public function on_start()
{
$c = Page::getByPath('/dashboard/blocks/stacks');
$cp = new Permissions($c);
if ($cp->canViewPage()) {
$c = Page::getCurrentPage();
$pcp = new Permissions($c);
if (!$pcp->canViewPageVersions() || $_GET['vtask'] != 'view_versions' && $_GET['vtask'] != 'compare') {
$cID = $c->getCollectionID();
$this->redirect('/dashboard/blocks/stacks', 'view_details', $cID);
} else {
$this->theme = 'dashboard';
}
} else {
global $c;
// ugh
$v = View::getInstance();
$c = new Page();
$c->loadError(COLLECTION_NOT_FOUND);
$v->setCollectionObject($c);
$this->c = $c;
$cont = Loader::controller("/page_not_found");
$v->setController($cont);
$v->render('/page_not_found');
}
}
public function update_group() {
$g = Group::getByID(intval($_REQUEST['gID']));
$txt = Loader::helper('text');
$valt = Loader::helper('validation/token');
$gName = $txt->sanitize($_POST['gName']);
$gDescription = $_POST['gDescription'];
if (!$gName) {
$this->error->add(t("Name required."));
}
if (!$valt->validate('add_or_update_group')) {
$this->error->add($valt->getErrorMessage());
}
$g1 = Group::getByName($gName);
if ($g1 instanceof Group) {
if ((!is_object($g)) || $g->getGroupID() != $g1->getGroupID()) {
$this->error->add(t('A group named "%s" already exists', $g1->getGroupName()));
}
}
if (count($error) == 0) {
$g->update($gName, $_POST['gDescription']);
$cnta = Loader::controller('/dashboard/users/add_group');
$cnta->checkExpirationOptions($g);
$this->redirect('/dashboard/users/groups', 'group_updated');
}
}
private function controller()
{
Loader::core('Controller');
self::$router->routers = $c = self::$router->parse_url();
//var_dump(self::$router->routers);
Loader::controller(ucfirst(strtolower($c['controller'])), $c['method'], $c['var']);
}
public function view($userID = 0)
{
if (!ENABLE_USER_PROFILES) {
header("HTTP/1.0 404 Not Found");
$this->render("/page_not_found");
}
$html = Loader::helper('html');
$canEdit = false;
$u = new User();
if ($userID > 0) {
$profile = UserInfo::getByID($userID);
if (!is_object($profile)) {
throw new Exception('Invalid User ID.');
}
} else {
if ($u->isRegistered()) {
$profile = UserInfo::getByID($u->getUserID());
$canEdit = true;
} else {
$this->set('intro_msg', t('You must sign in order to access this page!'));
Loader::controller('/login');
$this->render('/login');
}
}
$this->set('profile', $profile);
$this->set('av', Loader::helper('concrete/avatar'));
$this->set('t', Loader::helper('text'));
$this->set('canEdit', $canEdit);
}
function CoreAutoload($class)
{
$txt = Loader::helper('text');
if ($class == 'DashboardBaseController') {
Loader::controller('/dashboard/base');
}
if (strpos($class, 'BlockController') > 0) {
$class = substr($class, 0, strpos($class, 'BlockController'));
$handle = $txt->uncamelcase($class);
Loader::block($handle);
} else {
if (strpos($class, 'Helper') > 0) {
$class = substr($class, 0, strpos($class, 'Helper'));
$handle = $txt->uncamelcase($class);
$handle = preg_replace('/^site_/', '', $handle);
Loader::helper($handle);
} else {
if (strpos($class, 'AttributeType') > 0) {
$class = substr($class, 0, strpos($class, 'AttributeType'));
$handle = $txt->uncamelcase($class);
$at = AttributeType::getByHandle($handle);
}
}
}
}
public function refresh_database_schema()
{
if ($this->token->validate("refresh_database_schema")) {
$msg = '';
if ($this->post('refresh_global_schema')) {
// refresh concrete/config/db.xml and all installed blocks
$cnt = Loader::controller("/upgrade");
try {
$cnt->refresh_schema();
$msg .= t('Core database files and installed blocks refreshed.');
} catch (Exception $e) {
$this->set('error', $e);
}
}
if ($this->post('refresh_local_schema')) {
// refresh concrete/config/db.xml and all installed blocks
if (file_exists('config/' . FILENAME_LOCAL_DB)) {
try {
Package::installDB(DIR_BASE . '/config/' . FILENAME_LOCAL_DB);
$msg .= ' ' . t('Local database file refreshed.');
} catch (Exception $e) {
$this->set('error', $e);
}
}
}
$msg = trim($msg);
$this->set('message', $msg);
} else {
$this->set('error', array($this->token->getErrorMessage()));
}
}
public function __construct()
{
self::$__instance = $this;
set_exception_handler('exceptionHandler');
// setup our loader instance
$this->loader = new Loader();
// load a few helpers
$this->loader->helper('uri', FRAMEWORK_PATH . 'helpers');
// loader the plugins
$this->plugins = $this->loader->manager('plugins');
$this->plugins->loadFrameworkPlugins();
// what shall we load first?
$this->route = $this->loader->manager('route')->find();
// load the controller
$this->controller = $this->loader->controller($this->route->getController());
$this->controller->invokeAction($this->route->getAction());
}
public function on_start()
{
$cnt = Loader::controller('/dashboard/system/backup_restore/update');
$cnt->secCheck();
// if you just reverted, but didn't manually clear out your files - cache would be a prob here.
$ca = new Cache();
$ca->flush();
$this->site_version = Config::get('SITE_APP_VERSION');
}
public function view_detail($fsID, $action = false) {
Loader::model('file_set');
$fs = FileSet::getByID($fsID);
$ph = Loader::controller('/dashboard/system/permissions/files');
$this->set('ph', $ph);
$this->set('fs', $fs);
if ($action == 'file_set_updated') {
$this->set('message', t('File set updated successfully.'));
}
$this->view();
}
public function __construct() {
$html = Loader::helper('html');
parent::__construct();
$u = new User();
if (!$u->isRegistered()) {
$this->set('intro_msg', t('You must sign in order to access this page!'));
Loader::controller('/login');
$this->render('/login');
}
$this->set('ui', UserInfo::getByID($u->getUserID()));
$this->set('av', Loader::helper('concrete/avatar'));
}
public function __construct()
{
if (!ENABLE_REGISTRATION) {
$cont = Loader::controller('/page_not_found');
$cont->view();
$this->render("/page_not_found");
}
parent::__construct();
Loader::model('user_attributes');
$u = new User();
$this->set('u', $u);
if (USER_REGISTRATION_WITH_EMAIL_ADDRESS) {
$this->set('displayUserName', false);
} else {
$this->set('displayUserName', true);
}
}
/**
* 执行应用程序
* @access public
* @return void
*/
public static function run(array $config = [])
{
if (version_compare(PHP_VERSION, '5.4.0', '<')) {
throw new Exception('require PHP > 5.4.0 !');
}
// 日志初始化
Log::init($config['log']);
// 缓存初始化
Cache::connect($config['cache']);
// 加载框架底层语言包
if (is_file(THINK_PATH . 'Lang/' . strtolower($config['default_lang']) . EXT)) {
Lang::set(include THINK_PATH . 'Lang/' . strtolower($config['default_lang']) . EXT);
}
if (is_file(APP_PATH . 'build.php')) {
// 自动化创建脚本
Create::build(include APP_PATH . 'build.php');
}
// 监听app_init
Hook::listen('app_init');
// 初始化公共模块
self::initModule(APP_PATH . $config['common_module'] . '/', $config);
// 启动session
if ($config['use_session']) {
Session::init($config['session']);
}
// 应用URL调度
self::dispatch($config);
// 监听app_run
Hook::listen('app_run');
// 执行操作
if (!preg_match('/^[A-Za-z](\\/|\\w)*$/', CONTROLLER_NAME)) {
// 安全检测
$instance = false;
} elseif ($config['action_bind_class']) {
// 操作绑定到类:模块\controller\控制器\操作
if (is_dir(MODULE_PATH . CONTROLLER_LAYER . '/' . CONTROLLER_NAME)) {
$namespace = MODULE_NAME . '\\' . CONTROLLER_LAYER . '\\' . CONTROLLER_NAME . '\\';
} else {
// 空控制器
$namespace = MODULE_NAME . '\\' . CONTROLLER_LAYER . '\\' . $config['empty_controller'] . '\\';
}
$actionName = strtolower(ACTION_NAME);
if (class_exists($namespace . $actionName)) {
$class = $namespace . $actionName;
} elseif (class_exists($namespace . '_empty')) {
// 空操作
$class = $namespace . '_empty';
} else {
throw new Exception('_ERROR_ACTION_:' . ACTION_NAME);
}
$instance = new $class();
// 操作绑定到类后 固定执行run入口
$action = 'run';
} else {
$instance = Loader::controller(CONTROLLER_NAME, '', $config['empty_controller']);
// 获取当前操作名
$action = ACTION_NAME . $config['action_suffix'];
}
if (!$instance) {
throw new Exception('[ ' . MODULE_NAME . '\\' . CONTROLLER_LAYER . '\\' . Loader::parseName(CONTROLLER_NAME, 1) . ' ] not exists');
}
try {
// 操作方法开始监听
$call = [$instance, $action];
Hook::listen('action_begin', $call);
if (!preg_match('/^[A-Za-z](\\w)*$/', $action)) {
// 非法操作
throw new \ReflectionException();
}
//执行当前操作
$method = new \ReflectionMethod($instance, $action);
if ($method->isPublic()) {
// URL参数绑定检测
if ($config['url_params_bind'] && $method->getNumberOfParameters() > 0) {
switch ($_SERVER['REQUEST_METHOD']) {
case 'POST':
$vars = array_merge($_GET, $_POST);
break;
case 'PUT':
parse_str(file_get_contents('php://input'), $vars);
break;
default:
$vars = $_GET;
}
$params = $method->getParameters();
$paramsBindType = $config['url_parmas_bind_type'];
foreach ($params as $param) {
$name = $param->getName();
if (1 == $paramsBindType && !empty($vars)) {
$args[] = array_shift($vars);
}
if (0 == $paramsBindType && isset($vars[$name])) {
$args[] = $vars[$name];
} elseif ($param->isDefaultValueAvailable()) {
$args[] = $param->getDefaultValue();
} else {
throw new Exception('_PARAM_ERROR_:' . $name);
}
}
array_walk_recursive($args, 'Input::filterExp');
$data = $method->invokeArgs($instance, $args);
} else {
$data = $method->invoke($instance);
}
// 操作方法执行完成监听
Hook::listen('action_end', $data);
// 返回数据
Response::returnData($data, $config['default_return_type']);
} else {
// 操作方法不是Public 抛出异常
throw new \ReflectionException();
}
} catch (\ReflectionException $e) {
// 操作不存在
if (method_exists($instance, '_empty')) {
$method = new \ReflectionMethod($instance, '_empty');
$method->invokeArgs($instance, [$action, '']);
} else {
throw new Exception('[ ' . (new \ReflectionClass($instance))->getName() . ':' . $action . ' ] not exists ', 404);
}
}
return;
}
private static function module($result, $config)
{
if (APP_MULTI_MODULE) {
// 多模块部署
$module = strtolower($result[0] ?: $config['default_module']);
if ($maps = $config['url_module_map']) {
if (isset($maps[$module])) {
// 记录当前别名
define('MODULE_ALIAS', $module);
// 获取实际的项目名
$module = $maps[MODULE_ALIAS];
} elseif (array_search($module, $maps)) {
// 禁止访问原始项目
$module = '';
}
}
// 获取模块名称
define('MODULE_NAME', strip_tags($module));
// 模块初始化
if (MODULE_NAME && !in_array(MODULE_NAME, $config['deny_module_list']) && is_dir(APP_PATH . MODULE_NAME)) {
APP_HOOK && Hook::listen('app_begin');
define('MODULE_PATH', APP_PATH . MODULE_NAME . DS);
define('VIEW_PATH', MODULE_PATH . VIEW_LAYER . DS);
// 初始化模块
self::initModule(MODULE_NAME, $config);
} else {
throw new Exception('module [ ' . MODULE_NAME . ' ] not exists ', 10005);
}
} else {
// 单一模块部署
define('MODULE_NAME', '');
define('MODULE_PATH', APP_PATH);
define('VIEW_PATH', MODULE_PATH . VIEW_LAYER . DS);
}
// 获取控制器名
define('CONTROLLER_NAME', strtolower(strip_tags($result[1] ?: Config::get('default_controller'))));
// 获取操作名
define('ACTION_NAME', strtolower(strip_tags($result[2] ?: Config::get('default_action'))));
// 执行操作
if (!preg_match('/^[A-Za-z](\\/|\\.|\\w)*$/', CONTROLLER_NAME)) {
// 安全检测
throw new Exception('illegal controller name:' . CONTROLLER_NAME, 10000);
}
if (Config::get('action_bind_class')) {
$class = self::bindActionClass(Config::get('empty_controller'));
$instance = new $class();
// 操作绑定到类后 固定执行run入口
$action = 'run';
} else {
$instance = Loader::controller(CONTROLLER_NAME, '', Config::get('empty_controller'));
// 获取当前操作名
$action = ACTION_NAME . Config::get('action_suffix');
}
try {
// 操作方法开始监听
$call = [$instance, $action];
APP_HOOK && Hook::listen('action_begin', $call);
if (!preg_match('/^[A-Za-z](\\w)*$/', $action)) {
// 非法操作
throw new \ReflectionException();
}
// 执行操作方法
$data = self::invokeMethod($call);
} catch (\ReflectionException $e) {
// 操作不存在
if (method_exists($instance, '_empty')) {
$method = new \ReflectionMethod($instance, '_empty');
$data = $method->invokeArgs($instance, [$action, '']);
} else {
throw new Exception('method [ ' . (new \ReflectionClass($instance))->getName() . '->' . $action . ' ] not exists ', 10002);
}
}
return $data;
}
public function getInstance() {
if ($this->instance->cacheBlockRecord() && is_object($this->instance->getBlockControllerData())) {
$this->instance->__construct();
} else {
$this->instance = Loader::controller($this);
}
return $this->instance;
}
public function on_start()
{
$this->error = Loader::helper('validation/error');
$cnt = Loader::controller('/upgrade');
$cnt->secCheck();
}
/**
* Is responsible for taking a method passed and ensuring that it is valid for the current request. You can't
* 1. Pass a method that starts with "on_"
* 2. Pass a method that's in the restrictedMethods array
*/
private function setupRequestTask() {
$req = Request::get();
// we are already on the right page now
// let's grab the right method as well.
$task = substr('/' . $req->getRequestPath(), strlen($req->getRequestCollectionPath()) + 1);
// remove legacy separaters
$task = str_replace('-/', '', $task);
// grab the whole shebang
$taskparts = explode('/', $task);
if (isset($taskparts[0]) && $taskparts[0] != '') {
$method = $taskparts[0];
}
if ($method == '') {
if (is_object($this->c) && is_callable(array($this, $this->c->getCollectionHandle()))) {
$method = $this->c->getCollectionHandle();
} else {
$method = 'view';
}
$this->parameters = array();
}
$foundTask = false;
try {
$r = new ReflectionMethod(get_class($this), $method);
$cl = $r->getDeclaringClass();
if (is_object($cl)) {
if ($cl->getName() != 'Controller' && strpos($method, 'on_') !== 0 && strpos($method, '__') !== 0 && $r->isPublic()) {
$foundTask = true;
}
}
} catch(Exception $e) {
}
if ($foundTask) {
$this->task = $method;
if (!is_array($this->parameters)) {
$this->parameters = array();
if (isset($taskparts[1])) {
array_shift($taskparts);
$this->parameters = $taskparts;
}
}
} else {
$this->task = 'view';
if (!is_array($this->parameters)) {
$this->parameters = array();
if (isset($taskparts[0])) {
$this->parameters = $taskparts;
}
}
// finally we do a 404 check in this instance
// if the particular controller does NOT have a view method but DOES have arguments passed
// we call 404
$do404 = false;
if (!is_object($this->c)) {
// this means we're calling the render directly, so we never 404
$do404 = false;
} else if (!is_callable(array($this, $this->task)) && count($this->parameters) > 0) {
$do404 = true;
} else if (is_callable(array($this, $this->task)) && (get_class($this) != 'PageForbiddenController')) {
// we use reflection to see if the task itself, which now much exist, takes fewer arguments than
// what is specified
$r = new ReflectionMethod(get_class($this), $this->task);
if ($r->getNumberOfParameters() < count($this->parameters)) {
$do404 = true;
}
}
if ($req->isIncludeRequest()) {
$do404 = false;
}
if ($do404) {
// this is hacky, the global part
global $c;
$v = View::getInstance();
$c = new Page();
$c->loadError(COLLECTION_NOT_FOUND);
$v->setCollectionObject($c);
$this->c = $c;
$cont = Loader::controller("/page_not_found");
$v->setController($cont);
$v->render('/page_not_found');
}
}
}
/**
* 执行应用程序
* @access public
* @return void
*/
public static function run()
{
// 初始化公共模块
self::initModule(COMMON_MODULE, Config::get());
// 读取扩展配置文件
if (Config::get('extra_config_list')) {
foreach (Config::get('extra_config_list') as $file) {
Config::load($file, $file);
}
}
// 获取配置参数
$config = Config::get();
// 加载额外文件
if (!empty($config['extra_file_list'])) {
foreach ($config['extra_file_list'] as $file) {
$file = strpos($file, '.') ? $file : APP_PATH . $file . EXT;
if (is_file($file)) {
include_once $file;
}
}
}
// 日志初始化
Log::init($config['log']);
// 缓存初始化
Cache::connect($config['cache']);
// 设置系统时区
date_default_timezone_set($config['default_timezone']);
// 监听app_init
APP_HOOK && Hook::listen('app_init');
// 开启多语言机制
if ($config['lang_switch_on']) {
// 获取当前语言
defined('LANG_SET') or define('LANG_SET', Lang::range());
// 加载系统语言包
Lang::load(THINK_PATH . 'lang' . DS . LANG_SET . EXT);
}
// 启动session CLI 不开启
if (!IS_CLI && $config['use_session']) {
Session::init($config['session']);
}
// 应用URL调度
self::dispatch($config);
// 监听app_run
APP_HOOK && Hook::listen('app_run');
// 执行操作
if (!preg_match('/^[A-Za-z](\\/|\\.|\\w)*$/', CONTROLLER_NAME)) {
// 安全检测
throw new Exception('illegal controller name:' . CONTROLLER_NAME, 10000);
}
if (Config::get('action_bind_class')) {
$class = self::bindActionClass(Config::get('empty_controller'));
$instance = new $class();
// 操作绑定到类后 固定执行run入口
$action = 'run';
} else {
$instance = Loader::controller(CONTROLLER_NAME, '', Config::get('empty_controller'));
// 获取当前操作名
$action = ACTION_NAME . Config::get('action_suffix');
}
if (!$instance) {
throw new Exception('class [ ' . Loader::parseClass(MODULE_NAME, CONTROLLER_LAYER, CONTROLLER_NAME) . ' ] not exists', 10001);
}
try {
// 操作方法开始监听
$call = [$instance, $action];
APP_HOOK && Hook::listen('action_begin', $call);
if (!preg_match('/^[A-Za-z](\\w)*$/', $action)) {
// 非法操作
throw new \ReflectionException();
}
//执行当前操作
$method = new \ReflectionMethod($instance, $action);
if ($method->isPublic()) {
// URL参数绑定检测
if (Config::get('url_params_bind') && $method->getNumberOfParameters() > 0) {
// 获取绑定参数
$args = self::getBindParams($method, Config::get('url_parmas_bind_type'));
// 全局过滤
array_walk_recursive($args, 'think\\Input::filterExp');
$data = $method->invokeArgs($instance, $args);
} else {
$data = $method->invoke($instance);
}
// 操作方法执行完成监听
APP_HOOK && Hook::listen('action_end', $data);
// 输出数据
return Response::send($data, Response::type(), Config::get('response_return'));
} else {
// 操作方法不是Public 抛出异常
throw new \ReflectionException();
}
} catch (\ReflectionException $e) {
// 操作不存在
if (method_exists($instance, '_empty')) {
$method = new \ReflectionMethod($instance, '_empty');
$data = $method->invokeArgs($instance, [$action, '']);
// 操作方法执行完成监听
APP_HOOK && Hook::listen('action_end', $data);
// 输出数据
return Response::send($data, Response::type(), Config::get('response_return'));
} else {
throw new Exception('method [ ' . (new \ReflectionClass($instance))->getName() . '->' . $action . ' ] not exists ', 10002);
}
}
}
<?php
defined('C5_EXECUTE') or die("Access Denied.");
Loader::controller('/login');
class Concrete5_Controller_PageForbidden extends LoginController
{
public function view()
{
$v = View::getInstance();
$c = $v->getCollectionObject();
if (is_object($c)) {
$cID = $c->getCollectionID();
if ($cID) {
$this->forward($cID);
// set the intended url
}
}
parent::view();
$u = new User();
$logged = $u->isLoggedIn();
if (!$logged && FORBIDDEN_SHOW_LOGIN) {
//if they are not logged in, and we show guests the login...
$this->render('/login');
}
}
}
<?php
defined('C5_EXECUTE') or die("Access Denied.");
Loader::controller('/dashboard/base');
class DashboardSystemRegistrationController extends Concrete5_Controller_Dashboard_System_Registration
{
}
<?php
defined('C5_EXECUTE') or die(_("Access Denied."));
//Outputs "1" if handle is not in use by anything (blocks, packages, files, database)
//Outputs "2" if a corresponding database table exists for this handle but it is otherwise not in use (no blocks, packages, or files)
//Outputs nothing otherwise.
if (!empty($_GET['handle'])) {
$handle = $_GET['handle'];
$c = Loader::controller('/dashboard/blocks/designer_content');
if ($c->validate_unique_handle($handle)) {
if ($c->validate_unique_tablename_for_handle($handle)) {
echo "1";
} else {
echo "2";
}
}
}
exit;
/**
* render takes one argument - the item being rendered - and it can either be a path or a page object
* @access public
* @param string $view
* @param array $args
* @return void
*/
public function render($view, $args = null)
{
if (is_array($args)) {
extract($args);
}
// strip off a slash if there is one at the end
if (is_string($view)) {
if (substr($view, strlen($view) - 1) == '/') {
$view = substr($view, 0, strlen($view) - 1);
}
}
$dsh = Loader::helper('concrete/dashboard');
$wrapTemplateInTheme = false;
$this->checkMobileView();
if (defined('DB_DATABASE') && $view !== '/upgrade') {
Events::fire('on_start', $this);
}
// Extract controller information from the view, and put it in the current context
if (!isset($this->controller)) {
$this->controller = Loader::controller($view);
$this->controller->setupAndRun();
}
if ($this->controller->getRenderOverride() != '') {
$view = $this->controller->getRenderOverride();
}
// Determine which inner item to load, load it, and stick it in $innerContent
$content = false;
ob_start();
if ($view instanceof Page) {
$_pageBlocks = $view->getBlocks();
if (!$dsh->inDashboard()) {
$_pageBlocksGlobal = $view->getGlobalBlocks();
$_pageBlocks = array_merge($_pageBlocks, $_pageBlocksGlobal);
}
// do we have any custom menu plugins?
$cp = new Permissions($view);
if ($cp->canViewToolbar()) {
$ih = Loader::helper('concrete/interface/menu');
$_interfaceItems = $ih->getPageHeaderMenuItems();
foreach ($_interfaceItems as $_im) {
$_controller = $_im->getController();
$_controller->outputAutoHeaderItems();
}
unset($_interfaceItems);
unset($_im);
unset($_controller);
}
unset($_interfaceItems);
unset($_im);
unset($_controller);
// now, we output all the custom style records for the design tab in blocks/areas on the page
$c = $this->getCollectionObject();
$view->outputCustomStyleHeaderItems();
$viewPath = $view->getCollectionPath();
$this->viewPath = $viewPath;
$cFilename = $view->getCollectionFilename();
$ctHandle = $view->getCollectionTypeHandle();
$editMode = $view->isEditMode();
$c = $view;
$this->c = $c;
$env = Environment::get();
// $view is a page. It can either be a SinglePage or just a Page, but we're not sure at this point, unfortunately
if ($view->getCollectionTypeID() == 0 && $cFilename) {
$wrapTemplateInTheme = true;
$cFilename = trim($cFilename, '/');
$content = $env->getPath(DIRNAME_PAGES . '/' . $cFilename, $view->getPackageHandle());
$themeFilename = $c->getCollectionHandle() . '.php';
} else {
$rec = $env->getRecord(DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php', $view->getPackageHandle());
if ($rec->exists()) {
$wrapTemplateInTheme = true;
$content = $rec->file;
}
$themeFilename = $ctHandle . '.php';
}
} else {
if (is_string($view)) {
// if we're passing a view but our render override is not null, that means that we're passing
// a new view from within a controller. If that's the case, then we DON'T override the viewPath, we want to keep it
// In order to enable editable 404 pages, other editable pages that we render without actually visiting
if (defined('DB_DATABASE') && $view == '/page_not_found') {
$pp = Page::getByPath($view);
if (!$pp->isError()) {
$this->c = $pp;
}
}
$viewPath = $view;
if ($this->controller->getRenderOverride() != '' && $this->getCollectionObject() != null) {
// we are INSIDE a collection renderring a view. Which means we want to keep the viewPath that of the collection
$this->viewPath = $this->getCollectionObject()->getCollectionPath();
}
// we're just passing something like "/login" or whatever. This will typically just be
// internal Concrete stuff, but we also prepare for potentially having something in DIR_FILES_CONTENT (ie: the webroot)
if (file_exists(DIR_FILES_CONTENT . "/{$view}/" . FILENAME_COLLECTION_VIEW)) {
$content = DIR_FILES_CONTENT . "/{$view}/" . FILENAME_COLLECTION_VIEW;
} else {
if (file_exists(DIR_FILES_CONTENT . "/{$view}.php")) {
$content = DIR_FILES_CONTENT . "/{$view}.php";
} else {
if (file_exists(DIR_FILES_CONTENT_REQUIRED . "/{$view}/" . FILENAME_COLLECTION_VIEW)) {
$content = DIR_FILES_CONTENT_REQUIRED . "/{$view}/" . FILENAME_COLLECTION_VIEW;
} else {
if (file_exists(DIR_FILES_CONTENT_REQUIRED . "/{$view}.php")) {
$content = DIR_FILES_CONTENT_REQUIRED . "/{$view}.php";
} else {
if ($this->getCollectionObject() != null && $this->getCollectionObject()->isGeneratedCollection() && $this->getCollectionObject()->getPackageID() > 0) {
//This is a single_page associated with a package, so check the package views as well
$pagePkgPath = Package::getByID($this->getCollectionObject()->getPackageID())->getPackagePath();
if (file_exists($pagePkgPath . "/single_pages/{$view}/" . FILENAME_COLLECTION_VIEW)) {
$content = $pagePkgPath . "/single_pages/{$view}/" . FILENAME_COLLECTION_VIEW;
} else {
if (file_exists($pagePkgPath . "/single_pages/{$view}.php")) {
$content = $pagePkgPath . "/single_pages/{$view}.php";
}
}
}
}
}
}
}
$wrapTemplateInTheme = true;
$themeFilename = $view . '.php';
}
}
if (is_object($this->c)) {
$c = $this->c;
if (defined('DB_DATABASE') && ($view == '/page_not_found' || $view == '/login')) {
$view = $c;
$req = Request::get();
$req->setCurrentPage($c);
$_pageBlocks = $view->getBlocks();
$_pageBlocksGlobal = $view->getGlobalBlocks();
$_pageBlocks = array_merge($_pageBlocks, $_pageBlocksGlobal);
}
}
if (is_array($_pageBlocks)) {
foreach ($_pageBlocks as $b1) {
$b1p = new Permissions($b1);
if ($b1p->canRead()) {
$btc = $b1->getInstance();
// now we inject any custom template CSS and JavaScript into the header
if ('Controller' != get_class($btc)) {
$btc->outputAutoHeaderItems();
}
$btc->runTask('on_page_view', array($view));
}
}
}
// Determine which outer item/theme to load
// obtain theme information for this collection
if (isset($this->themeOverride)) {
$theme = $this->themeOverride;
} else {
if ($this->controller->theme != false) {
$theme = $this->controller->theme;
} else {
if (($tmpTheme = $this->getThemeFromPath($viewPath)) != false) {
$theme = $tmpTheme;
} else {
if (is_object($this->c) && ($tmpTheme = $this->c->getCollectionThemeObject()) != false) {
$theme = $tmpTheme;
} else {
$theme = FILENAME_COLLECTION_DEFAULT_THEME;
}
}
}
}
$this->setThemeForView($theme, $themeFilename, $wrapTemplateInTheme);
// finally, we include the theme (which was set by setTheme and will automatically include innerContent)
// disconnect from our db and exit
$this->controller->on_before_render();
extract($this->controller->getSets());
extract($this->controller->getHelperObjects());
if ($content != false && !$this->disableContentInclude) {
include $content;
}
$innerContent = ob_get_contents();
if (ob_get_level() > OB_INITIAL_LEVEL) {
ob_end_clean();
}
if (defined('DB_DATABASE') && $view !== '/upgrade') {
Events::fire('on_before_render', $this);
}
if (defined('APP_CHARSET')) {
header("Content-Type: text/html; charset=" . APP_CHARSET);
}
if (file_exists($this->theme)) {
$cache = PageCache::getLibrary();
$shouldAddToCache = $cache->shouldAddToCache($this);
if ($shouldAddToCache) {
$cache->outputCacheHeaders($c);
}
ob_start();
include $this->theme;
$pageContent = ob_get_contents();
ob_end_clean();
$ret = Events::fire('on_page_output', $pageContent);
if ($ret != '') {
print $ret;
$pageContent = $ret;
} else {
print $pageContent;
}
$cache = PageCache::getLibrary();
if ($shouldAddToCache) {
$cache->set($c, $pageContent);
}
} else {
throw new Exception(t('File %s not found. All themes need default.php and view.php files in them. Consult concrete5 documentation on how to create these files.', $this->theme));
}
if (defined('DB_DATABASE') && $view !== '/upgrade') {
Events::fire('on_render_complete', $this);
}
if (ob_get_level() == OB_INITIAL_LEVEL) {
require DIR_BASE_CORE . '/startup/jobs.php';
require DIR_BASE_CORE . '/startup/shutdown.php';
exit;
}
}
public function getQuickNavigationLinkHTML($c)
{
$cnt = Loader::controller($c);
if (method_exists($cnt, 'getQuickNavigationLinkHTML')) {
return $cnt->getQuickNavigationLinkHTML();
} else {
return '<a href="' . Loader::helper('navigation')->getLinkToCollection($c) . '">' . $c->getCollectionName() . '</a>';
}
}
<?php
defined('C5_EXECUTE') or die("Access Denied.");
$u = new User();
$sh = Loader::helper('concrete/dashboard/sitemap');
if (!$sh->canRead()) {
die(t('Access Denied'));
}
Loader::model('attribute/categories/collection');
$cnt = Loader::controller('/dashboard/sitemap/search');
$pageList = $cnt->getRequestedSearchResults();
$columns = $cnt->get('columns');
$pages = $pageList->getPage();
$pagination = $pageList->getPagination();
Loader::element('pages/search_results', array('pages' => $pages, 'columns' => $columns, 'pageList' => $pageList, 'pagination' => $pagination));
echo t('You do not have permission to download packages from the marketplace.');
?>
</p>
<?php
exit;
} else {
if (!$mi->isConnected()) {
?>
<div class="ccm-pane-body-inner">
<?php
Loader::element('dashboard/marketplace_connect_failed');
?>
</div>
<?php
} else {
$cnt = Loader::controller('/dashboard/extend/add-ons');
$cnt->view();
$list = $cnt->get('list');
$items = $list->getPage();
$pagination = $list->getPagination();
$sets = $cnt->get('sets');
$sortBy = $cnt->get('sortBy');
$bu = REL_DIR_FILES_TOOLS_REQUIRED . '/marketplace/add-ons';
?>
<div class="ccm-pane-options">
<?php
echo Loader::element('marketplace/search_form', array('action' => $bu, 'sets' => $sets, 'sortBy' => $sortBy));
?>
</div>
<div class="ccm-pane-body" style="margin-left: -10px; margin-right: -10px">
/**
* 执行应用程序
* @access public
* @return void
*/
public static function run(array $config = [])
{
// 初始化公共模块
self::initModule(COMMON_MODULE, $config);
// 读取扩展配置文件
if ($config['extra_config_list']) {
foreach ($config['extra_config_list'] as $file) {
Config::load($file, $file);
}
}
// 获取配置参数
$config = Config::get();
// 日志初始化
Log::init($config['log']);
// 缓存初始化
Cache::connect($config['cache']);
// 如果启动SocketLog调试, 进行SocketLog配置
if (SLOG_ON) {
Slog::config($config['slog']);
}
// 设置系统时区
date_default_timezone_set($config['default_timezone']);
// 默认语言
$lang = strtolower($config['default_lang']);
Lang::range($lang);
// 加载默认语言包
Lang::load(THINK_PATH . 'Lang/' . $lang . EXT);
// 监听app_init
APP_HOOK && Hook::listen('app_init');
// 启动session API CLI 不开启
if (!IS_CLI && !IS_API && $config['use_session']) {
Session::init($config['session']);
}
// 应用URL调度
self::dispatch($config);
// 监听app_run
APP_HOOK && Hook::listen('app_run');
// 执行操作
if (!preg_match('/^[A-Za-z](\\/|\\.|\\w)*$/', CONTROLLER_NAME)) {
// 安全检测
throw new Exception('illegal controller name:' . CONTROLLER_NAME, 10000);
}
if (Config::get('action_bind_class')) {
$class = self::bindActionClass(Config::get('empty_controller'));
$instance = new $class();
// 操作绑定到类后 固定执行run入口
$action = 'run';
} else {
$instance = Loader::controller(CONTROLLER_NAME, '', Config::get('empty_controller'));
// 获取当前操作名
$action = ACTION_NAME . Config::get('action_suffix');
}
if (!$instance) {
throw new Exception('class [ ' . MODULE_NAME . '\\' . CONTROLLER_LAYER . '\\' . Loader::parseName(str_replace('.', '\\', CONTROLLER_NAME), 1) . ' ] not exists', 10001);
}
try {
// 操作方法开始监听
$call = [$instance, $action];
APP_HOOK && Hook::listen('action_begin', $call);
if (!preg_match('/^[A-Za-z](\\w)*$/', $action)) {
// 非法操作
throw new \ReflectionException();
}
//执行当前操作
$method = new \ReflectionMethod($instance, $action);
if ($method->isPublic()) {
// URL参数绑定检测
if (Config::get('url_params_bind') && $method->getNumberOfParameters() > 0) {
// 获取绑定参数
$args = self::getBindParams($method, Config::get('url_parmas_bind_type'));
// 全局过滤
array_walk_recursive($args, 'think\\Input::filterExp');
$data = $method->invokeArgs($instance, $args);
} else {
$data = $method->invoke($instance);
}
// 操作方法执行完成监听
APP_HOOK && Hook::listen('action_end', $data);
// 返回数据
Response::returnData($data, Config::get('default_return_type'), Config::get('response_exit'));
} else {
// 操作方法不是Public 抛出异常
throw new \ReflectionException();
}
} catch (\ReflectionException $e) {
// 操作不存在
if (method_exists($instance, '_empty')) {
$method = new \ReflectionMethod($instance, '_empty');
$data = $method->invokeArgs($instance, [$action, '']);
// 返回数据
Response::returnData($data, Config::get('default_return_type'), Config::get('response_exit'));
} else {
throw new Exception('method [ ' . (new \ReflectionClass($instance))->getName() . '->' . $action . ' ] not exists ', 10002);
}
}
}
defined('C5_EXECUTE') or die("Access Denied.");
?>
<div id="blog-index">
<?php
$isFirst = true;
//So first item in list can have a different css class (e.g. no top border)
$excerptBlocks = $controller->truncateSummaries ? 1 : null;
//1 is the number of blocks to include in the excerpt
$truncateChars = $controller->truncateSummaries ? $controller->truncateChars : 0;
foreach ($cArray as $cobj) {
$title = $cobj->getCollectionName();
$date = $cobj->getCollectionDatePublic('F j, Y');
$author = $cobj->getVersionObject()->getVersionAuthorUserName();
$link = $nh->getLinkToCollection($cobj);
$firstClass = $isFirst ? 'first-entry' : '';
$entryController = Loader::controller($cobj);
if (method_exists($entryController, 'getCommentCountString')) {
$comments = $entryController->getCommentCountString('%s ' . t('Comment'), '%s ' . t('Comments'));
}
$isFirst = false;
?>
<div class="entry <?php
echo $firstClass;
?>
">
<div class="title">
<h3>
<a href="<?php
echo $link;
?>
"><?php
<?php
defined('C5_EXECUTE') or die("Access Denied.");
$tp = new TaskPermission();
if (!$tp->canAccessUserSearch()) {
die(t("You have no access to users."));
}
$u = new User();
$cnt = Loader::controller('/dashboard/users/search');
$userList = $cnt->getRequestedSearchResults();
$columns = $cnt->get('columns');
$users = $userList->getPage();
$pagination = $userList->getPagination();
$searchType = Loader::helper('text')->entities($_REQUEST['searchType']);
Loader::element('users/search_results', array('columns' => $columns, 'users' => $users, 'userList' => $userList, 'searchType' => $searchType, 'pagination' => $pagination));
<?php
defined('C5_EXECUTE') or die("Access Denied.");
Loader::controller('/profile/edit');
class Concrete5_Controller_Profile_Avatar extends ProfileEditController
{
public function __construct()
{
parent::__construct();
$html = Loader::helper('html');
$this->set('av', Loader::helper('concrete/avatar'));
$this->addHeaderItem($html->javascript('swfobject.js'));
}
public function save_thumb()
{
$ui = $this->get('ui');
if (!is_object($ui) || $ui->getUserID() < 1) {
return false;
}
if (isset($_POST['thumbnail']) && strlen($_POST['thumbnail'])) {
$thumb = base64_decode($_POST['thumbnail']);
$fp = fopen(DIR_FILES_AVATARS . "/" . $ui->getUserID() . ".jpg", "w");
if ($fp) {
fwrite($fp, base64_decode($_POST['thumbnail']));
fclose($fp);
$data['uHasAvatar'] = 1;
$ui->update($data);
}
}
$this->redirect('/profile/avatar', 'saved');
}
<?php
defined('C5_EXECUTE') or die("Access Denied.");
$fp = FilePermissions::getGlobal();
if (!$fp->canAccessFileManager()) {
die(t("Unable to access the file manager."));
}
$u = new User();
Loader::model('file_list');
$cnt = Loader::controller('/dashboard/files/search');
$fileList = $cnt->getRequestedSearchResults();
$files = $fileList->getPage();
$pagination = $fileList->getPagination();
$searchType = Loader::helper('text')->entities($_REQUEST['searchType']);
$searchRequest = $cnt->get('searchRequest');
$columns = $cnt->get('columns');
Loader::element('files/search_results', array('files' => $files, 'columns' => $columns, 'searchType' => $searchType, 'searchRequest' => $searchRequest, 'fileList' => $fileList, 'pagination' => $pagination));
/**
* Renders a particular view for a block or a block type
* @param Block | BlockType $obj
* @param string $view
* @param array $args
*/
public function render($obj, $view = 'view', $args = array()) {
if ($this->hasRendered) {
return false;
}
$this->blockObj = $obj;
$customAreaTemplates = array();
if ($obj instanceof BlockType) {
$bt = $obj;
$base = $obj->getBlockTypePath();
} else {
$bFilename = $obj->getBlockFilename();
$b = $obj;
$base = $b->getBlockPath();
$this->block = $b;
$this->c = $b->getBlockCollectionObject();
if ($bFilename == '' && is_object($this->area)) {
$customAreaTemplates = $this->area->getCustomTemplates();
$btHandle = $b->getBlockTypeHandle();
if (isset($customAreaTemplates[$btHandle])) {
$bFilename = $customAreaTemplates[$btHandle];
}
}
}
$btHandle = $obj->getBlockTypeHandle();
if (!isset($this->controller)) {
$this->controller = Loader::controller($obj);
}
if (in_array($view, array('view', 'add', 'edit'))) {
$_action = $view;
} else {
$_action = 'view';
}
$u = new User();
$outputContent = false;
$useCache = false;
$page = Page::getCurrentPage();
if ($view == 'view') {
if ($this->controller->cacheBlockOutput() && ($obj instanceof Block)) {
if ((!$u->isRegistered() || ($this->controller->cacheBlockOutputForRegisteredUsers())) &&
(($_SERVER['REQUEST_METHOD'] != 'POST' || ($this->controller->cacheBlockOutputOnPost() == true)))) {
$useCache = true;
}
if ($useCache) {
$cID = 0;
if (is_object($page)) {
$cID = $page->getCollectionID();
}
$outputContent = Cache::get('block_view_output', $cID . ':' . $obj->getBlockID() . ':' . $obj->getAreaHandle());
}
}
}
if ($outputContent == false) {
$this->controller->setupAndRun($_action);
}
extract($this->controller->getSets());
extract($this->controller->getHelperObjects());
$headerItems = $this->controller->headerItems;
extract($args);
if ($this->controller->getRenderOverride() != '') {
$_filename = $this->controller->getRenderOverride() . '.php';
}
if ($view == 'scrapbook') {
$template = $this->getBlockPath(FILENAME_BLOCK_VIEW_SCRAPBOOK) . '/' . FILENAME_BLOCK_VIEW_SCRAPBOOK;
if (!file_exists($template)) {
$view = 'view';
}
}
if (!in_array($view, array('composer','view', 'add', 'edit', 'scrapbook'))) {
// then we're trying to render a custom view file, which we'll pass to the bottom functions as $_filename
$_filename = $view . '.php';
$view = 'view';
}
switch($view) {
case 'scrapbook':
$header = DIR_FILES_ELEMENTS_CORE . '/block_header_view.php';
$footer = DIR_FILES_ELEMENTS_CORE . '/block_footer_view.php';
break;
case 'composer':
case 'view':
if (!$outputContent) {
if (!isset($_filename)) {
$_filename = FILENAME_BLOCK_VIEW;
}
$bvt = new BlockViewTemplate($obj);
if ($bFilename) {
$bvt->setBlockCustomTemplate($bFilename); // this is PROBABLY already set by the method above, but in the case that it's passed by area we have to set it here
} else if ($_filename != FILENAME_BLOCK_VIEW) {
$bvt->setBlockCustomRender($_filename);
}
$template = $bvt->getTemplate();
}
if ($view == 'composer') {
$displayEditLink = true;
$header = DIR_FILES_ELEMENTS_CORE . '/block_header_composer.php';
$footer = DIR_FILES_ELEMENTS_CORE . '/block_footer_composer.php';
$cpFilename = $obj->getBlockComposerFilename();
if ($cpFilename) {
$cmpbase = $this->getBlockPath(DIRNAME_BLOCK_TEMPLATES_COMPOSER . '/' . $cpFilename);
if (file_exists($cmpbase . '/' . DIRNAME_BLOCK_TEMPLATES_COMPOSER . '/' . $cpFilename)) {
$template = $base . '/' . DIRNAME_BLOCK_TEMPLATES_COMPOSER . '/' . $cpFilename;
$displayEditLink = false;
}
}
if ($displayEditLink) {
$cmpbase = $this->getBlockPath(FILENAME_BLOCK_COMPOSER);
if (file_exists($cmpbase . '/' . FILENAME_BLOCK_COMPOSER)) {
$template = $base . '/' . FILENAME_BLOCK_COMPOSER;
$displayEditLink = false;
}
}
} else {
$header = DIR_FILES_ELEMENTS_CORE . '/block_header_view.php';
$footer = DIR_FILES_ELEMENTS_CORE . '/block_footer_view.php';
}
break;
case 'add':
if (!isset($_filename)) {
$_filename = FILENAME_BLOCK_ADD;
}
$header = DIR_FILES_ELEMENTS_CORE . '/block_header_add.php';
$footer = DIR_FILES_ELEMENTS_CORE . '/block_footer_add.php';
break;
case 'edit':
if (!isset($_filename)) {
$_filename = FILENAME_BLOCK_EDIT;
}
$header = DIR_FILES_ELEMENTS_CORE . '/block_header_edit.php';
$footer = DIR_FILES_ELEMENTS_CORE . '/block_footer_edit.php';
break;
}
if (!isset($template)) {
$base = $this->getBlockPath($_filename);
$template = $base . '/' . $_filename;
}
if (isset($header)) {
include($header);
}
if ($outputContent) {
print $outputContent;
} else if ($template) {
ob_start();
include($template);
$outputContent = ob_get_contents();
ob_end_clean();
print $outputContent;
if ($useCache) {
$cID = 0;
if (is_object($page)) {
$cID = $page->getCollectionID();
}
Cache::set('block_view_output', $cID . ':' . $obj->getBlockID() . ':' . $obj->getAreaHandle(), $outputContent, $this->controller->getBlockTypeCacheOutputLifetime());
}
}
if (isset($footer)) {
include($footer);
}
$this->template = $template;
$this->header = $header;
$this->footer = $footer;
}
