Beispiel #1
0
 /**
  * Get domain where Runalyze is running
  * @return string
  */
 public static function getDomain()
 {
     if (!isset($_SERVER['HTTP_HOST'])) {
         return '';
     }
     return Request::getProtocol() . '://' . $_SERVER['HTTP_HOST'];
 }
Beispiel #2
0
 /**
  * Perform request access validation based on security settings.
  * @param $requiresJournal boolean
  */
 function validate($requiresJournal = false)
 {
     if (Config::getVar('security', 'force_ssl') && Request::getProtocol() != 'https') {
         // Force SSL connections site-wide
         Request::redirectSSL();
     }
     $journal = Request::getJournal();
     if ($requiresJournal && $journal == null) {
         // Requested page is only allowed for journals
         Request::redirect(null, 'about');
     }
     $page = Request::getRequestedPage();
     if ($journal != null && !Validation::isLoggedIn() && !in_array($page, Handler::getLoginExemptions()) && $journal->getSetting('restrictSiteAccess')) {
         Request::redirect(null, 'login');
     }
 }
Beispiel #3
0
 /**
  * Change the locale for the current user.
  * @param $args array first parameter is the new locale
  */
 function setLocale($args)
 {
     $setLocale = isset($args[0]) ? $args[0] : null;
     $site =& Request::getSite();
     if (Locale::isLocaleValid($setLocale) && in_array($setLocale, $site->getSupportedLocales())) {
         $session =& Request::getSession();
         $session->setSessionVar('currentLocale', $setLocale);
     }
     if (isset($_SERVER['HTTP_REFERER'])) {
         Request::redirectUrl($_SERVER['HTTP_REFERER']);
     }
     $source = Request::getUserVar('source');
     if (isset($source) && !empty($source)) {
         Request::redirectUrl(Request::getProtocol() . '://' . Request::getServerHost() . $source, false);
     }
     Request::redirect(null, 'index');
 }
Beispiel #4
0
 /**
  * Validate a user's credentials and log the user in.
  */
 function signIn()
 {
     parent::validate();
     if (Validation::isLoggedIn()) {
         Request::redirect(null, 'user');
     }
     if (Config::getVar('security', 'force_login_ssl') && Request::getProtocol() != 'https') {
         // Force SSL connections for login
         Request::redirectSSL();
     }
     $user = Validation::login(Request::getUserVar('username'), Request::getUserVar('password'), $reason, Request::getUserVar('remember') == null ? false : true);
     if ($user !== false) {
         if (Config::getVar('security', 'force_login_ssl') && !Config::getVar('security', 'force_ssl')) {
             // Redirect back to HTTP if forcing SSL for login only
             Request::redirectNonSSL();
         } else {
             if ($user->getMustChangePassword()) {
                 // User must change their password in order to log in
                 Validation::logout();
                 Request::redirect(null, null, 'changePassword', $user->getUsername());
             } else {
                 $source = Request::getUserVar('source');
                 if (isset($source) && !empty($source)) {
                     Request::redirectUrl(Request::getProtocol() . '://' . Request::getServerHost() . $source, false);
                 } else {
                     Request::redirect(null, 'user');
                 }
             }
         }
     } else {
         $sessionManager =& SessionManager::getManager();
         $session =& $sessionManager->getUserSession();
         $templateMgr =& TemplateManager::getManager();
         $templateMgr->assign('username', Request::getUserVar('username'));
         $templateMgr->assign('remember', Request::getUserVar('remember'));
         $templateMgr->assign('source', Request::getUserVar('source'));
         $templateMgr->assign('showRemember', Config::getVar('general', 'session_lifetime') > 0);
         $templateMgr->assign('error', $reason === null ? 'user.login.loginError' : ($reason === '' ? 'user.login.accountDisabled' : 'user.login.accountDisabledWithReason'));
         $templateMgr->assign('reason', $reason);
         $templateMgr->display('user/login.tpl');
     }
 }
 function getContents(&$templateMgr)
 {
     if (!defined('SESSION_DISABLE_INIT')) {
         $session =& Request::getSession();
         $templateMgr->assign_by_ref('userSession', $session);
         $templateMgr->assign('loggedInUsername', $session->getSessionVar('username'));
         $loginUrl = Request::url(null, 'login', 'signIn');
         // if the page is not ssl enabled, and force_login_ssl is set, this flag will present a link instead of the form
         $forceSSL = false;
         if (Config::getVar('security', 'force_login_ssl')) {
             if (Request::getProtocol() != 'https') {
                 $loginUrl = Request::url(null, 'login');
                 $forceSSL = true;
             }
             $loginUrl = String::regexp_replace('/^http:/', 'https:', $loginUrl);
         }
         $templateMgr->assign('userBlockLoginSSL', $forceSSL);
         $templateMgr->assign('userBlockLoginUrl', $loginUrl);
     }
     return parent::getContents($templateMgr);
 }
Beispiel #6
0
 /**
  * Get the complete URL of the request.
  * @return string
  */
 function getRequestUrl()
 {
     static $requestUrl;
     if (!isset($requestUrl)) {
         $requestUrl = Request::getProtocol() . '://' . Request::getServerHost() . Request::getRequestPath();
         HookRegistry::call('Request::getRequestUrl', array(&$requestUrl));
     }
     return $requestUrl;
 }
 /**
  * Log a user out.
  */
 function signOut()
 {
     $this->validate();
     $this->setupTemplate();
     if (Validation::isLoggedIn()) {
         Validation::logout();
     }
     $source = Request::getUserVar('source');
     if (isset($source) && !empty($source)) {
         PKPRequest::redirectUrl(Request::getProtocol() . '://' . Request::getServerHost() . $source, false);
     } else {
         PKPRequest::redirect(null, Request::getRequestedPage());
     }
 }
Beispiel #8
0
                    die('User could not log in.');
                }
            } else {
                //*** Clear old audit logs.
                AuditLog::cleanLog();
                header("Location: " . Request::getURI("http"));
                exit;
            }
        }
    }
}
if (!$objLiveUser->isLoggedIn() && $intCatId != NAV_MYPUNCH_LOGIN && $intCatId != NAV_MYPUNCH_NOACCOUNT) {
    //*** Redirect to the login screen.
    if ($_CONF['app']['secureLogin']) {
        header("Location: " . Request::getURI("https") . "/?cid=" . NAV_MYPUNCH_LOGIN);
    } else {
        header("Location: " . Request::getURI("http") . "/?cid=" . NAV_MYPUNCH_LOGIN);
    }
    exit;
} else {
    if ($objLiveUser->isLoggedIn() && $objLiveUser->getProperty('account_id') != $_CONF['app']['account']->getId()) {
        //*** Users from other accounts are not allowed.
        $objLiveUser->logout();
        header("Location: " . Request::getURI());
        exit;
    } else {
        if ($objLiveUser->isLoggedIn() && Request::getProtocol() == "https") {
            header("Location: " . Request::getURI("http"));
        }
    }
}
 public function testGetProtocol()
 {
     $this->assertThat($this->object->getProtocol(), $this->equalTo('http'));
 }
Beispiel #10
0
 /**
  * Constructor
  */
 function PKPHandler()
 {
     $this->_checks = array();
     // enforce SSL sitewide
     $this->addCheck(new HandlerValidatorCustom($this, null, null, null, create_function('$forceSSL, $protocol', 'if ($forceSSL && $protocol != \'https\') Request::redirectSSL(); else return true;'), array(Config::getVar('security', 'force_ssl'), Request::getProtocol())));
 }
Beispiel #11
0
 /**
  * Match the HTTP protocol of the request.
  *
  * @return void
  */
 protected function ensureProtocolMatch()
 {
     if ($this->response->getProtocol() !== $this->request->getProtocol()) {
         $this->response->setProtocol($this->request->getProtocol());
     }
 }