/**
* load a route
*
* @access private
* @param \stdClass $oRoute one route
* @param string $RequestUri URI
* @return void
*/
private function _route(\stdClass $oRoute, string $RequestUri)
{
$sCharset = 'UTF-8';
if (isset($oRoute->route)) {
$sRoute = str_replace("*", ".*", $oRoute->route);
$sFinalRoute = preg_replace_callback('|\\[/{0,1}:([a-zA-Z_]+)\\]|', function ($aMatches) use($oRoute) {
return "/{0,1}(?P<" . $aMatches[1] . ">" . $oRoute->constraints->{$aMatches[1]} . ")";
}, $sRoute);
} else {
$sFinalRoute = '.*';
}
$RequestUri = preg_replace('/^([^?]+)\\?.*$/', '$1', $RequestUri);
$RequestUri = preg_replace('#^' . $this->_sBaseUri . '#', '', $RequestUri);
if (preg_match('#^' . $sFinalRoute . '$#', $RequestUri, $aMatch)) {
if (isset($oRoute->location)) {
$aParamEntries = array();
foreach ($oRoute->constraints as $sName => $sType) {
if (isset($aMatch[$sName])) {
$aParamEntries[$sName] = $aMatch[$sName];
}
}
$oUrlManager = new UrlManager();
header('Status: 301 Moved Permanently', false, 301);
header('Location: ' . $oUrlManager->getUrl($oRoute->location, $aParamEntries));
exit;
}
$this->_oSecurity = new Security();
if (!$this->_oSecurity->checkSecurity() !== null) {
return 403;
}
// create the $_GET by the URL
foreach ($aMatch as $mKey => $sResults) {
if (is_string($mKey)) {
$_GET[$mKey] = $sResults;
}
}
if (isset($oRoute->methods) && $oRoute->methods != $_SERVER['REQUEST_METHOD']) {
return false;
}
if (isset($oRoute->schemes) && $oRoute->schemes == 'https' && !Request::isHttpsRequest()) {
return false;
}
if (isset($oRoute->cache) && isset($oRoute->cache->max_age) && !isset($_GET['flush'])) {
$oMobileDetect = new \Mobile_Detect();
if ($oMobileDetect->isMobile()) {
$sCacheExt = '.mobi';
} else {
$sCacheExt = '';
}
$mCacheReturn = Cache::get($RequestUri . $sCacheExt, $oRoute->cache->max_age);
if ($mCacheReturn && count($_POST) < 1) {
echo $mCacheReturn;
return true;
}
}
if (isset($oRoute->cache)) {
$this->_checkCache($oRoute->cache);
}
if (isset($oRoute->controller)) {
define('PORTAL', preg_replace('/^\\\\Venus\\\\src\\\\([a-zA-Z0-9_]+)\\\\.+$/', '$1', $oRoute->controller));
set_include_path(get_include_path() . PATH_SEPARATOR . 'src' . PATH_SEPARATOR . PORTAL . PATH_SEPARATOR . 'public');
if (isset($oRoute->content_type)) {
if ($oRoute->content_type == 'json') {
header('Content-type: application/json; charset=' . $sCharset . '');
} else {
if ($oRoute->content_type == 'html') {
header('Content-type: text/html; charset=' . $sCharset . '');
} else {
if ($oRoute->content_type == 'jpeg') {
header('Content-type: image/jpeg');
}
}
}
} else {
header('Content-type: text/html; charset=' . $sCharset . '');
}
$sControllerName = $oRoute->controller;
$sActionName = $oRoute->action;
$oController = new $sControllerName();
$aEntries = array();
if (isset($oRoute->constraints) && is_object($oRoute->constraints)) {
$mReturn = null;
foreach ($oRoute->constraints as $sName => $sType) {
if (isset($_GET[$sName]) && $_GET[$sName] != '') {
$aEntries[] = $_GET[$sName];
} else {
if (isset($oRoute->defaults_constraints) && is_object($oRoute->defaults_constraints) && isset($oRoute->defaults_constraints->{$sName})) {
$aEntries[] = $oRoute->defaults_constraints->{$sName};
} else {
if (isset($_GET[$sName])) {
$aEntries[] = $_GET[$sName];
} else {
if (preg_match('/' . $sType . '/', '')) {
$aEntries[] = '';
} else {
$this->_oLogger->warning('Error: Parameter ' . $sName . ' not exists!');
break;
}
}
}
}
}
if ($mReturn === null) {
$mReturn = $this->_loadController($oController, $sActionName, $aEntries);
}
} else {
$mReturn = $this->_loadController($oController, $sActionName, $aEntries);
}
if (isset($oRoute->content_type)) {
if ($oRoute->content_type === 'json') {
$mReturn = json_encode($mReturn, JSON_PRETTY_PRINT);
}
}
} else {
if (isset($oRoute->template) && isset($oRoute->layout) && $oRoute->layout === true) {
define('PORTAL', preg_replace('/^\\\\Venus\\\\src\\\\([a-zA-Z0-9_]+)\\\\.+$/', '$1', $oRoute->template));
set_include_path(get_include_path() . PATH_SEPARATOR . 'src' . PATH_SEPARATOR . PORTAL . PATH_SEPARATOR . 'public');
$oLayout = Vendor::getVendor('Apollina\\Template', DIRECTORY_SEPARATOR . 'src' . DIRECTORY_SEPARATOR . PORTAL . DIRECTORY_SEPARATOR . 'View' . DIRECTORY_SEPARATOR . 'Layout.tpl');
if (isset($oRoute->vars)) {
foreach ($oRoute->vars as $sKey => $mValue) {
$oLayout->assign($sKey, $mValue);
}
}
$mReturn = $oLayout->assign('model', DIRECTORY_SEPARATOR . 'src' . DIRECTORY_SEPARATOR . PORTAL . DIRECTORY_SEPARATOR . 'View' . DIRECTORY_SEPARATOR . $oRoute->template . '.tpl')->fetch();
} else {
if (isset($oRoute->template)) {
define('PORTAL', preg_replace('/^\\\\Venus\\\\src\\\\([a-zA-Z0-9_]+)\\\\.+$/', '$1', $oRoute->template));
set_include_path(get_include_path() . PATH_SEPARATOR . 'src' . PATH_SEPARATOR . PORTAL . PATH_SEPARATOR . 'public');
$oTemplate = Vendor::getVendor('Apollina\\Template', DIRECTORY_SEPARATOR . 'src' . DIRECTORY_SEPARATOR . PORTAL . DIRECTORY_SEPARATOR . 'View' . DIRECTORY_SEPARATOR . $oRoute->template . '.tpl');
if (isset($oRoute->vars)) {
foreach ($oRoute->vars as $sKey => $mValue) {
$oTemplate->assign($sKey, $mValue);
}
}
$mReturn = $oTemplate->fetch();
}
}
}
// management of return or cache of it
if (isset($oRoute->cache) && isset($oRoute->cache->max_age) && $mReturn) {
$oMobileDetect = new \Mobile_Detect();
if ($oMobileDetect->isMobile()) {
$sCacheExt = '.mobi';
} else {
$sCacheExt = '';
}
if (defined('COMPRESS_HTML') && COMPRESS_HTML) {
$mReturn = str_replace(array("\t", "\r", " "), array("", "", " "), $mReturn);
}
Cache::set($RequestUri . $sCacheExt, $mReturn, $oRoute->cache->max_age);
}
if ($mReturn) {
echo $mReturn;
return true;
}
}
}
/**
* check security of access
*
* @access public
* @return null|boolean
*/
public function checkSecurity()
{
foreach (Config::get('Route') as $sHost => $oHost) {
if (!strstr($sHost, '/') && $sHost == $_SERVER['HTTP_HOST'] || strstr($sHost, '/') && strstr($_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], $sHost)) {
if (strstr($sHost, '/') && strstr($_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], $sHost)) {
$this->_sBaseUri = preg_replace('#^[^/]+#', '', $sHost);
}
if (isset($oSecurity->firewall)) {
$oSecurity = $oHost->firewall;
}
}
}
if (isset($oSecurity)) {
if (isset($oSecurity->authentification) && $oSecurity->authentification === 'http_basic') {
if (!isset($_SERVER['PHP_AUTH_USER'])) {
if (!isset($oSecurity->realm)) {
$oSecurity->realm = 'Access';
}
if (!isset($oSecurity->cancelled)) {
$oSecurity->cancelled = 'Cancelled';
}
header('WWW-Authenticate: Basic realm="' . $oSecurity->realm . '"');
header('HTTP/1.0 401 Unauthorized');
echo $oSecurity->cancelled;
exit;
} else {
self::$_sLogin = $_SERVER['PHP_AUTH_USER'];
self::$_sPassword = $_SERVER['PHP_AUTH_PW'];
if (!$this->_checkPasswordIsGood()) {
return false;
}
if (!$this->_checkAccess()) {
return false;
}
if (!$this->_checkBlackListIps()) {
return false;
}
}
} else {
if (isset($oSecurity->authentification) && $oSecurity->authentification === 'http_basic_validate_by_controller') {
if (!isset($_SERVER['PHP_AUTH_USER'])) {
if (!isset($oSecurity->realm)) {
$oSecurity->realm = 'Access';
}
if (!isset($oSecurity->cancelled)) {
$oSecurity->cancelled = 'Cancelled';
}
header('WWW-Authenticate: Basic realm="' . $oSecurity->realm . '"');
header('HTTP/1.0 401 Unauthorized');
echo $oSecurity->cancelled;
exit;
} else {
self::$_sLogin = $_SERVER['PHP_AUTH_USER'];
self::$_sPassword = $_SERVER['PHP_AUTH_PW'];
$sControllerName = $oSecurity->controller;
$sActionName = $oSecurity->action;
$oController = new $sControllerName();
if (!$oController->{$sActionName}(self::$_sLogin, self::$_sPassword)) {
return false;
}
if (!$this->_checkAccess()) {
return false;
}
if (!$this->_checkBlackListIps()) {
return false;
}
}
} else {
if (isset($oSecurity->authentification) && $oSecurity->authentification === 'controller') {
// it's an action of one controller that it return true or false for the authentification
$sControllerName = $oSecurity->controller;
$sActionName = $oSecurity->action;
$oController = new $sControllerName();
if (!$oController->{$sActionName}) {
return false;
}
if (!$this->_checkAccess()) {
return false;
}
if (!$this->_checkBlackListIps()) {
return false;
}
}
}
}
if (isset($oSecurity->ips) && !in_array($_SERVER['REMOTE_ADDR'], $oSecurity->ips)) {
return false;
}
if (isset($oSecurity->requires_channel) && $oSecurity->requires_channel == 'https' && !Request::isHttpsRequest()) {
return false;
} else {
if (isset($oSecurity->requires_channel) && $oSecurity->requires_channel == 'http' && (Request::isHttpRequest() && Request::isHttpsRequest() || !Request::isHttpRequest())) {
return false;
}
}
}
return true;
}
