/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (!$request->secure()) {
return Redirect::secure($request->path());
}
return $next($request);
}
public function getIndex()
{
if (Auth::guest() || Auth::user()->isAdmin == 0) {
return Redirect::secure('/');
}
// layouts variables
$this->layout->title = 'Админ панел | Нещо Шантаво';
$this->layout->canonical = 'https://neshto.shantavo.com/admin/';
$this->layout->robots = 'noindex,nofollow,noodp,noydir';
$users = count(User::all());
$admins = count(User::where('isAdmin', ">", 0)->get());
$categories = count(Category::all());
$albums = count(Album::all());
$votes = count(DB::table('votes')->get());
$pictures = count(Picture::all());
$pictureSize = 0;
foreach (Picture::all() as $p) {
$pictureSize += $p->size;
}
// get disqus stats
include app_path() . '/config/_disqus.php';
$disqus = new DisqusAPI(getDisqusKey());
$disqus->setSecure(false);
$comments = $disqus->posts->list(array('forum' => 'shantavo'));
// nesting the view into the layout
$this->layout->nest('content', 'admin.index', array('users' => $users, 'admins' => $admins, 'votes' => $votes, 'categories' => $categories, 'albums' => $albums, 'pictures' => $pictures, 'pictureSize' => $pictureSize, 'comments' => $comments));
}
public function postCreate()
{
if (Auth::guest()) {
return Redirect::secure('user/login');
}
// do not use layout for this
$this->layout = null;
// add to db
Input::get('isPrivate') == 1 ? $isPrivate = 1 : ($isPrivate = 0);
Album::insert(array('user_id' => Input::get('userId'), 'categories_id' => Input::get('category'), 'name' => strip_tags(Purifier::clean(Input::get('name'))), 'isPrivate' => $isPrivate));
// redirect to albums
return Redirect::secure('user/albums');
}
public function postCreate()
{
if (Auth::guest()) {
return Redirect::secure('user/login');
}
// do not use layout for this
$this->layout = null;
// check image size (must be < 10MB)
if (Input::file('image')->getSize() > 10000000) {
return Redirect::secure('picture/upload');
}
// check image type (must be (jpg, png, gif or jpeg))
if (Input::file('image')->getClientOriginalExtension() == "jpg" || Input::file('image')->getClientOriginalExtension() == "jpeg" || Input::file('image')->getClientOriginalExtension() == "png" || Input::file('image')->getClientOriginalExtension() == "gif") {
// add record to db
Input::get('isPrivate') == 1 ? $isPrivate = 1 : ($isPrivate = 0);
$id = Picture::insertGetId(array('user_id' => Input::get('userId'), 'album_id' => Input::get('albumId'), 'filename' => Input::file('image')->getClientOriginalName(), 'size' => Input::file('image')->getSize(), 'title' => strip_tags(Purifier::clean(Input::get('title'))), 'isPrivate' => $isPrivate));
// move to albums folder
$destinationPath = public_path() . "/files/" . Input::get('userId') . "/" . Input::get('albumId');
Input::file('image')->move($destinationPath, Input::file('image')->getClientOriginalName());
// redirect to uploaded picture
return Redirect::secure('picture/' . $id);
}
return Redirect::secure('picture/upload');
}
public function getAlbums()
{
if (Auth::guest()) {
return Redirect::secure('/');
}
// layouts variables
$this->layout->title = 'Албуми | Нещо Шантаво';
$this->layout->canonical = 'https://neshto.shantavo.com/user/albums';
$albums = Album::where('user_id', '=', Auth::user()->id)->get();
$categories = Category::all();
// nesting the view into the layout
$this->layout->nest('content', 'user.albums', array('albums' => $albums, 'categories' => $categories));
}
| Application & Route Filters
|--------------------------------------------------------------------------
|
| Below you will find the "before" and "after" events for the application
| which may be used to do any work before or after a request into your
| application. Here you may also register your custom route filters.
|
*/
App::before(function ($request) {
if (Auth::check()) {
$count = Session::get(SESSION_COUNTER, 0);
Session::put(SESSION_COUNTER, ++$count);
}
if (App::environment() == ENV_PRODUCTION) {
if (!Request::secure()) {
return Redirect::secure(Request::getRequestUri());
}
}
if (Input::has('lang')) {
$locale = Input::get('lang');
App::setLocale($locale);
Session::set(SESSION_LOCALE, $locale);
if (Auth::check()) {
if ($language = Language::whereLocale($locale)->first()) {
$account = Auth::user()->account;
$account->language_id = $language->id;
$account->save();
}
}
} else {
if (Auth::check()) {
| Language
|--------------------------------------------------------------------------
|
| Detect the browser language.
|
*/
Route::filter('detectLang', function ($route, $request, $lang = 'auto') {
if ($lang != "auto" && in_array($lang, Config::get('app.available_language'))) {
Config::set('app.locale', $lang);
} else {
$browser_lang = !empty($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? strtok(strip_tags($_SERVER['HTTP_ACCEPT_LANGUAGE']), ',') : '';
$browser_lang = substr($browser_lang, 0, 2);
$userLang = in_array($browser_lang, Config::get('app.available_language')) ? $browser_lang : Config::get('app.locale');
Config::set('app.locale', $userLang);
App::setLocale($userLang);
}
});
/**
* Enforce https.
*/
App::before(function ($request) {
$settings = Config::get('app');
if ($settings['app_environment'] == 'production') {
if (!Request::secure()) {
return Redirect::secure(Request::path());
}
}
});
App::error(function (\Illuminate\Session\TokenMismatchException $exception) {
return Redirect::route('login')->with('message', 'Your session has expired. Please try logging in again.');
});
/**
* Sign User out
*
* @return \Illuminate\Http\RedirectResponse
*/
public function signOut()
{
Session::flush();
return Redirect::secure('/');
}
public function getAbout()
{
return Redirect::secure('/');
}
$request = App::make('guzzle')->get('https://www.cloudflare.com/ips-v4');
return explode("\n", $request->getBody());
}));
} catch (Exception $e) {
Cache::forget('cloudflare.ips');
Log::error($e);
}
// If request is not secured and force secured connection is enabled
// then we need to redirect the user to a secure link.
if (!Request::secure() && Config::get('bfacp.site.ssl') && $_SERVER['REMOTE_ADDR'] != '127.0.0.1' && filter_var($_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE)) {
$path = Request::path();
if (strlen(Request::server('QUERY_STRING')) > 0) {
$path .= '?' . Request::server('QUERY_STRING');
}
$status = in_array(Request::getMethod(), ['POST', 'PUT', 'DELETE']) ? 307 : 302;
return Redirect::secure($path, $status);
}
// Check if only authorized users are allowed to access the site.
if (Config::get('bfacp.site.auth') && Auth::guest()) {
$path = explode('/', Request::path());
if (count($path) > 1) {
$route = $path[0] . '/' . $path[1];
} else {
$route = $path[0];
}
if (!in_array($route, ['login', 'register', 'user/confirm'])) {
return Redirect::route('user.login');
}
}
});
App::after(function ($request, $response) {
*/
App::error(function (Exception $exception, $code) {
Log::error($exception);
return Response::view('error', ['error' => 'A website error has occurred.
The website administrator has been notified of the issue.
Sorry for the temporary inconvenience.'], 500);
});
App::error(function (NoSessionToken $exception) {
// Log::error($exception);
return Redirect::secure('/');
});
App::error(function (\GuzzleHttp\Exception\ClientException $exception) {
Log::error($exception);
if ($exception->getCode() === 401) {
Session::flush();
return Redirect::secure('/');
}
return Response::view('error', ['error' => 'A website error has occurred.
The website administrator has been notified of the issue.
Sorry for the temporary inconvenience.'], 500);
});
App::missing(function ($exception) {
return Response::view('error', ['error' => '404 Not Found'], 404);
});
/*
|--------------------------------------------------------------------------
| Maintenance Mode Handler
|--------------------------------------------------------------------------
|
| The "down" Artisan command gives you the ability to put an application
| into maintenance mode. Here, you will define what is displayed back
