/**
* Validates the supplied segments. Attempts to determine the path to
* the controller.
*
* @access private
* @param array
* @return array
*/
function _validate_request($segments)
{
// the first segment is our WordPress gateway, so we remove it
$gateway = array_shift($segments);
if ($gateway != wpci_get_slug()) {
return false;
}
// the second segment might be an app spec
if ($segments[0] == WPCI::get_active_app()) {
$this->set_app(array_shift($segments));
}
// and if there's nothing else, stop validating...
if (!count($segments)) {
return $segments;
}
// Does the requested controller exist in the root folder?
if (file_exists(WPCI::active_app_path() . '/controllers/' . $segments[0] . EXT)) {
return $segments;
}
// Is the controller in a sub-folder?
if (is_dir(WPCI::active_app_path() . '/controllers/' . $segments[0])) {
// Set the directory and remove it from the segment array
$this->set_directory($segments[0]);
$segments = array_slice($segments, 1);
if (count($segments) > 0) {
// Does the requested controller exist in the sub-folder?
if (!file_exists(WPCI::active_app_path() . '/controllers/' . $this->fetch_directory() . $segments[0] . EXT)) {
wp_die("There are no controllers for <b>" . $this->fetch_directory() . $segments[0] . "</b>.");
}
} else {
$this->set_class($this->default_controller);
$this->set_method('index');
// Does the default controller exist in the sub-folder?
if (!file_exists(WPCI::active_app_path() . '/controllers/' . $this->fetch_directory() . $this->default_controller . EXT)) {
$this->directory = '';
return array();
}
}
return $segments;
}
// Is the requested controller
// Can't find the requested controller...
wp_die("There are no controllers for <b>{$segments['0']}</b>.");
}
private static function execute_frontend()
{
global $RTR, $CI, $EXT, $BM, $URI;
// set routing, triggering detection of active application (if any)
$RTR->_set_routing();
$RTR->set_app(WPCI::get_active_app());
// complete CI logging
log_message('debug', "Router Class Set");
// if a class was identified, try to execute it
if ($RTR->fetch_class()) {
$app_path = WPCI::include_controller($RTR);
$BM->mark('loading_time_base_classes_end');
/*
* ------------------------------------------------------
* Security check
* ------------------------------------------------------
*
* None of the functions in the app controller or the
* loader class can be called via the URI, nor can
* controller functions that begin with an underscore
*/
$class = $RTR->fetch_class();
$method = $RTR->fetch_method();
if (!class_exists($class)) {
wp_die("I can't find <b>{$class}/{$method}</b>.");
}
// make sure app class is at the top of the annotations stack
$ann = Annotations::get($RTR->fetch_app() . '/' . $RTR->fetch_class(), $app_path);
// evaluate permissions, but only when they are specified for evaluation
$user_can = true;
if (count($ann->for_class('user_must') + $ann->for_class('user_can') + $ann->for_method($method, 'user_must') + $ann->for_method($method, 'user_can'))) {
// first, test all user_must annotations
foreach ($ann->for_class('user_must') as $cap) {
if (!current_user_can($cap)) {
$user_can = false;
break;
}
}
// next, test for method
if ($user_can) {
foreach ($ann->for_method($method, 'user_must') as $cap) {
if (!current_user_can($cap)) {
$user_can = false;
break;
}
}
// then, test user_can
if ($user_can) {
$user_can = false;
foreach ($ann->for_class('user_can') as $cap) {
$user_can = $user_can || current_user_can($cap);
}
foreach ($ann->for_method($method, 'user_can') as $cap) {
$user_can = $user_can || current_user_can($cap);
}
}
}
}
if ($method == 'controller' or strncmp($method, '_', 1) == 0 or in_array(strtolower($method), array_map('strtolower', get_class_methods('Controller'))) or !$user_can) {
wp_die("You're not allowed to do <b>{$class}/{$method}</b>.");
}
/*
* ------------------------------------------------------
* Is there a "pre_controller" hook?
* ------------------------------------------------------
*/
$EXT->_call_hook('pre_controller');
/*
* ------------------------------------------------------
* Instantiate the controller and call requested method
* ------------------------------------------------------
*/
// Mark a start point so we can benchmark the controller
$BM->mark('controller_execution_time_( ' . $class . ' / ' . $method . ' )_start');
$CI = new $class();
// add request method properties
$CI->method = strtoupper($_SERVER['REQUEST_METHOD']);
$is_ajax = $ann->for_class('ajax') || $ann->for_method($method, 'ajax');
$no_chrome = $ann->for_class('no_chrome') || $ann->for_method($method, 'no_chrome');
$ajax_content = null;
// Is this a scaffolding request?
if ($RTR->scaffolding_request === TRUE) {
if ($EXT->_call_hook('scaffolding_override') === FALSE) {
$CI->_ci_scaffolding();
}
} else {
/*
* ------------------------------------------------------
* Is there a "post_controller_constructor" hook?
* ------------------------------------------------------
*/
$EXT->_call_hook('post_controller_constructor');
// grab the title annotation, if defined
if (count($title = $ann->for_method($RTR->fetch_method(), 'title'))) {
WPCI::set_title($title[0]);
}
// Is there a "remap" function?
if (method_exists($CI, '_remap')) {
$CI->_remap($method);
} else {
// is_callable() returns TRUE on some versions of PHP 5 for private and protected
// methods, so we'll use this workaround for consistent behavior
if (!in_array(strtolower($method), array_map('strtolower', get_class_methods($CI)))) {
wp_die("I'm not allowed to do {$class}/{$method}.");
}
if (count(array_slice($URI->rsegments, 2)) > 0) {
$param_list = trim(substr(preg_replace('/\\t/', '', preg_replace('/[\\n\\r]/', '', print_r(array_slice($URI->rsegments, 2), true))), 8));
} else {
$param_list = ')';
}
log_message('debug', "Executing {$class}/{$method}({$param_list}");
// Call the requested method.
// Any URI segments present (besides the class/function) will be passed to the method for convenience
if ($is_ajax || $no_chrome) {
ob_start();
}
call_user_func_array(array(&$CI, $method), array_slice($URI->rsegments, 2));
if ($is_ajax || $no_chrome) {
$ajax_content = ob_get_clean();
}
}
}
// Mark a benchmark end point
$BM->mark('controller_execution_time_( ' . $class . ' / ' . $method . ' )_end');
/*
* ------------------------------------------------------
* Is there a "post_controller" hook?
* ------------------------------------------------------
*/
$EXT->_call_hook('post_controller');
/*
* ------------------------------------------------------
* Is there a "post_system" hook?
* ------------------------------------------------------
*/
$EXT->_call_hook('post_system');
/*
* ------------------------------------------------------
* Close the DB connection if one exists
* ------------------------------------------------------
*/
if (class_exists('CI_DB') and isset($CI->db)) {
$CI->db->close();
}
// if this was an ajax request, then we display the output and terminate
if ($is_ajax || $no_chrome) {
if ($is_ajax) {
header('Content-Type: application/json', true);
}
echo $ajax_content;
$OUT->_display();
exit(0);
}
}
}
