public function write(string $data) : bool
{
$status = Cache::setRaw($this->mSessId, $data, time() + $this->mMaxLifeTime);
/*
* Allow cache to lift it's own locks
*/
Runtime::removeLock("cache");
return $status;
}
public function __construct()
{
$this->mUserId = Runtime::$SESSION->getInt("_im_userid", 0);
if ($this->mUserId < -1) {
throw new SecurityException("User id '" . $this->mUserId . "' is lower than allowed");
}
switch ($this->mUserId) {
case -1:
$rootPasswd = Runtime::$SETTINGS["AUTH_ROOT_PASSWD"];
if (!empty($rootPasswd)) {
$this->mUserName = "******";
break;
} else {
$this->mUserId = 0;
}
/*
* GoTo 'case 0'
*/
/*
* GoTo 'case 0'
*/
case 0:
$this->mUserName = "******";
/*
* Allows terminal to login using cli arguments.
* This is useful when running cron jobs that are group protected.
* CLI information has it's own container within Runtime and is not placed any where
* near input from the browser to avoid any form of outside bypassing.
*/
if (Runtime::$SYSTEM["REQUEST_CLIENT"] == "terminal" && Runtime::$SETTINGS->getBoolean("AUTH_ALLOW_CLI")) {
$password = Runtime::$CLI["passwd"];
$username = Runtime::$CLI["user"];
if ($password !== null || $username !== null) {
if (!$this->login($password, $username)) {
Runtime::quit(["Authorization Failed", "Usage: --passwd [password] --user [username]"], 1);
}
}
}
break;
default:
if (Database::isConnected()) {
$result = Database::select("users")->field("cName")->cond("cId", "i", $this->mUserId)->enquire();
if ($result !== null) {
if ($result->numRows() > 0) {
$row = $result->fetch();
if ($row !== null) {
$this->mUserName = $row[0];
}
}
$result->destroy();
}
}
}
}
/**
* Callback for preparing output
*
* Used to allow page classes to give a final touch
* on output before it is sent to the client.
*
* @ignore
*/
public function onPrepareOutput()
{
if (!Runtime::hasLock("router")) {
$controller = $this->getController();
if ($controller !== null) {
echo $controller->imOnPrepareOutput(ob_get_clean());
} else {
echo ob_get_clean();
}
} else {
Runtime::addLockCallback("router", [$this, "onPrepareOutput"]);
}
}
public function write(string $data) : bool
{
$status = false;
if (Database::isConnected()) {
$time = time();
if ($this->mUpdate) {
$status = Database::update("sessions")->field("cData", "s", $data)->field("cTime", "i", time())->cond("cSessId", "s", $this->mSessId)->execute() > 0;
} else {
$status = Database::insert("sessions")->field("cData", "s", $data)->field("cTime", "i", time())->field("cSessId", "s", $this->mSessId)->execute() > 0;
}
}
Runtime::removeLock("database");
return $status;
}
public static function onCreate()
{
/*
* Hook page directory into the IMPHP System variable
*/
Runtime::$SYSTEM["DIR_PAGE"] = Runtime::$SETTINGS->getString("DIR_PAGE_OVERWRITE", str_replace("\\", "/", __DIR__) . "/page");
/*
* Attach the special cookie collection to the Runtime cookie property
*/
Runtime::$COOKIE = new Cookies();
/*
* Attach the special session collection to the Runtime session property
*/
Runtime::$SESSION = new Session();
}
public static function getInstance()
{
if (static::$oResolver === null) {
$driver = Runtime::$SETTINGS->getString("ROUTER_DRIVER", "imphp");
switch ($driver) {
case "imphp":
static::$oResolver = new IMPHPResolver();
break;
default:
/*
* Let modules add namespace hooks for missing drivers
*/
$class = "driver\\Router\\" . $driver . "\\Resolver";
if (Runtime::loadClassFile($class)) {
static::$oResolver = (new ReflectionClass($class))->newInstance();
}
}
}
return static::$oResolver;
}
/**
* Create a new encrypter instance
*
* @api
* @see api\libraries\Crypt\Encrypter
*
* @param string $driver
* The encrypter driver to use
*
* @param string $cipher
* Cipher to use (needs to be supported by the driver)
*
* @param string $hash
* Hash to use
*
* @param string $mode
* Block mode to use (needs to be supported by the driver)
*
* @param string $twoStep
* Enable 2-step authentication (needs to be supported by the driver)
*
* @return Encrypter
* The new encrypter
*/
public static function newInstance(string $driver = null, string $cipher = null, string $hash = null, string $mode = null, bool $twoStep = true)
{
$encrypter = null;
if ($driver === null) {
$driver = "dummy";
}
switch ($driver) {
case "openssl":
$encrypter = new OpensslEncrypter($cipher, $hash, $mode, $twoStep);
break;
case "mcrypt":
$encrypter = new McryptEncrypter($cipher, $hash, $mode, $twoStep);
break;
case "dummy":
$encrypter = new DummyEncrypter($cipher, $hash, $mode, $twoStep);
break;
default:
/*
* Let modules add namespace hooks for missing drivers
*/
$class = "driver\\Crypt\\" . $driver . "\\Encrypter";
if (Runtime::loadClassFile($class)) {
$encrypter = (new ReflectionClass($class))->newInstance($cipher, $hash, $mode, $twoStep);
}
}
return $encrypter;
}
/**
* Create a new Connection instance
*
* @api
* @see api\libraries\Database\Connection
*
* @param string $protocol
* Connection protocol
*
* @return Connection|null
* The new Connection
*/
public static function newInstance(string $protocol)
{
$driver = substr($protocol, 0, strpos($protocol, ":"));
$connection = null;
switch ($driver) {
case "sqlite3":
$connection = new ConnectionSqlite3($protocol);
break;
case "mysqli":
$connection = new ConnectionMySqli($protocol);
break;
default:
/*
* Let modules add namespace hooks for missing drivers
*/
$class = "driver\\Database\\" . $driver . "\\Connection";
if (Runtime::loadClassFile($class)) {
$connection = (new ReflectionClass($class))->newInstance($protocol);
}
}
return $connection;
}
/** @ignore */
public function writeBack()
{
if (!Runtime::hasLock("session")) {
if ($this->mSessReady && !in_array(Runtime::$SYSTEM["REQUEST_CLIENT"], ["terminal", "crawler"])) {
$data = serialize($this->mData);
if (Runtime::$SETTINGS->getBoolean("SESSION_ENCRYPT_DATA")) {
$cryptKey = Runtime::$SETTINGS->getString("SECURITY_PASSWD");
if (!empty($cryptKey)) {
$data = Crypt::encrypt($data, $cryptKey, true);
}
}
$this->mSessHandler->write($data);
}
$this->mSessReady = false;
} else {
Runtime::addLockCallback("session", [$this, "writeBack"]);
}
}
public function request(string $request)
{
if ($this->mRequestLocked) {
$this->mPendingRequest = $request;
return;
}
$routes = Runtime::$SETTINGS->getArray("ROUTER");
$controller = null;
$request = rtrim($request, "/");
if (empty($request)) {
$request = "/";
}
/*
* Pages should be allowed to issue a special page defined in settings as ROUTER_[num].
* These however should not be available from te URI
*/
$special = preg_match("#^ROUTER_[0-9]+\$#", $request) && strcmp($request, Runtime::$SYSTEM->getString("URI_LOCATION", "/")) !== 0;
if ($routes !== null && !$special) {
$controller = $routes[$request] ?? null;
if (empty($controller)) {
foreach ($routes as $key => $value) {
$key = str_replace([":alpha:", ":all:", ":num:"], ["[A-Za-z0-9\\-_]+", ".+", "[0-9]+"], $key);
if (preg_match('#^' . $key . '$#', $request)) {
if (!empty($value)) {
if (substr($value, 0, 1) == ":") {
$value = substr($value, 1);
if (strpos($val, "\$") !== false) {
$value = preg_replace("#^" . $key . "\$#", $value, $request);
}
$this->request($value);
return;
} else {
$controller = $value;
}
break;
}
}
}
} elseif (substr($controller, 0, 1) == ":") {
$this->request(substr($controller, 1));
return;
}
} elseif ($special) {
$controller = Runtime::$SETTINGS->getString($request);
}
$request = trim($request, "/");
$controller = "page\\" . trim($controller, "\\");
if (!Runtime::loadClassFile($controller)) {
$controller = "page\\" . trim(Runtime::$SETTINGS->getString("ROUTER_404"), "\\");
if (!Runtime::loadClassFile($controller)) {
/*
* Do not parse output through any controller if one was selected previously
*/
$this->mController = null;
header(Runtime::$SERVER["SERVER_PROTOCOL"] . " 404 Not Found", 404, true);
Runtime::quit(["404 Not Found", "The requested file does not exist"], 1);
}
}
$this->mSegments = empty($request) ? [] : explode("/", $request);
$this->mRequest = "/" . $request;
/*
* Let's say we redirect from with a controller
*
* 1. Controller1::__construct invokes a new assignment to $this->mController by calling $this->request()
* However Controller1::__construct does not finish until $this->request() returns, so it stalls between
* property assignments.
*
* 2. Controller2::__construct does a lot of page loading
*
* 3. Controller1::__construct finishes it's construct and is now assigned to $this->mController, overwriting Controller2
*
* 4. Shutdown now executes, but uses Controller1 instead of Controller2
*
* We need to finish the first controller before starting a new.
* To do this, we add a pending feature.
*/
$this->mRequestLocked = true;
$this->mController = new $controller();
$this->mRequestLocked = false;
if ($this->mPendingRequest !== null) {
$pending = $this->mPendingRequest;
$this->mPendingRequest = null;
$this->request($pending);
}
}
public static function onDestroy()
{
if (!Runtime::$SETTINGS->getBoolean("FILE_IMPORT_DISABLE_AUTOINCLUDE")) {
$controller = Router::getController();
if ($controller !== null) {
foreach (static::$mImportedStyle as $style) {
$controller->imAddImport(Path::fileLink($style), "importStyle");
}
foreach (static::$mImportedScript as $script) {
$controller->imAddImport(Path::fileLink($script), "importScript");
}
}
Runtime::removeLock("router");
}
}
public static function newInstance(string $driver, $protocol)
{
$oStorage = null;
switch ($driver) {
case "file":
$oStorage = new FileStorage($protocol);
break;
case "memcached":
$oStorage = new MemStorage($protocol);
break;
case "database":
$oStorage = new DBStorage($protocol);
break;
default:
/*
* Let modules add namespace hooks for missing drivers
*/
$class = "driver\\Cache\\" . $driver . "\\Storage";
if (Runtime::loadClassFile($class)) {
$oStorage = (new ReflectionClass($class))->newInstance($protocol);
}
}
return $oStorage;
}
