function RequestDenied() { $dbMsg = SysLog::Instance()->getAllError(); print_r($dbMsg); if ($this->IsLoggedIn()) { echo "Request denied, insufficient access permission!"; SysLog::Instance()->log('Security: Request denied, insufficient access permission!', 'security'); } else { // hasn't logged in yet or session expired, do redirect to login page if ($_SERVER['HTTP_X_GTFWXHRREQUESTSIGNATURE'] != '') { // yes, it is breaking the http rule as the http 401 error isn't meant // to use with redirection, but this http error code comes handy // when handling xhr request since the xhr object transparently // follow http redirection which isn't desired by this framework // so, an http 401 error will include a redirection header // at the end, instead of embedding page within page, user will be // redirected to login page $error_code = 401; } else { $error_code = NULL; } Redirector::RedirectToUrl($this->mAuthentication->GetLoginPage(), TRUE, $error_code, FALSE); } }
function Dispatch() { // send header first header('Cache-Control: no-cache, must-revalidate'); header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); if (isset($_SERVER['HTTP_X_GTFWMODULETYPE'])) { $type = $_SERVER['HTTP_X_GTFWMODULETYPE']; } else { $type = null; } //SysLog::Log("HEADER: " .$_SERVER['X-GtfwModuleType'], 'dispatcher'); SysLog::Log("HEADER: " . $type, 'dispatcher'); $module = ''; $submodule = ''; $action = ''; $type = ''; if (Configuration::Instance()->GetValue('application', 'url_type') == 'Long') { if (isset($_REQUEST['mod']) && isset($_REQUEST['sub']) && isset($_REQUEST['act']) && isset($_REQUEST['typ']) || $_REQUEST['typ'] == "rest") { // hack for requests/responses that don't need obfuscation if (in_array($_REQUEST['typ'], Configuration::Instance()->GetValue('application', 'url_obfuscator_exception'))) { Configuration::Instance()->RegisterHook($this); } // $module = $this->Decrypt($_REQUEST['mod']); $submodule = $this->Decrypt($_REQUEST['sub']); $action = $this->Decrypt($_REQUEST['act']); $type = $this->Decrypt($_REQUEST['typ']); SysLog::Log("Long URL \$_REQUEST", 'dispatcher'); } else { SysLog::Log("No \$_REQUEST set for Long URL {$_REQUEST['mod']}", 'dispatcher'); } } elseif (Configuration::Instance()->GetValue('application', 'url_type') == 'Short') { if (isset($_REQUEST['mid'])) { $module_id = $this->Decrypt($_REQUEST['mid']); $request_translated = $this->TranslateRequestToLong($module_id); if (is_array($request_translated)) { $module = $request_translated[0]; $submodule = $request_translated[1]; $action = $request_translated[2]; $type = $request_translated[3]; } } } elseif (Configuration::Instance()->GetValue('application', 'url_type') == 'Path') { list(, , $module, , $submodule, , $action, , $type, ) = explode('/', $_SERVER['PATH_INFO']); $module = $this->Decrypt($module); $submodule = $this->Decrypt($submodule); $action = $this->Decrypt($action); $type = $this->Decrypt($type); } SysLog::Log("Translated request: {$module}/{$submodule}/{$action}/{$type} from " . print_r($_REQUEST, true), 'dispatcher'); // default if ($module == '' && $submodule == '' && $action == '' && $type == '') { $module = Configuration::Instance()->GetValue('application', 'default_module'); $submodule = Configuration::Instance()->GetValue('application', 'default_submodule'); $action = Configuration::Instance()->GetValue('application', 'default_action'); $type = Configuration::Instance()->GetValue('application', 'default_type'); } // hack to overide any typ specified before. if (isset($_COOKIE['GtfwModuleType'])) { $type = $_COOKIE['GtfwModuleType']->Raw(); // delete the cookie setcookie('GtfwModuleType', '', mktime(5, 0, 0, 7, 26, 1997)); } if (isset($_SERVER['HTTP_X_GTFWMODULETYPE'])) { $type = $_SERVER['HTTP_X_GTFWMODULETYPE']; } SysLog::Log("Final request: {$module}/{$submodule}/{$action}/{$type}", 'dispatcher'); $this->mModule = $module; $this->mSubModule = $submodule; $this->mAction = $action; $this->mType = $type; if (class_exists('ServiceSecurity')) { if (ServiceSecurity::Instance()->AllowedToAccess($module, $submodule, $action, $type)) { list($file_path, $class_name) = $this->GetModule($module, $submodule, $action, $type); if (FALSE === $file_path) { $dbMsg = SysLog::Instance()->getAllError(); if (!empty($dbMsg)) { echo "<pre>"; for ($i = 0; $i < count($dbMsg); $i++) { echo $dbMsg[$i]; } echo "</pre>"; } die('Service Not Found'); } else { $this->DispacherSend($type, $file_path, $class_name); } } } else { SysLog::Instance()->log("Security::Instance()->AllowedToAccess({$module}, {$submodule}, {$action}, {$type})", 'sanitizer'); if (Security::Instance()->AllowedToAccess($module, $submodule, $action, $type)) { list($file_path, $class_name) = $this->GetModule($module, $submodule, $action, $type); if (FALSE === $file_path) { $this->ModuleNotFound(); } else { if (!Security::Instance()->IsProtocolCheckPassed($module, $submodule, $action, $type)) { // redirect to https or http $url = Configuration::Instance()->GetValue('application', 'baseaddress'); if (!isset($_SERVER['HTTPS'])) { $url = preg_replace('/^http:/', 'https:', $url); } $url .= $this->GetUrl($module, $submodule, $action, $type); Redirector::RedirectToUrl($url); } else { $this->DispacherSend($type, $file_path, $class_name); } } } else { Security::Instance()->RequestDenied(); } } }
function RedirectTo($url, $replace = FALSE, $code = NULL) { Redirector::RedirectToUrl($url, $replace, $code); $this->mRedirected = TRUE; }