/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!$request->secure()) { return Redirect::secure($request->path()); } return $next($request); }
public function getIndex() { if (Auth::guest() || Auth::user()->isAdmin == 0) { return Redirect::secure('/'); } // layouts variables $this->layout->title = 'Админ панел | Нещо Шантаво'; $this->layout->canonical = 'https://neshto.shantavo.com/admin/'; $this->layout->robots = 'noindex,nofollow,noodp,noydir'; $users = count(User::all()); $admins = count(User::where('isAdmin', ">", 0)->get()); $categories = count(Category::all()); $albums = count(Album::all()); $votes = count(DB::table('votes')->get()); $pictures = count(Picture::all()); $pictureSize = 0; foreach (Picture::all() as $p) { $pictureSize += $p->size; } // get disqus stats include app_path() . '/config/_disqus.php'; $disqus = new DisqusAPI(getDisqusKey()); $disqus->setSecure(false); $comments = $disqus->posts->list(array('forum' => 'shantavo')); // nesting the view into the layout $this->layout->nest('content', 'admin.index', array('users' => $users, 'admins' => $admins, 'votes' => $votes, 'categories' => $categories, 'albums' => $albums, 'pictures' => $pictures, 'pictureSize' => $pictureSize, 'comments' => $comments)); }
public function postCreate() { if (Auth::guest()) { return Redirect::secure('user/login'); } // do not use layout for this $this->layout = null; // add to db Input::get('isPrivate') == 1 ? $isPrivate = 1 : ($isPrivate = 0); Album::insert(array('user_id' => Input::get('userId'), 'categories_id' => Input::get('category'), 'name' => strip_tags(Purifier::clean(Input::get('name'))), 'isPrivate' => $isPrivate)); // redirect to albums return Redirect::secure('user/albums'); }
public function postCreate() { if (Auth::guest()) { return Redirect::secure('user/login'); } // do not use layout for this $this->layout = null; // check image size (must be < 10MB) if (Input::file('image')->getSize() > 10000000) { return Redirect::secure('picture/upload'); } // check image type (must be (jpg, png, gif or jpeg)) if (Input::file('image')->getClientOriginalExtension() == "jpg" || Input::file('image')->getClientOriginalExtension() == "jpeg" || Input::file('image')->getClientOriginalExtension() == "png" || Input::file('image')->getClientOriginalExtension() == "gif") { // add record to db Input::get('isPrivate') == 1 ? $isPrivate = 1 : ($isPrivate = 0); $id = Picture::insertGetId(array('user_id' => Input::get('userId'), 'album_id' => Input::get('albumId'), 'filename' => Input::file('image')->getClientOriginalName(), 'size' => Input::file('image')->getSize(), 'title' => strip_tags(Purifier::clean(Input::get('title'))), 'isPrivate' => $isPrivate)); // move to albums folder $destinationPath = public_path() . "/files/" . Input::get('userId') . "/" . Input::get('albumId'); Input::file('image')->move($destinationPath, Input::file('image')->getClientOriginalName()); // redirect to uploaded picture return Redirect::secure('picture/' . $id); } return Redirect::secure('picture/upload'); }
public function getAlbums() { if (Auth::guest()) { return Redirect::secure('/'); } // layouts variables $this->layout->title = 'Албуми | Нещо Шантаво'; $this->layout->canonical = 'https://neshto.shantavo.com/user/albums'; $albums = Album::where('user_id', '=', Auth::user()->id)->get(); $categories = Category::all(); // nesting the view into the layout $this->layout->nest('content', 'user.albums', array('albums' => $albums, 'categories' => $categories)); }
| Application & Route Filters |-------------------------------------------------------------------------- | | Below you will find the "before" and "after" events for the application | which may be used to do any work before or after a request into your | application. Here you may also register your custom route filters. | */ App::before(function ($request) { if (Auth::check()) { $count = Session::get(SESSION_COUNTER, 0); Session::put(SESSION_COUNTER, ++$count); } if (App::environment() == ENV_PRODUCTION) { if (!Request::secure()) { return Redirect::secure(Request::getRequestUri()); } } if (Input::has('lang')) { $locale = Input::get('lang'); App::setLocale($locale); Session::set(SESSION_LOCALE, $locale); if (Auth::check()) { if ($language = Language::whereLocale($locale)->first()) { $account = Auth::user()->account; $account->language_id = $language->id; $account->save(); } } } else { if (Auth::check()) {
| Language |-------------------------------------------------------------------------- | | Detect the browser language. | */ Route::filter('detectLang', function ($route, $request, $lang = 'auto') { if ($lang != "auto" && in_array($lang, Config::get('app.available_language'))) { Config::set('app.locale', $lang); } else { $browser_lang = !empty($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? strtok(strip_tags($_SERVER['HTTP_ACCEPT_LANGUAGE']), ',') : ''; $browser_lang = substr($browser_lang, 0, 2); $userLang = in_array($browser_lang, Config::get('app.available_language')) ? $browser_lang : Config::get('app.locale'); Config::set('app.locale', $userLang); App::setLocale($userLang); } }); /** * Enforce https. */ App::before(function ($request) { $settings = Config::get('app'); if ($settings['app_environment'] == 'production') { if (!Request::secure()) { return Redirect::secure(Request::path()); } } }); App::error(function (\Illuminate\Session\TokenMismatchException $exception) { return Redirect::route('login')->with('message', 'Your session has expired. Please try logging in again.'); });
/** * Sign User out * * @return \Illuminate\Http\RedirectResponse */ public function signOut() { Session::flush(); return Redirect::secure('/'); }
public function getAbout() { return Redirect::secure('/'); }
$request = App::make('guzzle')->get('https://www.cloudflare.com/ips-v4'); return explode("\n", $request->getBody()); })); } catch (Exception $e) { Cache::forget('cloudflare.ips'); Log::error($e); } // If request is not secured and force secured connection is enabled // then we need to redirect the user to a secure link. if (!Request::secure() && Config::get('bfacp.site.ssl') && $_SERVER['REMOTE_ADDR'] != '127.0.0.1' && filter_var($_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE)) { $path = Request::path(); if (strlen(Request::server('QUERY_STRING')) > 0) { $path .= '?' . Request::server('QUERY_STRING'); } $status = in_array(Request::getMethod(), ['POST', 'PUT', 'DELETE']) ? 307 : 302; return Redirect::secure($path, $status); } // Check if only authorized users are allowed to access the site. if (Config::get('bfacp.site.auth') && Auth::guest()) { $path = explode('/', Request::path()); if (count($path) > 1) { $route = $path[0] . '/' . $path[1]; } else { $route = $path[0]; } if (!in_array($route, ['login', 'register', 'user/confirm'])) { return Redirect::route('user.login'); } } }); App::after(function ($request, $response) {
*/ App::error(function (Exception $exception, $code) { Log::error($exception); return Response::view('error', ['error' => 'A website error has occurred. The website administrator has been notified of the issue. Sorry for the temporary inconvenience.'], 500); }); App::error(function (NoSessionToken $exception) { // Log::error($exception); return Redirect::secure('/'); }); App::error(function (\GuzzleHttp\Exception\ClientException $exception) { Log::error($exception); if ($exception->getCode() === 401) { Session::flush(); return Redirect::secure('/'); } return Response::view('error', ['error' => 'A website error has occurred. The website administrator has been notified of the issue. Sorry for the temporary inconvenience.'], 500); }); App::missing(function ($exception) { return Response::view('error', ['error' => '404 Not Found'], 404); }); /* |-------------------------------------------------------------------------- | Maintenance Mode Handler |-------------------------------------------------------------------------- | | The "down" Artisan command gives you the ability to put an application | into maintenance mode. Here, you will define what is displayed back