Index: branches/main/admin/interface/version.php
===================================================================
--- branches/main/admin/interface/version.php (revision 29)
+++ branches/main/admin/interface/version.php (revision 30)
@@ -43,8 +43,8 @@
/* -------------------------------------------------------- */
if (!defined('VERSION_LOADED')) {
$sInfo = '
- VERSION = "2.10.1-dev"
- REVISION = "29"
+ VERSION = "2.11.0-RC1"
+ REVISION = "30"
SP = ""
';
foreach (parse_ini_string($sInfo) as $item=>$value) {
Index: branches/main/framework/HttpRequester.php
===================================================================
--- branches/main/framework/HttpRequester.php (nonexistent)
+++ branches/main/framework/HttpRequester.php (revision 30)
@@ -0,0 +1,166 @@
+
+ *
+ * DO NOT ALTER OR REMOVE COPYRIGHT OR THIS HEADER
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License 2 for more details.
+ *
+ * You should have received a copy of the GNU General Public License 2
+ * along with this program. If not, see .
+ */
+/**
+ * Description of HttpRequester
+ *
+ * @package Core package
+ * @copyright Manuela v.d.Decken
+ * @author Manuela v.d.Decken
+ * @license GNU General Public License 2.0
+ * @version 0.0.1
+ * @revision $Id$
+ * @since File available since 04.10.2017
+ * @deprecated no / since 0000/00/00
+ * @description xxx
+ */
+//declare(strict_types = 1);
+//declare(encoding = 'UTF-8');
+
+namespace bin;
+
+use bin\interfaces\RequesterInterface;
+
+/**
+ * short description of class
+ */
+class HttpRequester implements RequesterInterface
+{
+ private $aParameters = [];
+ private $aServer = [];
+ private $aHeaders = [];
+/**
+ * construct and initialize the class
+ */
+ public function __construct()
+ {
+// $this->aServer = \filter_input_array(INPUT_SERVER);
+ $aServer = \filter_input_array(INPUT_SERVER);
+ switch (\strtolower($aServer['REQUEST_METHOD'])):
+ case 'post':
+ $this->aParameters = \filter_input_array(INPUT_POST);
+ break;
+ case 'get':
+ $this->aParameters = \filter_input_array(INPUT_GET);
+ break;
+ default:
+ $this->aParameters = [];
+ break;
+ endswitch;
+ foreach ($aServer as $sKey => $sValue) {
+ if (substr_compare($sKey, 'HTTP_', 0, 5) === 0) {
+ $this->aHeaders[$sKey] = $sValue;
+ } else {
+ $this->aServer[$sKey] = $sValue;
+ }
+ }
+ }
+/**
+ * returns a list of all parameters
+ * @return array
+ */
+ public function getParamNames()
+ {
+ return \array_keys($this->aParameters);
+ }
+/**
+ * check if parameter exists
+ * @param string $sParamName
+ * @return bool
+ */
+ public function issetParam($sParamName)
+ {
+ return \array_key_exists($sParamName, $this->aParameters);
+ }
+/**
+ * read a variable from commandline
+ * @param string $sParamName
+ * @param int $iFilterType
+ * @param mixed $mOptions
+ * @return mixed | null on error
+ * @throws \InvalidArgumentException
+ * @description the method is 100% compatible to the PHP function filter_var()
+ */
+ public function getParam($sParamName, $iFilterType = null, $mOptions = null)
+ {
+ $mRetval = null;
+ try {
+ if (!$this->issetParam($sParamName)) { throw new \Exception('error on getParam()'); }
+ $mRetval = $this->aParameters[$sParamName];
+ if (!\is_null($iFilterType)) {
+ if (!\is_null($mOptions)) {
+ $mRetval = \filter_var($mRetval, $iFilterType, $mOptions);
+ } else {
+ $mRetval = \filter_var($mRetval, $iFilterType);
+ }
+ }
+ } catch (\Exception $ex) {
+ $mRetval = null;
+// throw new \InvalidArgumentException('error on getParam()', $ex->getCode(), $ex);
+ }
+ return $mRetval;
+ }
+/**
+ *
+ * @param string $sHeaderName
+ * @return mixed | null on error
+ */
+ public function issetHeader($sHeaderName)
+ {
+ $sVarname = 'HTTP_'.preg_replace('/^http_/i', '', $sHeaderName);
+ return \array_key_exists($sVarname, $this->aHeaders);
+ }
+/**
+ * get header vars ($_SERVER['HTTP_'*])
+ * @param string $sHeaderName
+ * @return mixed | null on error
+ */
+ public function getHeader($sHeaderName)
+ {
+ $sRetval = null;
+ $sVarname = 'HTTP_'.preg_replace('/^http_/i', '', $sHeaderName);
+ if ($this->issetHeader($sVarname)) {
+ $sRetval = $this->aHeaders($sVarname);
+ }
+ return $sRetval;
+ }
+/**
+ *
+ * @param string $sVarName
+ * @return type
+ */
+ public function issetServerVar($sVarName)
+ {
+ return \array_key_exists($sVarName, $this->aServer);
+ }
+/**
+ * get server vars excluding $_SERVER['HTTP_'*]
+ * @param string $sVarName
+ * @return mixed | null on error
+ */
+ public function getServerVar($sVarName)
+ {
+ $sRetval = null;
+ if ($this->issetHeader($sVarName)) {
+ $sRetval = $this->aHeaders($sVarName);
+ }
+ return $sRetval;
+ }
+
+}
Property changes on: branches/main/framework/HttpRequester.php
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+Author Date Id Rev URL
\ No newline at end of property
Index: branches/main/framework/RequesterInterface.php
===================================================================
--- branches/main/framework/RequesterInterface.php (nonexistent)
+++ branches/main/framework/RequesterInterface.php (revision 30)
@@ -0,0 +1,49 @@
+
+ *
+ * DO NOT ALTER OR REMOVE COPYRIGHT OR THIS HEADER
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License 2 for more details.
+ *
+ * You should have received a copy of the GNU General Public License 2
+ * along with this program. If not, see .
+ */
+/**
+ * Description of RequesterInterface
+ *
+ * @package Core package
+ * @copyright Manuela v.d.Decken
+ * @author Manuela v.d.Decken
+ * @license GNU General Public License 2.0
+ * @version 0.0.1
+ * @revision $Id$
+ * @since File available since 04.10.2017
+ * @deprecated no / since 0000/00/00
+ * @description xxx
+ */
+//declare(strict_types = 1);
+//declare(encoding = 'UTF-8');
+
+namespace bin\interfaces;
+
+// use
+
+/**
+ * short description of interface
+ */
+interface RequesterInterface
+{
+ public function getParamNames();
+ public function issetParam($sName);
+ public function getParam($sName, $iFilterType = null, $mOptions = null);
+ public function getHeader($sName);
+}
Property changes on: branches/main/framework/RequesterInterface.php
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+Author Date Id Rev URL
\ No newline at end of property
Index: branches/main/framework/initialize.php
===================================================================
--- branches/main/framework/initialize.php (revision 29)
+++ branches/main/framework/initialize.php (revision 30)
@@ -205,15 +205,6 @@
}
}
-/**
- * WbErrorHandler()
- *
- * @param mixed $iErrorCode
- * @param mixed $sErrorText
- * @param mixed $sErrorFile
- * @param mixed $iErrorLine
- * @return
- */
function WbErrorHandler($iErrorCode, $sErrorText, $sErrorFile, $iErrorLine)
{
if (!(error_reporting() & $iErrorCode) || ini_get('log_errors') == 0) {
@@ -289,6 +280,7 @@
}
\bin\CoreAutoloader::doRegister(dirname(__DIR__));
\bin\CoreAutoloader::addNamespace([ // add several needed namespaces
+ // Namespace Directory
'bin' => 'framework',
'addon' => 'modules',
'vendor' => 'include',
@@ -296,6 +288,7 @@
'bin\\db' => 'framework/db',
'bin\\security' => 'framework',
'bin\\interfaces' => 'framework',
+ 'api' => 'framework/api',
]);
// *** initialize Exception handling
@@ -319,18 +312,20 @@
ini_set('log_errors', 1);
ini_set ('error_log', $sErrorLogFile);
-// activate errorhandler *****************************************************************
+// activate errorhandler -----------------------------------------------------------------
set_error_handler('WbErrorHandler', -1 );
defined('SYSTEM_RUN') ? '' : define('SYSTEM_RUN', true);
// load configuration ---
$aCfg = initReadSetupFile();
initSetInstallWbConstants($aCfg);
+// activate requester --------------------------------------------------------------------
+ $oRequest = \bin\HttpRequester();
// ---------------------------
// get Database connection data from configuration
defined('ADMIN_DIRECTORY') ? '' : define('ADMIN_DIRECTORY', 'admin');
if (
- !(preg_match('/xx[a-z0-9_][a-z0-9_\-\.]+/i', 'xx'.ADMIN_DIRECTORY) &&
- is_dir(dirname(__DIR__).'/'.ADMIN_DIRECTORY))
+ !preg_match('/xx[a-z_][a-z0-9_\-\.]+/i', 'xx'.ADMIN_DIRECTORY) ||
+ !is_dir(dirname(__DIR__).'/'.ADMIN_DIRECTORY)
) {
throw new RuntimeException('Invalid admin-directory set: ' . ADMIN_DIRECTORY);
}
@@ -395,8 +390,8 @@
if (!$x) {
throw new RuntimeException('no settings found');
}
- defined('DO_NOT_TRACK') ? '' : define('DO_NOT_TRACK', (isset($_SERVER['HTTP_DNT'])));
- ini_set('display_errors', ((defined('DEBUG') && (DEBUG==true)) ?'1':'0'));
+ defined('DO_NOT_TRACK') ? '' : define('DO_NOT_TRACK', ($oRequest->issetHeader('DNT')));
+ ini_set('display_errors', ((defined('DEBUG') && (DEBUG==true)) ? '1' : '0'));
defined('DEBUG') ? '' : define('DEBUG', false);
$string_file_mode = defined('STRING_FILE_MODE') ? STRING_FILE_MODE : '0644';
@@ -403,10 +398,7 @@
defined('OCTAL_FILE_MODE') ? '' : define('OCTAL_FILE_MODE', (int) octdec($string_file_mode));
$string_dir_mode = defined('STRING_DIR_MODE') ? STRING_DIR_MODE : '0755';
defined('OCTAL_DIR_MODE') ? '' : define('OCTAL_DIR_MODE', (int) octdec($string_dir_mode));
- // $sSecMod = (defined('SECURE_FORM_MODULE') && SECURE_FORM_MODULE != '') ? '.'.SECURE_FORM_MODULE : '';
- // $sSecMod = WB_PATH.'/framework/SecureForm'.$sSecMod.'.php';
- // require_once($sSecMod);
- if (!defined('WB_INSTALL_PROCESS')) {
+ if (!defined('WB_INSTALL_PROCESS') && !defined('WB_UPGRADE_PROCESS')) {
// get CAPTCHA and ASP settings
$sql = 'SELECT * FROM `'.TABLE_PREFIX.'mod_captcha_control`';
if (($get_settings = $database->query($sql)) &&
@@ -422,7 +414,6 @@
throw new RuntimeException('CAPTCHA-Settings not found');
}
}
-
// Start a session
if (!defined('SESSION_STARTED')) {
session_name(APP_NAME.'-sid');
@@ -434,19 +425,18 @@
}
// Get users language
if (
- isset($_GET['lang']) AND
- $_GET['lang'] != '' AND
- !is_numeric($_GET['lang']) AND
- strlen($_GET['lang']) == 2
+ ($sLang = $oRequest->issetParam('lang')) == null ||
+ !preg_match('/^([a-z]{2})(?:[\-_]([a-z]{2})(?:[\-_]([a-z\-_]{2,8}))?)?$/i', $sLang, $aMatches)
) {
- define('LANGUAGE', strtoupper($_GET['lang']));
- $_SESSION['LANGUAGE']=LANGUAGE;
- } else {
if (isset($_SESSION['LANGUAGE']) AND $_SESSION['LANGUAGE'] != '') {
define('LANGUAGE', $_SESSION['LANGUAGE']);
} else {
define('LANGUAGE', DEFAULT_LANGUAGE);
}
+ } else {
+ $sLang = strtoupper($aMatches[1]);
+ define('LANGUAGE', $slang);
+ $_SESSION['LANGUAGE'] = $sLang;
}
$sCachePath = dirname(__DIR__).'/temp/cache/';
if (!file_exists($sCachePath)) {
@@ -472,8 +462,22 @@
require $slangFile;
}
}
+// activate Translate --------------------------------------------------------------------
$oTrans = Translate::getInstance();
$oTrans->initialize(array('EN', DEFAULT_LANGUAGE, LANGUAGE), $sCachePath); // 'none'
+// activate SecureTokens -----------------------------------------------------------------
+ $oApp = (object) [
+ 'oRequester' => $oRequest,
+ 'oRegistry' => (object) [
+ 'SecTokenFingerprint' => (bool) SEC_TOKEN_FINGERPRINT,
+ 'SecTokenNetmask4' => SEC_TOKEN_NETMASK4,
+ 'SecTokenNetmask6' => SEC_TOKEN_NETMASK6,
+ 'SecTokenLifeTime' => SEC_TOKEN_LIFE_TIME
+ ]
+ ];
+ \bin\SecureTokens::getInstance($oApp);
+ \bin\SecureTokens::checkFTAN();
+// ---------------------------------------------------------------------------------------
// Get users timezone
if (isset($_SESSION['TIMEZONE'])) {
define('TIMEZONE', $_SESSION['TIMEZONE']);