/** * Initiate shopware auth resource * database adapter by default * * @param Enlight_Event_EventArgs $args * @throws Exception * @return null|\Zend_Auth */ public function onInitResourceBackendSession(Enlight_Event_EventArgs $args) { $options = $this->Application()->getOption('backendSession', array()); $refererCheck = (bool) $options['referer_check']; $clientCheck = (bool) $options['client_check']; $options = $this->prepareSessionOptions($options); if (!isset($options['save_handler']) || $options['save_handler'] == 'db') { $config_save_handler = array('name' => 's_core_sessions_backend', 'primary' => 'id', 'modifiedColumn' => 'modified', 'dataColumn' => 'data', 'lifetimeColumn' => 'expiry', 'lifetime' => $options['gc_maxlifetime'] ?: PHP_INT_MAX); Enlight_Components_Session::setSaveHandler(new Enlight_Components_Session_SaveHandler_DbTable($config_save_handler)); } Enlight_Components_Session::start($options); if (!$this->isBackendHomepage() && $refererCheck && $this->shouldAuth() && ($referer = $this->request->getHeader('referer')) !== null && strpos($referer, 'http') === 0) { $referer = substr($referer, 0, strpos($referer, '/backend/')); $referer .= '/backend/'; if (!isset($_SESSION['__SW_REFERER'])) { $_SESSION['__SW_REFERER'] = $referer; } elseif (strpos($referer, $_SESSION['__SW_REFERER']) !== 0) { Enlight_Components_Session::destroy(); throw new Exception('Referer check for backend session failed'); } } if ($clientCheck && ($client = $this->request->getHeader('userAgent')) !== null) { if (!isset($_SESSION['__SW_CLIENT'])) { $_SESSION['__SW_CLIENT'] = $client; } elseif ($client !== $_SESSION['__SW_CLIENT']) { Enlight_Components_Session::destroy(); throw new Exception('Client check for backend session failed'); } } return new Enlight_Components_Session_Namespace('ShopwareBackend'); }
/** * @param Request $request * @return bool */ public function acceptsRequest(Request $request) { return (bool) preg_match('{\\bChrome/\\d+[\\.\\d+]*\\b}', $request->getHeader('User-Agent')); }
/** * @param Request $request * @return bool */ public function acceptsRequest(Request $request) { $firePhpVersion = $request->getHeader('X-FirePHP-Version'); $userAgent = preg_match('{\\bFirePHP/\\d+\\.\\d+\\b}', $request->getHeader('User-Agent')); return $firePhpVersion || $userAgent; }
/** * Checks that at least one surrogate has ESI/1.0 capability. * * @param Request $request A Request instance * * @return bool true if one surrogate has ESI/1.0 capability, false otherwise */ private function hasSurrogateEsiCapability(Request $request) { if (null === ($value = $request->getHeader('Surrogate-Capability'))) { return false; } return false !== strpos($value, 'ESI/1.0'); }