/** * Process the querystring * * @return void */ private function processQueryString() { // store the querystring local, so we don't alter it. $queryString = $this->getQueryString(); // fix GET-parameters $getChunks = explode('?', $queryString); // are there GET-parameters if (isset($getChunks[1])) { // get key-value pairs $get = explode('&', $getChunks[1]); // remove from querystring $queryString = str_replace('?' . $getChunks[1], '', $this->getQueryString()); // loop pairs foreach ($get as $getItem) { // get key and value $getChunks = explode('=', $getItem, 2); // key available? if (isset($getChunks[0])) { // reset in $_GET $_GET[$getChunks[0]] = isset($getChunks[1]) ? (string) $getChunks[1] : ''; // add into parameters if (isset($getChunks[1])) { $this->parameters[(string) $getChunks[0]] = (string) $getChunks[1]; } } } } // split into chunks $chunks = (array) explode('/', $queryString); // single language if (!SITE_MULTILANGUAGE) { // set language id $language = FrontendModel::getModuleSetting('core', 'default_language', SITE_DEFAULT_LANGUAGE); } else { // default value $mustRedirect = false; // get possible languages $possibleLanguages = (array) FrontendLanguage::getActiveLanguages(); $redirectLanguages = (array) FrontendLanguage::getRedirectLanguages(); // the language is present in the URL if (isset($chunks[0]) && in_array($chunks[0], $possibleLanguages)) { // define language $language = (string) $chunks[0]; // try to set a cookie with the language try { // set cookie SpoonCookie::set('frontend_language', $language, 7 * 24 * 60 * 60, '/', '.' . $this->getDomain()); } catch (SpoonCookieException $e) { // settings cookies isn't allowed, because this isn't a real problem we ignore the exception } // set sessions SpoonSession::set('frontend_language', $language); // remove the language part array_shift($chunks); } elseif (SpoonCookie::exists('frontend_language') && in_array(SpoonCookie::get('frontend_language'), $redirectLanguages)) { // set languageId $language = (string) SpoonCookie::get('frontend_language'); // redirect is needed $mustRedirect = true; } else { // set languageId & abbreviation $language = FrontendLanguage::getBrowserLanguage(); // try to set a cookie with the language try { // set cookie SpoonCookie::set('frontend_language', $language, 7 * 24 * 60 * 60, '/', '.' . $this->getDomain()); } catch (SpoonCookieException $e) { // settings cookies isn't allowed, because this isn't a real problem we ignore the exception } // redirect is needed $mustRedirect = true; } // redirect is required if ($mustRedirect) { // build URL $URL = rtrim('/' . $language . '/' . $this->getQueryString(), '/'); // set header & redirect SpoonHTTP::redirect($URL, 301); } } // define the language define('FRONTEND_LANGUAGE', $language); // sets the localefile FrontendLanguage::setLocale($language); // list of pageIds & their full URL $keys = FrontendNavigation::getKeys(); // full URL $URL = implode('/', $chunks); $startURL = $URL; // loop until we find the URL in the list of pages while (!in_array($URL, $keys)) { // remove the last chunk array_pop($chunks); // redefine the URL $URL = implode('/', $chunks); } // remove language from querystring if (SITE_MULTILANGUAGE) { $queryString = trim(substr($queryString, strlen($language)), '/'); } // if it's the homepage AND parameters were given (not allowed!) if ($URL == '' && $queryString != '') { // get 404 URL $URL = FrontendNavigation::getURL(404); // remove language if (SITE_MULTILANGUAGE) { $URL = str_replace('/' . $language, '', $URL); } } // set pages $URL = trim($URL, '/'); // currently not in the homepage if ($URL != '') { // explode in pages $pages = explode('/', $URL); // reset pages $this->setPages($pages); // reset parameters $this->setParameters(array()); } // set parameters $parameters = trim(substr($startURL, strlen($URL)), '/'); // has at least one parameter if ($parameters != '') { // parameters will be separated by / $parameters = explode('/', $parameters); // set parameters $this->setParameters($parameters); } // pageId, parentId & depth $pageId = FrontendNavigation::getPageId(implode('/', $this->getPages())); $pageInfo = FrontendNavigation::getPageInfo($pageId); // invalid page, or parameters but no extra if ($pageInfo === false || !empty($parameters) && !$pageInfo['has_extra']) { // get 404 URL $URL = FrontendNavigation::getURL(404); // remove language if (SITE_MULTILANGUAGE) { $URL = trim(str_replace('/' . $language, '', $URL), '/'); } // currently not in the homepage if ($URL != '') { // explode in pages $pages = explode('/', $URL); // reset pages $this->setPages($pages); // reset parameters $this->setParameters(array()); } } // is this an internal redirect? if (isset($pageInfo['redirect_page_id']) && $pageInfo['redirect_page_id'] != '') { // get url for item $newPageURL = FrontendNavigation::getURL((int) $pageInfo['redirect_page_id']); $errorURL = FrontendNavigation::getURL(404); // not an error? if ($newPageURL != $errorURL) { // redirect SpoonHTTP::redirect($newPageURL, $pageInfo['redirect_code']); } } // is this an external redirect? if (isset($pageInfo['redirect_url']) && $pageInfo['redirect_url'] != '') { // redirect SpoonHTTP::redirect($pageInfo['redirect_url'], $pageInfo['redirect_code']); } }
/** * Load the form */ private function loadForm() { // create form $this->frm = new FrontendForm('commentsForm'); $this->frm->setAction($this->frm->getAction() . '#' . FL::act('Comment')); // init vars $author = SpoonCookie::exists('comment_author') ? SpoonCookie::get('comment_author') : null; $email = SpoonCookie::exists('comment_email') ? SpoonCookie::get('comment_email') : null; $website = SpoonCookie::exists('comment_website') ? SpoonCookie::get('comment_website') : 'http://'; // create elements $this->frm->addText('author', $author); $this->frm->addText('email', $email); $this->frm->addText('website', $website, null); $this->frm->addTextarea('message'); }
/** * Check if a profile is loggedin. * * @return bool */ public static function isLoggedIn() { // profile object exist? (this means the session/cookie checks have already happened in the current request and we cached the profile) if (isset(self::$profile)) { return true; } elseif (SpoonSession::exists('frontend_profile_logged_in') && SpoonSession::get('frontend_profile_logged_in') === true) { // get session id $sessionId = SpoonSession::getSessionId(); // get profile id $profileId = (int) FrontendModel::getDB()->getVar('SELECT p.id FROM profiles AS p INNER JOIN profiles_sessions AS ps ON ps.profile_id = p.id WHERE ps.session_id = ?', (string) $sessionId); // valid profile id if ($profileId !== 0) { // update session date FrontendModel::getDB(true)->update('profiles_sessions', array('date' => FrontendModel::getUTCDate()), 'session_id = ?', $sessionId); // new user object self::$profile = new FrontendProfilesProfile($profileId); // logged in return true; } else { SpoonSession::set('frontend_profile_logged_in', false); } } elseif (SpoonCookie::exists('frontend_profile_secret_key') && SpoonCookie::get('frontend_profile_secret_key') != '') { // secret $secret = (string) SpoonCookie::get('frontend_profile_secret_key'); // get profile id $profileId = (int) FrontendModel::getDB()->getVar('SELECT p.id FROM profiles AS p INNER JOIN profiles_sessions AS ps ON ps.profile_id = p.id WHERE ps.secret_key = ?', $secret); // valid profile id if ($profileId !== 0) { // get new secret key $profileSecret = FrontendProfilesModel::getEncryptedString(SpoonSession::getSessionId(), FrontendProfilesModel::getRandomString()); // update session record FrontendModel::getDB(true)->update('profiles_sessions', array('session_id' => SpoonSession::getSessionId(), 'secret_key' => $profileSecret, 'date' => FrontendModel::getUTCDate()), 'secret_key = ?', $secret); // set new cookie SpoonCookie::set('frontend_profile_secret_key', $profileSecret, 60 * 60 * 24 * 31); // set is_logged_in to true SpoonSession::set('frontend_profile_logged_in', true); // update last login FrontendProfilesModel::update($profileId, array('last_login' => FrontendModel::getUTCDate())); // new user object self::$profile = new FrontendProfilesProfile($profileId); // logged in return true; } else { SpoonCookie::delete('frontend_profile_secret_key'); } } // no one is logged in return false; }
public function testExists() { $this->assertFalse(SpoonCookie::exists('honka_honka')); }
/** * Process the querystring * * @return void */ private function processQueryString() { // store the querystring local, so we don't alter it. $queryString = $this->getQueryString(); // find the position of ? (which seperates real URL and GET-parameters) $positionQuestionMark = strpos($queryString, '?'); // remove the GET-chunk from the parameters $processedQueryString = $positionQuestionMark === false ? $queryString : substr($queryString, 0, $positionQuestionMark); // split into chunks, a Backend URL will always look like /<lang>/<module>/<action>(?GET) $chunks = (array) explode('/', trim($processedQueryString, '/')); // check if this is a request for a JS-file $isJS = isset($chunks[1]) && $chunks[1] == 'js.php'; // check if this is a request for a AJAX-file $isAJAX = isset($chunks[1]) && $chunks[1] == 'ajax.php'; // get the language, this will always be in front $language = isset($chunks[1]) && $chunks[1] != '' ? SpoonFilter::getValue($chunks[1], array_keys(BackendLanguage::getWorkingLanguages()), '') : ''; // no language provided? if ($language == '' && !$isJS && !$isAJAX) { // remove first element array_shift($chunks); // redirect to login SpoonHTTP::redirect('/' . NAMED_APPLICATION . '/' . SITE_DEFAULT_LANGUAGE . '/' . implode('/', $chunks)); } // get the module, null will be the default $module = isset($chunks[2]) && $chunks[2] != '' ? $chunks[2] : 'dashboard'; // get the requested action, if it is passed if (isset($chunks[3]) && $chunks[3] != '') { $action = $chunks[3]; } elseif (!$isJS && !$isAJAX) { // build path to the module and define it. This is a constant because we can use this in templates. if (!defined('BACKEND_MODULE_PATH')) { define('BACKEND_MODULE_PATH', BACKEND_MODULES_PATH . '/' . $module); } // check if the config is present? If it isn't present there is a huge problem, so we will stop our code by throwing an error if (!SpoonFile::exists(BACKEND_MODULE_PATH . '/config.php')) { throw new BackendException('The configfile for the module (' . $module . ') can\'t be found.'); } // build config-object-name $configClassName = 'Backend' . SpoonFilter::toCamelCase($module . '_config'); // require the config file, we validated before for existence. require_once BACKEND_MODULE_PATH . '/config.php'; // validate if class exists (aka has correct name) if (!class_exists($configClassName)) { throw new BackendException('The config file is present, but the classname should be: ' . $configClassName . '.'); } // create config-object, the constructor will do some magic $config = new $configClassName($module); // set action $action = $config->getDefaultAction() !== null ? $config->getDefaultAction() : 'index'; } // if it is an request for a JS-file or an AJAX-file we only need the module if ($isJS || $isAJAX) { // set the working language, this is not the interface language BackendLanguage::setWorkingLanguage(SpoonFilter::getGetValue('language', null, SITE_DEFAULT_LANGUAGE)); // set current module $this->setModule(SpoonFilter::getGetValue('module', null, null)); // set action $this->setAction('index'); } else { // the person isn't logged in? or the module doesn't require authentication if (!BackendAuthentication::isLoggedIn() && !BackendAuthentication::isAllowedModule($module)) { // redirect to login SpoonHTTP::redirect('/' . NAMED_APPLICATION . '/' . $language . '/authentication/?querystring=' . urlencode('/' . $this->getQueryString())); } else { // does our user has access to this module? if (!BackendAuthentication::isAllowedModule($module)) { // the user doesn't have access, redirect to error page SpoonHTTP::redirect('/' . NAMED_APPLICATION . '/' . $language . '/error?type=module-not-allowed&querystring=' . urlencode('/' . $this->getQueryString())); } else { // can our user execute the requested action? if (!BackendAuthentication::isAllowedAction($action, $module)) { // the user hasn't access, redirect to error page SpoonHTTP::redirect('/' . NAMED_APPLICATION . '/' . $language . '/error?type=action-not-allowed&querystring=' . urlencode('/' . $this->getQueryString())); } else { // set the working language, this is not the interface language BackendLanguage::setWorkingLanguage($language); // is the user authenticated if (BackendAuthentication::getUser()->isAuthenticated()) { // set interface language based on the user preferences BackendLanguage::setLocale(BackendAuthentication::getUser()->getSetting('interface_language', 'nl')); } else { // init var $interfaceLanguage = BackendModel::getModuleSetting('core', 'default_interface_language'); // override with cookie value if that exists if (SpoonCookie::exists('interface_language') && in_array(SpoonCookie::get('interface_language'), array_keys(BackendLanguage::getInterfaceLanguages()))) { // set interface language based on the perons' cookies $interfaceLanguage = SpoonCookie::get('interface_language'); } // set interface language BackendLanguage::setLocale($interfaceLanguage); } // set current module $this->setModule($module); $this->setAction($action); } } } } }
/** * Set the locale */ private function setLocale() { $default = BackendModel::getModuleSetting('core', 'default_interface_language'); $locale = $default; $possibleLocale = array_keys(BackendLanguage::getInterfaceLanguages()); // is the user authenticated if (BackendAuthentication::getUser()->isAuthenticated()) { $locale = BackendAuthentication::getUser()->getSetting('interface_language', $default); } elseif (SpoonCookie::exists('interface_language')) { $locale = SpoonCookie::get('interface_language'); } // validate if the requested locale is possible if (!in_array($locale, $possibleLocale)) { $locale = $default; } BackendLanguage::setLocale($locale); }
/** * Get the visitor's id (using a tracking cookie) * * @return string */ public static function getVisitorId() { // check if tracking id is fetched already if (self::$visitorId !== null) { return self::$visitorId; } // get/init tracking identifier self::$visitorId = SpoonCookie::exists('track') ? (string) SpoonCookie::get('track') : md5(uniqid() . SpoonSession::getSessionId()); // set/prolong tracking cookie SpoonCookie::set('track', self::$visitorId, 86400 * 365); return self::getVisitorId(); }