/**
* Load the basics of the current environment
*
* The purpose of this method is to consolidate all the various environment information into one
* array under a set of common names, thereby removing the tedium of figuring out which superglobal
* and key combination contain the requested information each time it is needed.
*
* @return void
*/
protected function _loadEnvironment()
{
$this->_environmentElement('ConfigWebRoot', Gdn::config('Garden.WebRoot'));
$this->_environmentElement('ConfigStripUrls', Gdn::config('Garden.StripWebRoot', false));
if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
$host = $_SERVER['HTTP_X_FORWARDED_HOST'];
} elseif (isset($_SERVER['HTTP_HOST'])) {
$host = $_SERVER['HTTP_HOST'];
} else {
$host = val('SERVER_NAME', $_SERVER);
}
// The host can have the port passed in, remove it here if it exists
$hostParts = explode(':', $host, 2);
$host = $hostParts[0];
$rawPort = null;
if (count($hostParts) > 1) {
$rawPort = $hostParts[1];
}
$this->requestHost($host);
$this->requestMethod(isset($_SERVER['REQUEST_METHOD']) ? val('REQUEST_METHOD', $_SERVER) : 'CONSOLE');
// Request IP
// Load balancers
if ($testIP = val('HTTP_X_CLUSTER_CLIENT_IP', $_SERVER)) {
$ip = $testIP;
} elseif ($testIP = val('HTTP_CLIENT_IP', $_SERVER)) {
$ip = $testIP;
} elseif ($testIP = val('HTTP_X_FORWARDED_FOR', $_SERVER)) {
$ip = $testIP;
} else {
$ip = val('REMOTE_ADDR', $_SERVER);
}
if (strpos($ip, ',') !== false) {
$matched = preg_match_all('/([\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3})(?:, )?/i', $ip, $matches);
// If we found matching IPs
if ($matched) {
$ips = $matches[1];
$ip = $ips[0];
// Fallback
} else {
$remoteAddr = val('REMOTE_ADDR', $_SERVER);
if (strpos($remoteAddr, ',') !== false) {
$remoteAddr = substr($remoteAddr, 0, strpos($remoteAddr, ','));
}
$ip = $remoteAddr;
}
}
$ip = forceIPv4($ip);
$this->requestAddress($ip);
// Request Scheme
$scheme = 'http';
// Webserver-originated SSL
if (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') {
$scheme = 'https';
}
// Loadbalancer-originated (and terminated) SSL
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https') {
$scheme = 'https';
}
// Varnish
$originalProto = val('HTTP_X_ORIGINALLY_FORWARDED_PROTO', $_SERVER, null);
if (!is_null($originalProto)) {
$scheme = $originalProto;
}
$this->requestScheme($scheme);
if (isset($_SERVER['SERVER_PORT'])) {
$port = $_SERVER['SERVER_PORT'];
} elseif ($rawPort) {
$port = $rawPort;
} else {
if ($scheme === 'https') {
$port = 443;
} else {
$port = 80;
}
}
$this->port($port);
if (is_array($_GET)) {
$get = false;
if ($get === false) {
$get =& $_GET;
}
if (!is_array($get)) {
$original = [];
parse_str($get, $original);
safeParseStr($get, $get, $original);
}
if (!empty($_SERVER['X_REWRITE']) || !empty($_SERVER['REDIRECT_X_REWRITE'])) {
$path = val('PATH_INFO', $_SERVER, '');
// Some hosts block PATH_INFO from being passed (or even manually set).
// We set X_PATH_INFO in the .htaccess as a fallback for those situations.
// If you work for one of those hosts, know that many beautiful kittens lost their lives for your sins.
if (!$path) {
if (!empty($_SERVER['X_PATH_INFO'])) {
$path = $_SERVER['X_PATH_INFO'];
} elseif (!empty($_SERVER['REDIRECT_X_PATH_INFO'])) {
$path = $_SERVER['REDIRECT_X_PATH_INFO'];
}
}
} elseif (isset($get['_p'])) {
$path = $get['_p'];
unset($_GET['_p']);
} elseif (isset($get['p'])) {
$path = $get['p'];
unset($_GET['p']);
} else {
$path = '';
}
$this->requestURI($path);
}
$possibleScriptNames = [];
if (isset($_SERVER['SCRIPT_NAME'])) {
$possibleScriptNames[] = $_SERVER['SCRIPT_NAME'];
}
if (isset($_ENV['SCRIPT_NAME'])) {
$possibleScriptNames[] = $_ENV['SCRIPT_NAME'];
}
if (PHP_SAPI === 'cgi' && isset($_ENV['SCRIPT_URL'])) {
$possibleScriptNames[] = $_ENV['SCRIPT_URL'];
}
if (isset($_SERVER['SCRIPT_FILENAME'])) {
$possibleScriptNames[] = $_SERVER['SCRIPT_FILENAME'];
}
if (isset($_SERVER['ORIG_SCRIPT_NAME'])) {
$possibleScriptNames[] = $_SERVER['ORIG_SCRIPT_NAME'];
}
$this->requestFolder('');
foreach ($possibleScriptNames as $scriptName) {
$script = basename($scriptName);
$this->requestScript($script);
$folder = substr($scriptName, 0, 0 - strlen($script));
if (isset($_SERVER['DOCUMENT_ROOT'])) {
$documentRoot = $_SERVER['DOCUMENT_ROOT'];
} else {
$absolutePath = str_replace("\\", "/", realpath($script));
$documentRoot = substr($absolutePath, 0, strpos($absolutePath, $scriptName));
}
if (!$documentRoot) {
continue;
}
$trimRoot = rtrim($documentRoot);
$realFolder = str_replace($trimRoot, '', $folder);
if (!empty($realFolder)) {
$this->requestFolder(ltrim($realFolder, '/'));
break;
}
}
}
/**
* Load the basics of the current environment
*
* The purpose of this method is to consolidate all the various environment information into one
* array under a set of common names, thereby removing the tedium of figuring out which superglobal
* and key combination contain the requested information each time it is needed.
*
* @return void
*/
protected function _loadEnvironment()
{
$this->_environmentElement('ConfigWebRoot', Gdn::config('Garden.WebRoot'));
$this->_environmentElement('ConfigStripUrls', Gdn::config('Garden.StripWebRoot', false));
if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
$Host = $_SERVER['HTTP_X_FORWARDED_HOST'];
} elseif (isset($_SERVER['HTTP_HOST'])) {
$Host = $_SERVER['HTTP_HOST'];
} else {
$Host = val('SERVER_NAME', $_SERVER);
}
// The host can have the port passed in, remove it here if it exists
$HostParts = explode(':', $Host, 2);
$Host = $HostParts[0];
$RawPort = null;
if (count($HostParts) > 1) {
$RawPort = $HostParts[1];
}
$this->requestHost($Host);
$this->requestMethod(isset($_SERVER['REQUEST_METHOD']) ? val('REQUEST_METHOD', $_SERVER) : 'CONSOLE');
// Request IP
// Loadbalancers
if ($TestIP = val('HTTP_X_CLUSTER_CLIENT_IP', $_SERVER)) {
$IP = $TestIP;
} elseif ($TestIP = val('HTTP_CLIENT_IP', $_SERVER)) {
$IP = $TestIP;
} elseif ($TestIP = val('HTTP_X_FORWARDED_FOR', $_SERVER)) {
$IP = $TestIP;
} else {
$IP = val('REMOTE_ADDR', $_SERVER);
}
if (strpos($IP, ',') !== false) {
$Matched = preg_match_all('/([\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3})(?:, )?/i', $IP, $Matches);
// If we found matching IPs
if ($Matched) {
$IPs = $Matches[1];
$IP = $IPs[0];
// Fallback
} else {
$remoteAddr = val('REMOTE_ADDR', $_SERVER);
if (strpos($remoteAddr, ',') !== false) {
$remoteAddr = substr($remoteAddr, 0, strpos($remoteAddr, ','));
}
$IP = $remoteAddr;
}
}
$IP = forceIPv4($IP);
$this->requestAddress($IP);
// Request Scheme
$Scheme = 'http';
// Webserver-originated SSL
if (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') {
$Scheme = 'https';
}
// Loadbalancer-originated (and terminated) SSL
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https') {
$Scheme = 'https';
}
// Varnish
$OriginalProto = val('HTTP_X_ORIGINALLY_FORWARDED_PROTO', $_SERVER, null);
if (!is_null($OriginalProto)) {
$Scheme = $OriginalProto;
}
$this->requestScheme($Scheme);
if (isset($_SERVER['SERVER_PORT'])) {
$Port = $_SERVER['SERVER_PORT'];
} elseif ($RawPort) {
$Port = $RawPort;
} else {
if ($Scheme === 'https') {
$Port = 443;
} else {
$Port = 80;
}
}
$this->port($Port);
if (is_array($_GET)) {
$Get = false;
if ($Get === false) {
$Get =& $_GET;
}
if (!is_array($Get)) {
$Original = array();
parse_str($Get, $Original);
safeParseStr($Get, $Get, $Original);
}
if (!empty($_SERVER['X_REWRITE'])) {
$Path = $_SERVER['PATH_INFO'];
} elseif (isset($Get['_p'])) {
$Path = $Get['_p'];
unset($_GET['_p']);
} elseif (isset($Get['p'])) {
$Path = $Get['p'];
unset($_GET['p']);
} else {
$Path = '';
}
$this->RequestURI($Path);
}
$PossibleScriptNames = array();
if (isset($_SERVER['SCRIPT_NAME'])) {
$PossibleScriptNames[] = $_SERVER['SCRIPT_NAME'];
}
if (isset($_ENV['SCRIPT_NAME'])) {
$PossibleScriptNames[] = $_ENV['SCRIPT_NAME'];
}
if (PHP_SAPI === 'cgi' && isset($_ENV['SCRIPT_URL'])) {
$PossibleScriptNames[] = $_ENV['SCRIPT_URL'];
}
if (isset($_SERVER['SCRIPT_FILENAME'])) {
$PossibleScriptNames[] = $_SERVER['SCRIPT_FILENAME'];
}
if (isset($_SERVER['ORIG_SCRIPT_NAME'])) {
$PossibleScriptNames[] = $_SERVER['ORIG_SCRIPT_NAME'];
}
$this->requestFolder('');
$TrimURI = trim($this->requestURI(), '/');
foreach ($PossibleScriptNames as $ScriptName) {
$Script = basename($ScriptName);
$this->requestScript($Script);
$Folder = substr($ScriptName, 0, 0 - strlen($Script));
$TrimFolder = trim($Folder, '/');
$TrimScript = trim($Script, '/');
if (isset($_SERVER['DOCUMENT_ROOT'])) {
$DocumentRoot = $_SERVER['DOCUMENT_ROOT'];
} else {
$AbsolutePath = str_replace("\\", "/", realpath($Script));
$DocumentRoot = substr($AbsolutePath, 0, strpos($AbsolutePath, $ScriptName));
}
if (!$DocumentRoot) {
continue;
}
$TrimRoot = rtrim($DocumentRoot);
$RealFolder = str_replace($TrimRoot, '', $Folder);
if (!empty($RealFolder)) {
$this->requestFolder(ltrim($RealFolder, '/'));
break;
}
}
}
/**
* Set fields that need additional manipulation after retrieval.
*
* @param array|object &$User
* @throws Exception
*/
public function setCalculatedFields(&$User)
{
if ($v = val('Attributes', $User)) {
if (is_string($v)) {
setValue('Attributes', $User, dbdecode($v));
}
}
if ($v = val('Permissions', $User)) {
if (is_string($v)) {
setValue('Permissions', $User, dbdecode($v));
}
}
if ($v = val('Preferences', $User)) {
if (is_string($v)) {
setValue('Preferences', $User, dbdecode($v));
}
}
if ($v = val('Photo', $User)) {
if (!isUrl($v)) {
$PhotoUrl = Gdn_Upload::url(changeBasename($v, 'n%s'));
} else {
$PhotoUrl = $v;
}
setValue('PhotoUrl', $User, $PhotoUrl);
}
if ($v = val('AllIPAddresses', $User)) {
if (is_string($v)) {
$IPAddresses = explode(',', $v);
foreach ($IPAddresses as $i => $IPAddress) {
$IPAddresses[$i] = forceIPv4($IPAddress);
}
setValue('AllIPAddresses', $User, $IPAddresses);
}
}
setValue('_CssClass', $User, '');
if (val('Banned', $User)) {
setValue('_CssClass', $User, 'Banned');
}
$this->EventArguments['User'] =& $User;
$this->fireEvent('SetCalculatedFields');
}