diff --git a/globals/Dependencies/Common/System.php b/globals/Dependencies/Common/System.php new file mode 100644 index 0000000..af56fbb --- /dev/null +++ b/globals/Dependencies/Common/System.php @@ -0,0 +1,11 @@ +prepare("SELECT * FROM `websettings` WHERE `maintenance` = 1"); - $query->execute(); - - if ($query->rowCount() > 0) - { - return true; - } - return false; - } - public static function IsCurrentIpAddressWhitelisted() { $currentIp = WebContextManager::GetCurrentIPAddress(); @@ -33,15 +21,21 @@ namespace Alphaland\Web { public static function CanBypassMaintenance() { - // Wouldn't really be a bypass per say, but you know, reusing existing code is better than - // copying already existing code. - if (!WebContextManager::IsUnderMaintenance()) return true; + return $GLOBALS['user']->isAdmin() || WebContextManager::IsCurrentIpAddressWhitelisted(); + } + + public static function IsUnderMaintenance(bool $status = false) + { + $query = $GLOBALS['pdo']->prepare("SELECT * FROM `websettings` WHERE `maintenance` = 1"); + $query->execute(); - if (!$GLOBALS['user']->isAdmin() - && !WebContextManager::IsCurrentIpAddressWhitelisted() - ) return false; - - return true; + if ($query->rowCount() > 0) { + if ($status) { + return true; + } + return !WebContextManager::CanBypassMaintenance(); + } + return false; } public static function GetRequestHeaders() @@ -82,11 +76,18 @@ namespace Alphaland\Web { public static function ForceHttpsCloudflare() { - if(!is_https_cloudflare()) { + if(!WebContextManager::IsCloudflareHttps()) { header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]); exit(); } } + + public static function Redirect($url, $code = 302) + { + http_response_code($code); + header("Location: $url"); + die(); + } public static function HttpGetPing($url, $timeout) //to see if a URL times out { diff --git a/globals/config.php b/globals/config.php index 12e572f..95a17b4 100644 --- a/globals/config.php +++ b/globals/config.php @@ -14,6 +14,8 @@ use Alphaland\Users\Activation; use Alphaland\Users\TwoFactor; use Alphaland\Moderation\UserModerationManager; +use Alphaland\Web\WebContextManager; +use Alphaland\Common\System; try { @@ -101,6 +103,7 @@ try include "C:/Webserver/nginx/Alphaland/globals/Dependencies/Common/HashingUtiltity.php"; include "C:/Webserver/nginx/Alphaland/globals/Dependencies/Web/IpRange.php"; include "C:/Webserver/nginx/Alphaland/globals/Dependencies/Web/WebContextManager.php"; + include "C:/Webserver/nginx/Alphaland/globals/Dependencies/Common/System.php"; //authenticator $authenticator = new PHPGangsta_GoogleAuthenticator(); @@ -127,22 +130,21 @@ try require_once 'userauth.php'; //redirects - if (!commandLine() && //is not executed from cmd line - !RCCHeaderEnvironment(true)) //is not an authenticated rcc + if (!System::IsCommandLine() && //is not executed from cmd line + !WebContextManager::VerifyAccessKeyHeader()) //is not an authenticated rcc { $accesseddomain = $_SERVER['SERVER_NAME']; $accesseddirectory = $_SERVER['PHP_SELF']; if ($accesseddomain == "www.".$domain && //if the domain the user is visiting www $_SERVER['HTTP_USER_AGENT'] != $clientUserAgent) { //is not client user agent - forceHttpsCloudflare(); + WebContextManager::ForceHttpsCloudflare(); } $activated = Activation::IsUserActivated($GLOBALS['user']->id); $twofactor = TwoFactor::IsSession2FAUnlocked(); $banned = UserModerationManager::IsBanned($GLOBALS['user']->id); - - $maintenance = checkIfUnderMaintenance(); + $maintenance = WebContextManager::IsUnderMaintenance(); //step 1, check if under maintenance if ($maintenance) { //maintenance redirect diff --git a/globals/functions.php b/globals/functions.php index fadcadb..f566c7e 100644 --- a/globals/functions.php +++ b/globals/functions.php @@ -9,6 +9,7 @@ //img tools (potentially high resource usage) (probably blocking) use Alphaland\Moderation\UserModerationManager; +use Alphaland\Web\WebContextManager; function imagecopymerge_alpha($dst_im, $src_im, $dst_x, $dst_y, $src_x, $src_y, $src_w, $src_h, $pct) { $cut = imagecreatetruecolor($src_w, $src_h); @@ -6550,15 +6551,6 @@ function getCSS($studio=false) //utilities -function commandLine() -{ - if (php_sapi_name() === 'cli') - { - return true; - } - return false; -} - function httpGetPing($url, $timeoutms) //to see if a URL times out { $curl_do = curl_init(); @@ -6655,7 +6647,7 @@ function getNav() '; } - if (isUnderMaintenance()) + if (WebContextManager::IsUnderMaintenance(true)) { $maintenancestatus = ""; } @@ -6806,70 +6798,6 @@ function fetchAnnouncement() } } -function getallrequestheaders() { - $headers = []; - foreach ($_SERVER as $name => $value) { - if (substr($name, 0, 5) == 'HTTP_') { - $headers[str_replace(' ', '-', ucwords(strtolower(str_replace('_', ' ', substr($name, 5)))))] = $value; - } - } - return $headers; - } - -function RCCHeaderEnvironment($nodie=false) //authenticates if the accesskey header is valid and the ip whitelisted -{ - $ip = getIP(); //get the requesters ip address - $whitelisted_ips = explode(";", $GLOBALS['ws']->webservice_whitelist); //splits up all the ip's in the whitelist with ; being the marker - - $headers = getallrequestheaders(); //grab all the headers sent from the requester - $accesskey = $headers['Accesskey']; //if the Accesskey header from requester is present, the contents wil be stored here - - if(in_array($ip, $whitelisted_ips)) //if the IP from the requester is whitelisted - { - if (!empty($accesskey)) //if the contents of the accesskey variable is not empty - { - if($accesskey == $GLOBALS['ws']->webservice_key) //if the contents of the accesskey variable equals the webservicekey in the database - { - return true; - } - } - } - - if (!$nodie) - { - die(http_response_code(401)); //all of the conditions arent met - } - return false; -} - -function isUnderMaintenance() -{ - $checkMaintenance = $GLOBALS['pdo']->prepare("SELECT * FROM websettings WHERE maintenance = 1"); - $checkMaintenance->execute(); - - if ($checkMaintenance->rowCount() > 0) //if under maintenance - { - return true; - } - return false; -} - -function checkIfUnderMaintenance() -{ - $rank = $GLOBALS['user']->rank; - $checkMaintenance = $GLOBALS['pdo']->prepare("SELECT * FROM websettings WHERE maintenance = 1"); - $checkMaintenance->execute(); - - if ($checkMaintenance->rowCount() > 0) //if under maintenance - { - if ($rank !=2 && !in_array(getIP(), explode(";", $GLOBALS['ws']->webservice_whitelist))) //if not admin or whitelisted ip - { - return true; - } - } - return false; -} - function canRegister() { $check = $GLOBALS['pdo']->prepare("SELECT * FROM websettings WHERE registration = 1"); @@ -6882,22 +6810,9 @@ function canRegister() return false; } -function is_https_cloudflare() { - return isset($_SERVER['HTTPS']) || - ($visitor = json_decode($_SERVER['HTTP_CF_VISITOR'])) && - $visitor->scheme == 'https'; -} - -function forceHttpsCloudflare() { - if(!is_https_cloudflare()) { - header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]); - exit(); - } -} - function adminPanelStats() { $maintenancestatus = "ON"; - if (!isUnderMaintenance()) + if (!WebContextManager::IsUnderMaintenance(true)) { $maintenancestatus = "OFF"; } diff --git a/html/maintenance.php b/html/maintenance.php index 9f24be1..50bd453 100644 --- a/html/maintenance.php +++ b/html/maintenance.php @@ -1,5 +1,8 @@ isOwner())) { die('bababooey'); diff --git a/html_admin/client-deployer-upload.php b/html_admin/client-deployer-upload.php index afb3fe4..6cb2af4 100644 --- a/html_admin/client-deployer-upload.php +++ b/html_admin/client-deployer-upload.php @@ -1,6 +1,8 @@ isOwner())) { diff --git a/html_admin/client-deployer.php b/html_admin/client-deployer.php index ea7e651..a5ba126 100644 --- a/html_admin/client-deployer.php +++ b/html_admin/client-deployer.php @@ -1,6 +1,8 @@ isOwner())) { if ($user->isAdmin()) { diff --git a/html_admin/configuration.php b/html_admin/configuration.php index 9131122..ea1db77 100644 --- a/html_admin/configuration.php +++ b/html_admin/configuration.php @@ -1,6 +1,8 @@ isOwner())) { if ($user->isAdmin()) { diff --git a/html_admin/create-asset.php b/html_admin/create-asset.php index 1ccaa60..a9644e5 100644 --- a/html_admin/create-asset.php +++ b/html_admin/create-asset.php @@ -1,6 +1,8 @@ isAdmin())) { die('bababooey'); diff --git a/html_admin/create-signupkey.php b/html_admin/create-signupkey.php index e24e7bb..23962a4 100644 --- a/html_admin/create-signupkey.php +++ b/html_admin/create-signupkey.php @@ -1,6 +1,8 @@ isAdmin())) { die('bababooey'); diff --git a/html_admin/generateSecurityKey.php b/html_admin/generateSecurityKey.php index 3cc9aca..f8b2307 100644 --- a/html_admin/generateSecurityKey.php +++ b/html_admin/generateSecurityKey.php @@ -1,6 +1,8 @@ isOwner())) { if ($user->isAdmin()) { diff --git a/html_admin/index.php b/html_admin/index.php index 76a2d93..08c0cf5 100644 --- a/html_admin/index.php +++ b/html_admin/index.php @@ -1,6 +1,8 @@ isAdmin())) { die('bababooey'); diff --git a/html_admin/lua-executer/activeJobs.php b/html_admin/lua-executer/activeJobs.php index d5ec7f9..1d324fc 100644 --- a/html_admin/lua-executer/activeJobs.php +++ b/html_admin/lua-executer/activeJobs.php @@ -1,6 +1,8 @@ isAdmin())) { die('bababooey'); diff --git a/html_admin/lua-executer/executeScript.php b/html_admin/lua-executer/executeScript.php index 97fa1e2..76822c5 100644 --- a/html_admin/lua-executer/executeScript.php +++ b/html_admin/lua-executer/executeScript.php @@ -1,6 +1,8 @@ isAdmin())) { die('bababooey'); diff --git a/html_admin/lua-executer/index.php b/html_admin/lua-executer/index.php index 32a7449..be80f32 100644 --- a/html_admin/lua-executer/index.php +++ b/html_admin/lua-executer/index.php @@ -1,6 +1,8 @@ isAdmin())) { die('bababooey'); diff --git a/html_admin/rank-management.php b/html_admin/rank-management.php index cf18318..1c1499d 100644 --- a/html_admin/rank-management.php +++ b/html_admin/rank-management.php @@ -1,6 +1,8 @@ isOwner())) { if ($user->isAdmin()) { diff --git a/html_admin/rendermanagement.php b/html_admin/rendermanagement.php index c367309..f267651 100644 --- a/html_admin/rendermanagement.php +++ b/html_admin/rendermanagement.php @@ -1,6 +1,8 @@ isAdmin())) { die('bababooey');