/**
* Redirects the user to the requested page under the specified
* security context (https or http).
*
* If the current context matches the requested context, then processing will
* continue as normal.
*
* @param bool $ssl
* A boolean indicating whether to switch to https or http.
*/
public static function ssl($ssl = true)
{
if (!is_bool($ssl)) {
throw new InvalidArgumentException('Invalid argument passed to go::ssl(). Must be a boolean value.');
}
if (is::ssl() == $ssl) {
return;
}
go::url(get::url($ssl));
}
/**
* Attempts to construct the full URL for the given file.
*
* Files that match a url (begin with http, ftp, or https followed by
* ://) will be returned as is.
* Files that appear to be a url (start with www.) will have the
* current scheme prepended to them.
*
* All others will be checked to see if the file exists relative to
* the document root, and the current URL directory (request came from
* http://www.mysite.com/path/two/otherfile.php then it would check
* both relative to http://www.mysite.com/path/two/ and http://www.mysite.com/.
* If the file exists and is within the document root (can't have anyone
* accessing system files using ../../ patterns) it will return the url
* to the file.
*
* If it cannot match as a URL or a valid file, it returns the passed
* file exactly as it is.
*
* Example:
* Called from - http://www.mysite.com/path/file.php
* File exists - http://www.mysite.com/css/layout.css
* File exists - /var/systemfile (/var/www being the document root)
* $file -> $return
* css/layout.css -> http://www.mysite.com/css/layout.css
* ../css/layout.css -> http://www.mysite.com/css/layout.css
* http://www.othersite.com/file.pdf -> http://www.othersite.com/file.pdf
* www.otheriste.com/file.pdf -> http://www.othersite.com/file.pdf
* ../../systemfile -> systemfile (would result it broken link)
* css/notthere.css -> css/notthere.css
*
* @param string $file
* The file to create the URL for.
*
* @return string
* The full URL of the file specified or the filename as given.
* If outside the server document root, the filename only.
*/
public static function cache_file_url($file)
{
if (preg_match('/^(http|ftp|https):\\/\\//', $file)) {
return $file;
}
if (strlen($file) > 4 && strtolower(substr($file, 0, 4)) == 'www.') {
return 'http' . (is::ssl() ? 's' : '') . '://' . $file;
}
$docroot = strtr($_SERVER['DOCUMENT_ROOT'], '\\', '/');
$self = strtr($_SERVER['PHP_SELF'], '\\', '/');
if (substr($docroot, -1) != '/') {
$docroot .= '/';
}
if (substr($self, 0, 1) == '/') {
$self = substr($self, 1);
}
$base_dir = get::dirname($docroot . $self);
if (substr($base_dir, -1) != '/') {
$base_dir .= '/';
}
if (strlen($file) > strlen($docroot) && strtolower(substr($file, 0, strlen($docroot))) == strtolower($docroot)) {
$file = substr($file, strlen($docroot));
}
//try relative (from basename of URL file, and server docroot)
if (file_exists($base_dir . $file) || file_exists($docroot . $file)) {
$path = get::realpath(file_exists($base_dir . $file) ? $base_dir . $file : $docroot . $file);
if ($path !== false && strtolower(substr($path, 0, strlen($docroot))) == strtolower($docroot)) {
//file is within the website
$self_url = self::url();
if ($self_url == null) {
define('DEBUG_URL', true);
$self_url = self::url();
log::debug($self_url);
define('URL_DEBUGGED', true);
}
$current = parse_url($self_url);
$temp = '';
if (isset($current['user']) && isset($current['pass'])) {
$temp .= sprintf('%s:%s@', $current['user'], $current['pass']);
}
$temp .= $current['host'];
if (isset($current['port'])) {
$temp .= ':' . $current['port'];
}
return $current['scheme'] . '://' . str_replace('//', '/', $temp . '/' . substr($path, strlen($docroot)));
} else {
//file is outside of the website - hacking attempt
return basename($file);
}
}
return $file;
}
/**
* Starts the application.
*
* @return void
*/
public static function run()
{
self::$starttime = microtime(true);
error_reporting(config::ERROR_LEVEL);
if (isset(config::$session_cookie_domain)) {
ini_set('session.cookie_domain', config::$session_cookie_domain);
}
if (class_exists('formHelper')) {
formHelper::fixArrays();
}
if (class_exists('csrfHelper')) {
injector::register(array('csrfHelper', 'injector'));
}
if (is::ssl() && isset(config::$https_domain) && !isset(config::$http_domain)) {
if (is::existset($_GET, 'r_domain')) {
config::$http_domain = get::fulldomain($_GET['r_domain']);
} else {
config::$http_domain = get::fulldomain('www');
}
}
session_start();
if (config::$isolated_subdomains) {
// find the domain
$domain = isset(config::$http_domain) ? config::$http_domain : get::fulldomain();
// kill any subdomain sessions that have been transfered to another subdomain
$existing = array_keys($_SESSION);
foreach ($existing as $d) {
if (!is_array($_SESSION[$d])) {
continue;
}
if (array_key_exists('kill_munla_session', $_SESSION[$d]) && $_SESSION[$d]['kill_munla_session']) {
unset($_SESSION[$d]);
}
}
// initialize and setup the session for this subdomain
if (!array_key_exists($domain, $_SESSION)) {
$_SESSION[$domain] = array();
}
munla::$session =& $_SESSION[$domain];
} else {
munla::$session =& $_SESSION;
}
if (class_exists('singleUseArray')) {
if (!is::existset(munla::$session, 'MUNLA_SINGLE_USE')) {
munla::$singleUse = new singleUseArray();
} else {
munla::$singleUse = unserialize(munla::$session['MUNLA_SINGLE_USE']);
}
}
$route = get::route();
if (is_array($route) && $route['controller'] == 'csrf' && $route['action'] == 'keepalive' && class_exists('csrfHelper') && is::existset($route, 'params') && count($route['params']) > 0) {
if (isset($_POST['token'])) {
echo csrfHelper::keepAlive($route['params'][0], $_POST['token']);
}
exit;
}
if (class_exists('user') && is_subclass_of('user', 'userBase')) {
if (!is::existset(munla::$session, 'MUNLA_USER')) {
munla::$session['MUNLA_USER'] = new userWrapper(new user());
}
}
injector::start();
if (class_exists('app') && is_callable(array('app', 'setup'))) {
app::setup();
}
if (!isset(munla::$user) && is::existset(munla::$session, 'MUNLA_USER')) {
munla::$user =& munla::$session['MUNLA_USER'];
}
if (!is::ajax()) {
$submittedForm = formHelper::process();
if (isset($submittedForm)) {
formHelper::process($submittedForm);
}
}
if (class_exists('app') && is_callable(array('app', 'start'))) {
$route = app::start($route);
}
if ($route === null) {
$route = array('controller' => 'index', 'action' => 'index', 'params' => null);
}
$controller = get::controller($route['controller']);
if (!isset($controller) && $route['controller'] != 'index') {
//push action to params, controller to action, and set controller to index and try again.
if ($route['action'] != 'index') {
if (!isset($route['params'])) {
$route['params'] = array();
}
array_unshift($route['params'], $route['action']);
}
$route['action'] = $route['controller'];
$route['controller'] = 'index';
$controller = get::controller('index');
}
$view = null;
if (isset($controller)) {
$action = $controller->getAction(array($route['action'], $route['params']));
if (isset($action)) {
try {
$viewParams = call_user_func_array(array($controller, $action['action']), $action['params']);
//various things could happen here...
if (!isset($viewParams)) {
$viewParams = array();
} elseif (!is_array($viewParams)) {
$viewParams = array($viewParams);
}
$view = get::view($route, $controller, $viewParams);
} catch (SSLException $e) {
go::ssl(!is::ssl());
} catch (PermissionException $e) {
munla::$nohistory = true;
if (isset(munla::$user) && !munla::$user->is_logged_in() && munla::$user->getLoginView()) {
$view = munla::$user->getLoginView();
} else {
$view = get::view('errors/generic', 'default', array('error_msg' => $e->getMessage()));
}
} catch (Exception $e) {
munla::$nohistory = true;
$view = get::view('errors/generic', 'default', array('error_msg' => $e->getMessage()));
}
} else {
$view = get::view($route, $controller);
}
} else {
$view = get::view($route);
}
if ($view != null) {
$view->render();
} else {
throw new Exception('View not found!');
}
if (class_exists('app', false)) {
munla::$nohistory = app::finish(munla::$nohistory);
}
if (munla::$nohistory === false) {
munla::$session['lastpage'] = get::url();
}
if (isset(munla::$singleUse)) {
munla::$session['MUNLA_SINGLE_USE'] = serialize(munla::$singleUse);
}
}
/**
* Checks the access permission for the given method name. Checks SSL context, and user permission.
*
* @param string $name The method the check.
*
* @throws SSLException|PermissionException when access permission is invalid.
*
* @return void
*/
public function check_permission($name)
{
//first ignore some functions for some classes
if (is_subclass_of($this->internal, 'controller') && $name == 'getAction') {
return;
}
//check SSL access
$ssl = $this->internal->getSSL();
if (isset($ssl)) {
if (is_bool($ssl) && $ssl != is::ssl() || is_array($ssl) && array_key_exists($name, $ssl) && is_bool($ssl[$name]) && $ssl[$name] != is::ssl()) {
throw new SSLException(sprintf('Invalid context to run "%s" on %s. Must be %sssl.', $name, get_class($this->internal), $ssl ? '' : 'non-'));
}
}
//check permission access
$access = $this->internal->getAccess();
if (is_array($access) && array_key_exists($name, $access) && isset($access[$name])) {
$ret = munla::$user->hasPermission($access[$name]);
if (is_string($ret)) {
throw new PermissionException($ret);
} elseif ($ret === false) {
throw new PermissionException(sprintf('Invalid permissions to run "%s" on %s.', $name, get_class($this->internal)));
}
}
}
