public function check(array $url = null, $redirect=true) { if (is_null($url)) $url = request::get(); $hasRight = !$this->isContained($url, $this->cfg->spec); if (!$hasRight && $redirect) { $request = request::removeLangOutUrl('/'.request::get('request')); if ($request != $this->getPage('forbidden') && $request != $this->getPage('login')) { session::setFlash('nyroError', 'Don\'t have the permission to access to this page.'); response::getInstance()->redirect($this->getPage('forbidden', true), 403); } } return $hasRight; }
public function check(array $url = null, $redirect = true) { if (is_null($url)) $url = request::get(); if ($this->isContained($url, $this->cfg->noSecurity)) return true; $hasRight = $this->cfg->default; if ($this->isContained($url, $this->cfg->spec)) { if ($hasRight) { $hasRight = $this->isLogged(); } else { $hasRight = true; } } else if ($this->isLogged()) { if (!empty($this->cfg->rightRoles)) { $checks = array(); foreach($this->hasRole() as $r=>$t) { $tmp = $this->cfg->getInArray('rightRoles', $r); if (is_array($tmp)) { foreach($tmp as $c) $checks[] = $c; } } $hasRight = $this->isContained($url, $checks); } else $hasRight = true; } if (!$hasRight && $redirect) { $request = request::removeLangOutUrl('/'.request::get('request')); if ($request != $this->getPage('forbidden') && $request != $this->getPage('login')) { $this->session->pageFrom = request::get('localUri'); session::setFlash('nyroError', $this->cfg->errorText); $this->hook('redirectError'); response::getInstance()->redirect($this->getPage('forbidden', true), 403); } } return $hasRight; }
/** * Website main */ public static function main() { define('NYROVERSION', '0.2'); $globalContent = null; $globalVars = null; $cacheInst = null; $cacheInstVars = null; try { self::init(); $resp = response::getInstance(); self::$cfg->overload(__CLASS__.'Response'); if (self::$cfg->globalCache && !request::isPost() && count($_GET) == 0 && $resp->canGlobalCache()) { $prm = is_array(self::$cfg->globalCache) ? self::$cfg->globalCache : array(); $cacheInst = cache::getInstance(array_merge(array('serialize'=>false), $prm)); $id = str_replace('/', '._.', '/'.request::get('request')).(request::isAjax() ? '-ajax' : ''); $cacheInst->get($globalContent, array( 'id'=>$id )); $cacheInstVars = cache::getInstance(array_merge(array('serialize'=>true), $prm)); $cacheInstVars->get($globalVars, array( 'id'=>$id.'-vars' )); } if (is_null($globalContent)) { request::execModule(); if (DEV) { debug::timer('nyroProcess'); debug::timer('nyroRender'); } $resp->setContent(request::publishModule()); } } catch (module_exception $e) { session::setFlash('nyroError', 'MODULE or ACTION NOT FOUND<br />'.self::handleError($e)); $resp->error(null, 404); } catch (nException $e) { session::setFlash('nyroError', self::handleError($e)); $resp->error(null, 500); } catch (PDOException $e) { session::setFlash('nyroError', self::handleError($e)); $resp->error(null, 500); } catch (Exception $e) { session::setFlash('nyroError', self::handleError($e)); $resp->error(null, 500); } try { factory::saveCache(); if ($cacheInst) { if ($globalContent) { $resp->setVarsFromGlobalCache($globalVars); echo $globalContent; } else { $globalVars = $resp->getVarsForGlobalCache(); $globalContent = $resp->send(); $cacheInst->save(); $cacheInstVars->save(); echo $globalContent; } } else { echo $resp->send(); } } catch (Exception $e) { echo debug::trace($e); } }