/**
* Call this to require that users accessing the given URL are authenticated;
* if they're not, this will cause them to be redirected to another URL
* (generally, so they can login).
*/
public function force_authentication($redirectToUrl, $destinationArg = 'loginDestination')
{
if (is_object($this->session) && method_exists($this->session, 'is_authenticated')) {
if (strlen($redirectToUrl)) {
$cleanedRedirect = $this->clean_url($redirectToUrl);
if ($this->section != $cleanedRedirect) {
if (!$this->session->is_authenticated()) {
//run the redirect.
if (strlen($destinationArg)) {
$redirectToUrl .= '?' . $destinationArg . '=' . urlencode($_SERVER['REQUEST_URI']);
}
ToolBox::conditional_header($redirectToUrl, TRUE);
}
} else {
throw new exception(__METHOD__ . ": redirect url (" . $redirectToUrl . ") matches current URL");
}
} else {
throw new exception(__METHOD__ . ": failed to provide proper redirection URL");
}
} else {
throw new exception(__METHOD__ . ": cannot force authentication (missing method)");
}
}
/**
* @expectedException InvalidArgumentException
*/
public function test_conditionalHeaderWithNoUrl()
{
ToolBox::conditional_header(null);
}
/**
* Performs redirection, provided it is allowed.
*/
function conditional_header($url, $exitAfter = TRUE, $isPermRedir = FALSE)
{
ToolBox::conditional_header($url, $isPermRedir);
if ($exitAfter) {
exit;
}
}
