Ejemplo n.º 1
0
 /**
  * Initialise will set the error handler to be the `__CLASS__::handler` function.
  *
  * @param Log $log
  *  An instance of a Symphony Log object to write errors to
  */
 public static function initialise(Log $Log = null)
 {
     if (!is_null($Log)) {
         self::$_Log = $Log;
     }
     set_exception_handler(array(__CLASS__, 'handler'));
 }
Ejemplo n.º 2
0
 protected function __construct()
 {
     $this->Profiler = new Profiler();
     if (get_magic_quotes_gpc()) {
         General::cleanArray($_SERVER);
         General::cleanArray($_COOKIE);
         General::cleanArray($_GET);
         General::cleanArray($_POST);
     }
     include CONFIG;
     self::$Configuration = new Configuration(true);
     self::$Configuration->setArray($settings);
     define_safe('__LANG__', self::$Configuration->get('lang', 'symphony') ? self::$Configuration->get('lang', 'symphony') : 'en');
     define_safe('__SYM_DATE_FORMAT__', self::$Configuration->get('date_format', 'region'));
     define_safe('__SYM_TIME_FORMAT__', self::$Configuration->get('time_format', 'region'));
     define_safe('__SYM_DATETIME_FORMAT__', __SYM_DATE_FORMAT__ . ' ' . __SYM_TIME_FORMAT__);
     $this->initialiseLog();
     GenericExceptionHandler::initialise();
     GenericErrorHandler::initialise($this->Log);
     $this->initialiseCookie();
     try {
         Lang::init(LANG . '/lang.%s.php', __LANG__);
     } catch (Exception $e) {
         trigger_error($e->getMessage(), E_USER_ERROR);
     }
     $this->initialiseDatabase();
     if (!$this->initialiseExtensionManager()) {
         throw new SymphonyErrorPage('Error creating Symphony extension manager.');
     }
     DateTimeObj::setDefaultTimezone(self::$Configuration->get('timezone', 'region'));
 }
Ejemplo n.º 3
0
 protected function __construct()
 {
     $this->Profiler = new Profiler();
     if (get_magic_quotes_gpc()) {
         General::cleanArray($_SERVER);
         General::cleanArray($_COOKIE);
         General::cleanArray($_GET);
         General::cleanArray($_POST);
     }
     include CONFIG;
     self::$Configuration = new Configuration(true);
     self::$Configuration->setArray($settings);
     DateTimeObj::setDefaultTimezone(self::$Configuration->get('timezone', 'region'));
     self::$_lang = self::$Configuration->get('lang', 'symphony') ? self::$Configuration->get('lang', 'symphony') : 'en';
     // Legacy support for __LANG__ constant
     define_safe('__LANG__', self::lang());
     define_safe('__SYM_DATE_FORMAT__', self::$Configuration->get('date_format', 'region'));
     define_safe('__SYM_TIME_FORMAT__', self::$Configuration->get('time_format', 'region'));
     define_safe('__SYM_DATETIME_FORMAT__', __SYM_DATE_FORMAT__ . ' ' . __SYM_TIME_FORMAT__);
     $this->initialiseLog();
     GenericExceptionHandler::initialise();
     GenericErrorHandler::initialise(self::$Log);
     $this->initialiseCookie();
     $this->initialiseDatabase();
     if (!$this->initialiseExtensionManager()) {
         throw new SymphonyErrorPage('Error creating Symphony extension manager.');
     }
     Lang::loadAll($this->ExtensionManager);
 }
Ejemplo n.º 4
0
 /**
  * Override the default Symphony constructor to initialise the Log, Config
  * and Database objects for installation/update. This allows us to use the
  * normal accessors.
  */
 protected function __construct()
 {
     if (get_magic_quotes_gpc()) {
         General::cleanArray($_SERVER);
         General::cleanArray($_COOKIE);
         General::cleanArray($_GET);
         General::cleanArray($_POST);
     }
     // Include the default Config for installation.
     include INSTALL . '/includes/config_default.php';
     $this->initialiseConfiguration($settings);
     // Initialize date/time
     define_safe('__SYM_DATE_FORMAT__', self::Configuration()->get('date_format', 'region'));
     define_safe('__SYM_TIME_FORMAT__', self::Configuration()->get('time_format', 'region'));
     define_safe('__SYM_DATETIME_FORMAT__', __SYM_DATE_FORMAT__ . self::Configuration()->get('datetime_separator', 'region') . __SYM_TIME_FORMAT__);
     DateTimeObj::setSettings(self::Configuration()->get('region'));
     // Initialize language
     $this->initialiseLang();
     // Initialize logs
     $this->initialiseLog(INSTALL_LOGS . '/install');
     // Initialize database
     $this->initialiseDatabase();
     // Initialize error handlers
     GenericExceptionHandler::initialise(Symphony::Log());
     GenericErrorHandler::initialise(Symphony::Log());
 }
Ejemplo n.º 5
0
 /**
  * The constructor for the `XSLTPage` ensures that an `XSLTProcessor`
  * is available, and then sets an instance of it to `$this->Proc`, otherwise
  * it will throw a `SymphonyErrorPage` exception.
  */
 public function __construct()
 {
     if (!XsltProcess::isXSLTProcessorAvailable()) {
         GenericExceptionHandler::$enabled = true;
         throw new SymphonyErrorPage(__('No suitable XSLT processor was found.'));
     }
     $this->Proc = new XsltProcess();
 }
Ejemplo n.º 6
0
 public static function render($e)
 {
     require_once 'class.xslproc.php';
     $xml = new DOMDocument('1.0', 'utf-8');
     $xml->formatOutput = true;
     $root = $xml->createElement('data');
     $xml->appendChild($root);
     $details = $xml->createElement('details');
     $details->appendChild($xml->createElement('message', General::sanitize($e->getDatabaseErrorMessage())));
     if (!is_null($e->getQuery())) {
         $details->appendChild($xml->createElement('query', General::sanitize($e->getQuery())));
     }
     $root->appendChild($details);
     $trace = $xml->createElement('backtrace');
     foreach ($e->getTrace() as $t) {
         $item = $xml->createElement('item');
         if (isset($t['file'])) {
             $item->setAttribute('file', General::sanitize($t['file']));
         }
         if (isset($t['line'])) {
             $item->setAttribute('line', $t['line']);
         }
         if (isset($t['class'])) {
             $item->setAttribute('class', General::sanitize($t['class']));
         }
         if (isset($t['type'])) {
             $item->setAttribute('type', $t['type']);
         }
         $item->setAttribute('function', General::sanitize($t['function']));
         $trace->appendChild($item);
     }
     $root->appendChild($trace);
     if (is_object(Symphony::Database()) && method_exists(Symphony::Database(), 'log')) {
         $query_log = Symphony::Database()->log();
         if (count($query_log) > 0) {
             $queries = $xml->createElement('query-log');
             $query_log = array_reverse($query_log);
             foreach ($query_log as $q) {
                 $item = $xml->createElement('item', General::sanitize(trim($q->query)));
                 if (isset($q->time)) {
                     $item->setAttribute('time', number_format($q->time, 5));
                 }
                 $queries->appendChild($item);
             }
             $root->appendChild($queries);
         }
     }
     return parent::__transform($xml, 'exception.database.xsl');
 }
 public function setPage($context)
 {
     // Check to see if the page has 'etf' page type
     if (is_array($context['page_data']['type']) && in_array('etf', $context['page_data']['type'])) {
         // Check to see that the page has been requested by someone who is logged in
         // or someone who has passed the ETF header
         if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'EmailTemplateFilter' || Frontend::instance()->isLoggedIn() && Frontend::instance()->Author->isDeveloper()) {
             // All good!
             self::$page = $context['page'];
         } else {
             $row = Symphony::Database()->fetchRow(0, "\n\t\t\t\t\t\tSELECT `tbl_pages`.*\n\t\t\t\t\t\tFROM `tbl_pages`, `tbl_pages_types`\n\t\t\t\t\t\tWHERE `tbl_pages_types`.page_id = `tbl_pages`.id\n\t\t\t\t\t\tAND tbl_pages_types.`type` = '403'\n\t\t\t\t\t\tLIMIT 1\n\t\t\t\t\t");
             if ($row) {
                 $row['type'] = FrontendPage::fetchPageTypes($row['id']);
                 $row['filelocation'] = FrontendPage::resolvePageFileLocation($row['path'], $row['handle']);
                 $context['page_data'] = $row;
                 return;
             } else {
                 GenericExceptionHandler::$enabled = true;
                 throw new SymphonyErrorPage(__('Please <a href="%s">login</a> to view this page.', array(SYMPHONY_URL . '/login/')), __('Forbidden'), 'error', array('header' => 'HTTP/1.0 403 Forbidden'));
             }
         }
     }
 }
Ejemplo n.º 8
0
/**
 * Responsible for launching a standard symphony instance and
 * sending output to the browser.
 *
 *  @param string $mode (optional)
 *  @return integer
 */
function symphony_launcher($mode)
{
    if (strtolower($mode) == 'administration') {
        $renderer = Administration::instance();
    } else {
        $renderer = Frontend::instance();
    }
    $output = $renderer->display(getCurrentPage());
    // #1808
    if (isset($_SERVER['HTTP_MOD_REWRITE'])) {
        $output = file_get_contents(GenericExceptionHandler::getTemplate('fatalerror.rewrite'));
        $output = str_replace('{ASSETS_URL}', ASSETS_URL, $output);
        $output = str_replace('{SYMPHONY_URL}', SYMPHONY_URL, $output);
        $output = str_replace('{URL}', URL, $output);
        echo $output;
        exit;
    }
    cleanup_session_cookies();
    echo $output;
    return $renderer;
}
 /**
  * This function attempts to resolve the given page in to it's Symphony page. If no
  * page is given, it is assumed the 'index' is being requested. Before a page row is
  * returned, it is checked to see that if it has the 'admin' type, that the requesting
  * user is authenticated as a Symphony author. If they are not, the Symphony 403
  * page is returned (whether that be set as a user defined page using the page type
  * of 403, or just returning the Default Symphony 403 error page). Any URL parameters
  * set on the page are added to the `$env` variable before the function returns an
  * associative array of page details such as Title, Content Type etc.
  *
  * @uses FrontendPrePageResolve
  * @see __isSchemaValid()
  * @param string $page
  * The URL of the current page that is being Rendered as returned by `getCurrentPage()`.
  * If no URL is provided, Symphony assumes the Page with the type 'index' is being
  * requested.
  * @return array
  *  An associative array of page details
  */
 public function resolvePage($page = null)
 {
     if ($page) {
         $this->_page = $page;
     }
     $row = null;
     /**
      * Before page resolve. Allows manipulation of page without redirection
      * @delegate FrontendPrePageResolve
      * @param string $context
      * '/frontend/'
      * @param mixed $row
      * @param FrontendPage $page
      *  An instance of this FrontendPage
      */
     Symphony::ExtensionManager()->notifyMembers('FrontendPrePageResolve', '/frontend/', array('row' => &$row, 'page' => &$this->_page));
     // Default to the index page if no page has been specified
     if ((!$this->_page || $this->_page == '//') && is_null($row)) {
         $row = PageManager::fetchPageByType('index');
     } else {
         if (is_null($row)) {
             $page_extra_bits = array();
             $pathArr = preg_split('/\\//', trim($this->_page, '/'), -1, PREG_SPLIT_NO_EMPTY);
             $handle = array_pop($pathArr);
             do {
                 $path = implode('/', $pathArr);
                 if ($row = PageManager::resolvePageByPath($handle, $path)) {
                     $pathArr[] = $handle;
                     break 1;
                 } else {
                     $page_extra_bits[] = $handle;
                 }
             } while ($handle = array_pop($pathArr));
             if (empty($pathArr)) {
                 return false;
             }
             if (!$this->__isSchemaValid($row['params'], $page_extra_bits)) {
                 return false;
             }
         }
     }
     // Process the extra URL params
     $url_params = preg_split('/\\//', $row['params'], -1, PREG_SPLIT_NO_EMPTY);
     foreach ($url_params as $var) {
         $this->_env['url'][$var] = NULL;
     }
     if (isset($page_extra_bits)) {
         if (!empty($page_extra_bits)) {
             $page_extra_bits = array_reverse($page_extra_bits);
         }
         for ($i = 0, $ii = count($page_extra_bits); $i < $ii; $i++) {
             $this->_env['url'][$url_params[$i]] = str_replace(' ', '+', $page_extra_bits[$i]);
         }
     }
     if (!is_array($row) || empty($row)) {
         return false;
     }
     $row['type'] = PageManager::fetchPageTypes($row['id']);
     // Make sure the user has permission to access this page
     if (!$this->is_logged_in && in_array('admin', $row['type'])) {
         $row = PageManager::fetchPageByType('403');
         if (empty($row)) {
             GenericExceptionHandler::$enabled = true;
             throw new SymphonyErrorPage(__('Please login to view this page.') . ' <a href="' . SYMPHONY_URL . '/login/">' . __('Take me to the login page') . '</a>.', __('Forbidden'), 'generic', array('header' => 'HTTP/1.0 403 Forbidden'));
         }
         $row['type'] = PageManager::fetchPageTypes($row['id']);
     }
     $row['filelocation'] = PageManager::resolvePageFileLocation($row['path'], $row['handle']);
     return $row;
 }
Ejemplo n.º 10
0
 public static function handler($code, $message, $file = NULL, $line = NULL)
 {
     if (!in_array($code, array(E_NOTICE, E_STRICT)) && self::$_Log instanceof Log) {
         self::$_Log->pushToLog(sprintf('%s - %s%s%s', $code, $message, $file ? " in file {$file}" : NULL, $line ? " on line {$line}" : NULL), $code, true);
     }
     if (self::isEnabled() !== true || self::isErrorsEnabled($code) !== true) {
         return;
     }
     GenericExceptionHandler::handler(new ErrorException($message, 0, $code, $file, $line));
 }
Ejemplo n.º 11
0
 public static function render($e)
 {
     $xml = new DOMDocument('1.0', 'utf-8');
     $xml->formatOutput = true;
     $root = $xml->createElement('data');
     $xml->appendChild($root);
     $details = $xml->createElement('details', $e->getMessage());
     $details->setAttribute('type', $e->getType() == XSLProc::ERROR_XML ? 'XML' : $e->getFile());
     $details->setAttribute('file', General::sanitize($e->getFile()));
     $details->setAttribute('line', $e->getLine());
     $root->appendChild($details);
     $nearby_lines = self::__nearByLines($e->getLine(), $e->getFile(), $e->getType() == XSLProc::ERROR_XML, 6);
     $lines = $xml->createElement('nearby-lines');
     $markdown .= "\t" . $e->getMessage() . "\n";
     $markdown .= "\t" . $e->getFile() . " line " . $e->getLine() . "\n\n";
     foreach ($nearby_lines as $line_number => $string) {
         $markdown .= "\t{$string}";
         $string = trim(str_replace("\t", '&nbsp;&nbsp;&nbsp;&nbsp;', General::sanitize($string)));
         $item = $xml->createElement('item');
         $item->setAttribute('number', $line_number + 1);
         $cdata = $xml->createCDATASection(strlen($string) == 0 ? '&nbsp;' : $string);
         $item->appendChild($cdata);
         $lines->appendChild($item);
     }
     $root->appendChild($lines);
     $element = $xml->createElement('markdown');
     //, General::sanitize($markdown)));
     $element->appendChild($xml->createCDATASection($markdown));
     $root->appendChild($element);
     $processing_errors = $xml->createElement('processing-errors');
     if (XSLProc::getErrors() instanceof MessageStack) {
         foreach (XSLProc::getErrors() as $error) {
             $error->file = str_replace(WORKSPACE . '/', NULL, $error->file);
             $item = $xml->createElement('item', trim(General::sanitize($error->message)));
             if (strlen(trim($error->file)) == 0) {
                 $item->setAttribute('file', General::sanitize($error->file));
             }
             if (strlen(trim($error->line)) == 0) {
                 $item->setAttribute('line', $error->line);
             }
             $processing_errors->appendChild($item);
         }
     }
     $root->appendChild($processing_errors);
     return parent::__transform($xml, 'exception.xslt.xsl');
 }
Ejemplo n.º 12
0
 /**
  * A wrapper for throwing a new Symphony Error page.
  *
  * This methods sets the `GenericExceptionHandler::$enabled` value to `true`.
  *
  * @see core.SymphonyErrorPage
  * @param string|XMLElement $message
  *  A description for this error, which can be provided as a string
  *  or as an XMLElement.
  * @param string $heading
  *  A heading for the error page
  * @param integer $status
  *  Properly sets the HTTP status code for the response. Defaults to
  *  `Page::HTTP_STATUS_ERROR`. Use `Page::HTTP_STATUS_XXX` to set this value.
  * @param string $template
  *  A string for the error page template to use, defaults to 'generic'. This
  *  can be the name of any template file in the `TEMPLATES` directory.
  *  A template using the naming convention of `tpl.*.php`.
  * @param array $additional
  *  Allows custom information to be passed to the Symphony Error Page
  *  that the template may want to expose, such as custom Headers etc.
  * @throws SymphonyErrorPage
  */
 public static function throwCustomError($message, $heading = 'Symphony Fatal Error', $status = Page::HTTP_STATUS_ERROR, $template = 'generic', array $additional = array())
 {
     GenericExceptionHandler::$enabled = true;
     throw new SymphonyErrorPage($message, $heading, $template, $additional, $status);
 }
Ejemplo n.º 13
0
 public static function initialise()
 {
     self::$enabled = true;
     set_exception_handler(array(__CLASS__, 'handler'));
 }
Ejemplo n.º 14
0
 protected function __construct()
 {
     self::$Configuration = new Configuration();
     DateTimeObj::setDefaultTimezone(self::Configuration()->core()->region->timezone);
     self::$_lang = self::Configuration()->core()->symphony->lang ? self::Configuration()->core()->symphony->lang : 'en';
     define_safe('__SYM_DATE_FORMAT__', self::Configuration()->core()->region->{'date-format'});
     define_safe('__SYM_TIME_FORMAT__', self::Configuration()->core()->region->{'time-format'});
     define_safe('__SYM_DATETIME_FORMAT__', sprintf('%s %s', __SYM_DATE_FORMAT__, __SYM_TIME_FORMAT__));
     define_safe('ADMIN_URL', sprintf('%s/%s', URL, trim(self::Configuration()->core()->symphony->{'administration-path'}, '/')));
     $this->initialiseLog();
     GenericExceptionHandler::initialise();
     GenericErrorHandler::initialise(self::$Log);
     $this->initialiseCookie();
     $this->initialiseDatabase();
     Extension::init();
     Cache::setDriver(self::Configuration()->core()->{'cache-driver'});
     Lang::loadAll(true);
 }
Ejemplo n.º 15
0
 public function checkFrontendPagePermissions($context)
 {
     $isLoggedIn = false;
     $errors = array();
     $action = null;
     // Checks $_REQUEST to see if a Member Action has been requested,
     // member-action['login'] and member-action['logout']/?member-action=logout
     // are the only two supported at this stage.
     if (isset($_REQUEST['member-action']) && is_array($_REQUEST['member-action'])) {
         list($action) = array_keys($_REQUEST['member-action']);
     } else {
         if (isset($_REQUEST['member-action'])) {
             $action = $_REQUEST['member-action'];
         }
     }
     // Check to see a Member is already logged in.
     $isLoggedIn = $this->getMemberDriver()->isLoggedIn($errors);
     // Logout
     if (trim($action) == 'logout') {
         /**
          * Fired just before a member is logged out (and page redirection),
          * this delegate provides the current Member ID
          *
          * @delegate MembersPreLogout
          * @param string $context
          *  '/frontend/'
          * @param integer $member_id
          *  The Member ID of the member who is about to logged out
          */
         Symphony::ExtensionManager()->notifyMembers('MembersPreLogout', '/frontend/', array('member_id' => $this->getMemberDriver()->getMemberID()));
         $this->getMemberDriver()->logout();
         // If a redirect is provided, redirect to that, otherwise return the user
         // to the index of the site. Issue #51 & #121
         if (isset($_REQUEST['redirect'])) {
             redirect($_REQUEST['redirect']);
         }
         redirect(URL);
     } else {
         if (trim($action) == 'login' && !is_null($_POST['fields'])) {
             // If a Member is already logged in and another Login attempt is requested
             // log the Member out first before trying to login with new details.
             if ($isLoggedIn) {
                 $this->getMemberDriver()->logout();
             }
             if ($this->getMemberDriver()->login($_POST['fields'])) {
                 /**
                  * Fired just after a Member has successfully logged in, this delegate
                  * provides the current Member ID. This delegate is fired just before
                  * the page redirection (if it is provided)
                  *
                  * @delegate MembersPostLogin
                  * @param string $context
                  *  '/frontend/'
                  * @param integer $member_id
                  *  The Member ID of the member who just logged in.
                  * @param Entry $member
                  *  The Entry object of the logged in Member.
                  */
                 Symphony::ExtensionManager()->notifyMembers('MembersPostLogin', '/frontend/', array('member_id' => $this->getMemberDriver()->getMemberID(), 'member' => $this->getMemberDriver()->getMember()));
                 if (isset($_POST['redirect'])) {
                     redirect($_POST['redirect']);
                 }
             } else {
                 self::$_failed_login_attempt = true;
                 /**
                  * A failed Member login attempt
                  *
                  * @delegate MembersLoginFailure
                  * @param string $context
                  *  '/frontend/'
                  * @param string $username
                  *  The username of the Member who attempted to login.
                  */
                 Symphony::ExtensionManager()->notifyMembers('MembersLoginFailure', '/frontend/', array('username' => Symphony::Database()->cleanValue($_POST['fields'][extension_Members::getFieldHandle('identity')])));
             }
         }
     }
     $this->Member->initialiseMemberObject();
     $hasRoles = FieldManager::isFieldUsed(extension_Members::getFieldType('role'));
     if ($isLoggedIn && $this->getMemberDriver()->getMember() instanceof Entry) {
         $this->getMemberDriver()->updateSystemTimezoneOffset();
         if ($hasRoles) {
             $role_field = extension_Members::getField('role');
             if ($role_field) {
                 $role_data = $this->getMemberDriver()->getMember()->getData($role_field->get('id'));
             }
         }
     }
     // If there is no role field, or a Developer is logged in, return, as Developers
     // should be able to access every page. Handles Symphony 2.4 or Symphony 2.5
     $isDeveloper = method_exists(Symphony::Engine(), 'Author') ? Symphony::Engine()->Author() instanceof Author && Symphony::Engine()->Author()->isDeveloper() : Symphony::Engine()->Author instanceof Author && Symphony::Engine()->Author->isDeveloper();
     if (!$hasRoles || $isDeveloper) {
         return;
     }
     $role_id = $isLoggedIn ? $role_data['role_id'] : Role::PUBLIC_ROLE;
     $role = RoleManager::fetch($role_id);
     if ($role instanceof Role && !$role->canAccessPage((int) $context['page_data']['id'])) {
         // User has no access to this page, so look for a custom 403 page
         if ($row = PageManager::fetchPageByType('403')) {
             $row['type'] = PageManager::fetchPageTypes($row['id']);
             $row['filelocation'] = PageManager::resolvePageFileLocation($row['path'], $row['handle']);
             $context['page_data'] = $row;
             return;
         } else {
             // No custom 403, just throw default 403
             GenericExceptionHandler::$enabled = true;
             Frontend::instance()->throwCustomError(__('The page you have requested has restricted access permissions.'), __('Forbidden'), Page::HTTP_STATUS_FORBIDDEN);
         }
     }
 }
 public function frontendPageResolved($context)
 {
     if (!(int) ($page_id = $context['page_data']['id'])) {
         return;
     }
     // Don't show prototype pages to normal visitors
     if (!Frontend::instance()->isLoggedIn() && PagePrototypes::isPagePrototype($page_id)) {
         $forbidden = PageManager::fetchPageByType('403');
         // User has no access to this page, so look for a custom 403 page
         if (!empty($forbidden)) {
             $forbidden['type'] = FrontendPage::fetchPageTypes($forbidden['id']);
             $forbidden['filelocation'] = FrontendPage::resolvePageFileLocation($forbidden['path'], $forbidden['handle']);
             $context['page_data'] = $forbidden;
             return;
         } else {
             GenericExceptionHandler::$enabled = true;
             throw new SymphonyErrorPage(__('The page you have requested has restricted access permissions.'), __('Forbidden'), 'generic', array('header' => 'HTTP/1.0 403 Forbidden'));
         }
     }
     // Override context if the page is connected to a prototype.
     // This is not really necesary because when a prototype gets changed in the backend, the referenced pages get changed as well.
     $prototype = PagePrototypes::fetchPrototypeOfPage($page_id);
     if (!empty($prototype)) {
         $context['page_data']['params'] = $prototype['params'];
         $context['page_data']['data_sources'] = $prototype['data_sources'];
         $context['page_data']['events'] = $prototype['events'];
         $context['page_data']['type'] = $prototype['type'];
         $context['page_data']['filelocation'] = PageManager::resolvePageFileLocation($prototype['path'], $prototype['handle']);
     }
 }
Ejemplo n.º 17
0
 /**
  * This function attempts to resolve the given page in to it's Symphony page. If no
  * page is given, it is assumed the 'index' is being requested. Before a page row is
  * returned, it is checked to see that if it has the 'admin' type, that the requesting
  * user is authenticated as a Symphony author. If they are not, the Symphony 403
  * page is returned (whether that be set as a user defined page using the page type
  * of 403, or just returning the Default Symphony 403 error page). Any URL parameters
  * set on the page are added to the `$env` variable before the function returns an
  * associative array of page details such as Title, Content Type etc.
  *
  * @uses FrontendPrePageResolve
  * @see __isSchemaValid()
  * @param string $page
  * The URL of the current page that is being Rendered as returned by `getCurrentPage()`.
  * If no URL is provided, Symphony assumes the Page with the type 'index' is being
  * requested.
  * @return array
  *  An associative array of page details
  */
 public function resolvePage($page = null)
 {
     if ($page) {
         $this->_page = $page;
     }
     $row = null;
     /**
      * Before page resolve. Allows manipulation of page without redirection
      * @delegate FrontendPrePageResolve
      * @param string $context
      * '/frontend/'
      * @param mixed $row
      * @param FrontendPage $page
      *  An instance of this FrontendPage
      */
     $this->ExtensionManager->notifyMembers('FrontendPrePageResolve', '/frontend/', array('row' => &$row, 'page' => &$this->_page));
     ## Default to the index page if no page has been specified
     if ((!$this->_page || $this->_page == '//') && is_null($row)) {
         $row = Symphony::Database()->fetchRow(0, "\n\t\t\t\t\tSELECT `tbl_pages`.* FROM `tbl_pages`, `tbl_pages_types`\n\t\t\t\t\tWHERE `tbl_pages_types`.page_id = `tbl_pages`.id\n\t\t\t\t\tAND tbl_pages_types.`type` = 'index'\n\t\t\t\t\t LIMIT 1\n\t\t\t\t");
     } elseif (is_null($row)) {
         $pathArr = preg_split('/\\//', trim($this->_page, '/'), -1, PREG_SPLIT_NO_EMPTY);
         $prevPage = NULL;
         $valid_page_path = array();
         $page_extra_bits = array();
         $handle = array_pop($pathArr);
         do {
             $path = implode('/', $pathArr);
             $sql = sprintf("SELECT * FROM `tbl_pages` WHERE `path` %s AND `handle` = '%s' LIMIT 1", $path ? " = '" . Symphony::Database()->cleanValue($path) . "'" : 'IS NULL', Symphony::Database()->cleanValue($handle));
             if ($row = Symphony::Database()->fetchRow(0, $sql)) {
                 array_push($pathArr, $handle);
                 $valid_page_path = $pathArr;
                 break 1;
             } else {
                 $page_extra_bits[] = $handle;
             }
         } while ($handle = array_pop($pathArr));
         if (empty($valid_page_path)) {
             return false;
         }
         if (!$this->__isSchemaValid($row['params'], $page_extra_bits)) {
             return false;
         }
     }
     ##Process the extra URL params
     $url_params = preg_split('/\\//', $row['params'], -1, PREG_SPLIT_NO_EMPTY);
     foreach ($url_params as $var) {
         $this->_env['url'][$var] = NULL;
     }
     if (isset($page_extra_bits)) {
         if (is_array($page_extra_bits) && !empty($page_extra_bits)) {
             $page_extra_bits = array_reverse($page_extra_bits);
         }
         for ($ii = 0; $ii < count($page_extra_bits); $ii++) {
             $this->_env['url'][$url_params[$ii]] = str_replace(' ', '+', $page_extra_bits[$ii]);
         }
     }
     if (!is_array($row) || empty($row)) {
         return false;
     }
     $row['type'] = FrontendPage::fetchPageTypes($row['id']);
     ## Make sure the user has permission to access this page
     if (!$this->is_logged_in && in_array('admin', $row['type'])) {
         $row = Symphony::Database()->fetchRow(0, "\n\t\t\t\t\tSELECT `tbl_pages`.*\n\t\t\t\t\tFROM `tbl_pages`, `tbl_pages_types`\n\t\t\t\t\tWHERE `tbl_pages_types`.page_id = `tbl_pages`.id\n\t\t\t\t\tAND tbl_pages_types.`type` = '403'\n\t\t\t\t\tLIMIT 1\n\t\t\t\t");
         if (empty($row)) {
             GenericExceptionHandler::$enabled = true;
             throw new SymphonyErrorPage(__('Please <a href="%s">login</a> to view this page.', array(SYMPHONY_URL . '/login/')), __('Forbidden'), 'error', array('header' => 'HTTP/1.0 403 Forbidden'));
         }
         $row['type'] = FrontendPage::fetchPageTypes($row['id']);
     }
     $row['filelocation'] = FrontendPage::resolvePageFileLocation($row['path'], $row['handle']);
     return $row;
 }
Ejemplo n.º 18
0
<?php

define('DOCROOT', rtrim(dirname(__FILE__), '\\/'));
define('PATH_INFO', isset($_SERVER['PATH_INFO']) ? $_SERVER['PATH_INFO'] : NULL);
define('DOMAIN_PATH', dirname(rtrim($_SERVER['PHP_SELF'], PATH_INFO)));
define('DOMAIN', rtrim(rtrim($_SERVER['HTTP_HOST'], '\\/') . DOMAIN_PATH, '\\/'));
require DOCROOT . '/symphony/lib/boot/bundle.php';
function renderer($mode = 'frontend')
{
    if (!in_array($mode, array('frontend', 'administration'))) {
        throw new Exception('Invalid Symphony Renderer mode specified. Must be either "frontend" or "administration".');
    }
    require_once CORE . "/class.{$mode}.php";
    return $mode == 'administration' ? Administration::instance() : Frontend::instance();
}
$renderer = isset($_GET['mode']) && strtolower($_GET['mode']) == 'administration' ? 'administration' : 'frontend';
$output = renderer($renderer)->display(getCurrentPage());
// #1808
if (isset($_SERVER['HTTP_MOD_REWRITE'])) {
    $output = file_get_contents(GenericExceptionHandler::getTemplate('fatalerror.rewrite'));
    $output = str_replace('{SYMPHONY_URL}', SYMPHONY_URL, $output);
    $output = str_replace('{URL}', URL, $output);
    echo $output;
    exit;
}
cleanup_session_cookies();
echo $output;
exit;
Ejemplo n.º 19
0
 /**
  * A wrapper for throwing a new Symphony Error page.
  *
  * @see core.SymphonyErrorPage
  * @param string $heading
  *  A heading for the error page
  * @param string|XMLElement $message
  *  A description for this error, which can be provided as a string
  *  or as an XMLElement.
  * @param string $template
  *  A string for the error page template to use, defaults to 'generic'. This
  *  can be the name of any template file in the `TEMPLATES` directory.
  *  A template using the naming convention of `tpl.*.php`.
  * @param array $additional
  *  Allows custom information to be passed to the Symphony Error Page
  *  that the template may want to expose, such as custom Headers etc.
  */
 public function customError($heading, $message, $template = 'generic', array $additional = array())
 {
     GenericExceptionHandler::$enabled = true;
     throw new SymphonyErrorPage($message, $heading, $template, $additional);
 }
Ejemplo n.º 20
0
 public function checkFrontendPagePermissions($context)
 {
     $isLoggedIn = false;
     $errors = array();
     // Checks $_REQUEST to see if a Member Action has been requested,
     // member-action['login'] and member-action['logout']/?member-action=logout
     // are the only two supported at this stage.
     if (is_array($_REQUEST['member-action'])) {
         list($action) = array_keys($_REQUEST['member-action']);
     } else {
         $action = $_REQUEST['member-action'];
     }
     // Check to see a Member is already logged in.
     $isLoggedIn = $this->getMemberDriver()->isLoggedIn($errors);
     // Logout
     if (trim($action) == 'logout') {
         /**
          * Fired just before a member is logged out (and page redirection),
          * this delegate provides the current Member ID
          *
          * @delegate MembersPreLogout
          * @param string $context
          *  '/frontend/'
          * @param integer $member_id
          *  The Member ID of the member who is about to logged out
          */
         Symphony::ExtensionManager()->notifyMembers('MembersPreLogout', '/frontend/', array('member_id' => $this->getMemberDriver()->getMemberID()));
         $this->getMemberDriver()->logout();
         // If a redirect is provided, redirect to that, otherwise return the user
         // to the index of the site. Issue #51 & #121
         if (isset($_REQUEST['redirect'])) {
             redirect($_REQUEST['redirect']);
         }
         redirect(URL);
     } else {
         if (trim($action) == 'login' && !is_null($_POST['fields'])) {
             // If a Member is already logged in and another Login attempt is requested
             // log the Member out first before trying to login with new details.
             if ($isLoggedIn) {
                 $this->getMemberDriver()->logout();
             }
             if ($this->getMemberDriver()->login($_POST['fields'])) {
                 /**
                  * Fired just after a Member has successfully logged in, this delegate
                  * provides the current Member ID. This delegate is fired just before
                  * the page redirection (if it is provided)
                  *
                  * @delegate MembersPostLogin
                  * @param string $context
                  *  '/frontend/'
                  * @param integer $member_id
                  *  The Member ID of the member who just logged in.
                  * @param Entry $member
                  *  The Entry object of the logged in Member.
                  */
                 Symphony::ExtensionManager()->notifyMembers('MembersPostLogin', '/frontend/', array('member_id' => $this->getMemberDriver()->getMemberID(), 'member' => $this->getMemberDriver()->getMember()));
                 if (isset($_POST['redirect'])) {
                     redirect($_POST['redirect']);
                 }
             } else {
                 self::$_failed_login_attempt = true;
             }
         }
     }
     $this->Member->initialiseMemberObject();
     if ($isLoggedIn && $this->getMemberDriver()->getMember() instanceof Entry) {
         $this->updateSystemTimezoneOffset($this->getMemberDriver()->getMemberID());
         if (!is_null(extension_Members::getFieldHandle('role'))) {
             $role_data = $this->getMemberDriver()->getMember()->getData(extension_Members::getField('role')->get('id'));
         }
     }
     // If there is no role field, or a Developer is logged in, return, as Developers
     // should be able to access every page.
     if (is_null(extension_Members::getFieldHandle('role')) || Frontend::instance()->Author instanceof Author && Frontend::instance()->Author->isDeveloper()) {
         return;
     }
     $role_id = $isLoggedIn ? $role_data['role_id'] : Role::PUBLIC_ROLE;
     $role = RoleManager::fetch($role_id);
     if ($role instanceof Role && !$role->canAccessPage((int) $context['page_data']['id'])) {
         // User has no access to this page, so look for a custom 403 page
         if ($row = Symphony::Database()->fetchRow(0, "\n\t\t\t\t\tSELECT `p`.*\n\t\t\t\t\tFROM `tbl_pages` as `p`\n\t\t\t\t\tLEFT JOIN `tbl_pages_types` AS `pt` ON(`p`.id = `pt`.page_id)\n\t\t\t\t\tWHERE `pt`.type = '403'\n\t\t\t\t")) {
             $row['type'] = FrontendPage::fetchPageTypes($row['id']);
             $row['filelocation'] = FrontendPage::resolvePageFileLocation($row['path'], $row['handle']);
             $context['page_data'] = $row;
             return;
         } else {
             // No custom 403, just throw default 403
             GenericExceptionHandler::$enabled = true;
             throw new SymphonyErrorPage(__('The page you have requested has restricted access permissions.'), __('Forbidden'), 'error', array('header' => 'HTTP/1.0 403 Forbidden'));
         }
     }
 }