Beispiel #1
0
 /**
  * constructor to set up the object.
  *
  * @since 1.0
  */
 public function __construct()
 {
     self::$logger = new Logger('LogoutController');
     self::$logger->debug('>>__construct()');
     // ensure that the super class constructor is called, indicating the rights group
     parent::__construct('Public');
     $config = ConfigProvider::getInstance();
     $sessionProvider = $config->get('session.provider.name');
     $session = SessionProviderFactory::getInstance($sessionProvider);
     if ($session->get('currentUser') !== false) {
         $this->setRecord($session->get('currentUser'));
     } else {
         self::$logger->warn('Logout controller called when no user is logged in');
     }
     // set up the title and meta details
     $this->setTitle('Logged out successfully.');
     $this->setDescription('Logout page.');
     $this->setKeywords('Logout,logon');
     self::$logger->debug('<<__construct');
 }
 /**
  * (non-PHPdoc).
  *
  * @see Alpha\Model\ActiveRecordProviderInterface::isTableOverloaded()
  */
 public function isTableOverloaded()
 {
     self::$logger->debug('>>isTableOverloaded()');
     $reflection = new ReflectionClass($this->BO);
     $classname = $reflection->getShortName();
     $tablename = ucfirst($this->BO->getTableName());
     // use reflection to check to see if we are dealing with a persistent type (e.g. DEnum) which are never overloaded
     $implementedInterfaces = $reflection->getInterfaces();
     foreach ($implementedInterfaces as $interface) {
         if ($interface->name == 'Alpha\\Model\\Type\\TypeInterface') {
             self::$logger->debug('<<isTableOverloaded [false]');
             return false;
         }
     }
     if ($classname != $tablename) {
         // loop over all BOs to see if there is one using the same table as this BO
         $BOclasses = ActiveRecord::getBOClassNames();
         foreach ($BOclasses as $BOclassName) {
             $reflection = new ReflectionClass($BOclassName);
             $classname = $reflection->getShortName();
             if ($tablename == $classname) {
                 self::$logger->debug('<<isTableOverloaded [true]');
                 return true;
             }
         }
         throw new BadTableNameException('The table name [' . $tablename . '] for the class [' . $classname . '] is invalid as it does not match a BO definition in the system!');
         self::$logger->debug('<<isTableOverloaded [false]');
         return false;
     } else {
         // check to see if there is already a "classname" column in the database for this BO
         $sqlQuery = 'PRAGMA table_info(' . $this->BO->getTableName() . ')';
         $result = self::getConnection()->query($sqlQuery);
         $this->BO->setLastQuery($sqlQuery);
         if (!$result) {
             self::$logger->warn('Error during pragma table info lookup [' . self::getLastDatabaseError() . ']');
         } else {
             while ($row = $result->fetchArray(SQLITE3_ASSOC)) {
                 if ('classname' == $row['name']) {
                     self::$logger->debug('<<isTableOverloaded [true]');
                     return true;
                 }
             }
         }
         self::$logger->debug('<<isTableOverloaded [false]');
         return false;
     }
 }
Beispiel #3
0
 /**
  * Handle GET requests.
  *
  * @param Alpha\Util\Http\Request $request
  *
  * @return Alpha\Util\Http\Response
  *
  * @since 1.0
  */
 public function doGET($request)
 {
     self::$logger->debug('>>doGET(request=[' . var_export($request, true) . '])');
     $config = ConfigProvider::getInstance();
     if ($config->get('app.check.installed') && !ActiveRecord::isInstalled()) {
         $response = new Response(301);
         $response->redirect($config->get('app.url') . '/install');
         self::$logger->warn('App not installed so re-directing to the install controller');
         self::$logger->debug('<<doGET');
         return $response;
     }
     $params = $request->getParams();
     $body = View::loadTemplateFragment('html', 'head.phtml', array('title' => $config->get('app.title'), 'description' => 'Welcome to our site', 'allowCSSOverrides' => true));
     $body .= View::loadTemplateFragment('html', 'index.phtml');
     $body .= View::loadTemplateFragment('html', 'footer.phtml');
     self::$logger->debug('<<doGET');
     return new Response(200, $body, array('Content-Type' => 'text/html'));
 }
Beispiel #4
0
 /**
  * Handle POST requests.
  *
  * @param Alpha\Util\Http\Response $request
  *
  * @throws Alpha\Exception\SecurityException
  * @throws Alpha\Exception\IllegalArguementException
  *
  * @return Alpha\Util\Http\Response
  *
  * @since 1.0
  */
 public function doPOST($request)
 {
     self::$logger->debug('>>doPOST($request=[' . var_export($request, true) . '])');
     $params = $request->getParams();
     try {
         // check the hidden security fields before accepting the form POST data
         if (!$this->checkSecurityFields()) {
             throw new SecurityException('This page cannot accept post data from remote servers!');
         }
         if (!is_array($params)) {
             throw new IllegalArguementException('Bad $params [' . var_export($params, true) . '] passed to doPOST method!');
         }
         if (isset($params['clearCache']) && $params['clearCache'] == 'true') {
             try {
                 FileUtils::deleteDirectoryContents($this->dataDir, array('.htaccess', 'html', 'images', 'pdf', 'xls'));
                 $this->setStatusMessage(View::displayUpdateMessage('Cache contents deleted successfully.'));
                 $config = ConfigProvider::getInstance();
                 $sessionProvider = $config->get('session.provider.name');
                 $session = SessionProviderFactory::getInstance($sessionProvider);
                 self::$logger->info('Cache contents deleted successfully by user [' . $session->get('currentUser')->get('displayName') . '].');
             } catch (AlphaException $e) {
                 self::$logger->error($e->getMessage());
                 $this->setStatusMessage(View::displayErrorMessage($e->getMessage()));
             }
         }
         return $this->doGET($request);
     } catch (SecurityException $e) {
         $this->setStatusMessage(View::displayErrorMessage($e->getMessage()));
         self::$logger->warn($e->getMessage());
     } catch (IllegalArguementException $e) {
         self::$logger->error($e->getMessage());
         $this->setStatusMessage(View::displayErrorMessage($e->getMessage()));
     }
     $body = View::displayPageHead($this);
     $message = $this->getStatusMessage();
     if (!empty($message)) {
         $body .= $message;
     }
     $body .= View::displayPageFoot($this);
     self::$logger->debug('<<doPOST');
     return new Response(200, $body, array('Content-Type' => 'text/html'));
 }
 /**
  * {@inheritdoc}
  */
 public function process($request)
 {
     $client = $request->getUserAgent();
     // if no user agent string is provided, we can't filter by it anyway to might as well skip
     if ($client == null) {
         return;
     }
     if (!empty($client)) {
         $badClient = new BlacklistedClient();
         try {
             $badClient->loadByAttribute('client', $client);
         } catch (RecordNotFoundException $bonf) {
             // client is not on the list!
             return;
         }
         // if we got this far then the client is bad
         self::$logger->warn('The client [' . $client . '] was blocked from accessing the resource [' . $request->getURI() . ']');
         throw new ResourceNotAllowedException('Not allowed!');
     }
 }
 /**
  * {@inheritdoc}
  */
 public function process($request)
 {
     $config = ConfigProvider::getInstance();
     $client = $request->getUserAgent();
     $IP = $request->getIP();
     // if no user agent string or IP are provided, we can't filter by these anyway to might as well skip
     if ($client == null || $IP == null) {
         return;
     }
     if (!empty($client) && !empty($IP)) {
         $badRequest = new BadRequest();
         $badRequest->set('client', $client);
         $badRequest->set('IP', $IP);
         $badRequestCount = $badRequest->getBadRequestCount();
         if ($badRequestCount >= $config->get('security.client.temp.blacklist.filter.limit')) {
             // if we got this far then the client is bad
             self::$logger->warn('The client [' . $client . '] was blocked from accessing the resource [' . $request->getURI() . '] on a temporary basis');
             throw new ResourceNotAllowedException('Not allowed!');
         }
     }
 }
Beispiel #7
0
 /**
  * Handle GET requests.
  *
  * @param Alpha\Util\Http\Request $request
  *
  * @return Alpha\Util\Http\Response
  *
  * @throws Alpha\Exception\IllegalArguementException
  *
  * @since 1.0
  */
 public function doGET($request)
 {
     self::$logger->debug('>>doGET($request=[' . var_export($request, true) . '])');
     $params = $request->getParams();
     $body = '';
     try {
         // load the business object (BO) definition
         if (isset($params['logPath']) && file_exists(urldecode($params['logPath']))) {
             $logPath = urldecode($params['logPath']);
         } else {
             throw new IllegalArguementException('No log file available to view!');
         }
         $this->logPath = $logPath;
         $body .= View::displayPageHead($this);
         $log = new LogProviderFile();
         $log->setPath($this->logPath);
         if (preg_match('/alpha.*/', basename($this->logPath))) {
             $body .= $log->renderLog(array('Date/time', 'Level', 'Class', 'Message', 'Client', 'IP', 'Server hostname', 'URI'));
         }
         if (preg_match('/search.*/', basename($this->logPath))) {
             $body .= $log->renderLog(array('Search query', 'Search date', 'Client Application', 'Client IP'));
         }
         if (preg_match('/feeds.*/', basename($this->logPath))) {
             $body .= $log->renderLog(array('Business object', 'Feed type', 'Request date', 'Client Application', 'Client IP'));
         }
         if (preg_match('/tasks.*/', basename($this->logPath))) {
             $body .= $log->renderLog(array('Date/time', 'Level', 'Class', 'Message'));
         }
         $body .= View::displayPageFoot($this);
     } catch (IllegalArguementException $e) {
         self::$logger->warn($e->getMessage());
         $body .= View::displayPageHead($this);
         $body .= View::displayErrorMessage($e->getMessage());
         $body .= View::displayPageFoot($this);
     }
     self::$logger->debug('<<doGET');
     return new Response(200, $body, array('Content-Type' => 'text/html'));
 }
 /**
  * Handle POST requests.
  *
  * @param alpha\Util\Http\Request $request
  *
  * @return alpha\Util\Http\Response
  *
  * @since 1.0
  */
 public function doPOST($request)
 {
     self::$logger->debug('>>doPOST($request=[' . var_export($request, true) . '])');
     $params = $request->getParams();
     $config = ConfigProvider::getInstance();
     $body = View::displayPageHead($this);
     try {
         // check the hidden security fields before accepting the form POST data
         if (!$this->checkSecurityFields()) {
             throw new SecurityException('This page cannot accept post data from remote servers!');
         }
         if (isset($params['createTableBut'])) {
             try {
                 $classname = $params['createTableClass'];
                 $BO = new $classname();
                 $BO->makeTable();
                 self::$logger->action('Created the table for class ' . $classname);
                 $body .= View::displayUpdateMessage('The table for the class ' . $classname . ' has been successfully created.');
             } catch (AlphaException $e) {
                 self::$logger->error($e->getMessage());
                 $body .= View::displayErrorMessage('Error creating the table for the class ' . $classname . ', check the log!');
             }
         }
         if (isset($params['createHistoryTableBut'])) {
             try {
                 $classname = $params['createTableClass'];
                 $BO = new $classname();
                 $BO->makeHistoryTable();
                 self::$logger->action('Created the history table for class ' . $classname);
                 $body .= View::displayUpdateMessage('The history table for the class ' . $classname . ' has been successfully created.');
             } catch (AlphaException $e) {
                 self::$logger->error($e->getMessage());
                 $body .= View::displayErrorMessage('Error creating the history table for the class ' . $classname . ', check the log!');
             }
         }
         if (isset($params['recreateTableClass']) && $params['admin_' . stripslashes($params['recreateTableClass']) . '_button_pressed'] == 'recreateTableBut') {
             try {
                 $classname = $params['recreateTableClass'];
                 $BO = new $classname();
                 $BO->rebuildTable();
                 self::$logger->action('Recreated the table for class ' . $classname);
                 $body .= View::displayUpdateMessage('The table for the class ' . $classname . ' has been successfully recreated.');
             } catch (AlphaException $e) {
                 self::$logger->error($e->getMessage());
                 $body .= View::displayErrorMessage('Error recreating the table for the class ' . $classname . ', check the log!');
             }
         }
         if (isset($params['updateTableClass']) && $params['admin_' . stripslashes($params['updateTableClass']) . '_button_pressed'] == 'updateTableBut') {
             try {
                 $classname = $params['updateTableClass'];
                 $BO = new $classname();
                 $missingFields = $BO->findMissingFields();
                 $count = count($missingFields);
                 for ($i = 0; $i < $count; ++$i) {
                     $BO->addProperty($missingFields[$i]);
                 }
                 self::$logger->action('Updated the table for class ' . $classname);
                 $body .= View::displayUpdateMessage('The table for the class ' . $classname . ' has been successfully updated.');
             } catch (AlphaException $e) {
                 self::$logger->error($e->getMessage());
                 $body .= View::displayErrorMessage('Error updating the table for the class ' . $classname . ', check the log!');
             }
         }
     } catch (SecurityException $e) {
         $body .= View::displayErrorMessage($e->getMessage());
         self::$logger->warn($e->getMessage());
     }
     $body .= $this->displayBodyContent();
     $body .= View::displayPageFoot($this);
     self::$logger->debug('<<doPOST');
     return new Response(200, $body, array('Content-Type' => 'text/html'));
 }
Beispiel #9
0
 /**
  * Delete all object instances from the database by the specified attribute matching the value provided.
  *
  * @param string $attribute The name of the field to delete the objects by.
  * @param mixed  $value     The value of the field to delete the objects by.
  *
  * @return int The number of rows deleted.
  *
  * @since 1.0
  *
  * @throws Alpha\Exception\FailedDeleteException
  */
 public function deleteAllByAttribute($attribute, $value)
 {
     self::$logger->debug('>>deleteAllByAttribute(attribute=[' . $attribute . '], value=[' . $value . '])');
     if (method_exists($this, 'before_deleteAllByAttribute_callback')) {
         $this->before_deleteAllByAttribute_callback();
     }
     try {
         $doomedObjects = $this->loadAllByAttribute($attribute, $value);
         $deletedRowCount = 0;
         foreach ($doomedObjects as $object) {
             $object->delete();
             ++$deletedRowCount;
         }
     } catch (RecordNotFoundException $bonf) {
         // nothing found to delete
         self::$logger->warn($bonf->getMessage());
         return 0;
     } catch (AlphaException $e) {
         throw new FailedDeleteException('Failed to delete objects, error is [' . $e->getMessage() . ']');
         self::$logger->debug('<<deleteAllByAttribute [0]');
         return 0;
     }
     if (method_exists($this, 'after_deleteAllByAttribute_callback')) {
         $this->after_deleteAllByAttribute_callback();
     }
     self::$logger->debug('<<deleteAllByAttribute [' . $deletedRowCount . ']');
     return $deletedRowCount;
 }
Beispiel #10
0
 /**
  * Returns the name of a custom controller if one is found, otherwise returns null.
  *
  * @param string $ActiveRecordType The classname of the active record
  *
  * @return string
  *
  * @since 1.0
  */
 public static function getCustomControllerName($ActiveRecordType)
 {
     if (self::$logger == null) {
         self::$logger = new Logger('Controller');
     }
     self::$logger->debug('>>getCustomControllerName(ActiveRecordType=[' . $ActiveRecordType . ']');
     $config = ConfigProvider::getInstance();
     try {
         $class = new ReflectionClass($ActiveRecordType);
         $controllerName = $class->getShortname() . 'Controller';
     } catch (Exception $e) {
         self::$logger->warn('Bad active record name [' . $ActiveRecordType . '] passed to getCustomControllerName()');
         return;
     }
     self::$logger->debug('Custom controller name is [' . $controllerName . ']');
     if (file_exists($config->get('app.root') . 'Controller/' . $controllerName . '.php')) {
         $controllerName = 'Controller\\' . $controllerName;
         self::$logger->debug('<<getCustomControllerName [' . $controllerName . ']');
         return $controllerName;
     } elseif (file_exists($config->get('app.root') . 'Alpha/Controller/' . $controllerName . '.php')) {
         $controllerName = 'Alpha\\Controller\\' . $controllerName;
         self::$logger->debug('<<getCustomControllerName [' . $controllerName . ']');
         return $controllerName;
     } else {
         self::$logger->debug('<<getCustomControllerName');
         return;
     }
 }
Beispiel #11
0
 /**
  * Handles get requests.
  *
  * @param Alpha\Util\Http\Request $request
  *
  * @return Alpha\Util\Http\Response
  *
  * @since 1.0
  *
  * @throws Alpha\Exception\ResourceNotFoundException
  * @throws Alpha\Exception\ResourceNotAllowedException
  */
 public function doGet($request)
 {
     self::$logger->debug('>>doGet(request=[' . var_export($request, true) . '])');
     $config = ConfigProvider::getInstance();
     $params = $request->getParams();
     try {
         $imgSource = urldecode($params['source']);
         $imgWidth = $params['width'];
         $imgHeight = $params['height'];
         $imgType = $params['type'];
         $imgQuality = (double) $params['quality'];
         $imgScale = new Boolean($params['scale']);
         $imgSecure = new Boolean($params['secure']);
     } catch (\Exception $e) {
         self::$logger->error('Required param missing for ImageController controller[' . $e->getMessage() . ']');
         throw new ResourceNotFoundException('File not found');
     }
     $modified = filemtime($imgSource);
     $responseHeaders = array();
     $responseHeaders['Last-Modified'] = date('D, d M Y H:i:s', $modified) . ' GMT';
     $responseHeaders['Cache-Control'] = 'max-age=1800';
     // exit if not modified
     if ($request->getHeader('If-Modified-Since') != null) {
         if (strtotime($request->getHeader('If-Modified-Since')) == $modified) {
             return new Response(304, '', $responseHeaders);
         }
     }
     // handle secure tokens
     if ($imgSecure->getBooleanValue() && $config->get('cms.images.widget.secure')) {
         $valid = $this->checkSecurityFields();
         // if not valid, just return a blank black image of the same dimensions
         if (!$valid) {
             $im = imagecreatetruecolor($imgWidth, $imgHeight);
             $bgc = imagecolorallocate($im, 0, 0, 0);
             imagefilledrectangle($im, 0, 0, $imgWidth, $imgHeight, $bgc);
             if ($imgSource == 'png' && $config->get('cms.images.perserve.png')) {
                 ob_start();
                 imagepng($im);
                 $body = ob_get_contents();
                 $contentType = 'image/png';
                 ob_end_clean();
             } else {
                 ob_start();
                 imagejpeg($im);
                 $body = ob_get_contents();
                 $contentType = 'image/jpeg';
                 ob_end_clean();
             }
             imagedestroy($im);
             self::$logger->warn('The client [' . $request->getUserAgent() . '] was blocked from accessing the file [' . $imgSource . '] due to bad security tokens being provided');
             $responseHeaders['Content-Type'] = $contentType;
             return new Response(200, $body, $responseHeaders);
         }
     }
     try {
         $image = new Image($imgSource, $imgWidth, $imgHeight, $imgType, $imgQuality, $imgScale->getBooleanValue(), $imgSecure->getBooleanValue());
         ob_start();
         $image->renderImage();
         $body = ob_get_contents();
         ob_end_clean();
     } catch (IllegalArguementException $e) {
         self::$logger->error($e->getMessage());
         throw new ResourceNotFoundException('File not found');
     }
     self::$logger->debug('<<__doGet');
     if ($imgSource == 'png' && $config->get('cms.images.perserve.png')) {
         $responseHeaders['Content-Type'] = 'image/png';
     } else {
         $responseHeaders['Content-Type'] = 'image/jpeg';
     }
     return new Response(200, $body, $responseHeaders);
 }
Beispiel #12
0
 /**
  * {@inheritdoc}
  */
 public function getRelated($sourceObject, $returnType = 'all', $start = 0, $limit = 10, $distinct = '')
 {
     $config = ConfigProvider::getInstance();
     // the result objects
     $results = array();
     // matching tags with weights
     $matches = array();
     // only used in conjunction with distinct param
     $distinctValues = array();
     if ($config->get('cache.provider.name') != '') {
         $key = get_class($sourceObject) . '-' . $sourceObject->getOID() . '-related' . ($distinct == '' ? '' : '-distinct');
         $matches = $this->loadFromCache($key);
     }
     if (count($matches) == 0) {
         // all the tags on the source object for comparison
         $tags = $sourceObject->getPropObject('tags')->getRelatedObjects();
         foreach ($tags as $tag) {
             $Tag = new Tag();
             if ($distinct == '') {
                 $matchingTags = $Tag->query('SELECT * FROM ' . $Tag->getTableName() . " WHERE \n                        content='" . $tag->get('content') . "' AND NOT \n                        (taggedOID = '" . $sourceObject->getOID() . "' AND taggedClass = '" . get_class($sourceObject) . "');");
             } else {
                 // filter out results where the source object field is identical to distinct param
                 $matchingTags = $Tag->query('SELECT * FROM ' . $Tag->getTableName() . " WHERE \n                        content='" . $tag->get('content') . "' AND NOT \n                        (taggedOID = '" . $sourceObject->getOID() . "' AND taggedClass = '" . get_class($sourceObject) . "')\n                        AND taggedOID IN (SELECT OID FROM " . $sourceObject->getTableName() . ' WHERE ' . $distinct . " != '" . addslashes($sourceObject->get($distinct)) . "');");
             }
             foreach ($matchingTags as $matchingTag) {
                 if ($returnType == 'all' || $tag->get('taggedClass') == $returnType) {
                     $key = $matchingTag['taggedClass'] . '-' . $matchingTag['taggedOID'];
                     // matches on the distinct if defined need to be skipped
                     if ($distinct != '') {
                         try {
                             $BO = new $matchingTag['taggedClass']();
                             $BO->load($matchingTag['taggedOID']);
                             // skip where the source object field is identical
                             if ($sourceObject->get($distinct) == $BO->get($distinct)) {
                                 continue;
                             }
                             if (!in_array($BO->get($distinct), $distinctValues)) {
                                 $distinctValues[] = $BO->get($distinct);
                             } else {
                                 continue;
                             }
                         } catch (RecordNotFoundException $e) {
                             self::$logger->warn('Error loading object [' . $matchingTag['taggedOID'] . '] of type [' . $matchingTag['taggedClass'] . '], probable orphan');
                         }
                     }
                     if (isset($matches[$key])) {
                         // increment the weight if the same BO is tagged more than once
                         $weight = intval($matches[$key]) + 1;
                         $matches[$key] = $weight;
                     } else {
                         $matches[$key] = 1;
                     }
                 }
             }
             if ($config->get('cache.provider.name') != '') {
                 $key = get_class($sourceObject) . '-' . $sourceObject->getOID() . '-related' . ($distinct == '' ? '' : '-distinct');
                 $this->addToCache($key, $matches);
             }
         }
     }
     // sort the matches based on tag frequency weight
     arsort($matches);
     $this->numberFound = count($matches);
     // now paginate
     $matches = array_slice($matches, $start, $limit);
     // now load each object
     foreach ($matches as $key => $weight) {
         $parts = explode('-', $key);
         $BO = new $parts[0]();
         $BO->load($parts[1]);
         $results[] = $BO;
     }
     return $results;
 }
Beispiel #13
0
 /**
  * Handle POST requests.
  *
  * @param Alpha\Util\Http\Request $request
  *
  * @return Alpha\Util\Http\Response
  *
  * @throws Alpha\Exception\SecurityException
  * @throws Alpha\Exception\IllegalArguementException
  *
  * @since 1.0
  */
 public function doPOST($request)
 {
     self::$logger->debug('>>doPOST($request=[' . var_export($request, true) . '])');
     $params = $request->getParams();
     try {
         // check the hidden security fields before accepting the form POST data
         if (!$this->checkSecurityFields()) {
             throw new SecurityException('This page cannot accept post data from remote servers!');
         }
         if (isset($params['clearTaggedClass']) && $params['clearTaggedClass'] != '') {
             try {
                 self::$logger->info('About to start rebuilding the tags for the class [' . $params['clearTaggedClass'] . ']');
                 $startTime = microtime(true);
                 $record = new $params['clearTaggedClass']();
                 $records = $record->loadAll();
                 self::$logger->info('Loaded all of the active records (elapsed time [' . round(microtime(true) - $startTime, 5) . '] seconds)');
                 ActiveRecord::begin();
                 $tag = new Tag();
                 $tag->deleteAllByAttribute('taggedClass', $params['clearTaggedClass']);
                 self::$logger->info('Deleted all of the old tags (elapsed time [' . round(microtime(true) - $startTime, 5) . '] seconds)');
                 $this->regenerateTagsOnRecords($records);
                 self::$logger->info('Saved all of the new tags (elapsed time [' . round(microtime(true) - $startTime, 5) . '] seconds)');
                 self::$logger->action('Tags recreated on the [' . $params['clearTaggedClass'] . '] class');
                 ActiveRecord::commit();
                 $this->setStatusMessage(View::displayUpdateMessage('Tags recreated on the ' . $record->getFriendlyClassName() . ' class.'));
                 self::$logger->info('Tags recreated on the [' . $params['clearTaggedClass'] . '] class (time taken [' . round(microtime(true) - $startTime, 5) . '] seconds).');
             } catch (AlphaException $e) {
                 self::$logger->error($e->getMessage());
                 ActiveRecord::rollback();
             }
             ActiveRecord::disconnect();
             return $this->doGET($request);
         } elseif (isset($params['ActiveRecordType']) && isset($params['ActiveRecordOID'])) {
             $ActiveRecordType = urldecode($params['ActiveRecordType']);
             $ActiveRecordOID = $params['ActiveRecordOID'];
             if (class_exists($ActiveRecordType)) {
                 $record = new $ActiveRecordType();
             } else {
                 throw new IllegalArguementException('No ActiveRecord available to display tags for!');
             }
             if (isset($params['saveBut'])) {
                 try {
                     $record->load($ActiveRecordOID);
                     $tags = $record->getPropObject('tags')->getRelatedObjects();
                     ActiveRecord::begin();
                     foreach ($tags as $tag) {
                         $tag->set('content', Tag::cleanTagContent($params['content_' . $tag->getID()]));
                         $tag->save();
                         self::$logger->action('Saved tag ' . $tag->get('content') . ' on ' . $ActiveRecordType . ' instance with OID ' . $ActiveRecordOID);
                     }
                     // handle new tag if posted
                     if (isset($params['NewTagValue']) && trim($params['NewTagValue']) != '') {
                         $newTag = new Tag();
                         $newTag->set('content', Tag::cleanTagContent($params['NewTagValue']));
                         $newTag->set('taggedOID', $ActiveRecordOID);
                         $newTag->set('taggedClass', $ActiveRecordType);
                         $newTag->save();
                         self::$logger->action('Created a new tag ' . $newTag->get('content') . ' on ' . $ActiveRecordType . ' instance with OID ' . $ActiveRecordOID);
                     }
                     ActiveRecord::commit();
                     $this->setStatusMessage(View::displayUpdateMessage('Tags on ' . get_class($record) . ' ' . $record->getID() . ' saved successfully.'));
                     return $this->doGET($request);
                 } catch (ValidationException $e) {
                     /*
                      * The unique key has most-likely been violated because this BO is already tagged with this
                      * value.
                      */
                     ActiveRecord::rollback();
                     $this->setStatusMessage(View::displayErrorMessage('Tags on ' . get_class($record) . ' ' . $record->getID() . ' not saved due to duplicate tag values, please try again.'));
                     return $this->doGET($request);
                 } catch (FailedSaveException $e) {
                     self::$logger->error('Unable to save the tags of id [' . $params['ActiveRecordOID'] . '], error was [' . $e->getMessage() . ']');
                     ActiveRecord::rollback();
                     $this->setStatusMessage(View::displayErrorMessage('Tags on ' . get_class($record) . ' ' . $record->getID() . ' not saved, please check the application logs.'));
                     return $this->doGET($request);
                 }
                 ActiveRecord::disconnect();
             }
         } else {
             return parent::doPOST($request);
         }
     } catch (SecurityException $e) {
         $this->setStatusMessage(View::displayErrorMessage($e->getMessage()));
         self::$logger->warn($e->getMessage());
     } catch (IllegalArguementException $e) {
         self::$logger->error($e->getMessage());
     } catch (RecordNotFoundException $e) {
         self::$logger->warn($e->getMessage());
         $this->setStatusMessage(View::displayErrorMessage('Failed to load the requested item from the database!'));
     }
     self::$logger->debug('<<doPOST');
 }
Beispiel #14
0
 /**
  * Handle GET requests.
  *
  * @param Alpha\Util\Http\Request $request
  *
  * @return Alpha\Util\Http\Response
  *
  * @since 1.0
  */
 public function doGET($request)
 {
     self::$logger->debug('>>doGET($request=[' . var_export($request, true) . '])');
     $config = ConfigProvider::getInstance();
     $sessionProvider = $config->get('session.provider.name');
     $session = SessionProviderFactory::getInstance($sessionProvider);
     // if there is nobody logged in, we will send them off to the Login controller to do so before coming back here
     if ($session->get('currentUser') === false) {
         self::$logger->info('Nobody logged in, invoking Login controller...');
         $controller = new LoginController();
         $controller->setName('LoginController');
         $controller->setRequest($request);
         $controller->setUnitOfWork(array('Alpha\\Controller\\LoginController', 'Alpha\\Controller\\InstallController'));
         self::$logger->debug('<<__construct');
         return $controller->doGET($request);
     }
     $params = $request->getParams();
     $sessionProvider = $config->get('session.provider.name');
     $session = SessionProviderFactory::getInstance($sessionProvider);
     $body = View::displayPageHead($this);
     $body .= '<h1>Installing the ' . $config->get('app.title') . ' application</h1>';
     try {
         $body .= $this->createApplicationDirs();
     } catch (\Exception $e) {
         $body .= View::displayErrorMessage($e->getMessage());
         $body .= View::displayErrorMessage('Aborting.');
         return new Response(500, $body, array('Content-Type' => 'text/html'));
     }
     // start a new database transaction
     ActiveRecord::begin();
     /*
      * Create DEnum tables
      */
     $DEnum = new DEnum();
     $DEnumItem = new DEnumItem();
     try {
         $body .= '<p>Attempting to create the DEnum tables...';
         if (!$DEnum->checkTableExists()) {
             $DEnum->makeTable();
         }
         self::$logger->info('Created the [' . $DEnum->getTableName() . '] table successfully');
         if (!$DEnumItem->checkTableExists()) {
             $DEnumItem->makeTable();
         }
         self::$logger->info('Created the [' . $DEnumItem->getTableName() . '] table successfully');
         // create a default article DEnum category
         $DEnum = new DEnum('Alpha\\Model\\Article::section');
         $DEnumItem = new DEnumItem();
         $DEnumItem->set('value', 'Main');
         $DEnumItem->set('DEnumID', $DEnum->getID());
         $DEnumItem->save();
         $body .= View::displayUpdateMessage('DEnums set up successfully.');
     } catch (\Exception $e) {
         $body .= View::displayErrorMessage($e->getMessage());
         $body .= View::displayErrorMessage('Aborting.');
         self::$logger->error($e->getMessage());
         ActiveRecord::rollback();
         return new Response(500, $body, array('Content-Type' => 'text/html'));
     }
     /*
      * Loop over each business object in the system, and create a table for it
      */
     $classNames = ActiveRecord::getBOClassNames();
     $loadedClasses = array();
     foreach ($classNames as $classname) {
         array_push($loadedClasses, $classname);
     }
     foreach ($loadedClasses as $classname) {
         try {
             $body .= '<p>Attempting to create the table for the class [' . $classname . ']...';
             try {
                 $BO = new $classname();
                 if (!$BO->checkTableExists()) {
                     $BO->makeTable();
                 } else {
                     if ($BO->checkTableNeedsUpdate()) {
                         $missingFields = $BO->findMissingFields();
                         $count = count($missingFields);
                         for ($i = 0; $i < $count; ++$i) {
                             $BO->addProperty($missingFields[$i]);
                         }
                     }
                 }
             } catch (FailedIndexCreateException $eice) {
                 // this are safe to ignore for now as they will be auto-created later once all of the tables are in place
                 self::$logger->warn($eice->getMessage());
             } catch (FailedLookupCreateException $elce) {
                 // this are safe to ignore for now as they will be auto-created later once all of the tables are in place
                 self::$logger->warn($elce->getMessage());
             }
             self::$logger->info('Created the [' . $BO->getTableName() . '] table successfully');
             $body .= View::displayUpdateMessage('Created the [' . $BO->getTableName() . '] table successfully');
         } catch (\Exception $e) {
             $body .= View::displayErrorMessage($e->getMessage());
             $body .= View::displayErrorMessage('Aborting.');
             self::$logger->error($e->getMessage());
             ActiveRecord::rollback();
             return new Response(500, $body, array('Content-Type' => 'text/html'));
         }
     }
     $body .= View::displayUpdateMessage('All business object tables created successfully!');
     /*
      * Create the Admin and Standard groups
      */
     $adminGroup = new Rights();
     $adminGroup->set('name', 'Admin');
     $standardGroup = new Rights();
     $standardGroup->set('name', 'Standard');
     try {
         try {
             $body .= '<p>Attempting to create the Admin and Standard groups...';
             $adminGroup->save();
             $standardGroup->save();
             self::$logger->info('Created the Admin and Standard rights groups successfully');
             $body .= View::displayUpdateMessage('Created the Admin and Standard rights groups successfully');
         } catch (FailedIndexCreateException $eice) {
             // this are safe to ignore for now as they will be auto-created later once all of the tables are in place
             self::$logger->warn($eice->getMessage());
         } catch (FailedLookupCreateException $elce) {
             // this are safe to ignore for now as they will be auto-created later once all of the tables are in place
             self::$logger->warn($elce->getMessage());
         }
     } catch (\Exception $e) {
         $body .= View::displayErrorMessage($e->getMessage());
         $body .= View::displayErrorMessage('Aborting.');
         self::$logger->error($e->getMessage());
         ActiveRecord::rollback();
         return new Response(500, $body, array('Content-Type' => 'text/html'));
     }
     /*
      * Save the admin user to the database in the right group
      */
     try {
         try {
             $body .= '<p>Attempting to save the Admin account...';
             $admin = new Person();
             $admin->set('displayName', 'Admin');
             $admin->set('email', $session->get('currentUser')->get('email'));
             $admin->set('password', $session->get('currentUser')->get('password'));
             $admin->save();
             self::$logger->info('Created the admin user account [' . $session->get('currentUser')->get('email') . '] successfully');
             $adminGroup->loadByAttribute('name', 'Admin');
             $lookup = $adminGroup->getMembers()->getLookup();
             $lookup->setValue(array($admin->getID(), $adminGroup->getID()));
             $lookup->save();
             self::$logger->info('Added the admin account to the Admin group successfully');
             $body .= View::displayUpdateMessage('Added the admin account to the Admin group successfully');
         } catch (FailedIndexCreateException $eice) {
             // this are safe to ignore for now as they will be auto-created later once all of the tables are in place
             self::$logger->warn($eice->getMessage());
         } catch (FailedLookupCreateException $elce) {
             // this are safe to ignore for now as they will be auto-created later once all of the tables are in place
             self::$logger->warn($elce->getMessage());
         }
     } catch (\Exception $e) {
         $body .= View::displayErrorMessage($e->getMessage());
         $body .= View::displayErrorMessage('Aborting.');
         self::$logger->error($e->getMessage());
         ActiveRecord::rollback();
         return new Response(500, $body, array('Content-Type' => 'text/html'));
     }
     $body .= '<br><p align="center"><a href="' . FrontController::generateSecureURL('act=Alpha\\Controller\\ListActiveRecordsController') . '">Administration Home Page</a></p><br>';
     $body .= View::displayPageFoot($this);
     // commit
     ActiveRecord::commit();
     self::$logger->info('Finished installation!');
     self::$logger->action('Installed the application');
     self::$logger->debug('<<doGET');
     return new Response(200, $body, array('Content-Type' => 'text/html'));
 }
Beispiel #15
0
 /**
  * Processes the supplied request by invoking the callable defined matching the request's URI.
  *
  * @param Alpha\Util\Http\Request $request The request to process
  *
  * @return Alpha\Util\Http\Response
  *
  * @throws Alpha\Exception\ResourceNotFoundException
  * @throws Alpha\Exception\ResourceNotAllowedException
  * @throws Alpha\Exception\AlphaException
  *
  * @since 2.0
  */
 public function process($request)
 {
     foreach ($this->filters as $filter) {
         $filter->process($request);
     }
     try {
         $callback = $this->getRouteCallback($request->getURI());
     } catch (IllegalArguementException $e) {
         self::$logger->warn($e->getMessage());
         throw new ResourceNotFoundException('Resource not found');
     }
     if ($request->getURI() != $this->currentRoute) {
         if (isset($this->defaultParamValues[$this->currentRoute])) {
             $request->parseParamsFromRoute($this->currentRoute, $this->defaultParamValues[$this->currentRoute]);
         } else {
             $request->parseParamsFromRoute($this->currentRoute);
         }
     }
     try {
         $response = call_user_func($callback, $request);
     } catch (ResourceNotFoundException $rnfe) {
         self::$logger->info('ResourceNotFoundException throw, source message [' . $rnfe->getMessage() . ']');
         return new Response(404, $rnfe->getMessage());
     }
     if ($response instanceof Response) {
         return $response;
     } else {
         self::$logger->error('The callable defined for route [' . $request->getURI() . '] does not return a Response object');
         throw new AlphaException('Unable to process request');
     }
 }
 /**
  * Method to handle DELETE requests.
  *
  * @param Alpha\Util\Http\Request $request
  *
  * @throws Alpha\Exception\IllegalArguementException
  * @throws Alpha\Exception\SecurityException
  *
  * @return Alpha\Util\Http\Response
  *
  * @since 2.0
  */
 public function doDELETE($request)
 {
     self::$logger->debug('>>doDELETE(request=[' . var_export($request, true) . '])');
     $config = ConfigProvider::getInstance();
     $params = $request->getParams();
     $accept = $request->getAccept();
     try {
         // check the hidden security fields before accepting the form data
         if (!$this->checkSecurityFields()) {
             throw new SecurityException('This page cannot accept data from remote servers!');
         }
         if (isset($params['ActiveRecordType'])) {
             $ActiveRecordType = urldecode($params['ActiveRecordType']);
         } else {
             throw new IllegalArguementException('No ActiveRecord available to edit!');
         }
         if (class_exists($ActiveRecordType)) {
             $record = new $ActiveRecordType();
         } else {
             throw new IllegalArguementException('No ActiveRecord [' . $ActiveRecordType . '] available to edit!');
         }
         // check the hidden security fields before accepting the form POST data
         if (!$this->checkSecurityFields()) {
             throw new SecurityException('This page cannot accept post data from remote servers!');
         }
         $record->load($params['ActiveRecordOID']);
         ActiveRecord::begin();
         $record->delete();
         ActiveRecord::commit();
         ActiveRecord::disconnect();
         self::$logger->action('Deleted ' . $ActiveRecordType . ' instance with OID ' . $params['ActiveRecordOID']);
         if ($accept == 'application/json') {
             $response = new Response(200);
             $response->setHeader('Content-Type', 'application/json');
             $response->setBody(json_encode(array('message' => 'deleted')));
         } else {
             $response = new Response(301);
             if (isset($params['statusMessage'])) {
                 $this->setStatusMessage(View::displayUpdateMessage($params['statusMessage']));
             } else {
                 $this->setStatusMessage(View::displayUpdateMessage('Deleted'));
             }
             if ($this->getNextJob() != '') {
                 $response->redirect($this->getNextJob());
             } else {
                 if ($this->request->isSecureURI()) {
                     $response->redirect(FrontController::generateSecureURL('act=Alpha\\Controller\\ActiveRecordController&ActiveRecordType=' . $ActiveRecordType . '&start=0&limit=' . $config->get('app.list.page.amount')));
                 } else {
                     $response->redirect($config->get('app.url') . '/records/' . $params['ActiveRecordType']);
                 }
             }
         }
     } catch (SecurityException $e) {
         self::$logger->warn($e->getMessage());
         throw new ResourceNotAllowedException($e->getMessage());
     } catch (RecordNotFoundException $e) {
         self::$logger->warn($e->getMessage());
         throw new ResourceNotFoundException('The item that you have requested cannot be found!');
     } catch (AlphaException $e) {
         self::$logger->error($e->getMessage());
         ActiveRecord::rollback();
     }
     self::$logger->debug('<<doDELETE');
     return $response;
 }
Beispiel #17
0
 /**
  * Method to handle PUT requests.
  *
  * @param Alpha\Util\Http\Request
  *
  * @return Alpha\Util\Http\Response
  *
  * @since 1.0
  */
 public function doPUT($request)
 {
     self::$logger->debug('>>doPUT($request=[' . var_export($request, true) . '])');
     $config = ConfigProvider::getInstance();
     $params = $request->getParams();
     try {
         // check the hidden security fields before accepting the form POST data
         if (!$this->checkSecurityFields()) {
             throw new SecurityException('This page cannot accept post data from remote servers!');
             self::$logger->debug('<<doPUT');
         }
         if (isset($params['markdownTextBoxRows']) && $params['markdownTextBoxRows'] != '') {
             $viewState = ViewState::getInstance();
             $viewState->set('markdownTextBoxRows', $params['markdownTextBoxRows']);
         }
         if (isset($params['title']) || isset($params['ActiveRecordOID'])) {
             if (isset($params['ActiveRecordType']) && class_exists($params['ActiveRecordType'])) {
                 $record = new $params['ActiveRecordType']();
             } else {
                 $record = new Article();
             }
             if (isset($params['title'])) {
                 $title = str_replace($config->get('cms.url.title.separator'), ' ', $params['title']);
                 $record->loadByAttribute('title', $title, false, array('OID', 'version_num', 'created_ts', 'updated_ts', 'title', 'author', 'published', 'content', 'headerContent'));
             } else {
                 $record->load($params['ActiveRecordOID']);
             }
             // uploading an article attachment
             if (isset($params['uploadBut'])) {
                 $source = $request->getFile('userfile')['tmp_name'];
                 $dest = $record->getAttachmentsLocation() . '/' . $request->getFile('userfile')['name'];
                 // upload the file to the attachments directory
                 FileUtils::copy($source, $dest);
                 if (!file_exists($dest)) {
                     throw new AlphaException('Could not move the uploaded file [' . $request->getFile('userfile')['name'] . ']');
                 }
                 // set read/write permissions on the file
                 $success = chmod($dest, 0666);
                 if (!$success) {
                     throw new AlphaException('Unable to set read/write permissions on the uploaded file [' . $dest . '].');
                 }
                 if ($success) {
                     self::$logger->action('File ' . $source . ' uploaded to ' . $dest);
                     $this->setStatusMessage(View::displayUpdateMessage('File ' . $source . ' uploaded to ' . $dest));
                 }
             } elseif (isset($params['deletefile']) && $params['deletefile'] != '') {
                 $success = unlink($record->getAttachmentsLocation() . '/' . $params['deletefile']);
                 if (!$success) {
                     throw new AlphaException('Could not delete the file [' . $params['deletefile'] . ']');
                 }
                 if ($success) {
                     self::$logger->action('File ' . $record->getAttachmentsLocation() . '/' . $params['deletefile'] . ' deleted');
                     $this->setStatusMessage(View::displayUpdateMessage('File ' . $record->getAttachmentsLocation() . '/' . $params['deletefile'] . ' deleted'));
                 }
             } else {
                 self::$logger->debug('<<doPUT');
                 return parent::doPUT($request);
             }
         } else {
             throw new IllegalArguementException('No valid article ID provided!');
         }
     } catch (SecurityException $e) {
         $this->setStatusMessage(View::displayErrorMessage($e->getMessage()));
         self::$logger->warn($e->getMessage());
     } catch (IllegalArguementException $e) {
         $this->setStatusMessage(View::displayErrorMessage($e->getMessage()));
         self::$logger->error($e->getMessage());
     } catch (RecordNotFoundException $e) {
         self::$logger->warn($e->getMessage());
         $this->setStatusMessage(View::displayErrorMessage('Failed to load the requested article from the database!'));
     } catch (AlphaException $e) {
         $this->setStatusMessage(View::displayErrorMessage($e->getMessage()));
         self::$logger->error($e->getMessage());
     }
     $response = new Response(301);
     if ($this->getNextJob() != '') {
         $response->redirect($this->getNextJob());
     } else {
         if ($this->request->isSecureURI()) {
             $response->redirect(FrontController::generateSecureURL('act=Alpha\\Controller\\ActiveRecordController&ActiveRecordType=Alpha\\Model\\Article&ActiveRecordOID=' . $record->getOID() . '&view=edit'));
         } else {
             $title = str_replace(' ', $config->get('cms.url.title.separator'), $record->get('title'));
             $response->redirect($config->get('app.url') . '/a/' . $title . '/edit');
         }
     }
     self::$logger->debug('<<doPUT');
     return $response;
 }
Beispiel #18
0
 /**
  * Constructor that sets up the DEnum options.
  *
  * @param Alpha\Model\Type\String $name
  */
 public function __construct($name = null)
 {
     self::$logger = new Logger('DEnum');
     // ensure to call the parent constructor
     parent::__construct();
     $this->markTransient('options');
     $this->markTransient('value');
     $this->markTransient('helper');
     $this->name = new String($name);
     if (isset($name) && $this->checkTableExists()) {
         try {
             $this->loadByAttribute('name', $name);
         } catch (RecordNotFoundException $e) {
             // DEnum does not exist so create it
             $this->save();
         }
         try {
             $this->getOptions();
         } catch (AlphaException $e) {
             self::$logger->warn($e->getMessage());
         }
     }
 }
Beispiel #19
0
 /**
  * Handle POST requests.
  *
  * @param Alpha\Util\Http\Request $request
  *
  * @return Alpha\Util\Http\Response
  *
  * @throws Alpha\Exception\SecurityException
  *
  * @since 1.0
  */
 public function doPOST($request)
 {
     self::$logger->debug('>>doPOST($request=[' . var_export($request, true) . '])');
     $params = $request->getParams();
     try {
         // check the hidden security fields before accepting the form POST data
         if (!$this->checkSecurityFields()) {
             throw new SecurityException('This page cannot accept post data from remote servers!');
             self::$logger->debug('<<doPOST');
         }
         // ensure that a OID is provided
         if (isset($params['denumOID'])) {
             $BOoid = $params['denumOID'];
         } else {
             throw new IllegalArguementException('Could not load the DEnum object as an denumOID was not supplied!');
         }
         if (isset($params['saveBut'])) {
             try {
                 $this->BO->load($BOoid);
                 // update the object from post data
                 $this->BO->populateFromArray($params);
                 ActiveRecord::begin();
                 $this->BO->save();
                 self::$logger->action('DEnum ' . $this->BO->getOID() . ' saved');
                 // now save the DEnumItems
                 $tmp = new DEnumItem();
                 $denumItems = $tmp->loadItems($this->BO->getID());
                 foreach ($denumItems as $item) {
                     $item->set('value', $params['value_' . $item->getID()]);
                     $item->save();
                     self::$logger->action('DEnumItem ' . $item->getOID() . ' saved');
                 }
                 // handle new DEnumItem if posted
                 if (isset($params['new_value']) && trim($params['new_value']) != '') {
                     $newItem = new DEnumItem();
                     $newItem->set('value', $params['new_value']);
                     $newItem->set('DEnumID', $this->BO->getID());
                     $newItem->save();
                     self::$logger->action('DEnumItem ' . $newItem->getOID() . ' created');
                 }
                 ActiveRecord::commit();
                 $this->setStatusMessage(View::displayUpdateMessage(get_class($this->BO) . ' ' . $this->BO->getID() . ' saved successfully.'));
                 return $this->doGET($request);
             } catch (FailedSaveException $e) {
                 self::$logger->error('Unable to save the DEnum of id [' . $params['oid'] . '], error was [' . $e->getMessage() . ']');
                 ActiveRecord::rollback();
             }
             ActiveRecord::disconnect();
         }
     } catch (SecurityException $e) {
         $this->setStatusMessage(View::displayErrorMessage($e->getMessage()));
         self::$logger->warn($e->getMessage());
     } catch (IllegalArguementException $e) {
         $this->setStatusMessage(View::displayErrorMessage($e->getMessage()));
         self::$logger->error($e->getMessage());
     } catch (RecordNotFoundException $e) {
         self::$logger->warn($e->getMessage());
         $this->setStatusMessage(View::displayErrorMessage('Failed to load the requested item from the database!'));
     }
     $body = View::displayPageHead($this);
     $message = $this->getStatusMessage();
     if (!empty($message)) {
         $body .= $message;
     }
     $body .= View::displayPageFoot($this);
     self::$logger->debug('<<doPOST');
     return new Response(200, $body, array('Content-Type' => 'text/html'));
 }
Beispiel #20
0
 /**
  * Handle POST requests (adds $currentUser Person to the session).
  *
  * @param Alpha\Util\Http\Request $request
  *
  * @return Alpha\Util\Http\Response
  *
  * @throws Alpha\Exception\IllegalArguementException
  *
  * @since 1.0
  */
 public function doPOST($request)
 {
     self::$logger->debug('>>doPOST($request=[' . var_export($request, true) . '])');
     $params = $request->getParams();
     if (!is_array($params)) {
         throw new IllegalArguementException('Bad $params [' . var_export($params, true) . '] passed to doPOST method!');
     }
     $config = ConfigProvider::getInstance();
     $body = '';
     try {
         // check the hidden security fields before accepting the form POST data
         if (!$this->checkSecurityFields()) {
             throw new SecurityException('This page cannot accept post data from remote servers!');
         }
         if (isset($params['loginBut'])) {
             // if the database has not been set up yet, accept a login from the config admin username/password
             if (!ActiveRecord::isInstalled()) {
                 if ($params['email'] == $config->get('app.install.username') && password_verify($params['password'], password_hash($config->get('app.install.password'), PASSWORD_DEFAULT, ['cost' => 12]))) {
                     self::$logger->info('Logging in [' . $params['email'] . '] at [' . date('Y-m-d H:i:s') . ']');
                     $admin = new Person();
                     $admin->set('displayName', 'Admin');
                     $admin->set('email', $params['email']);
                     $admin->set('password', password_hash($params['password'], PASSWORD_DEFAULT, ['cost' => 12]));
                     $admin->set('OID', '00000000001');
                     $sessionProvider = $config->get('session.provider.name');
                     $session = SessionProviderFactory::getInstance($sessionProvider);
                     $session->set('currentUser', $admin);
                     $response = new Response(301);
                     if ($this->getNextJob() != '') {
                         $response->redirect(FrontController::generateSecureURL('act=' . $this->getNextJob()));
                         $this->clearUnitOfWorkAttributes();
                     } else {
                         $response->redirect(FrontController::generateSecureURL('act=InstallController'));
                     }
                     return $response;
                 } else {
                     throw new ValidationException('Failed to login user ' . $params['email'] . ', the password is incorrect!');
                 }
             } else {
                 // here we are attempting to load the person from the email address
                 $this->personObject->loadByAttribute('email', $params['email'], true);
                 ActiveRecord::disconnect();
                 // checking to see if the account has been disabled
                 if (!$this->personObject->isTransient() && $this->personObject->get('state') == 'Disabled') {
                     throw new SecurityException('Failed to login user ' . $params['email'] . ', that account has been disabled!');
                 }
                 // check the password
                 return $this->doLoginAndRedirect($params['password']);
             }
             $body .= View::displayPageHead($this);
             $body .= $this->personView->displayLoginForm();
         }
         if (isset($params['resetBut'])) {
             // here we are attempting to load the person from the email address
             $this->personObject->loadByAttribute('email', $params['email']);
             ActiveRecord::disconnect();
             // generate a new random password
             $newPassword = $this->personObject->generatePassword();
             // now encrypt and save the new password, then e-mail the user
             $this->personObject->set('password', password_hash($newPassword, PASSWORD_DEFAULT, ['cost' => 12]));
             $this->personObject->save();
             $message = 'The password for your account has been reset to ' . $newPassword . ' as you requested.  You can now login to the site using your ' . 'e-mail address and this new password as before.';
             $subject = 'Password change request';
             $this->personObject->sendMail($message, $subject);
             $body .= View::displayUpdateMessage('The password for the user <strong>' . $params['email'] . '</strong> has been reset, and the new password ' . 'has been sent to that e-mail address.');
             $body .= '<a href="' . $config->get('app.url') . '">Home Page</a>';
         }
     } catch (ValidationException $e) {
         $body .= View::displayPageHead($this);
         $body .= View::displayErrorMessage($e->getMessage());
         if (isset($params['reset'])) {
             $body .= $this->personView->displayResetForm();
         } else {
             $body .= $this->personView->displayLoginForm();
         }
         self::$logger->warn($e->getMessage());
     } catch (SecurityException $e) {
         $body .= View::displayPageHead($this);
         $body .= View::displayErrorMessage($e->getMessage());
         self::$logger->warn($e->getMessage());
     } catch (RecordNotFoundException $e) {
         $body .= View::displayPageHead($this);
         $body .= View::displayErrorMessage('Failed to find the user \'' . $params['email'] . '\'');
         if (isset($params['reset'])) {
             $body .= $this->personView->displayResetForm();
         } else {
             $body .= $this->personView->displayLoginForm();
         }
         self::$logger->warn($e->getMessage());
     }
     $body .= View::displayPageFoot($this);
     self::$logger->debug('<<doPOST');
     return new Response(200, $body, array('Content-Type' => 'text/html'));
 }