/**
* Get current mobile mode
*
* @return bool
*/
function _isFromMobilePhone()
{
if ($this->ismobile !== NULL) {
return $this->ismobile;
}
if (Mobile::isMobileEnabled() === false || Context::get('full_browse') || $_COOKIE["FullBrowse"]) {
return $this->ismobile = false;
}
$xe_web_path = Context::pathToUrl(_XE_PATH_);
// default setting. if there is cookie for a device, XE do not have to check if it is mobile or not and it will enhance performace of the server.
$this->ismobile = FALSE;
$m = Context::get('m');
if (strlen($m) == 1) {
if ($m == "1") {
$this->ismobile = TRUE;
} elseif ($m == "0") {
$this->ismobile = FALSE;
}
} elseif (isset($_COOKIE['mobile'])) {
if ($_COOKIE['user-agent'] == md5($_SERVER['HTTP_USER_AGENT'])) {
if ($_COOKIE['mobile'] == 'true') {
$this->ismobile = TRUE;
} else {
$this->ismobile = FALSE;
}
} else {
$this->ismobile = FALSE;
setcookie("mobile", FALSE, 0, $xe_web_path);
setcookie("user-agent", FALSE, 0, $xe_web_path);
if (!$this->isMobilePadCheckByAgent() && $this->isMobileCheckByAgent()) {
$this->ismobile = TRUE;
}
}
} else {
if ($this->isMobilePadCheckByAgent()) {
$this->ismobile = FALSE;
} else {
if ($this->isMobileCheckByAgent()) {
$this->ismobile = TRUE;
}
}
}
if ($this->ismobile !== NULL) {
if ($this->ismobile == TRUE) {
if ($_COOKIE['mobile'] != 'true') {
$_COOKIE['mobile'] = 'true';
setcookie("mobile", 'true', 0, $xe_web_path);
}
} elseif ($_COOKIE['mobile'] != 'false') {
$_COOKIE['mobile'] = 'false';
setcookie("mobile", 'false', 0, $xe_web_path);
}
if ($_COOKIE['user-agent'] != md5($_SERVER['HTTP_USER_AGENT'])) {
setcookie("user-agent", md5($_SERVER['HTTP_USER_AGENT']), 0, $xe_web_path);
}
}
return $this->ismobile;
}
/**
* get a module instance and execute an action
* @return ModuleObject executed module instance
* */
function procModule()
{
$oModuleModel = getModel('module');
$display_mode = Mobile::isFromMobilePhone() ? 'mobile' : 'view';
// If error occurred while preparation, return a message instance
if ($this->error) {
$this->_setInputErrorToContext();
$oMessageObject = ModuleHandler::getModuleInstance('message', $display_mode);
$oMessageObject->setError(-1);
$oMessageObject->setMessage($this->error);
$oMessageObject->dispMessage();
if ($this->httpStatusCode) {
$oMessageObject->setHttpStatusCode($this->httpStatusCode);
}
return $oMessageObject;
}
// Get action information with conf/module.xml
$xml_info = $oModuleModel->getModuleActionXml($this->module);
// If not installed yet, modify act
if ($this->module == "install") {
if (!$this->act || !$xml_info->action->{$this->act}) {
$this->act = $xml_info->default_index_act;
}
}
// if act exists, find type of the action, if not use default index act
if (!$this->act) {
$this->act = $xml_info->default_index_act;
}
// still no act means error
if (!$this->act) {
$this->error = 'msg_module_is_not_exists';
$this->httpStatusCode = '404';
$this->_setInputErrorToContext();
$oMessageObject = ModuleHandler::getModuleInstance('message', $display_mode);
$oMessageObject->setError(-1);
$oMessageObject->setMessage($this->error);
$oMessageObject->dispMessage();
if ($this->httpStatusCode) {
$oMessageObject->setHttpStatusCode($this->httpStatusCode);
}
return $oMessageObject;
}
// get type, kind
$type = $xml_info->action->{$this->act}->type;
$ruleset = $xml_info->action->{$this->act}->ruleset;
$kind = stripos($this->act, 'admin') !== FALSE ? 'admin' : '';
if (!$kind && $this->module == 'admin') {
$kind = 'admin';
}
// check REQUEST_METHOD in controller
if ($type == 'controller') {
$allowedMethod = $xml_info->action->{$this->act}->method;
if (!$allowedMethod) {
$allowedMethodList[0] = 'POST';
} else {
$allowedMethodList = explode('|', strtoupper($allowedMethod));
}
if (!in_array(strtoupper($_SERVER['REQUEST_METHOD']), $allowedMethodList)) {
$this->error = "msg_invalid_request";
$oMessageObject = ModuleHandler::getModuleInstance('message', $display_mode);
$oMessageObject->setError(-1);
$oMessageObject->setMessage($this->error);
$oMessageObject->dispMessage();
return $oMessageObject;
}
}
if ($this->module_info->use_mobile != "Y") {
Mobile::setMobile(FALSE);
}
$logged_info = Context::get('logged_info');
// check CSRF for POST actions
if (Context::getRequestMethod() === 'POST' && Context::isInstalled() && $this->act !== 'procFileUpload' && !checkCSRF()) {
$this->error = 'msg_invalid_request';
$oMessageObject = ModuleHandler::getModuleInstance('message', $display_mode);
$oMessageObject->setError(-1);
$oMessageObject->setMessage($this->error);
$oMessageObject->dispMessage();
return $oMessageObject;
}
// Admin ip
if ($kind == 'admin' && $_SESSION['denied_admin'] == 'Y') {
$this->_setInputErrorToContext();
$this->error = "msg_not_permitted_act";
$oMessageObject = ModuleHandler::getModuleInstance('message', $display_mode);
$oMessageObject->setError(-1);
$oMessageObject->setMessage($this->error);
$oMessageObject->dispMessage();
return $oMessageObject;
}
// if(type == view, and case for using mobilephone)
if ($type == "view" && Mobile::isFromMobilePhone() && Context::isInstalled()) {
$orig_type = "view";
$type = "mobile";
// create a module instance
$oModule = $this->getModuleInstance($this->module, $type, $kind);
if (!is_object($oModule) || !method_exists($oModule, $this->act)) {
$type = $orig_type;
Mobile::setMobile(FALSE);
$oModule = $this->getModuleInstance($this->module, $type, $kind);
}
} else {
// create a module instance
$oModule = $this->getModuleInstance($this->module, $type, $kind);
}
if (!is_object($oModule)) {
$this->_setInputErrorToContext();
$oMessageObject = ModuleHandler::getModuleInstance('message', $display_mode);
$oMessageObject->setError(-1);
$oMessageObject->setMessage($this->error);
$oMessageObject->dispMessage();
if ($this->httpStatusCode) {
$oMessageObject->setHttpStatusCode($this->httpStatusCode);
}
return $oMessageObject;
}
// If there is no such action in the module object
if (!isset($xml_info->action->{$this->act}) || !method_exists($oModule, $this->act)) {
if (!Context::isInstalled()) {
$this->_setInputErrorToContext();
$this->error = 'msg_invalid_request';
$oMessageObject = ModuleHandler::getModuleInstance('message', $display_mode);
$oMessageObject->setError(-1);
$oMessageObject->setMessage($this->error);
$oMessageObject->dispMessage();
if ($this->httpStatusCode) {
$oMessageObject->setHttpStatusCode($this->httpStatusCode);
}
return $oMessageObject;
}
$forward = NULL;
// 1. Look for the module with action name
if (preg_match('/^([a-z]+)([A-Z])([a-z0-9\\_]+)(.*)$/', $this->act, $matches)) {
$module = strtolower($matches[2] . $matches[3]);
$xml_info = $oModuleModel->getModuleActionXml($module);
if ($xml_info->action->{$this->act} && (stripos($this->act, 'admin') !== FALSE || $xml_info->action->{$this->act}->standalone != 'false')) {
$forward = new stdClass();
$forward->module = $module;
$forward->type = $xml_info->action->{$this->act}->type;
$forward->ruleset = $xml_info->action->{$this->act}->ruleset;
$forward->act = $this->act;
} else {
$this->error = 'msg_invalid_request';
$oMessageObject = ModuleHandler::getModuleInstance('message', $display_mode);
$oMessageObject->setError(-1);
$oMessageObject->setMessage($this->error);
$oMessageObject->dispMessage();
return $oMessageObject;
}
}
if (!$forward) {
$forward = $oModuleModel->getActionForward($this->act);
}
if ($forward->module && $forward->type && $forward->act && $forward->act == $this->act) {
$kind = stripos($forward->act, 'admin') !== FALSE ? 'admin' : '';
$type = $forward->type;
$ruleset = $forward->ruleset;
$tpl_path = $oModule->getTemplatePath();
$orig_module = $oModule;
$xml_info = $oModuleModel->getModuleActionXml($forward->module);
// SECISSUE also check foward act method
// check REQUEST_METHOD in controller
if ($type == 'controller') {
$allowedMethod = $xml_info->action->{$forward->act}->method;
if (!$allowedMethod) {
$allowedMethodList[0] = 'POST';
} else {
$allowedMethodList = explode('|', strtoupper($allowedMethod));
}
if (!in_array(strtoupper($_SERVER['REQUEST_METHOD']), $allowedMethodList)) {
$this->error = "msg_invalid_request";
$oMessageObject = ModuleHandler::getModuleInstance('message', $display_mode);
$oMessageObject->setError(-1);
$oMessageObject->setMessage($this->error);
$oMessageObject->dispMessage();
return $oMessageObject;
}
}
if ($type == "view" && Mobile::isFromMobilePhone()) {
$orig_type = "view";
$type = "mobile";
// create a module instance
$oModule = $this->getModuleInstance($forward->module, $type, $kind);
if (!is_object($oModule) || !method_exists($oModule, $this->act)) {
$type = $orig_type;
Mobile::setMobile(FALSE);
$oModule = $this->getModuleInstance($forward->module, $type, $kind);
}
} else {
$oModule = $this->getModuleInstance($forward->module, $type, $kind);
}
if (!is_object($oModule)) {
$this->_setInputErrorToContext();
$oMessageObject = ModuleHandler::getModuleInstance('message', $display_mode);
$oMessageObject->setError(-1);
$oMessageObject->setMessage('msg_module_is_not_exists');
$oMessageObject->dispMessage();
if ($this->httpStatusCode) {
$oMessageObject->setHttpStatusCode($this->httpStatusCode);
}
return $oMessageObject;
}
if ($this->module == "admin" && $type == "view") {
if ($logged_info->is_admin == 'Y') {
if ($this->act != 'dispLayoutAdminLayoutModify') {
$oAdminView = getAdminView('admin');
$oAdminView->makeGnbUrl($forward->module);
$oModule->setLayoutPath("./modules/admin/tpl");
$oModule->setLayoutFile("layout.html");
}
} else {
$this->_setInputErrorToContext();
$this->error = 'msg_is_not_administrator';
$oMessageObject = ModuleHandler::getModuleInstance('message', $display_mode);
$oMessageObject->setError(-1);
$oMessageObject->setMessage($this->error);
$oMessageObject->dispMessage();
return $oMessageObject;
}
}
if ($kind == 'admin') {
$grant = $oModuleModel->getGrant($this->module_info, $logged_info);
if (!$grant->manager) {
$this->_setInputErrorToContext();
$this->error = 'msg_is_not_manager';
$oMessageObject = ModuleHandler::getModuleInstance('message', $display_mode);
$oMessageObject->setError(-1);
$oMessageObject->setMessage($this->error);
$oMessageObject->dispMessage();
return $oMessageObject;
} else {
if (!$grant->is_admin && $this->module != $this->orig_module->module && $xml_info->permission->{$this->act} != 'manager') {
$this->_setInputErrorToContext();
$this->error = 'msg_is_not_administrator';
$oMessageObject = ModuleHandler::getModuleInstance('message', $display_mode);
$oMessageObject->setError(-1);
$oMessageObject->setMessage($this->error);
$oMessageObject->dispMessage();
return $oMessageObject;
}
}
}
} else {
if ($xml_info->default_index_act && method_exists($oModule, $xml_info->default_index_act)) {
$this->act = $xml_info->default_index_act;
} else {
$this->error = 'msg_invalid_request';
$oModule->setError(-1);
$oModule->setMessage($this->error);
return $oModule;
}
}
}
// ruleset check...
if (!empty($ruleset)) {
$rulesetModule = $forward->module ? $forward->module : $this->module;
$rulesetFile = $oModuleModel->getValidatorFilePath($rulesetModule, $ruleset, $this->mid);
if (!empty($rulesetFile)) {
if ($_SESSION['XE_VALIDATOR_ERROR_LANG']) {
$errorLang = $_SESSION['XE_VALIDATOR_ERROR_LANG'];
foreach ($errorLang as $key => $val) {
Context::setLang($key, $val);
}
unset($_SESSION['XE_VALIDATOR_ERROR_LANG']);
}
$Validator = new Validator($rulesetFile);
$result = $Validator->validate();
if (!$result) {
$lastError = $Validator->getLastError();
$returnUrl = Context::get('error_return_url');
$errorMsg = $lastError['msg'] ? $lastError['msg'] : 'validation error';
//for xml response
$oModule->setError(-1);
$oModule->setMessage($errorMsg);
//for html redirect
$this->error = $errorMsg;
$_SESSION['XE_VALIDATOR_ERROR'] = -1;
$_SESSION['XE_VALIDATOR_MESSAGE'] = $this->error;
$_SESSION['XE_VALIDATOR_MESSAGE_TYPE'] = 'error';
$_SESSION['XE_VALIDATOR_RETURN_URL'] = $returnUrl;
$_SESSION['XE_VALIDATOR_ID'] = Context::get('xe_validator_id');
$this->_setInputValueToSession();
return $oModule;
}
}
}
$oModule->setAct($this->act);
$this->module_info->module_type = $type;
$oModule->setModuleInfo($this->module_info, $xml_info);
$skipAct = array('dispEditorConfigPreview' => 1, 'dispLayoutPreviewWithModule' => 1);
$db_use_mobile = Mobile::isMobileEnabled();
if ($type == "view" && $this->module_info->use_mobile == "Y" && Mobile::isMobileCheckByAgent() && !isset($skipAct[Context::get('act')]) && $db_use_mobile === true) {
global $lang;
$header = '<style>div.xe_mobile{opacity:0.7;margin:1em 0;padding:.5em;background:#333;border:1px solid #666;border-left:0;border-right:0}p.xe_mobile{text-align:center;margin:1em 0}a.xe_mobile{color:#ff0;font-weight:bold;font-size:24px}@media only screen and (min-width:500px){a.xe_mobile{font-size:15px}}</style>';
$footer = '<div class="xe_mobile"><p class="xe_mobile"><a class="xe_mobile" href="' . getUrl('m', '1') . '">' . $lang->msg_pc_to_mobile . '</a></p></div>';
Context::addHtmlHeader($header);
Context::addHtmlFooter($footer);
}
if ($type == "view" && $kind != 'admin') {
$module_config = $oModuleModel->getModuleConfig('module');
if ($module_config->htmlFooter) {
Context::addHtmlFooter($module_config->htmlFooter);
}
if ($module_config->siteTitle) {
$siteTitle = Context::getBrowserTitle();
if (!$siteTitle) {
Context::setBrowserTitle($module_config->siteTitle);
}
}
}
// if failed message exists in session, set context
$this->_setInputErrorToContext();
$procResult = $oModule->proc();
$methodList = array('XMLRPC' => 1, 'JSON' => 1, 'JS_CALLBACK' => 1);
if (!$oModule->stop_proc && !isset($methodList[Context::getRequestMethod()])) {
$error = $oModule->getError();
$message = $oModule->getMessage();
$messageType = $oModule->getMessageType();
$redirectUrl = $oModule->getRedirectUrl();
if ($messageType == 'error') {
debugPrint($message, 'ERROR');
}
if (!$procResult) {
$this->error = $message;
if (!$redirectUrl && Context::get('error_return_url')) {
$redirectUrl = Context::get('error_return_url');
}
$this->_setInputValueToSession();
} else {
}
$_SESSION['XE_VALIDATOR_ERROR'] = $error;
$_SESSION['XE_VALIDATOR_ID'] = Context::get('xe_validator_id');
if ($message != 'success') {
$_SESSION['XE_VALIDATOR_MESSAGE'] = $message;
}
$_SESSION['XE_VALIDATOR_MESSAGE_TYPE'] = $messageType;
if (Context::get('xeVirtualRequestMethod') != 'xml') {
$_SESSION['XE_VALIDATOR_RETURN_URL'] = $redirectUrl;
}
}
unset($logged_info);
return $oModule;
}
/**
* insert module by men create value
* @request value of client request
* @args value for menu create
* @return bool result of create module
*/
private function _insertModule(&$request, &$args)
{
$cmArgs = new stdClass();
switch ($request->module_type) {
case 'WIDGET':
case 'ARTICLE':
case 'OUTSIDE':
$cmArgs->module = 'page';
$cmArgs->page_type = $request->module_type;
break;
default:
$cmArgs->module = $request->module_type;
unset($cmArgs->page_type);
}
//module create
$site_module_info = Context::get('site_module_info');
$cmArgs->site_srl = (int) $site_module_info->site_srl;
$cmArgs->browser_title = $args->name;
$cmArgs->menu_srl = $request->menu_srl;
$cmArgs->layout_srl = -1;
$cmArgs->mlayout_srl = -1;
$cmArgs->is_skin_fix = 'N';
$cmArgs->is_mskin_fix = 'N';
if (Mobile::isMobileEnabled() === true) {
$cmArgs->use_mobile = 'Y';
}
// if mid is empty, auto create mid
if (!$request->module_id) {
$randomMid = $this->_makeRandomMid();
$request->module_id = $cmArgs->module . '_' . $randomMid;
}
$cmArgs->mid = $request->module_id;
// check already created module instance
$oModuleModel = getModel('module');
$output = $oModuleModel->getModuleInfoByMid($request->module_id);
if ($output->module_srl) {
return new Object(-1, 'msg_module_name_exists');
}
$oModuleController = getController('module');
$output = $oModuleController->insertModule($cmArgs);
return $output;
}
