/**
* The method of the request was set to get in the constructor
*
* @depends testConstructorNoParams
* @return null
*/
public function testIsGetPostCli()
{
$this->assertTrue($this->input->isGet());
$this->assertFalse($this->input->isPost());
$this->assertFalse($this->input->isCli());
$this->assertEquals('get', $this->input->getMethod());
$input = new AppInput('post');
$this->assertTrue($input->isPost());
$this->assertFalse($input->isGet());
$this->assertFalse($input->isCli());
$this->assertEquals('post', $input->getMethod());
$input = new AppInput('cli');
$this->assertTrue($input->isCli());
$this->assertFalse($input->isGet());
$this->assertFalse($input->isPost());
$this->assertEquals('cli', $input->getMethod());
/* prove not case sensitive */
$input = new AppInput('GET');
$this->assertTrue($input->isGet());
$this->assertFalse($input->isPost());
$this->assertFalse($input->isCli());
$this->assertEquals('get', $input->getMethod());
$input = new AppInput('POST');
$this->assertTrue($input->isPost());
$this->assertFalse($input->isGet());
$this->assertFalse($input->isCli());
$this->assertEquals('post', $input->getMethod());
$input = new AppInput('CLI');
$this->assertTrue($input->isCli());
$this->assertFalse($input->isGet());
$this->assertFalse($input->isPost());
$this->assertEquals('cli', $input->getMethod());
}
function before_filter(&$action, &$args)
{
parent::before_filter($action, $args);
PageLayout::setTitle(_("Nachrichten"));
PageLayout::setHelpKeyword("Basis.InteraktionNachrichten");
if (Request::isXhr() && Request::isGet()) {
$request = Request::getInstance();
foreach (words('default_body default_subject') as $key) {
$request[$key] = Request::removeMagicQuotes($_GET[$key]);
}
}
}
public function testMethods()
{
$_SERVER['REQUEST_METHOD'] = 'POST';
$Request = new Request();
$this->assertTrue($Request->isPost());
$this->assertFalse($Request->isGet());
$this->assertEqual($Request->method(), 'POST');
$_SERVER['REQUEST_METHOD'] = 'GET';
$Request = new Request();
$this->assertFalse($Request->isPost());
$this->assertTrue($Request->isGet());
$this->assertEqual($Request->method(), 'GET');
$this->assertFalse($Request->isAjax());
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest';
$this->assertTrue($Request->isAjax());
}
public static function run()
{
$dotenv = new \Dotenv\Dotenv(TXTROOT);
$dotenv->load();
if (isset($_SERVER['HTTP_USER_AGENT']) && stripos($_SERVER['HTTP_USER_AGENT'], 'Slackbot-LinkExpanding') !== false) {
Response::sendResponse(Response::HTTP_403, ['error' => "No slackbots allowed"]);
exit;
}
if (!getenv('REDIS_URL')) {
Response::sendResponse(Response::HTTP_500, ['error' => "REDIS_URL environment variable required"]);
exit;
}
if (!Request::isGet() && !Request::isPost()) {
Response::sendResponse(Response::HTTP_405, ['error' => "Please use a GET or POST"]);
exit;
}
if (getenv('AUTH') && (!isset($_POST['auth']) || !static::compareStrings(getenv('AUTH'), $_POST['auth']))) {
Response::sendResponse(Response::HTTP_401, ['error' => "'auth' parameter is missing or invalid"]);
exit;
}
// header('Access-Control-Allow-Origin: ' . $_SERVER['ORIGIN']);
// header('Access-Control-Allow-Credentials: true');
// Access-Control-Allow-Methods: GET, POST
// x-frame-options
$redis = Redis::getRedis(getenv('REDIS_URL'));
$hash = ltrim(Request::getPath(), '/');
if ($hash) {
if ($hash == 'robots.txt') {
Response::setStatus(Response::HTTP_200);
Response::setContentType(Response::TEXT);
Response::setContent("User-agent: *\nDisallow: /");
Response::send();
exit;
}
if (Request::isPost()) {
Response::sendResponse(Response::HTTP_405, ['error' => "Cannot post to a hash"]);
exit;
}
if (strlen($hash) > Redis::MAX_KEY_LENGTH || !preg_match('/^[A-Za-z0-9]+$/', $hash)) {
Response::sendResponse(Response::HTTP_404, ['error' => "Invalid hash"]);
exit;
}
$data = $redis->hGetAll(Redis::PREFIX . $hash);
if (!$data) {
Response::sendResponse(Response::HTTP_404, ['error' => "Hash not found"]);
exit;
}
$datum = Datum::createFromArray($data);
if ($datum->once) {
$redis->del(Redis::PREFIX . $hash);
}
// set proper cache header, esp for read-once
// actually, PROBABLY NOT A GOOD IDEA, esp for things that are meant to expire. we should do the opposite - dont cache
// Response::setCacheForeverHeaders();
Response::sendResponse('datum', ['datum' => $datum]);
exit;
}
if (Request::isGet()) {
Response::sendResponse('home', ['domain' => 'http' . (Request::isSSL() ? 's' : '') . '://' . Request::getHost()]);
exit;
} else {
$data = isset($_POST['data']) ? $_POST['data'] : file_get_contents("php://input");
if (!$data) {
Response::sendResponse(Response::HTTP_400, ['error' => 'No data submitted']);
exit;
}
$datum = new Datum(trim($data), Datum::T_TEXT, Request::isFlagOn('once'));
$key = substr(static::randId(), 0, Redis::MAX_KEY_LENGTH);
$ttl = isset($_POST['ttl']) ? max(1, min((int) $_POST['ttl'], Redis::MAX_TTL)) : Redis::MAX_TTL;
$redis->hMSet(Redis::PREFIX . $key, $datum->toArray());
$redis->expire(Redis::PREFIX . $key, $ttl);
$url = 'http' . (Request::isSSL() ? 's' : '') . '://' . Request::getHost() . '/' . $key;
Response::sendResponse(Response::HTTP_201, ['url' => $url, 'ttl' => $ttl, '_textKey' => 'url']);
exit;
}
}
<button class="btn btn-default" type="button"><i class="fa fa-search"></i></button>
</span>
<input type="text" class="form-control" id="myInput" name="myInput" placeholder="Search for...">
</div>
</div>
</form>
</div>
</div>
</div>
<!-- content body -->
<div class="padding">
<div class="full col-sm-9">
<div class="row">
<?php
if (Request::isGet()) {
switch ($uri[0]) {
case "category":
switch ($uri[1]) {
case "all":
$cat = DBDriver::all("SELECT id,title, permalink, description FROM kb_category WHERE published=1");
if (!empty($cat)) {
foreach ($cat as $c) {
$sumcat = DBDriver::row("SELECT COUNT(id) as totalarticle FROM kb_article WHERE category=:id", array(":id" => $c->id));
include "category.php";
}
} else {
?>
<div class="panel panel-warning">
<div class="panel-heading">
<h3 class="panel-title">Empty!</h3>
public function testRequestMethodGet()
{
$this->setRequestMethod('GET');
$this->assertTrue(Request::isGet());
}
/**
* delete one room request
*/
public function delete_action()
{
$request = RoomRequest::find(Request::option('request_id'));
if (!$request) {
throw new Trails_Exception(403);
}
if (Request::isGet()) {
$factory = new Flexi_TemplateFactory($this->dispatcher->trails_root . '/views/');
$template = $factory->open('course/room_requests/_del.php');
$template->action = $this->link_for('delete/' . $this->course_id, array('request_id' => $request->getid()));
$template->question = sprintf(_('Möchten Sie die Raumanfrage "%s" löschen?'), $request->getTypeExplained());
$this->flash['message'] = $template->render();
} else {
CSRFProtection::verifyUnsafeRequest();
if (Request::submitted('kill')) {
if ($request->delete()) {
$this->flash['message'] = MessageBox::success("Die Raumanfrage wurde gelöscht.");
}
}
}
$this->redirect('course/room_requests/index/' . $this->course_id);
}
/**
* This checks the request and returns either true or false. It is
* implicitly called by CSRFProtection::verifySecurityToken() and
* it should never be needed to call this.
*
* @returns boolean returns true if the request is valid
*/
static function verifyRequest()
{
return Request::isGet() || Request::isXhr() || self::checkSecurityToken();
}
/**
* Store or retrieve settings.
*
* Settings are further subdivided into groups. For example: global,
* seminar- and user-specific settings (see below).
*
* HTTP GET
* returns a JSON object with current settings.
*
* HTTP PUT
* expects a JSON object with settings to store and returns
* updated settings as a JSON object. Some settings are read-only,
* others can only be set if the user has the necessary access level.
*
* Currently only the following basic features are supported:
*
* HTTP GET wysiwyg/settings/global
* Always returns:
* {
* "upload": {
* "permission": "autor",
* "folder": {
* "name": "Wysiwyg Uploads",
* "description": "Vom WYSIWYG Editor hochgeladene Dateien."
* }
* }
* }
* }
*
* HTTP GET wysiwyg/settings/users/current
* Always returns following setting for the authenticated user:
* {
* "disabled": false | true
* }
*
* HTTP PUT wysiwyg/settings/users/current
* Allows only to reset or set the disabled state with:
* {
* "disabled": false | true
* }
*
* Below is a specification of possible future extensions to this
* interface, that are based on current feature requests by users
* (mainly people from ELMO, ELAN and ECULT).
*
* wysiwyg/settings/global
* Common settings for all WYSIWYG editors throughout Stud.IP.
* wysiwyg/settings/seminars
* Settings of all seminars.
* Listed seminars depend on access level:
* root => full access to all seminars
* dozent, tutor of a seminar => full access to those seminars
* others => read-access to seminars they are a member of
* wysiwyg/settings/seminars/ID
* Settings of the seminar with the given ID.
* Access permissions: see above.
* wysiwyg/settings/seminars/ID/users
* Seminar's settings for all its users.
* Access permissions: see above.
* wysiwyg/settings/seminars/ID/users/ID
* Seminar's settings for a specific user in that seminar.
* Access permissions: see above.
* wysiwyg/settings/users
* Settings of all users.
* Listed users depend on access level:
* root => full access to all users
* not root => full access to own settings only
* wysiwyg/settings/users/ID
* Settings of the user with the given ID.
* Access permissions: see above.
* wysiwyg/settings/users/ID/seminars
* User's settings for all seminars the user is a member of.
* Access permissions: see above.
* wysiwyg/settings/users/ID/seminars/ID
* User's settings for the seminar with the given ID.
* Access permissions: see above.
*
* The difference of seminar's settings for a user and user's settings
* for a seminar:
*
* A seminar's teacher may want to set the upload directory for each user
* to a separate one, which should not be overwritable by a user, in
* order to make sure that users cannot see other users uploads (there
* are other ways to do this, but it's just an example).
*
* A user might want to have a specific upload directory in order to
* collaborate better with other users in the same seminar (e.g. when
* students form a study group).
*
* For example the ELMO module needs such settings.
*
* JSON scheme for access to wysiwyg/settings:
* {
* "global": { "SETTING": ..., ... },
* "seminars": {
* "ID": {
* "users": { "ID": {...}, ... },
* "SETTING": ...,
* ...
* },
* "ID": {...},
* ...
* },
* "users": {
* "ID": {
* "seminars": { "ID": {...}, ... },
* "SETTING": ...,
* ...
* },
* "ID": {...},
* ...
* }
* }
*
* When accessing a sub-resource that resource's branch of the JSON scheme
* will be returned.
*/
public function settings_action()
{
try {
if (!Request::isGet() && !Request::isPut()) {
throw new WysiwygHttpExceptionMethodNotAllowed(_('Nur die HTTP-Methoden GET und PUT sind erlaubt.'));
}
$arguments = func_get_args();
$settingsGroup = array_shift($arguments);
if (Request::isPut()) {
$this->setSettings($settingsGroup, $arguments);
}
$this->render_json($this->objectToArray($this->getSettings($settingsGroup, $arguments)));
} catch (WysiwygHttpException $e) {
$this->set_status($e->getCode());
$this->set_content_type('text/plain; charset=utf-8');
$this->render_text(studip_utf8encode($e->getMessage()));
}
}
function messages_getMessages($caveID, $deletebox, $box)
{
global $template;
// open template
$template->setFile('messageList.tmpl');
// init messages class
$messagesClass = new Messages();
// Nachrichten löschen
$deleted = $marked_as_read = 0;
// alte status msg?
if ($template->getVar('status_msg')) {
$statusMsg = $template->getVar('status_msg');
}
$action = Request::getVar('action', '');
$messageID = Request::getVar('messageID', 0);
// checkboxes checked
if (is_array($deletebox) && Request::isPost('button') || Request::getVar('action', '') && Request::getVar('messageID', 0) != 0) {
if (Request::getVar('action', '') && Request::getVar('messageID', 0) != 0) {
$deletebox = array($messageID);
$switch = Request::getVar('action', '');
} else {
$switch = Request::getVar('button', '');
}
if (!sizeof($deletebox)) {
$statusMsg = array('type' => 'error', 'message' => _('Du mußt mindestens eine Nachricht auswählen.'));
$switch = '';
}
switch ($switch) {
// mail and delete
case 'mark_mail':
$mailCount = $messagesClass->mailAndDeleteMessages($deletebox);
$statusMsg = array('type' => 'success', 'message' => sprintf(_('%d Nachricht(en) per E-Mail verschickt erfolgreich gelöscht.'), $mailCount));
break;
// just delete
// just delete
case 'mark_delete':
$deleteCount = $messagesClass->deleteMessages($deletebox);
$statusMsg = array('type' => 'success', 'message' => sprintf(_('%d Nachricht(en) erfolgreich gelöscht.'), $deleteCount));
break;
// mark as read
// mark as read
case 'mark_read':
$readCount = $messagesClass->markAsRead($deletebox);
$statusMsg = array('type' => 'success', 'message' => sprintf(_('%d Nachricht(en) als gelesen markiert.'), $readCount));
break;
// recover messages
// recover messages
case 'mark_recover':
$recoverCount = $messagesClass->recoverMessages($deletebox);
$statusMsg = array('type' => 'success', 'message' => sprintf(_('%d Nachricht(en) wurden wiederhergestellt.'), $recoverCount));
break;
}
}
// delete all
if (Request::isPost('delete_all')) {
$deleted = $messagesClass->deleteAllMessages($box, Request::getVar('messageClass', -2));
$statusMsg = array('type' => 'success', 'message' => sprintf(_('%d Nachricht(en) erfolgreich gelöscht.'), $deleted));
unset($_REQUEST['messageClass'], $_POST['messageClass'], $_GET['messageClass']);
}
// verschiedene Boxes werden hier behandelt... //
$boxes = array(BOX_INCOMING => array('boxname' => _('Posteingang'), 'from_to' => _('Absender')), BOX_OUTGOING => array('boxname' => _('Postausgang'), 'from_to' => _('Empfänger')), BOX_TRASH => array('boxname' => _('Papierkorb'), 'from_to' => _('Absender')));
$classes = array();
foreach ($messagesClass->MessageClass as $id => $text) {
$messageClass = Request::isGet('messageClass', true) || Request::isPost('messageClass', true) ? Request::getVar('messageClass', 0) : 0;
if ($id != 1001) {
$selected = $messageClass == $id ? 'selected="selected"' : '';
$classes[] = array('id' => $id, 'text' => $text, 'selected' => $selected);
}
//für jede Nachrichtenart wird eine eigene Box angelegt
array_push($boxes, array($text => array('boxname' => _($text), 'von_an' => '')));
}
/////////////////////////////////////////////////
// calculate offset
$offset = Request::getVar('offset', 0);
$messageClass = Request::isGet('messageClass', true) || Request::isPost('messageClass', true) ? Request::getVar('messageClass', 0) : -2;
switch ($box) {
default:
case BOX_INCOMING:
$message_count = $messagesClass->getIncomingMessagesCount($messageClass);
break;
case BOX_OUTGOING:
$message_count = $messagesClass->getOutgoingMessagesCount($messageClass);
break;
case BOX_TRASH:
$message_count = $messagesClass->getTrashMessagesCount($messageClass);
break;
}
// offset "normalisieren"
if ($offset < 0) {
$offset = 0;
}
if ($offset > $message_count - 1) {
$offset = $message_count;
}
// Nachrichten einlesen und ausgeben
$messages = array();
switch ($box) {
default:
case BOX_INCOMING:
$messages = $messagesClass->getIncomingMessages($offset, MSG_PAGE_COUNT, $messageClass);
break;
case BOX_OUTGOING:
$messages = $messagesClass->getOutgoingMessages($offset, MSG_PAGE_COUNT, $messageClass);
break;
case BOX_TRASH:
$messages = $messagesClass->getTrashMessages($offset, MSG_PAGE_COUNT, $messageClass);
break;
}
// vor-zurück Knopf
$message_prev = $message_next = array();
if ($offset - MSG_PAGE_COUNT >= 0) {
$message_prev = array('offset' => $offset - MSG_PAGE_COUNT, 'box' => $box, 'modus' => MESSAGES_LIST, 'message_class' => $messageClass);
}
if ($offset + MSG_PAGE_COUNT <= $message_count - 1) {
$message_next = array('offset' => $offset + MSG_PAGE_COUNT, 'box' => $box, 'modus' => MESSAGES_LIST, 'message_class' => $messageClass);
}
/****************************************************************************************************
*
* Übergeben ans Template
*
****************************************************************************************************/
$template->addVars(array('from_to' => $boxes[$box]['from_to'], 'messages' => $messages, 'message_box' => $box, 'message_classes' => $classes, 'message_class_id' => isset($messageClass) ? $messageClass : 0, 'message_class_name' => isset($messagesClass->MessageClass[$messageClass]) ? $messagesClass->MessageClass[$messageClass] : '', 'message_min' => $message_count == 0 ? 0 : $offset + 1, 'message_max' => min($offset + MSG_PAGE_COUNT, $message_count), 'message_count' => $message_count, 'message_prev' => $message_prev, 'message_next' => $message_next, 'status_msg' => isset($statusMsg) ? $statusMsg : '', 'trash' => $box == BOX_TRASH ? true : false));
}
/**
* @covers Request::isGet
*/
public function testIsGet()
{
$_SERVER['REQUEST_METHOD'] = 'GET';
$actual = $this->req->isGet();
$this->assertTrue($actual);
}
