/**
* Checks, if the browser sent the same checksum as provided. If so,
* a http 304 is sent to the browser
*
* @param string $strChecksum
*
* @return bool
*/
function checkConditionalGetHeaders($strChecksum)
{
if (issetServer("HTTP_IF_NONE_MATCH")) {
if (getServer("HTTP_IF_NONE_MATCH") == $strChecksum) {
//strike. no further actions needed.
class_response_object::getInstance()->setStrStatusCode(class_http_statuscodes::SC_NOT_MODIFIED);
class_response_object::getInstance()->addHeader("ETag: " . $strChecksum);
class_response_object::getInstance()->addHeader("Cache-Control: max-age=86400, must-revalidate");
return true;
}
}
return false;
}
/**
* Processes an admin-request
*
* @param string $strModule
* @param string $strAction
* @param string $strLanguageParam
*
* @throws class_exception
* @return string
*/
private function processAdminRequest($strModule, $strAction, $strLanguageParam)
{
$strReturn = "";
$bitLogin = false;
//validate https status
if (class_module_system_setting::getConfigValue("_admin_only_https_") == "true") {
//check which headers to compare
$strHeaderName = class_carrier::getInstance()->getObjConfig()->getConfig("https_header");
$strHeaderValue = strtolower(class_carrier::getInstance()->getObjConfig()->getConfig("https_header_value"));
//header itself given?
if (!issetServer($strHeaderName)) {
//reload to https
if (_xmlLoader_ === true) {
class_response_object::getInstance()->setStrRedirectUrl(uniStrReplace("http:", "https:", _xmlpath_) . "?" . getServer("QUERY_STRING"));
} else {
class_response_object::getInstance()->setStrRedirectUrl(uniStrReplace("http:", "https:", _indexpath_) . "?" . getServer("QUERY_STRING"));
}
class_response_object::getInstance()->sendHeaders();
die("Reloading using https...");
} else {
if ($strHeaderValue != "" && $strHeaderValue != strtolower(getServer($strHeaderName))) {
//reload to https
if (_xmlLoader_ === true) {
class_response_object::getInstance()->setStrRedirectUrl(uniStrReplace("http:", "https:", _xmlpath_) . "?" . getServer("QUERY_STRING"));
} else {
class_response_object::getInstance()->setStrRedirectUrl(uniStrReplace("http:", "https:", _indexpath_) . "?" . getServer("QUERY_STRING"));
}
class_response_object::getInstance()->sendHeaders();
die("Reloading using https...");
}
}
}
//process language-param
$objLanguage = new class_module_languages_language();
$objLanguage->setStrAdminLanguageToWorkOn($strLanguageParam);
//set the current backend skin. right here to do it only once.
class_adminskin_helper::defineSkinWebpath();
//validate login-status / process login-request
if ($strModule != "login" && $this->objSession->isLoggedin()) {
if ($this->objSession->isAdmin()) {
//try to load the module
$objModuleRequested = class_module_system_module::getModuleByName($strModule);
if ($objModuleRequested != null) {
//see if there is data from a previous, failed request
if (class_carrier::getInstance()->getObjSession()->getSession(class_module_login_admin::SESSION_LOAD_FROM_PARAMS) === "true") {
foreach (class_carrier::getInstance()->getObjSession()->getSession(class_module_login_admin::SESSION_PARAMS) as $strOneKey => $strOneVal) {
class_carrier::getInstance()->setParam($strOneKey, $strOneVal);
}
class_carrier::getInstance()->getObjSession()->sessionUnset(class_module_login_admin::SESSION_LOAD_FROM_PARAMS);
class_carrier::getInstance()->getObjSession()->sessionUnset(class_module_login_admin::SESSION_PARAMS);
}
if (_xmlLoader_) {
if ($objModuleRequested->getStrXmlNameAdmin() != "") {
$strClassname = str_replace(".php", "", $objModuleRequested->getStrXmlNameAdmin());
$objConcreteModule = new $strClassname();
$strReturn = $objConcreteModule->action($strAction);
} else {
//xml-loader not defined, try to use the regular dispatcher
$objConcreteModule = $objModuleRequested->getAdminInstanceOfConcreteModule();
$strReturn = $objConcreteModule->action($strAction);
}
} else {
//fill the history array to track actions
$objHistory = new class_history();
//Writing to the history
if (class_carrier::getInstance()->getParam("folderview") == "") {
$objHistory->setAdminHistory();
}
$objConcreteModule = $objModuleRequested->getAdminInstanceOfConcreteModule();
if (class_carrier::getInstance()->getParam("blockAction") != "1") {
$objConcreteModule->action();
$strReturn = $objConcreteModule->getModuleOutput();
}
//React, if admin was opened by the portaleditor
if (class_carrier::getInstance()->getParam("peClose") == "1") {
if (getGet("peRefreshPage") != "") {
$strReturn = "<html><head></head><body onload=\"parent.location = '" . urldecode(getGet("peRefreshPage")) . "';\"></body></html>";
} else {
$strReturn = "<html><head></head><body onload=\"parent.location.reload();\"></body></html>";
}
}
}
} else {
throw new class_exception("Requested module " . $strModule . " not existing", class_exception::$level_FATALERROR);
}
} else {
throw new class_exception("Sorry, but you don't have the needed permissions to access the admin-area", class_exception::$level_FATALERROR);
}
} else {
$bitLogin = true;
if ($strModule != "login") {
$strAction = "";
}
}
if ($bitLogin) {
if (_xmlLoader_) {
$objLogin = new class_module_login_admin_xml();
$strReturn = $objLogin->action($strAction);
} else {
if (count(class_carrier::getInstance()->getObjDB()->getTables()) == 0 && file_exists(_realpath_ . "/installer.php")) {
class_response_object::getInstance()->setStrRedirectUrl(_webpath_ . "/installer.php");
return "";
}
$objLogin = new class_module_login_admin();
$objLogin->action($strAction);
$strReturn = $objLogin->getModuleOutput();
}
}
return $strReturn;
}
