/** * Call this to require that users accessing the given URL are authenticated; * if they're not, this will cause them to be redirected to another URL * (generally, so they can login). */ public function force_authentication($redirectToUrl, $destinationArg = 'loginDestination') { if (is_object($this->session) && method_exists($this->session, 'is_authenticated')) { if (strlen($redirectToUrl)) { $cleanedRedirect = $this->clean_url($redirectToUrl); if ($this->section != $cleanedRedirect) { if (!$this->session->is_authenticated()) { //run the redirect. if (strlen($destinationArg)) { $redirectToUrl .= '?' . $destinationArg . '=' . urlencode($_SERVER['REQUEST_URI']); } ToolBox::conditional_header($redirectToUrl, TRUE); } } else { throw new exception(__METHOD__ . ": redirect url (" . $redirectToUrl . ") matches current URL"); } } else { throw new exception(__METHOD__ . ": failed to provide proper redirection URL"); } } else { throw new exception(__METHOD__ . ": cannot force authentication (missing method)"); } }
/** * @expectedException InvalidArgumentException */ public function test_conditionalHeaderWithNoUrl() { ToolBox::conditional_header(null); }
/** * Performs redirection, provided it is allowed. */ function conditional_header($url, $exitAfter = TRUE, $isPermRedir = FALSE) { ToolBox::conditional_header($url, $isPermRedir); if ($exitAfter) { exit; } }