pagehandler.php ➔ elgg_gatekeeper() - Code Metrics - gctools-outilsgc/gcconnex - Measure and Improve Code Quality continuously with Scrutinizer

pagehandler.php ➔ elgg_gatekeeper() A
last analyzed 2021-05-27 17:40 UTC

↳ Parent: Project

Complexity

Conditions	2
Paths	2

Size

Total Lines

Duplication

Lines	7
Ratio	100 %

Code Coverage

Tests	0
CRAP Score	6

Importance

Changes

Metric	Value
cc	2
nc	2
nop	0
dl	7
loc	7
ccs	0
cts	6
cp	0
crap	6
rs	10
c	0
b	0
f	0

<?php
/**
 * Elgg page handler functions
 *
 * @package    Elgg.Core
 * @subpackage Routing
 */

/**
 * Registers a page handler for a particular identifier
 *
 * For example, you can register a function called 'blog_page_handler' for the identifier 'blog'
 * For all URLs  http://yoururl/blog/*, the blog_page_handler() function will be called.
 * The part of the URL marked with * above will be exploded on '/' characters and passed as an
 * array to that function.
 * For example, the URL http://yoururl/blog/username/friends/ would result in the call:
 * blog_page_handler(array('username','friends'), blog);
 *
 * A request to register a page handler with the same identifier as previously registered
 * handler will replace the previous one.
 *
 * The context is set to the identifier before the registered
 * page handler function is called. For the above example, the context is set to 'blog'.
 *
 * Page handlers should return true to indicate that they handled the request.
 * Requests not handled are forwarded to the front page with a reason of 404.
 * Plugins can register for the 'forward', '404' plugin hook. @see forward()
 *
 * @param string $identifier The page type identifier
 * @param string $function   Your function name
 *
 * @return bool Depending on success
 */
function elgg_register_page_handler($identifier, $function) {
	return _elgg_services()->router->registerPageHandler($identifier, $function);
}

/**
 * Unregister a page handler for an identifier
 *
 * Note: to replace a page handler, call elgg_register_page_handler()
 *
 * @param string $identifier The page type identifier
 *
 * @since 1.7.2
 * @return void
 */
function elgg_unregister_page_handler($identifier) {
	_elgg_services()->router->unregisterPageHandler($identifier);
}

/**
 * Used at the top of a page to mark it as logged in users only.
 *
 * @return void
 * @since 1.9.0
 */
function elgg_gatekeeper() {
	if (!elgg_is_logged_in()) {
		_elgg_services()->session->set('last_forward_from', current_page_url());
		system_message(elgg_echo('loggedinrequired'));
		forward('/login', 'login');
	}
}

/**
 * Alias of elgg_gatekeeper()
 * 
 * Used at the top of a page to mark it as logged in users only.
 *
 * @return void
 */
function gatekeeper() {
	elgg_gatekeeper();
}

/**
 * Used at the top of a page to mark it as admin only.
 *
 * @return void
 * @since 1.9.0
 */
function elgg_admin_gatekeeper() {
	elgg_gatekeeper();

	if (!elgg_is_admin_logged_in()) {
		_elgg_services()->session->set('last_forward_from', current_page_url());
		register_error(elgg_echo('adminrequired'));
		forward('', 'admin');
	}
}

/**
 * Alias of elgg_admin_gatekeeper()
 *
 * Used at the top of a page to mark it as logged in admin or siteadmin only.
 *
 * @return void
 */
function admin_gatekeeper() {
	elgg_admin_gatekeeper();
}

/**
 * May the current user access item(s) on this page? If the page owner is a group,
 * membership, visibility, and logged in status are taken into account.
 *
 * @param bool $forward    If set to true (default), will forward the page;
 *                         if set to false, will return true or false.
 *
 * @param int  $group_guid The group that owns the page. If not set, this
 *                         will be pulled from elgg_get_page_owner_guid().
 *
 * @return bool Will return if $forward is set to false.
 * @since 1.9.0
 */
function elgg_group_gatekeeper($forward = true, $group_guid = null) {
	if (null === $group_guid) {
		$group_guid = elgg_get_page_owner_guid();
	}

	if (!$group_guid) {
		return true;
	}

	// this handles non-groups and invisible groups
	$visibility = \Elgg\GroupItemVisibility::factory($group_guid);

	if (!$visibility->shouldHideItems) {
		return true;
	}
	if ($forward) {
		// only forward to group if user can see it
		$group = get_entity($group_guid);
		$forward_url = $group ? $group->getURL() : '';

		if (!elgg_is_logged_in()) {
			_elgg_services()->session->set('last_forward_from', current_page_url());
			$forward_reason = 'login';
		} else {
			$forward_reason = 'member';
		}

		$msg_keys = array(
			'non_member' => 'membershiprequired',
			'logged_out' => 'loggedinrequired',
			'no_access' => 'noaccess',
		);
		register_error(elgg_echo($msg_keys[$visibility->reasonHidden]));
		forward($forward_url, $forward_reason);
	}

	return false;
}

/**
 * May the current user access item(s) on this page? If the page owner is a group,
 * membership, visibility, and logged in status are taken into account.
 *
 * @param bool $forward         If set to true (default), will forward the page;
 *                              if set to false, will return true or false.
 *
 * @param int  $page_owner_guid The current page owner guid. If not set, this
 *                              will be pulled from elgg_get_page_owner_guid().
 *
 * @return bool Will return if $forward is set to false.
 */
function group_gatekeeper($forward = true, $page_owner_guid = null) {
	return elgg_group_gatekeeper($forward, $page_owner_guid);
}

/**
 * Can the viewer see this entity?
 *
 * Tests if the entity exists and whether the viewer has access to the entity
 * if it does. If the viewer cannot view this entity, it forwards to an
 * appropriate page.
 *
 * @param int    $guid    Entity GUID
 * @param string $type    Optional required entity type
 * @param string $subtype Optional required entity subtype
 * @return void
 * @since 1.9.0
 */
function elgg_entity_gatekeeper($guid, $type = null, $subtype = null) {
	$entity = get_entity($guid);
	if (!$entity) {
		if (!elgg_entity_exists($guid)) {
			// entity doesn't exist
			forward('', '404');
		} elseif (!elgg_is_logged_in()) {
			// entity requires at least a logged in user
			elgg_gatekeeper();
		} else {
			// user is logged in but still does not have access to it
			if (strpos(strtolower($_SERVER['HTTP_USER_AGENT']), 'secmgr') === 0) {
				header('HTTP/1.1 403 Forbidden');
				exit();
			} else {
				register_error(elgg_echo('limited_access'));
				forward();
			}
		}
	}

	if ($type) {
''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
		if (!elgg_instanceof($entity, $type, $subtype)) {
			// entity is of wrong type/subtype
			forward('', '404');
		}
	}
}

/**
 * Require that the current request be an XHR. If not, execution of the current function
 * will end and a 400 response page will be sent.
 *
 * @return void
 * @since 1.12.0
 */
function elgg_ajax_gatekeeper() {
	if (!elgg_is_xhr()) {
		register_error(_elgg_services()->translator->translate('ajax:not_is_xhr'));
		forward(null, '400');
	}
}

/**
 * Front page handler
 * 
 * @return bool
 */
function elgg_front_page_handler() {

	if (elgg_is_logged_in()) {
		forward('activity');
	}

	$title = elgg_echo('content:latest');
	$content = elgg_list_river();
	if (!$content) {
		$content = elgg_echo('river:none');
	}

	$login_box = elgg_view('core/account/login_box');

	$params = array(
			'title' => $title,
			'content' => $content,
			'sidebar' => $login_box
	);
	$body = elgg_view_layout('one_sidebar', $params);
	echo elgg_view_page(null, $body);
	return true;
}

/**
 * Serve an error page
 *
 * This is registered by Elgg for the 'forward', '404' plugin hook. It can
 * registered for other hooks by plugins or called directly to display an
 * error page.
 *
 * @param string $hook   The name of the hook
 * @param string $type   Http error code
 * @param bool   $result The current value of the hook
 * @param array  $params Parameters related to the hook
 * @return void
 */
function elgg_error_page_handler($hook, $type, $result, $params) {
	if (elgg_view_exists("errors/$type")) {
		$title = elgg_echo("error:$type:title");
		if ($title == "error:$type:title") {
			// use default if there is no title for this error type
			$title = elgg_echo("error:default:title");
		}
		
		$content = elgg_view("errors/$type", $params);
	} else {
		$title = elgg_echo("error:default:title");
		$content = elgg_view("errors/default", $params);
	}
	
	$httpCodes = array(
		'400' => 'Bad Request',
		'401' => 'Unauthorized',
		'403' => 'Forbidden',
		'404' => 'Not Found',
		'407' => 'Proxy Authentication Required',
		'500' => 'Internal Server Error',
		'503' => 'Service Unavailable',
	);
	
	if (isset($httpCodes[$type])) {
		header("HTTP/1.1 $type {$httpCodes[$type]}");
	}

	$body = elgg_view_layout('error', array(
		'title' => $title,
		'content' => $content,
	));
	echo elgg_view_page($title, $body, 'error');
	exit;
}

/**
 * Initializes the page handler/routing system
 *
 * @return void
 * @access private
 */
function _elgg_page_handler_init() {
	elgg_register_page_handler('', 'elgg_front_page_handler');
	// Registered at 600 so that plugins can register at the default 500 and get to run first
	elgg_register_plugin_hook_handler('forward', '400', 'elgg_error_page_handler', 600);
	elgg_register_plugin_hook_handler('forward', '403', 'elgg_error_page_handler', 600);
	elgg_register_plugin_hook_handler('forward', '404', 'elgg_error_page_handler', 600);
}

return function(\Elgg\EventsService $events, \Elgg\HooksRegistrationService $hooks) {
	$events->registerHandler('init', 'system', '_elgg_page_handler_init');
};


1		<?php
2		/**
3		* Elgg page handler functions
4		*
5		* @package Elgg.Core
6		* @subpackage Routing
7		*/
8
9		/**
10		* Registers a page handler for a particular identifier
11		*
12		* For example, you can register a function called 'blog_page_handler' for the identifier 'blog'
13		* For all URLs http://yoururl/blog/*, the blog_page_handler() function will be called.
14		* The part of the URL marked with * above will be exploded on '/' characters and passed as an
15		* array to that function.
16		* For example, the URL http://yoururl/blog/username/friends/ would result in the call:
17		* blog_page_handler(array('username','friends'), blog);
18		*
19		* A request to register a page handler with the same identifier as previously registered
20		* handler will replace the previous one.
21		*
22		* The context is set to the identifier before the registered
23		* page handler function is called. For the above example, the context is set to 'blog'.
24		*
25		* Page handlers should return true to indicate that they handled the request.
26		* Requests not handled are forwarded to the front page with a reason of 404.
27		* Plugins can register for the 'forward', '404' plugin hook. @see forward()
28		*
29		* @param string $identifier The page type identifier
30		* @param string $function Your function name
31		*
32		* @return bool Depending on success
33		*/
34		function elgg_register_page_handler($identifier, $function) {
35		return _elgg_services()->router->registerPageHandler($identifier, $function);
36		}
37
38		/**
39		* Unregister a page handler for an identifier
40		*
41		* Note: to replace a page handler, call elgg_register_page_handler()
42		*
43		* @param string $identifier The page type identifier
44		*
45		* @since 1.7.2
46		* @return void
47		*/
48		function elgg_unregister_page_handler($identifier) {
49		_elgg_services()->router->unregisterPageHandler($identifier);
50		}
51
52		/**
53		* Used at the top of a page to mark it as logged in users only.
54		*
55		* @return void
56		* @since 1.9.0
57		*/
58	View Code Duplication	function elgg_gatekeeper() {
59		if (!elgg_is_logged_in()) {
60		_elgg_services()->session->set('last_forward_from', current_page_url());
61		system_message(elgg_echo('loggedinrequired'));
62		forward('/login', 'login');
63		}
64		}
65
66		/**
67		* Alias of elgg_gatekeeper()
68		*
69		* Used at the top of a page to mark it as logged in users only.
70		*
71		* @return void
72		*/
73		function gatekeeper() {
74		elgg_gatekeeper();
75		}
76
77		/**
78		* Used at the top of a page to mark it as admin only.
79		*
80		* @return void
81		* @since 1.9.0
82		*/
83	View Code Duplication	function elgg_admin_gatekeeper() {
84		elgg_gatekeeper();
85
86		if (!elgg_is_admin_logged_in()) {
87		_elgg_services()->session->set('last_forward_from', current_page_url());
88		register_error(elgg_echo('adminrequired'));
89		forward('', 'admin');
90		}
91		}
92
93		/**
94		* Alias of elgg_admin_gatekeeper()
95		*
96		* Used at the top of a page to mark it as logged in admin or siteadmin only.
97		*
98		* @return void
99		*/
100		function admin_gatekeeper() {
101		elgg_admin_gatekeeper();
102		}
103
104		/**
105		* May the current user access item(s) on this page? If the page owner is a group,
106		* membership, visibility, and logged in status are taken into account.
107		*
108		* @param bool $forward If set to true (default), will forward the page;
109		* if set to false, will return true or false.
110		*
111		* @param int $group_guid The group that owns the page. If not set, this
112		* will be pulled from elgg_get_page_owner_guid().
113		*
114		* @return bool Will return if $forward is set to false.
115		* @since 1.9.0
116		*/
117		function elgg_group_gatekeeper($forward = true, $group_guid = null) {
118		if (null === $group_guid) {
119		$group_guid = elgg_get_page_owner_guid();
120		}
121
122		if (!$group_guid) {
123		return true;
124		}
125
126		// this handles non-groups and invisible groups
127		$visibility = \Elgg\GroupItemVisibility::factory($group_guid);
128
129		if (!$visibility->shouldHideItems) {
130		return true;
131		}
132		if ($forward) {
133		// only forward to group if user can see it
134		$group = get_entity($group_guid);
135		$forward_url = $group ? $group->getURL() : '';
136
137		if (!elgg_is_logged_in()) {
138		_elgg_services()->session->set('last_forward_from', current_page_url());
139		$forward_reason = 'login';
140		} else {
141		$forward_reason = 'member';
142		}
143
144		$msg_keys = array(
145		'non_member' => 'membershiprequired',
146		'logged_out' => 'loggedinrequired',
147		'no_access' => 'noaccess',
148		);
149		register_error(elgg_echo($msg_keys[$visibility->reasonHidden]));
150		forward($forward_url, $forward_reason);
151		}
152
153		return false;
154		}
155
156		/**
157		* May the current user access item(s) on this page? If the page owner is a group,
158		* membership, visibility, and logged in status are taken into account.
159		*
160		* @param bool $forward If set to true (default), will forward the page;
161		* if set to false, will return true or false.
162		*
163		* @param int $page_owner_guid The current page owner guid. If not set, this
164		* will be pulled from elgg_get_page_owner_guid().
165		*
166		* @return bool Will return if $forward is set to false.
167		*/
168		function group_gatekeeper($forward = true, $page_owner_guid = null) {
169		return elgg_group_gatekeeper($forward, $page_owner_guid);
170		}
171
172		/**
173		* Can the viewer see this entity?
174		*
175		* Tests if the entity exists and whether the viewer has access to the entity
176		* if it does. If the viewer cannot view this entity, it forwards to an
177		* appropriate page.
178		*
179		* @param int $guid Entity GUID
180		* @param string $type Optional required entity type
181		* @param string $subtype Optional required entity subtype
182		* @return void
183		* @since 1.9.0
184		*/
185		function elgg_entity_gatekeeper($guid, $type = null, $subtype = null) {
186		$entity = get_entity($guid);
187		if (!$entity) {
188		if (!elgg_entity_exists($guid)) {
189		// entity doesn't exist
190		forward('', '404');
191		} elseif (!elgg_is_logged_in()) {
192		// entity requires at least a logged in user
193		elgg_gatekeeper();
194		} else {
195		// user is logged in but still does not have access to it
196		if (strpos(strtolower($_SERVER['HTTP_USER_AGENT']), 'secmgr') === 0) {
197		header('HTTP/1.1 403 Forbidden');
198		exit();
199		} else {
200		register_error(elgg_echo('limited_access'));
201		forward();
202		}
203		}
204		}
205
206		if ($type) {
		0 ignored issues – show Bug Best Practice introduced 2017-09-27 16:16 UTC by Report Bug Copy Issue Report The expression `$type` of type `string\|null` is loosely compared to `true`; this is ambiguous if the string can be empty. You might want to explicitly use `!== null` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `string` values, the empty string `''` is a special case, in particular the following results might be unexpected: '' == false // true '' == null // true 'ab' == false // false 'ab' == null // false // It is often better to use strict comparison '' === false // false '' === null // false Loading history...
207		if (!elgg_instanceof($entity, $type, $subtype)) {
208		// entity is of wrong type/subtype
209		forward('', '404');
210		}
211		}
212		}
213
214		/**
215		* Require that the current request be an XHR. If not, execution of the current function
216		* will end and a 400 response page will be sent.
217		*
218		* @return void
219		* @since 1.12.0
220		*/
221		function elgg_ajax_gatekeeper() {
222		if (!elgg_is_xhr()) {
223		register_error(_elgg_services()->translator->translate('ajax:not_is_xhr'));
224		forward(null, '400');
225		}
226		}
227
228		/**
229		* Front page handler
230		*
231		* @return bool
232		*/
233		function elgg_front_page_handler() {
234
235		if (elgg_is_logged_in()) {
236		forward('activity');
237		}
238
239		$title = elgg_echo('content:latest');
240		$content = elgg_list_river();
241		if (!$content) {
242		$content = elgg_echo('river:none');
243		}
244
245		$login_box = elgg_view('core/account/login_box');
246
247		$params = array(
248		'title' => $title,
249		'content' => $content,
250		'sidebar' => $login_box
251		);
252		$body = elgg_view_layout('one_sidebar', $params);
253		echo elgg_view_page(null, $body);
254		return true;
255		}
256
257		/**
258		* Serve an error page
259		*
260		* This is registered by Elgg for the 'forward', '404' plugin hook. It can
261		* registered for other hooks by plugins or called directly to display an
262		* error page.
263		*
264		* @param string $hook The name of the hook
265		* @param string $type Http error code
266		* @param bool $result The current value of the hook
267		* @param array $params Parameters related to the hook
268		* @return void
269		*/
270		function elgg_error_page_handler($hook, $type, $result, $params) {
271	View Code Duplication	if (elgg_view_exists("errors/$type")) {
272		$title = elgg_echo("error:$type:title");
273		if ($title == "error:$type:title") {
274		// use default if there is no title for this error type
275		$title = elgg_echo("error:default:title");
276		}
277
278		$content = elgg_view("errors/$type", $params);
279		} else {
280		$title = elgg_echo("error:default:title");
281		$content = elgg_view("errors/default", $params);
282		}
283
284		$httpCodes = array(
285		'400' => 'Bad Request',
286		'401' => 'Unauthorized',
287		'403' => 'Forbidden',
288		'404' => 'Not Found',
289		'407' => 'Proxy Authentication Required',
290		'500' => 'Internal Server Error',
291		'503' => 'Service Unavailable',
292		);
293
294		if (isset($httpCodes[$type])) {
295		header("HTTP/1.1 $type {$httpCodes[$type]}");
296		}
297
298		$body = elgg_view_layout('error', array(
299		'title' => $title,
300		'content' => $content,
301		));
302		echo elgg_view_page($title, $body, 'error');
303		exit;
304		}
305
306		/**
307		* Initializes the page handler/routing system
308		*
309		* @return void
310		* @access private
311		*/
312		function _elgg_page_handler_init() {
313		elgg_register_page_handler('', 'elgg_front_page_handler');
314		// Registered at 600 so that plugins can register at the default 500 and get to run first
315		elgg_register_plugin_hook_handler('forward', '400', 'elgg_error_page_handler', 600);
316		elgg_register_plugin_hook_handler('forward', '403', 'elgg_error_page_handler', 600);
317		elgg_register_plugin_hook_handler('forward', '404', 'elgg_error_page_handler', 600);
318		}
319
320		return function(\Elgg\EventsService $events, \Elgg\HooksRegistrationService $hooks) {
321		$events->registerHandler('init', 'system', '_elgg_page_handler_init');
322		};
323

gctools-outilsgc / gcconnex

pagehandler.php ➔ elgg_gatekeeper() A last analyzed 2021-05-27 17:40 UTC

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like

pagehandler.php ➔ elgg_gatekeeper() A
last analyzed 2021-05-27 17:40 UTC