/**
* Initializes the form.
*
* By default the action URL of the form is the current request URL, the form
* method is POST and CSRF protection will be enabled.
*
* @param string $actionUrl Action URL the form will be sent to
* @param string $method Method of the form
* @param bool $csrfProtectionEnabled Whether to enable CSRF protection for the form
*/
public function __construct($actionUrl = null, $method = HttpRequest::METHOD_POST, $csrfProtectionEnabled = true)
{
$this->attributes = new OrderedMap();
$this->setAction($actionUrl === null ? Application::getRequestHandler()->getRequest()->getUri()->toString() : $actionUrl);
$this->setMethod($method);
$this->setCsrfProtectionEnabled($csrfProtectionEnabled);
}
/**
* Checks whether the maximum inactivity time has been exceeded.
*
* Returns TRUE in case the maximum inactivity time has not been exceeded.
* Otherwise returns FALSE.
*
* @see \Ableron\Core\Session\Validators\ValidatorInterface::isValid()
*/
public function isValid(SessionEntity $session)
{
// get setting key for the timeout to use
$settingKeySessionInactivityTimeout = Application::getRequestHandler()->isFrontendRequest() ? 'session.frontend.inactivityTimeoutValidator.timeout' : 'session.backend.inactivityTimeoutValidator.timeout';
// return whether session has timed out
return $session->getLastActivityTime() > DateUtil::getCurrentUtcDateTime()->sub(Application::getConfig()->get($settingKeySessionInactivityTimeout));
}
/**
* @see \Ableron\Core\Template\Plugins\Interfaces\CompilerPluginInterface::compileOpeningTag()
*/
public function compileOpeningTag(TemplateCompiler $templateCompiler)
{
// build base URL
$actionUrl = new Uri(parent::compileOpeningTag($templateCompiler));
// add URL of current request as action source URL
$actionUrl->addQueryParameter(ABLERON_PARAM_ACTION_SOURCE_URL, StringUtil::base64UrlEncode(Application::getRequestHandler()->getRequest()->getUri()->toString()));
// add CSRF token query parameter to URL
$actionUrl->addQueryParameter(ABLERON_PARAM_CSRF_TOKEN, self::$actionUrlCsrfTokenPlaceholder);
// return final URL
return str_replace(self::$actionUrlCsrfTokenPlaceholder, '<?php echo $application::getSecurityHandler()->getCsrfProtector()->getCurrentToken(); ?>', $actionUrl->toString());
}
/**
* @see \Ableron\Core\Controller\ControllerInterface::processRequest()
*/
public function processRequest(HttpRequest $request)
{
// set request to process
$this->request = $request;
// process request
try {
$this->init();
$this->checkAccessPermissions();
$this->run();
} catch (RedirectRequiredException $e) {
Application::getResponseHandler()->sendRedirect($e->getRedirectUri());
} catch (AccessDeniedException $e) {
Application::getRequestHandler()->isFrontendRequest() ? new FrontendAccessDeniedPage($this->request) : new BackendAccessDeniedPage($this->request);
} catch (SystemException $e) {
// log exception
Application::getLogManager()->logException('Unable to process request', $e);
// stop script execution
Application::exitWithInternalServerError();
}
}
/**
* Returns an internal URL based on the current base URL and the given
* module namespace.
*
* E.g. EnvironmentUtil::getInternalUrl('/foo', 'Bar') -> http://example.com/acp/Bar/foo
*
* @param string $moduleInternalPath Path within the module
* @param string $moduleNamespace Namespace of the module to return the URL for
* @return \Ableron\Lib\Net\Uri
*/
public static function getInternalUrl(string $moduleInternalPath, string $moduleNamespace = null)
{
// get module repository
/** @var \Ableron\Modules\Core\Model\Repositories\ModuleRepository $moduleRepository */
$moduleRepository = Application::getPersistenceManager()->getRepository('ModuleEntity');
// get module
$module = $moduleRepository->findModuleByNamespace($moduleNamespace === null ? CoreModule::getNamespace() : $moduleNamespace);
// build and return URL
return new Uri(rtrim(self::getBaseUrl()->toString() . (Application::getRequestHandler()->isFrontendRequest() ? $module->getFrontendBasePath() : $module->getBackendBasePath()), '/') . $moduleInternalPath);
}
/**
* Initializes the entity.
*/
public function __construct()
{
$this->setOccurrenceTime(DateUtil::getCurrentUtcDateTime());
$this->setRequestMethod(Application::getRequestHandler()->getRequest()->getMethod());
$this->setRequestUri(Application::getRequestHandler()->getRequest()->getUri());
}
/**
* Sends a response to the client indicating a fatal system error.
*
* @return void
*/
public function sendResponseSystemError()
{
$this->sendResponse(new HttpResponse(HttpResponse::STATUS_INTERNAL_SERVER_ERROR, new InternetMediaType('text', 'html', array('charset' => 'utf-8')), file_get_contents(sprintf('%s/%s/Pages/%s/Templates/SystemErrorPage.tpl', ABLERON_MODULE_DIR, CoreModule::getNamespace(), Application::getRequestHandler()->isFrontendRequest() ? 'Frontend' : 'Backend'))));
}
/**
* Tries to find a session ID provided along the current request.
*
* Returns a session ID provided along the current request if there is one.
* Otherwise returns NULL.
*
* @return string|null
*/
protected function findSessionId()
{
// get request
$request = Application::getRequestHandler()->getRequest();
// check post parameters
if ($request->getPostParameters()->containsKey(ABLERON_PARAM_SESSION_ID)) {
return $request->getPostParameters()->get(ABLERON_PARAM_SESSION_ID);
}
// check query parameters
if ($request->getQueryParameters()->containsKey(ABLERON_PARAM_SESSION_ID)) {
return $request->getQueryParameters()->get(ABLERON_PARAM_SESSION_ID);
}
// check cookies
if ($request->getCookies()->containsKey(ABLERON_PARAM_SESSION_ID)) {
return $request->getCookies()->get(ABLERON_PARAM_SESSION_ID)->getValue();
}
// no session ID found
return null;
}
