public function beforeInvoke($allowed = array()) { foreach ($this->_registerAclModels as $model) { Model::register($model); } if (!in_array($this->getAction(), array_merge($this->_allowedActions, $allowed)) && $this->hasAccess() === false) { Log::_('ACL firewall hit', Log::CHANNEL_SECURITY, Log::LEVEL_INFORMATIONAL, implode(PHP_EOL, Ajde_Acl::$log)); Ajde::app()->getRequest()->set('message', __('You may not have the required permission to view this page')); Ajde::app()->getResponse()->dieOnCode(Response::RESPONSE_TYPE_UNAUTHORIZED); } else { return true; } }
/** * * @param string $url * @param bool|string $toFile * @param bool|array $header * @return string * @throws Exception */ public static function get($url, $toFile = false, $header = false) { $output = false; $debug = false; if ($debug) { Log::_('cURL URL', Log::CHANNEL_INFO, Log::LEVEL_INFORMATIONAL, $url); } try { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); // The URL to fetch. This can also be set when initializing a session with curl_init(). curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); // TRUE to return the transfer as a string of the return value of curl_exec() instead of outputting it out directly. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); // The number of seconds to wait while trying to connect. Use 0 to wait indefinitely. curl_setopt($ch, CURLOPT_TIMEOUT, 5); // The maximum number of seconds to allow cURL functions to execute. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36"); // The contents of the "User-Agent: " header to be used in a HTTP request. curl_setopt($ch, CURLOPT_ENCODING, ""); // The contents of the "Accept-Encoding: " header. This enables decoding of the response. Supported encodings are "identity", "deflate", and "gzip". If an empty string, "", is set, a header containing all supported encoding types is sent. curl_setopt($ch, CURLOPT_AUTOREFERER, true); // TRUE to automatically set the Referer: field in requests where it follows a Location: redirect. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // FALSE to stop cURL from verifying the peer's certificate. Alternate certificates to verify against can be specified with the CURLOPT_CAINFO option or a certificate directory can be specified with the CURLOPT_CAPATH option. CURLOPT_SSL_VERIFYHOST may also need to be TRUE or FALSE if CURLOPT_SSL_VERIFYPEER is disabled (it defaults to 2). curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_COOKIEFILE, ""); if ($toFile !== false) { // @TODO We need SAFE_MODE to be off if (ini_get('safe_mode')) { throw new AjdeException('SAFE_MODE must be off when downloading files'); } $fp = fopen($toFile, 'w+'); //This is the file where we save the information curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_MAXREDIRS, 20); // The maximum amount of HTTP redirections to follow. Use this option alongside CURLOPT_FOLLOWLOCATION. curl_setopt($ch, CURLOPT_TIMEOUT, 300); curl_setopt($ch, CURLOPT_FILE, $fp); // write curl response to file curl_setopt($ch, CURLINFO_HEADER_OUT, true); if ($header) { curl_setopt($ch, CURLOPT_HTTPHEADER, $header); } curl_exec($ch); fclose($fp); $output = true; $http_status = curl_getinfo($ch, CURLINFO_HTTP_CODE); if ($debug) { $verbose = curl_getinfo($ch); } if ($debug) { Log::_('cURL result', Log::CHANNEL_INFO, Log::LEVEL_INFORMATIONAL, var_export($verbose, true)); } curl_close($ch); if (substr($http_status, 0, 1 == '4')) { return false; } } else { // Not possible in SAFE_MODE // curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); // TRUE to follow any "Location: " header that the server sends as part of the HTTP header (note this is recursive, PHP will follow as many "Location: " headers that it is sent, unless CURLOPT_MAXREDIRS is set). // curl_setopt($ch, CURLOPT_HEADER, false); // TRUE to include the header in the output. // curl_setopt($ch, CURLOPT_MAXREDIRS, 10); // The maximum amount of HTTP redirections to follow. Use this option alongside CURLOPT_FOLLOWLOCATION. $output = self::_curl_exec_follow($ch, 10, false); if ($debug) { $verbose = curl_getinfo($ch); } if ($debug) { Log::_('cURL result', Log::CHANNEL_INFO, Log::LEVEL_INFORMATIONAL, var_export($verbose, true)); } curl_close($ch); } } catch (Exception $e) { throw $e; } return $output; }
private function validationErrorRedirect() { Log::_('ACL firewall hit', Log::CHANNEL_SECURITY, Log::LEVEL_INFORMATIONAL, implode(PHP_EOL, Ajde_Acl::$log)); Ajde::app()->getRequest()->set('message', __('You may not have the required permission to view this resource')); Ajde::app()->getResponse()->dieOnCode(Response::RESPONSE_TYPE_UNAUTHORIZED); }