public function beforeroute()
{
$f3 = \Base::instance();
// params checking
if (!$this->security->checkParams()) {
die('Bad Parameter!');
}
if (!$this->security->isPublicRoute() && !$f3->get('SESSION.user')) {
// Not a public page and user is not logged in
die('Nicht authentifiziert!');
}
if ($this->security->isRaidleaderRoute() && !$f3->get('SESSION.user.raidleader')) {
// A raidlead-page and user is not a raidleader
die('Nicht erlaubt!');
}
}
public function beforeroute()
{
$f3 = \Base::instance();
// params checking
if (!$this->security->checkParams()) {
// Bad Parameter - possible hacking attempt
$f3->set('SESSION.errormsg', 'Bad Parameter!');
$f3->reroute('/');
}
// access control
// public routes
if (!$this->security->isPublicRoute() && !$f3->get('SESSION.user')) {
// Not a public route and user is not logged in
$f3->set('SESSION.errormsg', 'Nicht authentifiziert!');
$f3->reroute('/auth/reroute?url=' . urlencode($f3->get('PATH')));
}
// raidleader routes
if ($this->security->isRaidleaderRoute() && !$f3->get('SESSION.user.raidleader')) {
// A raidlead-page and user is not a raidleader
$f3->set('SESSION.errormsg', 'Nicht erlaubt!');
$f3->reroute('/raid/list');
}
}
