Ejemplo n.º 1
 public function process()
     global $timeStart;
     // initialize logging service
     $logger = OzoneLogger::instance();
     $loggerFileOutput = new OzoneLoggerFileOutput();
     $loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log");
     $logger->debug("AJAX module request processing started, logger initialized");
     $runData = new RunData();
     /* processing an AJAX request! */
     // extra return array - just for ajax handling
     $runData->ajaxResponseAdd("status", "OK");
     $logger->debug("RunData object created and initialized");
     // handle session at the begging of procession
     $template = $runData->getModuleTemplate();
     $classFile = $runData->getModuleClassPath();
     $className = $runData->getModuleClassName();
     $logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
     require_once $classFile;
     $module = new $className();
     // module security check
     if (!$module->isAllowed($runData)) {
         if ($classFile == $runData->getModuleClassPath()) {
         } else {
             // $module->isAllowed() should set the error template!!! if not -
             // default NotAllowed is used
             // reload the class again - we do not want the unsecure module to render!
             $classFile = $runData->getModuleClassPath();
             $className = $runData->getModuleClassName();
             $logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
             require_once $classFile;
             $module = new $className();
     $logger->debug("OZONE initialized");
     $logger->debug("Smarty template services loaded");
     $logger->debug("Smarty macros parsed");
     $logger->debug("plain version of Smarty created");
     $logger->info("Ozone engines successfully initialized");
     $actionClass = $runData->getAction();
     $logger->debug("processing action {$actionClass}");
     while ($actionClass != null) {
         require_once PathManager::actionClass($actionClass);
         $tmpa1 = explode('/', $actionClass);
         $actionClassStripped = end($tmpa1);
         $action = new $actionClassStripped();
         // action security check
         $classFile = $runData->getModuleClassPath();
         if (!$action->isAllowed($runData)) {
             if ($classFile == $runData->getModuleClassPath()) {
             // $action->isAllowed() should set the error template!!! if not -
             // default NotAllowed is used
         $actionEvent = $runData->getActionEvent();
         if ($actionEvent != null) {
             $logger->debug("processing action: {$actionClass}, event: {$actionEvent}");
         } else {
             $logger->debug("processing action: {$actionClass}");
         // this is in case action changes the action name so that
         // the next action can be executed.
         if ($runData->getNextAction() != null) {
             $actionClass = $runData->getNextAction();
         } else {
             $actionClass = null;
     // end action process
     // check if template has been changed by the module. if so...
     if ($template != $runData->getModuleTemplate) {
         $classFile = $runData->getModuleClassPath();
         $className = $runData->getModuleClassName();
         $logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
         require_once $classFile;
         $module = new $className();
     $rendered = $module->render($runData);
     $rVars = $runData->getAjaxResponse();
     if ($rendered != null) {
         // process modules...
         $moduleProcessor = new ModuleProcessor($runData);
         $out = $moduleProcessor->process($rendered);
         $rVars['body'] = $out;
     $json = new JSONService();
     $out = $json->encode($rVars);
     echo $out;
 public function process()
     global $timeStart;
     // initialize logging service
     $logger = OzoneLogger::instance();
     $loggerFileOutput = new OzoneLoggerFileOutput();
     $loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log");
     $logger->debug("AJAX module request processing started, logger initialized");
     $runData = new RunData();
     /* processing an AJAX request! */
     // extra return array - just for ajax handling
     $runData->ajaxResponseAdd("status", "ok");
     $logger->debug("RunData object created and initialized");
     try {
         // check security token
         if ($_COOKIE['wikidot_token7'] == null || $_COOKIE['wikidot_token7'] !== $runData->getParameterList()->getParameterValue('wikidot_token7', 'AMODULE')) {
             throw new ProcessException("no", "wrong_token7");
         //remove token from parameter list!!!
         $callbackIndex = $runData->getParameterList()->getParameterValue('callbackIndex');
         // check if site (wiki) exists!
         $siteHost = $_SERVER["HTTP_HOST"];
         $memcache = Ozone::$memcache;
         if (preg_match("/^([a-zA-Z0-9\\-]+)\\." . GlobalProperties::$URL_DOMAIN_PREG . "\$/", $siteHost, $matches) == 1) {
             $siteUnixName = $matches[1];
             // select site based on the unix name
             // check memcached first!
             // the memcache block is to avoid database connection if possible
             $mcKey = 'site..' . $siteUnixName;
             $site = $memcache->get($mcKey);
             if ($site == false) {
                 $c = new Criteria();
                 $c->add("unix_name", $siteUnixName);
                 $c->add("site.deleted", false);
                 $site = DB_SitePeer::instance()->selectOne($c);
                 $memcache->set($mcKey, $site, 0, 3600);
         } else {
             // select site based on the custom domain
             $mcKey = 'site_cd..' . $siteHost;
             $site = $memcache->get($mcKey);
             if ($site == false) {
                 $c = new Criteria();
                 $c->add("custom_domain", $siteHost);
                 $c->add("site.deleted", false);
                 $site = DB_SitePeer::instance()->selectOne($c);
                 $memcache->set($mcKey, $site, 0, 3600);
             GlobalProperties::$SESSION_COOKIE_DOMAIN = '.' . $siteHost;
         if (!$site) {
             throw new ProcessException(_('The requested site does not exist.'));
         $runData->setTemp("site", $site);
         //nasty global thing...
         $GLOBALS['siteId'] = $site->getSiteId();
         $GLOBALS['site'] = $site;
         // set language
         $GLOBALS['lang'] = $site->getLanguage();
         // and for gettext too:
         $lang = $site->getLanguage();
         switch ($lang) {
             case 'pl':
                 $glang = "pl_PL";
             case 'en':
                 $glang = "en_US";
         setlocale(LC_ALL, $glang . '.UTF-8');
         // Set the text domain as 'messages'
         $gdomain = 'messages';
         bindtextdomain($gdomain, WIKIDOT_ROOT . '/locale');
         $settings = $site->getSettings();
         // handle SSL
         $sslMode = $settings->getSslMode();
         if ($_SERVER['HTTPS']) {
             if (!$sslMode) {
                 // not enabled, issue an errorr
                 throw new ProcessException(_("Secure access is not enabled for this Wiki."));
             } elseif ($sslMode == "ssl_only_paranoid") {
                 // use secure authentication cookie
                 // i.e. change authentication scheme
                 GlobalProperties::$SESSION_COOKIE_NAME = "WIKIDOT_SESSION_SECURE_ID";
                 GlobalProperties::$SESSION_COOKIE_SECURE = true;
         } else {
             // page accessed via http (nonsecure)
             switch ($sslMode) {
                 case 'ssl':
                     //enabled, but nonsecure allowed too.
                 case 'ssl_only_paranoid':
                 case 'ssl_only':
                     throw new ProcessException(_("Nonsecure access is not enabled for this Wiki."));
         // handle session at the begging of procession
         // PRIVATE SITES: check if the site is private and if the user is its member
         if ($site->getPrivate()) {
             // check if not allow anyway
             $template = $runData->getModuleTemplate();
             $actionClass = $runData->getAction();
             $proceed = in_array($actionClass, array('', 'LoginAction', 'MembershipApplyAction', 'CreateAccountAction', 'PasswordRecoveryAction')) && ($template == '' || $template == 'Empty' || preg_match(';^createaccount/;', $template) || preg_match(';^login/;', $template) || preg_match(';^membership/;', $template) || preg_match(';^passwordrecovery/;', $template));
             if (!$proceed) {
                 $user = $runData->getUser();
                 if ($user && !$user->getSuperAdmin() && !$user->getSuperModerator()) {
                     // check if member
                     $c = new Criteria();
                     $c->add("site_id", $site->getSiteId());
                     $c->add("user_id", $user->getUserId());
                     $mem = DB_MemberPeer::instance()->selectOne($c);
                     if (!$mem) {
                         // check if a viewer
                         $c = new Criteria();
                         $c->add("site_id", $site->getSiteId());
                         $c->add("user_id", $user->getUserId());
                         $vi = DB_SiteViewerPeer::instance()->selectOne($c);
                         if (!$vi) {
                             $user = null;
                 if ($user == null) {
                     throw new ProcessException(_('This Site is private and accessible only to its members.'));
         $template = $runData->getModuleTemplate();
         $classFile = $runData->getModuleClassPath();
         $className = $runData->getModuleClassName();
         $logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
         require_once $classFile;
         $module = new $className();
         // module security check
         if (!$module->isAllowed($runData)) {
             throw new WDPermissionException(_("Not allowed."));
         $logger->debug("OZONE initialized");
         $logger->info("Ozone engines successfully initialized");
         // PROCESS ACTION
         $actionClass = $runData->getAction();
         $logger->debug("processing action {$actionClass}");
         $runData->setTemp("jsInclude", array());
         $runData->setTemp("cssInclude", array());
         if ($actionClass) {
             require_once PathManager::actionClass($actionClass);
             $tmpa1 = explode('/', $actionClass);
             $actionClassStripped = end($tmpa1);
             $action = new $actionClassStripped();
             $classFile = $runData->getModuleClassPath();
             if (!$action->isAllowed($runData)) {
                 throw new WDPermissionException("Not allowed.");
             $actionEvent = $runData->getActionEvent();
             if ($actionEvent != null) {
                 $logger->debug("processing action: {$actionClass}, event: {$actionEvent}");
             } else {
                 $logger->debug("processing action: {$actionClass}");
         // end action process
         // check if template has been changed by the module. if so...
         if ($template != $runData->getModuleTemplate()) {
             $classFile = $runData->getModuleClassPath();
             $className = $runData->getModuleClassName();
             $logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
             require_once $classFile;
             $module = new $className();
         $rendered = $module->render($runData);
         $jsInclude = $runData->getTemp("jsInclude");
         $jsInclude = array_merge($jsInclude, $module->getExtraJs());
         $runData->setTemp("jsInclude", $jsInclude);
         $cssInclude = $runData->getTemp("cssInclude");
         $cssInclude = array_merge($cssInclude, $module->getExtraCss());
         $runData->setTemp("cssInclude", $cssInclude);
     } catch (ProcessException $e) {
         $db = Database::connection();
         $runData->ajaxResponseAdd("message", $e->getMessage());
         $runData->ajaxResponseAdd("status", $e->getStatus());
         $template = null;
     } catch (WDPermissionException $e) {
         $db = Database::connection();
         $runData->ajaxResponseAdd("message", $e->getMessage());
         $runData->ajaxResponseAdd("status", "no_permission");
         $template = null;
     } catch (Exception $e) {
         $db = Database::connection();
         $runData->ajaxResponseAdd("message", _("An error occured while processing the request.") . ' ' . $e->getMessage());
         $runData->ajaxResponseAdd("status", "not_ok");
         $template = null;
         // LOG ERROR TOO!!!
         $logger = OzoneLogger::instance();
         $logger->error("Exception caught while processing ajax module:\n\n" . $e->__toString());
     $rVars = $runData->getAjaxResponse();
     if ($rendered != null) {
         // process modules...
         $moduleProcessor = new ModuleProcessor($runData);
         $out = $moduleProcessor->process($rendered);
         $rVars['body'] = $out;
         // check the javascript files for inclusion
     if ($template != null && $template != "Empty") {
         $jsInclude = $runData->getTemp("jsInclude");
         if ($module->getIncludeDefaultJs()) {
             $file = WIKIDOT_ROOT . '/' . GlobalProperties::$MODULES_JS_PATH . '/' . $template . '.js';
             if (file_exists($file)) {
                 $url = GlobalProperties::$MODULES_JS_URL . '/' . $template . '.js';
                 $incl = $url;
                 $jsInclude[] = $incl;
         $rVars['jsInclude'] = $jsInclude;
         $cssInclude = $runData->getTemp("cssInclude");
         if ($module->getIncludeDefaultCss()) {
             $file = WIKIDOT_ROOT . '/' . GlobalProperties::$MODULES_CSS_PATH . '/' . $template . '.css';
             if (file_exists($file)) {
                 $url = GlobalProperties::$MODULES_CSS_URL . '/' . $template . '.css';
                 $incl = $url;
                 $cssInclude[] = $incl;
         $rVars['cssInclude'] = $cssInclude;
     // specify (copy) jscallback. ugly, right? ;-)
     $rVars['callbackIndex'] = $callbackIndex;
     $json = new JSONService();
     $out = $json->encode($rVars);
     echo $out;