deblan/php-censor
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Inlining the validateSession functionality in Application, fixes #312

Browse source
This commit is contained in:
Dan Cryer 2014-04-16 12:37:32 +01:00
parent 1d92b5e890
commit 54aed93d9b
1 changed files with 23 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
PHPCI/Application.php
View file

@ -26,11 +26,27 @@ class Application extends b8\Application
$route = '/:controller/:action';
$opts = array('controller' => 'Home', 'action' => 'index');
$this->router->clearRoutes();
$this->router->register($route, $opts, function (&$route, Response &$response) use (&$request) {
// Inlined as a closure to fix "using $this when not in object context" on 5.3
$validateSession = function () {
if (!empty($_SESSION['user_id'])) {
$user = b8\Store\Factory::getStore('User')->getByPrimaryKey($_SESSION['user_id']);
if ($user) {
$_SESSION['user'] = $user;
return true;
}
unset($_SESSION['user_id']);
}
return false;
};
// Handler for the route we're about to register, checks for a valid session where necessary:
$routeHandler = function (&$route, Response &$response) use (&$request, $validateSession) {
$skipValidation = in_array($route['controller'], array('session', 'webhook', 'build-status'));
if (!$skipValidation && !$this->validateSession()) {
if (!$skipValidation && !$validateSession()) {
if ($request->isAjax()) {
$response->setResponseCode(401);
$response->setContent('');
@ -43,7 +59,10 @@ class Application extends b8\Application
}
return true;
});
};
$this->router->clearRoutes();
$this->router->register($route, $opts, $routeHandler);
}
/**
* Handle an incoming web request.
@ -60,23 +79,4 @@ class Application extends b8\Application
return $this->response;
}
/**
* Validate whether or not the remote user has a valid session:
*/
protected function validateSession()
{
if (!empty($_SESSION['user_id'])) {
$user = b8\Store\Factory::getStore('User')->getByPrimaryKey($_SESSION['user_id']);
if ($user) {
$_SESSION['user'] = $user;
return true;
}
unset($_SESSION['user_id']);
}
return false;
}
}