public static function redirectUrl($url, $statusCode = 302)
{
$response = new RedirectResponse();
$response->setHeader("Location", $url);
$response->setStatusCode($statusCode);
return $response;
}
/**
* Create a new redirect response.
*
* @param string $path
* @param int $status
* @param array $headers
* @return \Zidisha\Http\RedirectResponse
*/
protected function createRedirect($path, $status, $headers)
{
$redirect = new RedirectResponse($path, $status, $headers);
if (isset($this->session)) {
$redirect->setSession($this->session);
}
$redirect->setRequest($this->generator->getRequest());
return $redirect;
}
/**
* Force SSL if site is configured to and
* the connection is not secure.
*
* @return void
*/
public function boot()
{
if ($this->app->isSite() && $this->app['config']->get('force_ssl') == 2) {
if (!$this->app['request']->isSecure()) {
$uri = str_replace('http:', 'https:', $this->app['request']->getUri());
$redirect = new RedirectResponse($uri);
$redirect->setRequest($this->app['request']);
$redirect->send();
$this->app->close();
}
}
}
/**
* @param string $controllerName Controller name (for example, "product" for ProductController)
* @param string $actionName Controller action name
* @param array $paramList additional parameters (for example, array('id' => 4, 'query' => 'more=params&other=true'))
*/
public function __construct($controllerName, $actionName, $paramList = array())
{
parent::__construct('');
$this->setControllerName($controllerName);
$this->setActionName($actionName);
$this->setParamList($paramList);
}
public function postPostNew($request, $response, $args)
{
if (!$this->app->auth()->isLoggedIn()) {
$response = new \RedirectResponse('/unauthorised');
return $response;
}
$template = $this->twig->loadTemplate('post/new.twig');
$validator = new \Valitron\Validator(array('title' => $this->app->input()->post('title'), 'body' => $this->app->input()->post('body'), 'status' => $this->app->input()->post('status')));
$validator->rule('required', ['title', 'body', 'status']);
$validator->rule('integer', ['status']);
if ($validator->validate()) {
$post = \Model::factory('App\\Models\\Post')->create();
$post->title = $this->app->input()->post('title');
$post->body = $this->app->input()->post('body');
$post->created_at = date('Y-m-d H:i:s');
$post->updated_at = date('Y-m-d H:i:s');
$post->status = $this->app->input()->post('status');
if ($post->save()) {
$response = new RedirectResponse('/');
return $response;
} else {
$response->setContent($template->render(['errors' => [['Unable to create post']], 'input' => $this->app->input()->all('post')]));
return $response;
}
} else {
$response->setContent($template->render(['errors' => $validator->errors(), 'input' => $this->app->input()->all('post')]));
return $response;
}
}
/**
* Dispatch
*/
public function run()
{
$config = Service::get('config');
$request = Service::get('request');
$route = Service::get('router')->find($request->getUrl());
$user = Service::get('user')->getUser();
if (empty($user) & !empty(Cookie::get($config->getVal('remember/cookie_name')))) {
$user = Service::get('user');
$user = $user->find();
}
if (empty($user)) {
if (!in_array($request->getUrl(), array('/login', '/auth', '/gate', '/register', '/reg'))) {
$response = new RedirectResponse('/gate');
$response->send();
}
}
if (!empty($route)) {
$controller_class = $route['controller'] . 'Controller';
if (!class_exists($controller_class)) {
throw new \Exception("Controller class [" . $route['controller'] . "] doesn't exist");
}
$controller = new $controller_class();
if (!method_exists($controller, $route['action'] . 'Action')) {
throw new \Exception("Method [" . $route['action'] . "Action ] doesn't exist in [" . $route['controller'] . "]");
}
$action = $route['action'] . 'Action';
$response = call_user_func_array(array($controller, $action), $route['params']);
if ($response->type == 'html') {
$renderer = new Renderer(URL . '/src/template.php');
$renderer->setVars(array('content' => $response->content));
$response->content = $renderer->render();
}
$response->send();
} else {
throw new \Exception("Wrong route [" . $request->getUrl() . "]");
}
}
/**
* Install controller.
*
* @return void
*/
function install(Core $core)
{
define('_ZINSTALLVER', Core::VERSION_NUM);
$serviceManager = $core->getContainer();
$eventManager = $core->getDispatcher();
// Lazy load DB connection to avoid testing DSNs that are not yet valid (e.g. no DB created yet)
$dbEvent = new GenericEvent(null, array('lazy' => true));
$eventManager->dispatch('doctrine.init_connection', $dbEvent);
$core->init(Core::STAGE_ALL & ~Core::STAGE_THEME & ~Core::STAGE_MODS & ~Core::STAGE_LANGS & ~Core::STAGE_DECODEURLS & ~Core::STAGE_SESSIONS);
// Power users might have moved the temp folder out of the root and changed the config.php
// accordingly. Make sure we respect this security related settings
$tempDir = isset($GLOBALS['ZConfig']['System']['temp']) ? $GLOBALS['ZConfig']['System']['temp'] : 'ztemp';
// define our smarty object
$smarty = new Smarty();
$smarty->caching = false;
$smarty->compile_check = true;
$smarty->left_delimiter = '{';
$smarty->right_delimiter = '}';
$smarty->compile_dir = $tempDir . '/view_compiled';
$smarty->template_dir = 'install/templates';
$smarty->plugins_dir = array('plugins', 'install/templates/plugins');
$smarty->clear_compiled_tpl();
file_put_contents("{$tempDir}/view_compiled/index.html", '');
$lang = FormUtil::getPassedValue('lang', '', 'GETPOST');
$dbhost = FormUtil::getPassedValue('dbhost', '', 'GETPOST');
$dbusername = FormUtil::getPassedValue('dbusername', '', 'GETPOST');
$dbpassword = FormUtil::getPassedValue('dbpassword', '', 'GETPOST');
$dbname = FormUtil::getPassedValue('dbname', '', 'GETPOST');
$dbprefix = '';
$dbdriver = FormUtil::getPassedValue('dbdriver', '', 'GETPOST');
$dbtabletype = FormUtil::getPassedValue('dbtabletype', '', 'GETPOST');
$username = FormUtil::getPassedValue('username', '', 'POST');
$password = FormUtil::getPassedValue('password', '', 'POST');
$repeatpassword = FormUtil::getPassedValue('repeatpassword', '', 'POST');
$email = FormUtil::getPassedValue('email', '', 'GETPOST');
$action = FormUtil::getPassedValue('action', '', 'GETPOST');
$notinstalled = isset($_GET['notinstalled']);
$installedState = isset($GLOBALS['ZConfig']['System']['installed']) ? $GLOBALS['ZConfig']['System']['installed'] : 0;
// If somehow we are browsing the not installed page but installed, redirect back to homepage
if ($installedState && $notinstalled) {
$response = new RedirectResponse(System::getHomepageUrl());
return $response->send();
}
// see if the language was already selected
$languageAlreadySelected = $lang ? true : false;
if (!$notinstalled && $languageAlreadySelected && empty($action)) {
$response = new RedirectResponse(System::getBaseUri() . "/install.php?action=requirements&lang={$lang}");
return $response->send();
}
// see if the language was already selected
$languageAlreadySelected = $lang ? true : false;
if (!$notinstalled && $languageAlreadySelected && empty($action)) {
$response = new RedirectResponse(System::getBaseUri() . "/install.php?action=requirements&lang={$lang}");
return $response->send();
}
// load the installer language files
if (empty($lang)) {
if (is_readable('config/installer.ini')) {
$test = parse_ini_file('config/installer.ini');
$lang = isset($test['language']) ? $test['language'] : 'en';
} else {
$available = ZLanguage::getInstalledLanguages();
$detector = new ZLanguageBrowser($available);
$lang = $detector->discover();
}
$lang = DataUtil::formatForDisplay($lang);
}
// setup multilingual
$GLOBALS['ZConfig']['System']['language_i18n'] = $lang;
$GLOBALS['ZConfig']['System']['multilingual'] = true;
$GLOBALS['ZConfig']['System']['languageurl'] = true;
$GLOBALS['ZConfig']['System']['language_detect'] = false;
$serviceManager->loadArguments($GLOBALS['ZConfig']['System']);
$_lang = ZLanguage::getInstance();
$_lang->setup();
$lang = ZLanguage::getLanguageCode();
$installbySQL = file_exists("install/sql/custom-{$lang}.sql") ? "install/sql/custom-{$lang}.sql" : false;
$smarty->assign('lang', $lang);
$smarty->assign('installbySQL', $installbySQL);
$smarty->assign('langdirection', ZLanguage::getDirection());
$smarty->assign('charset', ZLanguage::getEncoding());
// show not installed case
if ($notinstalled) {
header('HTTP/1.1 503 Service Unavailable');
$smarty->display('notinstalled.tpl');
$smarty->clear_compiled_tpl();
file_put_contents("{$tempDir}/view_compiled/index.html", '');
exit;
}
// assign the values from config.php
$smarty->assign($GLOBALS['ZConfig']['System']);
// if the system is already installed, halt.
if ($GLOBALS['ZConfig']['System']['installed']) {
_installer_alreadyinstalled($smarty);
}
// check for an empty action - if so then show the first installer page
if (empty($action)) {
$action = 'lang';
}
// perform tasks based on our action
switch ($action) {
case 'processBDInfo':
$dbname = trim($dbname);
$dbusername = trim($dbusername);
if (empty($dbname) || empty($dbusername)) {
$action = 'dbinformation';
$smarty->assign('dbconnectmissing', true);
} elseif (!preg_match('/^[\\w-]*$/', $dbname) || strlen($dbname) > 64) {
$action = 'dbinformation';
$smarty->assign('dbinvalidname', true);
} else {
update_config_php($dbhost, $dbusername, $dbpassword, $dbname, $dbdriver, $dbtabletype);
update_installed_status(0);
try {
$dbh = new PDO("{$dbdriver}:host={$dbhost};dbname={$dbname}", $dbusername, $dbpassword);
} catch (PDOException $e) {
$action = 'dbinformation';
$smarty->assign('reason', $e->getMessage());
$smarty->assign('dbconnectfailed', true);
}
}
if ($action != 'dbinformation') {
$action = 'createadmin';
}
break;
case 'finish':
if (!$username || preg_match('/[^\\p{L}\\p{N}_\\.\\-]/u', $username)) {
$action = 'createadmin';
$smarty->assign('uservalidatefailed', true);
$smarty->assign(array('username' => $username, 'password' => $password, 'repeatpassword' => $repeatpassword, 'email' => $email));
} elseif (mb_strlen($password) < 7) {
$action = 'createadmin';
$smarty->assign('badpassword', true);
$smarty->assign(array('username' => $username, 'password' => $password, 'repeatpassword' => $repeatpassword, 'email' => $email));
} elseif ($password !== $repeatpassword) {
$action = 'createadmin';
$smarty->assign('passwordcomparefailed', true);
$smarty->assign(array('username' => $username, 'password' => $password, 'repeatpassword' => $repeatpassword, 'email' => $email));
} elseif (!validateMail($email)) {
$action = 'createadmin';
$smarty->assign('emailvalidatefailed', true);
$smarty->assign(array('username' => $username, 'password' => $password, 'repeatpassword' => $repeatpassword, 'email' => $email));
} else {
$installedOk = false;
// if it is the distribution and the process have not failed in a previous step
if ($installbySQL) {
// checks if exists a previous installation with the same prefix
$proceed = true;
$dbnameConfig = $GLOBALS['ZConfig']['DBInfo']['databases']['default']['dbname'];
$exec = $dbdriver == 'mysql' || $dbdriver == 'mysqli' ? "SHOW TABLES FROM `{$dbnameConfig}` LIKE '%'" : "SHOW TABLES FROM {$dbnameConfig} LIKE '%'";
$tables = DBUtil::executeSQL($exec);
if ($tables->rowCount() > 0) {
$proceed = false;
$action = 'dbinformation';
$smarty->assign('dbexists', true);
}
if ($proceed) {
// checks if file exists
if (!file_exists($installbySQL)) {
$action = 'dbinformation';
$smarty->assign('dbdumpfailed', true);
} else {
// execute the SQL dump
$lines = file($installbySQL);
$exec = '';
foreach ($lines as $line_num => $line) {
$line = trim($line);
if (empty($line) || strpos($line, '--') === 0) {
continue;
}
$exec .= $line;
if (strrpos($line, ';') === strlen($line) - 1) {
if (!DBUtil::executeSQL($exec)) {
$action = 'dbinformation';
$smarty->assign('dbdumpfailed', true);
break;
}
$exec = '';
}
}
ModUtil::dbInfoLoad('Users', 'Users');
ModUtil::dbInfoLoad('Extensions', 'Extensions');
ModUtil::initCoreVars(true);
createuser($username, $password, $email);
$installedOk = true;
}
}
} else {
installmodules($lang);
createuser($username, $password, $email);
$installedOk = true;
}
if ($installedOk) {
// create our new site admin
// TODO: Email username/password to administrator email address. Cannot use ModUtil::apiFunc for this.
$serviceManager->get('session')->start();
$authenticationInfo = array('login_id' => $username, 'pass' => $password);
$authenticationMethod = array('modname' => 'Users', 'method' => 'uname');
UserUtil::loginUsing($authenticationMethod, $authenticationInfo);
// add admin email as site email
System::setVar('adminmail', $email);
if (!$installbySQL) {
Theme_Util::regenerate();
}
// set site status as installed and protect config.php file
update_installed_status(1);
@chmod('config/config.php', 0400);
if (!is_readable('config/config.php')) {
@chmod('config/config.php', 0440);
if (!is_readable('config/config.php')) {
@chmod('config/config.php', 0444);
}
}
// install all plugins
$systemPlugins = PluginUtil::loadAllSystemPlugins();
foreach ($systemPlugins as $plugin) {
PluginUtil::install($plugin);
}
LogUtil::registerStatus(__('Congratulations! Zikula has been successfullly installed.'));
$response = new RedirectResponse(ModUtil::url('Admin', 'admin', 'adminpanel'));
$response->send();
exit;
}
}
break;
case 'requirements':
$checks = _check_requirements();
$ok = true;
foreach ($checks as $check) {
if (!$check) {
$ok = false;
break;
}
}
foreach ($checks['files'] as $check) {
if (!$check['writable']) {
$ok = false;
break;
}
}
if ($ok) {
$response = new RedirectResponse(System::getBaseUri() . "/install.php?action=dbinformation&lang={$lang}");
$response->send();
exit;
}
$smarty->assign('checks', $checks);
break;
}
// check our action template exists
$action = DataUtil::formatForOS($action);
if ($smarty->template_exists("installer_{$action}.tpl")) {
$smarty->assign('action', $action);
$templateName = "installer_{$action}.tpl";
} else {
$smarty->assign('action', 'error');
$templateName = 'installer_error.tpl';
}
$smarty->assign('maincontent', $smarty->fetch($templateName));
$smarty->display('installer_page.tpl');
$smarty->clear_compiled_tpl();
file_put_contents("{$tempDir}/view_compiled/index.html", '');
}
