/**
* Processes the request.
*
* @throws HttpException
*/
public function processRequest()
{
// If this is a resource request, we should respond with the resource ASAP
$this->_processResourceRequest();
// Validate some basics on the database configuration file.
$this->_validateDbConfigFile();
// Process install requests
$this->_processInstallRequest();
// If the system in is maintenance mode and it's a site request, throw a 503.
if (Craft::isInMaintenanceMode() && $this->request->isSiteRequest()) {
throw new HttpException(503);
}
// Set the target language
$this->setLanguage($this->_getTargetLanguage());
// Check if the app path has changed. If so, run the requirements check again.
$this->_processRequirementsCheck();
// If the track has changed, put the brakes on the request.
if (!$this->updates->isTrackValid()) {
if ($this->request->isCpRequest()) {
$this->runController('templates/invalidtrack');
$this->end();
} else {
throw new HttpException(503);
}
}
// Set the package components
$this->_setPackageComponents();
// isCraftDbUpdateNeeded will return true if we're in the middle of a manual or auto-update for Craft itself.
// If we're in maintenance mode and it's not a site request, show the manual update template.
if ($this->updates->isCraftDbUpdateNeeded() || Craft::isInMaintenanceMode() && $this->request->isCpRequest() || $this->request->getActionSegments() == array('update', 'cleanUp') || $this->request->getActionSegments() == array('update', 'rollback')) {
$this->_processUpdateLogic();
}
// Make sure that the system is on, or that the user has permission to access the site/CP while the system is off
if (Craft::isSystemOn() || $this->request->isActionRequest() && $this->request->getActionSegments() == array('users', 'login') || $this->request->isSiteRequest() && $this->userSession->checkPermission('accessSiteWhenSystemIsOff') || $this->request->isCpRequest() && $this->userSession->checkPermission('accessCpWhenSystemIsOff')) {
// Load the plugins
craft()->plugins->loadPlugins();
// Check if a plugin needs to update the database.
if ($this->updates->isPluginDbUpdateNeeded()) {
$this->_processUpdateLogic();
}
// If this is a non-login, non-validate, non-setPassword CP request, make sure the user has access to the CP
if ($this->request->isCpRequest() && !($this->request->isActionRequest() && $this->_isValidActionRequest())) {
// Make sure the user has access to the CP
$this->userSession->requireLogin();
$this->userSession->requirePermission('accessCp');
// If they're accessing a plugin's section, make sure that they have permission to do so
$firstSeg = $this->request->getSegment(1);
if ($firstSeg) {
$plugin = $plugin = $this->plugins->getPlugin($firstSeg);
if ($plugin) {
$this->userSession->requirePermission('accessPlugin-' . $plugin->getClassHandle());
}
}
}
// If this is an action request, call the controller
$this->_processActionRequest();
// If we're still here, finally let UrlManager do it's thing.
parent::processRequest();
} else {
// Log out the user
if ($this->userSession->isLoggedIn()) {
$this->userSession->logout(false);
}
if ($this->request->isCpRequest()) {
// Redirect them to the login screen
$this->userSession->requireLogin();
} else {
// Display the offline template
$this->runController('templates/offline');
}
}
}
/**
* Processes the request.
*
* @throws HttpException
* @return null
*/
public function processRequest()
{
// If this is a resource request, we should respond with the resource ASAP
$this->_processResourceRequest();
// If we're not in devMode, or it's a 'dontExtendSession' request, we're going to remove some logging routes.
if (!$this->config->get('devMode') || craft()->isInstalled() && !$this->userSession->shouldExtendSession()) {
$this->log->removeRoute('WebLogRoute');
$this->log->removeRoute('ProfileLogRoute');
}
// Additionally, we don't want these in the log files at all.
if (craft()->isInstalled() && !$this->userSession->shouldExtendSession()) {
$this->log->removeRoute('FileLogRoute');
}
// If this is a CP request, prevent robots from indexing/following the page
// (see https://developers.google.com/webmasters/control-crawl-index/docs/robots_meta_tag)
if ($this->request->isCpRequest()) {
HeaderHelper::setHeader(array('X-Robots-Tag' => 'none'));
}
// Validate some basics on the database configuration file.
$this->validateDbConfigFile();
// Process install requests
$this->_processInstallRequest();
// If the system in is maintenance mode and it's a site request, throw a 503.
if ($this->isInMaintenanceMode() && $this->request->isSiteRequest()) {
throw new HttpException(503);
}
// Check if the app path has changed. If so, run the requirements check again.
$this->_processRequirementsCheck();
// These have been deprecated in PHP 6 in favor of default_charset, which defaults to 'UTF-8'
// http://php.net/manual/en/migration56.deprecated.php
if (version_compare(PHP_VERSION, '6.0.0') < 0) {
// Now that we've ran the requirements checker, set MB to use UTF-8
mb_internal_encoding('UTF-8');
mb_http_input('UTF-8');
mb_http_output('UTF-8');
}
mb_detect_order('auto');
// Makes sure that the uploaded files are compatible with the current DB schema
if (!$this->updates->isSchemaVersionCompatible()) {
if ($this->request->isCpRequest()) {
$version = $this->getVersion();
$build = $this->getBuild();
$url = "http://download.buildwithcraft.com/craft/{$version}/{$version}.{$build}/Craft-{$version}.{$build}.zip";
throw new HttpException(200, Craft::t('Craft does not support backtracking to this version. Please upload Craft {url} or later.', array('url' => '[' . $build . '](' . $url . ')')));
} else {
throw new HttpException(503);
}
}
// Set the edition components
$this->_setEditionComponents();
// isCraftDbMigrationNeeded will return true if we're in the middle of a manual or auto-update for Craft itself.
// If we're in maintenance mode and it's not a site request, show the manual update template.
if ($this->updates->isCraftDbMigrationNeeded() || $this->isInMaintenanceMode() && $this->request->isCpRequest() || $this->request->getActionSegments() == array('update', 'cleanUp') || $this->request->getActionSegments() == array('update', 'rollback')) {
$this->_processUpdateLogic();
}
// If there's a new version, but the schema hasn't changed, just update the info table
if ($this->updates->hasCraftBuildChanged()) {
$this->updates->updateCraftVersionInfo();
}
// If the system is offline, make sure they have permission to be here
$this->_enforceSystemStatusPermissions();
// Load the plugins
$this->plugins->loadPlugins();
// Check if a plugin needs to update the database.
if ($this->updates->isPluginDbUpdateNeeded()) {
$this->_processUpdateLogic();
}
// If this is a non-login, non-validate, non-setPassword CP request, make sure the user has access to the CP
if ($this->request->isCpRequest() && !($this->request->isActionRequest() && $this->_isSpecialCaseActionRequest())) {
// Make sure the user has access to the CP
$this->userSession->requireLogin();
$this->userSession->requirePermission('accessCp');
// If they're accessing a plugin's section, make sure that they have permission to do so
$firstSeg = $this->request->getSegment(1);
if ($firstSeg) {
$plugin = $plugin = $this->plugins->getPlugin($firstSeg);
if ($plugin) {
$this->userSession->requirePermission('accessPlugin-' . $plugin->getClassHandle());
}
}
}
// If this is an action request, call the controller
$this->_processActionRequest();
// If we're still here, finally let UrlManager do it's thing.
parent::processRequest();
}
/**
* Processes the request.
*
* @throws HttpException
* @return null
*/
public function processRequest()
{
// If this is a resource request, we should respond with the resource ASAP.
$this->_processResourceRequest();
$configService = $this->config;
// If we're not in devMode, or it's a 'dontExtendSession' request, we're going to remove some logging routes.
if (!$configService->get('devMode') || craft()->isInstalled() && !$this->userSession->shouldExtendSession()) {
$this->log->removeRoute('WebLogRoute');
$this->log->removeRoute('ProfileLogRoute');
}
// Additionally, we don't want these in the log files at all.
if (craft()->isInstalled() && !$this->userSession->shouldExtendSession()) {
$this->log->removeRoute('FileLogRoute');
}
// If this is a CP request, prevent robots from indexing/following the page
// (see https://developers.google.com/webmasters/control-crawl-index/docs/robots_meta_tag)
if ($this->request->isCpRequest()) {
HeaderHelper::setHeader(array('X-Robots-Tag' => 'none'));
HeaderHelper::setHeader(array('X-Frame-Options' => 'SAMEORIGIN'));
HeaderHelper::setHeader(array('X-Content-Type-Options' => 'nosniff'));
}
// Send the X-Powered-By header?
if ($configService->get('sendPoweredByHeader')) {
HeaderHelper::setHeader(array('X-Powered-By' => 'Craft CMS'));
} else {
// In case PHP is already setting one
HeaderHelper::removeHeader('X-Powered-By');
}
// Validate some basics on the database configuration file.
$this->validateDbConfigFile();
// Process install requests
$this->_processInstallRequest();
// If the system in is maintenance mode and it's a site request, throw a 503.
if ($this->isInMaintenanceMode() && $this->request->isSiteRequest()) {
throw new HttpException(503);
}
// Check if the app path has changed. If so, run the requirements check again.
$this->_processRequirementsCheck();
// Makes sure that the uploaded files are compatible with the current database schema
if (!$this->updates->isSchemaVersionCompatible()) {
if ($this->request->isCpRequest()) {
$version = $this->getVersion();
$build = $this->getBuild();
$url = "https://download.craftcdn.com/craft/{$version}/{$version}.{$build}/Craft-{$version}.{$build}.zip";
throw new HttpException(200, Craft::t('Craft does not support backtracking to this version. Please upload Craft {url} or later.', array('url' => '[' . $build . '](' . $url . ')')));
} else {
throw new HttpException(503);
}
}
// isCraftDbMigrationNeeded will return true if we're in the middle of a manual or auto-update for Craft itself.
// If we're in maintenance mode and it's not a site request, show the manual update template.
if ($this->updates->isCraftDbMigrationNeeded() || $this->isInMaintenanceMode() && $this->request->isCpRequest() || $this->request->getActionSegments() == array('update', 'cleanUp') || $this->request->getActionSegments() == array('update', 'rollback')) {
$this->_processUpdateLogic();
}
// If there's a new version, but the schema hasn't changed, just update the info table
if ($this->updates->hasCraftBuildChanged()) {
$this->updates->updateCraftVersionInfo();
}
// If the system is offline, make sure they have permission to be here
$this->_enforceSystemStatusPermissions();
// Load the plugins
$this->plugins->loadPlugins();
// Check if a plugin needs to update the database.
if ($this->updates->isPluginDbUpdateNeeded()) {
$this->_processUpdateLogic();
}
// If this is a non-login, non-validate, non-setPassword CP request, make sure the user has access to the CP
if ($this->request->isCpRequest() && !($this->request->isActionRequest() && $this->_isSpecialCaseActionRequest())) {
// Make sure the user has access to the CP
$this->userSession->requireLogin();
$this->userSession->requirePermission('accessCp');
// If they're accessing a plugin's section, make sure that they have permission to do so
$firstSeg = $this->request->getSegment(1);
if ($firstSeg) {
$plugin = $plugin = $this->plugins->getPlugin($firstSeg);
if ($plugin) {
$this->userSession->requirePermission('accessPlugin-' . $plugin->getClassHandle());
}
}
}
// If this is an action request, call the controller
$this->_processActionRequest();
// If we're still here, finally let UrlManager do it's thing.
parent::processRequest();
}
/**
* Processes the request.
*
* @throws HttpException
* @return null
*/
public function processRequest()
{
// If this is a resource request, we should respond with the resource ASAP
$this->_processResourceRequest();
// Validate some basics on the database configuration file.
$this->validateDbConfigFile();
// Process install requests
$this->_processInstallRequest();
// If the system in is maintenance mode and it's a site request, throw a 503.
if ($this->isInMaintenanceMode() && $this->request->isSiteRequest()) {
throw new HttpException(503);
}
// Check if the app path has changed. If so, run the requirements check again.
$this->_processRequirementsCheck();
// Now that we've ran the requirements checker, set MB to use UTF-8
mb_internal_encoding('UTF-8');
mb_http_input('UTF-8');
mb_http_output('UTF-8');
mb_detect_order('auto');
// Makes sure that the uploaded files are compatible with the current DB schema
if (!$this->updates->isSchemaVersionCompatible()) {
if ($this->request->isCpRequest()) {
$version = $this->getVersion();
$build = $this->getBuild();
$url = "http://download.buildwithcraft.com/craft/{$version}/{$version}.{$build}/Craft-{$version}.{$build}.zip";
throw new HttpException(200, Craft::t('Craft does not support backtracking to this version. Please upload Craft {url} or later.', array('url' => '<a href="' . $url . '">build ' . $build . '</a>')));
} else {
throw new HttpException(503);
}
}
// Set the edition components
$this->_setEditionComponents();
// isCraftDbMigrationNeeded will return true if we're in the middle of a manual or auto-update for Craft itself.
// If we're in maintenance mode and it's not a site request, show the manual update template.
if ($this->updates->isCraftDbMigrationNeeded() || $this->isInMaintenanceMode() && $this->request->isCpRequest() || $this->request->getActionSegments() == array('update', 'cleanUp') || $this->request->getActionSegments() == array('update', 'rollback')) {
$this->_processUpdateLogic();
}
// If there's a new version, but the schema hasn't changed, just update the info table
if ($this->updates->hasCraftBuildChanged()) {
$this->updates->updateCraftVersionInfo();
}
// If the system is offline, make sure they have permission to be here
$this->_enforceSystemStatusPermissions();
// Load the plugins
$this->plugins->loadPlugins();
// Check if a plugin needs to update the database.
if ($this->updates->isPluginDbUpdateNeeded()) {
$this->_processUpdateLogic();
}
// If this is a non-login, non-validate, non-setPassword CP request, make sure the user has access to the CP
if ($this->request->isCpRequest() && !($this->request->isActionRequest() && $this->_isSpecialCaseActionRequest())) {
// Make sure the user has access to the CP
$this->userSession->requireLogin();
$this->userSession->requirePermission('accessCp');
// If they're accessing a plugin's section, make sure that they have permission to do so
$firstSeg = $this->request->getSegment(1);
if ($firstSeg) {
$plugin = $plugin = $this->plugins->getPlugin($firstSeg);
if ($plugin) {
$this->userSession->requirePermission('accessPlugin-' . $plugin->getClassHandle());
}
}
}
// If this is an action request, call the controller
$this->_processActionRequest();
// If we're still here, finally let UrlManager do it's thing.
parent::processRequest();
}
