD") == "POST") {
         $validator = Validator::make(Input::all(), array("username" => "required|min:4", "password" => "required|min:6"));
         if ($validator->passes()) {
             $credentials = array("username" => Input::get("username"), "password" => Input::get("password"));
             if (Auth::attempt($credentials)) {
                 return Redirect::route("user.home");
             }
         }
         return Redirect::route('user.login')->withInput(Input::except('password'))->withErrors($validator)->with('message', trans('messages.invalid-login'));
     }
     return View::make("user.login");
 }
Beispiel #10
0
 public static function send()
 {
     // set content type
     if (array_key_exists('Content-Type', static::$headers) === false) {
         static::$headers['Content-Type'] = 'text/html; charset=UTF-8';
     }
     // send headers
     if (headers_sent() === false) {
         $protocol = Input::server('server_protocol', 'HTTP/1.1');
         header($protocol . ' ' . static::$status . ' ' . static::$statuses[static::$status]);
         foreach (static::$headers as $name => $value) {
             header($name . ': ' . $value, true);
         }
     }
     // Send it to the browser!
     echo static::$content;
 }
Beispiel #11
0
 public static function show_production_error(\Exception $e)
 {
     // when we're on CLI, always show the php error
     if (\Fuel::$is_cli) {
         return static::show_php_error($e);
     }
     if (!headers_sent()) {
         $protocol = \Input::server('SERVER_PROTOCOL') ? \Input::server('SERVER_PROTOCOL') : 'HTTP/1.1';
         header($protocol . ' 500 Internal Server Error');
     }
     $response = '';
     try {
         $response = \CMF::getCustomErrorResponse(\Lang::get("site.errors.http.500", array('resource' => 'page'), \Lang::get("site.errors.http.default", array('resource' => 'page'), 'Please contact the website administrator')));
     } catch (\Exception $e) {
         $response = \View::forge('errors' . DS . 'production');
     }
     exit($response);
 }
Beispiel #12
0
 /**
  * 获取用户上传文件存储的路径及访问地址
  *
  * @param module 资源存储的类型(请参考config/global.php文件中的folders数组)
  */
 public static function get_upload_path($module = 4, $coustom = '')
 {
     \Config::load('global');
     $folders = \Config::get('folders');
     $root = \Config::get('root_directory');
     $host = str_replace('.', '', \Input::server('HTTP_HOST'));
     $user_id = \Auth::check() ? \Auth::get_user()->id : '0';
     //资源访问主机域名如:http://img1.evxin.com
     $resUrl = \Config::get('resource_url') !== false ? \Config::get('resource_url') : '';
     //资源物理路径
     $uploadPath = \Config::get('upload_path') !== false ? \Config::get('upload_path') : '';
     $user_id = $module == 4 ? '' : "/{$user_id}/";
     $ymd = date('/Ymd');
     //完整物理路径=服务器物理路径+当前域名+资源存储目录+年月日
     $path = "{$root}/{$host}/{$folders[$module]}{$user_id}{$ymd}/" . ($coustom ? "{$coustom}/" : '');
     $url = "{$resUrl}/{$path}";
     return array('root_directory' => $uploadPath, 'path' => $path, 'url' => $url);
 }
Beispiel #13
0
 /**
  * 发起微信支付(公众号JSSDK支付)
  */
 public function action_wxpay()
 {
     $this->account = \Session::get('WXAccount', \Model_WXAccount::find(\Input::get('account_id', 1)));
     if (!\Input::get('openid', false)) {
         //本站域名
         $baseUrl = \Config::get('base_url');
         $request_uri = \Input::server('REQUEST_URI', '');
         if ($request_uri) {
             $request_uri = substr($request_uri, 1);
         }
         $toUrl = urlencode("{$baseUrl}{$request_uri}");
         $callback = "{$baseUrl}wxapi/oauth2_callback?to_url={$toUrl}";
         $url = \handler\mp\Tool::createOauthUrlForCode($this->account->app_id, $callback);
         \Response::redirect($url);
     }
     $msg = false;
     if (!\Input::get('order_id', false)) {
         $msg = ['status' => 'err', 'msg' => '缺少订单ID', 'errcode' => 0, 'title' => '错误'];
     } else {
         if (!$this->account) {
             $msg = ['status' => 'err', 'msg' => '缺少微信公众号ID', 'errcode' => 0, 'title' => '错误'];
         }
     }
     if ($msg) {
         \Session::set_flash('msg', $msg);
         return \Response::forge(\View::forge('message/moblie'));
     }
     //订单openid赋值
     $order = \Model_Order::find(\Input::get('order_id'));
     if (!$order->buyer_openid) {
         $openID = \Model_WechatOpenid::query()->where(['openid' => \Input::get('openid')])->get_one();
         if ($openID->wechat->user_id == $order->buyer_id) {
             $order->buyer_openid = \Input::get('openid');
             $order->save();
         }
     }
     //查询收款帐户
     $access = \Model_AccessConfig::query()->where('access_type', 'wxpay')->where('seller_id', $order->from_id)->where('enable', 'ENABLE')->get_one();
     $result = \handler\mp\Tool::wxpay_order($this->account, $order, $access, \Input::get('openid'));
     $params = array('appId' => $this->account->app_id, 'timeStamp' => strval(time()), 'nonceStr' => \Str::random('alnum', 16), 'package' => "prepay_id={$result['prepay_id']}", 'signType' => "MD5");
     $params['paySign'] = \handler\mp\Tool::getWxPaySign($params, $access->access_key);
     $params['to_url'] = "/order/home/delivery/{$order->id}";
     return \Response::forge(\View::forge('pay/wxpay', $params));
 }
Beispiel #14
0
 /**
  * Tests Html::anchor()
  *
  * @test
  */
 public function test_anchor()
 {
     // Query string tests
     Config::set('url_suffix', '');
     Config::set('index_file', '');
     // External uri
     $output = Html::anchor('http://google.com', 'Go to Google');
     $expected = '<a href="http://google.com">Go to Google</a>';
     $this->assertEquals($expected, $output);
     $output = Html::anchor('javascript:do();', 'Do()');
     $expected = '<a href="javascript:do();">Do()</a>';
     $this->assertEquals($expected, $output);
     $output = Html::anchor('http://google.com', 'Go to Google', array('rel' => 'example', 'class' => 'sample', 'style' => 'color:red;'));
     $expected = '<a rel="example" class="sample" style="color:red;" href="http://google.com">Go to Google</a>';
     $this->assertEquals($expected, $output);
     // External secure uri
     $output = Html::anchor('http://google.com', 'Go to Google', array('rel' => 'example', 'class' => 'sample', 'style' => 'color:red;'), true);
     $expected = '<a rel="example" class="sample" style="color:red;" href="https://google.com">Go to Google</a>';
     $this->assertEquals($expected, $output);
     // Internal uri
     $output = Html::anchor('controller/method', 'Method');
     $expected = '<a href="controller/method">Method</a>';
     $this->assertEquals($expected, $output);
     // Internal secure uri
     $host = \Input::server('http_host');
     $_SERVER['HTTP_HOST'] = 'fuelphp.com';
     $output = Html::anchor('controller/method', 'Method', array(), true);
     $expected = '<a href="https://' . \Input::server('http_host') . '/controller/method">Method</a>';
     $this->assertEquals($expected, $output);
     $_SERVER['HTTP_HOST'] = $host;
     // Get original values to reset once done
     $index_file = Config::get('index_file');
     $url_suffix = Config::get('url_suffix');
     $output = Html::anchor('search?q=query', 'Search');
     $expected = '<a href="search?q=query">Search</a>';
     $this->assertEquals($expected, $output);
     Config::set('url_suffix', '.html');
     $output = Html::anchor('search?q=query', 'Search');
     $expected = '<a href="search.html?q=query">Search</a>';
     $this->assertEquals($expected, $output);
     // Reset to original values
     Config::set('index_file', $index_file);
     Config::set('url_suffix', $url_suffix);
 }
Beispiel #15
0
 /**
  * Connects to the given smtp and says hello to the other server.
  */
 protected function smtp_connect()
 {
     $this->smtp_connection = @fsockopen($this->config['smtp']['host'], $this->config['smtp']['port'], $error_number, $error_string, $this->config['smtp']['timeout']);
     if (empty($this->smtp_connection)) {
         throw new \SmtpConnectionException('Could not connect to SMTP: (' . $error_number . ') ' . $error_string);
     }
     // Clear the smtp response
     $this->smtp_get_response();
     // Just say hello!
     if ($this->smtp_send('EHLO' . ' ' . \Input::server('SERVER_NAME', 'localhost.local'), 250, true) !== 250) {
         // Didn't work? Try HELO
         $this->smtp_send('HELO' . ' ' . \Input::server('SERVER_NAME', 'localhost.local'), 250);
     }
     try {
         $this->smtp_send('HELP', 214);
     } catch (\SmtpCommandFailureException $e) {
         // Let this pass as some servers don't support this.
     }
 }
Beispiel #16
0
 private function _initObjects()
 {
     // set up the custom encrypted session handler
     $session = new Session();
     //$di->register($session);
     session_start();
     // see if we need to lock our session
     $sessionLock = Config::get('session.lock');
     if ($sessionLock == true) {
         $session->lock();
     }
     // grab our input & filter
     $filter = new Filter();
     $input = new Input($filter);
     session_set_cookie_params(3600, '/', $input->server('HTTP_HOST'), 1, true);
     //$di->register($input);
     $env = new Env($input);
     $env->check();
 }
 /**
  * Load the default configuration settings
  */
 public function __construct()
 {
     // Respect the customer's "Do Not Track" headers.
     $this->dnt = \Input::server('HTTP_DNT', 0) == 1 ? true : false;
     \Config::load('segment', true);
     \Analytics::init(\Config::get('segment.write_key'), \Config::get('segment.configure'), array());
     /**
      * This also serves as something to check to see if Google Analytics is in use. Although the cookie could
      * be set through alternative means, such as a separate UA tracking code, sending the extra data won't hurt
      * anything.
      */
     $this->_set_ga_cookie_id();
     // Set the debug mode for JS
     $this->_js_debug = \Config::get('segment.configure.debug', false);
     $this->identity = \Session::get('segment.identity');
     if (empty($this->identity)) {
         $this->identity = array('anonymousId' => $this->_generate_random_id());
         \Session::set('segment.identity', $this->identity);
     }
 }
Beispiel #18
0
 /**
  * Return's the input method used (GET, POST, DELETE, etc.)
  *
  * @return  string
  */
 public static function method($default = 'GET')
 {
     // get the method from the current active request
     if ($request = \Request::active() and $method = $request->get_method()) {
         return $method;
     }
     // if called before a request is active, fall back to the global server setting
     if (\Config::get('security.allow_x_headers', false)) {
         return \Input::server('HTTP_X_HTTP_METHOD_OVERRIDE', \Input::server('REQUEST_METHOD', $default));
     } else {
         return \Input::server('REQUEST_METHOD', $default);
     }
 }
Beispiel #19
0
 public static function current()
 {
     return parse_url(Input::server('REQUEST_URI'), PHP_URL_PATH);
 }
Beispiel #20
0
 /**
  * Sends the headers if they haven't already been sent.  Returns whether
  * they were sent or not.
  *
  * @return  bool
  */
 public function send_headers()
 {
     if (!headers_sent()) {
         // Send the protocol/status line first, FCGI servers need different status header
         if (!empty($_SERVER['FCGI_SERVER_VERSION'])) {
             header('Status: ' . $this->status . ' ' . static::$statuses[$this->status]);
         } else {
             $protocol = \Input::server('SERVER_PROTOCOL') ? \Input::server('SERVER_PROTOCOL') : 'HTTP/1.1';
             header($protocol . ' ' . $this->status . ' ' . static::$statuses[$this->status]);
         }
         foreach ($this->headers as $name => $value) {
             // Parse non-replace headers
             if (is_int($name) and is_array($value)) {
                 isset($value[0]) and $name = $value[0];
                 isset($value[1]) and $value = $value[1];
             }
             // Create the header
             is_string($name) and $value = "{$name}: {$value}";
             // Send it
             header($value, true);
         }
         return true;
     }
     return false;
 }
Beispiel #21
0
 /**
  * 生成JsSdk配置
  *
  * @param $appid    公众号应用ID
  * @param $ticket   公众号JSApi ticket
  * @param $url      当前完整URL
  * @return array    返回完整配置
  */
 public static function getJssdkConfig($id = 0)
 {
     $account = \Session::get('WXAccount', false);
     if ($id) {
         $account = \Model_WXAccount::find($id);
     }
     //判断ticket是否过期
     if (!$account->wechat_ticket_valid || $account->wechat_ticket_valid < time()) {
         if ($account->temp_token_valid < time()) {
             $result = \handler\mp\Tool::generate_token($account->app_id, $account->app_secret);
             $account->temp_token = $result['token'];
             $account->temp_token_valid = $result['valid'];
         }
         $result = \handler\mp\Tool::generate_jssdk_ticket($account->temp_token);
         $account->wechat_ticket = $result['ticket'];
         $account->wechat_ticket_valid = $result['valid'];
         $account->save();
     }
     $url = "http://" . \Input::server('HTTP_HOST') . \Input::server('REQUEST_URI');
     //参与签名的参数
     $timestamp = time();
     $params = array('noncestr' => \Str::random('alnum', 16), 'jsapi_ticket' => $account->wechat_ticket, 'timestamp' => $timestamp, 'url' => $url);
     //排序
     ksort($params);
     //生成签名
     $signature = sha1(\handler\common\UrlTool::createLinkstring($params));
     //配置文件
     $config = ['debug' => false, 'appId' => $account->app_id, 'timestamp' => $timestamp, 'nonceStr' => $params['noncestr'], 'signature' => $signature, 'jsApiList' => ['onMenuShareTimeline', 'onMenuShareAppMessage', 'startRecord', 'stopRecord', 'onVoiceRecordEnd', 'playVoice', 'pauseVoice', 'stopVoice', 'onVoicePlayEnd', 'uploadVoice', 'downloadVoice', 'chooseImage', 'previewImage', 'uploadImage', 'downloadImage', 'translateVoice', 'getNetworkType', 'openLocation', 'getLocation', 'hideOptionMenu', 'showOptionMenu', 'hideMenuItems', 'showMenuItems', 'hideAllNonBaseMenuItem', 'showAllNonBaseMenuItem', 'closeWindow', 'scanQRCode', 'chooseWXPay', 'openProductSpecificView', 'addCard', 'chooseCard', 'openCard']];
     return $config;
 }
Beispiel #22
0
 /**
  * Returns the given text with the correct color codes for a foreground and
  * optionally a background color.
  *
  * @param	string	$text		the text to color
  * @param	string	$foreground the foreground color
  * @param	string	$background the background color
  * @param	string	$format		other formatting to apply. Currently only 'underline' is understood
  * @return	string	the color coded string
  */
 public static function color($text, $foreground, $background = null, $format = null)
 {
     if (static::is_windows() and !\Input::server('ANSICON')) {
         return $text;
     }
     if (static::$nocolor) {
         return $text;
     }
     if (!array_key_exists($foreground, static::$foreground_colors)) {
         throw new \FuelException('Invalid CLI foreground color: ' . $foreground);
     }
     if ($background !== null and !array_key_exists($background, static::$background_colors)) {
         throw new \FuelException('Invalid CLI background color: ' . $background);
     }
     $string = "[" . static::$foreground_colors[$foreground] . "m";
     if ($background !== null) {
         $string .= "[" . static::$background_colors[$background] . "m";
     }
     if ($format === 'underline') {
         $string .= "";
     }
     $string .= $text . "";
     return $string;
 }
Beispiel #23
0
 protected function _prepare_digest_auth()
 {
     $uniqid = uniqid("");
     // Empty argument for backward compatibility
     // We need to test which server authentication variable to use
     // because the PHP ISAPI module in IIS acts different from CGI
     if (\Input::server('PHP_AUTH_DIGEST')) {
         $digest_string = \Input::server('PHP_AUTH_DIGEST');
     } elseif (\Input::server('HTTP_AUTHORIZATION')) {
         $digest_string = \Input::server('HTTP_AUTHORIZATION');
     } else {
         $digest_string = '';
     }
     /* The $_SESSION['error_prompted'] variabile is used to ask
     	  the password again if none given or if the user enters
     	  a wrong auth. informations. */
     if (empty($digest_string)) {
         static::_force_login($uniqid);
         return false;
     }
     // We need to retrieve authentication informations from the $auth_data variable
     preg_match_all('@(username|nonce|uri|nc|cnonce|qop|response)=[\'"]?([^\'",]+)@', $digest_string, $matches);
     $digest = array_combine($matches[1], $matches[2]);
     if (!array_key_exists('username', $digest) or !static::_check_login($digest['username'])) {
         static::_force_login($uniqid);
         return false;
     }
     $valid_logins = \Config::get('rest.valid_logins');
     $valid_pass = $valid_logins[$digest['username']];
     // This is the valid response expected
     $A1 = md5($digest['username'] . ':' . \Config::get('rest.realm') . ':' . $valid_pass);
     $A2 = md5(strtoupper(\Input::method()) . ':' . $digest['uri']);
     $valid_response = md5($A1 . ':' . $digest['nonce'] . ':' . $digest['nc'] . ':' . $digest['cnonce'] . ':' . $digest['qop'] . ':' . $A2);
     if ($digest['response'] != $valid_response) {
         return false;
     }
     return true;
 }
Beispiel #24
0
 /**
  * Gets the current language from either TLD, URL prefix or 
  */
 public static function lang()
 {
     if (static::$lang !== null) {
         return static::$lang;
     }
     // Give up if we haven't enabled multi lingual
     if (!(static::$lang_enabled = \Config::get('cmf.languages.enabled', false))) {
         return static::$lang = \Lang::get_lang();
     }
     // First load our languages
     \Lang::load('languages', true);
     // Get the language from cookies
     $iso = \Cookie::get('default_language');
     $fallback = \Lang::get_lang();
     // Get the language from URL
     if (!$iso) {
         $languages = static::languages();
         $host = preg_replace("/^www\\./i", '', strtolower(\Input::server('HTTP_HOST', '')));
         foreach ($languages as $language) {
             if ($tld = \Arr::get($language, 'top_level_domain')) {
                 $parts = array_filter(array_map(function ($part) {
                     return preg_replace("/^www\\./i", '', strtolower(trim($part)));
                 }, explode(',', $tld)));
                 if (in_array($host, $parts)) {
                     $iso = $language['code'];
                     break;
                 }
             }
         }
     }
     // Get the language from the request
     if (!$iso) {
         $iso = strtolower(\Arr::get(explode('/', static::original_uri()), 1, \Lang::get_lang()) . "");
         if (strpos($iso, '_') !== false) {
             $parts = explode('_', $iso);
             $iso = strtolower($parts[0]) . '_' . strtoupper($parts[1]);
         }
         if (\Lang::_get("languages.{$iso}", array(), 'notfound') == 'notfound') {
             $iso = \Lang::get_lang();
         }
     }
     // Set the languages into Fuel for future reference
     \Config::set('language_fallback', $fallback);
     \Config::set('language', $iso);
     \CMF\Doctrine\Extensions\Translatable::setLang($iso);
     // Load the languages back in, now we might have a translation for them
     if ($fallback != $iso) {
         \Lang::load('errors', true, $iso, false, true);
         \Lang::load('languages', true, $iso, false, true);
         \Lang::load('admin', true, $iso, false, true);
         \Lang::load('site', true, $iso, false, true);
         static::$lang_prefix = "/{$iso}";
     }
     // Set the uri filter so we don't see the lang prefix
     \Config::set('security.uri_filter', array_merge(array('\\CMF::removeLangPrefix'), \Config::get('security.uri_filter')));
     // Log to console
     if (\Fuel::$profiling) {
         \Profiler::console('Language is ' . $iso);
     }
     // Add shutdown event to catch unsaved translation strings
     \Event::register('shutdown', 'Lang::shutdown');
     // Set the lang vars
     static::$lang_default = $fallback;
     static::$lang = $iso;
     // Set locale if necessary
     if (is_array($locale_map = \Config::get('locale_map')) && ($new_locale = \Arr::get($locale_map, $iso))) {
         $result = setlocale(LC_TIME, $new_locale);
         if ($result !== false) {
             \Fuel::$locale = $result;
             \Config::set('locale', $result);
             if (class_exists('Locale')) {
                 \Locale::setDefault($result);
             }
         }
     }
     // Redirect to default language if this one isn't configured
     if (!array_key_exists($iso, static::languages()) && array_key_exists($fallback, static::languages())) {
         \Response::redirect(static::link(\Input::uri(), $fallback));
     }
     return $iso;
 }
Beispiel #25
0
 /**
  * Sends the headers if they haven't already been sent.
  *
  * @access	public
  * @return	void
  */
 public function send_headers()
 {
     if (!headers_sent()) {
         // Send the protocol line first
         $protocol = \Input::server('SERVER_PROTOCOL') ? \Input::server('SERVER_PROTOCOL') : 'HTTP/1.1';
         header($protocol . ' ' . $this->status . ' ' . static::$statuses[$this->status]);
         foreach ($this->headers as $name => $value) {
             is_string($name) and $value = "{$name}: {$value}";
             header($value, true);
         }
     }
 }
Beispiel #26
0
 public function practice_choose()
 {
     if (Input::server("REQUEST_METHOD") == "POST") {
         $url = 'http://docnpi.com/api/index.php?ident=' . Input::get('practice_npi_select') . '&is_ident=true&format=aha';
         $ch = curl_init();
         curl_setopt($ch, CURLOPT_URL, $url);
         curl_setopt($ch, CURLOPT_FAILONERROR, 1);
         curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
         curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
         curl_setopt($ch, CURLOPT_TIMEOUT, 15);
         $data1 = curl_exec($ch);
         curl_close($ch);
         $html = new Htmldom($data1);
         $practice = DB::table('practiceinfo')->where('practice_id', '=', '1')->first();
         $practicename = '';
         $address = '';
         $street_address1 = '';
         $city = '';
         $state = '';
         $zip = '';
         if (isset($html)) {
             $li = $html->find('li', 0);
             if (isset($li)) {
                 $nomatch = $li->innertext;
                 if ($nomatch != ' no matching results ') {
                     $name_item = $li->find('span[class=org]', 0);
                     $practicename = $name_item->innertext;
                     $address_item = $li->find('span[class=address]', 0);
                     $address = $address_item->innertext;
                 }
             }
         }
         if ($address != '') {
             $address_array = explode(',', $address);
             if (isset($address_array[0])) {
                 $street_address1 = trim($address_array[0]);
             }
             if (isset($address_array[1])) {
                 $zip = trim($address_array[1]);
             }
             if (isset($address_array[2])) {
                 $city = trim($address_array[2]);
             }
             if (isset($address_array[3])) {
                 $state = trim($address_array[3]);
             }
         }
         $practice_data = array('npi' => Input::get('practice_npi_select'), 'practice_name' => $practicename, 'street_address1' => $street_address1, 'city' => $city, 'state' => $state, 'zip' => $zip, 'documents_dir' => $practice->documents_dir, 'version' => $practice->version, 'active' => 'Y', 'fax_type' => '', 'vivacare' => '', 'patient_centric' => 'yp', 'smtp_user' => $practice->smtp_user, 'smtp_pass' => $practice->smtp_pass);
         $practice_id = DB::table('practiceinfo')->insertGetId($practice_data);
         $this->audit('Add');
         $data = array('username' => Session::get('username'), 'firstname' => Session::get('firstname'), 'middle' => Session::get('middle'), 'lastname' => Session::get('lastname'), 'displayname' => Session::get('displayname'), 'email' => Session::get('email'), 'group_id' => '2', 'active' => '1', 'practice_id' => $practice_id, 'uid' => Session::get('uid'), 'secret_question' => 'Use mdNOSH Gateway to reset your password!');
         $id = DB::table('users')->insertGetId($data);
         $this->audit('Add');
         $data1 = array('id' => $id, 'npi' => Session::get('npi'), 'practice_id' => $practice_id);
         DB::table('providers')->insert($data1);
         $this->audit('Add');
         $this->syncuser(Session::get('oidc_auth_access_token'));
         $user1 = User::where('id', '=', $id)->first();
         Auth::login($user1);
         $practice1 = Practiceinfo::find($user1->practice_id);
         Session::put('user_id', $user1->id);
         Session::put('group_id', $user1->group_id);
         Session::put('practice_id', $user1->practice_id);
         Session::put('version', $practice1->version);
         Session::put('practice_active', $practice1->active);
         Session::put('displayname', $user1->displayname);
         Session::put('documents_dir', $practice1->documents_dir);
         Session::put('rcopia', $practice1->rcopia_extension);
         Session::put('mtm_extension', $practice1->mtm_extension);
         Session::put('patient_centric', $practice1->patient_centric);
         setcookie("login_attempts", 0, time() + 900, '/');
         Session::forget('practice_npi_array');
         Session::forget('practice_choose');
         Session::forget('username');
         Session::forget('firstname');
         Session::forget('middle');
         Session::forget('lastname');
         Session::forget('email');
         Session::forget('npi');
         return Redirect::intended('/');
     } else {
         if (Session::has('practice_choose')) {
             if (Session::get('practice_choose') == 'y') {
                 $practice_npi_array1 = explode(',', Session::get('practice_npi_array'));
                 $form_select_array = array();
                 foreach ($practice_npi_array1 as $practice_npi_item1) {
                     $form_select_array[$practice_npi_item1] = $practice_npi_item1;
                 }
                 $arr['practice_npi_select'] = '<div class="pure-control-group">';
                 $arr['practice_npi_select'] .= '<label for="practice_npi_select">Practice NPI:</label>';
                 $arr['practice_npi_select'] .= Form::select('practice_npi_select', $form_select_array, null, array('id' => 'practice_npi_select', 'required', 'style' => 'width:300px', 'class' => 'text'));
                 $this->layout->style = $this->css_assets();
                 $this->layout->script = $this->js_assets('base');
                 $this->layout->script .= HTML::script('/js/practice_choose.js');
                 $this->layout->content = View::make('practice_choose', $arr);
             } else {
                 return Redirect::intended('/');
             }
         } else {
             return Redirect::intended('/');
         }
     }
 }
Beispiel #27
0
 /**
  * Generates a base url.
  *
  * @return string the base url
  */
 protected static function generate_base_url()
 {
     $base_url = '';
     if (\Input::server('http_host')) {
         $base_url .= \Input::protocol() . '://' . \Input::server('http_host');
     }
     if (\Input::server('script_name')) {
         $common = get_common_path(array(\Input::server('request_uri'), \Input::server('script_name')));
         $base_url .= $common;
     }
     // Add a slash if it is missing and return it
     return rtrim($base_url, '/') . '/';
 }
Beispiel #28
0
 /**
  * get the list of browser accepted charactersets
  *
  * @return	array
  */
 public static function charsets()
 {
     return explode(',', preg_replace('/(;q=.+)/i', '', strtolower(trim(\Input::server('http_accept_charset')))));
 }
Beispiel #29
0
 public function action()
 {
     $errors = new MessageBag();
     if ($old = Input::old("errors")) {
         $errors = $old;
     }
     $data = array("errors" => $errors);
     if (Input::server("REQUEST_METHOD") == "POST") {
         $default_practice = DB::table('practiceinfo')->where('practice_id', '=', '1')->first();
         if ($default_practice->patient_centric == 'y') {
             $validator_array = array("username" => "required", "password" => "required");
         } else {
             $validator_array = array("username" => "required", "password" => "required", "practice_id" => "required");
         }
         $validator = Validator::make(Input::all(), $validator_array);
         if ($validator->passes()) {
             $username = Input::get('username');
             $password = Input::get('password');
             if ($default_practice->patient_centric == 'y') {
                 $credentials = array("username" => $username, "password" => $password, "active" => '1');
                 $user = User::where('username', '=', $username)->where('active', '=', '1')->first();
             } else {
                 $practice_id = Input::get('practice_id');
                 $credentials = array("username" => $username, "password" => $password, "active" => '1', "practice_id" => $practice_id);
                 $user = User::where('username', '=', $username)->where('active', '=', '1')->where('practice_id', '=', $practice_id)->first();
             }
             if (Auth::attempt($credentials)) {
                 $practice = Practiceinfo::find($user->practice_id);
                 Session::put('user_id', $user->id);
                 Session::put('group_id', $user->group_id);
                 Session::put('practice_id', $user->practice_id);
                 Session::put('version', $practice->version);
                 Session::put('practice_active', $practice->active);
                 Session::put('displayname', $user->displayname);
                 Session::put('documents_dir', $practice->documents_dir);
                 Session::put('rcopia', $practice->rcopia_extension);
                 Session::put('mtm_extension', $practice->mtm_extension);
                 Session::put('patient_centric', $practice->patient_centric);
                 setcookie("login_attempts", 0, time() + 900, '/');
                 if ($practice->patient_centric == 'n') {
                     return Redirect::intended('mobile');
                 } else {
                     if ($user->group_id != '100' && $user->group_id != '1') {
                         $pid = DB::table('demographics')->first();
                         $this->setpatient($pid->pid);
                         return Redirect::intended('chart');
                     } else {
                         return Redirect::intended('mobile');
                     }
                 }
             }
         }
         $attempts = $_COOKIE['login_attempts'] + 1;
         setcookie("login_attempts", $attempts, time() + 900, '/');
         $data["errors"] = new MessageBag(array("password" => "Username and/or password invalid."));
         $data["username"] = Input::get("username");
         return Redirect::to("login_mobile")->withInput($data);
     } else {
         $practice1 = Practiceinfo::find(1);
         Session::put('version', $practice1->version);
         $practice_id = Session::get('practice_id');
         if ($practice_id == FALSE) {
             $data['practice_id'] = '1';
         } else {
             $data['practice_id'] = $practice_id;
         }
         $data['patient_centric'] = $practice1->patient_centric;
         $practices = Practiceinfo::all();
         $practices_array = array();
         if ($practices) {
             foreach ($practices as $practice_row) {
                 $practices_array[$practice_row->practice_id] = $practice_row->practice_name;
             }
         }
         $data['practices'] = Form::select('practice_id', $practices_array, null, array('id' => 'practice_id'));
         if (array_key_exists('login_attempts', $_COOKIE) && $_COOKIE['login_attempts'] >= 5) {
             $data['attempts'] = "You have reached the number of limits to login.  Wait 15 minutes then try again.";
             $this->layout->style = HTML::style('css/mobile.css');
             $this->layout->script = $this->js_assets('base', true);
             //$this->layout->script .= HTML::script('/js/login.js');
             $this->layout->content = View::make('mobile.login', $data);
         } else {
             if (!array_key_exists('login_attempts', $_COOKIE)) {
                 setcookie("login_attempts", 0, time() + 900, '/');
             }
             $this->layout->style = HTML::style('css/mobile.css');
             $this->layout->script = $this->js_assets('base', true);
             //$this->layout->script .= HTML::script('/js/login.js');
             $this->layout->content = View::make('mobile.login', $data);
         }
     }
 }
Beispiel #30
0
 protected function isPostRequest()
 {
     return Input::server("REQUEST_METHOD") == "POST";
 }