/** * @throws \Zend_Exception */ public function init() { parent::init(); // set language if (\Zend_Registry::isRegistered("Zend_Locale")) { $locale = (string) \Zend_Registry::get("Zend_Locale"); $this->setLanguage($locale); } else { if ($this->getParam("language")) { $this->setLanguage($this->getParam("language")); } else { $config = Config::getSystemConfig(); $this->setLanguage($config->general->language); // try to set browser-language (validation if installed is in $this->setLanguage() ) $this->setLanguage(new \Zend_Locale()); } } if (self::$adminInitialized) { // this will be executed on every call to this init() method try { $this->setUser(\Zend_Registry::get("pimcore_admin_user")); } catch (\Exception $e) { \Logger::emerg("adminInitialized was set to true although there was no user set in the registry -> to be save the process was killed"); exit; } } else { // the following code is only called once, even when there are some subcalls (eg. with $this->action, ... ) \Pimcore::getEventManager()->trigger("admin.controller.preInit", $this); $this->disableBrowserCache(); // general definitions Model\Document::setHideUnpublished(false); Model\Object\AbstractObject::setHideUnpublished(false); Model\Object\AbstractObject::setGetInheritedValues(false); Model\Object\Localizedfield::setGetFallbackValues(false); \Pimcore::setAdminMode(); // init translations self::initTranslations($this); // init zend action helpers, we need to leave the prefixed class name here as the plugin loader isn't able to handle namespaces \Zend_Controller_Action_HelperBroker::addPrefix('Pimcore_Controller_Action_Helper'); // this is to make it possible to use the session id as a part of the route (ZF default route) used for external editors, etc. if ($this->getParam("pimcore_admin_sid")) { $_REQUEST["pimcore_admin_sid"] = $this->getParam("pimcore_admin_sid"); } // authenticate user, first try to authenticate with session information $user = Authentication::authenticateSession(); if ($user instanceof Model\User) { $this->setUser($user); if ($this->getUser()->getLanguage()) { $this->setLanguage($this->getUser()->getLanguage()); } } else { // try to authenticate with http basic auth, but this is only allowed for WebDAV if ($this->getParam("module") == "admin" && $this->getParam("controller") == "asset" && $this->getParam("action") == "webdav") { $user = Authentication::authenticateHttpBasic(); if ($user instanceof Model\User) { $this->setUser($user); \Zend_Registry::set("pimcore_admin_user", $this->getUser()); self::$adminInitialized = true; return; } } } // redirect to the login-page if the user isn't authenticated if (!$this->getUser() instanceof Model\User && !($this->getParam("module") == "admin" && $this->getParam("controller") == "login")) { // put a detailed message into the debug.log \Logger::error("Prevented access to " . $_SERVER["REQUEST_URI"] . " because there is no user in the session!", ["server" => $_SERVER, "get" => $_GET, "post" => $_POST, "session" => $_SESSION, "cookie" => $_COOKIE]); // send a auth header for the client (is covered by the ajax object in javascript) $this->getResponse()->setHeader("X-Pimcore-Auth", "required"); // redirect to login page $this->redirect("/admin/login"); // exit the execution -> just to be sure exit; } // we're now authenticated so we can remove the default error handler so that we get just the normal PHP errors if ($this->getParam("controller") != "login") { $front = \Zend_Controller_Front::getInstance(); $front->unregisterPlugin("Pimcore\\Controller\\Plugin\\ErrorHandler"); $front->throwExceptions(true); @ini_set("display_errors", "On"); @ini_set("display_startup_errors", "On"); } \Zend_Registry::set("pimcore_admin_user", $this->getUser()); self::$adminInitialized = true; // usage statistics $this->logUsageStatistics(); \Pimcore::getEventManager()->trigger("admin.controller.postInit", $this); } }