public function initCliEnvironment()
{
$showUsage = true;
if (isset($_SERVER['argv']) && $_SERVER['argc'] >= 2) {
$urlIni = Ini::parse(Registry::get('applicationPath') . '/configs/url.ini', true);
Registry::set('urlIni', $urlIni);
$inEnvironment = $urlIni->defaults->environment;
$inLocale = $urlIni->defaults->locale;
$inVersion = 'cli';
$inAction = array('type' => 'default', 'uri' => null);
// default values
Registry::set('environment', $inEnvironment);
Registry::set('locale', $inLocale);
Registry::set('version', $inVersion);
// we use the requested section from the config.ini to load our config
Config::init($inLocale, $inEnvironment, $inVersion);
Registry::set('config', Config::getInstance());
// parse the variables from the .env file or environment
$env = Env::init($inLocale, $inEnvironment, $inVersion);
Registry::set('env', Env::getInstance());
// create the Settings Object
Registry::set('settings', Settings::getInstance());
$arrParams = array();
$ac = 1;
while ($ac < count($_SERVER['argv'])) {
switch ($_SERVER['argv'][$ac]) {
case '-e':
case '--environment':
$inEnvironment = $_SERVER['argv'][$ac + 1];
$ac += 2;
break;
case '-l':
case '--locale':
$inLocale = $_SERVER['argv'][$ac + 1];
$ac += 2;
break;
case '-v':
case '--version':
$inVersion = $_SERVER['argv'][$ac + 1];
$ac += 2;
break;
case '-a':
case '--action':
$inAction['uri'] = ltrim($_SERVER['argv'][$ac + 1], '/');
$ac += 2;
$showUsage = false;
break;
case '-m':
case '--make':
$inAction['uri'] = ltrim($_SERVER['argv'][$ac + 1], '/');
$inAction['type'] = 'make';
$showUsage = false;
$ac += 2;
break;
default:
$ac += 2;
break;
}
}
}
if (!$showUsage) {
// on lit le config.ini à la section concernée par notre environnement
$config = Ini::parse(Registry::get('applicationPath') . '/configs/config.ini', true, $inLocale . '-' . $inEnvironment . '-' . $inVersion);
Registry::set('config', $config);
// on assigne les variables d'environnement et de langue en registry
Registry::set('environment', $inEnvironment);
Registry::set('locale', $inLocale);
Registry::set('version', $inVersion);
return $inAction;
} else {
echo "Usage : module/controller/action";
echo "\nOr : module/controller/action -variable1 value1 -variable2 value2 -variable3 value3";
echo "\nOr : module/controller/action/variable1/value1/variable2/value2/variable3/value3";
exit(04);
}
}
public function execute()
{
$settings = Settings::getInstance();
// reference: https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
// if CORS is enabled in the config+env settings
if (isset($settings->security->cors->enable)) {
if ($settings->security->cors->enable) {
$front = Front::getInstance();
if ($front->getRequest() instanceof Http) {
// is it a CORS preflight request ?
if (isset($_SERVER['HTTP_ORIGIN']) && isset($_SERVER['HTTP_HOST'])) {
$parsedOrigin = parse_url($_SERVER['HTTP_ORIGIN']);
$parsedCurrent = [];
$parsedCurrent['host'] = $_SERVER['HTTP_HOST'];
$parsedCurrent['scheme'] = $_SERVER['REQUEST_SCHEME'];
$parsedCurrent['port'] = $_SERVER['SERVER_PORT'];
if (!($parsedCurrent['host'] === $parsedOrigin['host']) || !($parsedCurrent['port'] === $parsedOrigin['port']) || !($parsedCurrent['scheme'] === $parsedOrigin['scheme'])) {
$corsAllowed = false;
// it's a CORS request
// origins
if (isset($settings->security->cors->allowed_origins)) {
$allowedOriginsFromSettings = $settings->security->cors->allowed_origins;
} else {
$allowedOriginsFromSettings = self::DEFAULT_ALLOWED_ORIGINS;
}
if ($allowedOriginsFromSettings != '*') {
$allowedOrigins = array_map('trim', explode(',', $settings->security->cors->allowed_origins));
if (in_array($parsedCurrent['host'], $allowedOrigins)) {
$corsAllowed = true;
}
} else {
$corsAllowed = true;
}
// methods
if (isset($settings->security->cors->allowed_methods)) {
$allowedMethodsFromSettings = $settings->security->cors->allowed_methods;
} else {
$allowedMethodsFromSettings = self::DEFAULT_ALLOWED_METHODS;
}
$allowedMethods = array_map('strtoupper', array_map('trim', explode(',', $allowedMethodsFromSettings)));
if (!in_array(strtoupper($front->getRequest()->getMethod()), $allowedMethods)) {
$corsAllowed = false;
}
// headers
if (isset($settings->security->cors->allowed_headers)) {
$allowedHeadersFromSettings = $settings->security->cors->allowed_headers;
} else {
$allowedHeadersFromSettings = self::DEFAULT_ALLOWED_HEADERS;
}
$allowedHeaders = array_map('trim', explode(',', $allowedHeadersFromSettings));
// sending the response
if ($corsAllowed) {
header('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN']);
if ($allowedOriginsFromSettings == '*') {
if (isset($_SERVER['HTTP_VARY'])) {
$varyHeaders = array_map('trim', explode(',', $_SERVER['HTTP_VARY']));
}
// adding the Vary: Origin for proxied requests
$varyHeaders[] = 'Origin';
}
header('Vary: ' . implode(', ', $varyHeaders));
if ($front->getRequest()->isOptions()) {
header('Access-Control-Allow-Methods: ' . implode(', ', $allowedMethods));
}
if (isset($settings->security->cors->allowed_credentials)) {
$allowedCredentialsFromSettings = $settings->security->cors->allowed_credentials;
} else {
$allowedCredentialsFromSettings = self::DEFAULT_ALLOWED_CREDENTIALS;
}
if ($allowedCredentialsFromSettings) {
header('Access-Control-Allow-Credentials: true');
}
if ($front->getRequest()->isOptions()) {
header('Access-Control-Allow-Headers: ' . implode(', ', $allowedHeaders));
}
// max-age
if (isset($settings->security->cors->max_age)) {
$allowedMaxAgeFromSettings = $settings->security->cors->max_age;
} else {
$allowedMaxAgeFromSettings = self::DEFAULT_MAX_AGE;
}
header('Access-Control-Max-Age: ' . $allowedMaxAgeFromSettings);
// every OPTIONS request should return a 200 ok and bypass every other middleware
if ($front->getRequest()->isOptions()) {
return false;
}
return true;
} else {
return false;
}
}
}
}
}
}
return true;
}
