/** * Assigns a list of applications to a group and computes cookie domain and path. */ public function rebuild() { if (empty($this->objects)) { $this->readObjects(); } $sql = "UPDATE\twcf" . WCF_N . "_application\n\t\t\tSET\tcookieDomain = ?,\n\t\t\t\tcookiePath = ?\n\t\t\tWHERE\tpackageID = ?"; $statement = WCF::getDB()->prepareStatement($sql); // calculate cookie path $domains = array(); $regex = new Regex(':[0-9]+'); foreach ($this->objects as $application) { $domainName = $application->domainName; if (StringUtil::endsWith($regex->replace($domainName, ''), $application->cookieDomain)) { $domainName = $application->cookieDomain; } if (!isset($domains[$domainName])) { $domains[$domainName] = array(); } $domains[$domainName][$application->packageID] = explode('/', FileUtil::removeLeadingSlash(FileUtil::removeTrailingSlash($application->domainPath))); } WCF::getDB()->beginTransaction(); foreach ($domains as $domainName => $data) { $path = null; foreach ($data as $domainPath) { if ($path === null) { $path = $domainPath; } else { foreach ($path as $i => $part) { if (!isset($domainPath[$i]) || $domainPath[$i] != $part) { // remove all following elements including current one foreach ($path as $j => $innerPart) { if ($j >= $i) { unset($path[$j]); } } // skip to next domain continue 2; } } } } $path = FileUtil::addLeadingSlash(FileUtil::addTrailingSlash(implode('/', $path))); foreach (array_keys($data) as $packageID) { $statement->execute(array($domainName, $path, $packageID)); } } WCF::getDB()->commitTransaction(); // rebuild templates LanguageFactory::getInstance()->deleteLanguageCache(); // reset application cache ApplicationCacheBuilder::getInstance()->reset(); }
/** * Returns a list of options by object type id. * * @param integer $objectTypeID * @param string $categoryName * @return \wcf\data\acl\option\ACLOptionList */ public function getOptions($objectTypeID, $categoryName = '') { $optionList = new ACLOptionList(); if (!empty($categoryName)) { if (StringUtil::endsWith($categoryName, '.*')) { $categoryName = mb_substr($categoryName, 0, -1) . '%'; $optionList->getConditionBuilder()->add("acl_option.categoryName LIKE ?", array($categoryName)); } else { $optionList->getConditionBuilder()->add("acl_option.categoryName = ?", array($categoryName)); } } $optionList->getConditionBuilder()->add("acl_option.objectTypeID = ?", array($objectTypeID)); $optionList->readObjects(); return $optionList; }
/** * Alias to php setcookie() function. */ public static function setCookie($name, $value = '', $expire = 0) { $application = ApplicationHandler::getInstance()->getActiveApplication(); $addDomain = (StringUtil::indexOf($application->cookieDomain, '.') === false || StringUtil::endsWith($application->cookieDomain, '.lan') || StringUtil::endsWith($application->cookieDomain, '.local')) ? false : true; @header('Set-Cookie: '.rawurlencode(COOKIE_PREFIX.$name).'='.rawurlencode($value).($expire ? '; expires='.gmdate('D, d-M-Y H:i:s', $expire).' GMT; max-age='.($expire - TIME_NOW) : '').'; path='.$application->cookiePath.($addDomain ? '; domain='.$application->cookieDomain : '').(RouteHandler::secureConnection() ? '; secure' : '').'; HttpOnly', false); }
/** * @see wcf\form\IForm::validate() */ public function validate() { parent::validate(); if (empty($this->domainName)) { throw new UserInputException('domainName'); } else { $regex = new Regex('^https?\://'); $this->domainName = FileUtil::removeTrailingSlash($regex->replace($this->domainName, '')); $this->cookieDomain = FileUtil::removeTrailingSlash($regex->replace($this->cookieDomain, '')); // domain may not contain path components $regex = new Regex('[/#\?&]'); if ($regex->match($this->domainName)) { throw new UserInputException('domainName', 'containsPath'); } else if ($regex->match($this->cookieDomain)) { throw new UserInputException('cookieDomain', 'containsPath'); } // check if cookie domain shares the same domain (may exclude subdomains) if (!StringUtil::endsWith($this->domainName, $this->cookieDomain)) { throw new UserInputException('cookieDomain', 'notValid'); } } if (empty($this->domainPath)) { $this->cookiePath = ''; } else { // strip first and last slash $this->domainPath = FileUtil::removeLeadingSlash(FileUtil::removeTrailingSlash($this->domainPath)); $this->cookiePath = FileUtil::removeLeadingSlash(FileUtil::removeTrailingSlash($this->cookiePath)); if (!empty($this->cookiePath) && ($this->domainPath != $this->cookiePath)) { // check if cookie path is contained within domain path if (!StringUtil::startsWith($this->domainPath, $this->cookiePath)) { throw new UserInputException('cookiePath', 'notValid'); } } } // add slashes $this->domainPath = FileUtil::addLeadingSlash(FileUtil::addTrailingSlash($this->domainPath)); $this->cookiePath = FileUtil::addLeadingSlash(FileUtil::addTrailingSlash($this->cookiePath)); }
/** * @see \wcf\form\IForm::validate() */ public function validate() { parent::validate(); if (empty($this->domainName)) { throw new UserInputException('domainName'); } else { $regex = new Regex('^https?\\://'); $this->domainName = FileUtil::removeTrailingSlash($regex->replace($this->domainName, '')); $this->cookieDomain = FileUtil::removeTrailingSlash($regex->replace($this->cookieDomain, '')); // domain may not contain path components $regex = new Regex('[/#\\?&]'); if ($regex->match($this->domainName)) { throw new UserInputException('domainName', 'containsPath'); } else { if ($regex->match($this->cookieDomain)) { throw new UserInputException('cookieDomain', 'containsPath'); } } // strip port from cookie domain $regex = new Regex(':[0-9]+$'); $this->cookieDomain = $regex->replace($this->cookieDomain, ''); // check if cookie domain shares the same domain (may exclude subdomains) if (!StringUtil::endsWith($regex->replace($this->domainName, ''), $this->cookieDomain)) { throw new UserInputException('cookieDomain', 'notValid'); } } // add slashes $this->domainPath = FileUtil::addLeadingSlash(FileUtil::addTrailingSlash($this->domainPath)); // search for other applications with the same domain and path $sql = "SELECT\tpackageID\n\t\t\tFROM\twcf" . WCF_N . "_application\n\t\t\tWHERE\tdomainName = ?\n\t\t\t\tAND domainPath = ?\n\t\t\t\tAND packageID <> ?"; $statement = WCF::getDB()->prepareStatement($sql, 1); $statement->execute(array($this->domainName, $this->domainPath, $this->application->packageID)); $row = $statement->fetchArray(); if ($row) { WCF::getTPL()->assign('conflictApplication', PackageCache::getInstance()->getPackage($row['packageID'])); throw new UserInputException('domainPath', 'conflict'); } }