public function beforeroute() { $f3 = \Base::instance(); // params checking if (!$this->security->checkParams()) { die('Bad Parameter!'); } if (!$this->security->isPublicRoute() && !$f3->get('SESSION.user')) { // Not a public page and user is not logged in die('Nicht authentifiziert!'); } if ($this->security->isRaidleaderRoute() && !$f3->get('SESSION.user.raidleader')) { // A raidlead-page and user is not a raidleader die('Nicht erlaubt!'); } }
public function beforeroute() { $f3 = \Base::instance(); // params checking if (!$this->security->checkParams()) { // Bad Parameter - possible hacking attempt $f3->set('SESSION.errormsg', 'Bad Parameter!'); $f3->reroute('/'); } // access control // public routes if (!$this->security->isPublicRoute() && !$f3->get('SESSION.user')) { // Not a public route and user is not logged in $f3->set('SESSION.errormsg', 'Nicht authentifiziert!'); $f3->reroute('/auth/reroute?url=' . urlencode($f3->get('PATH'))); } // raidleader routes if ($this->security->isRaidleaderRoute() && !$f3->get('SESSION.user.raidleader')) { // A raidlead-page and user is not a raidleader $f3->set('SESSION.errormsg', 'Nicht erlaubt!'); $f3->reroute('/raid/list'); } }