protected function _fixup_dir(\HTRouter\Request $request)
{
$utils = new \HTRouter\Utils();
// Check if it doesn't end on a slash?
$url = $request->getUri();
if (!empty($url) and $url[strlen($url) - 1] != '/') {
// We are fixing a directory and we aren't allowed to add a slash. No good.
if ($this->getConfig()->get("DirectorySlash") == false) {
return \HTRouter::STATUS_DECLINED;
}
// Add the extra slash to the URL
$url = parse_url($url);
$url['path'] .= "/";
$url = $utils->unparse_url($url);
// Redirect permanently new slashed url ( http://example.org/dir => http://example.org/dir/ )
$request->appendOutHeaders("Location", $url);
return \HTRouter::STATUS_HTTP_MOVED_PERMANENTLY;
}
// In case a subrequest throws an error
$error_notfound = false;
// We can safely check and match against our directory index now
$names = $this->getConfig()->get("DirectoryIndex");
$names[] = self::DEFAULT_DIRECTORY_INDEX_FILE;
// @TODO: Seriously wrong. This needs to be placed in config?
foreach ($names as $name) {
$url = $this->_updateUrl($request->getUri(), $name);
$subContainer = $this->_prepareContainerForSubRequest($url);
$processor = new \HTRouter\Processor($subContainer);
$status = $processor->processRequest();
$subrequest = $subContainer->getRequest();
$subrequest->setStatus($status);
if (is_file($subrequest->getDocumentRoot() . $subrequest->getFilename())) {
$this->_container->setRequest($subrequest);
return \HTRouter::STATUS_OK;
}
if ($subrequest->getStatus() >= 300 && $subrequest->getStatus() < 400) {
$this->_container->setRequest($subrequest);
return $subrequest->getStatus();
}
if ($subrequest->getStatus() != \HTRouter::STATUS_HTTP_NOT_FOUND && $subrequest->getStatus() != \HTRouter::STATUS_HTTP_OK) {
$error_notfound = $subrequest->getStatus();
}
}
// "error_notfound" is set? return error_notfound
if ($error_notfound) {
return $error_notfound;
}
// Nothing to be done. Proceed to next module
return \HTRouter::STATUS_DECLINED;
}
function findUriOnDisk(\HTRouter\Request $request, $url)
{
return $request->getUri();
}
/**
* Outputs an error message generated from the current request.
*
* @param HTRouter\Request $request
*/
protected function _print_error(\HTRouter\Request $request)
{
echo <<<EOH
<html>
<head>
<title>HTRouter error code: {$request->getStatus()} - {$request->getStatusLine()} </title>
</head>
<body>
<h1>{$request->getStatus()} - {$request->getStatusLine()}</h1>
<table>
<tr><td>Uri</td><td>:</td><td>{$request->getUri()}<td></tr>
<tr><td>DocRoot</td><td>:</td><td>{$request->getDocumentRoot()}<td></tr>
<tr><td>Filename</td><td>:</td><td>{$request->getFilename()}<td></tr>
</table>
</body>
</html>
EOH;
}
/**
* @param \HTRouter\Request $request
* @return array|int
*/
public function authenticateBasicUser(\HTRouter\Request $request)
{
/**
* @var $plugin \HTRouter\AuthModule
*/
$plugin = $this->_container->getConfig()->get("AuthType");
if (!$plugin || !$plugin instanceof \HTRouter\AuthModule || $plugin->getName() != "Basic") {
return \HTRouter::STATUS_DECLINED;
}
// Set our handler type
$request->setAuthType($this->getName());
// Check realm
if (!$this->getConfig()->get("AuthName")) {
$this->getLogger()->log(\HTRouter\Logger::ERRORLEVEL_ERROR, "need authname: " . $request->getUri());
return \HTRouter::STATUS_HTTP_INTERNAL_SERVER_ERROR;
}
$ret = $this->_getBasicAuth($request);
if (!is_array($ret)) {
$request->appendOutHeaders("WWW-Authenticate", "Basic realm=\"" . $this->getConfig()->get("AuthName") . "\"");
return $ret;
}
list($user, $pass) = $ret;
// By default, we are not found
$result = \HTRouter\AuthModule::AUTH_NOT_FOUND;
// Iterator through all the registered providers to
$providers = $this->getRouter()->getProviders(\HTRouter::PROVIDER_AUTHN_GROUP);
foreach ($providers as $provider) {
/**
* @var $provider \HTRouter\AuthnModule
*/
$result = $provider->checkPassword($request, $user, $pass);
if ($result != \HTRouter\AuthModule::AUTH_NOT_FOUND) {
// Found (either denied or granted), we don't need to check any more providers
break;
}
}
// Set the authenticated user inside the request
if ($result != \HTRouter\AuthModule::AUTH_GRANTED) {
if ($this->getConfig()->get("AuthzUserAuthoritative") && $result != \HTRouter\AuthModule::AUTH_DENIED) {
// Not authoritative so we decline and goto the next checker
return \HTRouter::STATUS_DECLINED;
}
switch ($result) {
case \HTRouter\AuthModule::AUTH_DENIED:
$retval = \HTRouter::STATUS_HTTP_UNAUTHORIZED;
break;
case \HTRouter\AuthModule::AUTH_NOT_FOUND:
$retval = \HTRouter::STATUS_HTTP_UNAUTHORIZED;
break;
default:
$retval = \HTRouter::STATUS_HTTP_INTERNAL_SERVER_ERROR;
break;
}
// If we need to send a 403, do it
if ($retval == \HTRouter::STATUS_HTTP_UNAUTHORIZED) {
$request->appendOutHeaders("WWW-Authenticate", "Basic realm=\"" . $this->getConfig()->get("AuthName") . "\"");
}
return $result;
}
return \HTRouter::STATUS_OK;
}
function fixUp(\HTRouter\Request $request)
{
if ($this->getConfig()->get("RewriteEngine") == false) {
return \HTRouter::STATUS_DECLINED;
}
// Temp save
$oldFilename = $request->getFilename();
if (!$request->getFilename()) {
$request->setFilename($request->getUri());
}
$ruleStatus = $this->_applyRewrites();
if ($ruleStatus) {
if ($ruleStatus == self::ACTION_STATUS) {
$n = $request->getStatus();
$request->setStatus(\HTROUTER::STATUS_HTTP_OK);
return $n;
}
if (($skip = $this->_is_absolute_url($request->getFilename())) > 0) {
if ($ruleStatus == self::ACTION_NOESCAPE) {
$request->setFilename(urlencode($request->getFilename(), $skip));
}
// Add query string if needed
if ($request->getArgs()) {
if ($ruleStatus == self::ACTION_NOESCAPE) {
$request->setFilename($request->getFilename() . "?" . $request->getQueryString());
} else {
$request->setFilename($request->getFilename() . "?" . urlencode($request->getQueryString()));
}
}
// Is this a redirect?
if ($request->getStatus() >= 300 && $request->getStatus() < 400) {
$n = $request->getStatus();
$request->setStatus(\HTRouter::STATUS_HTTP_OK);
} else {
// No redirect, but we need to redir anyway..
$n = \HTRouter::STATUS_HTTP_MOVED_TEMPORARILY;
}
// The filename is the URI to redirect.. strange, I know...
$request->appendOutHeaders("Location", $request->getFilename());
return $n;
} elseif (substr($request->getFilename(), 0, 12) == "passthrough:") {
// Starts with passthrough? Let's pass
$request->setUri(substr($request->getFilename(), 13));
return \HTRouter::STATUS_DECLINED;
} else {
// Local path
if ($oldFilename == $request->getFilename()) {
// Rewrite to the same name. Prevent deadlocks
return \HTRouter::STATUS_HTTP_OK;
}
}
} else {
$request->getFilename($oldFilename);
return \HTRouter::STATUS_DECLINED;
}
return \HTRouter::STATUS_DECLINED;
}
/**
* These functions should return true|false or something to make sure we can continue with our stuff?
*
* @param \HTRouter\Request $request
* @return bool
* @throws \LogicException
*/
public function checkAccess(\HTRouter\Request $request)
{
// The way we parse things depends on the "order"
switch ($this->getConfig()->get("AccessOrder")) {
case self::ALLOW_THEN_DENY:
$result = false;
if ($this->_findAllowDeny($this->getConfig()->get("AccessAllow"))) {
$result = \HTRouter::STATUS_OK;
}
if ($this->_findAllowDeny($this->getConfig()->get("AccessDeny"))) {
$result = \HTRouter::STATUS_HTTP_FORBIDDEN;
}
break;
case self::DENY_THEN_ALLOW:
$result = \HTRouter::STATUS_OK;
if ($this->_findAllowDeny($this->getConfig()->get("AccessDeny"))) {
$result = \HTRouter::STATUS_HTTP_FORBIDDEN;
}
if ($this->_findAllowDeny($this->getConfig()->get("AccessAllow"))) {
$result = \HTRouter::STATUS_OK;
}
break;
case self::MUTUAL_FAILURE:
if ($this->_findAllowDeny($this->getConfig()->get("AccessAllow")) and !$this->_findAllowDeny($this->getConfig()->get("AccessDeny"))) {
$result = \HTRouter::STATUS_OK;
} else {
$result = \HTRouter::STATUS_HTTP_FORBIDDEN;
}
break;
default:
throw new \LogicException("Unknown order");
break;
}
// Not ok. Now we need to check if "satisfy any" already got a satisfaction
if ($result == \HTRouter::STATUS_HTTP_FORBIDDEN && ($this->getConfig()->get("Satisfy") == "any" || count($this->getConfig()->get("Requires", array()) == 0))) {
// Check if there is at least one require line in the htaccess. If found, it means that
// we still have to possibility that we can be authorized
$this->getLogger()->log(\HTRouter\Logger::ERRORLEVEL_ERROR, "Access denied for " . $request->getFilename() . " / " . $request->getUri());
}
// Return what we need to return
return $result;
}
/**
* @static
* @param $string
* @param \HTRouter\Request $request
* @param array $ruleMatches
* @param array $condMatches
* @return mixed
* @throws \RuntimeException
*/
public static function expandSubstitutions($string, \HTRouter\Request $request, $ruleMatches = array(), $condMatches = array())
{
// Do backref matching on rewriterule ($1-$9)
preg_match_all('|\\$([1-9])|', $string, $matches);
foreach ($matches[1] as $index) {
if (!isset($ruleMatches[$index - 1])) {
throw new \RuntimeException("Want to match index {$index}, but nothing found in rule to match");
}
$string = str_replace("\${$index}", $ruleMatches[$index - 1], $string);
}
// Do backref matching on the last rewritecond (%1-%9)
preg_match_all('|\\%([1-9])|', $string, $matches);
foreach ($matches[1] as $index) {
if (!isset($condMatches[$index - 1])) {
throw new \RuntimeException("Want to match index {$index}, but nothing found in condition to match");
}
$string = str_replace("%{$index}", $condMatches[$index - 1], $string);
}
// Do variable substitution
$string = str_replace("%{HTTP_USER_AGENT}", $request->getServerVar("HTTP_USER_AGENT"), $string);
$string = str_replace("%{HTTP_REFERER}", $request->getServerVar("HTTP_REFERER"), $string);
$string = str_replace("%{HTTP_COOKIE}", $request->getServerVar("HTTP_COOKIE"), $string);
$string = str_replace("%{HTTP_FORWARDED}", $request->getServerVar("HTTP_FORWARDED"), $string);
$string = str_replace("%{HTTP_HOST}", $request->getServerVar("HTTP_HOST"), $string);
$string = str_replace("%{HTTP_PROXY_CONNECTION}", $request->getServerVar("HTTP_PROXY_CONNECTION"), $string);
$string = str_replace("%{HTTP_ACCEPT}", $request->getServerVar("HTTP_ACCEPT"), $string);
$string = str_replace("%{REMOTE_ADDR}", $request->getServerVar("REMOTE_ADDR"), $string);
$string = str_replace("%{REMOTE_HOST}", $request->getServerVar("REMOTE_HOST"), $string);
$string = str_replace("%{REMOTE_PORT}", $request->getServerVar("REMOTE_PORT"), $string);
$string = str_replace("%{REMOTE_USER}", $request->getAuthUser(), $string);
$string = str_replace("%{REMOTE_IDENT}", "", $string);
// We don't support identing!
$string = str_replace("%{REQUEST_METHOD}", $request->getMethod(), $string);
$string = str_replace("%{SCRIPT_FILENAME}", $request->getFilename(), $string);
$string = str_replace("%{PATH_INFO}", $request->getPathInfo(), $string);
$string = str_replace("%{QUERY_STRING}", $request->getQueryString(), $string);
if ($request->getAuthType()) {
$string = str_replace("%{AUTH_TYPE}", $request->getAuthType()->getName(), $string);
// Returns either Basic or Digest
} else {
$string = str_replace("%{AUTH_TYPE}", "", $string);
}
$string = str_replace("%{DOCUMENT_ROOT}", $request->getDocumentRoot(), $string);
$string = str_replace("%{SERVER_ADMIN}", $request->getServerVar("SERVER_ADMIN"), $string);
$string = str_replace("%{SERVER_NAME}", $request->getServerVar("SERVER_NAME"), $string);
$string = str_replace("%{SERVER_ADDR}", $request->getServerVar("SERVER_ADDR"), $string);
$string = str_replace("%{SERVER_PORT}", $request->getServerVar("SERVER_PORT"), $string);
$string = str_replace("%{SERVER_PROTOCOL}", $request->getServerVar("SERVER_PROTOCOL"), $string);
$router = \HTRouter::getInstance();
$string = str_replace("%{SERVER_SOFTWARE}", $router->getServerSoftware(), $string);
// Non-deterministic, but it won't change over the course of a request, even if the seconds have changed!
$string = str_replace("%{TIME_YEAR}", date("Y"), $string);
// 2011
$string = str_replace("%{TIME_MON}", date("m"), $string);
// 01-12
$string = str_replace("%{TIME_DAY}", date("d"), $string);
// 01-31
$string = str_replace("%{TIME_HOUR}", date("H"), $string);
// 00-23
$string = str_replace("%{TIME_MIN}", date("i"), $string);
// 00-59
$string = str_replace("%{TIME_SEC}", date("s"), $string);
// 00-59
$string = str_replace("%{TIME_WDAY}", date("w"), $string);
// 0-6 (sun-sat)
$string = str_replace("%{TIME}", date("YmdHis"), $string);
// %04d%02d%02d%02d%02d%02d
$string = str_replace("%{API_VERSION}", $router->getServerApi(), $string);
//$string = str_replace("%{THE_REQUEST}", $request->getTheRequest(), $string); // "GET /dir HTTP/1.1"
$string = str_replace("%{REQUEST_URI}", $request->getUri(), $string);
$string = str_replace("%{REQUEST_FILENAME}", $request->getServerVar("SCRIPT_FILENAME"), $string);
$string = str_replace("%{IS_SUBREQ}", $request->isSubRequest() ? "true" : "false", $string);
$string = str_replace("%{HTTPS}", $request->isHttps() ? "on" : "off", $string);
return $string;
}
public function translateName(\HTRouter\Request $request)
{
// Need an (absolute) url
$uri = $request->getUri();
if (empty($uri) || $uri[0] != '/') {
return \HTRouter::STATUS_DECLINED;
}
// check if name matches one of the redirects
foreach ($this->getConfig()->get("Redirects", array()) as $redirect) {
// @TODO: Check if this is OK?
$pos = strpos($request->getUri(), $redirect->urlpath);
if ($pos === 0) {
$url = $redirect->url . substr($request->getUri(), strlen($redirect->urlpath));
$qs = $request->getQueryString();
if (!empty($qs)) {
$url .= '?' . $qs;
}
$request->appendOutHeaders("Location", $url);
return $redirect->http_status;
}
}
return \HTRouter::STATUS_DECLINED;
}
function coreTranslateName(\HTRouter\Request $request)
{
$uri = $request->getUri();
if (empty($uri) || $uri[0] != '/' || $uri == "*") {
$this->getLogger()->log(\HTRouter\Logger::ERRORLEVEL_ERROR, "Invalid uri in request: " . $uri);
return \HTRouter::STATUS_HTTP_BAD_REQUEST;
}
$filename = $request->getUri();
$request->setFilename($filename);
// Remember, filename must be relative from documentroot!
return \HTRouter::STATUS_OK;
}
