/** * Redirects the browser to a page specified by the $url argument. * * <code> * Request::redirect('test'); * </code> * * @param string $url The URL * @param integer $status Status * @param integer $delay Delay */ public static function redirect($url, $status = 302, $delay = null) { // Redefine vars $url = (string) $url; $status = (int) $status; // Status codes $messages = array(); $messages[301] = '301 Moved Permanently'; $messages[302] = '302 Found'; // Is Headers sent ? if (headers_sent()) { echo "<script>document.location.href='" . $url . "';</script>\n"; } else { // Redirect headers Request::setHeaders('HTTP/1.1 ' . $status . ' ' . Arr::get($messages, $status, 302)); // Delay execution if ($delay !== null) { sleep((int) $delay); } // Redirect Request::setHeaders("Location: {$url}"); // Shutdown request Request::shutdown(); } }
/** * _pageExpandAjax */ public static function _pageExpandAjax() { if (Request::post('page_slug')) { if (Security::check(Request::post('token'))) { $pages = new Table('pages'); $pages->updateWhere('[slug="' . Request::post('page_slug') . '"]', array('expand' => Request::post('page_expand'))); Request::shutdown(); } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } }
/** * Ajax: get Event by ID */ public static function _getAjaxData() { // Ajax Request: add event if (Request::post('edit_event_id')) { echo json_encode(EventsRepository::getById((int) Request::post('edit_event_id'))); Request::shutdown(); } // Ajax Request: add category if (Request::post('edit_category_id')) { echo json_encode(CategoriesRepository::getById((int) Request::post('edit_category_id'))); Request::shutdown(); } // Ajax Request: add location if (Request::post('edit_location_id')) { echo json_encode(LocationsRepository::getById((int) Request::post('edit_location_id'))); Request::shutdown(); } }
<?php /** * Morfy Feed Plugin * * (c) Romanenko Sergey / Awilum <*****@*****.**> * * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ if (Url::getUriSegment(0) == 'rss') { Morfy::factory()->addAction('before_render', function () { $fenom = Fenom::factory(PLUGINS_PATH . '/feed/templates/', CACHE_PATH . '/fenom/', Morfy::$fenom); $fenom->setOptions(array("strip" => false)); Response::status(200); Request::setHeaders('Content-Type: text/xml; charset=utf-8'); $fenom->display('rss.tpl', array('page' => Morfy::factory()->getPage(Morfy::$plugins['feed']['page']), 'pages' => Morfy::factory()->getPages(Morfy::$plugins['feed']['page'], 'date', 'DESC', array('404')))); Request::shutdown(); }); }
/** * Main function */ public static function main() { // Array of forbidden types $forbidden_types = array('html', 'htm', 'js', 'jsb', 'mhtml', 'mht', 'php', 'phtml', 'php3', 'php4', 'php5', 'phps', 'shtml', 'jhtml', 'pl', 'py', 'cgi', 'sh', 'ksh', 'bsh', 'c', 'htaccess', 'htpasswd', 'exe', 'scr', 'dll', 'msi', 'vbs', 'bat', 'com', 'pif', 'cmd', 'vxd', 'cpl', 'empty'); // Array of image types $image_types = array('jpg', 'png', 'bmp', 'gif', 'tif'); // Get Site url $site_url = Option::get('siteurl'); // Init vars if (Request::get('path')) { $path = Request::get('path'); } else { $path = 'uploads/'; } // Add slash if not exists if (substr($path, -1, 1) != '/') { $path .= '/'; Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path); } // Upload corectly! if ($path == 'uploads' || $path == 'uploads//') { $path = 'uploads/'; Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path); } // Only 'uploads' folder! if (strpos($path, 'uploads') === false) { $path = 'uploads/'; Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path); } // Set default path value if path is empty if ($path == '') { $path = 'uploads/'; Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path); } $files_path = ROOT . DS . 'public' . DS . $path; $current = explode('/', $path); // Delete file // ------------------------------------- if (Request::get('id') == 'filesmanager' && Request::get('delete_file')) { if (Security::check(Request::get('token'))) { File::delete($files_path . Request::get('delete_file')); if (!is_file($files_path . Request::get('delete_file'))) { Notification::set('success', __('File was deleted', 'filesmanager')); } else { Notification::set('error', __('File was not deleted', 'filesmanager')); } Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path); } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Delete dir // ------------------------------------- if (Request::get('id') == 'filesmanager' && Request::get('delete_dir')) { if (Security::check(Request::get('token'))) { Dir::delete($files_path . Request::get('delete_dir')); if (!is_dir($files_path . Request::get('delete_dir'))) { Notification::set('success', __('Directory was deleted', 'filesmanager')); } else { Notification::set('error', __('Directory was not deleted', 'filesmanager')); } Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path); } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Rename file/dir // ------------------------------------- if (Request::post('rename_type')) { if (Security::check(Request::post('csrf'))) { $rename_type = Request::post('rename_type'); $rename_from = Request::post('rename_from'); $rename_to = Request::post('rename_to'); if (empty($rename_to)) { Notification::set('error', __('Can not be empty', 'filesmanager')); Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path); } $ext = $rename_type === 'file' ? '.' . File::ext($rename_from) : ''; $rename_to = $files_path . Security::safeName($rename_to, null, false) . $ext; if (is_dir($rename_to)) { Notification::set('error', __('Directory exists', 'filesmanager')); Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path); } if (is_file($rename_to)) { Notification::set('error', __('File exists', 'filesmanager')); Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path); } $success = rename($files_path . $rename_from, $rename_to); if ($success) { Notification::set('success', __('Renamed successfully', 'filesmanager')); } else { Notification::set('error', __('Failure', 'filesmanager')); } Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path); } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Upload file // ------------------------------------- if (Request::post('upload_file')) { if (Security::check(Request::post('csrf'))) { $error = false; if ($_FILES['file']) { if (!in_array(File::ext($_FILES['file']['name']), $forbidden_types)) { $filepath = $files_path . Security::safeName(basename($_FILES['file']['name'], File::ext($_FILES['file']['name'])), null, false) . '.' . File::ext($_FILES['file']['name']); $uploaded = move_uploaded_file($_FILES['file']['tmp_name'], $filepath); if ($uploaded !== false && is_file($filepath)) { Notification::set('success', __('File was uploaded', 'filesmanager')); } else { $error = 'File was not uploaded'; } } else { $error = 'Forbidden file type'; } } else { $error = 'File was not uploaded'; } if ($error) { Notification::set('error', __($error, 'filesmanager')); } if (Request::post('dragndrop')) { Request::shutdown(); } else { Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path); } } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Create Directory // ------------------------------------- if (Request::post('directory_name')) { if (Security::check(Request::post('csrf'))) { $abs_path = $files_path . Security::safeName(Request::post('directory_name'), null, false); $error = false; if (!is_dir($abs_path)) { try { mkdir($abs_path); } catch (Exception $e) { $error = true; } } else { $error = true; } if ($error) { Alert::error(__('Directory was not created', 'filesmanager')); } else { Alert::success(__('Directory was created', 'filesmanager')); } } } // Get information about current path $_list = FilesmanagerAdmin::fdir($files_path); $files_list = array(); // Get files if (isset($_list['files'])) { foreach ($_list['files'] as $files) { $files_list[] = $files; } } $dir_list = array(); // Get dirs if (isset($_list['dirs'])) { foreach ($_list['dirs'] as $dirs) { if (strpos($dirs, '.') === false && strpos($dirs, '..') === false) { $dir_list[] = $dirs; } } } // Display view View::factory('box/filesmanager/views/backend/index')->assign('path', $path)->assign('current', $current)->assign('files_list', $files_list)->assign('dir_list', $dir_list)->assign('forbidden_types', $forbidden_types)->assign('image_types', $image_types)->assign('site_url', $site_url)->assign('upload_max_filesize', FilesmanagerAdmin::uploadSize())->assign('files_path', $files_path)->assign('fileuploader', array('uploadUrl' => $site_url . '/admin/index.php?id=filesmanager&path=' . $path, 'csrf' => Security::token(), 'errorMsg' => __('Upload server error', 'filesmanager')))->display(); }
/** * _rss */ public static function _rss() { if (Uri::segment(0) == 'rss') { include PLUGINS . DS . 'blog' . DS . 'rss.php'; Request::shutdown(); } }
/** * _readmeLoadAjax */ public static function _readmeLoadAjax() { if (Request::post('readme_plugin')) { if (File::exists($file = PLUGINS . DS . Request::post('readme_plugin') . DS . 'README.md')) { echo Text::toHtml(markdown(Html::toText(File::getContent($file)))); } else { echo __('README.md not found', 'plugins'); } Request::shutdown(); } }