protected function returnResult() { if (Request::isAjax()) { Responder::sendJSON(array()); } Responder::redirectToPage(); }
public function main() { if (Request::isPost()) { $this->processShell(); } else { $this->renderForm(); } }
protected function checkIP() { $ip = \Lampcms\Request::getIP(); d('checking IP: ' . $ip); $res = $this->Registry->Mongo->BANNED_IP->findOne(array('_id' => $ip)); if (!empty($res)) { throw new \Lampcms\FilterException('Unable to add new content at this time'); } }
protected function returnResult() { if (Request::isAjax()) { $ret = array('alert' => '@@Approved@@'); $ret['reload'] = 1000; Responder::sendJSON($ret); exit; } Responder::redirectToPage(); }
/** * */ protected function main() { if (!Request::isAjax()) { e('Tweet called as non-ajax'); throw new \Lampcms\Exception('This page can only be accessed using XHR request (ajax)'); } try { $oTwitter = new Twitter($this->Registry); $aResponse = $oTwitter->prepareAndPost($this->Request->getUTF8('tweet')); Responder::sendJSON(array('tweet' => 'done')); } catch (\Lampcms\Exception $e) { e('Unable to post message to Twitter: ' . $e->getFile() . ' line: ' . $e->getLine() . ' ' . $e->getMessage()); Responder::sendJSON(array('tweet' => 'error')); } }
/** * Get Location object for the ip address * * @param string $ip ip address * * @return object of type Location */ public function getLocation($ip = null) { $ip = null !== $ip ? $ip : \Lampcms\Request::getIP(); if (false === ($l = $this->isPublic($ip))) { d('ip not public'); return new Location(); } if (4 === PHP_INT_SIZE) { $l = sprintf("%u", $l); } $i = (double) $l; $a = $this->MongoDB->GEO_BLOCKS->findOne(array('s' => array('$lte' => $i), 'e' => array('$gte' => $i)), array('l')); if (is_array($a) && !empty($a['l'])) { /** * Important: must exclude _id from returned data, otherwise * it may override another _id when doing array_merge * */ $loc = $this->MongoDB->GEO_LOCATION->findOne(array('_id' => $a['l']), array('_id' => 0)); return new Location($loc); } return new Location(); }
error_reporting(E_ALL ^ E_WARNING); ini_set('display_errors', 0); ini_set('display_startup_errors', 0); ini_set('warn_plus_overloading', 0); } define('LOG_FILE_PATH', $oINI->LOG_FILE_PATH); /** * Empty the log file if * necessary */ /** * LOG_PER_SCRIPT * will return string '1' for true * or empty string for false */ if (true === LAMPCMS_DEBUG && '' !== LOG_FILE_PATH && true === (bool) $oINI->LOG_PER_SCRIPT && !\Lampcms\Request::isAjax()) { file_put_contents(LOG_FILE_PATH, PHP_SAPI . ' ' . print_r($_SERVER, 1), LOCK_EX); } /** * Shortcuts to log debug and log error * MUST BE CALLED after DEBUG MODE and LOG_FILE_PATH * has been defined */ function d($message) { if (defined('LAMPCMS_DEBUG') && true === LAMPCMS_DEBUG) { \Lampcms\Log::d($message, 2); } } function e($message) {
/** * Set error message for the form as a whole. * This error message is not specific to any form field, * it usually appears on top of form as a general error message * * For example: You must wait 5 minutes between posting * This is not due to any element error, just a general error * message. * * The form template MUST have 'formError' variable in it! * * @param string $errMessage * * @return \Lampcms\Forms\Form */ public function setFormError($errMessage) { if (Request::isAjax()) { \Lampcms\Responder::sendJSON(array('formError' => $errMessage)); } else { $this->aErrors['formError'][] = $errMessage; } return $this; }
protected function returnResult() { /** * @todo translate string */ $message = 'Topic retagged successfully'; if (Request::isAjax()) { $ret = array('reload' => 100); //'alert' => $message, Responder::sendJSON($ret); } Responder::redirectToPage($this->Question->getUrl()); }
/** * Add extra div with "Join" form * where we ask to provide email address * after user joins with external provider * * @return object $this */ protected function addJoinForm() { if (!$this->bInitPageVars || !Request::isAjax() && 'remindpwd' !== $this->action && 'logout' !== $this->action) { /** * If user opted out of continuing * registration, the special 'dnd' or "Do not disturb" * cookie was set via Javascritp * We will respect that and will not show that same * nagging prompt again * * This cookie is deleted on Logout * @todo set ttl for this cookie to last only a couple of days * so we can keep nagging user again after awhile until user * finally enters email address * Also do not have to check if user is UserExternal - if user * does not have email address then keep nagging the user * The thing is - only external user can possibly be logged in without * any email address because normal user will not know their password * since temp passwords are sent to email. */ $cookie = Cookie::get('dnd'); d('dnd: ' . $cookie); if (!$cookie) { if ($this->Registry->Viewer instanceof UserExternal) { $email = $this->Registry->Viewer->email; d('email: ' . $email); if (empty($email)) { $sHtml = RegBlock::factory($this->Registry)->getBlock(); d('$sHtml: ' . $sHtml); $this->aPageVars['extra_html'] = $sHtml; } } } } return $this; }
/** * Check Request object for required params * as well as for required form token * * @return object $this */ protected function initParams() { if ($this->bRequirePost && 'POST' !== Request::getRequestMethod()) { throw new \Lampcms\HttpResponseCodeException('HTTP POST request method required', 405); } $this->Request->setRequired($this->aRequired); try { $this->Request->checkRequired(); } catch (\Exception $e) { throw new \Lampcms\HttpResponseCodeException($e->getMessage(), 400); } return $this; }
/** * Process the submitted "select default blog" form * This form is displayed to user when we detect that * user has more than one blog on Blogger, in which * case user is asked to pick one blog that will * be connected to this account * * * @throws \Exception if user does not have any blogs, which * is not really possible, so this would be totally unexpected */ protected function selectBlog() { if ('POST' !== Request::getRequestMethod()) { throw new \Lampcms\Exception('POST method required'); } \Lampcms\Forms\Form::validateToken($this->Registry); $a = $this->Registry->Viewer->getBloggerBlogs(); d('$a: ' . print_r($a, 1)); if (empty($a)) { throw new \Exception('No blogs found for this user'); } $selectedID = (int) substr($this->Request->get('blog'), 4); d('$selectedID: ' . $selectedID); /** * Pull the selected blog from array of user blogs * * @var unknown_type */ $aBlog = \array_splice($a, $selectedID, 1); d('$aBlog: ' . print_r($aBlog, 1)); d('a now: ' . print_r($a, 1)); /** * Now stick this blog to the * beginning of array. It will become * the first element, pushing other blogs * down in the array * User's "Connected" blog is always * the first blog in array! * */ \array_unshift($a, $aBlog[0]); d('a after unshift: ' . print_r($a, 1)); $this->Registry->Viewer->setBloggerBlogs($a); /** * Set b_bg to true which will result * in "Post to Blogger" checkbox to * be checked. User can uncheck in later */ $this->Registry->Viewer['b_bg'] = true; $this->Registry->Viewer->save(); $this->closeWindow(); }
/** * Insert record into VOTE_HACKS collection * * @todo move this to external class and make * this method static, accepting only Registry */ protected function recordVoteHack() { $coll = $this->Registry->Mongo->VOTE_HACKS; $coll->ensureIndex(array('i_ts' => 1)); $aData = array('i_uid' => $this->Registry->Viewer->getUid(), 'i_ts' => time(), 'ip' => Request::getIP()); $coll->save($aData); return $this; }
protected function returnResult() { /** * @todo translate string */ $message = '@@Item deleted@@'; $requested = 'You cannot delete question that already has answers.<br>A request to delete this question has been sent to moderators<br> It will be up to moderators to either delete or edit or close the question'; if (Request::isAjax()) { $res = !$this->requested ? $message : $requested; $ret = array('alert' => $res); if (!empty($this->posterDetails)) { $ret['alert'] .= $this->posterDetails; } else { /** * If item was actually deleted then * add 'reload' => 2 to return * which will cause page reload * in 1.5 seconds. */ if (!$this->requested) { $ret['reload'] = 1500; } } Responder::sendJSON($ret); } Responder::redirectToPage($this->Resource->getUrl()); }
protected function main() { $this->pageID = $this->Registry->Router->getPageID(); $this->init()->getCursor()->paginate()->renderUsersHtml(); /** * In case of Ajax request, just return * the content of the usersHtml * and don't proceed any further */ if (Request::isAjax()) { Responder::sendJSON(array('paginated' => $this->usersHtml)); } $this->setTitle()->makeSortTabs()->makeTopTabs()->setUsers(); }
/** * Process submitted Answer * * @return void */ protected function process() { $formVals = $this->Form->getSubmittedValues(); d('formVals: ' . print_r($formVals, 1)); $oAdapter = new AnswerParser($this->Registry); try { $Answer = $oAdapter->parse(new SubmittedAnswerWWW($this->Registry, $formVals)); d('cp created new answer: ' . \print_r($Answer->getArrayCopy(), 1)); d('ans id: ' . $Answer->getResourceId()); /** * In case of ajax we need to send out a * parsed html block with one answer * under the 'answer' key * * In case of non-ajax redirect back to question page, * hopefully the new answer will show up there too */ if (Request::isAjax()) { $aAnswer = $Answer->getArrayCopy(); /** * Add edit and delete tools because * Viewer already owns this comment and is * allowed to edit or delete it right away. * Javascript that usually dynamically adds these tools * is not going to be fired, so these tools * must already be included in the returned html * */ $aAnswer['edit_delete'] = ' <span class="ico del ajax" title="@@Delete@@">@@delete@@</span> <span class="ico edit ajax" title="@@Edit@@">@@edit@@</span>'; $a = array('answer' => \tplAnswer::parse($aAnswer)); d('before sending out $a: ' . print_r($a, 1)); Responder::sendJSON($a); } else { Responder::redirectToPage($this->Question->getUrl()); } } catch (\Lampcms\AnswerParserException $e) { d('Got AnswerParserException ' . $e->getMessage()); /** * The setFormError in Form sends our json in * case of Ajax request, so we don't have to * worry about it here */ $this->Form->setFormError($e->getMessage()); $this->showFormWithErrors(); } }
/** * Insert record into VOTE_HACKS collection * * @todo move this to external class and make * this method static, accepting only Registry * @return \Lampcms\Controllers\Accept */ protected function recordVoteHack() { $coll = $this->Registry->Mongo->VOTE_HACKS; $coll->ensureIndex(array(Schema::CREATED_TIMESTAMP => 1)); $aData = array(Schema::POSTER_ID => $this->Registry->Viewer->getUid(), Schema::CREATED_TIMESTAMP => time(), Schema::IP_ADDRESS => Request::getIP()); $coll->save($aData); return $this; }
/** * Main entry point * (non-PHPdoc) * * @see WebPage::main() */ protected function main() { $this->qid = $this->Router->getNumber(1, null, $this->Registry->Ini['URI_PARTS']['QID_PREFIX']); if (Request::isAjax()) { $this->getQuestion()->getAnswers(); Responder::sendJSON(array('paginated' => $this->answers)); } $this->pageID = $this->Router->getPageID(); $this->tab = $this->Registry->Request->get('sort', 's', 'i_lm_ts'); $this->Registry->registerObservers(); $this->getQuestion()->validateSlug()->addMetas()->sendCacheHeaders()->configureEditor()->setTitle()->addMetaTags()->setAnswersHeader()->getAnswers()->setAnswers()->setSimilar()->makeForm()->setAnswerForm()->makeFollowButton()->setFollowersBlock()->setQuestionInfo()->setFooter()->increaseView()->makeTopTabs(); $this->Registry->Dispatcher->post($this->Question, 'onQuestionView'); }
/** * Create $this->User User object for user whose * profile is being edited * * @return object $this */ protected function getUser() { $uid = !\Lampcms\Request::isPost() ? $this->Router->getSegment(1, 'i', 0) : $this->Request->get('uid', 'i', null); if ($uid && $uid !== $this->Registry->Viewer->getUid()) { /** * This is edit profile for another user * check Viewer permission here */ $this->checkAccessPermission('edit_any_profile'); $this->User = \Lampcms\User::userFactory($this->Registry)->by_id($uid); } else { $this->User = $this->Registry->Viewer; } return $this; }
/** * * Add a small login block to the template * but ONLY for ajax based request * * for regular web page we don't need * to have yet another login block * in the registration block * * @return string html of login block * of empty string for non-ajax request */ protected function makeLoginBlock() { if (Request::isAjax()) { return \tplLoginblock::parse(array()); } return ''; }
protected function returnResult() { $message = '@@Thank you for caring!<br>Moderators have been notified@@'; if (Request::isAjax()) { Responder::sendJSON(array('alert' => $message)); } Responder::redirectToPage($this->Resource->getUrl()); }
protected function returnResult() { if (Request::isAjax()) { $message = '@@User Shredded@@<hr>@@Banned IPs@@:' . implode('<br>', array_keys($this->aIPs)) . '<hr><br>@@Countries@@: ' . implode('<br>', array_keys($this->aCountries)); Responder::sendJSON(array('alert' => $message)); } Responder::redirectToPage(); }
/** * Main entry point * (non-PHPdoc) * @see WebPage::main() */ protected function main() { if (Request::isAjax()) { $this->getQuestion()->getAnswers(); Responder::sendJSON(array('paginated' => $this->answers)); } $this->pageID = $this->Registry->Request->get('pageID', 'i', 1); $this->tab = $this->Registry->Request->get('sort', 's', 'i_lm_ts'); $this->Registry->registerObservers(); $this->getQuestion()->addMetas()->sendCacheHeaders()->configureEditor()->setTitle()->addMetaTags()->setAnswersHeader()->getAnswers()->setAnswers()->setSimilar()->makeForm()->setAnswerForm()->makeFollowButton()->setFollowersBlock()->setQuestionInfo()->setFooter()->increaseView()->makeTopTabs(); $this->Registry->Dispatcher->post($this->Question, 'onQuestionView'); }
/** * */ protected function validateCaptcha() { if (!empty($_SESSION['reg_captcha'])) { return $this; } $oCaptcha = Captcha::factory($this->Registry->Ini); $res = $oCaptcha->validate_submit(); /** * If validation good then * all is OK */ if (1 === $res) { $_SESSION['reg_captcha'] = true; return $this; } /** * If 3 then reached the limit of attampts */ if (3 === $res) { throw new \Lampcms\CaptchaLimitException('You have reached the limit of image verification attempts'); } if (Request::isAjax()) { $aRet = array('exception' => self::CAPTCHA_ERROR, 'fields' => array('private_key'), 'captcha' => $oCaptcha->getCaptchaArray()); \Lampcms\Responder::sendJSON($aRet); } /** * @todo translate string */ $this->setFormError(self::CAPTCHA_ERROR); return $this; }
/** * Check for previous * failed attempts to reset password * by using incorrect code * * * @throws \Lampcms\Exception * @return object $this */ protected function checkHacks() { $ipHacks = 0; $uidHacks = 0; $uid = $this->Router->getNumber(1); $timeOffset = time() - 86400; $cur = $this->Registry->Mongo->PASSWORD_CHANGE->find(array('i_ts' > $timeOffset)); if ($cur && $cur->count(true) > 0) { $ip = Request::getIP(); foreach ($cur as $aVal) { if ($ip == $aVal['ip']) { $ipHacks += 1; } if ($uid == $aVal['i_uid']) { $uidHacks += 1; } if ($uidHacks > 5 || $ipHacks > 5) { e('LampcmsError: hacking of password reset link. $uidHacks: ' . $uidHacks . ' $ipHacks: ' . $ipHacks . ' from ip: ' . $ip); $this->Registry->Dispatcher->post($this, 'onPasswordResetHack', $aVal); throw new \Lampcms\Exception('@@Access denied@@'); } } } return $this; }
/** * Update ONLINE_USERS collection * @todo exit if useragent is of known Crawler * * @todo make logging guests online configurable option via Ini * */ protected function run() { $Viewer = $this->Registry->Viewer; $ip = Request::getIP(); $uid = $Viewer->getUid(); d('uid: ' . $uid); $aData = array('ip' => $ip, 'i_ts' => time(), 'ua' => Request::getUserAgent(), 'action' => 'request_' . $this->Registry->Request->get('a', 's', 'home'), 'uri' => $_SERVER['REQUEST_URI'], 'title' => $this->title, 'category' => $this->category, 'a_kw' => !empty($this->aInfo['keywords']) ? explode(', ', $this->aInfo['keywords']) : array()); if ($uid > 0) { $aData['i_uid'] = $uid; $aData['username'] = $Viewer->getDisplayName(); $aData['avtr'] = $Viewer->getAvatarSrc(); $aData['profile'] = $Viewer->getProfileUrl(); $aData['role'] = $Viewer->getRoleId(); $aData['i_pp'] = $Viewer->getProfitPoint(); } $Mongo = $this->Registry->Mongo->getDb(); $Geo = $this->Registry->Geo; $func = function () use($aData, $Mongo, $Geo) { $aGeo = $Geo->getLocation($aData['ip'])->toArray(); $aData = $aData + $aGeo; /** * Need unique index uid * */ if (array_key_exists('i_uid', $aData)) { $coll = $Mongo->ONLINE; $coll->ensureIndex(array('i_uid' => 1), array('unique' => true)); $coll->ensureIndex(array('i_ts' => 1)); $coll->update(array('i_uid' => $aData['i_uid']), $aData, array('upsert' => true)); } else { /** * For guests the value of ip2long (int) * will be used as uid */ $aData['i_uid'] = ip2long($aData['ip']); $coll = $Mongo->GUESTS; $coll->ensureIndex(array('i_uid' => 1), array('unique' => true)); $coll->ensureIndex(array('i_ts' => 1)); $coll->update(array('ip' => $aData['ip']), $aData, array('upsert' => true)); } /** * Remove old records * Cleanup runs 10% of requests * removes records older than 24 hours */ if (1 === rand(0, 10)) { $offset = time() - 60 * 60 * 24; $coll->remove(array('i_ts' => array('$lt' => $offset))); } }; \Lampcms\runLater($func); }
/** * Main entry point * (non-PHPdoc) * @see WebPage::main() */ protected function main() { if (Request::isAjax()) { $this->getQuestion()->getAnswers(); Responder::sendJSON(array('paginated' => $this->answers)); } $this->pageID = $this->Registry->Request->get('pageID', 'i', 1); $this->Registry->registerObservers(); $this->getQuestion(); /** * Make sorting order: oldest=>newest for topics * without tag `question' */ if (!in_array('question', $this->Question['a_tags'])) { $this->Registry->Request['sort'] = 'i_ts'; $this->withQuestionTag = false; } $this->tab = $this->Registry->Request->get('sort', 's', 'i_lm_ts'); $this->addMetas()->sendCacheHeaders()->configureEditor()->setTitle()->addMetaTags()->setAnswersHeader()->getAnswers()->setAnswers()->setSimilar()->makeForm()->setAnswerForm()->makeFollowButton()->setFollowersBlock()->setQuestionInfo()->setFooter()->increaseView()->makeTopTabs(); $this->Registry->Dispatcher->post($this->Question, 'onQuestionView'); }
protected function returnResult() { /** * @todo translate string */ $message = '@@Question closed@@'; $requested = 'A request to close this question has been sent to moderators<br> The final decision about closing the question or leaving it open will be up to moderators'; if (Request::isAjax()) { $res = !$this->requested ? $message : $requested; $ret = array('alert' => $res); /** * If item was actually deleted then * add 'reload' => 2 to return * which will cause page reload * in 1.5 seconds. */ if (!$this->requested) { $ret['reload'] = 1500; } Responder::sendJSON($ret); } Responder::redirectToPage($this->Resource->getUrl()); }
protected function handleReturn() { $isAjax = Request::isAjax(); d('$isAjax: ' . $isAjax); if ($isAjax) { $ret = array('vote' => array('v' => $this->Resource->getScore(), 't' => $this->resType, 'rid' => $this->resID)); Responder::sendJSON($ret); } Responder::redirectToPage($this->Resource->getUrl()); }
} fastcgi_finish_request(); } catch (\Exception $e) { $code = $e->getCode(); session_write_close(); if ($e instanceof \Lampcms\Lampcms404Exception) { $code = '404'; header("HTTP/1.0 404 Not Found"); } else { $code = '500'; header("HTTP/1.0 500 Exception"); } try { $extra = isset($_SERVER) ? ' $_SERVER: ' . print_r($_SERVER, 1) : ' no server'; try { $extra .= "\n\nREQUEST HEADERS: " . \Lampcms\Request::getAllHeadersAsString() . "\n"; } catch (\Exception $e) { // Unable to use Lampcms\Request class for some reason. Nothing we can do here } $extra .= "\nException class: " . get_class($e) . "\nMessage:" . $e->getMessage() . "\n in file: " . $e->getFile() . "\n line: " . $e->getLine() . "\n trace: " . $e->getTraceAsString(); /** * @mail must be here before the Lampcms\Exception::formatException * because Lampcms\Exception::formatException in case of ajax request will * send out ajax and then throw \OutOfBoundsException in order to finish request (better than exit()) */ if (!$e instanceof \LogicException && $code >= 0 && defined('LAMPCMS_DEVELOPER_EMAIL') && strlen(trim(constant('LAMPCMS_DEVELOPER_EMAIL'))) > 7) { $subj = $code . ' Error in index.php'; if (!is_object($Mailer) || $e instanceof \Lampcms\Mail\SwiftException || $e instanceof \Swift_SwiftException) { @mail(LAMPCMS_DEVELOPER_EMAIL, $subj, $extra); } else { try {