require 'bootstrap.php';
$SESSION = new \Zend_Session_Namespace('internal');
if (empty($_GET['lang'])) {
// No language sent, check session
if (empty($SESSION->lang)) {
// Default to fr-CA
$SESSION->lang = DEFAULT_LANGUAGE;
}
} else {
if (\Ventus\Utilities\I18n\Translate::isAllowedLanguage($_GET['lang'])) {
// acceptable language
$SESSION->lang = $_GET['lang'];
} else {
// unacceptable language, default to fr-CA
$SESSION->lang = DEFAULT_LANGUAGE;
}
}
// Only use the HTTP referer header if it is a Ventus site
if (!empty($_SERVER['HTTP_REFERER']) && (\Ventus\Utilities\URI::isRelativeURI($_SERVER['HTTP_REFERER']) || \Ventus\Utilities\URI::isVentusURI($_SERVER['HTTP_REFERER']))) {
// URL is valid
$uri = $_SERVER['HTTP_REFERER'];
} else {
$uri = '//' . URL_PROFILE . '/dashboard.php';
}
if (!isset($SESSION->user_name) && mb_strpos($uri, URL_PROFILE . '/views/login.php') === FALSE && mb_strpos($uri, URL_PROFILE . '/index.php?page=resetpass-page') === FALSE) {
header('Location: https://' . URL_PROFILE . '/views/login.php?page=' . rawurlencode($uri));
exit;
}
header("Location: {$uri}");
exit;
<?php
require '../includes/php/bootstrap.php';
$SESSION = new \Zend_Session_Namespace('professor', true);
if (empty($_GET['lang'])) {
// No language sent, check session
if (empty($SESSION->lang)) {
$SESSION->lang = DEFAULT_LANGUAGE;
}
} else {
if (\Ventus\Utilities\I18n\Translate::isAllowedLanguage($_GET['lang'])) {
// acceptable language
$SESSION->lang = $_GET['lang'];
} else {
// unacceptable language
$SESSION->lang = DEFAULT_LANGUAGE;
}
}
//Check if a destination URL exists and is safe to redirect to
if (!empty($_GET['uri']) && (\Ventus\Utilities\URI::isRelativeURI($_GET['uri']) || \Ventus\Utilities\URI::isVentusURI($_GET['uri']))) {
// URL is valid, strip out the lang parameter
$uri = \Ventus\Utilities\URI::removeQueryParameter($_GET['uri'], 'lang');
} else {
$uri = '//' . URL_PROFESSOR . '/';
}
header("Location: {$uri}");
exit;
header('Strict-Transport-Security: max-age=31536000');
header('X-Frame-Options: deny');
header('X-Content-Type-Options: nosniff');
header('X-XSS-Protection: 1; mode=block');
} else {
$uri = 'https://' . URL_INTRANET . $_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING'];
header('HTTP/1.1 301 Moved Permanently');
header("Location: {$uri}");
die;
}
// @TODO move this logic to appropriate controllers
if (!Authentication::isAuthenticated($SESSION, 'internal')) {
header('Location: https://' . URL_VENTUS . '/index.php?next=' . $_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING']);
exit;
} else {
Authentication::isAuthorized($SESSION, \Ventus\Utilities\URI::getCurrentURL());
}
header('Content-Type: text/html; charset=utf-8');
header('Content-Language: ' . $l10n->getLanguage());
?>
<!DOCTYPE html>
<html lang='<?php
echo $l10n->getLanguage();
?>
' class='no-js'>
<meta charset='utf-8'>
<meta name='viewport' content='width=device-width,initial-scale=1.0'>
<link rel="stylesheet" media="screen" type="text/css" href="../includes/css/ventus.css">
<link rel='stylesheet' media='screen' type='text/css' href='//<?php
echo URL_VENDOR_FRONTEND;
