public function testAssert() { try { CopixRequest::assert('pouet'); $this->fail('CopixRequest::assert'); } catch (CopixRequestException $e) { } try { CopixRequest::assert('element'); } catch (CopixRequestException $e) { $this->fail('CopixRequest::assert'); } }
/** * Applique les changements sur le paramètre */ public function processValid() { CopixRequest::assert('idFirst', 'idSecond', 'value'); // si la config existe bien if (CopixConfig::exists(CopixRequest::get('idFirst') . '|' . CopixRequest::get('idSecond'))) { // initialisation de variables $id = CopixRequest::get('idFirst') . '|' . CopixRequest::get('idSecond'); $params = CopixConfig::getParams(CopixRequest::get('idFirst')); $config = $params[$id]; $value = CopixRequest::get('value'); $error = false; // type int if ($config['Type'] == 'int') { // chiffre invalide if ((string) intval($value) != (string) $value) { $error = 'typeInt'; // chiffre trop petit } elseif (!is_null($config['MinValue']) && $config['MinValue'] > intval($value)) { $error = 'typeIntMin'; // chiffre trop grand } elseif (!is_null($config['MaxValue']) && $config['MaxValue'] < intval($value)) { $error = 'typeIntMax'; } // type email } elseif ($config['Type'] == 'email') { // email invalide try { CopixFormatter::getMail($value); } catch (CopixException $e) { $error = 'typeEmail'; } // e-mail trop long if (!is_null($config['MaxLength']) && strlen($value) > $config['MaxLength']) { $error = 'typeEmailMax'; } // type text } elseif ($config['Type'] == 'text') { // texte trop long if (!is_null($config['MaxLength']) && strlen($value) > $config['MaxLength']) { $error = 'typeTextMax'; } } // si il y a eu une erreur if ($error !== false) { return _arRedirect(_url('admin|parameters|', array('choiceModule' => CopixRequest::get('choiceModule'), 'editParam' => CopixRequest::get('idSecond'), 'error' => $error))); } // modification de la config CopixConfig::set($id, $value); } return _arRedirect(_url('admin|parameters|', array('choiceModule' => CopixRequest::get('choiceModule')))); }
/** * Supprime un webservice * * @return CopixActionReturn */ public function processDeleteWsService() { CopixRequest::assert('id_wsservice'); $id_wsservice = _request('id_wsservice'); $wsservice = _ioDao('wsservices')->get($id_wsservice); // si on n'a pas encore confirmé if (_request('confirm') === null) { return CopixActionGroup::process('generictools|Messages::getConfirm', array('message' => sprintf('Etes vous sûr de vouloir supprimer le webservice "%s" ?', $wsservice->name_wsservices), 'confirm' => _url('admin|deleteWsService', array('id_wsservice' => $id_wsservice, 'confirm' => 1)), 'cancel' => _url('admin|listWebServices'))); // si on a confirmé la suppression } else { _ioDao('wsservices')->delete($id_wsservice); return _arRedirect(_url('admin|listWebServices')); } }
/** * Login */ public function processIn() { //delete chartValid; /* * PATCH FOR CHARTE */ $_SESSION['chartValid'] = false; CopixRequest::assert('login', 'password'); $noCredential = _request('noCredential', false); $ssoIn = _request('sso_in', false); $config = CopixConfig::instance(); if ($noCredential && count($config->copixauth_getRegisteredUserHandlers()) > 1 && CopixConfig::get('auth|multipleConnectionHandler')) { $connected = CopixAuth::getCurrentUser()->login(array('login' => CopixRequest::get('login'), 'password' => CopixRequest::get('password'), 'append' => true)); } else { $connected = CopixAuth::getCurrentUser()->login(array('login' => CopixRequest::get('login'), 'password' => CopixRequest::get('password'), 'ssoIn' => $ssoIn)); } if ($connected) { //insert token for remember_me plugin $response = CopixAuth::getCurrentUser()->getResponses(); foreach ($response as $key => $r) { if ($r instanceof CopixUserLogResponse && $r->getResult()) { $handlername = $key; } } CopixEventNotifier::notify('login', array('login' => CopixRequest::get('login'))); if (CopixConfig::get('auth|authorizeRedirectIfOK')) { $urlReturn = CopixRequest::get('auth_url_return', _url('log|')); } else { $urlReturn = _url('log|'); } Logs::set(array('type' => 'LOG', 'message' => 'Login ok: ' . CopixRequest::get('login'))); //die ($urlReturn); /* * PATCH FOR CHARTE */ $this->user->forceReload(); if (!$this->service('charte|CharteService')->checkUserValidation()) { $this->flash->redirect = $urlReturn; return $this->go('charte|charte|valid'); } return _arRedirect($urlReturn); } if (CopixConfig::get('auth|authorizeRedirectIfNoK')) { $urlReturn = CopixRequest::get('auth_failed_url_return', _url('log|', array('failed' => 1, 'auth_url_return' => CopixRequest::get('auth_url_return')))); } else { $urlReturn = _url('log|', array('failed' => 1, 'auth_url_return' => CopixRequest::get('auth_url_return'))); } Logs::set(array('type' => 'LOG', 'message' => 'Login failed: ' . CopixRequest::get('login') . '/' . CopixRequest::get('password'))); return _arRedirect($urlReturn); }
/** * Validation du formulaire de configuration des connections * * @return CopixActionReturn */ public function processValidForm() { $arConnections = array(); $arKeyConnections = array_keys($this->_getConnections()); $arKeyConnections[] = ""; foreach ($arKeyConnections as $key => $i) { try { CopixRequest::assert('driver' . $i, 'connectionString' . $i, 'user' . $i); $connectionName = str_replace(' ', '_', CopixRequest::getAlphaNum('connectionName' . $i)); if ($connectionName == "") { $connectionName = $key; } if (in_array(_request('driver' . $i), CopixDB::getAvailableDrivers())) { $connectionString = _request('connectionString' . $i); if (_request('driver' . $i) == 'pdo_mysql' || _request('driver' . $i) == 'mysql') { if (strpos($connectionString, 'dbname=') !== 0) { $connectionString = 'dbname=' . $connectionString; } } $arConnections[$connectionName] = array('driver' => _request('driver' . $i), 'connectionString' => $connectionString, 'user' => _request('user' . $i), 'password' => _request('password' . $i), 'extra' => array(), 'default' => _request('defaultRadio') == 'default' . $i); } } catch (Exception $e) { // var_dump($e); break; } } CopixSession::set('admin|database|configure', $arConnections); $default_db = CopixRequest::get('defaultRadio') == 'nodefault' ? 'nodefault' : substr(CopixRequest::get('defaultRadio'), 7); CopixSession::set('admin|database|default', $default_db); $result = $this->_testConnections(); if (CopixRequest::get('btn') == _i18n('install.database.save') && ($result && count(CopixSession::get('admin|database|configure')) >= 1)) { if (_ioClass('DatabaseConfigurationFile')->write(CopixSession::get('admin|database|configure'), CopixRequest::get('defaultRadio'))) { CopixSession::set('admin|database|configure', null); CopixSession::set('admin|database|default', null); if (CopixRequest::get('defaultRadio') == 'nodefault') { _class('admin|admintemp')->clearTemp(); return _arRedirect(_url('admin||')); } else { return _arRedirect($this->_checkInstallFramework($default_db)); } } } if (count(CopixSession::get('admin|database|configure')) == 1) { return _arRedirect(_url('admin|database|ConfigurationForm', array('valid' => $result && count(CopixSession::get('admin|database|configure')) >= 1, 'forcedefault' => true))); } else { return _arRedirect(_url('admin|database|ConfigurationForm', array('valid' => $result && count(CopixSession::get('admin|database|configure')) >= 1))); } }
/** * Ajout d'un commentaire dans la base après vérification des droits d'écriture * et que l'on a bien la bonne session */ public function processAddComment() { //Vérifie que l'on a bien un paramètre id CopixRequest::assert('id'); if (($informations = _ioClass('commentsservices')->getEnabled(_request('id'))) === false) { throw new Exception(_i18n('comments.error.badidsession')); } //_log ('FROMPAGE: '.$informations['fromPage']); //_log ('POUR ID: '._request ('id')); //vérifie les droits d'écriture if ($informations['writeCredential'] != "") { CopixAuth::getCurrentUser()->assertCredential($informations['writeCredential']); } //Ajout du commentaire $objComment = _record('comments'); $objComment->content_comment = _request('content'); $objComment->format_comment = 'TEXT'; //aujourd'hui on ne supporte que le format text pour les commentaires $objComment->authorlogin_comment = _request('author'); $objComment->authoremail_comment = _request('mail'); $objComment->authorsite_comment = _request('site'); $objComment->page_comment = $informations['id']; $objComment->date_comment = date('YmdHis'); if (CopixConfig::get('comments|captcha') != 0) { $objComment->captcha_id = _request('captcha_id'); $objComment->captcha_answer = _request('captcha_answer'); } try { if (_request('preview') === null) { _ioDAO('comments')->insert($objComment); _ioClass('commentsservices')->removeEnabled($informations['id']); _notify('Content', array('id' => $informations['id'], 'kind' => 'comment', 'keywords' => null, 'title' => $informations['id'], 'summary' => null, 'content' => $objComment->content_comment, 'url' => $informations['fromPage'])); return _arRedirect($informations['fromPage']); } else { _ioClass('commentsservices')->updateEnabled($objComment); return _arRedirect(_url($informations['fromPage'], array('preview' => 1, 'comments' => 'list'))); } } catch (CopixDAOCheckException $e) { _ioClass('commentsservices')->updateEnabled($objComment); return _arRedirect(_url($informations['fromPage'], array('errors' => 1, 'comments' => 'list'))); } }
/** * Enregistre les droits séléctionné */ public function processRecord() { CopixRequest::assert('id_group', 'handler_group'); $bool = _request('bool', array()); foreach (_request('value', array()) as $value) { $arValue = explode('|', $value); $result = _dao('dynamiccredentialsgroups')->findBy(_daoSP()->addCondition('id_dc', '=', $arValue[0])->addCondition('id_dcv', '=', isset($arValue[1]) ? $arValue[1] : null)->addCondition('id_group', '=', _request('id_group'))->addCondition('handler_group', '=', _request('handler_group'))); if (!isset($bool[$value]) && isset($result[0])) { _dao('dynamiccredentialsgroups')->delete($result[0]->id_dcg); } elseif (isset($bool[$value]) && !isset($result[0])) { $record = _record('dynamiccredentialsgroups'); $record->id_group = _request('id_group'); $record->handler_group = _request('handler_group'); $record->id_dc = $arValue[0]; $record->id_dcv = isset($arValue[1]) ? $arValue[1] : null; _dao('dynamiccredentialsgroups')->insert($record); } } return _arRedirect(_url('auth|dynamic|list', array('id_group' => _request('id_group'), 'handler_group' => _request('handler_group'), 'url_return' => _request('url_return')))); }
/** * Fonction permettant d'afficher une exception à l'écran. * Principalement destinée à l'utilisation interne, pas nécessairement à l'utilisation depuis l'url * */ public function processException() { CopixRequest::assert('exception'); $e = _request('exception'); //Absolument impossible dans le contexte normal d'utilisation, $e est nécessairement une exception //catchée par le processus. if (!$e instanceof Exception) { return _arRedirect(_url('||')); } $ppo = new CopixPPO(); $ppo->TITLE_PAGE = _request('TITLE_PAGE', get_class($e)); switch (get_class($e)) { case 'CopixDAOCheckException': $ppo->message = sprintf('Une erreur de validation est survenue avec le message [%s]', implode(', ', $e->getErrors())); break; default: $ppo->message = $e->getMessage(); } $ppo->type = get_class($e); $ppo->file = $e->getFile(); $ppo->line = $e->getLine(); $ppo->trace = $e->getTrace(); $ppo->id = uniqid(); $ppo->urlBack = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null; switch (CopixConfig::instance()->getMode()) { case CopixConfig::DEVEL: $ppo->mode = 'DEVEL'; break; case CopixConfig::PRODUCTION: $ppo->mode = 'FORCE_INITIALISATION'; break; case CopixConfig::FORCE_INITIALISATION: $ppo->mode = 'FORCE_INITIALISATION'; break; default: $ppo->mode = 'UNKNOW'; break; } return _arPpo($ppo, 'default|exception.tpl'); }
/** * Mise à jour du formulaire d'aide simple * @access: private. * @todo Utiliser les validateurs */ private function _validFromForm(&$toUpdate) { $toCheck = array('title_sh', 'content_sh', 'page_sh', 'key_sh'); CopixRequest::assert('title_sh', 'content_sh', 'page_sh', 'key_sh'); foreach ($toCheck as $elem) { $toUpdate->{$elem} = _request($elem); } }
/** * Sauvegarde les handlers dans le fichier de configuration * * @return ActionReturn */ public function processSaveHandlers() { CopixRequest::assert('type'); $activeHandler = array(); foreach (_request('handlers', array()) as $handler) { $activeHandler[] = $handler; } _classInclude('auth|useConfigurationFile'); $configurationFile = new useConfigurationFile(_request('type')); $configurationFile->write($activeHandler); return _arRedirect(_url('admin||')); }
/** * Verouille les commentaires sur un élément */ public function processLock() { // On teste si on peut rediriger le lien CopixRequest::assert('url_return'); // On teste si on a un id if (_request('id') !== null) { $lock_status = CopixRequest::getInt('lock_status'); if ($lock_status === 0) { if (_ioDAO('commentslocked')->countBy(_daoSp()->addCondition('locked_page_comment', '=', _request('id'))) != 0) { _ioDAO('commentslocked')->deleteBy(_daoSp()->addCondition('locked_page_comment', '=', _request('id'))); } } else { $objLocked = _record('commentslocked'); $objLocked->locked_page_comment = _request('id'); _ioDAO('commentslocked')->insert($objLocked); } } return _arRedirect(_request('url_return')); }
/** * Validation des modifications apportées sur un utilisateur */ public function processValid() { //$user = new stdClass (); $user = _record('dbuser'); $user->login_dbuser = _request('login_dbuser', ''); $user->email_dbuser = _request('email_dbuser'); $errors = array(); //on vérifie si le login n'est pas déja pris $sp = _daoSp(); $sp->addCondition('login_dbuser', '=', $user->login_dbuser); if ($user->login_dbuser === '') { $errors['loginEmpty'] = 1; } if (count(_ioDAO('dbuser')->findBy($sp))) { $errors['loginNotAvailable'] = 1; } //on vérifie si un mot de passe est donné qu'ils soient bien identiques if (CopixRequest::get('password_dbuser')) { if (CopixRequest::get('password_dbuser') != CopixRequest::get('password_confirmation_dbuser')) { $errors['passwordDoNotMatch'] = 1; } else { $user->password_dbuser = md5(CopixRequest::get('password_dbuser')); } } else { //Comme c'est automatiquement un nouvel utilisateur, il est obligatoire de saisir un nouveau mot de passe. $errors['passwordEmpty'] = 1; } if (Copixconfig::get('auth|typeConfirm') == "email") { if (!$user->email_dbuser) { $errors['emailEmpty'] = 1; } else { try { CopixFormatter::getMail($user->email_dbuser); } catch (CopixException $e) { $errors['emailIsBad'] = 1; } } } if (Copixconfig::get('auth|typeConfirm') == "email") { $user->enabled_dbuser = 0; } else { $user->enabled_dbuser = 1; } //Si le module imageprotect est activé test la protection anti-spam if (CopixModule::isEnabled('antispam')) { CopixRequest::assert('confirmcode_dbuser'); CopixRequest::assert('idcode_dbuser'); $code = _request('confirmcode_dbuser'); $idCode = _request('idcode_dbuser'); // Test si le code de ssession est valide _classInclude('antispam|imageprotect'); if (!ImageProtect::getCode($idCode, $code)) { $errors['confirmCodeBad'] = 1; } } //redirige vers l'éditeur si il y a des erreurs if (count($errors) != 0) { $errors['idForm'] = uniqid(); CopixSession::set('auth|createForm', $user, $errors['idForm']); return _arRedirect(_url('auth|usersregister|edit', $errors)); } //sauvegarde de l'utilisateur _ioDAO('dbuser')->insert($user); return _arRedirect(_url('')); }
/** * Validation du groupe depuis la requête */ private function _validFromRequest() { CopixRequest::assert('caption_dbgroup'); $group = CopixSession::get('auth|group'); $group->caption_dbgroup = CopixRequest::get('caption_dbgroup'); $group->description_dbgroup = CopixRequest::get('description_dbgroup'); $group->superadmin_dbgroup = CopixRequest::get('superadmin_dbgroup', null) ? 1 : 0; $group->registered_dbgroup = CopixRequest::get('registered_dbgroup', null) ? 1 : 0; $group->public_dbgroup = CopixRequest::get('public_dbgroup', null) ? 1 : 0; CopixSession::set('auth|group', $group); }
/** * Validation des modifications apportées sur un utilisateur */ public function processValid() { CopixRequest::assert('login_dbuser'); $user = CopixSession::get('auth|user'); $user->login_dbuser = CopixRequest::get('login_dbuser'); $user->email_dbuser = CopixRequest::get('email_dbuser'); if (CopixRequest::get('enabled_dbuser') == 0) { $user->enabled_dbuser = 0; } else { $user->enabled_dbuser = 1; } CopixSession::set('auth|user', $user); //on vérifie si le login n'est pas déja pris $sp = _daoSp()->addCondition('login_dbuser', '=', $user->login_dbuser); if ($user->id_dbuser) { //l'utilisateur existe déja, on demande à vérifier l'unicité du login pour l'utilisateur courant $sp->addCondition('id_dbuser', '<>', $user->id_dbuser); } if (count(_ioDAO('dbuser')->findBy($sp))) { return _arRedirect(_url('auth|users|edit', array('loginNotAvailable' => '1'))); } //on vérifie si un mot de passe est donné qu'ils soient bien identiques if (CopixRequest::get('password_dbuser')) { if (CopixRequest::get('password_dbuser') != CopixRequest::get('password_confirmation_dbuser')) { return _arRedirect(_url('auth|users|edit', array('passwordDoNotMatch' => '1'))); } else { $user->password_dbuser = md5(CopixRequest::get('password_dbuser')); } } else { //si c'est un nouvel utilisateur, il est obligatoire de saisir un nouveau mot de passe. if (!$user->id_dbuser) { return _arRedirect(_url('auth|users|edit', array('passwordEmpty' => '1'))); } } if (!$user->email_dbuser) { return _arRedirect(_url('auth|users|edit', array('emailEmpty' => '1'))); } //sauvegarde de l'utilisateur if ($user->id_dbuser) { _ioDAO('dbuser')->update($user); } else { _ioDAO('dbuser')->insert($user); } CopixSession::set('auth|user', null); return _arRedirect(_url('auth|users|')); }