/**
* Starts a new session
*
* <code>
*
* s::start();
* // do whatever you want with the session now
*
* </code>
*
*/
public static function start()
{
if (session_status() === PHP_SESSION_ACTIVE) {
return true;
}
// store the session name
static::$cookie += array('lifetime' => 0, 'path' => ini_get('session.cookie_path'), 'domain' => ini_get('session.cookie_domain'), 'secure' => r::secure(), 'httponly' => true);
// set the custom session name
session_name(static::$name);
// make sure to use cookies only
ini_set('session.use_cookies', 1);
ini_set('session.use_only_cookies', 1);
// try to start the session
if (!session_start()) {
return false;
}
if (!setcookie(static::$name, session_id(), cookie::lifetime(static::$cookie['lifetime']), static::$cookie['path'], static::$cookie['domain'], static::$cookie['secure'], static::$cookie['httponly'])) {
return false;
}
// mark it as started
static::$started = true;
// check if the session is still valid
if (!static::check()) {
return static::destroy();
}
return true;
}
public function __construct($kirby, $root)
{
// check requirements
$this->requirements();
// store the instance as a singleton
static::$instance = $this;
$this->kirby = $kirby;
$this->roots = new \Kirby\Panel\Roots($this, $root);
$this->urls = new \Kirby\Panel\Urls($this, $root);
// add the panel default options
$this->kirby->options = array_merge($this->defaults(), $this->kirby->options);
// setup the blueprints roots
UserBlueprint::$root = $this->kirby->roots()->blueprints() . DS . 'users';
PageBlueprint::$root = $this->kirby->roots()->blueprints();
// load the site object
$this->site = $this->site();
// setup the session
$this->session();
// setup the multilang site stuff
$this->multilang();
// load all Kirby extensions (methods, tags, smartypants)
$this->kirby->extensions();
$this->kirby->plugins();
// setup the form plugin
form::$root = array('default' => $this->roots->fields, 'custom' => $this->kirby->roots()->fields());
// force ssl if set in config
if ($this->kirby->option('ssl') and !r::secure()) {
// rebuild the current url with https
go(url::build(array('scheme' => 'https')));
}
// load all available routes
$this->routes = array_merge($this->routes, require $this->roots->config . DS . 'routes.php');
// start the router
$this->router = new Router($this->routes);
// register router filters
$this->router->filter('auth', function () use($kirby) {
try {
$user = panel()->user();
} catch (Exception $e) {
panel()->redirect('login');
}
});
// check for a completed installation
$this->router->filter('isInstalled', function () use($kirby) {
$installer = new Installer();
if (!$installer->isCompleted()) {
panel()->redirect('install');
}
});
// check for valid csrf tokens. Can be used for get requests
// since all post requests are blocked anyway
$this->router->filter('csrf', function () {
panel()->csrfCheck();
});
// csrf protection for every post request
if (r::is('post')) {
$this->csrfCheck();
}
}
/**
* Starts the router, renders the page and returns the response
*
* @return mixed
*/
public function launch()
{
// this will trigger the configuration
$site = $this->site();
// force secure connections if enabled
if ($this->option('ssl') and !r::secure()) {
// rebuild the current url with https
go(url::build(array('scheme' => 'https')));
}
// set the timezone for all date functions
date_default_timezone_set($this->options['timezone']);
// load all extensions
$this->extensions();
// load all plugins
$this->plugins();
// load all models
$this->models();
// start the router
$this->router = new Router($this->routes());
$this->route = $this->router->run($this->path());
// check for a valid route
if (is_null($this->route)) {
header::status('500');
header::type('json');
die(json_encode(array('status' => 'error', 'message' => 'Invalid route or request method')));
}
// call the router action with all arguments from the pattern
$response = call($this->route->action(), $this->route->arguments());
// load all language variables
// this can only be loaded once the router action has been called
// otherwise the current language is not yet available
$this->localize();
// build the response
$this->response = $this->component('response')->make($response);
// store the current language in the session
if ($this->site()->multilang() && ($language = $this->site()->language())) {
s::set('language', $language->code());
}
return $this->response;
}
public function testSsl()
{
$this->assertFalse(r::ssl());
$this->assertFalse(r::secure());
}
