File code/core/Mage/Core/Helper/Http.php

  1: <?php
  2: /**
  3:  * Magento
  4:  *
  5:  * NOTICE OF LICENSE
  6:  *
  7:  * This source file is subject to the Open Software License (OSL 3.0)
  8:  * that is bundled with this package in the file LICENSE.txt.
  9:  * It is also available through the world-wide-web at this URL:
 10:  * http://opensource.org/licenses/osl-3.0.php
 11:  * If you did not receive a copy of the license and are unable to
 12:  * obtain it through the world-wide-web, please send an email
 13:  * to license@magentocommerce.com so we can send you a copy immediately.
 14:  *
 15:  * DISCLAIMER
 16:  *
 17:  * Do not edit or add to this file if you wish to upgrade Magento to newer
 18:  * versions in the future. If you wish to customize Magento for your
 19:  * needs please refer to http://www.magentocommerce.com for more information.
 20:  *
 21:  * @category    Mage
 22:  * @package     Mage_Core
 23:  * @copyright   Copyright (c) 2012 Magento Inc. (http://www.magentocommerce.com)
 24:  * @license     http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
 25:  */
 26: 
 27: /**
 28:  * Core Http Helper
 29:  *
 30:  * @category    Mage
 31:  * @package     Mage_Core
 32:  * @author      Magento Core Team <core@magentocommerce.com>
 33:  */
 34: class Mage_Core_Helper_Http extends Mage_Core_Helper_Abstract
 35: {
 36:     const XML_NODE_REMOTE_ADDR_HEADERS  = 'global/remote_addr_headers';
 37: 
 38:     /**
 39:      * Remote address cache
 40:      *
 41:      * @var string
 42:      */
 43:     protected $_remoteAddr;
 44: 
 45:     /**
 46:      * Validate and retrieve user and password from HTTP
 47:      *
 48:      * @return array
 49:      */
 50:     public function authValidate($headers = null)
 51:     {
 52:         if(!is_null($headers)) {
 53:             $_SERVER = $headers;
 54:         }
 55: 
 56:         $user = '';
 57:         $pass = '';
 58: 
 59:         // moshe's fix for CGI
 60:         if (empty($_SERVER['HTTP_AUTHORIZATION'])) {
 61:             foreach ($_SERVER as $k=>$v) {
 62:                 if (substr($k, -18)==='HTTP_AUTHORIZATION' && !empty($v)) {
 63:                     $_SERVER['HTTP_AUTHORIZATION'] = $v;
 64:                     break;
 65:                 }
 66:             }
 67:         }
 68: 
 69:         if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
 70:             $user = $_SERVER['PHP_AUTH_USER'];
 71:             $pass = $_SERVER['PHP_AUTH_PW'];
 72:         }
 73:         //  IIS Note::  For HTTP Authentication to work with IIS,
 74:         // the PHP directive cgi.rfc2616_headers must be set to 0 (the default value).
 75:         elseif (!empty($_SERVER['HTTP_AUTHORIZATION'])) {
 76:             $auth = $_SERVER['HTTP_AUTHORIZATION'];
 77:             list($user, $pass) = explode(':', base64_decode(substr($auth, strpos($auth, " ") + 1)));
 78:         }
 79:         elseif (!empty($_SERVER['Authorization'])) {
 80:             $auth = $_SERVER['Authorization'];
 81:             list($user, $pass) = explode(':', base64_decode(substr($auth, strpos($auth, " ") + 1)));
 82:         }
 83: 
 84:         if (!$user || !$pass) {
 85:             $this->authFailed();
 86:         }
 87: 
 88:         return array($user, $pass);
 89:     }
 90: 
 91:     /**
 92:      * Send auth failed Headers and exit
 93:      *
 94:      */
 95:     public function authFailed()
 96:     {
 97:         Mage::app()->getResponse()
 98:             ->setHeader('HTTP/1.1','401 Unauthorized')
 99:             ->setHeader('WWW-Authenticate','Basic realm="RSS Feeds"')
100:             ->setBody('<h1>401 Unauthorized</h1>')
101:             ->sendResponse();
102:         exit;
103:     }
104: 
105:     /**
106:      * Retrieve Remote Addresses Additional check Headers
107:      *
108:      * @return array
109:      */
110:     public function getRemoteAddrHeaders()
111:     {
112:         $headers = array();
113:         $element = Mage::getConfig()->getNode(self::XML_NODE_REMOTE_ADDR_HEADERS);
114:         if ($element instanceof Mage_Core_Model_Config_Element) {
115:             foreach ($element->children() as $node) {
116:                 $headers[] = (string)$node;
117:             }
118:         }
119: 
120:         return $headers;
121:     }
122: 
123:     /**
124:      * Retrieve Client Remote Address
125:      *
126:      * @param bool $ipToLong converting IP to long format
127:      * @return string IPv4|long
128:      */
129:     public function getRemoteAddr($ipToLong = false)
130:     {
131:         if (is_null($this->_remoteAddr)) {
132:             $headers = $this->getRemoteAddrHeaders();
133:             foreach ($headers as $var) {
134:                 if ($this->_getRequest()->getServer($var, false)) {
135:                     $this->_remoteAddr = $_SERVER[$var];
136:                     break;
137:                 }
138:             }
139: 
140:             if (!$this->_remoteAddr) {
141:                 $this->_remoteAddr = $this->_getRequest()->getServer('REMOTE_ADDR');
142:             }
143:         }
144: 
145:         if (!$this->_remoteAddr) {
146:             return false;
147:         }
148: 
149:         return $ipToLong ? ip2long($this->_remoteAddr) : $this->_remoteAddr;
150:     }
151: 
152:     /**
153:      * Retrieve Server IP address
154:      *
155:      * @param bool $ipToLong converting IP to long format
156:      * @return string IPv4|long
157:      */
158:     public function getServerAddr($ipToLong = false)
159:     {
160:         $address = $this->_getRequest()->getServer('SERVER_ADDR');
161:         if (!$address) {
162:             return false;
163:         }
164:         return $ipToLong ? ip2long($address) : $address;
165:     }
166: 
167:     /**
168:      * Retrieve HTTP "clean" value
169:      *
170:      * @param string $var
171:      * @param boolean $clean clean non UTF-8 characters
172:      * @return string
173:      */
174:     protected function _getHttpCleanValue($var, $clean = true)
175:     {
176:         $value = $this->_getRequest()->getServer($var, '');
177:         if ($clean) {
178:             $value = Mage::helper('core/string')->cleanString($value);
179:         }
180: 
181:         return $value;
182:     }
183: 
184:     /**
185:      * Retrieve HTTP HOST
186:      *
187:      * @param boolean $clean clean non UTF-8 characters
188:      * @return string
189:      */
190:     public function getHttpHost($clean = true)
191:     {
192:         return $this->_getHttpCleanValue('HTTP_HOST', $clean);
193:     }
194: 
195:     /**
196:      * Retrieve HTTP USER AGENT
197:      *
198:      * @param boolean $clean clean non UTF-8 characters
199:      * @return string
200:      */
201:     public function getHttpUserAgent($clean = true)
202:     {
203:         return $this->_getHttpCleanValue('HTTP_USER_AGENT', $clean);
204:     }
205: 
206:     /**
207:      * Retrieve HTTP ACCEPT LANGUAGE
208:      *
209:      * @param boolean $clean clean non UTF-8 characters
210:      * @return string
211:      */
212:     public function getHttpAcceptLanguage($clean = true)
213:     {
214:         return $this->_getHttpCleanValue('HTTP_ACCEPT_LANGUAGE', $clean);
215:     }
216: 
217:     /**
218:      * Retrieve HTTP ACCEPT CHARSET
219:      *
220:      * @param boolean $clean clean non UTF-8 characters
221:      * @return string
222:      */
223:     public function getHttpAcceptCharset($clean = true)
224:     {
225:         return $this->_getHttpCleanValue('HTTP_ACCEPT_CHARSET', $clean);
226:     }
227: 
228:     /**
229:      * Retrieve HTTP REFERER
230:      *
231:      * @param boolean $clean clean non UTF-8 characters
232:      * @return string
233:      */
234:     public function getHttpReferer($clean = true)
235:     {
236:         return $this->_getHttpCleanValue('HTTP_REFERER', $clean);
237:     }
238: 
239:     /**
240:      * Returns the REQUEST_URI taking into account
241:      * platform differences between Apache and IIS
242:      *
243:      * @param boolean $clean clean non UTF-8 characters
244:      * @return string
245:      */
246:     public function getRequestUri($clean = false)
247:     {
248:         $uri = $this->_getRequest()->getRequestUri();
249:         if ($clean) {
250:             $uri = Mage::helper('core/string')->cleanString($uri);
251:         }
252:         return $uri;
253:     }
254: 
255:     /**
256:      * Validate IP address
257:      *
258:      * @param string $address
259:      * @return boolean
260:      */
261:     public function validateIpAddr($address)
262:     {
263:         return preg_match('#^(1?\d{1,2}|2([0-4]\d|5[0-5]))(\.(1?\d{1,2}|2([0-4]\d|5[0-5]))){3}$#', $address);
264:     }
265: }
266:
Packages

Classes

Exceptions

Functions
