public function set_session()
{
$this->sessions('abc', $this->in_vars('abc'));
if ($this->is_vars('redirect')) {
\org\rhaco\net\http\Header::redirect($this->in_vars('redirect'));
}
}
public function before_flow_action($req)
{
if ($req->is_post() && ($req->in_vars('csrftoken') == '' || $req->in_sessions('csrftoken') !== $req->in_vars('csrftoken'))) {
\org\rhaco\net\http\Header::send_status(403);
throw new \RuntimeException('CSRF verification failed');
}
$this->no = md5(rand(1000, 10000) . time());
$req->sessions('csrftoken', $this->no);
$req->vars('csrftoken', $this->no);
}
/**
* @module org.rhaco.flow.parts.RequestFlow
* @param org.rhaco.flow.parts.RequestFlow $flow
*/
public function before_login_required(\org\rhaco\flow\parts\RequestFlow $flow)
{
if (!$flow->is_login()) {
\org\rhaco\net\http\Header::send_status(401);
if (!\org\rhaco\Exceptions::has()) {
\org\rhaco\Exceptions::add(new \LogicException('Unauthorized'), 'do_login');
}
\org\rhaco\Exceptions::throw_over();
}
}
/**
* @module org.rhaco.Flow
* @param mixed $obj
*/
public function flow_exception_output($obj, \Exception $exception)
{
\org\rhaco\Log::disable_display();
\org\rhaco\net\http\Header::send('Content-Type', $this->mode == 'jsonp' ? 'text/javascript' : 'application/json');
$error = array('error' => array());
if ($exception instanceof \org\rhaco\Exceptions) {
foreach (\org\rhaco\Exceptions::gets() as $g => $e) {
$error['error'][] = array('message' => $e->getMessage(), 'group' => $g, 'type' => basename(str_replace("\\", '/', get_class($e))));
}
} else {
$error['error'][] = array('message' => $exception->getMessage(), 'group' => 'exceptions', 'type' => basename(str_replace("\\", '/', get_class($exception))));
}
$json = \org\rhaco\lang\Json::encode($error);
print $this->mode == 'jsonp' ? $this->varname . '(' . $json . ')' : $json;
}
private static function output_file_content($filename, $disposition)
{
if ($filename instanceof \org\rhaco\io\File) {
if (is_file($filename->fullname())) {
$filename = $filename->fullname();
} else {
\org\rhaco\net\http\Header::send('Last-Modified', gmdate('D, d M Y H:i:s') . ' GMT');
\org\rhaco\net\http\Header::send('Content-Type', $filename->mime() . '; name=' . $filename->name());
\org\rhaco\net\http\Header::send('Content-Disposition', $disposition . '; filename=' . $filename->name());
print $filename->value();
exit;
}
}
if (is_file($filename)) {
$update = @filemtime($filename);
if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && $update <= strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE'])) {
\org\rhaco\net\http\Header::send_status(304);
exit;
}
\org\rhaco\net\http\Header::send('Last-Modified', gmdate('D, d M Y H:i:s', $update) . ' GMT');
\org\rhaco\net\http\Header::send('Content-Type', self::mime($filename) . '; name=' . basename($filename));
\org\rhaco\net\http\Header::send('Content-Disposition', $disposition . '; filename=' . basename($filename));
if (isset($_SERVER['HTTP_RANGE']) && preg_match("/^bytes=(\\d+)\\-(\\d+)\$/", $_SERVER['HTTP_RANGE'], $range)) {
list($null, $offset, $end) = $range;
$length = $end - $offset + 1;
\org\rhaco\net\http\Header::send_status(206);
\org\rhaco\net\http\Header::send('Accept-Ranges', 'bytes');
\org\rhaco\net\http\Header::send('Content-length', sprint('%u', $length));
\org\rhaco\net\http\Header::send('Content-Range', sprintf('bytes %u-%u/%u', $offset, $end, filesize($filename)));
print file_get_contents($filename, null, null, $offset, $length);
exit;
} else {
\org\rhaco\net\http\Header::send('Content-length', sprintf('%u', filesize($filename)));
$fp = fopen($filename, 'rb');
while (!feof($fp)) {
echo fread($fp, 8192);
flush();
}
fclose($fp);
exit;
}
}
\org\rhaco\net\http\Header::send_status(404);
exit;
}
private function after_redirect($after, $pattern, $apps, $obj)
{
$vars = array();
foreach ($obj as $k => $v) {
$vars[$k] = $v;
}
if (isset($pattern['vars'])) {
foreach ($pattern['vars'] as $k => $v) {
$vars[$k] = $v;
}
}
if (is_array($after) && !isset($after[0])) {
$bool = false;
foreach ($after as $k => $a) {
if (array_key_exists($k, $vars)) {
$after = $a;
$bool = true;
break;
}
}
if (!$bool) {
return;
}
}
$name = is_string($after) ? $after : (is_array($after) ? array_shift($after) : null);
$var_names = !empty($after) && is_array($after) ? $after : array();
$args = array();
if (!empty($var_names)) {
foreach ($var_names as $n) {
if (!isset($vars[$n])) {
throw new \InvalidArgumentException('variable ' . $n . ' not found');
}
$args[$n] = $vars[$n];
}
}
if (isset($pattern['@'])) {
foreach ($apps as $u => $m) {
if (isset($m['@']) && $m['pkg_id'] == $pattern['pkg_id'] && $name == $m['method'] && sizeof($args) == $m['num']) {
$name = $m['name'];
break;
}
}
}
if (empty($name)) {
\org\rhaco\net\http\Header::redirect_referer();
}
$this->redirect($apps, $name, $args);
}
/**
* 利用不可とする
* マッピングに利用する
*/
public final function method_not_allowed()
{
\org\rhaco\net\http\Header::send_status(405);
throw new \LogicException('Method Not Allowed');
}
/**
* 503 service unavailable
*/
public function service_unavailable()
{
\org\rhaco\net\http\Header::send_status(503);
exit;
}