public static function getRemoteIp(Zend_Controller_Request_Abstract $request)
{
if (!self::$_remoteIp) {
self::$_remoteIp = $request->getServer('REMOTE_ADDR') ? $request->getServer('REMOTE_ADDR') : ($request->getEnv('REMOTE_ADDR') ? $request->getEnv('REMOTE_ADDR') : $request->getServer('HTTP_X_FORWARDED_FOR'));
}
return self::$_remoteIp;
}
public function postDispatch(Zend_Controller_Request_Abstract $request)
{
// if (Zend_Registry::isRegistered(Tomato_Core_GlobalKey::LOG_REQUEST)
// && Zend_Registry::get(Tomato_Core_GlobalKey::LOG_REQUEST) == false
// ) {
// return;
// }
$objRequestLog = new Model_RequestLog();
$uri = $request->getRequestUri();
$agent = $request->getServer('HTTP_USER_AGENT');
$browserInfo = self::_getBrowserInfo($agent);
$objRequestLog->insert(array('ip' => $request->getClientIp(), 'agent' => $agent, 'browser' => $browserInfo['browser'], 'version' => $browserInfo['version'], 'platform' => $browserInfo['platform'], 'bot' => self::_getBot($agent), 'uri' => $uri, 'full_url' => $request->getScheme() . '://' . $request->getHttpHost() . '/' . ltrim($uri, '/'), 'refer_url' => $request->getServer('HTTP_REFERER'), 'access_time' => date('Y-m-d H:i:s')));
// $log = new Tomato_Modules_Core_Model_RequestLog(
// array(
// 'ip' => $request->getClientIp(),
// 'agent' => $agent,
// 'browser' => $browserInfo['browser'],
// 'version' => $browserInfo['version'],
// 'platform' => $browserInfo['platform'],
// 'bot' => self::_getBot($agent),
// 'uri' => $uri,
// 'full_url' => $request->getScheme().'://'.$request->getHttpHost().'/'.ltrim($uri, '/'),
// 'refer_url' => $request->getServer('HTTP_REFERER'),
// 'access_time' => date('Y-m-d H:i:s'),
// )
// );
// $conn = Tomato_Core_Db_Connection::getMasterConnection();
// $gateway = new Tomato_Modules_Core_Model_RequestLogGateway();
// $gateway->setDbConnection($conn);
// $gateway->create($log);
}
/**
* routeShutdown
* 在 路由器 完成请求的路由后被调用
* @param Zend_Controller_Request_Abstract $request
* @return void
*/
public function routeShutdown(Zend_Controller_Request_Abstract $request)
{
/**
* 检测请求的Content-type类型
*/
$pathinfo = $request->getPathInfo();
if (!empty($pathinfo)) {
if ($extension = pathinfo($pathinfo, PATHINFO_EXTENSION)) {
if (preg_match('/^[-a-z0-9]+$/i', $extension)) {
$request->setParam(static::KEY_EXT, strtolower($extension));
}
}
}
/**
* 检测是否支持json响应
*/
if ($request->getParam(static::KEY_EXT) == '') {
$accept = $request->getServer('HTTP_ACCEPT');
if (!empty($accept)) {
if (strpos($accept, 'json') !== false) {
$request->setParam(static::KEY_EXT, 'json');
}
}
}
/**
* 格式化请求目标信息,不允许[-a-zA-Z0-9]以外的字符
*/
$pattern = '/[^-a-zA-Z0-9].*/';
$request->setModuleName(preg_replace($pattern, '', $request->getModuleName()));
$request->setControllerName(preg_replace($pattern, '', $request->getControllerName()));
$request->setActionName(preg_replace($pattern, '', $request->getActionName()));
}
public function preDispatch(AbstractRequest $request)
{
$acceptLanguage = $request->getServer('HTTP_ACCEPT_LANGUAGE');
if ($acceptLanguage) {
Locale::setDefault(Locale::acceptFromHttp($acceptLanguage));
}
}
/**
* Called before Zend_Controller_Front calls on the router to evaluate the
* request against the registered routes
*
* @param Zend_Controller_Request_Abstract $request
*/
public function routeStartup(Zend_Controller_Request_Abstract $request)
{
if ($request instanceof Zend_Controller_Request_Http) {
if ($request->isPost() || $request->isPut()) {
$post = $request->getPost();
if (empty($post) && empty($_FILES)) {
// Get maximum size and meassurement unit
$max = ini_get('post_max_size');
$unit = substr($max, -1);
if (!is_numeric($unit)) {
$max = substr($max, 0, -1);
}
// Convert to bytes
switch (strtoupper($unit)) {
case 'G':
$max *= 1024;
case 'M':
$max *= 1024;
case 'K':
$max *= 1024;
}
$length = $request->getServer('CONTENT_LENGTH');
if ($max < $length) {
if (!empty($this->_callback)) {
call_user_func($this->_callback, $request);
} else {
$e = new Zend_Controller_Exception('Maximum content length size (' . $max . ') exceeded', 1000);
$this->getResponse()->setException($e);
}
}
}
}
}
}
/**
* Check the request to see if it is secure. If it isn't
* rebuild a secure url, redirect and exit.
*
* @param Zend_Controller_Request_Abstract $request
* @return void
* @author Travis Boudreaux
*/
protected function _secureUrl(Zend_Controller_Request_Abstract $request)
{
$server = $request->getServer();
$hostname = $server['HTTP_HOST'];
if (!$request->isSecure()) {
//url scheme is not secure so we rebuild url with secureScheme
$url = Zend_Controller_Request_Http::SCHEME_HTTPS . "://" . $hostname . $request->getPathInfo();
$redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector');
$redirector->setGoToUrl($url);
$redirector->redirectAndExit();
}
}
/**
* Validate every call against CSRF if it's a POST call
* and there's an available token on the session.
* */
public function routeShutdown(Zend_Controller_Request_Abstract $request)
{
// Avoid error override! :S
if (count($this->getResponse()->getException())) {
return;
}
$auth = Zend_Auth::getInstance();
$identity = $auth->getIdentity();
$byPassMethods = array(App_Controller_Plugin_Auth::AUTH_TYPE_LOST_PASSWORD, App_Controller_Plugin_Auth::AUTH_TYPE_ASYNC, App_Controller_Plugin_Auth::AUTH_TYPE_EXTERNAL, App_Controller_Plugin_Auth::AUTH_TYPE_THIRD_PARTY);
$byPassModules = array('async', 'external', 'externalr12', 'thirdparty');
//Bypass some auth methods
if (in_array($request->module, $byPassModules) || $identity['authType'] && in_array($identity['authType'], $byPassMethods)) {
return;
}
$session = new Zend_Session_Namespace('csrf');
if (empty($session->token)) {
// Generate a new CSRF token and save it on the session
\App::log()->info("Session token empty, generating new CSRF token...");
$session->token = $this->_generateToken();
}
// Return the token on an HTTP header
$resp = $this->getResponse();
$resp->setHeader('X-CSRF-Token', $session->token);
// Don't do anything if it's a GET request
if ($request->isGet()) {
return;
}
$post = $request->getPost();
if (empty($post) && empty($_FILES)) {
$max = ini_get('post_max_size');
$length = $request->getServer('CONTENT_LENGTH');
if ($max < $length) {
return;
}
}
// Try to get the CSRF token from frontend
if (!($csrfToken = $this->_getFrontendToken($request))) {
$message = 'Possible CSRF attack: CSRF token not found on request';
$this->_throwError($request, $message);
return;
}
// Disable plugin for dev environment
if (App::config('csrf.disabled', false) && $csrfToken == 'dev') {
return true;
}
// If tokens don't match log a possible CSRF attack a throw an exception
if ($session->token != $csrfToken) {
$message = 'Possible CSRF attack: BE and FE tokens don\'t match';
$this->_throwError($request, $message);
return;
}
}
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
$aHostName = array('hansa-flex.pro', 'hansa-flex.su', 'hansa-flex.org', 'xn----7sbavhvfm6b0af.xn--p1ai');
if (in_array($request->getServer('HTTP_HOST'), $aHostName)) {
$layout = Zend_Layout::getMvcInstance();
$layout->setLayout('plug');
}
if ($request->getParam('fullPath')) {
$this->validatePath($request->getParam('fullPath'));
}
if ($request->getModuleName() === 'admin' || $request->getModuleName() === 'utils') {
$this->redirectAdmin();
}
}
public function routeShutdown(Zend_Controller_Request_Abstract $request)
{
// Avoid error override! :S
if (count($this->getResponse()->getException())) {
return;
}
if ($request instanceof Zend_Controller_Request_Http) {
if ($request->isPost() || $request->isPut()) {
$post = $request->getPost();
if (empty($post) && empty($_FILES)) {
// Get maximum size and meassurement unit
$max = ini_get('post_max_size');
$unit = substr($max, -1);
if (!is_numeric($unit)) {
$max = substr($max, 0, -1);
}
// Convert to bytes
switch (strtoupper($unit)) {
case 'G':
$max *= 1024;
case 'M':
$max *= 1024;
case 'K':
$max *= 1024;
}
$length = $request->getServer('CONTENT_LENGTH');
if ($max < $length) {
if (!empty($this->_callback)) {
call_user_func($this->_callback, $request);
} else {
$e = new \Application\Exceptions\InvalidArgumentException('Maximum content length size (' . $max . ') exceeded', ValidationCodes::SYSTEM_POST_SIZE_LIMIT_EXCEESED);
$this->getResponse()->setException($e);
}
}
}
}
}
}
/**
* Store the profile info
*
* @param Zend_Db_Adapter_Abstract $db
* @return void
*/
public function saveProfileInfo(Zend_Db_Adapter_Abstract $db = null, Zend_Controller_Request_Abstract $request)
{
if (($db instanceof Zend_Db_Adapter_Pdo_Mysql || $db instanceof Zend_Db_Adapter_Mysqli) && $this->_enabled) {
$values = array();
$values["ip"] = new Zend_Db_Expr('inet_aton("' . $request->getServer('REMOTE_ADDR', '') . '")');
$values["page"] = $request->getServer('REQUEST_URI', '');
$values["user_agent"] = $request->getServer('HTTP_USER_AGENT', '');
$values["referer"] = $request->getServer('HTTP_REFERER', '');
foreach ($this->_tableNames as $key => $value) {
$values[$value] = 0;
$values[$value . "_comment"] = "";
}
foreach ($this->_timerProfiles as $key => $tp) {
if ($tp->hasEnded()) {
$values[$this->_tableNames[$tp->getTimerType()]] += $tp->getElapsedSecs();
$values[$this->_tableNames[$tp->getTimerType()] . "_comment"] .= $tp->getTimerComment();
}
}
$dbname = "profiler";
$config = $db->getConfig();
if (isset($config["dbname"])) {
$dbname = strpos($config["dbname"], $dbname) !== false ? $config["dbname"] : $config["dbname"] . "_profiler";
}
$tableName = $dbname . ".profiler_log_" . date("Ymd");
try {
/**
* Catch table not exists error
* faster then checking if table exists
*/
$db->insert($tableName, $values);
} catch (Zend_Db_Statement_Mysqli_Exception $zdsmex) {
if (preg_match("/Mysqli prepare error: Table '(.*)' doesn't exist/", $zdsmex->getMessage())) {
$db->query("create table " . $tableName . " like " . $dbname . ".profiler_log_template");
$db->insert($tableName, $values);
} else {
throw $zdsmex;
}
} catch (Zend_Db_Statement_Exception $zdsex) {
if (preg_match("/SQLSTATE\\[42S02\\]: Base table or view not found: 1146 Table '(.*)' doesn't exist/", $zdsex->getMessage())) {
$db->query("create table " . $tableName . " like " . $dbname . ".profiler_log_template");
$db->insert($tableName, $values);
} else {
throw $zdsex;
}
} catch (Exception $ex) {
throw $ex;
}
}
}
/**
* Enter description here...
*
* @param Zend_Controller_Request_Abstract $request
*/
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
// ziskame instanci redirector helperu, ktery ma starosti presmerovani
$redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector');
$auth = Zend_Auth::getInstance();
// Stav o autentifikaci uzivatele (prihlaseni) se musi nekde udrzovat, vychozi zpusob je session
// u session lze nastavit namespace, vychozi je Zend_Auth
//$auth->setStorage(new Zend_Auth_Storage_Session('My_Auth'));
if ($request->getParam('logout')) {
// detekovano odhlaseni
$auth->clearIdentity();
// kvuli bezpecnosti provedeme presmerovani
$redirector->gotoSimpleAndExit($this->failedAction, $this->failedController);
}
if ($request->getPost('login')) {
$db = Zend_Db_Table::getDefaultAdapter();
// Vytvarime instance adapteru pro autentifikaci
// nastavime parametry podle naseho nazvu tabulky a sloupcu
// treatment obsahuje pripadne pouzitou hashovaci funkci pro heslo, napr. SHA1
$adapter = new Zend_Auth_Adapter_DbTable($db, $this->tableName, $this->identityColumn, $this->credentialColumn, $this->treatment);
$form = new LoginForm();
// validace se nezdari, napr. prazdny formular
if (!$form->isValid($request->getPost())) {
// FlashMessenger slouzi k uchovani zprav v session
$flash = Zend_Controller_Action_HelperBroker::getStaticHelper('FlashMessenger');
$flash->clearMessages();
$flash->setNamespace("error")->addMessage("Please fill the login form!");
$redirector->gotoSimpleAndExit($this->failedAction, $this->failedController, null, array('login-failed' => 1));
}
$username = $form->getValue($this->loginField);
$password = $form->getValue($this->passwordField);
// jmeno a heslo predame adapteru
$adapter->setIdentity($username);
$user = My_Model::get('Users')->fetchRow(array("username = ?" => $username));
if ($user == null) {
$redirector->gotoSimpleAndExit($this->failedAction, $this->failedController, null, array('login-failed' => 1));
}
$salt = $user->getSalt();
$adapter->setCredential($password . $salt);
// obecny proces autentifikace s libovolnym adapterem
$result = $auth->authenticate($adapter);
if ($auth->hasIdentity()) {
// Uzivatel byl uspesne overen a je prihlasen
$identity = $auth->getIdentity();
// identity obsahuje v nasem pripade ID uzivatele z databaze
// muzeme napr. ulozit IP adresu, cas posledniho prihlaseni atd.
$db->update($this->tableName, array('lognum' => new Zend_Db_Expr('lognum + 1'), 'ip' => $request->getServer('REMOTE_ADDR'), 'last_login' => new Zend_Db_Expr('NOW()'), 'browser' => $request->getServer('HTTP_USER_AGENT')), $this->identityColumn . " = '{$identity}'");
$flash = Zend_Controller_Action_HelperBroker::getStaticHelper('FlashMessenger');
$flash->clearMessages();
$flash->setNamespace("success")->addMessage("Success! You are logged in!");
// presmerujeme
$redirector->gotoSimpleAndExit($this->successAction, $this->successController);
} else {
// autentifikace byla neuspesna
// FlashMessenger slouzi k uchovani zprav v session
$flash = Zend_Controller_Action_HelperBroker::getStaticHelper('FlashMessenger');
$flash->clearMessages();
// vlozime do session rovnou chybove hlasky, ktere pak predame do view
foreach ($result->getMessages() as $msg) {
$flash->setNamespace("error")->addMessage("Login failed, please try again!");
}
/*
// nicmene muzeme je nastavit podle konkretniho chyboveho kodu
if ($result == Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID)
{
// neplatne heslo
}
else if ($result == Zend_Auth_Result::FAILURE_IDENTITY_AMBIGUOUS)
{
// nalezeno vice uzivatelskych identit
}
else if ($result == Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND)
{
// identita uzivatele nenalezena
}
*
*/
$redirector->gotoSimpleAndExit($this->failedAction, $this->failedController, null, array('login-failed' => 1));
}
}
}
