diff --git a/app/Exceptions/Handler.php b/app/Exceptions/Handler.php index 0eecaba698cb..f7c818efde24 100644 --- a/app/Exceptions/Handler.php +++ b/app/Exceptions/Handler.php @@ -3,11 +3,13 @@ use Redirect; use Utils; use Exception; +use Crawler; use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler; use Illuminate\Http\Exception\HttpResponseException; use Illuminate\Auth\Access\AuthorizationException; use Illuminate\Database\Eloquent\ModelNotFoundException; use Symfony\Component\HttpKernel\Exception\HttpException; +use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; use Illuminate\Validation\ValidationException; /** @@ -39,10 +41,14 @@ class Handler extends ExceptionHandler public function report(Exception $e) { // don't show these errors in the logs - if ($e instanceof HttpResponseException) { + if ($e instanceof NotFoundHttpException) { + if (Crawler::isCrawler()) { + return false; + } + } elseif ($e instanceof HttpResponseException) { return false; } - + if (Utils::isNinja() && ! Utils::isTravis()) { Utils::logError(Utils::getErrorString($e)); return false; @@ -83,7 +89,7 @@ class Handler extends ExceptionHandler 'error' => get_class($e), 'hideHeader' => true, ]; - + return response()->view('error', $data); } else { return parent::render($request, $e); diff --git a/app/Http/Controllers/AccountController.php b/app/Http/Controllers/AccountController.php index a3c37bb1033a..4c6e67893f97 100644 --- a/app/Http/Controllers/AccountController.php +++ b/app/Http/Controllers/AccountController.php @@ -901,7 +901,26 @@ class AccountController extends BaseController if (Input::get('custom_link') == 'subdomain') { $subdomain = preg_replace('/[^a-zA-Z0-9_\-\.]/', '', substr(strtolower(Input::get('subdomain')), 0, MAX_SUBDOMAIN_LENGTH)); - $exclude = ['www', 'app', 'mail', 'admin', 'blog', 'user', 'contact', 'payment', 'payments', 'billing', 'invoice', 'business', 'owner', 'info', 'ninja']; + $exclude = [ + 'www', + 'app', + 'mail', + 'admin', + 'blog', + 'user', + 'contact', + 'payment', + 'payments', + 'billing', + 'invoice', + 'business', + 'owner', + 'info', + 'ninja', + 'docs', + 'doc', + 'documents' + ]; $rules['subdomain'] = "unique:accounts,subdomain,{$user->account_id},id|not_in:" . implode(',', $exclude); } else { $iframeURL = preg_replace('/[^a-zA-Z0-9_\-\:\/\.]/', '', substr(strtolower(Input::get('iframe_url')), 0, MAX_IFRAME_URL_LENGTH)); diff --git a/app/Http/Middleware/ApiCheck.php b/app/Http/Middleware/ApiCheck.php index 19181b8da514..3561695e5cb4 100644 --- a/app/Http/Middleware/ApiCheck.php +++ b/app/Http/Middleware/ApiCheck.php @@ -42,7 +42,7 @@ class ApiCheck { // check if user is archived if ($token && $token->user) { - Auth::loginUsingId($token->user_id); + Auth::onceUsingId($token->user_id); Session::set('token_id', $token->id); } else { sleep(ERROR_DELAY); diff --git a/app/Http/Requests/UpdateUserRequest.php b/app/Http/Requests/UpdateUserRequest.php index 7b61a4f745ee..fbae72e52899 100644 --- a/app/Http/Requests/UpdateUserRequest.php +++ b/app/Http/Requests/UpdateUserRequest.php @@ -2,9 +2,9 @@ use Auth; -class UpdateUserRequest extends Request +class UpdateUserRequest extends EntityReques { - // Expenses + // Expenses /** * Determine if the user is authorized to make this request. * @@ -12,7 +12,7 @@ class UpdateUserRequest extends Request */ public function authorize() { - return $this->user()->can('edit', $this->entity()); + return Auth::user()->is_admin || $this->user()->id == Auth::user()->id; } /** diff --git a/composer.json b/composer.json index c9a307e16522..fa1744a8a11a 100644 --- a/composer.json +++ b/composer.json @@ -80,7 +80,8 @@ "collizo4sky/omnipay-wepay": "dev-additional-calls", "barryvdh/laravel-ide-helper": "~2.2", "barryvdh/laravel-debugbar": "~2.2", - "fzaninotto/faker": "^1.5" + "fzaninotto/faker": "^1.5", + "jaybizzle/laravel-crawler-detect": "1.*" }, "require-dev": { "phpunit/phpunit": "~4.0", diff --git a/composer.lock b/composer.lock index 713793fbc745..9644c8319deb 100644 --- a/composer.lock +++ b/composer.lock @@ -4,8 +4,8 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "hash": "12e15e592f20359ad1085b77289bcaaa", - "content-hash": "6eafb74ed8d18816511ecbca4498304b", + "hash": "58fb4c4de809dbd2c62e2701e4c31b12", + "content-hash": "308faa59f58a34174062714c7c9c5c48", "packages": [ { "name": "agmscode/omnipay-agms", @@ -2727,6 +2727,103 @@ ], "time": "2015-04-20 18:58:01" }, + { + "name": "jaybizzle/crawler-detect", + "version": "v1.2.13", + "source": { + "type": "git", + "url": "https://github.com/JayBizzle/Crawler-Detect.git", + "reference": "c91439a41bda3f9eec50c13118b55ad0478fb172" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/JayBizzle/Crawler-Detect/zipball/c91439a41bda3f9eec50c13118b55ad0478fb172", + "reference": "c91439a41bda3f9eec50c13118b55ad0478fb172", + "shasum": "" + }, + "require": { + "php": ">=5.3.0" + }, + "require-dev": { + "phpunit/phpunit": "*" + }, + "type": "library", + "autoload": { + "psr-4": { + "Jaybizzle\\CrawlerDetect\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Mark Beech", + "email": "m@rkbee.ch", + "role": "Developer" + } + ], + "description": "CrawlerDetect is a PHP class for detecting bots/crawlers/spiders via the user agent", + "homepage": "https://github.com/JayBizzle/Crawler-Detect/", + "keywords": [ + "crawler", + "crawler detect", + "crawler detector", + "crawlerdetect", + "php crawler detect" + ], + "time": "2016-08-09 17:10:52" + }, + { + "name": "jaybizzle/laravel-crawler-detect", + "version": "v1.0.2", + "source": { + "type": "git", + "url": "https://github.com/JayBizzle/Laravel-Crawler-Detect.git", + "reference": "58d1f788b68e622b860112584430dd549ad2d3d3" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/JayBizzle/Laravel-Crawler-Detect/zipball/58d1f788b68e622b860112584430dd549ad2d3d3", + "reference": "58d1f788b68e622b860112584430dd549ad2d3d3", + "shasum": "" + }, + "require": { + "jaybizzle/crawler-detect": "1.*", + "php": ">=5.4.0" + }, + "require-dev": { + "orchestra/testbench": "3.0.*" + }, + "type": "library", + "autoload": { + "psr-4": { + "Jaybizzle\\LaravelCrawlerDetect\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Mark Beech", + "email": "mbeech@mark-beech.co.uk" + } + ], + "description": "A Laravel package to detect web crawlers via user agents", + "homepage": "http://github.com/JayBizzle/Laravel-Crawler-Detect", + "keywords": [ + "bot", + "crawler", + "detect", + "laravel", + "spider", + "user-agent" + ], + "time": "2015-08-12 20:38:34" + }, { "name": "jeremeamia/SuperClosure", "version": "2.2.0", diff --git a/config/app.php b/config/app.php index 30df9f6caf10..7ef56f68f042 100644 --- a/config/app.php +++ b/config/app.php @@ -154,6 +154,7 @@ return [ 'Jlapp\Swaggervel\SwaggervelServiceProvider', 'Maatwebsite\Excel\ExcelServiceProvider', Websight\GcsProvider\CloudStorageServiceProvider::class, + 'Jaybizzle\LaravelCrawlerDetect\LaravelCrawlerDetectServiceProvider', /* * Application Service Providers... @@ -255,7 +256,8 @@ return [ 'Socialite' => 'Laravel\Socialite\Facades\Socialite', 'Excel' => 'Maatwebsite\Excel\Facades\Excel', 'PushNotification' => 'Davibennun\LaravelPushNotification\Facades\PushNotification', - + 'Crawler' => 'Jaybizzle\LaravelCrawlerDetect\Facades\LaravelCrawlerDetect', + ], ]; diff --git a/resources/views/emails/design2_html.blade.php b/resources/views/emails/design2_html.blade.php index e76e4514bb70..7cb29e87652d 100644 --- a/resources/views/emails/design2_html.blade.php +++ b/resources/views/emails/design2_html.blade.php @@ -12,7 +12,7 @@ -
-