Esempio n. 1
0
 /**
  * run the routeur
  *
  * @access public
  * @return null|boolean
  */
 public function run()
 {
     date_default_timezone_set(Config::get('Const')->timezone);
     $this->_create_constant();
     if (Request::isHttpRequest()) {
         // Search if a Less file exists
         if (defined('LESS_ACTIVE') && LESS_ACTIVE === true) {
             if (strstr($_SERVER['REQUEST_URI'], '.css') && file_exists(preg_replace('/\\.css/', '.less', $_SERVER['REQUEST_URI']))) {
                 Less::toCss($_SERVER['REQUEST_URI']);
                 exit;
             }
         }
         // Search if a typescript file exists
         if (defined('TYPESCRIPT_ACTIVE') && TYPESCRIPT_ACTIVE === true) {
             if (strstr($_SERVER['REQUEST_URI'], '.js') && file_exists(preg_replace('/\\.js/', '.ts', $_SERVER['REQUEST_URI']))) {
                 Typescript::toJs($_SERVER['REQUEST_URI']);
                 exit;
             }
         }
         // Search public files in all plugins
         if ($_SERVER['REQUEST_URI'] !== '/') {
             foreach (Config::get('Plugins')->list as $iKey => $sPlugin) {
                 if (file_exists(__DIR__ . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR . 'src' . DIRECTORY_SEPARATOR . 'plugins' . DIRECTORY_SEPARATOR . $sPlugin . DIRECTORY_SEPARATOR . 'public' . $_SERVER['REQUEST_URI'])) {
                     echo file_get_contents(__DIR__ . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR . 'src' . DIRECTORY_SEPARATOR . 'plugins' . DIRECTORY_SEPARATOR . $sPlugin . DIRECTORY_SEPARATOR . 'public' . $_SERVER['REQUEST_URI']);
                     exit;
                 } else {
                     if (strstr($_SERVER['REQUEST_URI'], '.css') && file_exists(__DIR__ . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR . 'src' . DIRECTORY_SEPARATOR . 'plugins' . DIRECTORY_SEPARATOR . $sPlugin . DIRECTORY_SEPARATOR . 'public' . preg_replace('/\\.css/', '.less', $_SERVER['REQUEST_URI']))) {
                         Less::toCss(__DIR__ . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR . 'src' . DIRECTORY_SEPARATOR . 'plugins' . DIRECTORY_SEPARATOR . $sPlugin . DIRECTORY_SEPARATOR . 'public' . preg_replace('/\\.css/', '.less', $_SERVER['REQUEST_URI']));
                         exit;
                     } else {
                         if (strstr($_SERVER['REQUEST_URI'], '.js') && file_exists(__DIR__ . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR . 'src' . DIRECTORY_SEPARATOR . 'plugins' . DIRECTORY_SEPARATOR . $sPlugin . DIRECTORY_SEPARATOR . 'public' . preg_replace('/\\.js/', '.ts', $_SERVER['REQUEST_URI']))) {
                             Typescript::toJs(__DIR__ . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR . 'src' . DIRECTORY_SEPARATOR . 'plugins' . DIRECTORY_SEPARATOR . $sPlugin . DIRECTORY_SEPARATOR . 'public' . preg_replace('/\\.js/', '.ts', $_SERVER['REQUEST_URI']));
                             exit;
                         }
                     }
                 }
             }
         }
         foreach (Config::get('Route') as $sMultiHost => $oHost) {
             foreach (explode(',', $sMultiHost) as $sHost) {
                 if (!strstr($sHost, '/') && $sHost == $_SERVER['HTTP_HOST'] || strstr($sHost, '/') && strstr($_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], $sHost)) {
                     $this->_oRoutes = $oHost;
                     if (strstr($sHost, '/') && strstr($_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], $sHost)) {
                         $this->_sBaseUri = preg_replace('#^[^/]+#', '', $sHost);
                     }
                     if (isset($oHost->location)) {
                         header('Status: 301 Moved Permanently', false, 301);
                         header('Location: ' . $oHost->location);
                         exit;
                     } else {
                         if (preg_match('#getCss\\?#', $_SERVER['REQUEST_URI'])) {
                             foreach ($_GET as $sKey => $sValue) {
                                 if (file_exists(str_replace(DIRECTORY_SEPARATOR . 'core', DIRECTORY_SEPARATOR . 'src' . DIRECTORY_SEPARATOR, __DIR__) . $sKey . '.css')) {
                                     echo file_get_contents(str_replace(DIRECTORY_SEPARATOR . 'core', DIRECTORY_SEPARATOR . 'src' . DIRECTORY_SEPARATOR, __DIR__) . $sKey . '.css') . "\n";
                                 }
                             }
                             exit;
                         } else {
                             if (preg_match('#getJs\\?#', $_SERVER['REQUEST_URI'])) {
                                 foreach ($_GET as $sKey => $sValue) {
                                     if (file_exists(str_replace(DIRECTORY_SEPARATOR . 'core', DIRECTORY_SEPARATOR . 'src' . DIRECTORY_SEPARATOR, __DIR__) . $sKey . '.js')) {
                                         echo file_get_contents(str_replace(DIRECTORY_SEPARATOR . 'core', DIRECTORY_SEPARATOR . 'src' . DIRECTORY_SEPARATOR, __DIR__) . $sKey . '.js') . "\n";
                                     }
                                 }
                                 exit;
                             } else {
                                 if (isset($oHost->routes)) {
                                     foreach ($oHost->routes as $sKey => $oRoute) {
                                         $mReturn = $this->_route($oRoute, $_SERVER['REQUEST_URI']);
                                         if ($mReturn === 403) {
                                             $this->_getPage403();
                                         } else {
                                             if ($mReturn === true) {
                                                 if (isset($oRoute->cache)) {
                                                     $this->_checkCache($oRoute->cache);
                                                 }
                                                 return true;
                                             }
                                         }
                                     }
                                     $this->_getPage404();
                                 }
                             }
                         }
                     }
                 }
             }
         }
     } else {
         if (Request::isCliRequest()) {
             if (isset($_SERVER['argv'])) {
                 $aArguments = $_SERVER['argv'];
             } else {
                 $aArguments = [];
             }
             define('PORTAL', 'Batch');
             set_include_path(get_include_path() . PATH_SEPARATOR . 'src' . PATH_SEPARATOR . PORTAL . PATH_SEPARATOR . 'public');
             if (!isset($aArguments[1]) && strstr($aArguments[0], '/phpunit')) {
                 $sBatchName = "phpunit";
                 $aArguments[0] = "bin/console";
                 $aArguments[1] = "phpunit";
             } else {
                 if (isset($aArguments[1])) {
                     $sBatchName = $aArguments[1];
                 } else {
                     $aArguments[1] = 'help';
                     $sBatchName = $aArguments[1];
                 }
             }
             if (isset(Config::get('Route')->batch->script->{$sBatchName})) {
                 $oBatch = Config::get('Route')->batch->script->{$sBatchName};
                 array_shift($aArguments);
                 array_shift($aArguments);
                 $aOptions = array();
                 while (count($aArguments) > 0) {
                     if (preg_match('/^-[a-z]/', $aArguments[0])) {
                         $sOptionName = str_replace('-', '', $aArguments[0]);
                         if (isset($aArguments[1])) {
                             $sOptionValue = $aArguments[1];
                         } else {
                             $sOptionValue = '';
                         }
                         if (isset($oBatch->options->{$sOptionName}) && isset($oBatch->options->{$sOptionName}->type) && $oBatch->options->{$sOptionName}->type === false) {
                             $aOptions[$sOptionName] = true;
                             array_shift($aArguments);
                         } else {
                             if (isset($oBatch->options->{$sOptionName}) && isset($oBatch->options->{$sOptionName}->type) && ($oBatch->options->{$sOptionName}->type === 'string' || $oBatch->options->{$sOptionName}->type === 'int')) {
                                 $aOptions[$sOptionName] = $sOptionValue;
                                 array_shift($aArguments);
                                 array_shift($aArguments);
                             } else {
                                 array_shift($aArguments);
                             }
                         }
                     } else {
                         array_shift($aArguments);
                     }
                 }
             }
             if (isset($oBatch->controller) && isset($oBatch->action)) {
                 echo $this->_loadController($oBatch->controller, $oBatch->action, array($aOptions));
             } else {
                 if (Request::isCliRequest()) {
                     echo "Error : The batch not exists - please verify your Route or the name passed in your command name.\n";
                 }
             }
         }
     }
 }
Esempio n. 2
0
 /**
  * check security of access
  *
  * @access public
  * @return null|boolean
  */
 public function checkSecurity()
 {
     foreach (Config::get('Route') as $sHost => $oHost) {
         if (!strstr($sHost, '/') && $sHost == $_SERVER['HTTP_HOST'] || strstr($sHost, '/') && strstr($_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], $sHost)) {
             if (strstr($sHost, '/') && strstr($_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], $sHost)) {
                 $this->_sBaseUri = preg_replace('#^[^/]+#', '', $sHost);
             }
             if (isset($oSecurity->firewall)) {
                 $oSecurity = $oHost->firewall;
             }
         }
     }
     if (isset($oSecurity)) {
         if (isset($oSecurity->authentification) && $oSecurity->authentification === 'http_basic') {
             if (!isset($_SERVER['PHP_AUTH_USER'])) {
                 if (!isset($oSecurity->realm)) {
                     $oSecurity->realm = 'Access';
                 }
                 if (!isset($oSecurity->cancelled)) {
                     $oSecurity->cancelled = 'Cancelled';
                 }
                 header('WWW-Authenticate: Basic realm="' . $oSecurity->realm . '"');
                 header('HTTP/1.0 401 Unauthorized');
                 echo $oSecurity->cancelled;
                 exit;
             } else {
                 self::$_sLogin = $_SERVER['PHP_AUTH_USER'];
                 self::$_sPassword = $_SERVER['PHP_AUTH_PW'];
                 if (!$this->_checkPasswordIsGood()) {
                     return false;
                 }
                 if (!$this->_checkAccess()) {
                     return false;
                 }
                 if (!$this->_checkBlackListIps()) {
                     return false;
                 }
             }
         } else {
             if (isset($oSecurity->authentification) && $oSecurity->authentification === 'http_basic_validate_by_controller') {
                 if (!isset($_SERVER['PHP_AUTH_USER'])) {
                     if (!isset($oSecurity->realm)) {
                         $oSecurity->realm = 'Access';
                     }
                     if (!isset($oSecurity->cancelled)) {
                         $oSecurity->cancelled = 'Cancelled';
                     }
                     header('WWW-Authenticate: Basic realm="' . $oSecurity->realm . '"');
                     header('HTTP/1.0 401 Unauthorized');
                     echo $oSecurity->cancelled;
                     exit;
                 } else {
                     self::$_sLogin = $_SERVER['PHP_AUTH_USER'];
                     self::$_sPassword = $_SERVER['PHP_AUTH_PW'];
                     $sControllerName = $oSecurity->controller;
                     $sActionName = $oSecurity->action;
                     $oController = new $sControllerName();
                     if (!$oController->{$sActionName}(self::$_sLogin, self::$_sPassword)) {
                         return false;
                     }
                     if (!$this->_checkAccess()) {
                         return false;
                     }
                     if (!$this->_checkBlackListIps()) {
                         return false;
                     }
                 }
             } else {
                 if (isset($oSecurity->authentification) && $oSecurity->authentification === 'controller') {
                     // it's an action of one controller that it return true or false for the authentification
                     $sControllerName = $oSecurity->controller;
                     $sActionName = $oSecurity->action;
                     $oController = new $sControllerName();
                     if (!$oController->{$sActionName}) {
                         return false;
                     }
                     if (!$this->_checkAccess()) {
                         return false;
                     }
                     if (!$this->_checkBlackListIps()) {
                         return false;
                     }
                 }
             }
         }
         if (isset($oSecurity->ips) && !in_array($_SERVER['REMOTE_ADDR'], $oSecurity->ips)) {
             return false;
         }
         if (isset($oSecurity->requires_channel) && $oSecurity->requires_channel == 'https' && !Request::isHttpsRequest()) {
             return false;
         } else {
             if (isset($oSecurity->requires_channel) && $oSecurity->requires_channel == 'http' && (Request::isHttpRequest() && Request::isHttpsRequest() || !Request::isHttpRequest())) {
                 return false;
             }
         }
     }
     return true;
 }