public function beforeInvoke($allowed = array())
{
foreach ($this->_registerAclModels as $model) {
Model::register($model);
}
if (!in_array($this->getAction(), array_merge($this->_allowedActions, $allowed)) && $this->hasAccess() === false) {
Log::_('ACL firewall hit', Log::CHANNEL_SECURITY, Log::LEVEL_INFORMATIONAL, implode(PHP_EOL, Ajde_Acl::$log));
Ajde::app()->getRequest()->set('message', __('You may not have the required permission to view this page'));
Ajde::app()->getResponse()->dieOnCode(Response::RESPONSE_TYPE_UNAUTHORIZED);
} else {
return true;
}
}
/**
*
* @param string $url
* @param bool|string $toFile
* @param bool|array $header
* @return string
* @throws Exception
*/
public static function get($url, $toFile = false, $header = false)
{
$output = false;
$debug = false;
if ($debug) {
Log::_('cURL URL', Log::CHANNEL_INFO, Log::LEVEL_INFORMATIONAL, $url);
}
try {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
// The URL to fetch. This can also be set when initializing a session with curl_init().
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// TRUE to return the transfer as a string of the return value of curl_exec() instead of outputting it out directly.
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
// The number of seconds to wait while trying to connect. Use 0 to wait indefinitely.
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
// The maximum number of seconds to allow cURL functions to execute.
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36");
// The contents of the "User-Agent: " header to be used in a HTTP request.
curl_setopt($ch, CURLOPT_ENCODING, "");
// The contents of the "Accept-Encoding: " header. This enables decoding of the response. Supported encodings are "identity", "deflate", and "gzip". If an empty string, "", is set, a header containing all supported encoding types is sent.
curl_setopt($ch, CURLOPT_AUTOREFERER, true);
// TRUE to automatically set the Referer: field in requests where it follows a Location: redirect.
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
// FALSE to stop cURL from verifying the peer's certificate. Alternate certificates to verify against can be specified with the CURLOPT_CAINFO option or a certificate directory can be specified with the CURLOPT_CAPATH option. CURLOPT_SSL_VERIFYHOST may also need to be TRUE or FALSE if CURLOPT_SSL_VERIFYPEER is disabled (it defaults to 2).
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_COOKIEFILE, "");
if ($toFile !== false) {
// @TODO We need SAFE_MODE to be off
if (ini_get('safe_mode')) {
throw new AjdeException('SAFE_MODE must be off when downloading files');
}
$fp = fopen($toFile, 'w+');
//This is the file where we save the information
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_MAXREDIRS, 20);
// The maximum amount of HTTP redirections to follow. Use this option alongside CURLOPT_FOLLOWLOCATION.
curl_setopt($ch, CURLOPT_TIMEOUT, 300);
curl_setopt($ch, CURLOPT_FILE, $fp);
// write curl response to file
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
if ($header) {
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
}
curl_exec($ch);
fclose($fp);
$output = true;
$http_status = curl_getinfo($ch, CURLINFO_HTTP_CODE);
if ($debug) {
$verbose = curl_getinfo($ch);
}
if ($debug) {
Log::_('cURL result', Log::CHANNEL_INFO, Log::LEVEL_INFORMATIONAL, var_export($verbose, true));
}
curl_close($ch);
if (substr($http_status, 0, 1 == '4')) {
return false;
}
} else {
// Not possible in SAFE_MODE
// curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); // TRUE to follow any "Location: " header that the server sends as part of the HTTP header (note this is recursive, PHP will follow as many "Location: " headers that it is sent, unless CURLOPT_MAXREDIRS is set).
// curl_setopt($ch, CURLOPT_HEADER, false); // TRUE to include the header in the output.
// curl_setopt($ch, CURLOPT_MAXREDIRS, 10); // The maximum amount of HTTP redirections to follow. Use this option alongside CURLOPT_FOLLOWLOCATION.
$output = self::_curl_exec_follow($ch, 10, false);
if ($debug) {
$verbose = curl_getinfo($ch);
}
if ($debug) {
Log::_('cURL result', Log::CHANNEL_INFO, Log::LEVEL_INFORMATIONAL, var_export($verbose, true));
}
curl_close($ch);
}
} catch (Exception $e) {
throw $e;
}
return $output;
}
private function validationErrorRedirect()
{
Log::_('ACL firewall hit', Log::CHANNEL_SECURITY, Log::LEVEL_INFORMATIONAL, implode(PHP_EOL, Ajde_Acl::$log));
Ajde::app()->getRequest()->set('message', __('You may not have the required permission to view this resource'));
Ajde::app()->getResponse()->dieOnCode(Response::RESPONSE_TYPE_UNAUTHORIZED);
}
