1
0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2024-11-11 21:52:35 +01:00
invoiceninja/app/filters.php

217 lines
6.1 KiB
PHP
Raw Normal View History

2013-11-26 13:45:07 +01:00
<?php
/*
|--------------------------------------------------------------------------
| Application & Route Filters
|--------------------------------------------------------------------------
|
| Below you will find the "before" and "after" events for the application
| which may be used to do any work before or after a request into your
| application. Here you may also register your custom route filters.
|
*/
App::before(function($request)
{
2014-11-28 14:34:01 +01:00
// Ensure all request are over HTTPS in production
2014-02-01 21:01:32 +01:00
if (App::environment() == ENV_PRODUCTION)
{
if (!Request::secure())
{
return Redirect::secure(Request::getRequestUri());
}
}
2014-03-19 23:00:56 +01:00
2014-11-28 14:34:01 +01:00
// If the database doens't yet exist we'll skip the rest
if (!Utils::isNinja() && !Utils::isDatabaseSetup())
{
return;
}
// check the application is up to date and for any news feed messages
2014-10-05 23:00:42 +02:00
if (Auth::check())
{
$count = Session::get(SESSION_COUNTER, 0);
Session::put(SESSION_COUNTER, ++$count);
if (!Utils::startsWith($_SERVER['REQUEST_URI'], '/news_feed') && !Session::has('news_feed_id')) {
$data = false;
if (Utils::isNinja()) {
$data = Utils::getNewsFeedResponse();
} else {
$file = @file_get_contents(NINJA_APP_URL . '/news_feed/' . Utils::getUserType() . '/' . NINJA_VERSION);
2014-10-05 23:00:42 +02:00
$data = @json_decode($file);
}
if ($data) {
if ($data->version != NINJA_VERSION) {
$params = [
'user_version' => NINJA_VERSION,
'latest_version'=> $data->version,
'releases_link' => link_to(RELEASES_URL, 'Invoice Ninja', ['target' => '_blank'])
];
Session::put('news_feed_id', NEW_VERSION_AVAILABLE);
Session::put('news_feed_message', trans('texts.new_version_available', $params));
} else {
Session::put('news_feed_id', $data->id);
if ($data->message && $data->id > Auth::user()->news_feed_id) {
Session::put('news_feed_message', $data->message);
}
}
} else {
Session::put('news_feed_id', true);
}
}
}
2014-11-28 14:34:01 +01:00
// Check if we're requesting to change the account's language
2014-04-02 14:28:23 +02:00
if (Input::has('lang'))
{
2014-04-06 11:02:04 +02:00
$locale = Input::get('lang');
App::setLocale($locale);
2014-04-14 13:33:43 +02:00
Session::set(SESSION_LOCALE, $locale);
if (Auth::check())
{
if ($language = Language::whereLocale($locale)->first())
{
$account = Auth::user()->account;
$account->language_id = $language->id;
$account->save();
}
}
2014-04-02 14:28:23 +02:00
}
else if (Auth::check())
2014-04-02 15:10:00 +02:00
{
$locale = Session::get(SESSION_LOCALE, DEFAULT_LOCALE);
2014-04-02 15:10:00 +02:00
App::setLocale($locale);
2014-03-19 23:00:56 +01:00
}
2014-11-28 14:34:01 +01:00
// Make sure the account/user localization settings are in the session
if (Auth::check() && !Session::has(SESSION_TIMEZONE))
{
Event::fire('user.refresh');
}
// Check if the user is claiming a license (ie, additional invoices, white label, etc.)
$claimingLicense = Utils::startsWith($_SERVER['REQUEST_URI'], '/claim_license');
if (!$claimingLicense && Input::has('license_key') && Input::has('product_id'))
{
$licenseKey = Input::get('license_key');
$productId = Input::get('product_id');
$data = trim(file_get_contents((Utils::isNinjaDev() ? 'http://ninja.dev' : NINJA_APP_URL) . "/claim_license?license_key={$licenseKey}&product_id={$productId}"));
if ($productId == PRODUCT_INVOICE_DESIGNS)
{
if ($data = json_decode($data))
{
foreach ($data as $item)
{
$design = new InvoiceDesign();
$design->id = $item->id;
$design->name = $item->name;
$design->javascript = $item->javascript;
$design->save();
}
2014-10-26 21:13:50 +01:00
if (!Utils::isNinjaProd()) {
2014-10-26 21:13:50 +01:00
Cache::forget('invoice_designs_cache_' . Auth::user()->maxInvoiceDesignId());
}
Session::flash('message', trans('texts.bought_designs'));
}
}
else if ($productId == PRODUCT_WHITE_LABEL)
{
if ($data == 'valid')
{
$account = Auth::user()->account;
$account->pro_plan_paid = NINJA_DATE;
$account->save();
Session::flash('message', trans('texts.bought_white_label'));
}
}
}
2013-11-26 13:45:07 +01:00
});
App::after(function($request, $response)
{
//
});
/*
|--------------------------------------------------------------------------
| Authentication Filters
|--------------------------------------------------------------------------
|
| The following filters are used to verify that the user of the current
| session is logged into this application. The "basic" filter easily
| integrates HTTP Basic authentication for quick, simple checking.
|
*/
Route::filter('auth', function()
{
2014-07-20 12:38:42 +02:00
if (Auth::guest())
{
if (Utils::isNinja() || Account::count() == 0)
{
return Redirect::guest('/');
}
else
{
return Redirect::guest('/login');
}
2014-07-20 12:38:42 +02:00
}
2013-11-26 13:45:07 +01:00
});
Route::filter('auth.basic', function()
{
return Auth::basic();
});
/*
|--------------------------------------------------------------------------
| Guest Filter
|--------------------------------------------------------------------------
|
| The "guest" filter is the counterpart of the authentication filters as
| it simply checks that the current user is not logged in. A redirect
| response will be issued if they are, which you may freely change.
|
*/
Route::filter('guest', function()
{
if (Auth::check()) return Redirect::to('/');
});
/*
|--------------------------------------------------------------------------
| CSRF Protection Filter
|--------------------------------------------------------------------------
|
| The CSRF filter is responsible for protecting your application against
| cross-site request forgery attacks. If this special token in a user
| session does not match the one given in this request, we'll bail.
|
*/
Route::filter('csrf', function()
{
2014-11-25 18:35:29 +01:00
if ($_SERVER['REQUEST_URI'] != '/signup/register')
{
$token = Request::ajax() ? Request::header('X-CSRF-Token') : Input::get('_token');
if (Session::token() != $token)
{
Session::flash('warning', trans('texts.session_expired'));
return Redirect::to('/');
//throw new Illuminate\Session\TokenMismatchException;
}
}
2013-11-26 13:45:07 +01:00
});