Exemplo n.º 1
0
 public function reload()
 {
     $_SESSION['config'] = $this->getAll();
     $language = $this->get('language', 'en_US');
     if ($language !== 'en_US') {
         \Translator\load($language);
     }
 }
Exemplo n.º 2
0
 public function beforeAction($controller, $action)
 {
     $this->session->open(dirname($_SERVER['PHP_SELF']));
     if (!isset($_SESSION['user']) && !$this->noAuthAllowed($controller, $action)) {
         $this->response->redirect('?controller=user&action=login');
     }
     // Load translations
     $language = $this->config->get('language', 'en_US');
     if ($language !== 'en_US') {
         \Translator\load($language);
     }
     $this->response->csp();
     $this->response->nosniff();
     $this->response->xss();
     $this->response->hsts();
     $this->response->xframe();
 }
Exemplo n.º 3
0
 /**
  * Method executed before each action
  *
  * @access public
  */
 public function beforeAction($controller, $action)
 {
     // Start the session
     $this->session->open(BASE_URL_DIRECTORY, SESSION_SAVE_PATH);
     // HTTP secure headers
     $this->response->csp();
     $this->response->nosniff();
     $this->response->xss();
     $this->response->hsts();
     $this->response->xframe();
     // Load translations
     $language = $this->config->get('language', 'en_US');
     if ($language !== 'en_US') {
         \Translator\load($language);
     }
     // Set timezone
     date_default_timezone_set($this->config->get('timezone', 'UTC'));
     // Authentication
     if (!$this->acl->isLogged() && !$this->acl->isPublicAction($controller, $action)) {
         // Try the remember me authentication first
         if (!$this->rememberMe->authenticate()) {
             // Redirect to the login form if not authenticated
             $this->response->redirect('?controller=user&action=login');
         } else {
             $this->lastLogin->create(\Model\LastLogin::AUTH_REMEMBER_ME, $this->acl->getUserId(), $this->user->getIpAddress(), $this->user->getUserAgent());
         }
     } else {
         if ($this->rememberMe->hasCookie()) {
             $this->rememberMe->refresh();
         }
     }
     // Check if the user is allowed to see this page
     if (!$this->acl->isPageAccessAllowed($controller, $action)) {
         $this->response->redirect('?controller=user&action=forbidden');
     }
     // Attach events for automatic actions
     $this->action->attachEvents();
 }
Exemplo n.º 4
0
            Response\redirect('?action=login');
        }
    }
    // These actions are considered to be safe even for unauthenticated users
    $safe_actions = array('login', 'bookmark-feed', 'select-db', 'logout', 'notfound');
    if (!Model\User\is_loggedin() && !in_array($action, $safe_actions)) {
        if (!Model\RememberMe\authenticate()) {
            Model\User\logout();
            Response\redirect('?action=login');
        }
    } elseif (Model\RememberMe\has_cookie()) {
        Model\RememberMe\refresh();
    }
    // Load translations
    $language = Model\Config\get('language') ?: 'en_US';
    Translator\load($language);
    // Set timezone
    date_default_timezone_set(Model\Config\get('timezone') ?: 'UTC');
    // HTTP secure headers
    Response\csp(array('media-src' => '*', 'img-src' => '*', 'frame-src' => Model\Config\get_iframe_whitelist(), 'referrer' => 'no-referrer'));
    Response\xframe();
    Response\xss();
    Response\nosniff();
    if (ENABLE_HSTS && Helper\is_secure_connection()) {
        Response\hsts();
    }
});
// Show help
Router\get_action('show-help', function () {
    Response\html(Template\load('show_help'));
});