Verzeichnisstruktur phpBB-3.3.15
- Veröffentlicht
- 28.08.2024
So funktioniert es
|
|
Auf das letzte Element klicken. Dies geht jeweils ein Schritt zurück |
Auf das Icon klicken, dies öffnet das Verzeichnis. Nochmal klicken schließt das Verzeichnis. |
|
|
(Beispiel Datei-Icons)
|
Auf das Icon klicken um den Quellcode anzuzeigen |
FragmentListener.php
001 <?php
002
003 /*
004 * This file is part of the Symfony package.
005 *
006 * (c) Fabien Potencier <fabien@symfony.com>
007 *
008 * For the full copyright and license information, please view the LICENSE
009 * file that was distributed with this source code.
010 */
011
012 namespace Symfony\Component\HttpKernel\EventListener;
013
014 use Symfony\Component\EventDispatcher\EventSubscriberInterface;
015 use Symfony\Component\HttpFoundation\Request;
016 use Symfony\Component\HttpKernel\Event\GetResponseEvent;
017 use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
018 use Symfony\Component\HttpKernel\KernelEvents;
019 use Symfony\Component\HttpKernel\UriSigner;
020
021 /**
022 * Handles content fragments represented by special URIs.
023 *
024 * All URL paths starting with /_fragment are handled as
025 * content fragments by this listener.
026 *
027 * Throws an AccessDeniedHttpException exception if the request
028 * is not signed or if it is not an internal sub-request.
029 *
030 * @author Fabien Potencier <fabien@symfony.com>
031 */
032 class FragmentListener implements EventSubscriberInterface
033 {
034 private $signer;
035 private $fragmentPath;
036
037 /**
038 * @param UriSigner $signer A UriSigner instance
039 * @param string $fragmentPath The path that triggers this listener
040 */
041 public function __construct(UriSigner $signer, $fragmentPath = '/_fragment')
042 {
043 $this->signer = $signer;
044 $this->fragmentPath = $fragmentPath;
045 }
046
047 /**
048 * Fixes request attributes when the path is '/_fragment'.
049 *
050 * @throws AccessDeniedHttpException if the request does not come from a trusted IP
051 */
052 public function onKernelRequest(GetResponseEvent $event)
053 {
054 $request = $event->getRequest();
055
056 if ($this->fragmentPath !== rawurldecode($request->getPathInfo())) {
057 return;
058 }
059
060 if ($request->attributes->has('_controller')) {
061 // Is a sub-request: no need to parse _path but it should still be removed from query parameters as below.
062 $request->query->remove('_path');
063
064 return;
065 }
066
067 if ($event->isMasterRequest()) {
068 $this->validateRequest($request);
069 }
070
071 parse_str($request->query->get('_path', ''), $attributes);
072 $request->attributes->add($attributes);
073 $request->attributes->set('_route_params', array_replace($request->attributes->get('_route_params', []), $attributes));
074 $request->query->remove('_path');
075 }
076
077 protected function validateRequest(Request $request)
078 {
079 // is the Request safe?
080 if (!$request->isMethodSafe(false)) {
081 throw new AccessDeniedHttpException();
082 }
083
084 // is the Request signed?
085 // we cannot use $request->getUri() here as we want to work with the original URI (no query string reordering)
086 if ($this->signer->check($request->getSchemeAndHttpHost().$request->getBaseUrl().$request->getPathInfo().(null !== ($qs = $request->server->get('QUERY_STRING')) ? '?'.$qs : ''))) {
087 return;
088 }
089
090 throw new AccessDeniedHttpException();
091 }
092
093 public static function getSubscribedEvents()
094 {
095 return [
096 KernelEvents::REQUEST => [['onKernelRequest', 48]],
097 ];
098 }
099 }
100