/**
* Listens for 'frontcontroller.predispatch'.
*
* @param Zikula_Event $event
*
* @return void
*/
public function siteOff(Zikula_Event $event)
{
// Get variables
$module = FormUtil::getPassedValue('module', '', 'GETPOST', FILTER_SANITIZE_STRING);
$func = FormUtil::getPassedValue('func', '', 'GETPOST', FILTER_SANITIZE_STRING);
// Check for site closed
if (System::getVar('siteoff') && !SecurityUtil::checkPermission('Settings::', 'SiteOff::', ACCESS_ADMIN) && !($module == 'Users' && $func == 'siteofflogin') || Zikula_Core::VERSION_NUM != System::getVar('Version_Num')) {
if (SecurityUtil::checkPermission('Users::', '::', ACCESS_OVERVIEW) && UserUtil::isLoggedIn()) {
UserUtil::logout();
}
header('HTTP/1.1 503 Service Unavailable');
require_once System::getSystemErrorTemplate('siteoff.tpl');
System::shutdown();
}
}
public function onKernelRequestSiteOff(GetResponseEvent $event)
{
if (!$event->isMasterRequest()) {
return;
}
$response = $event->getResponse();
$request = $event->getRequest();
if ($response instanceof PlainResponse || $response instanceof JsonResponse || $request->isXmlHttpRequest()) {
return;
}
if (\System::isInstalling()) {
return;
}
// Get variables
$module = strtolower($request->query->get('module'));
$type = strtolower($request->query->get('type'));
$func = strtolower($request->query->get('func'));
$siteOff = (bool) \System::getVar('siteoff');
$hasAdminPerms = \SecurityUtil::checkPermission('ZikulaSettingsModule::', 'SiteOff::', ACCESS_ADMIN);
$urlParams = $module == 'users' && $type == 'user' && $func == 'siteofflogin';
// params are lowercase
$versionCheck = \Zikula_Core::VERSION_NUM != \System::getVar('Version_Num');
// Check for site closed
if ($siteOff && !$hasAdminPerms && !$urlParams || $versionCheck) {
$hasOnlyOverviewAccess = \SecurityUtil::checkPermission('ZikulaUsersModule::', '::', ACCESS_OVERVIEW);
if ($hasOnlyOverviewAccess && \UserUtil::isLoggedIn()) {
\UserUtil::logout();
}
// initialise the language system to enable translations (#1764)
$lang = \ZLanguage::getInstance();
$lang->setup($request);
$response = new Response();
$response->headers->add(array('HTTP/1.1 503 Service Unavailable'));
$response->setStatusCode(503);
$content = (require_once \System::getSystemErrorTemplate('siteoff.tpl'));
// move to CoreBundle and use Twig
$response->setContent($content);
$event->setResponse($response);
$event->stopPropagation();
}
}
/**
* Initialise Zikula.
*
* Carries out a number of initialisation tasks to get Zikula up and
* running.
*
* @param integer $stage Stage to load.
*
* @return boolean True initialisation successful false otherwise.
*/
public function init($stage = self::STAGE_ALL)
{
$coreInitEvent = new Zikula_Event('core.init', $this);
// store the load stages in a global so other API's can check whats loaded
$this->stage = $this->stage | $stage;
if ($stage & self::STAGE_PRE && $this->stage & ~self::STAGE_PRE) {
ModUtil::flushCache();
System::flushCache();
$this->eventManager->notify(new Zikula_Event('core.preinit', $this));
}
// Initialise and load configuration
if ($stage & self::STAGE_CONFIG) {
if (System::isLegacyMode()) {
require_once 'lib/legacy/Compat.php';
}
// error reporting
if (!System::isInstalling()) {
// this is here because it depends on the config.php loading.
$event = new Zikula_Event('setup.errorreporting', null, array('stage' => $stage));
$this->eventManager->notify($event);
}
// initialise custom event listeners from config.php settings
$coreInitEvent->setArg('stage', self::STAGE_CONFIG);
$this->eventManager->notify($coreInitEvent);
}
// Check that Zikula is installed before continuing
if (System::getVar('installed') == 0 && !System::isInstalling()) {
System::redirect(System::getBaseUrl() . 'install.php?notinstalled');
System::shutDown();
}
if ($stage & self::STAGE_DB) {
try {
$dbEvent = new Zikula_Event('core.init', $this, array('stage' => self::STAGE_DB));
$this->eventManager->notify($dbEvent);
} catch (PDOException $e) {
if (!System::isInstalling()) {
header('HTTP/1.1 503 Service Unavailable');
require_once System::getSystemErrorTemplate('dbconnectionerror.tpl');
System::shutDown();
} else {
return false;
}
}
}
if ($stage & self::STAGE_TABLES) {
// Initialise dbtables
ModUtil::dbInfoLoad('Extensions', 'Extensions');
ModUtil::initCoreVars();
ModUtil::dbInfoLoad('Settings', 'Settings');
ModUtil::dbInfoLoad('Theme', 'Theme');
ModUtil::dbInfoLoad('Users', 'Users');
ModUtil::dbInfoLoad('Groups', 'Groups');
ModUtil::dbInfoLoad('Permissions', 'Permissions');
ModUtil::dbInfoLoad('Categories', 'Categories');
if (!System::isInstalling()) {
ModUtil::registerAutoloaders();
}
$coreInitEvent->setArg('stage', self::STAGE_TABLES);
$this->eventManager->notify($coreInitEvent);
}
if ($stage & self::STAGE_SESSIONS) {
SessionUtil::requireSession();
$coreInitEvent->setArg('stage', self::STAGE_SESSIONS);
$this->eventManager->notify($coreInitEvent);
}
// Have to load in this order specifically since we cant setup the languages until we've decoded the URL if required (drak)
// start block
if ($stage & self::STAGE_LANGS) {
$lang = ZLanguage::getInstance();
}
if ($stage & self::STAGE_DECODEURLS) {
System::queryStringDecode();
$coreInitEvent->setArg('stage', self::STAGE_DECODEURLS);
$this->eventManager->notify($coreInitEvent);
}
if ($stage & self::STAGE_LANGS) {
$lang->setup();
$coreInitEvent->setArg('stage', self::STAGE_LANGS);
$this->eventManager->notify($coreInitEvent);
}
// end block
if ($stage & self::STAGE_MODS) {
// Set compression on if desired
if (System::getVar('UseCompression') == 1) {
//ob_start("ob_gzhandler");
}
ModUtil::load('SecurityCenter');
$coreInitEvent->setArg('stage', self::STAGE_MODS);
$this->eventManager->notify($coreInitEvent);
}
if ($stage & self::STAGE_THEME) {
// register default page vars
PageUtil::registerVar('title');
PageUtil::setVar('title', System::getVar('defaultpagetitle'));
PageUtil::registerVar('keywords', true);
PageUtil::registerVar('stylesheet', true);
PageUtil::registerVar('javascript', true);
PageUtil::registerVar('jsgettext', true);
PageUtil::registerVar('body', true);
PageUtil::registerVar('header', true);
PageUtil::registerVar('footer', true);
$theme = Zikula_View_Theme::getInstance();
// set some defaults
// Metadata for SEO
$this->serviceManager['zikula_view.metatags']['description'] = System::getVar('defaultmetadescription');
$this->serviceManager['zikula_view.metatags']['keywords'] = System::getVar('metakeywords');
$coreInitEvent->setArg('stage', self::STAGE_THEME);
$this->eventManager->notify($coreInitEvent);
}
// check the users status, if not 1 then log him out
if (UserUtil::isLoggedIn()) {
$userstatus = UserUtil::getVar('activated');
if ($userstatus != Users_Constant::ACTIVATED_ACTIVE) {
UserUtil::logout();
// TODO - When getting logged out this way, the existing session is destroyed and
// then a new one is created on the reentry into index.php. The message
// set by the registerStatus call below gets lost.
LogUtil::registerStatus(__('You have been logged out.'));
System::redirect(ModUtil::url('Users', 'user', 'login'));
}
}
if ($stage & self::STAGE_POST && $this->stage & ~self::STAGE_POST) {
$this->eventManager->notify(new Zikula_Event('core.postinit', $this, array('stages' => $stage)));
}
}
/**
* Log the user out
*
* @deprecated
* @see UserUtil::logout()
*
* @public
* @return bool true if the user successfully logged out, false otherwise
*/
function pnUserLogOut()
{
LogUtil::log(__f('Warning! Function %1$s is deprecated. Please use %2$s instead.', array(__FUNCTION__, 'UserUtil::logout()')), E_USER_DEPRECATED);
return UserUtil::logout();
}
* @license GNU/LGPLv3 (or at your option, any later version).
* @package Zikula
*
* Please see the NOTICE file distributed with this source code for further
* information regarding copyright and licensing.
*/
include 'lib/bootstrap.php';
$core->init(Zikula_Core::STAGE_ALL | Zikula_Core::STAGE_AJAX & ~Zikula_Core::STAGE_DECODEURLS);
// Get variables
$module = FormUtil::getPassedValue('module', '', 'GETPOST', FILTER_SANITIZE_STRING);
$type = FormUtil::getPassedValue('type', 'ajax', 'GETPOST', FILTER_SANITIZE_STRING);
$func = FormUtil::getPassedValue('func', '', 'GETPOST', FILTER_SANITIZE_STRING);
// Check for site closed
if (System::getVar('siteoff') && !SecurityUtil::checkPermission('Settings::', 'SiteOff::', ACCESS_ADMIN) && !($module == 'Users' && $func == 'siteofflogin')) {
if (SecurityUtil::checkPermission('Users::', '::', ACCESS_OVERVIEW) && UserUtil::isLoggedIn()) {
UserUtil::logout();
}
die(new Zikula_Response_Ajax_Unavailable(__('The site is currently off-line.')));
}
if (empty($func)) {
die(new Zikula_Response_Ajax_NotFound(__f("Missing parameter '%s'", 'func')));
}
// get module information
$modinfo = ModUtil::getInfoFromName($module);
if ($modinfo == false) {
die(new Zikula_Response_Ajax_NotFound(__f("Error! The '%s' module is unknown.", DataUtil::formatForDisplay($module))));
}
if (!ModUtil::available($modinfo['name'])) {
die(new Zikula_Response_Ajax_NotFound(__f("Error! The '%s' module is not available.", DataUtil::formatForDisplay($module))));
}
if (!ModUtil::load($modinfo['name'], $type)) {
/**
* This is a standard function to update the configuration parameters of the
* module given the information passed back by the modification form
* @see securitycenter_admin_modifyconfig()
*
* @param int enableanticracker
* @param int itemsperpage
* @param int emailhackattempt
* @param int loghackattempttodb
* @param int onlysendsummarybyemail
* @param int updatecheck
* @param int updatefrequency
* @param int keyexpiry
* @param int sessionauthkeyua
* @param string secure_domain
* @param int signcookies
* @param string signingkey
* @param string seclevel
* @param int secmeddays
* @param int secinactivemins
* @param int sessionstoretofile
* @param string sessionsavepath
* @param int gc_probability
* @param int anonymoussessions
* @param int sessionrandregenerate
* @param int sessionregenerate
* @param int sessionregeneratefreq
* @param int sessionipcheck
* @param string sessionname
* @param int filtergetvars
* @param int filterpostvars
* @param int filtercookievars
* @param int outputfilter
* @param string summarycontent
* @param string fullcontent
*
* @return bool true if successful, false otherwise.
*/
public function updateconfig()
{
$this->checkCsrfToken();
// Security check
if (!SecurityUtil::checkPermission('SecurityCenter::', '::', ACCESS_ADMIN)) {
return LogUtil::registerPermissionError();
}
$validates = true;
// Update module variables.
$updatecheck = (int)FormUtil::getPassedValue('updatecheck', 0, 'POST');
System::setVar('updatecheck', $updatecheck);
// if update checks are disabled, reset values to force new update check if re-enabled
if ($updatecheck == 0) {
System::setVar('updateversion', Zikula_Core::VERSION_NUM);
System::setVar('updatelastchecked', 0);
}
$updatefrequency = (int)FormUtil::getPassedValue('updatefrequency', 30, 'POST');
System::setVar('updatefrequency', $updatefrequency);
$keyexpiry = (int)FormUtil::getPassedValue('keyexpiry', 0, 'POST');
if ($keyexpiry < 0 || $keyexpiry > 3600) {
$keyexpiry = 0;
}
System::setVar('keyexpiry', $keyexpiry);
$sessionauthkeyua = (int)FormUtil::getPassedValue('sessionauthkeyua', 0, 'POST');
System::setVar('sessionauthkeyua', $sessionauthkeyua);
$secure_domain = FormUtil::getPassedValue('secure_domain', '', 'POST');
System::setVar('secure_domain', $secure_domain);
$signcookies = (int)FormUtil::getPassedValue('signcookies', 1, 'POST');
System::setVar('signcookies', $signcookies);
$signingkey = FormUtil::getPassedValue('signingkey', '', 'POST');
System::setVar('signingkey', $signingkey);
$seclevel = FormUtil::getPassedValue('seclevel', 'High', 'POST');
System::setVar('seclevel', $seclevel);
$secmeddays = (int)FormUtil::getPassedValue('secmeddays', 7, 'POST');
if ($secmeddays < 1 || $secmeddays > 365) {
$secmeddays = 7;
}
System::setVar('secmeddays', $secmeddays);
$secinactivemins = (int)FormUtil::getPassedValue('secinactivemins', 20, 'POST');
if ($secinactivemins < 1 || $secinactivemins > 1440) {
$secinactivemins = 7;
}
System::setVar('secinactivemins', $secinactivemins);
$sessionstoretofile = (int)FormUtil::getPassedValue('sessionstoretofile', 0, 'POST');
$sessionsavepath = FormUtil::getPassedValue('sessionsavepath', '', 'POST');
// check session path config is writable (if method is being changed to session file storage)
$cause_logout = false;
$storeTypeCanBeWritten = true;
if ($sessionstoretofile == 1 && !empty($sessionsavepath)) {
// fix path on windows systems
$sessionsavepath = str_replace('\\', '/', $sessionsavepath);
// sanitize the path
$sessionsavepath = trim(stripslashes($sessionsavepath));
// check if sessionsavepath is a dir and if it is writable
// if yes, we need to logout
$cause_logout = (is_dir($sessionsavepath)) ? is_writable($sessionsavepath) : false;
if ($cause_logout == false) {
// an error occured - we do not change the way of storing session data
LogUtil::registerStatus($this->__('Error! Session path not writeable!'));
$storeTypeCanBeWritten = false;
}
}
if ($storeTypeCanBeWritten == true) {
System::setVar('sessionstoretofile', $sessionstoretofile);
System::setVar('sessionsavepath', $sessionsavepath);
}
if ((bool)$sessionstoretofile != (bool)System::getVar('sessionstoretofile')) {
// logout if going from one storage to another one
$cause_logout = true;
}
$gc_probability = (int)FormUtil::getPassedValue('gc_probability', 100, 'POST');
if ($gc_probability < 1 || $gc_probability > 10000) {
$gc_probability = 7;
}
System::setVar('gc_probability', $gc_probability);
$anonymoussessions = (int)FormUtil::getPassedValue('anonymoussessions', 1, 'POST');
System::setVar('anonymoussessions', $anonymoussessions);
$sessionrandregenerate = (int)FormUtil::getPassedValue('sessionrandregenerate', 1, 'POST');
System::setVar('sessionrandregenerate', $sessionrandregenerate);
$sessionregenerate = (int)FormUtil::getPassedValue('sessionregenerate', 1, 'POST');
System::setVar('sessionregenerate', $sessionregenerate);
$sessionregeneratefreq = (int)FormUtil::getPassedValue('sessionregeneratefreq', 10, 'POST');
if ($sessionregeneratefreq < 1 || $sessionregeneratefreq > 100) {
$sessionregeneratefreq = 10;
}
System::setVar('sessionregeneratefreq', $sessionregeneratefreq);
$sessionipcheck = (int)FormUtil::getPassedValue('sessionipcheck', 0, 'POST');
System::setVar('sessionipcheck', $sessionipcheck);
$sessionname = FormUtil::getPassedValue('sessionname', 'ZSID', 'POST');
if (strlen($sessionname) < 3) {
$sessionname = 'ZSID';
}
$sessioncsrftokenonetime = (int)FormUtil::getPassedValue('sessioncsrftokenonetime', 0, 'POST');
System::setVar('sessioncsrftokenonetime', $sessioncsrftokenonetime);
// cause logout if we changed session name
if ($sessionname != System::getVar('sessionname')) {
$cause_logout = true;
}
System::setVar('sessionname', $sessionname);
System::setVar('sessionstoretofile', $sessionstoretofile);
$outputfilter = FormUtil::getPassedValue('outputfilter', 0, 'POST');
System::setVar('outputfilter', $outputfilter);
$useids = (bool)FormUtil::getPassedValue('useids', 0, 'POST');
System::setVar('useids', $useids);
// create tmp directory for PHPIDS
if ($useids == 1) {
$idsTmpDir = CacheUtil::getLocalDir() . '/idsTmp';
if (!file_exists($idsTmpDir)) {
CacheUtil::clearLocalDir('idsTmp');
}
}
$idssoftblock = (bool)FormUtil::getPassedValue('idssoftblock', 1, 'POST');
System::setVar('idssoftblock', $idssoftblock);
$idsmail = (bool)FormUtil::getPassedValue('idsmail', 1, 'POST');
System::setVar('idsmail', $idsmail);
$idsfilter = FormUtil::getPassedValue('idsfilter', 'xml', 'POST');
System::setVar('idsfilter', $idsfilter);
$idsrulepath = FormUtil::getPassedValue('idsrulepath', 'config/zikula_default.xml', 'POST');
$idsrulepath = DataUtil::formatForOS($idsrulepath);
if (is_readable($idsrulepath)) {
System::setVar('idsrulepath', $idsrulepath);
} else {
LogUtil::registerError($this->__f('Error! PHPIDS rule file %s does not exist or is not readable.', $idsrulepath));
$validates = false;
}
$idsimpactthresholdone = (int)FormUtil::getPassedValue('idsimpactthresholdone', 1, 'POST');
System::setVar('idsimpactthresholdone', $idsimpactthresholdone);
$idsimpactthresholdtwo = (int)FormUtil::getPassedValue('idsimpactthresholdtwo', 10, 'POST');
System::setVar('idsimpactthresholdtwo', $idsimpactthresholdtwo);
$idsimpactthresholdthree = (int)FormUtil::getPassedValue('idsimpactthresholdthree', 25, 'POST');
System::setVar('idsimpactthresholdthree', $idsimpactthresholdthree);
$idsimpactthresholdfour = (int)FormUtil::getPassedValue('idsimpactthresholdfour', 75, 'POST');
System::setVar('idsimpactthresholdfour', $idsimpactthresholdfour);
$idsimpactmode = (int)FormUtil::getPassedValue('idsimpactmode', 1, 'POST');
System::setVar('idsimpactmode', $idsimpactmode);
$idshtmlfields = FormUtil::getPassedValue('idshtmlfields', '', 'POST');
$idshtmlfields = explode(PHP_EOL, $idshtmlfields);
$idshtmlarray = array();
foreach ($idshtmlfields as $idshtmlfield) {
$idshtmlfield = trim($idshtmlfield);
if (!empty($idshtmlfield)) {
$idshtmlarray[] = $idshtmlfield;
}
}
System::setVar('idshtmlfields', $idshtmlarray);
$idsjsonfields = FormUtil::getPassedValue('idsjsonfields', '', 'POST');
$idsjsonfields = explode(PHP_EOL, $idsjsonfields);
$idsjsonarray = array();
foreach ($idsjsonfields as $idsjsonfield) {
$idsjsonfield = trim($idsjsonfield);
if (!empty($idsjsonfield)) {
$idsjsonarray[] = $idsjsonfield;
}
}
System::setVar('idsjsonfields', $idsjsonarray);
$idsexceptions = FormUtil::getPassedValue('idsexceptions', '', 'POST');
$idsexceptions = explode(PHP_EOL, $idsexceptions);
$idsexceptarray = array();
foreach ($idsexceptions as $idsexception) {
$idsexception = trim($idsexception);
if (!empty($idsexception)) {
$idsexceptarray[] = $idsexception;
}
}
System::setVar('idsexceptions', $idsexceptarray);
// clear all cache and compile directories
ModUtil::apiFunc('Settings', 'admin', 'clearallcompiledcaches');
// the module configuration has been updated successfuly
if ($validates) {
$this->registerStatus($this->__('Done! Saved module configuration.'));
}
// we need to auto logout the user if they changed from DB to FILE
if ($cause_logout == true) {
UserUtil::logout();
$this->registerStatus($this->__('Session handling variables have changed. You must log in again.'));
$returnPage = urlencode(ModUtil::url('SecurityCenter', 'admin', 'modifyconfig'));
$this->redirect(ModUtil::url('Users', 'user', 'login', array('returnpage' => $returnPage)));
}
// This function generated no output, and so now it is complete we redirect
// the user to an appropriate page for them to carry on their work
return $this->redirect(ModUtil::url('SecurityCenter', 'admin', 'modifyconfig'));
}
/**
* Initialise Zikula.
*
* Carries out a number of initialisation tasks to get Zikula up and
* running.
*
* @param integer $stage Stage to load.
*
* @return boolean True initialisation successful false otherwise.
*/
public function onInit(GetResponseEvent $event)
{
if ($event->getRequestType() === HttpKernelInterface::SUB_REQUEST) {
return;
}
$this->dispatcher = $event->getDispatcher();
$this->stage = $stage = self::STAGE_ALL;
$coreInitEvent = new GenericEvent($this);
$coreInitEvent['request'] = $event->getRequest();
// store the load stages in a global so other API's can check whats loaded
$this->dispatcher->dispatch(CoreEvents::PREINIT, new GenericEvent($this));
// // Initialise and load configuration
// if ($stage & self::STAGE_CONFIG) {
// // error reporting
// if (!\System::isInstalling()) {
// // this is here because it depends on the config.php loading.
// $event = new GenericEvent(null, array('stage' => $stage));
// $this->dispatcher->dispatch(CoreEvents::ERRORREPORTING, $event);
// }
//
// // initialise custom event listeners from config.php settings
// $coreInitEvent->setArg('stage', self::STAGE_CONFIG);
// $this->dispatcher->dispatch(CoreEvents::INIT, $coreInitEvent);
// }
// // Check that Zikula is installed before continuing
// if (\System::getVar('installed') == 0 && !\System::isInstalling()) {
// $response = new RedirectResponse(\System::getBaseUrl().'install.php?notinstalled');
// $response->send();
// \System::shutdown();
// }
if ($stage & self::STAGE_DB) {
try {
$dbEvent = new GenericEvent();
$this->dispatcher->dispatch('doctrine.init_connection', $dbEvent);
$dbEvent = new GenericEvent($this, array('stage' => self::STAGE_DB));
$this->dispatcher->dispatch(CoreEvents::INIT, $dbEvent);
} catch (\PDOException $e) {
if (!\System::isInstalling()) {
header('HTTP/1.1 503 Service Unavailable');
require_once \System::getSystemErrorTemplate('dbconnectionerror.tpl');
\System::shutDown();
} else {
return false;
}
}
}
if ($stage & self::STAGE_TABLES) {
// Initialise dbtables
\ModUtil::initCoreVars();
\ModUtil::dbInfoLoad('SettingsModule', 'SettingsModule');
\ModUtil::dbInfoLoad('ThemeModule', 'ThemeModule');
\ModUtil::dbInfoLoad('UsersModule', 'UsersModule');
\ModUtil::dbInfoLoad('GroupsModule', 'GroupsModule');
\ModUtil::dbInfoLoad('PermissionsModule', 'PermissionsModule');
\ModUtil::dbInfoLoad('CategoriesModule', 'CategoriesModule');
if (!\System::isInstalling()) {
\ModUtil::registerAutoloaders();
}
$coreInitEvent->setArg('stage', self::STAGE_TABLES);
$this->dispatcher->dispatch(CoreEvents::INIT, $coreInitEvent);
}
if ($stage & self::STAGE_SESSIONS) {
\SessionUtil::requireSession();
$coreInitEvent->setArg('stage', self::STAGE_SESSIONS);
$this->dispatcher->dispatch(CoreEvents::INIT, $coreInitEvent);
}
// Have to load in this order specifically since we cant setup the languages until we've decoded the URL if required (drak)
// start block
if ($stage & self::STAGE_LANGS) {
$lang = \ZLanguage::getInstance();
}
if ($stage & self::STAGE_DECODEURLS) {
\System::queryStringDecode();
$coreInitEvent->setArg('stage', self::STAGE_DECODEURLS);
$this->dispatcher->dispatch(CoreEvents::INIT, $coreInitEvent);
}
if ($stage & self::STAGE_LANGS) {
$lang->setup();
$coreInitEvent->setArg('stage', self::STAGE_LANGS);
$this->dispatcher->dispatch(CoreEvents::INIT, $coreInitEvent);
}
// end block
if ($stage & self::STAGE_MODS) {
// Set compression on if desired
if (\System::getVar('UseCompression') == 1) {
//ob_start("ob_gzhandler");
}
\ModUtil::load('SecurityCenter');
$coreInitEvent->setArg('stage', self::STAGE_MODS);
$this->dispatcher->dispatch(CoreEvents::INIT, $coreInitEvent);
}
if ($stage & self::STAGE_THEME) {
// register default page vars
\PageUtil::registerVar('title');
\PageUtil::setVar('title', \System::getVar('defaultpagetitle'));
\PageUtil::registerVar('keywords', true);
\PageUtil::registerVar('stylesheet', true);
\PageUtil::registerVar('javascript', true);
\PageUtil::registerVar('jsgettext', true);
\PageUtil::registerVar('body', true);
\PageUtil::registerVar('header', true);
\PageUtil::registerVar('footer', true);
$theme = \Zikula_View_Theme::getInstance();
// set some defaults
// Metadata for SEO
$this->container['zikula_view.metatags']['description'] = \System::getVar('defaultmetadescription');
$this->container['zikula_view.metatags']['keywords'] = \System::getVar('metakeywords');
$coreInitEvent->setArg('stage', self::STAGE_THEME);
$this->dispatcher->dispatch(CoreEvents::INIT, $coreInitEvent);
}
// check the users status, if not 1 then log him out
if (\UserUtil::isLoggedIn()) {
$userstatus = \UserUtil::getVar('activated');
if ($userstatus != UsersConstant::ACTIVATED_ACTIVE) {
\UserUtil::logout();
// TODO - When getting logged out this way, the existing session is destroyed and
// then a new one is created on the reentry into index.php. The message
// set by the registerStatus call below gets lost.
\LogUtil::registerStatus(__('You have been logged out.'));
$response = new RedirectResponse(\ModUtil::url('Users', 'user', 'login'));
$response->send();
exit;
}
}
if ($stage & self::STAGE_POST && $this->stage & ~self::STAGE_POST) {
$this->dispatcher->dispatch(CoreEvents::POSTINIT, new GenericEvent($this, array('stages' => $stage)));
}
$this->dispatcher->dispatch('frontcontroller.predispatch', new GenericEvent());
}
/**
* Initialise Zikula.
*
* Carries out a number of initialisation tasks to get Zikula up and
* running.
*
* @param integer $stage Stage to load.
* @param Zikula_Request_Http $request
*
* @return boolean True initialisation successful false otherwise.
*/
public function init($stage = self::STAGE_ALL, Request $request)
{
$GLOBALS['__request'] = $request;
// hack for pre 1.5.0 - drak
$coreInitEvent = new GenericEvent($this);
// store the load stages in a global so other API's can check whats loaded
$this->stage = $this->stage | $stage;
if ($stage & self::STAGE_PRE && $this->stage & ~self::STAGE_PRE) {
ModUtil::flushCache();
System::flushCache();
$args = !System::isInstalling() ? array('lazy' => true) : array();
$this->dispatcher->dispatch('core.preinit', new GenericEvent($this, $args));
}
// Initialise and load configuration
if ($stage & self::STAGE_CONFIG) {
// for BC only. remove this code in 2.0.0
if (!System::isInstalling()) {
$this->dispatcher->dispatch('setup.errorreporting', new GenericEvent(null, array('stage' => $stage)));
}
// initialise custom event listeners from config.php settings
$coreInitEvent->setArgument('stage', self::STAGE_CONFIG);
/***************************************************
* NOTE: this event is monitored by
* \Zikula\Bundle\CoreInstallerBundle\EventListener\InstallUpgradeCheckListener
* to see if install or upgrade is needed
***************************************************/
$this->dispatcher->dispatch('core.init', $coreInitEvent);
}
if ($stage & self::STAGE_DB) {
try {
$dbEvent = new GenericEvent($this, array('stage' => self::STAGE_DB));
$this->dispatcher->dispatch('core.init', $dbEvent);
} catch (PDOException $e) {
if (!System::isInstalling()) {
header('HTTP/1.1 503 Service Unavailable');
require_once System::getSystemErrorTemplate('dbconnectionerror.tpl');
System::shutDown();
} else {
return false;
}
}
}
if ($stage & self::STAGE_TABLES) {
// Initialise dbtables
ModUtil::dbInfoLoad('ZikulaExtensionsModule', 'ZikulaExtensionsModule');
ModUtil::initCoreVars();
ModUtil::dbInfoLoad('ZikulaSettingsModule', 'ZikulaSettingsModule');
ModUtil::dbInfoLoad('ZikulaThemeModule', 'ZikulaThemeModule');
ModUtil::dbInfoLoad('ZikulaUsersModule', 'ZikulaUsersModule');
ModUtil::dbInfoLoad('ZikulaGroupsModule', 'ZikulaGroupsModule');
ModUtil::dbInfoLoad('ZikulaPermissionsModule', 'ZikulaPermissionsModule');
ModUtil::dbInfoLoad('ZikulaCategoriesModule', 'ZikulaCategoriesModule');
// Add AutoLoading for non-symfony 1.3 modules in /modules
if (!System::isInstalling()) {
ModUtil::registerAutoloaders();
}
$coreInitEvent->setArgument('stage', self::STAGE_TABLES);
$this->dispatcher->dispatch('core.init', $coreInitEvent);
}
if ($stage & self::STAGE_SESSIONS) {
// SessionUtil::requireSession();
$coreInitEvent->setArgument('stage', self::STAGE_SESSIONS);
$this->dispatcher->dispatch('core.init', $coreInitEvent);
}
// Have to load in this order specifically since we cant setup the languages until we've decoded the URL if required (drak)
// start block
if ($stage & self::STAGE_LANGS) {
$lang = ZLanguage::getInstance();
}
if ($stage & self::STAGE_DECODEURLS) {
System::queryStringDecode($request);
$coreInitEvent->setArgument('stage', self::STAGE_DECODEURLS);
$this->dispatcher->dispatch('core.init', $coreInitEvent);
}
if ($stage & self::STAGE_LANGS) {
$lang->setup($request);
$coreInitEvent->setArgument('stage', self::STAGE_LANGS);
$this->dispatcher->dispatch('core.init', $coreInitEvent);
}
// end block
if ($stage & self::STAGE_MODS) {
if (!System::isInstalling()) {
ModUtil::load('ZikulaSecurityCenterModule');
}
$coreInitEvent->setArgument('stage', self::STAGE_MODS);
$this->dispatcher->dispatch('core.init', $coreInitEvent);
}
if ($stage & self::STAGE_THEME) {
// register default page vars
PageUtil::registerVar('polyfill_features', true);
PageUtil::registerVar('title');
PageUtil::setVar('title', System::getVar('defaultpagetitle'));
PageUtil::registerVar('keywords', true);
PageUtil::registerVar('stylesheet', true);
PageUtil::registerVar('javascript', true);
PageUtil::registerVar('jsgettext', true);
PageUtil::registerVar('body', true);
PageUtil::registerVar('header', true);
PageUtil::registerVar('footer', true);
// set some defaults
// Metadata for SEO
$this->container->setParameter('zikula_view.metatags', array('description' => System::getVar('defaultmetadescription'), 'keywords' => System::getVar('metakeywords')));
$coreInitEvent->setArgument('stage', self::STAGE_THEME);
$this->dispatcher->dispatch('core.init', $coreInitEvent);
}
// check the users status, if not 1 then log him out
if (!System::isInstalling() && UserUtil::isLoggedIn()) {
$userstatus = UserUtil::getVar('activated');
if ($userstatus != Users_Constant::ACTIVATED_ACTIVE) {
UserUtil::logout();
// TODO - When getting logged out this way, the existing session is destroyed and
// then a new one is created on the reentry into index.php. The message
// set by the registerStatus call below gets lost.
LogUtil::registerStatus(__('You have been logged out.'));
System::redirect(ModUtil::url('ZikulaUsersModule', 'user', 'login'));
}
}
if ($stage & self::STAGE_POST && $this->stage & ~self::STAGE_POST) {
$this->dispatcher->dispatch('core.postinit', new GenericEvent($this, array('stages' => $stage)));
}
}
/**
* Initialise Zikula.
*
* Carries out a number of initialisation tasks to get Zikula up and
* running.
*
* @param integer $stage Stage to load.
* @param Zikula_Request_Http $request
*
* @return boolean True initialisation successful false otherwise.
*/
public function init($stage = self::STAGE_ALL, Request $request)
{
$GLOBALS['__request'] = $request;
// hack for pre 1.5.0 - drak
$coreInitEvent = new GenericEvent($this);
// store the load stages in a global so other API's can check whats loaded
$this->stage = $this->stage | $stage;
if ($stage & self::STAGE_PRE && $this->stage & ~self::STAGE_PRE) {
ModUtil::flushCache();
System::flushCache();
$args = !System::isInstalling() ? array('lazy' => true) : array();
$this->dispatcher->dispatch('core.preinit', new GenericEvent($this, $args));
}
// Initialise and load configuration
if ($stage & self::STAGE_CONFIG) {
// for BC only. remove this code in 2.0.0
if (!System::isInstalling()) {
$this->dispatcher->dispatch('setup.errorreporting', new GenericEvent(null, array('stage' => $stage)));
}
// initialise custom event listeners from config.php settings
$coreInitEvent->setArgument('stage', self::STAGE_CONFIG);
$this->dispatcher->dispatch('core.init', $coreInitEvent);
}
// create several booleans to test condition of request regrading install/upgrade
$installed = $this->getContainer()->getParameter('installed');
if ($installed) {
self::defineCurrentInstalledCoreVersion($this->getContainer());
}
$requiresUpgrade = $installed && version_compare(ZIKULACORE_CURRENT_INSTALLED_VERSION, self::VERSION_NUM, '<');
// can't use $request->get('_route') to get any of the following
// all these routes are hard-coded in xml files
$uriContainsInstall = strpos($request->getRequestUri(), '/install') !== false;
$uriContainsUpgrade = strpos($request->getRequestUri(), '/upgrade') !== false;
$uriContainsDoc = strpos($request->getRequestUri(), '/installdoc') !== false;
$uriContainsWdt = strpos($request->getRequestUri(), '/_wdt') !== false;
$uriContainsProfiler = strpos($request->getRequestUri(), '/_profiler') !== false;
$uriContainsRouter = strpos($request->getRequestUri(), '/js/routing?callback=fos.Router.setData') !== false;
$doNotRedirect = $uriContainsProfiler || $uriContainsWdt || $uriContainsRouter || $request->isXmlHttpRequest();
// check if Zikula Core is not installed
if (!$installed && !$uriContainsDoc && !$uriContainsInstall && !$doNotRedirect) {
$this->container->get('router')->getContext()->setBaseUrl($request->getBasePath());
// compensate for sub-directory installs
$url = $this->container->get('router')->generate('install');
$response = new RedirectResponse($url);
$response->send();
System::shutDown();
}
// check if Zikula Core requires upgrade
if ($requiresUpgrade && !$uriContainsDoc && !$uriContainsUpgrade && !$doNotRedirect) {
$this->container->get('router')->getContext()->setBaseUrl($request->getBasePath());
// compensate for sub-directory installs
$url = $this->container->get('router')->generate('upgrade');
$response = new RedirectResponse($url);
$response->send();
System::shutDown();
}
if (!$installed || $requiresUpgrade || $this->getContainer()->hasParameter('upgrading')) {
System::setInstalling(true);
}
if ($stage & self::STAGE_DB) {
try {
$dbEvent = new GenericEvent($this, array('stage' => self::STAGE_DB));
$this->dispatcher->dispatch('core.init', $dbEvent);
} catch (PDOException $e) {
if (!System::isInstalling()) {
header('HTTP/1.1 503 Service Unavailable');
require_once System::getSystemErrorTemplate('dbconnectionerror.tpl');
System::shutDown();
} else {
return false;
}
}
}
if ($stage & self::STAGE_TABLES) {
// Initialise dbtables
ModUtil::dbInfoLoad('ZikulaExtensionsModule', 'ZikulaExtensionsModule');
ModUtil::initCoreVars();
ModUtil::dbInfoLoad('ZikulaSettingsModule', 'ZikulaSettingsModule');
ModUtil::dbInfoLoad('ZikulaThemeModule', 'ZikulaThemeModule');
ModUtil::dbInfoLoad('ZikulaUsersModule', 'ZikulaUsersModule');
ModUtil::dbInfoLoad('ZikulaGroupsModule', 'ZikulaGroupsModule');
ModUtil::dbInfoLoad('ZikulaPermissionsModule', 'ZikulaPermissionsModule');
ModUtil::dbInfoLoad('ZikulaCategoriesModule', 'ZikulaCategoriesModule');
// Add AutoLoading for non-symfony 1.3 modules in /modules
if (!System::isInstalling()) {
ModUtil::registerAutoloaders();
}
$coreInitEvent->setArgument('stage', self::STAGE_TABLES);
$this->dispatcher->dispatch('core.init', $coreInitEvent);
}
if ($stage & self::STAGE_SESSIONS) {
// SessionUtil::requireSession();
$coreInitEvent->setArgument('stage', self::STAGE_SESSIONS);
$this->dispatcher->dispatch('core.init', $coreInitEvent);
}
// Have to load in this order specifically since we cant setup the languages until we've decoded the URL if required (drak)
// start block
if ($stage & self::STAGE_LANGS) {
$lang = ZLanguage::getInstance();
}
if ($stage & self::STAGE_DECODEURLS) {
System::queryStringDecode($request);
$coreInitEvent->setArgument('stage', self::STAGE_DECODEURLS);
$this->dispatcher->dispatch('core.init', $coreInitEvent);
}
if ($stage & self::STAGE_LANGS) {
$lang->setup($request);
$coreInitEvent->setArgument('stage', self::STAGE_LANGS);
$this->dispatcher->dispatch('core.init', $coreInitEvent);
}
// end block
if ($stage & self::STAGE_MODS) {
if (!System::isInstalling()) {
ModUtil::load('ZikulaSecurityCenterModule');
}
$coreInitEvent->setArgument('stage', self::STAGE_MODS);
$this->dispatcher->dispatch('core.init', $coreInitEvent);
}
if ($stage & self::STAGE_THEME) {
// register default page vars
PageUtil::registerVar('polyfill_features', true);
PageUtil::registerVar('title');
PageUtil::setVar('title', System::getVar('defaultpagetitle'));
PageUtil::registerVar('keywords', true);
PageUtil::registerVar('stylesheet', true);
PageUtil::registerVar('javascript', true);
PageUtil::registerVar('jsgettext', true);
PageUtil::registerVar('body', true);
PageUtil::registerVar('header', true);
PageUtil::registerVar('footer', true);
// set some defaults
// Metadata for SEO
$this->container->setParameter('zikula_view.metatags', array('description' => System::getVar('defaultmetadescription'), 'keywords' => System::getVar('metakeywords')));
$coreInitEvent->setArgument('stage', self::STAGE_THEME);
$this->dispatcher->dispatch('core.init', $coreInitEvent);
}
// check the users status, if not 1 then log him out
if (!System::isInstalling() && UserUtil::isLoggedIn()) {
$userstatus = UserUtil::getVar('activated');
if ($userstatus != Users_Constant::ACTIVATED_ACTIVE) {
UserUtil::logout();
// TODO - When getting logged out this way, the existing session is destroyed and
// then a new one is created on the reentry into index.php. The message
// set by the registerStatus call below gets lost.
LogUtil::registerStatus(__('You have been logged out.'));
System::redirect(ModUtil::url('ZikulaUsersModule', 'user', 'login'));
}
}
if ($stage & self::STAGE_POST && $this->stage & ~self::STAGE_POST) {
$this->dispatcher->dispatch('core.postinit', new GenericEvent($this, array('stages' => $stage)));
}
}
/**
* Log into a site that is currently "off" (normal logins are not allowed).
*
* Allows the administrator to access the site during maintenance.
*
* Parameters passed via GET:
* --------------------------
* None.
*
* Parameters passed via POST:
* ---------------------------
* string user The user name of the user attempting to log in.
* string pass The password of the user attempting to log in.
* boolean rememberme Whether the login session should persist.
*
* Parameters passed via SESSION:
* ------------------------------
* None.
*
* @return bool True.
*/
public function siteOffLogin()
{
// do not process if the site is enabled
$this->redirectIf(!System::getVar('siteoff', false), System::getHomepageUrl());
if ($this->request->isPost()) {
$user = $this->request->request->get('user', null);
$pass = $this->request->request->get('pass', null);
$rememberme = $this->request->request->get('rememberme', false);
} else {
throw new Zikula_Exception_Forbidden();
}
$redirectUrl = System::getHomepageUrl();
$authenticationInfo = array(
'login_id' => $user,
'pass' => $pass
);
$authenticationMethod = array(
'modname' => $this->name,
'method' => 'uname',
);
if (UserUtil::loginUsing($authenticationMethod, $authenticationInfo, $rememberme)) {
$user = UserUtil::getVars(UserUtil::getVar('uid'));
if (!SecurityUtil::checkPermission('Settings::', 'SiteOff::', ACCESS_ADMIN)) {
UserUtil::logout();
$eventArgs = array(
'authentication_method' => $authenticationMethod,
'redirecturl' => '',
);
$event = new Zikula_Event('module.users.ui.login.failed', $user, $eventArgs);
$event = $this->eventManager->notify($event);
$redirectUrl = $event->hasArg('redirecturl') ? $event->getArg('redirecturl') : $redirectUrl;
} else {
$eventArgs = array(
'authentication_method' => $authenticationMethod,
'redirecturl' => $redirectUrl,
);
$event = new Zikula_Event('module.users.ui.login.succeeded', $user, $eventArgs);
$event = $this->eventManager->notify($event);
$redirectUrl = $event->hasArg('redirecturl') ? $event->getArg('redirecturl') : $redirectUrl;
}
} else {
$eventArgs = array(
'authentication_method' => $authenticationMethod,
'authentication_info' => $authenticationInfo,
'redirecturl' => '',
);
$event = new Zikula_Event('module.users.ui.login.failed', null, $eventArgs);
$event = $this->eventManager->notify($event);
$redirectUrl = $event->hasArg('redirecturl') ? $event->getArg('redirecturl') : '';
}
$this->redirect($redirectUrl);
}
