diff options
Diffstat (limited to 'app')
-rw-r--r-- | app/controller/root.control.php | 33 |
1 files changed, 22 insertions, 11 deletions
diff --git a/app/controller/root.control.php b/app/controller/root.control.php index 2c60faf..5b5dd8f 100644 --- a/app/controller/root.control.php +++ b/app/controller/root.control.php @@ -1,6 +1,7 @@ <?php require_once "class/controller.class.php"; +require_once "class/setting.class.php"; require_once "controller/sysconf.control.php"; require_once "controller/except.control.php"; require_once "controller/auth.control.php"; @@ -18,32 +19,42 @@ class Root extends Controller { /* TODO -- Authentication (login / logout / register) MVC */ + global $_SCROTT; $argv = $this->normalizeArgv($argv); try { - /* First, make sure the system configuration file has been included */ + /* Assert that the system config file exists and has been included */ if (!$this->scrottConfExists()) { $ctrl = new Sysconf(); $ctrl->handle($argv); + return; } - /* TODO */ - /* TODO -- only auth if logged out */ - else if (!$this->getCurrentUser()) + /* Assert we are running over HTTP(S), whichever is desired */ + switch ($_SCROTT['settSSL']) { - $ctrl = new Auth(); - $ctrl->handle($argv); + case "force": $this->sec_require_https(); break; + case "forbid": $this->sec_forbid_https(); break; + default: + switch (Setting::settSSL()) + { + case "force": $this->sec_require_https(); break; + case "forbid": $this->sec_forbid_https(); break; + } } - else + /* Assert that a user is logged in */ + if (!$this->getCurrentUser()) { - echo "logged in as:!"; - echo "<pre>"; - var_dump($this->getCurrentUser()); - echo "</pre>"; + $ctrl = new Auth(); + $ctrl->handle($argv); + return; } + + /* TODO */ + echo "ALL GOOD!<br />"; } catch (Exception $e) |