protected function init()
{
$initialChars = $this->controller->getInitialChars();
if (empty($initialChars)) {
return;
}
if (is_array($initialChars[0])) {
$this->initialChars = array();
foreach ($initialChars as $dbRow) {
$resultStruct = each($dbRow);
$this->initialChars[] = $resultStruct['value'];
}
} else {
$this->initialChars = $initialChars;
}
$request = CoreServices::get('request');
$sessionVarName = '_pagination' . md5($this->address);
$currentChar = $this->initialChars[0];
$fromGet = $request->getFromGet('page');
if (!is_null($fromGet) && in_array($fromGet, $this->initialChars)) {
$currentChar = $fromGet;
} else {
$fromSession = $request->getFromSession($sessionVarName);
if (!empty($fromSession)) {
$currentChar = $fromSession;
}
}
if (!in_array($currentChar, $this->initialChars)) {
$this->currentChar = $this->initialChars[0];
} else {
$this->currentChar = $currentChar;
}
$request->setSession($sessionVarName, $this->currentChar);
}
/**
* $formId is necessary if there's more than one form handled by one script.
*/
public function __construct($httpMethod = 'post', $actionHTML = null, $formId = null)
{
$this->tokenFieldName = $formId ? '_token_' . $formId : '_token';
$this->httpMethod = $httpMethod;
$this->fields = array();
$this->actionHTML = $actionHTML ? $actionHTML : CoreServices::get('url')->getCurrentPageUrlHTML();
$this->addFieldNoValidators(new CoreFormFieldHidden($this->tokenFieldName));
switch ($this->httpMethod) {
case 'post':
$this->initTokenManagerForPostRequest();
$this->fields[$this->tokenFieldName]->setValue($this->tokenManager->createToken());
break;
case 'get':
$this->initTokenManagerForGetRequest();
$this->fields[$this->tokenFieldName]->setValue($this->tokenManager->createToken());
$params = CoreServices::get('url')->createGetParamsTable($this->actionHTML);
$this->actionHTML = CoreServices::get('url')->getFullPath();
foreach ($params as $name => $value) {
$this->addFieldNoValidators(new CoreFormFieldHidden($name));
$this->fields[$name]->setValue($value);
}
break;
default:
throw new CoreException('Invalid HTTP method: ' . $this->httpMethod . '!');
}
$this->validators = array();
}
public function assignDisplayVariables()
{
parent::assignDisplayVariables();
$display = CoreServices::get('display');
$display->assign('highlight', new SettingsCMSListHighlight());
$display->assign('addButtonOff', 1);
}
public function prepareData()
{
parent::prepareData();
$this->form = new CoreForm('post');
$this->createFormFields();
$this->errorMessageContainer = new CoreFormValidationMessageContainer();
if (CoreServices::get('request')->isSetGet('logout')) {
$this->logAction('logout');
CoreServices::get('access')->logout();
$this->currentUser = null;
} elseif ($this->form->isSubmitted()) {
$this->addFormValidators();
CoreServices::get('access')->logout();
$this->currentUser = null;
$this->form->setFieldValuesFromRequest();
$this->errorMessageContainer = $this->form->getValidationResults();
if (!$this->errorMessageContainer->isAnyErrorMessage()) {
CoreServices::get('access')->login($this->form->getField('adminName')->getValue(), $this->form->getField('password')->getValue(), $this->errorMessageContainer);
$this->logAction('login');
}
}
if (!$this->form->isSubmitted() || !$this->errorMessageContainer->isAnyErrorMessage()) {
$adminId = CoreServices::get('access')->getCurrentUserId();
if ($adminId) {
$this->currentUser = CoreServices::get('access')->getCurrentUserData();
$redirectAddress = $this->getFirstAccessiblePage();
if ($redirectAddress == CoreServices::get('url')->getCurrentPageUrl()) {
$this->errorMessageContainer->addMessage('youHaveNoPermissions');
} else {
CoreUtils::redirect($redirectAddress);
}
}
}
}
public function getListForAutoSuggest($query, $limit)
{
$db = CoreServices::get('db');
$queryConditionSQL = '0';
$parts = explode(' ', $query);
$names = array();
for ($i = 0; $i < min(2, sizeof($parts)); $i++) {
$names[] = $db->prepareInputValue('%' . $parts[$i] . '%');
}
foreach (array('siteName') as $colName) {
foreach ($names as $nameSQL) {
$queryConditionSQL .= '
OR ' . $colName . ' LIKE ' . $nameSQL;
}
}
$sql = '
SELECT *
FROM well
WHERE
(' . $queryConditionSQL . ')
ORDER BY
wellName';
if ($limit) {
$sql .= '
LIMIT 0, ' . $db->prepareInputValue($limit);
}
return $db->getRows($sql);
}
protected function checkTokenSQL($token, $sessionId)
{
$db = CoreServices::get('db');
return '
SELECT COUNT(*) AS num
FROM ' . $this->getTableName() . '
WHERE sessionId = ' . $db->prepareInputValue($sessionId) . ' AND token = ' . $db->prepareInputValue($token);
}
public function setValueFromRequest($httpMethod)
{
$submittedValue = CoreServices::get('request')->getFromRequest($this->name, $httpMethod);
if (!empty($submittedValue)) {
$this->openText = $submittedValue;
$this->setValue($this->adjustSubmittedValue($submittedValue));
}
}
public function assignDisplayVariables()
{
parent::assignDisplayVariables();
$display = CoreServices::get('display');
if (!empty($this->loginErrorMessageContainer) && $this->loginErrorMessageContainer->isAnyErrorMessage()) {
CoreServices::get('display')->assign('loginErrorMessages', $this->loginErrorMessageContainer);
}
}
public function assignDisplayVariables()
{
$display = CoreServices::get('display');
$menuStruct = $this->controller->getMenuStruct();
if ($menuStruct) {
$display->assign('mainMenu', $menuStruct);
}
$display->assign('currentMenuItemDescription', $this->controller->getMenuItemDescription());
}
public function validate($messageManager)
{
$field = $this->form->getField($this->fieldName);
$uploadStruct = $field->getValue();
$allowedMimeTypes = CoreConfig::get('CoreFiles', 'allowedMimeTypes');
if (!empty($uploadStruct) && (!in_array($uploadStruct['type'], $allowedMimeTypes['image']) || !CoreServices::get('images')->checkImageFileContent($uploadStruct['type'], $uploadStruct['tmp_name']))) {
$messageManager->addMessage('fileTypeCheckFailed', array($this->fieldName => $field->getCaption()));
}
}
public function validate($messageManager)
{
$field = $this->form->getField($this->fieldName);
if ($fieldValue = $field->getValue()) {
if (CoreServices::get('db')->getInputSize($fieldValue) > $this->maxLength) {
$messageManager->addMessage('textTooLong', array($this->fieldName => $field->getCaption()));
}
}
}
public function modifyFieldNamesForVLF($vlfName, $index)
{
$oldFieldNames = $this->fieldNames;
// copy!
$this->fieldNames = array();
foreach ($oldFieldNames as $fieldName) {
$this->fieldNames[] = CoreServices::get('request')->composeFormFieldName(array($vlfName, $index, $fieldName));
}
}
public function setValueFromRequest($httpMethod)
{
if ($httpMethod != 'post') {
throw new CoreException('Files can only be uploaded using \'post\' method.');
}
$uploadResultStruct = CoreServices::get('request')->getFileStruct($this->name);
if (!empty($uploadResultStruct['tmp_name'])) {
$this->uploadResultStruct = CoreServices::get('request')->getFileStruct($this->name);
}
}
public function getState($name)
{
$db = CoreServices::get('db');
$sql = '
SELECT settingState
FROM settings
WHERE
settingName = ' . $db->prepareInputValue($name);
$setting = $db->getRow($sql);
return $setting['settingState'];
}
public function assignDisplayVariables()
{
parent::assignDisplayVariables();
$display = CoreServices::get('display');
$display->assign('record', $this->record);
$display->assign('images', $this->images);
$display->assign('featuredItemsList', $this->featuredItemsList);
$display->assign('featuredItemsImagesList', $this->featuredItemsImagesList);
$display->assign('freeModelOfTheMonth', $this->freeModelOfTheMonth);
$display->assign('freeModelOfTheMonthImagesList', $this->freeModelOfTheMonthImagesList);
}
public function prepareData()
{
if (!$this->isCLI()) {
CoreUtils::redirect(CoreServices::get('url')->createAddress());
}
$this->garbageCollector = new TmpRecordGarbageCollector();
try {
$this->garbageCollector->clean();
} catch (Exception $e) {
$this->reportError($e->getMessage());
}
}
public function getFilteredCount(&$filter)
{
$db = CoreServices::get('db');
$whereSQL = $this->whereSQLForFilter($filter);
$sql = '
SELECT COUNT(*) AS num
FROM log, admin
WHERE ' . $whereSQL . '
AND adminId = admin.id';
$row = $db->getRow($sql);
return $row['num'];
}
public function prepareData()
{
parent::prepareData();
$this->id = CoreServices::get('request')->getFromGet('id');
$this->query = CoreServices::get('request')->getFromGet('query');
$this->dao = new UserDAO();
if ($this->query) {
$this->initRows();
} elseif ($this->id) {
$this->initName();
}
}
public function assignDisplayVariables()
{
parent::assignDisplayVariables();
$display = CoreServices2::getDisplay();
$display->assign('interfaceLang', CoreServices::get('lang')->getLang('Website'));
if (!empty($this->currentUser['id'])) {
$userName = !empty($this->currentUser['userFirstName']) && !empty($this->currentUser['userSurname']) ? $this->currentUser['userFirstName'] . ' ' . $this->currentUser['userSurname'] : $this->currentUser['userEmail'];
$display->assign('userName', $userName);
$display->assign('currentUserName', $userName);
$display->assign('userCredits', $this->currentUser['userCredits']);
}
}
public function assignDisplayVariables()
{
parent::assignDisplayVariables();
if ($this->currentUser['adminRole'] < $this->adminRoles['adminRoleSuperadmin']) {
CoreServices::get('display')->assign('addButtonOff', 1);
CoreServices::get('display')->assign('filterOff', 1);
}
CoreServices::get('display')->assign('highlight', new AdminCMSListHighlight());
if ($this->currentUser['adminRole'] == $this->adminRoles['adminRoleSuperadmin']) {
CoreServices::get('display')->assign('superadmin', true);
} else {
CoreServices::get('display')->assign('superadmin', false);
}
}
public function __construct()
{
if (ini_get('magic_quotes_sybase') && strtolower(ini_get('magic_quotes_sybase')) != "off") {
$this->stripDoubleQuotes = True;
} elseif (ini_get('magic_quotes_gpc') && strtolower(ini_get('magic_quotes_gpc')) != "off") {
$this->stripSlashes = True;
}
$this->httpGet = CoreServices::get('url')->getGetRequestArray();
if (!empty($_SERVER['argv'])) {
for ($i = 1; $i + 1 < sizeof($_SERVER['argv']); $i += 2) {
$this->httpGet[$_SERVER['argv'][$i]] = $_SERVER['argv'][$i + 1];
}
}
}
public function getByName($adminName)
{
$db = CoreServices::get('db');
$sql = '
SELECT *
FROM admin
WHERE
adminName = ' . $db->prepareInputValue($adminName) . '
AND adminState = \'active\'';
$rows = $db->getRows($sql);
if (!empty($rows) && sizeof($rows) == 1) {
return $rows[0];
}
return $this->getRecordTemplate();
}
public function prepareData()
{
parent::prepareData();
$this->initDAO();
$this->initSearchForm();
if ($this->searchForm->isSubmitted()) {
$this->searchForm->setFieldValuesFromRequest();
}
$this->initRecordList();
$this->initDeletionForm();
if ($this->deletionForm->isSubmitted()) {
$this->deletionForm->setFieldValuesFromRequest();
$this->handleDeleteRequest();
CoreUtils::redirect(CoreServices::get('url')->getCurrentPageUrl('_sm', 'MassDelete'));
}
}
public function getRecentFailedLoginAttempts($type, $id)
{
$lastLogin = $this->getLastLogin($type, $id);
$db = CoreServices::get('db');
$sql = '
SELECT COUNT(*) AS num, MAX(loginHistoryTime) AS time
FROM loginHistory
WHERE
' . $type . 'Id = ' . $db->prepareInputValue($id) . '
AND (ISNULL(loginHistorySuccess) OR loginHistorySuccess = 0)';
if ($lastLogin['loginHistoryMicrotime']) {
$sql .= '
AND loginHistoryMicrotime > ' . $db->prepareInputValue($lastLogin['loginHistoryMicrotime']);
}
return $db->getRow($sql);
}
/**
*
* @param unknown_type $messageManager
*
* Ten walidator sprawdz czy rozszerzenie pliku jest dopuszczalne, natomiast nie sprawdza
* czy nazwa pliku jest zgodna ze zdefiniowanymi wzorcami, poniewaz moga byæ inne wzorce
* dla dokumentów OKE inne dla szkó³ itp.. Sprawdzene nazwy trzeba zrobiæ oddzielnie.
*
*/
public function validate($messageManager)
{
$field = $this->form->getField($this->fieldName);
$fieldCaption = $field->getCaption();
$uploadStruct = $field->getValue();
if (empty($uploadStruct)) {
$messageManager->addMessage('fileNotUploaded', array($this->fieldName => $fieldCaption));
return;
}
$filesService = CoreServices::get('files');
if (!$filesService->checkExtension(substr($uploadStruct['name'], strrpos($uploadStruct['name'], '.') + 1))) {
$messageManager->addMessage('invalidFileType', array($this->fieldName => $fieldCaption));
}
if (CoreServices::get('files')->getMaxFileSize() < $uploadStruct['size']) {
$messageManager->addMessage('fileTooBig', array($this->fieldName => $fieldCaption));
}
}
public function run()
{
try {
$this->checkUrl();
CoreServices::get('errorHandler')->init();
$controller = CoreServices::get('modules')->getController();
CoreServices::get('request')->initSession($controller->getSessionName());
$controller->prepareData();
if ($controller->isTemplateEngineNeeded()) {
$controller->assignDisplayVariables();
}
$controller->sendHeaders();
$controller->display();
} catch (Exception $exception) {
CoreServices::get('errorHandler')->handleException($exception);
}
}
/**
* Be careful when making some changes to this function.
* It indirectly validates GET input.
*/
protected function initCurrentControllerName()
{
$moduleName = CoreServices::get('request')->getFromGet('_m');
if (empty($moduleName)) {
$moduleName = CoreConfig::get('Structure', 'defaultModule');
}
$modeName = CoreServices::get('request')->getFromGet('_o');
if (empty($modeName)) {
$modeName = CoreConfig::get('Structure', 'defaultMode');
}
if (!file_exists(CoreAutoload::getClassPath($this->getControllerClass($moduleName, $modeName)))) {
$moduleName = CoreConfig::get('Structure', 'defaultModule');
$modeName = CoreConfig::get('Structure', 'defaultMode');
}
$this->currentModule = $moduleName;
$this->currentMode = $modeName;
}
protected function checkHTTPS()
{
$httpsOn = CoreServices2::getUrl()->isHTTPSOn();
if ($this->getSessionName() == 'CMSSession') {
$httpsRequired = CoreConfig::get('Environment', 'httpsForCMS');
} elseif ($this->getSessionName() == 'WebsiteSession') {
$httpsRequired = CoreConfig::get('Environment', 'httpsForWebsite');
} else {
$httpsRequired = False;
// i tak nie ma sesji!
}
if ($httpsRequired && !$httpsOn) {
CoreUtils::redirect(CoreServices::get('url')->getCurrentExactAddress('https'));
}
if (!$httpsRequired && $httpsOn) {
CoreUtils::redirect(CoreServices::get('url')->getCurrentExactAddress('http'));
}
}
public function prepareData()
{
parent::prepareData();
$this->dao = new UserDAO();
if (CoreServices::get('request')->getFromGet('_sm')) {
$this->successMessage = 1;
return;
}
$this->initForm();
$this->createFormFields();
if ($this->form->isSubmitted()) {
$this->addFormValidators();
$this->form->setFieldValuesFromRequest();
$this->handleRequest();
}
if (!is_null($this->redirectAddress)) {
CoreUtils::redirect($this->redirectAddress);
}
}
public function getLang($index)
{
if (empty($this->langs[$index])) {
$lang = CoreServices::get('request')->getFromRequest('_lang' . $index);
// throws exception if there's no such config variable like 'langs' . $index
$availableLangs = CoreConfig::get('CoreLangs', 'langs' . $index);
// throws exception if there's no such config variable like 'defaultLang' . $index
$defaultLang = CoreConfig::get('CoreLangs', 'defaultLang' . $index);
if (!in_array($lang, $availableLangs)) {
$lang = $availableLangs[0];
}
if (!$lang) {
$lang = $defaultLang;
}
$this->langs[$index] = $lang;
CoreServices::get('request')->setSession('_lang' . $index, $this->langs[$index]);
}
return $this->langs[$index];
}
