/** * Checks if the request is authenticated, otherwise prompts to do that. * Either sends some headers and exits, or returns true. * * But to be safe, always exit if this doesn't return true. * * @return bool If the authentication succeded (should only return true) */ public static function validAuthentication() { try { $message = "You have to log in to enter edit mode."; if (isset($_SERVER['PHP_AUTH_USER'])) { //echo "<p>Hello {}.</p>"; //echo "<p>You entered {} as your password.</p>"; //TODO: save auth? $user = $_SERVER['PHP_AUTH_USER']; $pw = $_SERVER['PHP_AUTH_PW']; $hash = GeneralSettings::get()->passwordHash; if ($user != "editor") { $message = "Wrong username."; } else { if (password_verify($pw, $hash)) { return true; } } } header('WWW-Authenticate: Basic realm="SaLiC edit mode"'); header('HTTP/1.0 401 Unauthorized'); echo $message . "<br>"; echo "<a href='javascript:window.location.reload()'>Retry</a><br>"; echo "<a href='/'>Go to the homepage</a><br>"; exit; } catch (\Exception $e) { echo "Excpetion while performing authentication:<br>"; echo $e->getMessage() . "<br><br><pre>" . $e->getTraceAsString() . "</pre>"; exit; } }
protected function doRenderPage($templatefile, $vars) { $vars['debug_mode'] = GeneralSettings::get()->debugMode; $vars['baseurl'] = $this->baseUrl; $vars['baseurl_international'] = $this->baseUrlInternational; $vars['nav_pages'] = Utils::getNavPageList($this->baseUrl, $this->current_lang); $vars['language'] = $this->current_lang; $vars['languages'] = Settings\LangSettings::get()->available; $vars['default_page'] = Settings\NavSettings::get()->homepage; echo $this->twig->render($templatefile, $vars); }