2013-11-26 13:45:07 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Application & Route Filters
|
|
|
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
|
| Below you will find the "before" and "after" events for the application
|
|
|
|
|
| which may be used to do any work before or after a request into your
|
|
|
|
|
| application. Here you may also register your custom route filters.
|
|
|
|
|
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
App::before(function($request)
|
|
|
|
|
{
|
2014-02-01 21:01:32 +01:00
|
|
|
if (App::environment() == ENV_PRODUCTION)
|
|
|
|
|
{
|
|
|
|
|
if (!Request::secure())
|
|
|
|
|
{
|
|
|
|
|
return Redirect::secure(Request::getRequestUri());
|
|
|
|
|
}
|
|
|
|
|
}
|
2014-03-19 23:00:56 +01:00
|
|
|
|
2014-10-05 23:00:42 +02:00
|
|
|
if (Auth::check())
|
|
|
|
|
{
|
|
|
|
|
$count = Session::get(SESSION_COUNTER, 0);
|
|
|
|
|
Session::put(SESSION_COUNTER, ++$count);
|
|
|
|
|
|
|
|
|
|
// check the application is up to date and for any news feed messages
|
|
|
|
|
if (!Utils::startsWith($_SERVER['REQUEST_URI'], '/news_feed') && !Session::has('news_feed_id')) {
|
|
|
|
|
$data = false;
|
|
|
|
|
if (Utils::isNinja()) {
|
|
|
|
|
$data = Utils::getNewsFeedResponse();
|
|
|
|
|
} else {
|
|
|
|
|
$file = @file_get_contents(NINJA_URL . '/news_feed/' . Utils::getUserType() . '/' . NINJA_VERSION);
|
|
|
|
|
$data = @json_decode($file);
|
|
|
|
|
}
|
|
|
|
|
if ($data) {
|
|
|
|
|
if ($data->version != NINJA_VERSION) {
|
|
|
|
|
$params = [
|
|
|
|
|
'user_version' => NINJA_VERSION,
|
|
|
|
|
'latest_version'=> $data->version,
|
|
|
|
|
'releases_link' => link_to(RELEASES_URL, 'Invoice Ninja', ['target' => '_blank'])
|
|
|
|
|
];
|
|
|
|
|
Session::put('news_feed_id', NEW_VERSION_AVAILABLE);
|
|
|
|
|
Session::put('news_feed_message', trans('texts.new_version_available', $params));
|
|
|
|
|
} else {
|
|
|
|
|
Session::put('news_feed_id', $data->id);
|
|
|
|
|
if ($data->message && $data->id > Auth::user()->news_feed_id) {
|
|
|
|
|
Session::put('news_feed_message', $data->message);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
Session::put('news_feed_id', true);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2014-04-02 14:28:23 +02:00
|
|
|
if (Input::has('lang'))
|
|
|
|
|
{
|
2014-04-06 11:02:04 +02:00
|
|
|
$locale = Input::get('lang');
|
|
|
|
|
App::setLocale($locale);
|
2014-04-14 13:33:43 +02:00
|
|
|
Session::set(SESSION_LOCALE, $locale);
|
|
|
|
|
|
|
|
|
|
if (Auth::check())
|
|
|
|
|
{
|
|
|
|
|
if ($language = Language::whereLocale($locale)->first())
|
|
|
|
|
{
|
|
|
|
|
$account = Auth::user()->account;
|
|
|
|
|
$account->language_id = $language->id;
|
|
|
|
|
$account->save();
|
|
|
|
|
}
|
|
|
|
|
}
|
2014-04-02 14:28:23 +02:00
|
|
|
}
|
|
|
|
|
else if (Auth::check())
|
2014-04-02 15:10:00 +02:00
|
|
|
{
|
2014-04-09 23:53:09 +02:00
|
|
|
$locale = Session::get(SESSION_LOCALE, DEFAULT_LOCALE);
|
2014-04-02 15:10:00 +02:00
|
|
|
App::setLocale($locale);
|
2014-03-19 23:00:56 +01:00
|
|
|
}
|
2013-11-26 13:45:07 +01:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
App::after(function($request, $response)
|
|
|
|
|
{
|
|
|
|
|
//
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Authentication Filters
|
|
|
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
|
| The following filters are used to verify that the user of the current
|
|
|
|
|
| session is logged into this application. The "basic" filter easily
|
|
|
|
|
| integrates HTTP Basic authentication for quick, simple checking.
|
|
|
|
|
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
Route::filter('auth', function()
|
|
|
|
|
{
|
2014-07-20 12:38:42 +02:00
|
|
|
if (Auth::guest())
|
|
|
|
|
{
|
|
|
|
|
if (Utils::isNinja() || Account::count() == 0)
|
|
|
|
|
{
|
|
|
|
|
return Redirect::guest('/');
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
return Redirect::guest('/login');
|
2014-07-04 20:07:31 +02:00
|
|
|
}
|
2014-07-20 12:38:42 +02:00
|
|
|
}
|
2013-11-26 13:45:07 +01:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Route::filter('auth.basic', function()
|
|
|
|
|
{
|
|
|
|
|
return Auth::basic();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Guest Filter
|
|
|
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
|
| The "guest" filter is the counterpart of the authentication filters as
|
|
|
|
|
| it simply checks that the current user is not logged in. A redirect
|
|
|
|
|
| response will be issued if they are, which you may freely change.
|
|
|
|
|
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
Route::filter('guest', function()
|
|
|
|
|
{
|
|
|
|
|
if (Auth::check()) return Redirect::to('/');
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| CSRF Protection Filter
|
|
|
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
|
| The CSRF filter is responsible for protecting your application against
|
|
|
|
|
| cross-site request forgery attacks. If this special token in a user
|
|
|
|
|
| session does not match the one given in this request, we'll bail.
|
|
|
|
|
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
Route::filter('csrf', function()
|
|
|
|
|
{
|
2013-12-03 18:32:33 +01:00
|
|
|
$token = Request::ajax() ? Request::header('X-CSRF-Token') : Input::get('_token');
|
2014-01-02 14:21:15 +01:00
|
|
|
|
2014-07-27 22:31:41 +02:00
|
|
|
if (Session::token() != $token)
|
|
|
|
|
{
|
|
|
|
|
Session::flash('warning', trans('texts.session_expired'));
|
2014-06-02 18:21:47 +02:00
|
|
|
|
2014-07-27 22:31:41 +02:00
|
|
|
return Redirect::to('/');
|
|
|
|
|
//throw new Illuminate\Session\TokenMismatchException;
|
|
|
|
|
}
|
2013-11-26 13:45:07 +01:00
|
|
|
});
|
