2013-12-23 02:55:53 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
use PicoFarad\Router;
|
|
|
|
use PicoFarad\Response;
|
|
|
|
use PicoFarad\Request;
|
|
|
|
use PicoFarad\Session;
|
2014-03-17 02:56:43 +01:00
|
|
|
use PicoFarad\Template;
|
2013-12-23 02:55:53 +01:00
|
|
|
|
|
|
|
// Called before each action
|
|
|
|
Router\before(function($action) {
|
|
|
|
|
2014-05-27 02:47:40 +02:00
|
|
|
Session\open(BASE_URL_DIRECTORY, SESSION_SAVE_PATH);
|
2014-02-08 20:13:14 +01:00
|
|
|
|
2014-04-06 02:24:13 +02:00
|
|
|
// Select another database
|
|
|
|
if (! empty($_SESSION['database'])) {
|
|
|
|
Model\Database\select($_SESSION['database']);
|
|
|
|
}
|
|
|
|
|
|
|
|
// Redirect to the login form if the user is not authenticated
|
|
|
|
$ignore_actions = array('login', 'google-auth', 'google-redirect-auth', 'mozilla-auth', 'bookmark-feed', 'select-db');
|
2013-12-23 02:55:53 +01:00
|
|
|
|
|
|
|
if (! isset($_SESSION['user']) && ! in_array($action, $ignore_actions)) {
|
2014-05-27 02:47:40 +02:00
|
|
|
|
|
|
|
if (! Model\RememberMe\authenticate()) {
|
|
|
|
Response\redirect('?action=login');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else if (Model\RememberMe\has_cookie()) {
|
|
|
|
Model\RememberMe\refresh();
|
2013-12-23 02:55:53 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// Load translations
|
|
|
|
$language = Model\Config\get('language') ?: 'en_US';
|
2014-03-17 02:56:43 +01:00
|
|
|
if ($language !== 'en_US') \Translator\load($language);
|
2013-12-23 02:55:53 +01:00
|
|
|
|
2014-02-26 01:03:46 +01:00
|
|
|
// Set timezone
|
|
|
|
date_default_timezone_set(Model\Config\get('timezone') ?: 'UTC');
|
|
|
|
|
2013-12-23 02:55:53 +01:00
|
|
|
// HTTP secure headers
|
2014-05-20 20:20:27 +02:00
|
|
|
$frame_src = Model\Config\get_iframe_whitelist();;
|
2013-12-23 02:55:53 +01:00
|
|
|
$frame_src[] = 'https://login.persona.org';
|
|
|
|
|
|
|
|
Response\csp(array(
|
|
|
|
'media-src' => '*',
|
|
|
|
'img-src' => '*',
|
|
|
|
'frame-src' => $frame_src
|
|
|
|
));
|
|
|
|
|
|
|
|
Response\xframe();
|
|
|
|
Response\xss();
|
|
|
|
Response\nosniff();
|
|
|
|
});
|
|
|
|
|
|
|
|
// Show help
|
|
|
|
Router\get_action('show-help', function() {
|
|
|
|
|
|
|
|
Response\html(Template\load('show_help'));
|
2014-02-05 03:47:59 +01:00
|
|
|
});
|
|
|
|
|
2014-02-08 20:13:14 +01:00
|
|
|
// Show the menu for the mobile view
|
2014-02-05 03:47:59 +01:00
|
|
|
Router\get_action('more', function() {
|
|
|
|
|
|
|
|
Response\html(Template\layout('show_more', array('menu' => 'more')));
|
|
|
|
});
|
2014-04-06 02:24:13 +02:00
|
|
|
|
|
|
|
// Select another database
|
|
|
|
Router\get_action('select-db', function() {
|
|
|
|
|
|
|
|
if (ENABLE_MULTIPLE_DB) {
|
|
|
|
$_SESSION['database'] = \Model\Database\select(Request\param('database'));
|
|
|
|
}
|
|
|
|
|
|
|
|
Response\redirect('?action=login');
|
|
|
|
});
|