function IsMobile() { static $IsMobile = 'unset'; // Short circuit so we only do this work once per pageload if ($IsMobile != 'unset') { return $IsMobile; } // Start out assuming not mobile $Mobile = 0; $AllHttp = strtolower(GetValue('ALL_HTTP', $_SERVER)); $HttpAccept = strtolower(GetValue('HTTP_ACCEPT', $_SERVER)); $UserAgent = strtolower(GetValue('HTTP_USER_AGENT', $_SERVER)); if (preg_match('/(up.browser|up.link|mmp|symbian|smartphone|midp|wap|phone|opera m|kindle|webos|playbook)/i', $UserAgent)) { $Mobile++; } if (strpos($HttpAccept, 'application/vnd.wap.xhtml+xml') > 0 || (isset($_SERVER['HTTP_X_WAP_PROFILE']) || isset($_SERVER['HTTP_PROFILE']))) { $Mobile++; } if (strpos($UserAgent, 'android') > 0 && strpos($UserAgent, 'mobile') > 0) { $Mobile++; } $MobileUserAgent = substr($UserAgent, 0, 4); $MobileUserAgents = array('w3c ', 'acs-', 'alav', 'alca', 'amoi', 'audi', 'avan', 'benq', 'bird', 'blac', 'blaz', 'brew', 'cell', 'cldc', 'cmd-', 'dang', 'doco', 'eric', 'hipt', 'inno', 'ipaq', 'java', 'jigs', 'kddi', 'keji', 'leno', 'lg-c', 'lg-d', 'lg-g', 'lge-', 'maui', 'maxo', 'midp', 'mits', 'mmef', 'mobi', 'mot-', 'moto', 'mwbp', 'nec-', 'newt', 'noki', 'palm', 'pana', 'pant', 'phil', 'play', 'port', 'prox', 'qwap', 'sage', 'sams', 'sany', 'sch-', 'sec-', 'send', 'seri', 'sgh-', 'shar', 'sie-', 'siem', 'smal', 'smar', 'sony', 'sph-', 'symb', 't-mo', 'teli', 'tim-', 'tosh', 'tsm-', 'upg1', 'upsi', 'vk-v', 'voda', 'wap-', 'wapa', 'wapi', 'wapp', 'wapr', 'webc', 'winw', 'winw', 'xda', 'xda-'); if (in_array($MobileUserAgent, $MobileUserAgents)) { $Mobile++; } if (strpos($AllHttp, 'operamini') > 0) { $Mobile++; } // Windows Mobile 7 contains "windows" in the useragent string, so must comment this out // if (strpos($UserAgent, 'windows') > 0) // $Mobile = 0; $IsMobile = $Mobile > 0; $ForceNoMobile = Gdn_CookieIdentity::GetCookiePayload('VanillaNoMobile'); if ($Mobile > 0 && $ForceNoMobile !== FALSE && is_array($ForceNoMobile) && in_array('force', $ForceNoMobile)) { $IsMobile = NULL; } return $IsMobile; }
/** * Set 'NoMobile' cookie for current user to prevent use of mobile theme. * * @since 2.0.? * @access public */ public function NoMobile($Unset = 0) { if ($Unset == 1) { // Allow mobile again Gdn_CookieIdentity::DeleteCookie('VanillaNoMobile'); } else { // Set 48-hour "no mobile" cookie $Expiration = time() + 172800; $Expire = 0; $UserID = Gdn::Session()->IsValid() ? Gdn::Session()->UserID : 0; $KeyData = $UserID . "-{$Expiration}"; Gdn_CookieIdentity::SetCookie('VanillaNoMobile', $KeyData, array($UserID, $Expiration, 'force'), $Expire); } Redirect("/", 302); }
/** * Returns $this->_HashHMAC with the provided data, the default hashing method * (md5), and the server's COOKIE.SALT string as the key. * * @param string $Data The data to place in the hash. */ protected static function _Hash($Data, $CookieHashMethod, $CookieSalt) { return Gdn_CookieIdentity::_HashHMAC($CookieHashMethod, $Data, $CookieSalt); }
/** * Set 'NoMobile' cookie for current user to prevent use of mobile theme. * * @since 2.0.? * @access public */ public function NoMobile() { $Expiration = time() + 172800; $Expire = 0; $UserID = Gdn::Session()->IsValid() ? Gdn::Session()->UserID : 0; $KeyData = $UserID . "-{$Expiration}"; Gdn_CookieIdentity::SetCookie('VanillaNoMobile', $KeyData, array($UserID, $Expiration, 'force'), $Expire); Redirect("/", 302); }
function IsMobile($Value = NULL) { static $IsMobile = NULL; if ($Value !== NULL) { $IsMobile = $Value; } // Short circuit so we only do this work once per pageload if ($IsMobile !== NULL) { return $IsMobile; } // Start out assuming not mobile $Mobile = 0; $AllHttp = strtolower(GetValue('ALL_HTTP', $_SERVER)); $HttpAccept = strtolower(GetValue('HTTP_ACCEPT', $_SERVER)); $UserAgent = strtolower(GetValue('HTTP_USER_AGENT', $_SERVER)); // Match wap Accepts: header if (!$Mobile) { if (strpos($HttpAccept, 'application/vnd.wap.xhtml+xml') > 0 || (isset($_SERVER['HTTP_X_WAP_PROFILE']) || isset($_SERVER['HTTP_PROFILE']))) { $Mobile++; } } // Match mobile androids if (!$Mobile) { if (strpos($UserAgent, 'android') !== false && strpos($UserAgent, 'mobile') !== false) { $Mobile++; } } // Match operamini in 'ALL_HTTP' if (!$Mobile) { if (strpos($AllHttp, 'operamini') > 0) { $Mobile++; } } // Match discrete chunks of known mobile agents if (!$Mobile) { $DirectAgents = array('up.browser', 'up.link', 'mmp', 'symbian', 'smartphone', 'midp', 'wap', 'phone', 'opera m', 'kindle', 'webos', 'playbook', 'bb10', 'playstation vita', 'windows phone', 'iphone', 'ipod'); $DirectAgentsMatch = implode('|', $DirectAgents); if (preg_match("/({$DirectAgentsMatch})/i", $UserAgent)) { $Mobile++; } } // Match starting chunks of known if (!$Mobile) { $MobileUserAgent = substr($UserAgent, 0, 4); $MobileUserAgents = array('w3c ', 'acs-', 'alav', 'alca', 'amoi', 'audi', 'avan', 'benq', 'bird', 'blac', 'blaz', 'brew', 'cell', 'cldc', 'cmd-', 'dang', 'doco', 'eric', 'hipt', 'inno', 'ipaq', 'java', 'jigs', 'kddi', 'keji', 'leno', 'lg-c', 'lg-d', 'lg-g', 'lge-', 'maui', 'maxo', 'midp', 'mits', 'mmef', 'mobi', 'mot-', 'moto', 'mwbp', 'nec-', 'newt', 'noki', 'palm', 'pana', 'pant', 'phil', 'play', 'port', 'prox', 'qwap', 'sage', 'sams', 'sany', 'sch-', 'sec-', 'send', 'seri', 'sgh-', 'shar', 'sie-', 'siem', 'smal', 'smar', 'sony', 'sph-', 'symb', 't-mo', 'teli', 'tim-', 'tosh', 'tsm-', 'upg1', 'upsi', 'vk-v', 'voda', 'wap-', 'wapa', 'wapi', 'wapp', 'wapr', 'webc', 'winw', 'winw', 'xda', 'xda-'); if (in_array($MobileUserAgent, $MobileUserAgents)) { $Mobile++; } } $IsMobile = $Mobile > 0; $ForceNoMobile = Gdn_CookieIdentity::GetCookiePayload('VanillaNoMobile'); if ($Mobile > 0 && $ForceNoMobile !== FALSE && is_array($ForceNoMobile) && in_array('force', $ForceNoMobile)) { $IsMobile = NULL; } return $IsMobile; }
/** * Set 'NoMobile' cookie for current user to prevent use of mobile theme. * * @param string $type The type of mobile device. This can be one of the following: * - desktop: Force the desktop theme. * - mobile: Force the mobile theme. * - tablet: Force the tablet theme (desktop). * - app: Force the app theme (app). * - 1: Unset the force cookie and use the user agent to determine the theme. */ public function noMobile($type = 'desktop') { $type = strtolower($type); if ($type == '1') { Gdn_CookieIdentity::deleteCookie('X-UA-Device-Force'); redirect("/", 302); } if (in_array($type, array('mobile', 'desktop', 'tablet', 'app'))) { $type = $type; } else { $type = 'desktop'; } if ($type == '1') { // Allow mobile again Gdn_CookieIdentity::deleteCookie('VanillaNoMobile'); } else { // Set 48-hour "no mobile" cookie $Expiration = time() + 172800; $Path = c('Garden.Cookie.Path'); $Domain = c('Garden.Cookie.Domain'); safeCookie('X-UA-Device-Force', $type, $Expiration, $Path, $Domain); } redirect("/", 302); }
/** * * @param Gdn_Controller $Sender */ public function Base_Render_Before($Sender) { $Session = Gdn::Session(); // Enable theme previewing if ($Session->IsValid()) { $PreviewThemeName = $Session->GetPreference('PreviewThemeName', ''); $PreviewThemeFolder = $Session->GetPreference('PreviewThemeFolder', ''); if ($PreviewThemeName != '') { $Sender->Theme = $PreviewThemeName; $Sender->InformMessage(sprintf(T('You are previewing the %s theme.'), Wrap($PreviewThemeName, 'em')) . '<div class="PreviewThemeButtons">' . Anchor(T('Apply'), 'settings/themes/' . $PreviewThemeName . '/' . $Session->TransientKey(), 'PreviewThemeButton') . ' ' . Anchor(T('Cancel'), 'settings/cancelpreview/', 'PreviewThemeButton') . '</div>', 'DoNotDismiss'); } } if ($Session->IsValid()) { $ConfirmEmail = C('Garden.Registration.ConfirmEmail', false); $Confirmed = GetValue('Confirmed', Gdn::Session()->User, true); if ($ConfirmEmail && !$Confirmed) { $Message = FormatString(T('You need to confirm your email address.', 'You need to confirm your email address. Click <a href="{/entry/emailconfirmrequest,url}">here</a> to resend the confirmation email.')); $Sender->InformMessage($Message, ''); } } // Add Message Modules (if necessary) $MessageCache = Gdn::Config('Garden.Messages.Cache', array()); $Location = $Sender->Application . '/' . substr($Sender->ControllerName, 0, -10) . '/' . $Sender->RequestMethod; $Exceptions = array('[Base]'); // 2011-09-09 - mosullivan - No longer allowing messages in dashboard // if ($Sender->MasterView == 'admin') // $Exceptions[] = '[Admin]'; // else if (in_array($Sender->MasterView, array('', 'default'))) if (in_array($Sender->MasterView, array('', 'default'))) { $Exceptions[] = '[NonAdmin]'; } // SignIn popup is a special case $SignInOnly = $Sender->DeliveryType() == DELIVERY_TYPE_VIEW && $Location == 'Dashboard/entry/signin'; if ($SignInOnly) { $Exceptions = array(); } if ($Sender->MasterView != 'admin' && !$Sender->Data('_NoMessages') && (GetValue('MessagesLoaded', $Sender) != '1' && $Sender->MasterView != 'empty' && ArrayInArray($Exceptions, $MessageCache, FALSE) || InArrayI($Location, $MessageCache))) { $MessageModel = new MessageModel(); $MessageData = $MessageModel->GetMessagesForLocation($Location, $Exceptions, $Sender->Data('Category.CategoryID')); foreach ($MessageData as $Message) { $MessageModule = new MessageModule($Sender, $Message); if ($SignInOnly) { // Insert special messages even in SignIn popup echo $MessageModule; } elseif ($Sender->DeliveryType() == DELIVERY_TYPE_ALL) { $Sender->AddModule($MessageModule); } } $Sender->MessagesLoaded = '1'; // Fixes a bug where render gets called more than once and messages are loaded/displayed redundantly. } if ($Sender->DeliveryType() == DELIVERY_TYPE_ALL) { $Gdn_Statistics = Gdn::Factory('Statistics'); $Gdn_Statistics->Check($Sender); } // Allow forum embedding if ($Embed = C('Garden.Embed.Allow')) { // Record the remote url where the forum is being embedded. $RemoteUrl = C('Garden.Embed.RemoteUrl'); if (!$RemoteUrl) { $RemoteUrl = GetIncomingValue('remote'); if ($RemoteUrl) { SaveToConfig('Garden.Embed.RemoteUrl', $RemoteUrl); } } if ($RemoteUrl) { $Sender->AddDefinition('RemoteUrl', $RemoteUrl); } // Force embedding? if (!IsSearchEngine() && !IsMobile() && strtolower($Sender->ControllerName) != 'entry') { $Sender->AddDefinition('ForceEmbedForum', C('Garden.Embed.ForceForum') ? '1' : '0'); $Sender->AddDefinition('ForceEmbedDashboard', C('Garden.Embed.ForceDashboard') ? '1' : '0'); } $Sender->AddDefinition('Path', Gdn::Request()->Path()); // $Sender->AddDefinition('MasterView', $Sender->MasterView); $Sender->AddDefinition('InDashboard', $Sender->MasterView == 'admin' ? '1' : '0'); if ($Embed === 2) { $Sender->AddJsFile('vanilla.embed.local.js'); } else { $Sender->AddJsFile('embed_local.js'); } } else { $Sender->SetHeader('X-Frame-Options', 'SAMEORIGIN'); } // Allow return to mobile site $ForceNoMobile = Gdn_CookieIdentity::GetCookiePayload('VanillaNoMobile'); if ($ForceNoMobile !== FALSE && is_array($ForceNoMobile) && in_array('force', $ForceNoMobile)) { $Sender->AddAsset('Foot', Wrap(Anchor(T('Back to Mobile Site'), '/profile/nomobile/1'), 'div'), 'MobileLink'); } }
/** * Standard method for authenticating an admin and allowing them to spoof a user. */ private function _SpoofMethod($Sender) { $Sender->Title('Spoof'); $Sender->Form = new Gdn_Form(); $UserReference = $Sender->Form->GetValue('UserReference', ''); $Email = $Sender->Form->GetValue('Email', ''); $Password = $Sender->Form->GetValue('Password', ''); if ($UserReference != '' && $Email != '' && $Password != '') { $UserModel = Gdn::UserModel(); $UserData = $UserModel->ValidateCredentials($Email, 0, $Password); // if (1 == 1) { if (is_object($UserData) && $UserData->Admin) { if (is_numeric($UserReference)) { $SpoofUser = $UserModel->GetID($UserReference); } else { $SpoofUser = $UserModel->GetByUsername($UserReference); } if ($SpoofUser) { $Identity = new Gdn_CookieIdentity(); $Identity->Init(array('Salt' => Gdn::Config('Garden.Cookie.Salt'), 'Name' => Gdn::Config('Garden.Cookie.Name'), 'Domain' => Gdn::Config('Garden.Cookie.Domain'))); $Identity->SetIdentity($SpoofUser->UserID, TRUE); Redirect('profile'); } else { $Sender->Form->AddError('Failed to find requested user.'); } } else { $Sender->Form->AddError('Bad Credentials'); } } $Sender->Render(PATH_PLUGINS . DS . 'Spoof' . DS . 'views' . DS . 'spoof.php'); }
/** * * @param Gdn_Controller $Sender */ public function Base_Render_Before($Sender) { $Session = Gdn::Session(); // Enable theme previewing if ($Session->IsValid()) { $PreviewThemeName = $Session->GetPreference('PreviewThemeName', ''); $PreviewThemeFolder = $Session->GetPreference('PreviewThemeFolder', ''); if ($PreviewThemeName != '') { $Sender->Theme = $PreviewThemeName; $Sender->InformMessage(sprintf(T('You are previewing the %s theme.'), Wrap($PreviewThemeName, 'em')) . '<div class="PreviewThemeButtons">' . Anchor(T('Apply'), 'settings/themes/' . $PreviewThemeName . '/' . $Session->TransientKey(), 'PreviewThemeButton') . ' ' . Anchor(T('Cancel'), 'settings/cancelpreview/', 'PreviewThemeButton') . '</div>', 'DoNotDismiss'); } } if ($Session->IsValid() && ($EmailKey = Gdn::Session()->GetAttribute('EmailKey'))) { $NotifyEmailConfirm = TRUE; // If this user was manually moved out of the confirmation role, get rid of their 'awaiting confirmation' flag $ConfirmEmailRole = C('Garden.Registration.ConfirmEmailRole', FALSE); $UserRoles = array(); $RoleData = Gdn::UserModel()->GetRoles($Session->UserID); if ($RoleData !== FALSE && $RoleData->NumRows() > 0) { $UserRoles = ConsolidateArrayValuesByKey($RoleData->Result(DATASET_TYPE_ARRAY), 'RoleID', 'Name'); } if ($ConfirmEmailRole !== FALSE && !array_key_exists($ConfirmEmailRole, $UserRoles)) { Gdn::UserModel()->SaveAttribute($Session->UserID, "EmailKey", NULL); $NotifyEmailConfirm = FALSE; } if ($NotifyEmailConfirm) { $Message = FormatString(T('You need to confirm your email address.', 'You need to confirm your email address. Click <a href="{/entry/emailconfirmrequest,url}">here</a> to resend the confirmation email.')); $Sender->InformMessage($Message, ''); } } // Add Message Modules (if necessary) $MessageCache = Gdn::Config('Garden.Messages.Cache', array()); $Location = $Sender->Application . '/' . substr($Sender->ControllerName, 0, -10) . '/' . $Sender->RequestMethod; $Exceptions = array('[Base]'); // 2011-09-09 - mosullivan - No longer allowing messages in dashboard // if ($Sender->MasterView == 'admin') // $Exceptions[] = '[Admin]'; // else if (in_array($Sender->MasterView, array('', 'default'))) if (in_array($Sender->MasterView, array('', 'default'))) { $Exceptions[] = '[NonAdmin]'; } // SignIn popup is a special case $SignInOnly = $Sender->DeliveryType() == DELIVERY_TYPE_VIEW && $Location == 'Dashboard/entry/signin'; if ($SignInOnly) { $Exceptions = array(); } if ($Sender->MasterView != 'admin' && (GetValue('MessagesLoaded', $Sender) != '1' && $Sender->MasterView != 'empty' && ArrayInArray($Exceptions, $MessageCache, FALSE) || InArrayI($Location, $MessageCache))) { $MessageModel = new MessageModel(); $MessageData = $MessageModel->GetMessagesForLocation($Location, $Exceptions); foreach ($MessageData as $Message) { $MessageModule = new MessageModule($Sender, $Message); if ($SignInOnly) { // Insert special messages even in SignIn popup echo $MessageModule; } elseif ($Sender->DeliveryType() == DELIVERY_TYPE_ALL) { $Sender->AddModule($MessageModule); } } $Sender->MessagesLoaded = '1'; // Fixes a bug where render gets called more than once and messages are loaded/displayed redundantly. } // If there are applicants, alert admins by showing in the main menu if (in_array($Sender->MasterView, array('', 'default')) && $Sender->Menu && C('Garden.Registration.Method') == 'Approval') { // $CountApplicants = Gdn::UserModel()->GetApplicantCount(); // if ($CountApplicants > 0) // $Sender->Menu->AddLink('Applicants', T('Applicants').' <span class="Alert">'.$CountApplicants.'</span>', '/dashboard/user/applicants', array('Garden.Applicants.Manage')); $Sender->Menu->AddLink('Applicants', T('Applicants'), '/dashboard/user/applicants', array('Garden.Applicants.Manage')); } if ($Sender->DeliveryType() == DELIVERY_TYPE_ALL) { $Gdn_Statistics = Gdn::Factory('Statistics'); $Gdn_Statistics->Check($Sender); } // Allow forum embedding if (C('Garden.Embed.Allow')) { // Record the remote url where the forum is being embedded. $RemoteUrl = C('Garden.Embed.RemoteUrl'); if (!$RemoteUrl) { $RemoteUrl = GetIncomingValue('remote'); if ($RemoteUrl) { SaveToConfig('Garden.Embed.RemoteUrl', $RemoteUrl); } } if ($RemoteUrl) { $Sender->AddDefinition('RemoteUrl', $RemoteUrl); } // Force embedding? if (!IsSearchEngine() && !IsMobile()) { $Sender->AddDefinition('ForceEmbedForum', C('Garden.Embed.ForceForum') ? '1' : '0'); $Sender->AddDefinition('ForceEmbedDashboard', C('Garden.Embed.ForceDashboard') ? '1' : '0'); } $Sender->AddDefinition('Path', Gdn::Request()->Path()); // $Sender->AddDefinition('MasterView', $Sender->MasterView); $Sender->AddDefinition('InDashboard', $Sender->MasterView == 'admin' ? '1' : '0'); $Sender->AddJsFile('js/embed_local.js'); } // Allow return to mobile site $ForceNoMobile = Gdn_CookieIdentity::GetCookiePayload('VanillaNoMobile'); if ($ForceNoMobile !== FALSE && is_array($ForceNoMobile) && in_array('force', $ForceNoMobile)) { $Sender->AddAsset('Foot', Wrap(Anchor(T('Back to Mobile Site'), '/profile/nomobile/1'), 'div'), 'MobileLink'); } }
public function WakeUp() { $ForeignIdentityUrl = C('Garden.Authenticator.AuthenticateURL'); if (!$ForeignIdentityUrl) { return FALSE; } // Allow the entry/handshake method to function Gdn::Authenticator()->AllowHandshake(); $HaveHandshake = Gdn_CookieIdentity::CheckCookie($this->_CookieName); if ($HaveHandshake) { return; } $CurrentStep = $this->CurrentStep(); // if (substr(Gdn::Request()->Path(),0,6) != 'entry/') { // Shortcircuit to prevent pointless work when the access token has already been handled and we already have a session if ($CurrentStep == Gdn_Authenticator::MODE_REPEAT) { return; } // Don't try to wakeup when we've already tried once this session if ($CurrentStep == Gdn_Authenticator::MODE_NOAUTH) { return; } // } $this->Authenticate(); }