diff options
Diffstat (limited to 'app/class/controller.class.php')
| -rw-r--r-- | app/class/controller.class.php | 66 |
1 files changed, 0 insertions, 66 deletions
diff --git a/app/class/controller.class.php b/app/class/controller.class.php deleted file mode 100644 index 0ab1a69..0000000 --- a/app/class/controller.class.php +++ /dev/null @@ -1,66 +0,0 @@ -<?php - -/* - * SCROTT Copyright (C) 2016 Malf Furious - * - * Scrott is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published - * by the Free Software Foundation, either version 3 of the License, - * or (at your option) any later version. - * - * Scrott is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public - * License for more details. - */ - -require_once "class/framework.class.php"; - -/* - * Abstract controller -- Contains app security constraints and provides access to - * framework internals from concrete controllers - */ -abstract class Controller extends Framework -{ - /* - * Abstract function for concrete controller to handle the page request - */ - abstract function handle($argv); - - /* - * Security check - * Assert that the current connection to this server is secure. Redirects if not. - */ - function sec_require_https() - { - if (!isset($_SERVER['HTTPS'])) - $this->redirectTo("https://" . $_SERVER['SERVER_NAME'] . $this->ap()); - } - - /* - * Security check - * Assert that the current connection to this server is NOT secure. Redirects if not. - */ - function sec_forbid_https() - { - if (isset($_SERVER['HTTPS'])) - $this->redirectTo("http://" . $_SERVER['SERVER_NAME'] . $this->ap()); - } - - /* - * Security check - * Assert that the client's IP address does not change during its session. If a change is detected, logout. - */ - function sec_verify_ip() - { - $addr = $_SERVER['REMOTE_ADDR']; - - if ($this->getCurrentUser() && $addr != $this->getOriginIP()) - { - $this->setCurrentUser(); - $this->redirectTo($this->ar() . "/"); - } - } -} - -?> |