/**
* Routes the request to a registered page handler
*
* This function triggers a plugin hook `'route', $identifier` so that plugins can
* modify the routing or handle a request.
*
* @param Request $request The request to handle.
* @return boolean Whether the request was routed successfully.
* @access private
*/
public function route(Request $request)
{
$segments = $request->getUrlSegments();
if ($segments) {
$identifier = array_shift($segments);
} else {
$identifier = '';
}
// return false to stop processing the request (because you handled it)
// return a new $result array if you want to route the request differently
$old = array('identifier' => $identifier, 'handler' => $identifier, 'segments' => $segments);
if ($this->timer) {
$this->timer->begin(['build page']);
}
ob_start();
$result = $this->hooks->trigger('route', $identifier, $old, $old);
if ($result === false) {
$output = ob_get_clean();
$response = elgg_ok_response($output);
} else {
if ($result !== $old) {
_elgg_services()->logger->warn('Use the route:rewrite hook to modify routes.');
}
if ($identifier != $result['identifier']) {
$identifier = $result['identifier'];
} else {
if ($identifier != $result['handler']) {
$identifier = $result['handler'];
}
}
$segments = $result['segments'];
$response = false;
if (isset($this->handlers[$identifier]) && is_callable($this->handlers[$identifier])) {
$function = $this->handlers[$identifier];
$response = call_user_func($function, $segments, $identifier);
}
$output = ob_get_clean();
if ($response === false) {
return headers_sent();
}
if (!$response instanceof ResponseBuilder) {
$response = elgg_ok_response($output);
}
}
if (_elgg_services()->responseFactory->getSentResponse()) {
return true;
}
_elgg_services()->responseFactory->respond($response);
return headers_sent();
}
/**
* Page handler for activity
*
* @param array $segments URL segments
* @return \Elgg\Http\ResponseBuilder
* @access private
*/
function elgg_activity_page_handler($segments)
{
elgg_set_page_owner_guid(elgg_get_logged_in_user_guid());
// make a URL segment available in page handler script
$page_type = elgg_extract(0, $segments, 'all');
$page_type = preg_replace('[\\W]', '', $page_type);
if ($page_type == 'owner') {
elgg_gatekeeper();
$page_username = elgg_extract(1, $segments, '');
if ($page_username == elgg_get_logged_in_user_entity()->username) {
$page_type = 'mine';
} else {
$vars['subject_username'] = $page_username;
}
}
$vars['page_type'] = $page_type;
return elgg_ok_response(elgg_view_resource("river", $vars));
}
/**
* Intercepts the index page when Walled Garden mode is enabled.
*
* @return ResponseBuilder
* @access private
*/
function _elgg_walled_garden_index()
{
return elgg_ok_response(elgg_view_resource('walled_garden'));
}
$default_widgets = (int) get_input('default_widgets', 0);
elgg_set_page_owner_guid($page_owner_guid);
$page_owner = elgg_get_page_owner_entity();
if (!$page_owner) {
return elgg_error_response(elgg_echo('widgets:add:failure'));
}
if (!elgg_can_edit_widget_layout($context)) {
// logged in user must be able to edit the layout to add a widget
return elgg_error_response(elgg_echo('widgets:add:failure'));
}
$guid = elgg_create_widget($page_owner->getGUID(), $handler, $context);
if (!$guid) {
return elgg_error_response(elgg_echo('widgets:add:failure'));
}
$widget = get_entity($guid);
// position the widget
$widget->move($column, 0);
$context_stack = [];
if ($default_widgets) {
$context_stack[] = 'default_widgets';
}
$context_stack[] = 'widgets';
if ($context) {
$context_stack[] = $context;
}
foreach ($context_stack as $ctx) {
elgg_push_context($ctx);
}
$result = elgg_view_entity($widget, ['show_access' => $show_access]);
return elgg_ok_response($result);
elgg_get_session()->set('forgotpassword:hash_missing', get_input('username'));
$output = ['forward' => 'forgotpassword'];
return elgg_ok_response($output, '', 'forgotpassword');
}
return elgg_error_response($result);
}
if (!$user) {
return elgg_error_response(elgg_echo('login:baduser'));
}
try {
login($user, $persistent);
// re-register at least the core language file for users with language other than site default
register_translations(dirname(dirname(__FILE__)) . "/languages/");
} catch (LoginException $e) {
return elgg_error_response($e->getMessage());
}
// elgg_echo() caches the language and does not provide a way to change the language.
// @todo we need to use the config object to store this so that the current language
// can be changed. Refs #4171
if ($user->language) {
$message = elgg_echo('loginok', array(), $user->language);
} else {
$message = elgg_echo('loginok');
}
// clear after login in case login fails
$session->remove('last_forward_from');
$params = array('user' => $user, 'source' => $forward_source);
$forward_url = elgg_trigger_plugin_hook('login:forward', 'user', $params, $forward_url);
$output = ['forward' => $forward_url];
return elgg_ok_response($output, $message, $forward_url);
/**
* Send an updated CSRF token, provided the page's current tokens were not fake.
*
* @return ResponseBuilder
* @access private
*/
public function handleTokenRefreshRequest()
{
if (!elgg_is_xhr()) {
return false;
}
// the page's session_token might have expired (not matching __elgg_session in the session), but
// we still allow it to be given to validate the tokens in the page.
$session_token = get_input('session_token', null, false);
$pairs = (array) get_input('pairs', array(), false);
$valid_tokens = (object) array();
foreach ($pairs as $pair) {
list($ts, $token) = explode(',', $pair, 2);
if ($this->validateTokenOwnership($token, $ts, $session_token)) {
$valid_tokens->{$token} = true;
}
}
$ts = $this->getCurrentTime()->getTimestamp();
$token = $this->generateActionToken($ts);
$data = array('token' => array('__elgg_ts' => $ts, '__elgg_token' => $token, 'logged_in' => $this->session->isLoggedIn()), 'valid_tokens' => $valid_tokens, 'session_token' => $this->session->get('__elgg_session'), 'user_guid' => $this->session->getLoggedInUserGuid());
elgg_set_http_header("Content-Type: application/json;charset=utf-8");
return elgg_ok_response($data);
}
* @uses int $_REQUEST['default_widgets'] Flag for if these settings are for default wigets.
* @uses string $_REQUEST['context'] An optional context of the widget. Used to return
* the correct output if widget content changes
* depending on context.
*/
$guid = (int) get_input('guid');
$params = get_input('params');
$default_widgets = (int) get_input('default_widgets', 0);
$context = get_input('context');
$widget = get_entity($guid);
if (!$widget instanceof \ElggWidget || !$widget->saveSettings($params)) {
return elgg_error_response(elgg_echo('widgets:save:failure'));
}
$context_stack = [];
if ($default_widgets) {
$context_stack[] = 'default_widgets';
}
$context_stack[] = 'widgets';
if ($context) {
$context_stack[] = $context;
}
foreach ($context_stack as $ctx) {
elgg_push_context($ctx);
}
elgg_set_page_owner_guid($widget->getContainerGUID());
$output = ['content' => elgg_view('object/widget/elements/content', ['entity' => $widget]), 'title' => $widget->getTitle(), 'href' => $widget->getURL()];
foreach ($context_stack as $ctx) {
elgg_pop_context();
}
return elgg_ok_response($output);
<?php
$output = get_input('output');
$forward_url = get_input('forward_url');
$forward_reason = (int) get_input('forward_reason', ELGG_HTTP_OK);
$system_message = get_input('system_message');
$error_message = get_input('error_message');
if ($forward_url == '-1') {
$forward_url = REFERRER;
}
if ($forward_reason == ELGG_HTTP_OK && !$error_message) {
return elgg_ok_response($output, $system_message, $forward_url, $forward_reason);
} else {
if ($forward_reason == ELGG_HTTP_BAD_REQUEST || $error_message) {
return elgg_error_response($error_message, $forward_url, $forward_reason);
} else {
if ($forward_reason == ELGG_HTTP_FOUND) {
return elgg_redirect_response($forward_url);
}
}
}
<?php
/**
* Elgg Message board: delete message action
*
* @package ElggMessageBoard
*/
$annotation_id = (int) get_input('annotation_id');
$message = elgg_get_annotation_from_id($annotation_id);
$ok_output = ['deleted' => $message->toObject()];
if ($message && $message->canEdit() && $message->delete()) {
return elgg_ok_response($ok_output, elgg_echo('messageboard:deleted'));
}
return elgg_error_response(elgg_echo('messageboard:notdeleted'));
foreach ($ids as $id) {
elgg_delete_admin_notice($id);
}
} else {
$msg = $plugin->getError();
$string = $msg ? 'admin:plugins:activate:no_with_msg' : 'admin:plugins:activate:no';
register_error(elgg_echo($string, array($plugin->getFriendlyName(), $plugin->getError())));
}
}
// don't regenerate the simplecache because the plugin won't be
// loaded until next run. Just invalidate and let it regenerate as needed
elgg_flush_caches();
if (count($activated_guids) === 1) {
$url = 'admin/plugins';
$query = (string) parse_url($_SERVER['HTTP_REFERER'], PHP_URL_QUERY);
if ($query) {
$url .= "?{$query}";
}
$plugin = get_entity($plugin_guids[0]);
$id = $css_id = preg_replace('/[^a-z0-9-]/i', '-', $plugin->getID());
$url = "{$url}#id";
$data = ['list' => elgg_view('admin/plugins', ['list_only' => true])];
return elgg_ok_response($data, '', $url);
} else {
// forward to top of page with a failure so remove any #foo
$url = $_SERVER['HTTP_REFERER'];
if (strpos($url, '#')) {
$url = substr(0, strpos($url, '#'));
}
forward($url);
}
<?php
/**
* Elgg Message board: add message action
*
* @package ElggMessageBoard
*/
$message_content = get_input('message_content');
$owner_guid = (int) get_input('owner_guid');
$owner = get_user($owner_guid);
if (!$owner || empty($message_content)) {
return elgg_error_response(elgg_echo('messageboard:blank'));
}
$result = messageboard_add(elgg_get_logged_in_user_entity(), $owner, $message_content, $owner->access_id);
if (!$result) {
return elgg_error_response(elgg_echo('messageboard:failure'));
}
$output = elgg_list_annotations(['annotations_name' => 'messageboard', 'guid' => $owner->guid, 'pagination' => false, 'reverse_order_by' => true, 'limit' => 1]);
return elgg_ok_response($output, elgg_echo('messageboard:posted'));
}
if (get_user_by_email($email)) {
$error = true;
$already_members[] = $email;
continue;
}
$link = elgg_get_registration_url(array('friend_guid' => $current_user->guid, 'invitecode' => generate_invite_code($current_user->username)));
$message = elgg_echo('invitefriends:email', array($site->name, $current_user->name, $emailmessage, $link));
$subject = elgg_echo('invitefriends:subject', array($site->getDisplayName()));
// create the from address
if ($site->email) {
$from = $site->email;
} else {
$from = 'noreply@' . $site->getDomain();
}
elgg_send_email($from, $email, $subject, $message);
$sent_total++;
}
if ($error) {
register_error(elgg_echo('invitefriends:invitations_sent', array($sent_total)));
if (count($bad_emails) > 0) {
register_error(elgg_echo('invitefriends:email_error', array(implode(', ', $bad_emails))));
}
if (count($already_members) > 0) {
register_error(elgg_echo('invitefriends:already_members', array(implode(', ', $already_members))));
}
return elgg_error_response();
}
elgg_clear_sticky_form('invitefriends');
return elgg_ok_response('', elgg_echo('invitefriends:success'));
/**
* Front page handler
*
* @return bool
*/
function elgg_front_page_handler()
{
return elgg_ok_response(elgg_view_resource('index'));
}
<?php
/**
* Elgg widget delete action
*
* @package Elgg.Core
* @subpackage Widgets.Management
*/
$widget_guid = (int) get_input('widget_guid');
$widget = get_entity($widget_guid);
if (!$widget instanceof \ElggWidget) {
return elgg_error_response(elgg_echo('widgets:remove:failure'));
}
elgg_set_page_owner_guid($widget->getContainerGUID());
if (!elgg_can_edit_widget_layout($widget->context)) {
return elgg_error_response(elgg_echo('widgets:remove:failure'));
}
if (!$widget->delete()) {
return elgg_error_response(elgg_echo('widgets:remove:failure'));
}
return elgg_ok_response();
public function testCanRespondToAjax2RequestForPageThatForwardsToErrorPage()
{
$this->request = $this->prepareHttpRequest('phpunit', 'GET', [], 2);
$this->createService();
elgg_register_page_handler('phpunit', function () {
_elgg_services()->responseFactory->redirect('error', ELGG_HTTP_NOT_FOUND);
return elgg_ok_response('foo');
});
$this->assertTrue($this->route());
$response = _elgg_services()->responseFactory->getSentResponse();
$this->assertInstanceOf(Response::class, $response);
$this->assertEquals(ELGG_HTTP_NOT_FOUND, $response->getStatusCode());
$this->assertContains('application/json', $response->headers->get('Content-Type'));
$output = json_encode(['error' => ''], ELGG_JSON_ENCODING);
$this->assertEquals($output, $response->getContent());
// compensate for fact that ResponseFactory::redirect closes a buffer it didn't open
ob_start();
}
