*/
class Mage_Core_Helper_Http extends Mage_Core_Helper_Abstract
{
const XML_NODE_REMOTE_ADDR_HEADERS = 'global/remote_addr_headers';
/**
* Remote address cache
*
* @var string
*/
protected $_remoteAddr;
/**
* Validate and retrieve user and password from HTTP
*
* @return array
*/
public function authValidate($headers = null)
{
if(!is_null($headers)) {
$_SERVER = $headers;
}
$user = '';
$pass = '';
// moshe's fix for CGI
if (empty($_SERVER['HTTP_AUTHORIZATION'])) {
foreach ($_SERVER as $k=>$v) {
if (substr($k, -18)==='HTTP_AUTHORIZATION' && !empty($v)) {
$_SERVER['HTTP_AUTHORIZATION'] = $v;
break;
}
}
}
if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
$user = $_SERVER['PHP_AUTH_USER'];
$pass = $_SERVER['PHP_AUTH_PW'];
}
// IIS Note:: For HTTP Authentication to work with IIS,
// the PHP directive cgi.rfc2616_headers must be set to 0 (the default value).
elseif (!empty($_SERVER['HTTP_AUTHORIZATION'])) {
$auth = $_SERVER['HTTP_AUTHORIZATION'];
list($user, $pass) = explode(':', base64_decode(substr($auth, strpos($auth, " ") + 1)));
}
elseif (!empty($_SERVER['Authorization'])) {
$auth = $_SERVER['Authorization'];
list($user, $pass) = explode(':', base64_decode(substr($auth, strpos($auth, " ") + 1)));
}
if (!$user || !$pass) {
$this->authFailed();
}
return array($user, $pass);
}
/**
* Send auth failed Headers and exit
*
*/
public function authFailed()
{
Mage::app()->getResponse()
->setHeader('HTTP/1.1','401 Unauthorized')
->setHeader('WWW-Authenticate','Basic realm="RSS Feeds"')
->setBody('
401 Unauthorized
')
->sendResponse();
exit;
}
/**
* Retrieve Remote Addresses Additional check Headers
*
* @return array
*/
public function getRemoteAddrHeaders()
{
$headers = array();
$element = Mage::getConfig()->getNode(self::XML_NODE_REMOTE_ADDR_HEADERS);
if ($element instanceof Mage_Core_Model_Config_Element) {
foreach ($element->children() as $node) {
$headers[] = (string)$node;
}
}
return $headers;
}
/**
* Retrieve Client Remote Address
*
* @param bool $ipToLong converting IP to long format
* @return string IPv4|long
*/
public function getRemoteAddr($ipToLong = false)
{
if (is_null($this->_remoteAddr)) {
$headers = $this->getRemoteAddrHeaders();
foreach ($headers as $var) {
if ($this->_getRequest()->getServer($var, false)) {
$this->_remoteAddr = $_SERVER[$var];
break;
}
}
if (!$this->_remoteAddr) {
$this->_remoteAddr = $this->_getRequest()->getServer('REMOTE_ADDR');
}
}
if (!$this->_remoteAddr) {
return false;
}
return $ipToLong ? ip2long($this->_remoteAddr) : $this->_remoteAddr;
}
/**
* Retrieve Server IP address
*
* @param bool $ipToLong converting IP to long format
* @return string IPv4|long
*/
public function getServerAddr($ipToLong = false)
{
$address = $this->_getRequest()->getServer('SERVER_ADDR');
if (!$address) {
return false;
}
return $ipToLong ? ip2long($address) : $address;
}
/**
* Retrieve HTTP "clean" value
*
* @param string $var
* @param boolean $clean clean non UTF-8 characters
* @return string
*/
protected function _getHttpCleanValue($var, $clean = true)
{
$value = $this->_getRequest()->getServer($var, '');
if ($clean) {
$value = Mage::helper('core/string')->cleanString($value);
}
return $value;
}
/**
* Retrieve HTTP HOST
*
* @param boolean $clean clean non UTF-8 characters
* @return string
*/
public function getHttpHost($clean = true)
{
return $this->_getHttpCleanValue('HTTP_HOST', $clean);
}
/**
* Retrieve HTTP USER AGENT
*
* @param boolean $clean clean non UTF-8 characters
* @return string
*/
public function getHttpUserAgent($clean = true)
{
return $this->_getHttpCleanValue('HTTP_USER_AGENT', $clean);
}
/**
* Retrieve HTTP ACCEPT LANGUAGE
*
* @param boolean $clean clean non UTF-8 characters
* @return string
*/
public function getHttpAcceptLanguage($clean = true)
{
return $this->_getHttpCleanValue('HTTP_ACCEPT_LANGUAGE', $clean);
}
/**
* Retrieve HTTP ACCEPT CHARSET
*
* @param boolean $clean clean non UTF-8 characters
* @return string
*/
public function getHttpAcceptCharset($clean = true)
{
return $this->_getHttpCleanValue('HTTP_ACCEPT_CHARSET', $clean);
}
/**
* Retrieve HTTP REFERER
*
* @param boolean $clean clean non UTF-8 characters
* @return string
*/
public function getHttpReferer($clean = true)
{
return $this->_getHttpCleanValue('HTTP_REFERER', $clean);
}
/**
* Returns the REQUEST_URI taking into account
* platform differences between Apache and IIS
*
* @param boolean $clean clean non UTF-8 characters
* @return string
*/
public function getRequestUri($clean = false)
{
$uri = $this->_getRequest()->getRequestUri();
if ($clean) {
$uri = Mage::helper('core/string')->cleanString($uri);
}
return $uri;
}
/**
* Validate IP address
*
* @param string $address
* @return boolean
*/
public function validateIpAddr($address)
{
return preg_match('#^(1?\d{1,2}|2([0-4]\d|5[0-5]))(\.(1?\d{1,2}|2([0-4]\d|5[0-5]))){3}$#', $address);
}
}