/** * Application bootstrap initialization. * Solves chicken-and-egg problem - need a way to init Horde environment * from application without an active Horde_Registry object. * * Page compression will be started (if configured). * * Global variables defined: * <pre> * - $browser: Horde_Browser object * - $cli: Horde_Cli object (if 'cli' is true) * - $conf: Configuration array * - $injector: Horde_Injector object * - $language: Language * - $notification: Horde_Notification object * - $page_output: Horde_PageOutput object * - $prefs: Horde_Prefs object * - $registry: Horde_Registry object * - $session: Horde_Session object * </pre> * * @param string $app The application to initialize. * @param array $args Optional arguments: * <pre> * - admin: (boolean) Require authenticated user to be an admin? * DEFAULT: false * - authentication: (string) The type of authentication to use: * - none: Do not authenticate * - fallback: Attempt to authenticate; if failure, then don't auth * (@since 2.11.0). * - [DEFAULT]: Authenticate; on no auth redirect to login screen * - cli: (boolean) Initialize a CLI interface. Setting this to true * implicitly sets 'authentication' to 'none' and 'admin' and * 'nocompress' to true. * DEFAULT: false * - nocompress: (boolean) If set, the page will not be compressed. * DEFAULT: false * - nologintasks: (boolean) If set, don't perform logintasks (never * performed if authentication is 'none'). * DEFAULT: false * - nonotificationinit: (boolean) If set, don't initialize the * application handlers for the notification * system (@since 2.12.0). * - permission: (array) The permission required by the user to access * the page. The first element (REQUIRED) is the permission * name. The second element (OPTION; defaults to SHOW) is * the permission level. * - session_cache_limiter: (string) Use this value for the session * cache limiter. * DEFAULT: Uses the value in the config. * - session_control: (string) Special session control limitations: * - netscape: TODO; start read/write session * - none: Do not start a session * - readonly: Start session readonly * - [DEFAULT] - Start read/write session * - test: (boolean) Is this the test script? If so, we relax several * sanity checks and don't load things from the cache. * DEFAULT: false * - timezone: (boolean) Set the time zone? * DEFAULT: false * - user_admin: (boolean) Set authentication to an admin user? * DEFAULT: false * </pre> * * @return Horde_Registry_Application The application object. * @throws Horde_Exception */ public static function appInit($app, array $args = array()) { if (isset($GLOBALS['registry'])) { return $GLOBALS['registry']->getApiInstance($app, 'application'); } $args = array_merge(array('admin' => false, 'authentication' => null, 'cli' => null, 'nocompress' => false, 'nologintasks' => false, 'nonotificationinit' => false, 'permission' => false, 'session_cache_limiter' => null, 'session_control' => null, 'timezone' => false, 'user_admin' => null), $args); /* CLI initialization. */ if ($args['cli']) { /* Make sure no one runs from the web. */ if (!Horde_Cli::runningFromCLI()) { throw new Horde_Exception(Horde_Core_Translation::t("Script must be run from the command line")); } /* Load the CLI environment - make sure there's no time limit, * init some variables, etc. */ $GLOBALS['cli'] = Horde_Cli::init(); $args['nocompress'] = true; $args['authentication'] = 'none'; } // For 'fallback' authentication, try authentication first. if ($args['authentication'] === 'fallback') { $fallback_auth = true; $args['authentication'] = null; } else { $fallback_auth = false; } // Registry. $s_ctrl = 0; switch ($args['session_control']) { case 'netscape': // Chicken/egg: Browser object doesn't exist yet. // Can't use Horde_Core_Browser since it depends on registry to be // configured. $browser = new Horde_Browser(); if ($browser->isBrowser('mozilla')) { $args['session_cache_limiter'] = 'private, must-revalidate'; } break; case 'none': $s_ctrl = self::SESSION_NONE; break; case 'readonly': $s_ctrl = self::SESSION_READONLY; break; } $classname = __CLASS__; $registry = $GLOBALS['registry'] = new $classname($s_ctrl, $args); $registry->initialApp = $app; $appob = $registry->getApiInstance($app, 'application'); $appob->initParams = $args; do { try { $registry->pushApp($app, array('check_perms' => $args['authentication'] != 'none', 'logintasks' => !$args['nologintasks'], 'notransparent' => !empty($args['notransparent']))); if ($args['admin'] && !$registry->isAdmin()) { throw new Horde_Exception(Horde_Core_Translation::t("Not an admin")); } $e = null; } catch (Horde_Exception_PushApp $e) { if ($fallback_auth) { $registry->authException = $e; $registry->setAuthenticationSetting('none'); $args['authentication'] = 'none'; $fallback_auth = false; continue; } } break; } while (true); if (!is_null($e)) { $appob->appInitFailure($e); switch ($e->getCode()) { case self::AUTH_FAILURE: $failure = new Horde_Exception_AuthenticationFailure($e->getMessage()); $failure->application = $app; throw $failure; case self::NOT_ACTIVE: /* Try redirect to Horde if an app is not active. */ if (!$args['cli'] && $app != 'horde') { $GLOBALS['notification']->push($e, 'horde.error'); Horde::url($registry->getInitialPage('horde'))->redirect(); } /* Shouldn't reach here, but fall back to permission denied * error if we can't even access Horde. */ // Fall-through /* Shouldn't reach here, but fall back to permission denied * error if we can't even access Horde. */ // Fall-through case self::PERMISSION_DENIED: $failure = new Horde_Exception_AuthenticationFailure($e->getMessage(), Horde_Auth::REASON_MESSAGE); $failure->application = $app; throw $failure; } throw $e; } if ($args['timezone']) { $registry->setTimeZone(); } if (!$args['nocompress']) { $GLOBALS['page_output']->startCompression(); } if ($args['user_admin']) { if (empty($GLOBALS['conf']['auth']['admins'])) { throw new Horde_Exception(Horde_Core_Translation::t("Admin authentication requested, but no admin users defined in configuration.")); } $registry->setAuth(reset($GLOBALS['conf']['auth']['admins']), array(), array('no_convert' => true)); } if ($args['permission']) { $admin_opts = array('permission' => $args['permission'][0], 'permlevel' => isset($args['permission'][1]) ? $args['permission'][1] : Horde_Perms::SHOW); if (!$registry->isAdmin($admin_opts)) { throw new Horde_Exception_PermissionDenied(Horde_Core_Translation::t("Permission denied.")); } } return $appob; }
/** * ungimp_ie * * This function sets the cache limiting to public if you are running * some flavor of IE and not using HTTPS. */ public static function ungimp_ie() { // If no https, no ungimpage required if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'on') { return true; } $browser = new Horde_Browser(); if ($browser->isBrowser('msie')) { session_cache_limiter('public'); } return true; }