/**
* Renders the controller
*
* @return string The rendered html
*/
function render()
{
if ($this->_response == null) {
try {
$this->before();
call_user_func_array(array($this, '_' . $this->action), $this->args);
// Dereference this object
foreach (get_object_vars($this) as $var => $value) {
${$var} = $value;
}
// Now render view
ob_start();
include VIEWS . $this->_view . '.php';
$this->_response = ob_get_contents();
ob_end_clean();
$this->after();
/*
* If at any point we get a redirect request, start over with the requested controller
*
* Hint: if you want to exchange information with the new controller (or change the template) use
* global variables ($_GLOBAL['template'] = &this->template())
*/
} catch (Redirect $e) {
$controller = Controller::load(end(Controller::$redirect));
$this->_response = $controller->render();
}
// Wrap with template if required
if ($this->_template) {
$this->_response = $this->_template->render($this->_response);
}
}
return $this->_response;
}
static function Router()
{
$request = $_ENV['raptorphp.url_request'];
if ($request == "/") {
$request = Config::get_value('mainApp');
}
$request = str_replace('.', '/', $request);
Controller::load($request);
}
public static function generate($userId)
{
$usersRolesModel = Model::load("auth.users_roles")->setQueryResolve(false);
$roles = $usersRolesModel->getWithField2('user_id', $userId);
self::$permissionsModel = Model::load('system.permissions');
$menu = [];
foreach ($roles as $role) {
$menu = self::mergeMenus($menu, self::generateMenus($role['role_id']));
}
$flatened = self::flatenMenu($menu);
$sideMenu = Controller::load(array("system", "side_menu", "generate", serialize($menu)));
file_put_contents("app/cache/menus/side_menu_u{$userId}.html", $sideMenu->content);
file_put_contents("app/cache/menus/menu_u{$userId}.object", serialize($flatened));
}
function testController()
{
copy(SITE_PATH . "tests/fixtures/controller_routes.fixture.php", SITE_PATH . "config/_routes.php");
# test connect
$request = load_egg("request", 1);
$request->uri_parts = explode("/", "test/25/delete");
$request->request_method = "post";
$routing = new Routing($request, "_routes");
$request_info = $routing->climb();
$request->request_info = $request_info;
$controller = new Controller();
$controller->load($request);
unlink(SITE_PATH . "config/_routes.php");
unlink(SITE_PATH . "config/_routes.tmp.php");
}
public static function dispatch($request = null)
{
$request = self::normalize($request);
try {
$class = Inflector::camelize($request['controller']) . 'Controller';
$controller = Controller::load($class, true);
return $controller->callAction($request);
} catch (MissingControllerException $e) {
if (Controller::hasViewForAction($request)) {
$controller = new AppController();
return $controller->callAction($request);
} else {
throw $e;
}
}
}
function testController()
{
copy(SITE_PATH . "tests/fixtures/controller_routes.fixture.php", SITE_PATH . "config/_routes.php");
# test connect
$request = load_egg("request", 1);
$request->uri_parts = explode("/", "testz/25/delete");
$request->request_method = "post";
$routing = new Routing($request, "_routes");
$request_info = $routing->climb();
$request->request_info = $request_info;
$controller = new Controller();
ob_start();
$controller->load($request);
$output = ob_get_contents();
ob_end_clean();
$this->assertEqual($output, "Hello World");
unlink(SITE_PATH . "config/_routes.php");
unlink(SITE_PATH . "config/_routes.tmp.php");
}
public function index()
{
$controlName = 'admincp/controlDashboard';
if (Cookie::has('userid')) {
$valid = UserGroups::getPermission(Users::getCookieGroupId(), 'can_view_admincp');
if ($valid != 'yes') {
Alert::make('You not have permission to view this page');
}
$controlName = 'admincp/controlDashboard';
$default_adminpage_method = trim(System::getSetting('default_adminpage_method', 'none'));
if ($default_adminpage_method == 'url') {
$default_adminpage = trim(System::getSetting('default_adminpage_url', 'admincp/'));
if ($default_adminpage != 'admincp/' && System::getUri() == 'admincp/') {
$beginUri = 'admincp';
if ($default_adminpage[0] != '/') {
$beginUri .= '/';
}
System::setUri($beginUri . $default_adminpage);
}
}
if ($match = Uri::match('^admincp\\/(\\w+)')) {
$controlName = 'admincp/control' . ucfirst($match[1]);
}
} else {
$controlName = 'admincp/controlLogin';
if ($match = Uri::match('^admincp\\/forgotpass')) {
$controlName = 'admincp/controlForgotpass';
}
}
$codeHead = Plugins::load('admincp_header');
$codeHead = is_array($codeHead) ? '' : $codeHead;
$codeFooter = Plugins::load('admincp_footer');
$codeFooter = is_array($codeFooter) ? '' : $codeFooter;
// print_r($codeHead);die();
System::defineGlobalVar('admincp_header', $codeHead);
System::defineGlobalVar('admincp_footer', $codeFooter);
Controller::load($controlName);
}
/**
* This recursive method is called to generate a structured array representation
* of the modules in the system. This helps to generate the permissions tree.
* It individually loads every module and extracts the list of permissions
* from it. The output from this method is passed to the drawPermissions
* method for the purpose of generating the permissions tree.
*
* @param $path The directory path where the modules are stored
* @param $prefix A prefix which should be removed from the path name when
* generating the modules path which is to be used in the
* Controller::load() method.
* @return Array
*/
private function getPermissionList($path, $prefix)
{
global $redirectedPackage;
$redirected = false;
$redirectedPackage = "";
if (file_exists($path . "/package_redirect.php")) {
include $path . "/package_redirect.php";
$originalPath = $path;
$path = $redirect_path;
$d = dir($path);
$redirected = true;
$redirects = Cache::get("permission_redirects");
if ($redirects == null) {
$redirects = array();
}
$redirects[] = array("from" => $originalPath, "to" => $path);
Cache::add("permission_redirects", $redirects);
} else {
$redirects = Cache::get("permission_redirects");
if (is_array($redirects)) {
foreach ($redirects as $redirect) {
if (substr_count($path, $redirect["from"]) > 0) {
$redirected = true;
$originalPath = $path;
$path = str_replace($redirect["from"], $redirect["to"], $path);
break;
}
}
}
$d = dir($path);
}
$list = array();
while (false !== ($entry = $d->read())) {
if ($entry != "." && $entry != ".." && is_dir("{$path}/{$entry}")) {
if ($redirected) {
$urlPath = substr("{$originalPath}/{$entry}", strlen($prefix));
$modulePath = explode("/", substr(substr("{$originalPath}/{$entry}", strlen($prefix)), 1));
$module = Controller::load($modulePath, false);
} else {
$urlPath = str_replace("//", "/", substr("{$path}/{$entry}", strlen($prefix)));
$modulePath = explode("/", substr(substr("{$path}/{$entry}", strlen($prefix)), 1));
if ($modulePath[0] == '') {
array_shift($modulePath);
}
$module = Controller::load($modulePath, false);
}
if ($module->showInMenu()) {
$permissions = $module->getPermissions();
$list[] = array("title" => ucwords(str_replace("_", " ", $entry)), "path" => $urlPath, "children" => $children, "permissions" => $permissions);
}
}
}
array_multisort($list, SORT_ASC);
return $list;
}
} else {
$my_class = $a_requests[1];
}
// autoload model
require_once BASEPATH . 'models/' . $my_class . '_model.php';
// load controller
require_once BASEPATH . 'controllers/' . $my_class . '.php';
$my_class = ucfirst($my_class);
$my_ct = new $my_class();
// TODO: parse rest of a_requests
if ($a_requests[2]) {
$my_ct->{$a_requests}[2]($a_requests[3]);
return;
}
$my_ct->index();
}
}
/*
* helper functions for xss and sql injection
*/
function clean($s_data)
{
// strip ';'
$s_data = str_replace("%3B", '', $s_data);
$s_data = str_replace("%3b", '', $s_data);
$s_data = str_replace(";", '', $s_data);
return $s_data;
}
$c = new Controller();
$c->load();
public static function getModels($path = "app/modules")
{
$prefix = "app/modules";
$d = dir($path);
$list = array();
// Go through every file in the module directory
while (false !== ($entry = $d->read())) {
// Ignore certain directories
if ($entry != "." && $entry != ".." && is_dir("{$path}/{$entry}")) {
// Extract the path, load the controller and test weather this
// role has the rights to access this controller.
$url_path = substr(Application::$prefix, 0, strlen(Application::$prefix) - 1) . substr("{$path}/{$entry}", strlen($prefix));
$module_path = explode("/", substr(substr("{$path}/{$entry}", strlen($prefix)), 1));
$module = Controller::load($module_path, false);
$list = $module->name;
//$children = $this->generateMenus($role_id,"$path/$entry");
}
}
array_multisort($list, SORT_ASC);
return $list;
}
public static function get($routeName = '', $controllerName)
{
$uri = System::getUri();
$varObject = '';
// if(!isset($controllerName[1]))
// {
// // Alert::make('Page not found');
// return false;
// }
$subFunc = 'index';
if (isset($routeName[1])) {
if (!stristr('\\/', $routeName)) {
$routeName = str_replace('/', '\\/', $routeName);
}
if (isset($uri) && !preg_match('/' . $routeName . '/i', $uri)) {
return false;
}
}
if (isset($uri) && preg_match('/(.*?)\\@(\\w+)/i', $controllerName, $matches)) {
$controllerName = $matches[1];
$subFunc = $matches[2];
}
if (is_object($controllerName)) {
(object) ($varObject = $controllerName);
$controllerName = '';
$varObject();
} else {
Controller::load($controllerName, $subFunc);
}
die;
}
/** Determine which controller to select, a site's controller being preferential. */
protected static function process_controller()
{
/** Break the current URI into components for controller selection */
$parts = trim($_SERVER['REQUEST_URI'], '/');
$index = strpos($parts, '?');
if ($index !== false) {
$parts = substr($parts, 0, $index);
}
$parts = explode('/', $parts);
/** Decode the parts. */
foreach ($parts as $k => $v) {
$parts[$k] = urldecode($v);
}
/** Check to see if the URI was passed as GET information */
if (isset($_GET['q']) !== FALSE) {
$parts = explode('/', trim($_GET['q'], '/'));
}
/** Check to see if this is an API request */
if ($parts[0] === 'api') {
self::set_system('api_request', true);
array_shift($parts);
}
/** Globally define the URI parts for arbitrary use */
self::$config['args'] = $parts;
/** Associated '/' with the default controller */
if ($_SERVER['REQUEST_URI'] === '/') {
self::set_args(array('default'));
}
/** The uri class value to help differentiate the current body */
self::set_system('uri_class', implode(' ', self::get_args()));
/** Initialize matching variables */
$controller = isset($parts[0]) ? $parts[0] : 'default';
/** Testing to see if we can find a matching controller for this uri portion */
if ($controller != 'core') {
$controller = Controller::load($controller);
}
/** Load the default if we could not retrieve the controller */
if ($controller === false) {
$controller = Controller::load('default');
}
/** Determine the best method to match within the detected controller using what remains of the URI */
$method = isset($parts[1]) ? $parts[1] : 'run';
/** Run the associated method (defaults to 'default->run') */
if (method_exists($controller, $method)) {
$controller->{$method}();
} elseif (method_exists($controller, 'run')) {
$controller->run();
} else {
$controller = Controller::load('default');
$controller->run();
}
}
public function nest($controller, $args, $parameters = null)
{
if (is_string($controller)) {
global $redirectedPackage;
$path = explode(".", $controller);
$path[0] = $path[0] == '' ? $redirectedPackage : $path[0];
$controller = Controller::load($path, false, $args[1]);
}
if (is_array($parameters)) {
$controller->setParentNameField($parameters['parent_name_field']);
$controller->setParentItemId($parameters['parent_item_id']);
$controller->setEntity($parameters['entity']);
}
return $this->useNestedController($controller, $args);
}
public function delete()
{
$id = Core::get_args(2) && is_int(intval(Core::get_args(2))) ? Core::get_args(2) : false;
if ($id !== false) {
$user_ctrl = Controller::load('user');
$auth = $user_ctrl->auth($this->name, 'delete');
/** Ensure the user is logged in */
if ($auth) {
/** Load the model */
$model = Model::load($this->model);
/** Retrieve the item the user wants to delete */
$item = $model->get(array('where' => array($model->getPrimaryKey() => $id)));
if (is_array($item)) {
$item = current($item);
/** Attempt the delete operation */
if (isset($_GET['confirm']) && $_GET['confirm'] === 'true' && is_array($item)) {
$result = $model->del(array('where' => array($model->getPrimaryKey() => $id)));
if ($result) {
Core::set_response($item);
} else {
Core::set_response(false);
}
} elseif (is_array($item)) {
Core::set_response($item);
}
/** Display the result */
Core::display();
} else {
/** Entry not found! */
Core::error('404');
}
/** The user does not have permission to delete this entry. */
} else {
Core::error('403');
}
} else {
Core::error('404');
}
}
public function auth($controller, $method, $user = null, $content = null)
{
/** If the user is not explicitly suppplied, attempt to use the
user array stored in the current session, otherwise use default
values for anonymous users from the config defaults alone */
if (!isset($user) && isset($_SESSION['user'])) {
$user = $_SESSION['user'];
}
$perms = Core::get_permissions();
/** Get default permission or set the permission to false */
$permission = isset($perms['anonymous'][$controller][$method]) ? $perms['anonymous'][$controller][$method] : false;
/** Update the permission if the user's auth value is defined */
if (isset($user['auth'][$controller][$method])) {
$permission = $user['auth'][$controller][$method];
}
/** Handle the ownership pragma */
if ($permission === 'own') {
/** Do we have a user and the model entry to test? */
if (isset($content) && isset($user)) {
/** Retrieve an instance of the specified controller */
$ctrl = Controller::load($controller);
/** Determine if the controller has an associated model */
isset($ctrl->model) ? true : die('The associated model for controller ' . $controller . ' does not have an associated model set! Auth cannot proceed!');
/** Retrieve an instance of the controllers associated model */
$mdl = Model::load($ctrl->model);
/** Retrieve the supplied user identifier based upon the model */
$uid = false;
foreach ($mdl->getSchema() as $k => $v) {
if (isset($v['user']) && $v['user']) {
$uid = $content[$k];
}
}
/** Check to see if a user flag was present within the schema */
if ($uid === false) {
die('No user flag detected within the schema for model ' . $ctrl->model . '! Auth cannot proceed!');
}
/** Determine if the user identifiers match. */
$permission = $user['uid'] == $uid ? true : false;
} else {
$permission = false;
}
} elseif (is_array($permission)) {
/** The permission is bound to an arbitrary list of groups */
foreach ($user['groups'] as $key => $val) {
if (in_array($key, $permission)) {
$permission = true;
}
}
if (is_array($permission)) {
$permission = false;
}
}
return $permission;
}
/**
* Outputs the application. This method is the final stage in the application
* lifecyle which calls all the template files and outputs the
* final application in HTML.
*/
public static function render()
{
$t = Application::$templateEngine;
if ($_GET["q"] == "") {
$_GET["q"] = Application::$defaultRoute;
}
$path = explode("/", $_GET["q"]);
Application::$template = "main.tpl";
$t->assign('prefix', Application::$prefix);
Application::setTitle();
$module = Controller::load($path);
if (Application::$cli) {
ob_start();
}
if (Application::$template == "" || strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
header("x-controller-label: {$module->label}");
header("x-controller-description: {$module->description}");
echo $module->content;
} else {
$t->assign('content', $module->content);
$t->assign('module_name', $module->label);
$t->assign('module_description', $module->description);
$t->assign('side_menu_hidden', self::$sideMenuHidden);
foreach (array_keys(Application::$menus) as $key) {
$t->assign($key, Menu::getContents($key));
}
$t->assign('stylesheets', Application::$stylesheets);
$t->assign('styles', $t->fetch('stylesheets.tpl'));
$t->assign('javascripts', Application::$javascripts);
$t->assign('scripts', $t->fetch('javascripts.tpl'));
$t->assign('title', Application::$title);
$t->assign('session', $_SESSION);
$t->assign('info', array_merge(is_array($_SESSION['notes']) ? $_SESSION['notes'] : array(), self::$notes));
$t->display(Application::$template);
}
}
<?php
define('_ROOT', rtrim(dirname(dirname(__FILE__)), '/') . '/', true);
define('_CORE', _ROOT, true);
define('APPLICATION', 'cms/', true);
//date_default_timezone_set('Asia/Ho_Chi_Minh');
date_default_timezone_set('Asia/Krasnoyarsk');
$ini_session = ini_get('session.save_path');
include _CORE . APPLICATION . 'bootstrap.php';
//Controller
// argurment 1: rewrite url ?
// argument 2: use mod rewrite ?
// argument 3: multi language
$controller = new Controller(false, false, false);
$controller->model = new Model();
$controller->model->db->query("SET NAMES 'UTF8'");
$controller->load();
/**
* Redirect to another location, preserving the partial and
* output format settings.
*
* @param string $url Path to redirect to
* @param bool $die Whether or not to kill the script
* @return void
*/
function redirect($url = '', $die = true)
{
if ($this->renderPartial) {
$url = '/partial/' . ltrim($url, '/');
}
if ($this->isRestful()) {
$_REQUEST = $_POST = $_FILES = $_GET = array();
}
if ('html' !== $this->outputFormat) {
if (strpos($url, '?') !== false) {
$parts = explode('?', $url, 2);
$url = array_shift($parts);
$url .= '.' . $this->outputFormat;
if ($this->isRestful()) {
$params = array();
parse_str(array_shift($parts), $params);
$_GET = $params;
$_REQUEST = $params;
}
array_unshift($parts, $url);
$url = implode('?', $parts);
} else {
$url .= '.' . $this->outputFormat;
}
}
if ($this->isRestful() && strpos($url, 'http') !== 0) {
$url = '/rest/' . ltrim($url, '/');
$this->writeFlashValues();
$this->flash = array();
Controller::load($url);
die;
}
redirect($url, $die);
}
/**
* Outputs the application. This method is the final stage in the application
* lifecyle which calls all the template files and outputs the
* final application in HTML.
*/
public static function render()
{
$t = Application::$templateEngine;
if ($_GET["q"] == "") {
$_GET["q"] = Application::$defaultRoute;
}
$path = explode("/", $_GET["q"]);
Application::$template = "main.tpl";
$t->assign('prefix', Application::$prefix);
Application::setTitle();
$module = Controller::load($path);
if (Application::$cli) {
ob_start();
}
if (Application::$template == "") {
print $module->content;
} else {
$t->assign('content', $module->content);
$t->assign('module_name', $module->label);
$t->assign('module_description', $module->description);
$t->assign('side_menu_hidden', self::$sideMenuHidden);
foreach (array_keys(Application::$menus) as $key) {
$t->assign($key, Menu::getContents($key));
}
$t->assign('stylesheets', Application::$stylesheets);
$t->assign('styles', $t->fetch('stylesheets.tpl'));
$t->assign('javascripts', Application::$javascripts);
$t->assign('scripts', $t->fetch('javascripts.tpl'));
$t->assign('title', Application::$title);
$t->assign('session', $_SESSION);
$t->assign('info', array_merge(is_array($_SESSION['notes']) ? $_SESSION['notes'] : array(), self::$notes));
$t->display(Application::$template);
}
if (Application::$cli) {
if (Application::$cliOutput == "") {
print ob_get_clean();
} else {
file_put_contents(Application::$cliOutput, ob_get_clean());
}
}
}
/**
* @testdox loadModel should throw exception if model doesn't exist
* @expectedException MissingModelException
*/
public function testLoadModelShouldThrowExceptionIfModelDoesntExist()
{
$controller = Controller::load('MissingModelController', true);
}
/**
* Outputs the application. This calls all the template files and outputs the
* final application in HTML.
*/
public static function render()
{
$t = Application::$templateEngine;
if ($_GET["q"] == "") {
$_GET["q"] = "dashboard";
}
$path = explode("/", $_GET["q"]);
Application::$template = "main.tpl";
require SOFTWARE_HOME . "app/bootstrap.php";
$t->assign('prefix', Application::$prefix);
Application::setTitle();
$module = Controller::load($path);
if (Application::$cli) {
ob_start();
}
if (Application::$template == "") {
print $module->content;
} else {
$t->assign('content', $module->content);
$t->assign('module_name', $module->label);
$t->assign('module_description', $module->description);
foreach (array_keys(Application::$menus) as $key) {
$t->assign($key, Menu::getContents($key));
}
$t->assign('stylesheets', Application::$stylesheets);
$t->assign('styles', $t->fetch('stylesheets.tpl'));
$t->assign('javascripts', Application::$javascripts);
$t->assign('scripts', $t->fetch('javascripts.tpl'));
$t->assign('title', Application::$title);
$t->display(Application::$template);
}
if (Application::$cli) {
if (Application::$cliOutput == "") {
print ob_get_clean();
} else {
file_put_contents(Application::$cliOutput, ob_get_clean());
}
}
}
