/** * Listens for 'frontcontroller.predispatch'. * * @param Zikula_Event $event * * @return void */ public function siteOff(Zikula_Event $event) { // Get variables $module = FormUtil::getPassedValue('module', '', 'GETPOST', FILTER_SANITIZE_STRING); $func = FormUtil::getPassedValue('func', '', 'GETPOST', FILTER_SANITIZE_STRING); // Check for site closed if (System::getVar('siteoff') && !SecurityUtil::checkPermission('Settings::', 'SiteOff::', ACCESS_ADMIN) && !($module == 'Users' && $func == 'siteofflogin') || Zikula_Core::VERSION_NUM != System::getVar('Version_Num')) { if (SecurityUtil::checkPermission('Users::', '::', ACCESS_OVERVIEW) && UserUtil::isLoggedIn()) { UserUtil::logout(); } header('HTTP/1.1 503 Service Unavailable'); require_once System::getSystemErrorTemplate('siteoff.tpl'); System::shutdown(); } }
public function onKernelRequestSiteOff(GetResponseEvent $event) { if (!$event->isMasterRequest()) { return; } $response = $event->getResponse(); $request = $event->getRequest(); if ($response instanceof PlainResponse || $response instanceof JsonResponse || $request->isXmlHttpRequest()) { return; } if (\System::isInstalling()) { return; } // Get variables $module = strtolower($request->query->get('module')); $type = strtolower($request->query->get('type')); $func = strtolower($request->query->get('func')); $siteOff = (bool) \System::getVar('siteoff'); $hasAdminPerms = \SecurityUtil::checkPermission('ZikulaSettingsModule::', 'SiteOff::', ACCESS_ADMIN); $urlParams = $module == 'users' && $type == 'user' && $func == 'siteofflogin'; // params are lowercase $versionCheck = \Zikula_Core::VERSION_NUM != \System::getVar('Version_Num'); // Check for site closed if ($siteOff && !$hasAdminPerms && !$urlParams || $versionCheck) { $hasOnlyOverviewAccess = \SecurityUtil::checkPermission('ZikulaUsersModule::', '::', ACCESS_OVERVIEW); if ($hasOnlyOverviewAccess && \UserUtil::isLoggedIn()) { \UserUtil::logout(); } // initialise the language system to enable translations (#1764) $lang = \ZLanguage::getInstance(); $lang->setup($request); $response = new Response(); $response->headers->add(array('HTTP/1.1 503 Service Unavailable')); $response->setStatusCode(503); $content = (require_once \System::getSystemErrorTemplate('siteoff.tpl')); // move to CoreBundle and use Twig $response->setContent($content); $event->setResponse($response); $event->stopPropagation(); } }
/** * Initialise Zikula. * * Carries out a number of initialisation tasks to get Zikula up and * running. * * @param integer $stage Stage to load. * * @return boolean True initialisation successful false otherwise. */ public function init($stage = self::STAGE_ALL) { $coreInitEvent = new Zikula_Event('core.init', $this); // store the load stages in a global so other API's can check whats loaded $this->stage = $this->stage | $stage; if ($stage & self::STAGE_PRE && $this->stage & ~self::STAGE_PRE) { ModUtil::flushCache(); System::flushCache(); $this->eventManager->notify(new Zikula_Event('core.preinit', $this)); } // Initialise and load configuration if ($stage & self::STAGE_CONFIG) { if (System::isLegacyMode()) { require_once 'lib/legacy/Compat.php'; } // error reporting if (!System::isInstalling()) { // this is here because it depends on the config.php loading. $event = new Zikula_Event('setup.errorreporting', null, array('stage' => $stage)); $this->eventManager->notify($event); } // initialise custom event listeners from config.php settings $coreInitEvent->setArg('stage', self::STAGE_CONFIG); $this->eventManager->notify($coreInitEvent); } // Check that Zikula is installed before continuing if (System::getVar('installed') == 0 && !System::isInstalling()) { System::redirect(System::getBaseUrl() . 'install.php?notinstalled'); System::shutDown(); } if ($stage & self::STAGE_DB) { try { $dbEvent = new Zikula_Event('core.init', $this, array('stage' => self::STAGE_DB)); $this->eventManager->notify($dbEvent); } catch (PDOException $e) { if (!System::isInstalling()) { header('HTTP/1.1 503 Service Unavailable'); require_once System::getSystemErrorTemplate('dbconnectionerror.tpl'); System::shutDown(); } else { return false; } } } if ($stage & self::STAGE_TABLES) { // Initialise dbtables ModUtil::dbInfoLoad('Extensions', 'Extensions'); ModUtil::initCoreVars(); ModUtil::dbInfoLoad('Settings', 'Settings'); ModUtil::dbInfoLoad('Theme', 'Theme'); ModUtil::dbInfoLoad('Users', 'Users'); ModUtil::dbInfoLoad('Groups', 'Groups'); ModUtil::dbInfoLoad('Permissions', 'Permissions'); ModUtil::dbInfoLoad('Categories', 'Categories'); if (!System::isInstalling()) { ModUtil::registerAutoloaders(); } $coreInitEvent->setArg('stage', self::STAGE_TABLES); $this->eventManager->notify($coreInitEvent); } if ($stage & self::STAGE_SESSIONS) { SessionUtil::requireSession(); $coreInitEvent->setArg('stage', self::STAGE_SESSIONS); $this->eventManager->notify($coreInitEvent); } // Have to load in this order specifically since we cant setup the languages until we've decoded the URL if required (drak) // start block if ($stage & self::STAGE_LANGS) { $lang = ZLanguage::getInstance(); } if ($stage & self::STAGE_DECODEURLS) { System::queryStringDecode(); $coreInitEvent->setArg('stage', self::STAGE_DECODEURLS); $this->eventManager->notify($coreInitEvent); } if ($stage & self::STAGE_LANGS) { $lang->setup(); $coreInitEvent->setArg('stage', self::STAGE_LANGS); $this->eventManager->notify($coreInitEvent); } // end block if ($stage & self::STAGE_MODS) { // Set compression on if desired if (System::getVar('UseCompression') == 1) { //ob_start("ob_gzhandler"); } ModUtil::load('SecurityCenter'); $coreInitEvent->setArg('stage', self::STAGE_MODS); $this->eventManager->notify($coreInitEvent); } if ($stage & self::STAGE_THEME) { // register default page vars PageUtil::registerVar('title'); PageUtil::setVar('title', System::getVar('defaultpagetitle')); PageUtil::registerVar('keywords', true); PageUtil::registerVar('stylesheet', true); PageUtil::registerVar('javascript', true); PageUtil::registerVar('jsgettext', true); PageUtil::registerVar('body', true); PageUtil::registerVar('header', true); PageUtil::registerVar('footer', true); $theme = Zikula_View_Theme::getInstance(); // set some defaults // Metadata for SEO $this->serviceManager['zikula_view.metatags']['description'] = System::getVar('defaultmetadescription'); $this->serviceManager['zikula_view.metatags']['keywords'] = System::getVar('metakeywords'); $coreInitEvent->setArg('stage', self::STAGE_THEME); $this->eventManager->notify($coreInitEvent); } // check the users status, if not 1 then log him out if (UserUtil::isLoggedIn()) { $userstatus = UserUtil::getVar('activated'); if ($userstatus != Users_Constant::ACTIVATED_ACTIVE) { UserUtil::logout(); // TODO - When getting logged out this way, the existing session is destroyed and // then a new one is created on the reentry into index.php. The message // set by the registerStatus call below gets lost. LogUtil::registerStatus(__('You have been logged out.')); System::redirect(ModUtil::url('Users', 'user', 'login')); } } if ($stage & self::STAGE_POST && $this->stage & ~self::STAGE_POST) { $this->eventManager->notify(new Zikula_Event('core.postinit', $this, array('stages' => $stage))); } }
/** * Log the user out * * @deprecated * @see UserUtil::logout() * * @public * @return bool true if the user successfully logged out, false otherwise */ function pnUserLogOut() { LogUtil::log(__f('Warning! Function %1$s is deprecated. Please use %2$s instead.', array(__FUNCTION__, 'UserUtil::logout()')), E_USER_DEPRECATED); return UserUtil::logout(); }
* @license GNU/LGPLv3 (or at your option, any later version). * @package Zikula * * Please see the NOTICE file distributed with this source code for further * information regarding copyright and licensing. */ include 'lib/bootstrap.php'; $core->init(Zikula_Core::STAGE_ALL | Zikula_Core::STAGE_AJAX & ~Zikula_Core::STAGE_DECODEURLS); // Get variables $module = FormUtil::getPassedValue('module', '', 'GETPOST', FILTER_SANITIZE_STRING); $type = FormUtil::getPassedValue('type', 'ajax', 'GETPOST', FILTER_SANITIZE_STRING); $func = FormUtil::getPassedValue('func', '', 'GETPOST', FILTER_SANITIZE_STRING); // Check for site closed if (System::getVar('siteoff') && !SecurityUtil::checkPermission('Settings::', 'SiteOff::', ACCESS_ADMIN) && !($module == 'Users' && $func == 'siteofflogin')) { if (SecurityUtil::checkPermission('Users::', '::', ACCESS_OVERVIEW) && UserUtil::isLoggedIn()) { UserUtil::logout(); } die(new Zikula_Response_Ajax_Unavailable(__('The site is currently off-line.'))); } if (empty($func)) { die(new Zikula_Response_Ajax_NotFound(__f("Missing parameter '%s'", 'func'))); } // get module information $modinfo = ModUtil::getInfoFromName($module); if ($modinfo == false) { die(new Zikula_Response_Ajax_NotFound(__f("Error! The '%s' module is unknown.", DataUtil::formatForDisplay($module)))); } if (!ModUtil::available($modinfo['name'])) { die(new Zikula_Response_Ajax_NotFound(__f("Error! The '%s' module is not available.", DataUtil::formatForDisplay($module)))); } if (!ModUtil::load($modinfo['name'], $type)) {
/** * This is a standard function to update the configuration parameters of the * module given the information passed back by the modification form * @see securitycenter_admin_modifyconfig() * * @param int enableanticracker * @param int itemsperpage * @param int emailhackattempt * @param int loghackattempttodb * @param int onlysendsummarybyemail * @param int updatecheck * @param int updatefrequency * @param int keyexpiry * @param int sessionauthkeyua * @param string secure_domain * @param int signcookies * @param string signingkey * @param string seclevel * @param int secmeddays * @param int secinactivemins * @param int sessionstoretofile * @param string sessionsavepath * @param int gc_probability * @param int anonymoussessions * @param int sessionrandregenerate * @param int sessionregenerate * @param int sessionregeneratefreq * @param int sessionipcheck * @param string sessionname * @param int filtergetvars * @param int filterpostvars * @param int filtercookievars * @param int outputfilter * @param string summarycontent * @param string fullcontent * * @return bool true if successful, false otherwise. */ public function updateconfig() { $this->checkCsrfToken(); // Security check if (!SecurityUtil::checkPermission('SecurityCenter::', '::', ACCESS_ADMIN)) { return LogUtil::registerPermissionError(); } $validates = true; // Update module variables. $updatecheck = (int)FormUtil::getPassedValue('updatecheck', 0, 'POST'); System::setVar('updatecheck', $updatecheck); // if update checks are disabled, reset values to force new update check if re-enabled if ($updatecheck == 0) { System::setVar('updateversion', Zikula_Core::VERSION_NUM); System::setVar('updatelastchecked', 0); } $updatefrequency = (int)FormUtil::getPassedValue('updatefrequency', 30, 'POST'); System::setVar('updatefrequency', $updatefrequency); $keyexpiry = (int)FormUtil::getPassedValue('keyexpiry', 0, 'POST'); if ($keyexpiry < 0 || $keyexpiry > 3600) { $keyexpiry = 0; } System::setVar('keyexpiry', $keyexpiry); $sessionauthkeyua = (int)FormUtil::getPassedValue('sessionauthkeyua', 0, 'POST'); System::setVar('sessionauthkeyua', $sessionauthkeyua); $secure_domain = FormUtil::getPassedValue('secure_domain', '', 'POST'); System::setVar('secure_domain', $secure_domain); $signcookies = (int)FormUtil::getPassedValue('signcookies', 1, 'POST'); System::setVar('signcookies', $signcookies); $signingkey = FormUtil::getPassedValue('signingkey', '', 'POST'); System::setVar('signingkey', $signingkey); $seclevel = FormUtil::getPassedValue('seclevel', 'High', 'POST'); System::setVar('seclevel', $seclevel); $secmeddays = (int)FormUtil::getPassedValue('secmeddays', 7, 'POST'); if ($secmeddays < 1 || $secmeddays > 365) { $secmeddays = 7; } System::setVar('secmeddays', $secmeddays); $secinactivemins = (int)FormUtil::getPassedValue('secinactivemins', 20, 'POST'); if ($secinactivemins < 1 || $secinactivemins > 1440) { $secinactivemins = 7; } System::setVar('secinactivemins', $secinactivemins); $sessionstoretofile = (int)FormUtil::getPassedValue('sessionstoretofile', 0, 'POST'); $sessionsavepath = FormUtil::getPassedValue('sessionsavepath', '', 'POST'); // check session path config is writable (if method is being changed to session file storage) $cause_logout = false; $storeTypeCanBeWritten = true; if ($sessionstoretofile == 1 && !empty($sessionsavepath)) { // fix path on windows systems $sessionsavepath = str_replace('\\', '/', $sessionsavepath); // sanitize the path $sessionsavepath = trim(stripslashes($sessionsavepath)); // check if sessionsavepath is a dir and if it is writable // if yes, we need to logout $cause_logout = (is_dir($sessionsavepath)) ? is_writable($sessionsavepath) : false; if ($cause_logout == false) { // an error occured - we do not change the way of storing session data LogUtil::registerStatus($this->__('Error! Session path not writeable!')); $storeTypeCanBeWritten = false; } } if ($storeTypeCanBeWritten == true) { System::setVar('sessionstoretofile', $sessionstoretofile); System::setVar('sessionsavepath', $sessionsavepath); } if ((bool)$sessionstoretofile != (bool)System::getVar('sessionstoretofile')) { // logout if going from one storage to another one $cause_logout = true; } $gc_probability = (int)FormUtil::getPassedValue('gc_probability', 100, 'POST'); if ($gc_probability < 1 || $gc_probability > 10000) { $gc_probability = 7; } System::setVar('gc_probability', $gc_probability); $anonymoussessions = (int)FormUtil::getPassedValue('anonymoussessions', 1, 'POST'); System::setVar('anonymoussessions', $anonymoussessions); $sessionrandregenerate = (int)FormUtil::getPassedValue('sessionrandregenerate', 1, 'POST'); System::setVar('sessionrandregenerate', $sessionrandregenerate); $sessionregenerate = (int)FormUtil::getPassedValue('sessionregenerate', 1, 'POST'); System::setVar('sessionregenerate', $sessionregenerate); $sessionregeneratefreq = (int)FormUtil::getPassedValue('sessionregeneratefreq', 10, 'POST'); if ($sessionregeneratefreq < 1 || $sessionregeneratefreq > 100) { $sessionregeneratefreq = 10; } System::setVar('sessionregeneratefreq', $sessionregeneratefreq); $sessionipcheck = (int)FormUtil::getPassedValue('sessionipcheck', 0, 'POST'); System::setVar('sessionipcheck', $sessionipcheck); $sessionname = FormUtil::getPassedValue('sessionname', 'ZSID', 'POST'); if (strlen($sessionname) < 3) { $sessionname = 'ZSID'; } $sessioncsrftokenonetime = (int)FormUtil::getPassedValue('sessioncsrftokenonetime', 0, 'POST'); System::setVar('sessioncsrftokenonetime', $sessioncsrftokenonetime); // cause logout if we changed session name if ($sessionname != System::getVar('sessionname')) { $cause_logout = true; } System::setVar('sessionname', $sessionname); System::setVar('sessionstoretofile', $sessionstoretofile); $outputfilter = FormUtil::getPassedValue('outputfilter', 0, 'POST'); System::setVar('outputfilter', $outputfilter); $useids = (bool)FormUtil::getPassedValue('useids', 0, 'POST'); System::setVar('useids', $useids); // create tmp directory for PHPIDS if ($useids == 1) { $idsTmpDir = CacheUtil::getLocalDir() . '/idsTmp'; if (!file_exists($idsTmpDir)) { CacheUtil::clearLocalDir('idsTmp'); } } $idssoftblock = (bool)FormUtil::getPassedValue('idssoftblock', 1, 'POST'); System::setVar('idssoftblock', $idssoftblock); $idsmail = (bool)FormUtil::getPassedValue('idsmail', 1, 'POST'); System::setVar('idsmail', $idsmail); $idsfilter = FormUtil::getPassedValue('idsfilter', 'xml', 'POST'); System::setVar('idsfilter', $idsfilter); $idsrulepath = FormUtil::getPassedValue('idsrulepath', 'config/zikula_default.xml', 'POST'); $idsrulepath = DataUtil::formatForOS($idsrulepath); if (is_readable($idsrulepath)) { System::setVar('idsrulepath', $idsrulepath); } else { LogUtil::registerError($this->__f('Error! PHPIDS rule file %s does not exist or is not readable.', $idsrulepath)); $validates = false; } $idsimpactthresholdone = (int)FormUtil::getPassedValue('idsimpactthresholdone', 1, 'POST'); System::setVar('idsimpactthresholdone', $idsimpactthresholdone); $idsimpactthresholdtwo = (int)FormUtil::getPassedValue('idsimpactthresholdtwo', 10, 'POST'); System::setVar('idsimpactthresholdtwo', $idsimpactthresholdtwo); $idsimpactthresholdthree = (int)FormUtil::getPassedValue('idsimpactthresholdthree', 25, 'POST'); System::setVar('idsimpactthresholdthree', $idsimpactthresholdthree); $idsimpactthresholdfour = (int)FormUtil::getPassedValue('idsimpactthresholdfour', 75, 'POST'); System::setVar('idsimpactthresholdfour', $idsimpactthresholdfour); $idsimpactmode = (int)FormUtil::getPassedValue('idsimpactmode', 1, 'POST'); System::setVar('idsimpactmode', $idsimpactmode); $idshtmlfields = FormUtil::getPassedValue('idshtmlfields', '', 'POST'); $idshtmlfields = explode(PHP_EOL, $idshtmlfields); $idshtmlarray = array(); foreach ($idshtmlfields as $idshtmlfield) { $idshtmlfield = trim($idshtmlfield); if (!empty($idshtmlfield)) { $idshtmlarray[] = $idshtmlfield; } } System::setVar('idshtmlfields', $idshtmlarray); $idsjsonfields = FormUtil::getPassedValue('idsjsonfields', '', 'POST'); $idsjsonfields = explode(PHP_EOL, $idsjsonfields); $idsjsonarray = array(); foreach ($idsjsonfields as $idsjsonfield) { $idsjsonfield = trim($idsjsonfield); if (!empty($idsjsonfield)) { $idsjsonarray[] = $idsjsonfield; } } System::setVar('idsjsonfields', $idsjsonarray); $idsexceptions = FormUtil::getPassedValue('idsexceptions', '', 'POST'); $idsexceptions = explode(PHP_EOL, $idsexceptions); $idsexceptarray = array(); foreach ($idsexceptions as $idsexception) { $idsexception = trim($idsexception); if (!empty($idsexception)) { $idsexceptarray[] = $idsexception; } } System::setVar('idsexceptions', $idsexceptarray); // clear all cache and compile directories ModUtil::apiFunc('Settings', 'admin', 'clearallcompiledcaches'); // the module configuration has been updated successfuly if ($validates) { $this->registerStatus($this->__('Done! Saved module configuration.')); } // we need to auto logout the user if they changed from DB to FILE if ($cause_logout == true) { UserUtil::logout(); $this->registerStatus($this->__('Session handling variables have changed. You must log in again.')); $returnPage = urlencode(ModUtil::url('SecurityCenter', 'admin', 'modifyconfig')); $this->redirect(ModUtil::url('Users', 'user', 'login', array('returnpage' => $returnPage))); } // This function generated no output, and so now it is complete we redirect // the user to an appropriate page for them to carry on their work return $this->redirect(ModUtil::url('SecurityCenter', 'admin', 'modifyconfig')); }
/** * Initialise Zikula. * * Carries out a number of initialisation tasks to get Zikula up and * running. * * @param integer $stage Stage to load. * * @return boolean True initialisation successful false otherwise. */ public function onInit(GetResponseEvent $event) { if ($event->getRequestType() === HttpKernelInterface::SUB_REQUEST) { return; } $this->dispatcher = $event->getDispatcher(); $this->stage = $stage = self::STAGE_ALL; $coreInitEvent = new GenericEvent($this); $coreInitEvent['request'] = $event->getRequest(); // store the load stages in a global so other API's can check whats loaded $this->dispatcher->dispatch(CoreEvents::PREINIT, new GenericEvent($this)); // // Initialise and load configuration // if ($stage & self::STAGE_CONFIG) { // // error reporting // if (!\System::isInstalling()) { // // this is here because it depends on the config.php loading. // $event = new GenericEvent(null, array('stage' => $stage)); // $this->dispatcher->dispatch(CoreEvents::ERRORREPORTING, $event); // } // // // initialise custom event listeners from config.php settings // $coreInitEvent->setArg('stage', self::STAGE_CONFIG); // $this->dispatcher->dispatch(CoreEvents::INIT, $coreInitEvent); // } // // Check that Zikula is installed before continuing // if (\System::getVar('installed') == 0 && !\System::isInstalling()) { // $response = new RedirectResponse(\System::getBaseUrl().'install.php?notinstalled'); // $response->send(); // \System::shutdown(); // } if ($stage & self::STAGE_DB) { try { $dbEvent = new GenericEvent(); $this->dispatcher->dispatch('doctrine.init_connection', $dbEvent); $dbEvent = new GenericEvent($this, array('stage' => self::STAGE_DB)); $this->dispatcher->dispatch(CoreEvents::INIT, $dbEvent); } catch (\PDOException $e) { if (!\System::isInstalling()) { header('HTTP/1.1 503 Service Unavailable'); require_once \System::getSystemErrorTemplate('dbconnectionerror.tpl'); \System::shutDown(); } else { return false; } } } if ($stage & self::STAGE_TABLES) { // Initialise dbtables \ModUtil::initCoreVars(); \ModUtil::dbInfoLoad('SettingsModule', 'SettingsModule'); \ModUtil::dbInfoLoad('ThemeModule', 'ThemeModule'); \ModUtil::dbInfoLoad('UsersModule', 'UsersModule'); \ModUtil::dbInfoLoad('GroupsModule', 'GroupsModule'); \ModUtil::dbInfoLoad('PermissionsModule', 'PermissionsModule'); \ModUtil::dbInfoLoad('CategoriesModule', 'CategoriesModule'); if (!\System::isInstalling()) { \ModUtil::registerAutoloaders(); } $coreInitEvent->setArg('stage', self::STAGE_TABLES); $this->dispatcher->dispatch(CoreEvents::INIT, $coreInitEvent); } if ($stage & self::STAGE_SESSIONS) { \SessionUtil::requireSession(); $coreInitEvent->setArg('stage', self::STAGE_SESSIONS); $this->dispatcher->dispatch(CoreEvents::INIT, $coreInitEvent); } // Have to load in this order specifically since we cant setup the languages until we've decoded the URL if required (drak) // start block if ($stage & self::STAGE_LANGS) { $lang = \ZLanguage::getInstance(); } if ($stage & self::STAGE_DECODEURLS) { \System::queryStringDecode(); $coreInitEvent->setArg('stage', self::STAGE_DECODEURLS); $this->dispatcher->dispatch(CoreEvents::INIT, $coreInitEvent); } if ($stage & self::STAGE_LANGS) { $lang->setup(); $coreInitEvent->setArg('stage', self::STAGE_LANGS); $this->dispatcher->dispatch(CoreEvents::INIT, $coreInitEvent); } // end block if ($stage & self::STAGE_MODS) { // Set compression on if desired if (\System::getVar('UseCompression') == 1) { //ob_start("ob_gzhandler"); } \ModUtil::load('SecurityCenter'); $coreInitEvent->setArg('stage', self::STAGE_MODS); $this->dispatcher->dispatch(CoreEvents::INIT, $coreInitEvent); } if ($stage & self::STAGE_THEME) { // register default page vars \PageUtil::registerVar('title'); \PageUtil::setVar('title', \System::getVar('defaultpagetitle')); \PageUtil::registerVar('keywords', true); \PageUtil::registerVar('stylesheet', true); \PageUtil::registerVar('javascript', true); \PageUtil::registerVar('jsgettext', true); \PageUtil::registerVar('body', true); \PageUtil::registerVar('header', true); \PageUtil::registerVar('footer', true); $theme = \Zikula_View_Theme::getInstance(); // set some defaults // Metadata for SEO $this->container['zikula_view.metatags']['description'] = \System::getVar('defaultmetadescription'); $this->container['zikula_view.metatags']['keywords'] = \System::getVar('metakeywords'); $coreInitEvent->setArg('stage', self::STAGE_THEME); $this->dispatcher->dispatch(CoreEvents::INIT, $coreInitEvent); } // check the users status, if not 1 then log him out if (\UserUtil::isLoggedIn()) { $userstatus = \UserUtil::getVar('activated'); if ($userstatus != UsersConstant::ACTIVATED_ACTIVE) { \UserUtil::logout(); // TODO - When getting logged out this way, the existing session is destroyed and // then a new one is created on the reentry into index.php. The message // set by the registerStatus call below gets lost. \LogUtil::registerStatus(__('You have been logged out.')); $response = new RedirectResponse(\ModUtil::url('Users', 'user', 'login')); $response->send(); exit; } } if ($stage & self::STAGE_POST && $this->stage & ~self::STAGE_POST) { $this->dispatcher->dispatch(CoreEvents::POSTINIT, new GenericEvent($this, array('stages' => $stage))); } $this->dispatcher->dispatch('frontcontroller.predispatch', new GenericEvent()); }
/** * Initialise Zikula. * * Carries out a number of initialisation tasks to get Zikula up and * running. * * @param integer $stage Stage to load. * @param Zikula_Request_Http $request * * @return boolean True initialisation successful false otherwise. */ public function init($stage = self::STAGE_ALL, Request $request) { $GLOBALS['__request'] = $request; // hack for pre 1.5.0 - drak $coreInitEvent = new GenericEvent($this); // store the load stages in a global so other API's can check whats loaded $this->stage = $this->stage | $stage; if ($stage & self::STAGE_PRE && $this->stage & ~self::STAGE_PRE) { ModUtil::flushCache(); System::flushCache(); $args = !System::isInstalling() ? array('lazy' => true) : array(); $this->dispatcher->dispatch('core.preinit', new GenericEvent($this, $args)); } // Initialise and load configuration if ($stage & self::STAGE_CONFIG) { // for BC only. remove this code in 2.0.0 if (!System::isInstalling()) { $this->dispatcher->dispatch('setup.errorreporting', new GenericEvent(null, array('stage' => $stage))); } // initialise custom event listeners from config.php settings $coreInitEvent->setArgument('stage', self::STAGE_CONFIG); /*************************************************** * NOTE: this event is monitored by * \Zikula\Bundle\CoreInstallerBundle\EventListener\InstallUpgradeCheckListener * to see if install or upgrade is needed ***************************************************/ $this->dispatcher->dispatch('core.init', $coreInitEvent); } if ($stage & self::STAGE_DB) { try { $dbEvent = new GenericEvent($this, array('stage' => self::STAGE_DB)); $this->dispatcher->dispatch('core.init', $dbEvent); } catch (PDOException $e) { if (!System::isInstalling()) { header('HTTP/1.1 503 Service Unavailable'); require_once System::getSystemErrorTemplate('dbconnectionerror.tpl'); System::shutDown(); } else { return false; } } } if ($stage & self::STAGE_TABLES) { // Initialise dbtables ModUtil::dbInfoLoad('ZikulaExtensionsModule', 'ZikulaExtensionsModule'); ModUtil::initCoreVars(); ModUtil::dbInfoLoad('ZikulaSettingsModule', 'ZikulaSettingsModule'); ModUtil::dbInfoLoad('ZikulaThemeModule', 'ZikulaThemeModule'); ModUtil::dbInfoLoad('ZikulaUsersModule', 'ZikulaUsersModule'); ModUtil::dbInfoLoad('ZikulaGroupsModule', 'ZikulaGroupsModule'); ModUtil::dbInfoLoad('ZikulaPermissionsModule', 'ZikulaPermissionsModule'); ModUtil::dbInfoLoad('ZikulaCategoriesModule', 'ZikulaCategoriesModule'); // Add AutoLoading for non-symfony 1.3 modules in /modules if (!System::isInstalling()) { ModUtil::registerAutoloaders(); } $coreInitEvent->setArgument('stage', self::STAGE_TABLES); $this->dispatcher->dispatch('core.init', $coreInitEvent); } if ($stage & self::STAGE_SESSIONS) { // SessionUtil::requireSession(); $coreInitEvent->setArgument('stage', self::STAGE_SESSIONS); $this->dispatcher->dispatch('core.init', $coreInitEvent); } // Have to load in this order specifically since we cant setup the languages until we've decoded the URL if required (drak) // start block if ($stage & self::STAGE_LANGS) { $lang = ZLanguage::getInstance(); } if ($stage & self::STAGE_DECODEURLS) { System::queryStringDecode($request); $coreInitEvent->setArgument('stage', self::STAGE_DECODEURLS); $this->dispatcher->dispatch('core.init', $coreInitEvent); } if ($stage & self::STAGE_LANGS) { $lang->setup($request); $coreInitEvent->setArgument('stage', self::STAGE_LANGS); $this->dispatcher->dispatch('core.init', $coreInitEvent); } // end block if ($stage & self::STAGE_MODS) { if (!System::isInstalling()) { ModUtil::load('ZikulaSecurityCenterModule'); } $coreInitEvent->setArgument('stage', self::STAGE_MODS); $this->dispatcher->dispatch('core.init', $coreInitEvent); } if ($stage & self::STAGE_THEME) { // register default page vars PageUtil::registerVar('polyfill_features', true); PageUtil::registerVar('title'); PageUtil::setVar('title', System::getVar('defaultpagetitle')); PageUtil::registerVar('keywords', true); PageUtil::registerVar('stylesheet', true); PageUtil::registerVar('javascript', true); PageUtil::registerVar('jsgettext', true); PageUtil::registerVar('body', true); PageUtil::registerVar('header', true); PageUtil::registerVar('footer', true); // set some defaults // Metadata for SEO $this->container->setParameter('zikula_view.metatags', array('description' => System::getVar('defaultmetadescription'), 'keywords' => System::getVar('metakeywords'))); $coreInitEvent->setArgument('stage', self::STAGE_THEME); $this->dispatcher->dispatch('core.init', $coreInitEvent); } // check the users status, if not 1 then log him out if (!System::isInstalling() && UserUtil::isLoggedIn()) { $userstatus = UserUtil::getVar('activated'); if ($userstatus != Users_Constant::ACTIVATED_ACTIVE) { UserUtil::logout(); // TODO - When getting logged out this way, the existing session is destroyed and // then a new one is created on the reentry into index.php. The message // set by the registerStatus call below gets lost. LogUtil::registerStatus(__('You have been logged out.')); System::redirect(ModUtil::url('ZikulaUsersModule', 'user', 'login')); } } if ($stage & self::STAGE_POST && $this->stage & ~self::STAGE_POST) { $this->dispatcher->dispatch('core.postinit', new GenericEvent($this, array('stages' => $stage))); } }
/** * Initialise Zikula. * * Carries out a number of initialisation tasks to get Zikula up and * running. * * @param integer $stage Stage to load. * @param Zikula_Request_Http $request * * @return boolean True initialisation successful false otherwise. */ public function init($stage = self::STAGE_ALL, Request $request) { $GLOBALS['__request'] = $request; // hack for pre 1.5.0 - drak $coreInitEvent = new GenericEvent($this); // store the load stages in a global so other API's can check whats loaded $this->stage = $this->stage | $stage; if ($stage & self::STAGE_PRE && $this->stage & ~self::STAGE_PRE) { ModUtil::flushCache(); System::flushCache(); $args = !System::isInstalling() ? array('lazy' => true) : array(); $this->dispatcher->dispatch('core.preinit', new GenericEvent($this, $args)); } // Initialise and load configuration if ($stage & self::STAGE_CONFIG) { // for BC only. remove this code in 2.0.0 if (!System::isInstalling()) { $this->dispatcher->dispatch('setup.errorreporting', new GenericEvent(null, array('stage' => $stage))); } // initialise custom event listeners from config.php settings $coreInitEvent->setArgument('stage', self::STAGE_CONFIG); $this->dispatcher->dispatch('core.init', $coreInitEvent); } // create several booleans to test condition of request regrading install/upgrade $installed = $this->getContainer()->getParameter('installed'); if ($installed) { self::defineCurrentInstalledCoreVersion($this->getContainer()); } $requiresUpgrade = $installed && version_compare(ZIKULACORE_CURRENT_INSTALLED_VERSION, self::VERSION_NUM, '<'); // can't use $request->get('_route') to get any of the following // all these routes are hard-coded in xml files $uriContainsInstall = strpos($request->getRequestUri(), '/install') !== false; $uriContainsUpgrade = strpos($request->getRequestUri(), '/upgrade') !== false; $uriContainsDoc = strpos($request->getRequestUri(), '/installdoc') !== false; $uriContainsWdt = strpos($request->getRequestUri(), '/_wdt') !== false; $uriContainsProfiler = strpos($request->getRequestUri(), '/_profiler') !== false; $uriContainsRouter = strpos($request->getRequestUri(), '/js/routing?callback=fos.Router.setData') !== false; $doNotRedirect = $uriContainsProfiler || $uriContainsWdt || $uriContainsRouter || $request->isXmlHttpRequest(); // check if Zikula Core is not installed if (!$installed && !$uriContainsDoc && !$uriContainsInstall && !$doNotRedirect) { $this->container->get('router')->getContext()->setBaseUrl($request->getBasePath()); // compensate for sub-directory installs $url = $this->container->get('router')->generate('install'); $response = new RedirectResponse($url); $response->send(); System::shutDown(); } // check if Zikula Core requires upgrade if ($requiresUpgrade && !$uriContainsDoc && !$uriContainsUpgrade && !$doNotRedirect) { $this->container->get('router')->getContext()->setBaseUrl($request->getBasePath()); // compensate for sub-directory installs $url = $this->container->get('router')->generate('upgrade'); $response = new RedirectResponse($url); $response->send(); System::shutDown(); } if (!$installed || $requiresUpgrade || $this->getContainer()->hasParameter('upgrading')) { System::setInstalling(true); } if ($stage & self::STAGE_DB) { try { $dbEvent = new GenericEvent($this, array('stage' => self::STAGE_DB)); $this->dispatcher->dispatch('core.init', $dbEvent); } catch (PDOException $e) { if (!System::isInstalling()) { header('HTTP/1.1 503 Service Unavailable'); require_once System::getSystemErrorTemplate('dbconnectionerror.tpl'); System::shutDown(); } else { return false; } } } if ($stage & self::STAGE_TABLES) { // Initialise dbtables ModUtil::dbInfoLoad('ZikulaExtensionsModule', 'ZikulaExtensionsModule'); ModUtil::initCoreVars(); ModUtil::dbInfoLoad('ZikulaSettingsModule', 'ZikulaSettingsModule'); ModUtil::dbInfoLoad('ZikulaThemeModule', 'ZikulaThemeModule'); ModUtil::dbInfoLoad('ZikulaUsersModule', 'ZikulaUsersModule'); ModUtil::dbInfoLoad('ZikulaGroupsModule', 'ZikulaGroupsModule'); ModUtil::dbInfoLoad('ZikulaPermissionsModule', 'ZikulaPermissionsModule'); ModUtil::dbInfoLoad('ZikulaCategoriesModule', 'ZikulaCategoriesModule'); // Add AutoLoading for non-symfony 1.3 modules in /modules if (!System::isInstalling()) { ModUtil::registerAutoloaders(); } $coreInitEvent->setArgument('stage', self::STAGE_TABLES); $this->dispatcher->dispatch('core.init', $coreInitEvent); } if ($stage & self::STAGE_SESSIONS) { // SessionUtil::requireSession(); $coreInitEvent->setArgument('stage', self::STAGE_SESSIONS); $this->dispatcher->dispatch('core.init', $coreInitEvent); } // Have to load in this order specifically since we cant setup the languages until we've decoded the URL if required (drak) // start block if ($stage & self::STAGE_LANGS) { $lang = ZLanguage::getInstance(); } if ($stage & self::STAGE_DECODEURLS) { System::queryStringDecode($request); $coreInitEvent->setArgument('stage', self::STAGE_DECODEURLS); $this->dispatcher->dispatch('core.init', $coreInitEvent); } if ($stage & self::STAGE_LANGS) { $lang->setup($request); $coreInitEvent->setArgument('stage', self::STAGE_LANGS); $this->dispatcher->dispatch('core.init', $coreInitEvent); } // end block if ($stage & self::STAGE_MODS) { if (!System::isInstalling()) { ModUtil::load('ZikulaSecurityCenterModule'); } $coreInitEvent->setArgument('stage', self::STAGE_MODS); $this->dispatcher->dispatch('core.init', $coreInitEvent); } if ($stage & self::STAGE_THEME) { // register default page vars PageUtil::registerVar('polyfill_features', true); PageUtil::registerVar('title'); PageUtil::setVar('title', System::getVar('defaultpagetitle')); PageUtil::registerVar('keywords', true); PageUtil::registerVar('stylesheet', true); PageUtil::registerVar('javascript', true); PageUtil::registerVar('jsgettext', true); PageUtil::registerVar('body', true); PageUtil::registerVar('header', true); PageUtil::registerVar('footer', true); // set some defaults // Metadata for SEO $this->container->setParameter('zikula_view.metatags', array('description' => System::getVar('defaultmetadescription'), 'keywords' => System::getVar('metakeywords'))); $coreInitEvent->setArgument('stage', self::STAGE_THEME); $this->dispatcher->dispatch('core.init', $coreInitEvent); } // check the users status, if not 1 then log him out if (!System::isInstalling() && UserUtil::isLoggedIn()) { $userstatus = UserUtil::getVar('activated'); if ($userstatus != Users_Constant::ACTIVATED_ACTIVE) { UserUtil::logout(); // TODO - When getting logged out this way, the existing session is destroyed and // then a new one is created on the reentry into index.php. The message // set by the registerStatus call below gets lost. LogUtil::registerStatus(__('You have been logged out.')); System::redirect(ModUtil::url('ZikulaUsersModule', 'user', 'login')); } } if ($stage & self::STAGE_POST && $this->stage & ~self::STAGE_POST) { $this->dispatcher->dispatch('core.postinit', new GenericEvent($this, array('stages' => $stage))); } }
/** * Log into a site that is currently "off" (normal logins are not allowed). * * Allows the administrator to access the site during maintenance. * * Parameters passed via GET: * -------------------------- * None. * * Parameters passed via POST: * --------------------------- * string user The user name of the user attempting to log in. * string pass The password of the user attempting to log in. * boolean rememberme Whether the login session should persist. * * Parameters passed via SESSION: * ------------------------------ * None. * * @return bool True. */ public function siteOffLogin() { // do not process if the site is enabled $this->redirectIf(!System::getVar('siteoff', false), System::getHomepageUrl()); if ($this->request->isPost()) { $user = $this->request->request->get('user', null); $pass = $this->request->request->get('pass', null); $rememberme = $this->request->request->get('rememberme', false); } else { throw new Zikula_Exception_Forbidden(); } $redirectUrl = System::getHomepageUrl(); $authenticationInfo = array( 'login_id' => $user, 'pass' => $pass ); $authenticationMethod = array( 'modname' => $this->name, 'method' => 'uname', ); if (UserUtil::loginUsing($authenticationMethod, $authenticationInfo, $rememberme)) { $user = UserUtil::getVars(UserUtil::getVar('uid')); if (!SecurityUtil::checkPermission('Settings::', 'SiteOff::', ACCESS_ADMIN)) { UserUtil::logout(); $eventArgs = array( 'authentication_method' => $authenticationMethod, 'redirecturl' => '', ); $event = new Zikula_Event('module.users.ui.login.failed', $user, $eventArgs); $event = $this->eventManager->notify($event); $redirectUrl = $event->hasArg('redirecturl') ? $event->getArg('redirecturl') : $redirectUrl; } else { $eventArgs = array( 'authentication_method' => $authenticationMethod, 'redirecturl' => $redirectUrl, ); $event = new Zikula_Event('module.users.ui.login.succeeded', $user, $eventArgs); $event = $this->eventManager->notify($event); $redirectUrl = $event->hasArg('redirecturl') ? $event->getArg('redirecturl') : $redirectUrl; } } else { $eventArgs = array( 'authentication_method' => $authenticationMethod, 'authentication_info' => $authenticationInfo, 'redirecturl' => '', ); $event = new Zikula_Event('module.users.ui.login.failed', null, $eventArgs); $event = $this->eventManager->notify($event); $redirectUrl = $event->hasArg('redirecturl') ? $event->getArg('redirecturl') : ''; } $this->redirect($redirectUrl); }