public function language($language)
{
if (!is_string($language)) {
$language = (string) $language;
}
$this->session->add('language', $language, true, false);
$this->addAjaxDatas('updated', true);
//create cookie
new Cookie('language', $language, true, Cookie::EXPIRE_TIME_INFINITE, str_replace(Http::getServer('SERVER_NAME'), '', $this->router->getHost()));
}
public function run()
{
$ip = Tools::getUserIp();
$userAgent = Http::getServer('HTTP_USER_AGENT');
//badcrawler detected
if (Session::getInstance()->get(md5($ip . 'badcrawler'))) {
Router::getInstance()->show403(true);
}
$this->_check($ip, $userAgent);
Logger::getInstance()->debug('Sniffer security was run', 'security');
}
protected function __construct()
{
if (!is_null(self::$_path)) {
// Check config default path
if (!is_dir(self::$_path . 'default')) {
throw new \Exception('Config error, please set default config directory');
}
//load default config
$this->loadPath(self::$_path . 'default');
//load by host
$hostname = Http::getServer('HTTP_HOST');
if ($hostname && is_dir(self::$_path . $hostname)) {
$this->loadPath(self::$_path . $hostname);
}
// Define default constants
Constant::defineCons();
}
}
public function setDomain($domain = null)
{
//todo check;
if (!is_null($domain) && !is_string($domain)) {
throw new \Exception('Domain parameter must be null or a string');
}
// if not specified domain, get HTTP_HOST
$domain = is_null($domain) ? Http::getServer('HTTP_HOST') : $domain;
$this->_domain = $this->getAutoFixDomain() ? $this->_fixDomain($domain) : $domain;
}
public static function setResponseStatusCode($code, $sentHttpStatus = false, $checkIfHeaderSent = true, $httpProtocol = null)
{
if (!ResponseCode::isValid($code)) {
throw new \Exception('Response Code parameter must be a valid http response code');
}
if (!is_bool($sentHttpStatus)) {
throw new \Exception('withHttpStatus parameter must be an boolean');
}
http_response_code($code);
if ($sentHttpStatus) {
$httpProtocolVersion = !is_null($httpProtocol) && Protocol::isValid($httpProtocol) ? $httpProtocol : str_replace('HTTP/', '', Http::getServer('SERVER_PROTOCOL'));
$statusMessage = ResponseCode::getMessage($code, false);
self::sentHeader('HTTP', '/' . (string) $httpProtocolVersion . ' ' . $statusMessage, true, $code, $checkIfHeaderSent, null);
self::sentHeader('Status', $statusMessage, true, $code, $checkIfHeaderSent);
}
}
public function run()
{
if (empty(self::$_routes)) {
throw new \Exception('No routes defined');
}
//get http request URI (delete hostname)
if (!$this->_urlParameterKey) {
$request = str_replace(self::getHost(), '', Http::getServer('HTTP_HOST') . Http::getServer('REQUEST_URI'));
} else {
//Or get url key parameter
$request = Http::getQuery($this->urlParameterKey, '');
}
Logger::getInstance()->debug('Run router for request : "' . $request . '"', 'router');
$routeMatch = false;
$routeIndex = self::getRoute('index');
if ($request === '' && $routeIndex) {
$routeMatch = true;
$this->runRoute('index');
} else {
// each routes
foreach (self::$_routes as $route) {
$vars = array();
// Check if have rules
if (!$route->getRules()) {
continue;
}
// each route rules
$rules = $route->getRules();
foreach ($rules as &$rule) {
Logger::getInstance()->debug('Try rule: "' . $rule . '"', 'router');
if ($route->getRegex()) {
$routeMatch = (bool) preg_match('`^' . $rule . '$`iu', $request, $vars);
} else {
$routeMatch = $request == $rule;
}
if ($routeMatch) {
$this->_setCurrentRule($rule);
Logger::getInstance()->debug('Match route : "' . $route->getName() . '" with rule : "' . $rule . '"', 'router');
break;
}
}
// If don't match, pass to next route
if (!$routeMatch) {
continue;
}
// run route, and break
if ($routeMatch) {
$this->runRoute($route->getName(), $vars);
break;
}
}
}
if (!$routeMatch) {
Logger::getInstance()->debug('No route find', 'router');
$this->show404();
}
}
public static function isGoogleBot()
{
if (stripos(Http::getServer('HTTP_USER_AGENT'), 'Googlebot') !== false) {
return true;
}
return false;
}
public function check($checkingValue, $flush = false)
{
if (is_null($this->_token)) {
return false;
}
$tokenRealValue = Session::getInstance()->get($this->getFormName() . 'CsrfToken');
$tokenTimeRealValue = Session::getInstance()->get($this->getFormName() . 'CsrfTokenTime');
if ($flush) {
$this->flush();
}
if (is_null($tokenRealValue)) {
Logger::getInstance()->debug('Crsf : "' . $this->getFormName() . '" token miss"', 'security');
return false;
}
if ($this->_timeValidity > 0 && is_null($tokenTimeRealValue)) {
Logger::getInstance()->debug('Crsf : "' . $this->getFormName() . '" tokenTime miss"', 'security');
return false;
}
if (!empty($this->_urlsReferer)) {
foreach ($this->_urlsReferer as &$url) {
if (stripos(Http::getServer('HTTP_REFERER'), $url) !== false || Http::getServer('HTTP_REFERER') == $url) {
$match = true;
break;
}
}
if (!isset($match)) {
Logger::getInstance()->debug('Crsf : "' . $this->getFormName() . '" url referer : "' . Http::getServer('HTTP_REFERER'), 'security');
return false;
}
}
if ($tokenRealValue != $checkingValue) {
Logger::getInstance()->debug('Crsf : "' . $this->getFormName() . '" token : "' . $checkingValue . '" invalid, need : "' . $tokenRealValue . '" value', 'security');
return false;
}
if ($tokenTimeRealValue <= time() - $this->_timeValidity) {
Logger::getInstance()->debug('Crsf : "' . $this->getFormName() . '" tokenTime too old"', 'security');
return false;
}
return true;
}
protected function _generateSecurity()
{
self::_checkState();
return md5(Tools::getUserIp() . Http::getServer('HTTP_USER_AGENT'));
}
