/**
* Sets the isEncrypted flag if HTTPS is on.
*
* @return void
*/
protected function processEncryption()
{
if ( eZSys::isSSLNow() )
$this->request->isEncrypted = true;
}
static function serverURL()
{
$host = eZSys::hostname();
$url = '';
if ($host) {
if (eZSys::isSSLNow()) {
// https case
$host = preg_replace('/:\\d+$/', '', $host);
$ini = eZINI::instance();
$sslPort = $ini->variable('SiteSettings', 'SSLPort');
$sslPortString = $sslPort == eZSSLZone::DEFAULT_SSL_PORT ? '' : ":{$sslPort}";
$url = "https://" . $host . $sslPortString;
} else {
$url = "http://" . $host;
}
}
return $url;
}
public function testIsSSLNow()
{
$ini = eZINI::instance();
self::assertFalse(eZSys::isSSLNow());
$_SERVER['HTTP_X_FORWARDED_PROTO'] = 'https';
self::assertTrue(eZSys::isSSLNow());
unset($_SERVER['HTTP_X_FORWARDED_PROTO']);
$_SERVER['HTTP_X_FORWARDED_PORT'] = $ini->variable('SiteSettings', 'SSLPort');
self::assertTrue(eZSys::isSSLNow());
unset($_SERVER['HTTP_X_FORWARDED_PORT']);
$_SERVER['HTTP_X_FORWARDED_SERVER'] = $ini->variable('SiteSettings', 'SSLProxyServerName');
self::assertTrue(eZSys::isSSLNow());
unset($_SERVER['HTTP_X_FORWARDED_SERVER']);
}
/**
* \static
* \param $inSSL The desired access mode.
*
* Change access mode (HTTP/HTTPS):
* - If previous mode was HHTP but $inSSL is true, we switch to SSL.
* - If previous mode was SSL but $inSSL is false, we switch to HTTP.
* - Otherwise no mode change is occured.
*
* Mode change is done by redirect to the same URL, but with changed
* protocol (http/https) and TCP port.
*
* In case of mode change this method does not return (exit() is called).
*/
static function switchIfNeeded($inSSL)
{
// if it's undefined whether we should redirect we do nothing
if (!isset($inSSL)) {
return;
}
// $nowSSl is true if current access mode is HTTPS.
$nowSSL = eZSys::isSSLNow();
$requestURI = eZSys::requestURI();
$indexDir = eZSys::indexDir(false);
// If there are any $_GET parameters, those should be passed into the new URI
$getString = eZSys::queryString();
$sslZoneRedirectionURL = false;
if ($nowSSL && !$inSSL) {
// switch to plain HTTP
$ini = eZINI::instance();
$host = $ini->variable('SiteSettings', 'SiteURL');
$port = parse_url("http://{$host}", PHP_URL_PORT);
$host = eZSys::serverVariable('HTTP_HOST');
$host = preg_replace('/:\\d+$/', '', $host);
if ($port && $port != 80) {
$host .= ":{$port}";
}
$sslZoneRedirectionURL = "http://" . $host . $indexDir . $requestURI . $getString;
} elseif (!$nowSSL && $inSSL) {
// switch to HTTPS
$host = eZSys::serverVariable('HTTP_HOST');
$host = preg_replace('/:\\d+$/', '', $host);
$ini = eZINI::instance();
$sslPort = $ini->variable('SiteSettings', 'SSLPort');
$sslPortString = $sslPort == eZSSLZone::DEFAULT_SSL_PORT ? '' : ":{$sslPort}";
$sslZoneRedirectionURL = "https://" . $host . $sslPortString . $indexDir . $requestURI . $getString;
}
if ($sslZoneRedirectionURL) {
eZDebugSetting::writeDebug('kernel-ssl-zone', "redirecting to [{$sslZoneRedirectionURL}]");
eZHTTPTool::redirect($sslZoneRedirectionURL, array(), false, false);
eZExecution::cleanExit();
}
}
/**
* Merges a collection of files togheter and returns array of paths to the files.
* js /css content is returned as string if packlevel is 0 and you use a js/ css generator.
* $fileArray can also be array of array of files, like array( 'file.js', 'file2.js', array( 'file5.js' ) )
* The name of the cached file is a md5 hash consistant of the file paths
* of the valid files in $file_array and the packlevel.
* The whole argument is used instead of file path on js/ css generators in the cache hash.
*
* @param array|string $fileArray Either array of file paths, or string with file path
* @param string $subPath In witch sub path of design folder to look for files.
* @param string $fileExtension File extension name (for use on cache file)
* @param int $packLevel Level of packing, values: 0-3
* @param bool $indexDirInCacheHash To add index path in cache hash or not
* @param string $filePostName Extra file name part, example "_screen" in case of medai use for css
*
* @return array List of css files
*/
static function packFiles($fileArray, $subPath = '', $fileExtension = '.js', $packLevel = 2, $indexDirInCacheHash = false, $filePostName = '')
{
if (!$fileArray) {
return array();
} else {
if (!is_array($fileArray)) {
$fileArray = array($fileArray);
}
}
$ezjscINI = eZINI::instance('ezjscore.ini');
$bases = eZTemplateDesignResource::allDesignBases();
$customHosts = $ezjscINI->variable('Packer', 'CustomHosts');
$data = array('http' => array(), 'www' => array(), 'locale' => array(), 'cache_name' => '', 'cache_hash' => '', 'cache_path' => '', 'last_modified' => 0, 'file_extension' => $fileExtension, 'file_post_name' => $filePostName, 'pack_level' => $packLevel, 'sub_path' => $subPath, 'cache_dir' => self::getCacheDir(), 'www_dir' => self::getWwwDir(), 'index_dir' => self::getIndexDir(), 'custom_host' => isset($customHosts[$fileExtension]) ? $customHosts[$fileExtension] : '');
// Only pack files if Packer is enabled and if not set DevelopmentMode is disabled
if ($ezjscINI->hasVariable('eZJSCore', 'Packer')) {
$packerIniValue = $ezjscINI->variable('eZJSCore', 'Packer');
if ($packerIniValue === 'disabled') {
$data['pack_level'] = 0;
} else {
if (is_numeric($packerIniValue)) {
$data['pack_level'] = (int) $packerIniValue;
}
}
} else {
if (eZINI::instance()->variable('TemplateSettings', 'DevelopmentMode') === 'enabled') {
$data['pack_level'] = 0;
}
}
// Needed for image includes to work on ezp installs with mixed access methods (virtualhost + url based setup)
if ($indexDirInCacheHash) {
$data['cache_name'] = $data['index_dir'];
}
$originalFileArray = $fileArray;
while (!empty($fileArray)) {
$file = array_shift($fileArray);
// if $file is array, concat it to the file array and continue
if ($file && is_array($file)) {
$fileArray = array_merge($file, $fileArray);
continue;
} else {
if (!$file) {
continue;
} else {
if (strpos($file, '::') !== false) {
$server = self::serverCallHelper(explode('::', $file));
if (!$server instanceof ezjscServerRouter) {
continue;
}
$fileTime = $server->getCacheTime($data);
// Generate content straight away if packing is disabled
if ($data['pack_level'] === 0) {
$data['www'][] = $server->call($fileArray);
} else {
if ($fileTime === -1) {
$data['http'][] = $server->call($fileArray);
} else {
$data['locale'][] = $server;
$data['cache_name'] .= $file . '_';
}
}
$data['last_modified'] = max($data['last_modified'], $fileTime);
continue;
} else {
if (strpos($file, 'http://') === 0 || strpos($file, 'https://') === 0) {
$data['http'][] = $file;
continue;
} else {
if (strpos($file, '://') === 0) {
if (!isset($protocol)) {
$protocol = eZSys::isSSLNow() ? 'https' : 'http';
}
$data['http'][] = $protocol . $file;
continue;
} else {
if (strpos($file, 'var/') === 0) {
if (substr($file, 0, 2) === '//' || preg_match("#^[a-zA-Z0-9]+:#", $file)) {
$file = '/';
} else {
if (strlen($file) > 0 && $file[0] !== '/') {
$file = '/' . $file;
}
}
eZURI::transformURI($file, true, 'relative');
// Get file time and continue if it return false
$file = str_replace('//' . $data['www_dir'], '', '//' . $file);
$fileTime = file_exists($file) ? filemtime($file) : false;
$wwwFile = $data['www_dir'] . $file;
} else {
// Allow path to be outside subpath if it starts with '/'
if ($file[0] === '/') {
$file = ltrim($file, '/');
} else {
$file = $subPath . $file;
}
$triedFiles = array();
$match = eZTemplateDesignResource::fileMatch($bases, '', $file, $triedFiles);
if ($match === false) {
eZDebug::writeWarning("Could not find: {$file}", __METHOD__);
continue;
}
$file = htmlspecialchars($match['path']);
$fileTime = file_exists($file) ? filemtime($file) : false;
$wwwFile = $data['www_dir'] . $file;
}
}
}
}
}
}
if ($fileTime === false) {
eZDebug::writeWarning("Could not get modified time of file: {$file}", __METHOD__);
continue;
}
// Calculate last modified time and store in arrays
$data['last_modified'] = max($data['last_modified'], $fileTime);
$data['locale'][] = $file;
$data['www'][] = $wwwFile;
$data['cache_name'] .= $file . '_';
}
if ($data['pack_level'] === 0) {
self::$log[] = $data;
// if packing is disabled, return the valid paths / content we have generated
return array_merge($data['http'], $data['www']);
} else {
if (empty($data['locale']) && !empty($data['http'])) {
self::$log[] = $data;
// return if there are only external scripts and no local files to cache
return array_merge($data['http'], $data['www']);
} else {
if (empty($data['locale'])) {
eZDebug::writeWarning("Could not find any files: " . var_export($originalFileArray, true), __METHOD__);
return array();
}
}
}
// See if cahe file exists and if it has expired (only if time is not part of name)
if ($ezjscINI->variable('Packer', 'AppendLastModifiedTime') === 'enabled') {
$data['cache_hash'] = md5($data['cache_name'] . $data['pack_level']) . '_' . $data['last_modified'] . $data['file_post_name'] . $data['file_extension'];
$data['cache_path'] = $data['cache_dir'] . $subPath . $data['cache_hash'];
$clusterFileHandler = eZClusterFileHandler::instance($data['cache_path']);
if ($clusterFileHandler->fileExists($data['cache_path'])) {
$data['http'][] = $data['custom_host'] . $data['www_dir'] . $data['cache_path'];
self::$log[] = $data;
return $data['http'];
}
} else {
$data['cache_hash'] = md5($data['cache_name'] . $data['pack_level']) . $data['file_post_name'] . $data['file_extension'];
$data['cache_path'] = $data['cache_dir'] . $subPath . $data['cache_hash'];
$clusterFileHandler = eZClusterFileHandler::instance($data['cache_path']);
// Check last modified time and return path to cache file if valid
if ($clusterFileHandler->fileExists($data['cache_path']) && $data['last_modified'] <= $clusterFileHandler->mtime($data['cache_path'])) {
$data['http'][] = $data['custom_host'] . $data['www_dir'] . $data['cache_path'];
self::$log[] = $data;
return $data['http'];
}
}
// Merge file content and create new cache file
$content = '';
$isCSS = $data['file_extension'] === '.css';
foreach ($data['locale'] as $i => $file) {
// if this is a js / css generator, call to get content
if ($file instanceof ezjscServerRouter) {
$content .= $file->call($data['locale']);
continue;
} else {
if (!$file) {
continue;
}
}
// else, get content of normal file
$fileContent = file_get_contents($file);
if (!trim($fileContent)) {
$content .= "/* empty: {$file} */\r\n";
continue;
}
if ($isCSS) {
// We need to fix relative background image paths if this is a css file
$fileContent = ezjscPacker::fixImgPaths($fileContent, $file);
// Remove @charset if this is not the first file (some browsers will ignore css after a second occurance of this)
if ($i) {
$fileContent = preg_replace('/^@charset[^;]+;/i', '', $fileContent);
}
}
$content .= "/* start: {$file} */\r\n";
$content .= $fileContent;
$content .= "\r\n/* end: {$file} */\r\n\r\n";
}
// Pack all files to save bandwidth
if ($data['pack_level'] > 1) {
foreach ($ezjscINI->variable('eZJSCore', $isCSS ? 'CssOptimizer' : 'JavaScriptOptimizer') as $optimizer) {
$content = call_user_func(array($optimizer, 'optimize'), $content, $data['pack_level']);
}
}
// Save cache file and return path
$clusterFileHandler->fileStoreContents($data['cache_path'], $content, 'ezjscore', $isCSS ? 'text/css' : 'text/javascript');
$data['http'][] = $data['custom_host'] . $data['www_dir'] . $data['cache_path'];
self::$log[] = $data;
return $data['http'];
}
static function createRedirectUrl($path, $parameters = array())
{
$parameters = array_merge(array('host' => false, 'protocol' => false, 'port' => false, 'username' => false, 'password' => false, 'override_host' => false, 'override_protocol' => false, 'override_port' => false, 'override_username' => false, 'override_password' => false, 'pre_url' => true), $parameters);
$host = $parameters['host'];
$protocol = $parameters['protocol'];
$port = $parameters['port'];
$username = $parameters['username'];
$password = $parameters['password'];
if (preg_match('#^([a-zA-Z0-9]+):(.+)$#', $path, $matches)) {
if ($matches[1]) {
$protocol = $matches[1];
}
$path = $matches[2];
}
if (preg_match('#^//((([a-zA-Z0-9_.]+)(:([a-zA-Z0-9_.]+))?)@)?([^./:]+(\\.[^./:]+)*)(:([0-9]+))?(.*)$#', $path, $matches)) {
if ($matches[6]) {
$host = $matches[6];
}
if ($matches[3]) {
$username = $matches[3];
}
if ($matches[5]) {
$password = $matches[5];
}
if ($matches[9]) {
$port = $matches[9];
}
$path = $matches[10];
}
if ($parameters['pre_url']) {
if (strlen($path) > 0 and $path[0] != '/') {
$preURL = eZSys::serverVariable('SCRIPT_URL');
if (strlen($preURL) > 0 and $preURL[strlen($preURL) - 1] != '/') {
$preURL .= '/';
}
$path = $preURL . $path;
}
}
if ($parameters['override_host']) {
$host = $parameters['override_host'];
}
if ($parameters['override_port']) {
$port = $parameters['override_port'];
}
if (!is_string($host)) {
$host = eZSys::hostname();
}
if (!is_string($protocol)) {
$protocol = eZSys::serverProtocol();
// Default to https if SSL is enabled
if (eZSys::isSSLNow()) {
$port = false;
}
}
if ($parameters['override_protocol']) {
$protocol = $parameters['override_protocol'];
}
$uri = $protocol . '://';
if ($parameters['override_username']) {
$username = $parameters['override_username'];
}
if ($parameters['override_password']) {
$password = $parameters['override_password'];
}
if ($username) {
$uri .= $username;
if ($password) {
$uri .= ':' . $password;
}
$uri .= '@';
}
$uri .= $host;
if ($port) {
$uri .= ':' . $port;
}
$uri .= $path;
return $uri;
}
/**
* \static
* \param $inSSL The desired access mode.
*
* Change access mode (HTTP/HTTPS):
* - If previous mode was HHTP but $inSSL is true, we switch to SSL.
* - If previous mode was SSL but $inSSL is false, we switch to HTTP.
* - Otherwise no mode change is occured.
*
* Mode change is done by redirect to the same URL, but with changed
* protocol (http/https) and TCP port.
*
* In case of mode change this method does not return (exit() is called).
*/
static function switchIfNeeded( $inSSL )
{
// if it's undefined whether we should redirect we do nothing
if ( !isset( $inSSL ) )
return;
// $nowSSl is true if current access mode is HTTPS.
$nowSSL = eZSys::isSSLNow();
$requestURI = eZSys::requestURI();
$indexDir = eZSys::indexDir( false );
$sslZoneRedirectionURL = false;
if ( $nowSSL && !$inSSL )
{
// switch to plain HTTP
$ini = eZINI::instance();
$host = $ini->variable( 'SiteSettings', 'SiteURL' );
$sslZoneRedirectionURL = "http://" . $host . $indexDir . $requestURI;
}
elseif ( !$nowSSL && $inSSL )
{
// switch to HTTPS
$host = eZSys::serverVariable( 'HTTP_HOST' );
$host = preg_replace( '/:\d+$/', '', $host );
$ini = eZINI::instance();
$sslPort = $ini->variable( 'SiteSettings', 'SSLPort' );
$sslPortString = ( $sslPort == eZSSLZone::DEFAULT_SSL_PORT ) ? '' : ":$sslPort";
$sslZoneRedirectionURL = "https://" . $host . $sslPortString . $indexDir . $requestURI;
}
if ( $sslZoneRedirectionURL ) // if a redirection URL is found
{
eZDebugSetting::writeDebug( 'kernel-ssl-zone', "redirecting to [$sslZoneRedirectionURL]" );
eZHTTPTool::redirect( $sslZoneRedirectionURL, array(), false, false );
eZExecution::cleanExit();
}
}
public static function serverShardingURL( $href )
{
$siteINI = eZINI::instance( 'site.ini' );
if ( $siteINI->variable( 'SiteSettings', 'UrlSharding' ) == 'enabled' )
{
if ( eZSys::isSSLNow() && $siteINI->variable( 'SiteSettings', 'UrlShardingSSL' ) != 'enabled' )
{
// If SSL and Sharding disabled for SSL : use relative path :
return '';
}
$shardingList = $siteINI->variable( 'SiteSettings', 'UrlShardingList' );
if ( ! empty( $shardingList ) )
{
$shardingKey = fmod( hexdec( substr( sha1( $href ), 0, 7 ) ), count( $shardingList ) );
$sys = eZSys::instance();
return $sys->serverProtocol().'://'.$shardingList[$shardingKey];
}
}
// use relative path as fallback :
return '';
}
