* @link https://github.com/pradosoft/prado
* @copyright Copyright © 2005-2016 The PRADO Group
* @license https://github.com/pradosoft/prado/blob/master/COPYRIGHT
* @package System.Web
*/
/**
* Includes the THttpResponse adapter.
*/
Prado::using('System.Web.THttpResponseAdapter');
/**
* THttpResponse class
*
* THttpResponse implements the mechanism for sending output to client users.
*
* To output a string to client, use {@link write()}. By default, the output is
* buffered until {@link flush()} is called or the application ends. The output in
* the buffer can also be cleaned by {@link clear()}. To disable output buffering,
* set BufferOutput property to false.
*
* To send cookies to client, use {@link getCookies()}.
* To redirect client browser to a new URL, use {@link redirect()}.
* To send a file to client, use {@link writeFile()}.
*
* By default, THttpResponse is registered with {@link TApplication} as the
* response module. It can be accessed via {@link TApplication::getResponse()}.
*
* THttpResponse may be configured in application configuration file as follows
*
*
*
* where {@link getCacheExpire CacheExpire}, {@link getCacheControl CacheControl}
* and {@link getBufferOutput BufferOutput} are optional properties of THttpResponse.
*
* THttpResponse sends charset header if either {@link setCharset() Charset}
* or {@link TGlobalization::setCharset() TGlobalization.Charset} is set.
*
* Since 3.1.2, HTTP status code can be set with the {@link setStatusCode StatusCode} property.
*
* Note: Some HTTP Status codes can require additional header or body information. So, if you use {@link setStatusCode StatusCode}
* in your application, be sure to add theses informations.
* E.g : to make an http authentication :
*
* public function clickAuth ($sender, $param)
* {
* $response=$this->getResponse();
* $response->setStatusCode(401);
* $response->appendHeader('WWW-Authenticate: Basic realm="Test"');
* }
*
*
* This event handler will sent the 401 status code (Unauthorized) to the browser, with the WWW-Authenticate header field. This
* will force the browser to ask for a username and a password.
*
* @author Qiang Xue
* @package System.Web
* @since 3.0
*/
class THttpResponse extends TModule implements ITextWriter
{
const DEFAULT_CONTENTTYPE = 'text/html';
const DEFAULT_CHARSET = 'UTF-8';
/**
* @var The differents defined status code by RFC 2616 {@link http://www.faqs.org/rfcs/rfc2616}
*/
private static $HTTP_STATUS_CODES = array(
100 => 'Continue', 101 => 'Switching Protocols',
200 => 'OK', 201 => 'Created', 202 => 'Accepted', 203 => 'Non-Authoritative Information', 204 => 'No Content', 205 => 'Reset Content', 206 => 'Partial Content',
300 => 'Multiple Choices', 301 => 'Moved Permanently', 302 => 'Found', 303 => 'See Other', 304 => 'Not Modified', 305 => 'Use Proxy', 307 => 'Temporary Redirect',
400 => 'Bad Request', 401 => 'Unauthorized', 402 => 'Payment Required', 403 => 'Forbidden', 404 => 'Not Found', 405 => 'Method Not Allowed', 406 => 'Not Acceptable', 407 => 'Proxy Authentication Required', 408 => 'Request Time-out', 409 => 'Conflict', 410 => 'Gone', 411 => 'Length Required', 412 => 'Precondition Failed', 413 => 'Request Entity Too Large', 414 => 'Request-URI Too Large', 415 => 'Unsupported Media Type', 416 => 'Requested range not satisfiable', 417 => 'Expectation Failed',
500 => 'Internal Server Error', 501 => 'Not Implemented', 502 => 'Bad Gateway', 503 => 'Service Unavailable', 504 => 'Gateway Time-out', 505 => 'HTTP Version not supported'
);
/**
* @var boolean whether to buffer output
*/
private $_bufferOutput=true;
/**
* @var boolean if the application is initialized
*/
private $_initialized=false;
/**
* @var THttpCookieCollection list of cookies to return
*/
private $_cookies=null;
/**
* @var integer response status code
*/
private $_status=200;
/**
* @var string reason correspond to status code
*/
private $_reason='OK';
/**
* @var string HTML writer type
*/
private $_htmlWriterType='System.Web.UI.THtmlWriter';
/**
* @var string content type
*/
private $_contentType=null;
/**
* @var string|boolean character set, e.g. UTF-8 or false if no character set should be send to client
*/
private $_charset='';
/**
* @var THttpResponseAdapter adapter.
*/
private $_adapter;
/**
* @var boolean whether http response header has been sent
*/
private $_httpHeaderSent;
/**
* @var boolean whether content-type header has been sent
*/
private $_contentTypeHeaderSent;
/**
* Destructor.
* Flushes any existing content in buffer.
*/
public function __destruct()
{
//if($this->_bufferOutput)
// @ob_end_flush();
}
/**
* @param THttpResponseAdapter response adapter
*/
public function setAdapter(THttpResponseAdapter $adapter)
{
$this->_adapter=$adapter;
}
/**
* @return THttpResponseAdapter response adapter, null if not exist.
*/
public function getAdapter()
{
return $this->_adapter;
}
/**
* @return boolean true if adapter exists, false otherwise.
*/
public function getHasAdapter()
{
return $this->_adapter!==null;
}
/**
* Initializes the module.
* This method is required by IModule and is invoked by application.
* It starts output buffer if it is enabled.
* @param TXmlElement module configuration
*/
public function init($config)
{
if($this->_bufferOutput)
ob_start();
$this->_initialized=true;
$this->getApplication()->setResponse($this);
}
/**
* @return integer time-to-live for cached session pages in minutes, this has no effect for nocache limiter. Defaults to 180.
*/
public function getCacheExpire()
{
return session_cache_expire();
}
/**
* @param integer time-to-live for cached session pages in minutes, this has no effect for nocache limiter.
*/
public function setCacheExpire($value)
{
session_cache_expire(TPropertyValue::ensureInteger($value));
}
/**
* @return string cache control method to use for session pages
*/
public function getCacheControl()
{
return session_cache_limiter();
}
/**
* @param string cache control method to use for session pages. Valid values
* include none/nocache/private/private_no_expire/public
*/
public function setCacheControl($value)
{
session_cache_limiter(TPropertyValue::ensureEnum($value,array('none','nocache','private','private_no_expire','public')));
}
/**
* @return string content type, default is text/html
*/
public function setContentType($type)
{
if ($this->_contentTypeHeaderSent)
throw new Exception('Unable to alter content-type as it has been already sent');
$this->_contentType = $type;
}
/**
* @return string current content type
*/
public function getContentType()
{
return $this->_contentType;
}
/**
* @return string|boolean output charset.
*/
public function getCharset()
{
return $this->_charset;
}
/**
* @param string|boolean output charset.
*/
public function setCharset($charset)
{
$this->_charset = (strToLower($charset) === 'false') ? false : (string)$charset;
}
/**
* @return boolean whether to enable output buffer
*/
public function getBufferOutput()
{
return $this->_bufferOutput;
}
/**
* @param boolean whether to enable output buffer
* @throws TInvalidOperationException if session is started already
*/
public function setBufferOutput($value)
{
if($this->_initialized)
throw new TInvalidOperationException('httpresponse_bufferoutput_unchangeable');
else
$this->_bufferOutput=TPropertyValue::ensureBoolean($value);
}
/**
* @return integer HTTP status code, defaults to 200
*/
public function getStatusCode()
{
return $this->_status;
}
/**
* Set the HTTP status code for the response.
* The code and its reason will be sent to client using the currently requested http protocol version (see {@link THttpRequest::getHttpProtocolVersion})
* Keep in mind that HTTP/1.0 clients might not understand all status codes from HTTP/1.1
*
* @param integer HTTP status code
* @param string HTTP status reason, defaults to standard HTTP reasons
*/
public function setStatusCode($status, $reason=null)
{
if ($this->_httpHeaderSent)
throw new Exception('Unable to alter response as HTTP header already sent');
$status=TPropertyValue::ensureInteger($status);
if(isset(self::$HTTP_STATUS_CODES[$status])) {
$this->_reason=self::$HTTP_STATUS_CODES[$status];
}else{
if($reason===null || $reason==='') {
throw new TInvalidDataValueException("response_status_reason_missing");
}
$reason=TPropertyValue::ensureString($reason);
if(strpos($reason, "\r")!=false || strpos($reason, "\n")!=false) {
throw new TInvalidDataValueException("response_status_reason_barchars");
}
$this->_reason=$reason;
}
$this->_status=$status;
}
/**
* @param string HTTP status reason
*/
public function getStatusReason() {
return $this->_reason;
}
/**
* @return THttpCookieCollection list of output cookies
*/
public function getCookies()
{
if($this->_cookies===null)
$this->_cookies=new THttpCookieCollection($this);
return $this->_cookies;
}
/**
* Outputs a string.
* It may not be sent back to user immediately if output buffer is enabled.
* @param string string to be output
*/
public function write($str)
{
// when starting output make sure we send the headers first
if (!$this->_bufferOutput and !$this->_httpHeaderSent)
$this->ensureHeadersSent();
echo $str;
}
/**
* Sends a file back to user.
* Make sure not to output anything else after calling this method.
* @param string file name
* @param string content to be set. If null, the content will be read from the server file pointed to by $fileName.
* @param string mime type of the content.
* @param array list of headers to be sent. Each array element represents a header string (e.g. 'Content-Type: text/plain').
* @param boolean force download of file, even if browser able to display inline. Defaults to 'true'.
* @param string force a specific file name on client side. Defaults to 'null' means auto-detect.
* @param integer size of file or content in bytes if already known. Defaults to 'null' means auto-detect.
* @throws TInvalidDataValueException if the file cannot be found
*/
public function writeFile($fileName,$content=null,$mimeType=null,$headers=null,$forceDownload=true,$clientFileName=null,$fileSize=null)
{
static $defaultMimeTypes=array(
'css'=>'text/css',
'gif'=>'image/gif',
'png'=>'image/png',
'jpg'=>'image/jpeg',
'jpeg'=>'image/jpeg',
'htm'=>'text/html',
'html'=>'text/html',
'js'=>'javascript/js',
'pdf'=>'application/pdf',
'xls'=>'application/vnd.ms-excel',
);
if($mimeType===null)
{
$mimeType='text/plain';
if(function_exists('mime_content_type'))
$mimeType=mime_content_type($fileName);
else if(($ext=strrchr($fileName,'.'))!==false)
{
$ext=substr($ext,1);
if(isset($defaultMimeTypes[$ext]))
$mimeType=$defaultMimeTypes[$ext];
}
}
if($clientFileName===null)
$clientFileName=basename($fileName);
else
$clientFileName=basename($clientFileName);
if($fileSize===null || $fileSize < 0)
$fileSize = ($content===null?filesize($fileName):strlen($content));
$this->sendHttpHeader();
if(is_array($headers))
{
foreach($headers as $h)
header($h);
}
else
{
header('Pragma: public');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header("Content-Type: $mimeType");
$this->_contentTypeHeaderSent = true;
}
header('Content-Length: '.$fileSize);
header("Content-Disposition: " . ($forceDownload ? 'attachment' : 'inline') . "; filename=\"$clientFileName\"");
header('Content-Transfer-Encoding: binary');
if($content===null)
readfile($fileName);
else
echo $content;
}
/**
* Redirects the browser to the specified URL.
* The current application will be terminated after this method is invoked.
* @param string URL to be redirected to. If the URL is a relative one, the base URL of
* the current request will be inserted at the beginning.
*/
public function redirect($url)
{
if($this->getHasAdapter())
$this->_adapter->httpRedirect($url);
else
$this->httpRedirect($url);
}
/**
* Redirect the browser to another URL and exists the current application.
* This method is used internally. Please use {@link redirect} instead.
*
* @since 3.1.5
* You can set the set {@link setStatusCode StatusCode} to a value between 300 and 399 before
* calling this function to change the type of redirection.
* If not specified, StatusCode will be 302 (Found) by default
*
* @param string URL to be redirected to. If the URL is a relative one, the base URL of
* the current request will be inserted at the beginning.
*/
public function httpRedirect($url)
{
$this->ensureHeadersSent();
// Under IIS, explicitly send an HTTP response including the status code
// this is handled automatically by PHP on Apache and others
$isIIS = (stripos($this->getRequest()->getServerSoftware(), "microsoft-iis") !== false);
if($url[0]==='/')
$url=$this->getRequest()->getBaseUrl().$url;
if ($this->_status >= 300 && $this->_status < 400)
{
// The status code has been modified to a valid redirection status, send it
if($isIIS)
{
header('HTTP/1.1 ' . $this->_status . ' ' . self::$HTTP_STATUS_CODES[
array_key_exists($this->_status, self::$HTTP_STATUS_CODES)
? $this->_status
: 302
]);
}
header('Location: '.str_replace('&','&',$url), true, $this->_status);
} else {
if($isIIS)
header('HTTP/1.1 302 '.self::$HTTP_STATUS_CODES[302]);
header('Location: '.str_replace('&','&',$url));
}
if(!$this->getApplication()->getRequestCompleted())
$this->getApplication()->onEndRequest();
exit();
}
/**
* Reloads the current page.
* The effect of this method call is the same as user pressing the
* refresh button on his browser (without post data).
**/
public function reload()
{
$this->redirect($this->getRequest()->getRequestUri());
}
/**
* Flush the response contents and headers.
*/
public function flush($continueBuffering = true)
{
if($this->getHasAdapter())
$this->_adapter->flushContent($continueBuffering);
else
$this->flushContent($continueBuffering);
}
/**
* Ensures that HTTP response and content-type headers are sent
*/
public function ensureHeadersSent()
{
$this->ensureHttpHeaderSent();
$this->ensureContentTypeHeaderSent();
}
/**
* Outputs the buffered content, sends content-type and charset header.
* This method is used internally. Please use {@link flush} instead.
* @param boolean whether to continue buffering after flush if buffering was active
*/
public function flushContent($continueBuffering = true)
{
Prado::trace("Flushing output",'System.Web.THttpResponse');
$this->ensureHeadersSent();
if($this->_bufferOutput)
{
// avoid forced send of http headers (ob_flush() does that) if there's no output yet
if (ob_get_length()>0)
{
if (!$continueBuffering)
{
$this->_bufferOutput = false;
ob_end_flush();
}
else
ob_flush();
flush();
}
}
else
flush();
}
/**
* Ensures that the HTTP header with the status code and status reason are sent
*/
protected function ensureHttpHeaderSent()
{
if (!$this->_httpHeaderSent)
$this->sendHttpHeader();
}
/**
* Send the HTTP header with the status code (defaults to 200) and status reason (defaults to OK)
*/
protected function sendHttpHeader()
{
$protocol=$this->getRequest()->getHttpProtocolVersion();
if($this->getRequest()->getHttpProtocolVersion() === null)
$protocol='HTTP/1.1';
$phpSapiName = substr(php_sapi_name(), 0, 3);
$cgi = $phpSapiName == 'cgi' || $phpSapiName == 'fpm';
header(($cgi ? 'Status:' : $protocol).' '.$this->_status.' '.$this->_reason, true, TPropertyValue::ensureInteger($this->_status));
$this->_httpHeaderSent = true;
}
/**
* Ensures that the HTTP header with the status code and status reason are sent
*/
protected function ensureContentTypeHeaderSent()
{
if (!$this->_contentTypeHeaderSent)
$this->sendContentTypeHeader();
}
/**
* Sends content type header with optional charset.
*/
protected function sendContentTypeHeader()
{
$contentType=$this->_contentType===null?self::DEFAULT_CONTENTTYPE:$this->_contentType;
$charset=$this->getCharset();
if($charset === false) {
$this->appendHeader('Content-Type: '.$contentType);
return;
}
if($charset==='' && ($globalization=$this->getApplication()->getGlobalization(false))!==null)
$charset=$globalization->getCharset();
if($charset==='') $charset = self::DEFAULT_CHARSET;
$this->appendHeader('Content-Type: '.$contentType.';charset='.$charset);
$this->_contentTypeHeaderSent = true;
}
/**
* Returns the content in the output buffer.
* The buffer will NOT be cleared after calling this method.
* Use {@link clear()} is you want to clear the buffer.
* @return string output that is in the buffer.
*/
public function getContents()
{
Prado::trace("Retrieving output",'System.Web.THttpResponse');
return $this->_bufferOutput?ob_get_contents():'';
}
/**
* Clears any existing buffered content.
*/
public function clear()
{
if($this->_bufferOutput)
ob_clean();
Prado::trace("Clearing output",'System.Web.THttpResponse');
}
/**
* @param integer|null Either {@link CASE_UPPER} or {@link CASE_LOWER} or as is null (default)
* @return array
*/
public function getHeaders($case=null)
{
$result = array();
$headers = headers_list();
foreach($headers as $header) {
$tmp = explode(':', $header);
$key = trim(array_shift($tmp));
$value = trim(implode(':', $tmp));
if(isset($result[$key]))
$result[$key] .= ', ' . $value;
else
$result[$key] = $value;
}
if($case !== null)
return array_change_key_case($result, $case);
return $result;
}
/**
* Sends a header.
* @param string header
* @param boolean whether the header should replace a previous similar header, or add a second header of the same type
*/
public function appendHeader($value, $replace=true)
{
Prado::trace("Sending header '$value'",'System.Web.THttpResponse');
header($value, $replace);
}
/**
* Writes a log message into error log.
* This method is simple wrapper of PHP function error_log.
* @param string The error message that should be logged
* @param integer where the error should go
* @param string The destination. Its meaning depends on the message parameter as described above
* @param string The extra headers. It's used when the message parameter is set to 1. This message type uses the same internal function as mail() does.
* @see http://us2.php.net/manual/en/function.error-log.php
*/
public function appendLog($message,$messageType=0,$destination='',$extraHeaders='')
{
error_log($message,$messageType,$destination,$extraHeaders);
}
/**
* Sends a cookie.
* Do not call this method directly. Operate with the result of {@link getCookies} instead.
* @param THttpCookie cook to be sent
*/
public function addCookie($cookie)
{
$request=$this->getRequest();
if($request->getEnableCookieValidation())
{
$value=$this->getApplication()->getSecurityManager()->hashData($cookie->getValue());
setcookie(
$cookie->getName(),
$value,
$cookie->getExpire(),
$cookie->getPath(),
$cookie->getDomain(),
$cookie->getSecure(),
$cookie->getHttpOnly()
);
}
else {
setcookie(
$cookie->getName(),
$cookie->getValue(),
$cookie->getExpire(),
$cookie->getPath(),
$cookie->getDomain(),
$cookie->getSecure(),
$cookie->getHttpOnly()
);
}
}
/**
* Deletes a cookie.
* Do not call this method directly. Operate with the result of {@link getCookies} instead.
* @param THttpCookie cook to be deleted
*/
public function removeCookie($cookie)
{
setcookie(
$cookie->getName(),
null,
0,
$cookie->getPath(),
$cookie->getDomain(),
$cookie->getSecure(),
$cookie->getHttpOnly()
);
}
/**
* @return string the type of HTML writer to be used, defaults to THtmlWriter
*/
public function getHtmlWriterType()
{
return $this->_htmlWriterType;
}
/**
* @param string the type of HTML writer to be used, may be the class name or the namespace
*/
public function setHtmlWriterType($value)
{
$this->_htmlWriterType=$value;
}
/**
* Creates a new instance of HTML writer.
* If the type of the HTML writer is not supplied, {@link getHtmlWriterType HtmlWriterType} will be assumed.
* @param string type of the HTML writer to be created. If null, {@link getHtmlWriterType HtmlWriterType} will be assumed.
*/
public function createHtmlWriter($type=null)
{
if($type===null)
$type=$this->getHtmlWriterType();
if($this->getHasAdapter())
return $this->_adapter->createNewHtmlWriter($type, $this);
else
return $this->createNewHtmlWriter($type, $this);
}
/**
* Create a new html writer instance.
* This method is used internally. Please use {@link createHtmlWriter} instead.
* @param string type of HTML writer to be created.
* @param ITextWriter text writer holding the contents.
*/
public function createNewHtmlWriter($type, $writer)
{
return Prado::createComponent($type, $writer);
}
}