public function switchAction() { $csrfForm = new Omeka_Form_SessionCsrf(); if (!$this->getRequest()->isPost() || !$csrfForm->isValid($_POST)) { $this->_helper->flashMessenger(__('Invalid form submission.'), 'error'); $this->_helper->redirector('browse'); return; } $themeName = $this->_getParam(Theme::PUBLIC_THEME_OPTION); // Theme names should be alphanumeric(-ish) (prevent security flaws). if (preg_match('/[^a-z0-9\\-_]/i', $themeName)) { $this->_helper->flashMessenger(__('You have chosen an illegal theme name. Please select another theme.'), 'error'); return; } $theme = Theme::getTheme($themeName); $minVer = $theme->omeka_minimum_version; if (!empty($minVer) && version_compare(OMEKA_VERSION, $theme->omeka_minimum_version, '<')) { $this->_helper->flashMessenger(__('This theme requires a newer version of Omeka (%s).', $minVer), 'error'); $this->_helper->redirector('browse'); return; } // Set the public theme option according to the form post. set_option(Theme::PUBLIC_THEME_OPTION, $themeName); if (!Theme::getOptions($themeName) && ($configForm = new Omeka_Form_ThemeConfiguration(array('themeName' => $themeName)))) { Theme::setOptions($themeName, $configForm->getValues()); } $this->_helper->flashMessenger(__('The theme has been successfully changed.'), 'success'); $this->_helper->redirector('browse'); }
public function editAction() { $elementSet = $this->_helper->db->findById(); $db = $this->_helper->db; $csrf = new Omeka_Form_SessionCsrf(); // Do not process the item type element set. if (ElementSet::ITEM_TYPE_NAME == $elementSet->name) { throw new Omeka_Controller_Exception_403(); } $this->view->element_set = $elementSet; $this->view->csrf = $csrf; // Handle a submitted edit form. if ($this->getRequest()->isPost()) { if (!$csrf->isValid($_POST)) { $this->_helper->_flashMessenger(__('There was an error on the form. Please try again.'), 'error'); return; } // Delete existing element order to prevent duplicate indices. $db->getDb()->update($db->getDb()->Element, array('order' => null), array('element_set_id = ?' => $this->getRequest()->getParam('id'))); // Update the elements. try { $elements = $this->getRequest()->getPost('elements'); foreach ($elements as $id => $element) { $elementRecord = $db->getTable('Element')->find($id); $elementRecord->comment = trim($element['comment']); $elementRecord->order = $element['order'] ? $element['order'] : null; $elementRecord->save(); } $this->_helper->flashMessenger(__('The element set was successfully changed!'), 'success'); $this->_helper->redirector('index'); } catch (Omeka_Validate_Exception $e) { $this->_helper->flashMessenger($e); } } }
/** * Action for main contribution form. */ public function contributeAction() { $this->_captcha = $this->_setupCaptcha(); $csrf = new Omeka_Form_SessionCsrf(); $this->view->csrf = $csrf; if (!empty($_POST)) { if (!$csrf->isValid($_POST)) { $this->_helper->_flashMessenger(__('There was an error on the form. Please try again.'), 'error'); $typeId = null; if (isset($_POST['contribution_type']) && ($postedType = $_POST['contribution_type'])) { $typeId = $postedType; } else { if ($defaultType = get_option('contribution_default_type')) { $typeId = $defaultType; } } $this->_setupContributeSubmit($typeId); return; } if ($this->_processForm($_POST)) { $route = $this->getFrontController()->getRouter()->getCurrentRouteName(); $this->_helper->_redirector->gotoRoute(array('action' => 'thankyou'), $route); } else { $typeId = null; if (isset($_POST['contribution_type']) && ($postedType = $_POST['contribution_type'])) { $typeId = $postedType; } else { if ($defaultType = get_option('contribution_default_type')) { $typeId = $defaultType; } } if ($this->_captcha) { $this->view->captchaScript = $this->_captcha->render(new Zend_View()); } $this->_setupContributeSubmit($typeId); if (isset($this->_profile) && !$this->_profile->exists()) { $this->_helper->flashMessenger($this->_profile->getErrors(), 'error'); return; } } } else { if ($this->_captcha) { $this->view->captchaScript = $this->_captcha->render(new Zend_View()); } $defaultType = get_option('contribution_default_type'); $this->_setupContributeSubmit($defaultType); } }
public function renameAjaxAction() { $csrf = new Omeka_Form_SessionCsrf(); $oldTagId = $_POST['id']; $oldTag = $this->_helper->db->findById($oldTagId); $oldName = $oldTag->name; $newName = trim($_POST['value']); $oldTag->name = $newName; $this->_helper->viewRenderer->setNoRender(); if ($csrf->isValid($_POST) && $oldTag->save(false)) { $this->getResponse()->setBody($newName); } else { $this->getResponse()->setHttpResponseCode(500); $this->getResponse()->setBody($oldName); } }
public function addAction() { $form = new ArchiveFolder_Form_Add(); $form->setAction($this->_helper->url('add')); $this->view->form = $form; // From parent::addAction(), to allow to set parameters as array. $class = $this->_helper->db->getDefaultModelName(); $varName = $this->view->singularize($class); if ($this->_autoCsrfProtection) { $csrf = new Omeka_Form_SessionCsrf(); $this->view->csrf = $csrf; } $record = new $class(); if ($this->getRequest()->isPost()) { if ($this->_autoCsrfProtection && !$csrf->isValid($_POST)) { $this->_helper->_flashMessenger(__('There was an error on the form. Please try again.'), 'error'); $this->view->{$varName} = $record; return; } // Specific is here. if (!$form->isValid($this->getRequest()->getPost())) { $this->_helper->_flashMessenger(__('There was an error on the form. Please try again.'), 'error'); $this->view->{$varName} = $record; return; } $record->setPostData($_POST); if ($record->save(false)) { $successMessage = $this->_getAddSuccessMessage($record); if ($successMessage != '') { $this->_helper->flashMessenger($successMessage, 'success'); } // Save main options. set_option('archive_folder_unreferenced_files', $record->getParameter('unreferenced_files')); set_option('archive_folder_identifier_field', $record->getParameter('identifier_field')); $this->_redirectAfterAdd($record); } else { $this->_helper->flashMessenger($record->getErrors()); } } $this->view->{$varName} = $record; }
/** * Similar to 'add' action, except this requires a pre-existing record. * * Every request to this action must pass a record ID in the 'id' parameter. * * @uses Omeka_Controller_Action_Helper_Db::getDefaultModelName() * @uses Omeka_Controller_Action_Helper_Db::findById() * @uses self::_getEditSuccessMessage() * @uses self::_redirectAfterEdit() */ public function editAction() { $varName = $this->view->singularize($this->_helper->db->getDefaultModelName()); $record = $this->_helper->db->findById(); if ($this->_autoCsrfProtection) { $csrf = new Omeka_Form_SessionCsrf(); $this->view->csrf = $csrf; } if ($this->getRequest()->isPost()) { if ($this->_autoCsrfProtection && !$csrf->isValid($_POST)) { $this->_helper->_flashMessenger(__('There was an error on the form. Please try again.'), 'error'); $this->view->{$varName} = $record; return; } $record->setPostData($_POST); if ($record->save(false)) { $successMessage = $this->_getEditSuccessMessage($record); if ($successMessage != '') { $this->_helper->flashMessenger($successMessage, 'success'); } $this->_redirectAfterEdit($record); } else { $this->_helper->flashMessenger($record->getErrors()); } } $this->view->{$varName} = $record; }
public function editApiAction() { $keyTable = $this->_helper->db->getTable('Key'); $csrf = new Omeka_Form_SessionCsrf(); $this->view->api_resources = Omeka_Controller_Plugin_Api::getApiResources(); $this->view->keys = $keyTable->findAll(); $this->view->csrf = $csrf; // Handle a form submission if ($this->getRequest()->isPost()) { if (!$csrf->isValid($_POST)) { $this->_helper->_flashMessenger(__('There was an error on the form. Please try again.'), 'error'); return; } set_option('api_enable', (bool) $_POST['api_enable']); set_option('api_filter_element_texts', (bool) $_POST['api_filter_element_texts']); set_option('api_per_page', (int) $_POST['api_per_page']); $this->_helper->flashMessenger(__('The API configuration was successfully changed!'), 'success'); } }
/** * Action to uninstall a plugin * * @return void */ public function uninstallAction() { if (!$this->getRequest()->isPost()) { return $this->_forward('method-not-allowed', 'error'); } $this->_helper->redirector('index'); $plugin = $this->_getPluginByName(); if (!$plugin) { return; } // Check to see if the plugin exists and is installed. if (!$plugin->isInstalled()) { $this->_helper->flashMessenger(__("The plugin could not be found in the '%s' directory!", $plugin->getDirectoryName()), 'error'); return; } $csrf = new Omeka_Form_SessionCsrf(); // Confirm the uninstall. if (!$this->_getParam('confirm')) { if ($this->_getParam('uninstall-confirm')) { $this->_helper->flashMessenger(__("You must confirm the uninstall before proceeding."), 'error'); } // Call the append to uninstall message hook for the specific // plugin, if it exists. $message = get_specific_plugin_hook_output($plugin, 'uninstall_message'); $this->view->assign(compact('plugin', 'message', 'csrf')); // Cancel the redirect here. $this->getResponse()->clearHeader('Location')->setHttpResponseCode(200); $this->render('confirm-uninstall'); } else { if (!$csrf->isValid($_POST)) { $this->_helper->_flashMessenger(__('There was an error on the form. Please try again.'), 'error'); return; } // Attempt to uninstall the plugin. try { $this->_pluginInstaller->uninstall($plugin); $this->_helper->flashMessenger(__("The %s plugin was successfully uninstalled!", $plugin->getDirectoryName()), 'success'); } catch (Omeka_Plugin_Installer_Exception $e) { $this->_helper->flashMessenger(__("The following error occurred while uninstalling the %s plugin: ", $plugin->getDirectoryName()) . $e->getMessage(), 'error'); } catch (Omeka_Plugin_Loader_Exception $e) { $this->_helper->flashMessenger(__("The following error occurred while uninstalling the %s plugin: ", $plugin->getDirectoryName()) . $e->getMessage(), 'error'); } } }