/** * Check for the user session * * @param Application $application * @return void */ public static function check(Application $application) { $sess = $application->getService('session'); $action = $application->router()->getRouteMatch()->getAction(); $route = $application->router()->getRouteMatch()->getRoute(); $isInstall = substr($route, 0, strlen(APP_URI . '/install')) == APP_URI . '/install'; // Special install check if (isset($sess->app_uri) && strpos($_SERVER['REQUEST_URI'], 'install/config') !== false) { if (BASE_PATH . APP_URI == BASE_PATH . $sess->app_uri && $application->config()['db']) { Response::redirect(BASE_PATH . APP_URI . '/install/user'); exit; } } // If logged in, and a system URL, redirect to dashboard if (isset($sess->user) && ($action == 'login' || $action == 'register' || $action == 'verify' || $action == 'forgot' || $isInstall)) { Response::redirect(BASE_PATH . (APP_URI != '' ? APP_URI : '/')); exit; // Else, if NOT logged in and NOT a system URL, redirect to login } else { if (!isset($sess->user) && ($action != 'login' && $action != 'register' && !$isInstall && $action != 'unsubscribe' && $action != 'verify' && $action != 'forgot' && null !== $action) && substr($route, 0, strlen(APP_URI)) == APP_URI) { Response::redirect(BASE_PATH . APP_URI . '/login'); exit; } } }
/** * Check if the user session is allowed with the ACL service * * @param Application $application * @return void */ public static function check(Application $application) { $application->module('app')->initAcl(); $sess = $application->getService('session'); $acl = $application->getService('acl'); if (isset($sess->user) && isset($sess->user->role) && $acl->hasRole($sess->user->role)) { // Get routes with slash options $route = $application->router()->getRouteMatch()->getRoute(); $routes = $application->router()->getRouteMatch()->getRoutes(); if (isset($routes[$route]) && isset($routes[$route]['acl']) && isset($routes[$route]['acl']['resource'])) { $resource = $routes[$route]['acl']['resource']; $permission = isset($routes[$route]['acl']['permission']) ? $routes[$route]['acl']['permission'] : null; if (!$acl->isAllowed($sess->user->role, $resource, $permission)) { Response::redirect('/'); exit; } } } }
/** * Check for the member session * * @param Application $application * @return void */ public static function sessionCheck(Application $application) { if (null !== $application->router()->getController() && $application->router()->getController() instanceof \Phire\Members\Controller\IndexController) { $sess = $application->getService('session'); $action = $application->router()->getRouteMatch()->getAction(); $route = $application->router()->getRouteMatch()->getRoute(); $memberUri = $application->router()->getController()->getMemberUri(); // If logged in, and a member URL, redirect to dashboard if (isset($sess->member) && ($action == 'login' || $action == 'register' || $action == 'verify' || $action == 'forgot')) { Response::redirect(BASE_PATH . $memberUri); exit; // Else, if NOT logged in and NOT a system URL, redirect to login } else { if (!isset($sess->member) && ($action != 'login' && $action != 'register' && $action != 'unsubscribe' && $action != 'verify' && $action != 'forgot' && null !== $action) && substr($route, 0, strlen($memberUri)) == $memberUri) { Response::redirect(BASE_PATH . $memberUri . '/login'); exit; } } } }
/** * Check for the user session * * @param Application $application * @return void */ public static function check(Application $application) { $sess = $application->getService('session'); $action = $application->router()->getRouteMatch()->getAction(); if (isset($sess->user) && isset($sess->user->sess_id) && !isset(Table\UserSessions::findById($sess->user->sess_id)->id)) { $user = new Model\User(); $user->logout($sess); unset($sess->user); $sess->setRequestValue('expired', true); Response::redirect('/login'); exit; } else { if (isset($sess->user) && ($action == 'login' || $action == 'forgot' || $action == 'verify')) { Response::redirect('/'); exit; } else { if (!isset($sess->user) && $action != 'login' && $action != 'forgot' && $action != 'verify') { Response::redirect('/login'); exit; } } } }
/** * Record logout/session end * * @param \Pop\Application $application * @return void */ public static function logout(Application $application) { $sess = $application->getService('session'); $userUri = APP_URI; $key = 'user'; if (isset($sess->member) && $application->isRegistered('phire-members')) { $key = 'member'; $memberAdmin = new \Phire\Members\Model\MembersAdmin(); $memberAdmin->getByRoleId($sess->member->role_id); if (isset($memberAdmin->uri)) { $userUri = $memberAdmin->uri; } } if ($application->router()->getRouteMatch()->getRoute() == $userUri . '/logout') { $path = BASE_PATH . APP_URI; if ($path == '') { $path = '/'; } $cookie = Cookie::getInstance(['path' => $path]); $cookie->delete('phire_session_timeout'); $cookie->delete('phire_session_path'); $cookie->delete('phire_session_warning_dismiss'); $sess = $application->getService('session'); if (isset($sess[$key]) && isset($sess[$key]->session)) { $session = Table\UserSessions::findById((int) $sess[$key]->session->id); if (isset($session->id)) { $session->delete(); } } } }