/** * Starts a new session * * <code> * * s::start(); * // do whatever you want with the session now * * </code> * */ public static function start() { if (session_status() === PHP_SESSION_ACTIVE) { return true; } // store the session name static::$cookie += array('lifetime' => 0, 'path' => ini_get('session.cookie_path'), 'domain' => ini_get('session.cookie_domain'), 'secure' => r::secure(), 'httponly' => true); // set the custom session name session_name(static::$name); // make sure to use cookies only ini_set('session.use_cookies', 1); ini_set('session.use_only_cookies', 1); // try to start the session if (!session_start()) { return false; } if (!setcookie(static::$name, session_id(), cookie::lifetime(static::$cookie['lifetime']), static::$cookie['path'], static::$cookie['domain'], static::$cookie['secure'], static::$cookie['httponly'])) { return false; } // mark it as started static::$started = true; // check if the session is still valid if (!static::check()) { return static::destroy(); } return true; }
public function __construct($kirby, $root) { // check requirements $this->requirements(); // store the instance as a singleton static::$instance = $this; $this->kirby = $kirby; $this->roots = new \Kirby\Panel\Roots($this, $root); $this->urls = new \Kirby\Panel\Urls($this, $root); // add the panel default options $this->kirby->options = array_merge($this->defaults(), $this->kirby->options); // setup the blueprints roots UserBlueprint::$root = $this->kirby->roots()->blueprints() . DS . 'users'; PageBlueprint::$root = $this->kirby->roots()->blueprints(); // load the site object $this->site = $this->site(); // setup the session $this->session(); // setup the multilang site stuff $this->multilang(); // load all Kirby extensions (methods, tags, smartypants) $this->kirby->extensions(); $this->kirby->plugins(); // setup the form plugin form::$root = array('default' => $this->roots->fields, 'custom' => $this->kirby->roots()->fields()); // force ssl if set in config if ($this->kirby->option('ssl') and !r::secure()) { // rebuild the current url with https go(url::build(array('scheme' => 'https'))); } // load all available routes $this->routes = array_merge($this->routes, require $this->roots->config . DS . 'routes.php'); // start the router $this->router = new Router($this->routes); // register router filters $this->router->filter('auth', function () use($kirby) { try { $user = panel()->user(); } catch (Exception $e) { panel()->redirect('login'); } }); // check for a completed installation $this->router->filter('isInstalled', function () use($kirby) { $installer = new Installer(); if (!$installer->isCompleted()) { panel()->redirect('install'); } }); // check for valid csrf tokens. Can be used for get requests // since all post requests are blocked anyway $this->router->filter('csrf', function () { panel()->csrfCheck(); }); // csrf protection for every post request if (r::is('post')) { $this->csrfCheck(); } }
/** * Starts the router, renders the page and returns the response * * @return mixed */ public function launch() { // this will trigger the configuration $site = $this->site(); // force secure connections if enabled if ($this->option('ssl') and !r::secure()) { // rebuild the current url with https go(url::build(array('scheme' => 'https'))); } // set the timezone for all date functions date_default_timezone_set($this->options['timezone']); // load all extensions $this->extensions(); // load all plugins $this->plugins(); // load all models $this->models(); // start the router $this->router = new Router($this->routes()); $this->route = $this->router->run($this->path()); // check for a valid route if (is_null($this->route)) { header::status('500'); header::type('json'); die(json_encode(array('status' => 'error', 'message' => 'Invalid route or request method'))); } // call the router action with all arguments from the pattern $response = call($this->route->action(), $this->route->arguments()); // load all language variables // this can only be loaded once the router action has been called // otherwise the current language is not yet available $this->localize(); // build the response $this->response = $this->component('response')->make($response); // store the current language in the session if ($this->site()->multilang() && ($language = $this->site()->language())) { s::set('language', $language->code()); } return $this->response; }
public function testSsl() { $this->assertFalse(r::ssl()); $this->assertFalse(r::secure()); }