diff options
author | Malf Furious <m@lfurio.us> | 2016-02-22 22:57:23 -0500 |
---|---|---|
committer | Malf Furious <m@lfurio.us> | 2016-02-22 22:57:23 -0500 |
commit | c235d4bda46d4adcd71b35e1fa3c8a88ac8eae4f (patch) | |
tree | dc14a93df468303a588a930a5a1302544ecc0238 /app/controller | |
parent | 79cf60764b5033edcf2962ccf3ee6d1706b41230 (diff) | |
download | scrott-c235d4bda46d4adcd71b35e1fa3c8a88ac8eae4f.tar.gz scrott-c235d4bda46d4adcd71b35e1fa3c8a88ac8eae4f.zip |
Create a basic flow for the application Root controller
This applies the rules for requiring or forbiding the use of SSL/HTTPS and reorganizes the rest of root's handle() function (that is, the check for displaying sysconf, auth, or a placeholder message).
Diffstat (limited to '')
-rw-r--r-- | app/controller/root.control.php | 33 |
1 files changed, 22 insertions, 11 deletions
diff --git a/app/controller/root.control.php b/app/controller/root.control.php index 2c60faf..5b5dd8f 100644 --- a/app/controller/root.control.php +++ b/app/controller/root.control.php @@ -1,6 +1,7 @@ <?php require_once "class/controller.class.php"; +require_once "class/setting.class.php"; require_once "controller/sysconf.control.php"; require_once "controller/except.control.php"; require_once "controller/auth.control.php"; @@ -18,32 +19,42 @@ class Root extends Controller { /* TODO -- Authentication (login / logout / register) MVC */ + global $_SCROTT; $argv = $this->normalizeArgv($argv); try { - /* First, make sure the system configuration file has been included */ + /* Assert that the system config file exists and has been included */ if (!$this->scrottConfExists()) { $ctrl = new Sysconf(); $ctrl->handle($argv); + return; } - /* TODO */ - /* TODO -- only auth if logged out */ - else if (!$this->getCurrentUser()) + /* Assert we are running over HTTP(S), whichever is desired */ + switch ($_SCROTT['settSSL']) { - $ctrl = new Auth(); - $ctrl->handle($argv); + case "force": $this->sec_require_https(); break; + case "forbid": $this->sec_forbid_https(); break; + default: + switch (Setting::settSSL()) + { + case "force": $this->sec_require_https(); break; + case "forbid": $this->sec_forbid_https(); break; + } } - else + /* Assert that a user is logged in */ + if (!$this->getCurrentUser()) { - echo "logged in as:!"; - echo "<pre>"; - var_dump($this->getCurrentUser()); - echo "</pre>"; + $ctrl = new Auth(); + $ctrl->handle($argv); + return; } + + /* TODO */ + echo "ALL GOOD!<br />"; } catch (Exception $e) |