public function pageHeader()
{
// Import global variables into the local scope, for the theme’s header.php
global $SEARCH_SPIDER, $TEXT_DIRECTION, $REQUIRE_AUTHENTICATION, $headerfile, $view;
// The title often includes the names of records, which may have markup
// that cannot be used in the page title.
$title = html_entity_decode(strip_tags($this->page_title), ENT_QUOTES, 'UTF-8');
// Initialise variables for the theme’s header.php
$LINK_CANONICAL = $this->canonical_url;
$META_ROBOTS = $this->meta_robots;
$META_DESCRIPTION = WT_GED_ID ? get_gedcom_setting(WT_GED_ID, 'META_DESCRIPTION') : '';
if (!$META_DESCRIPTION) {
$META_DESCRIPTION = strip_tags(WT_TREE_TITLE);
}
$META_GENERATOR = WT_WEBTREES . ' ' . WT_VERSION . ' - ' . WT_WEBTREES_URL;
$META_TITLE = WT_GED_ID ? get_gedcom_setting(WT_GED_ID, 'META_TITLE') : '';
if ($META_TITLE) {
$title .= ' - ' . $META_TITLE;
}
// This javascript needs to be loaded in the header, *before* the CSS.
// All other javascript should be defered until the end of the page
$javascript = '<script src="' . WT_MODERNIZR_URL . '"></script>';
// Give Javascript access to some PHP constants
$this->addInlineJavascript('
var WT_STATIC_URL = "' . WT_Filter::escapeJs(WT_STATIC_URL) . '";
var WT_THEME_DIR = "' . WT_Filter::escapeJs(WT_THEME_DIR) . '";
var WT_MODULES_DIR = "' . WT_Filter::escapeJs(WT_MODULES_DIR) . '";
var WT_GEDCOM = "' . WT_Filter::escapeJs(WT_GEDCOM) . '";
var WT_GED_ID = "' . WT_Filter::escapeJs(WT_GED_ID) . '";
var WT_USER_ID = "' . WT_Filter::escapeJs(WT_USER_ID) . '";
var textDirection = "' . WT_Filter::escapeJs($TEXT_DIRECTION) . '";
var WT_SCRIPT_NAME = "' . WT_Filter::escapeJs(WT_SCRIPT_NAME) . '";
var WT_LOCALE = "' . WT_Filter::escapeJs(WT_LOCALE) . '";
var WT_CSRF_TOKEN = "' . WT_Filter::escapeJs(WT_Filter::getCsrfToken()) . '";
', self::JS_PRIORITY_HIGH);
// Temporary fix for access to main menu hover elements on android/blackberry touch devices
$this->addInlineJavascript('
if(navigator.userAgent.match(/Android|PlayBook/i)) {
jQuery("#main-menu > li > a").attr("href", "#");
jQuery("a.icon_arrow").attr("href", "#");
}
');
header('Content-Type: text/html; charset=UTF-8');
require WT_ROOT . $headerfile;
// Flush the output, so the browser can render the header and load javascript
// while we are preparing data for the page
if (ini_get('output_buffering')) {
ob_flush();
}
flush();
// Once we've displayed the header, we should no longer write session data.
Zend_Session::writeClose();
// We've displayed the header - display the footer automatically
$this->page_header = true;
return $this;
}
public static function checkCsrf()
{
if (WT_Filter::post('csrf') !== WT_Filter::getCsrfToken()) {
// Oops. Something is not quite right
Log::addAuthenticationLog('CSRF mismatch - session expired or malicious attack');
WT_FlashMessages::addMessage(WT_I18N::translate('This form has expired. Try again.'));
return false;
}
return true;
}
