/** * Check if user-agent is a tablet PC as iPad or Andoid tablet. * * @return bool TRUE for tablet, and FALSE for else. */ public static function isMobilePadCheckByAgent() { return Rhymix\Framework\UA::isTablet(); }
/** * get a module instance and execute an action * @return ModuleObject executed module instance * */ public function procModule() { $oModuleModel = getModel('module'); $display_mode = Mobile::isFromMobilePhone() ? 'mobile' : 'view'; // If error occurred while preparation, return a message instance if ($this->error) { self::_setInputErrorToContext(); $oMessageObject = self::getModuleInstance('message', $display_mode); $oMessageObject->setError(-1); $oMessageObject->setMessage($this->error); $oMessageObject->dispMessage(); if ($this->httpStatusCode) { $oMessageObject->setHttpStatusCode($this->httpStatusCode); } return $oMessageObject; } // Get action information with conf/module.xml $xml_info = $oModuleModel->getModuleActionXml($this->module); // If not installed yet, modify act if ($this->module == "install") { if (!$this->act || !$xml_info->action->{$this->act}) { $this->act = $xml_info->default_index_act; } } // if act exists, find type of the action, if not use default index act if (!$this->act) { $this->act = $xml_info->default_index_act; } // still no act means error if (!$this->act) { $this->error = 'msg_module_is_not_exists'; $this->httpStatusCode = '404'; self::_setInputErrorToContext(); $oMessageObject = self::getModuleInstance('message', $display_mode); $oMessageObject->setError(-1); $oMessageObject->setMessage($this->error); $oMessageObject->dispMessage(); if ($this->httpStatusCode) { $oMessageObject->setHttpStatusCode($this->httpStatusCode); } return $oMessageObject; } // get type, kind $type = $xml_info->action->{$this->act}->type; $ruleset = $xml_info->action->{$this->act}->ruleset; $kind = stripos($this->act, 'admin') !== FALSE ? 'admin' : ''; if (!$kind && $this->module == 'admin') { $kind = 'admin'; } // check REQUEST_METHOD in controller if ($type == 'controller') { $allowedMethod = $xml_info->action->{$this->act}->method; if (!$allowedMethod) { $allowedMethodList[0] = 'POST'; } else { $allowedMethodList = explode('|', strtoupper($allowedMethod)); } if (!in_array(strtoupper($_SERVER['REQUEST_METHOD']), $allowedMethodList)) { $this->error = "msg_invalid_request"; $oMessageObject = self::getModuleInstance('message', $display_mode); $oMessageObject->setError(-1); $oMessageObject->setMessage($this->error); $oMessageObject->dispMessage(); return $oMessageObject; } } // check CSRF for non-GET (POST, PUT, etc.) actions if (Context::getRequestMethod() !== 'GET' && Context::isInstalled()) { if ($xml_info->action->{$this->act} && $xml_info->action->{$this->act}->check_csrf !== 'false' && !checkCSRF()) { $this->_setInputErrorToContext(); $this->error = 'msg_invalid_request'; $oMessageObject = ModuleHandler::getModuleInstance('message', $display_mode); $oMessageObject->setError(-1); $oMessageObject->setMessage($this->error); $oMessageObject->dispMessage(); return $oMessageObject; } } if ($this->module_info->use_mobile != "Y") { Mobile::setMobile(FALSE); } $logged_info = Context::get('logged_info'); // if(type == view, and case for using mobilephone) if ($type == "view" && Mobile::isFromMobilePhone() && Context::isInstalled()) { $orig_type = "view"; $type = "mobile"; // create a module instance $oModule = self::getModuleInstance($this->module, $type, $kind); if (!is_object($oModule) || !method_exists($oModule, $this->act)) { $type = $orig_type; Mobile::setMobile(FALSE); $oModule = self::getModuleInstance($this->module, $type, $kind); } } else { // create a module instance $oModule = self::getModuleInstance($this->module, $type, $kind); } if (!is_object($oModule)) { self::_setInputErrorToContext(); $oMessageObject = self::getModuleInstance('message', $display_mode); $oMessageObject->setError(-1); $oMessageObject->setMessage($this->error); $oMessageObject->dispMessage(); if ($this->httpStatusCode) { $oMessageObject->setHttpStatusCode($this->httpStatusCode); } return $oMessageObject; } // If there is no such action in the module object if (!isset($xml_info->action->{$this->act}) || !method_exists($oModule, $this->act)) { if (!Context::isInstalled()) { self::_setInputErrorToContext(); $this->error = 'msg_invalid_request'; $oMessageObject = self::getModuleInstance('message', $display_mode); $oMessageObject->setError(-1); $oMessageObject->setMessage($this->error); $oMessageObject->dispMessage(); if ($this->httpStatusCode) { $oMessageObject->setHttpStatusCode($this->httpStatusCode); } return $oMessageObject; } $forward = NULL; // 1. Look for the module with action name if (preg_match('/^([a-z]+)([A-Z])([a-z0-9\\_]+)(.*)$/', $this->act, $matches)) { $module = strtolower($matches[2] . $matches[3]); $xml_info = $oModuleModel->getModuleActionXml($module); if ($xml_info->action->{$this->act} && (stripos($this->act, 'admin') !== FALSE || $xml_info->action->{$this->act}->standalone != 'false')) { $forward = new stdClass(); $forward->module = $module; $forward->type = $xml_info->action->{$this->act}->type; $forward->ruleset = $xml_info->action->{$this->act}->ruleset; $forward->act = $this->act; } else { $this->error = 'msg_invalid_request'; $oMessageObject = self::getModuleInstance('message', $display_mode); $oMessageObject->setError(-1); $oMessageObject->setMessage($this->error); $oMessageObject->dispMessage(); return $oMessageObject; } } if (!$forward) { $forward = $oModuleModel->getActionForward($this->act); } if ($forward->module && $forward->type && $forward->act && $forward->act == $this->act) { $kind = stripos($forward->act, 'admin') !== FALSE ? 'admin' : ''; $type = $forward->type; $ruleset = $forward->ruleset; $tpl_path = $oModule->getTemplatePath(); $orig_module = $oModule; $xml_info = $oModuleModel->getModuleActionXml($forward->module); // SECISSUE also check foward act method // check REQUEST_METHOD in controller if ($type == 'controller') { $allowedMethod = $xml_info->action->{$forward->act}->method; if (!$allowedMethod) { $allowedMethodList[0] = 'POST'; } else { $allowedMethodList = explode('|', strtoupper($allowedMethod)); } if (!in_array(strtoupper($_SERVER['REQUEST_METHOD']), $allowedMethodList)) { $this->error = "msg_invalid_request"; $oMessageObject = self::getModuleInstance('message', $display_mode); $oMessageObject->setError(-1); $oMessageObject->setMessage($this->error); $oMessageObject->dispMessage(); return $oMessageObject; } } // check CSRF for non-GET (POST, PUT, etc.) actions if (Context::getRequestMethod() !== 'GET' && Context::isInstalled()) { if ($xml_info->action->{$this->act} && $xml_info->action->{$this->act}->check_csrf !== 'false' && !checkCSRF()) { $this->_setInputErrorToContext(); $this->error = 'msg_invalid_request'; $oMessageObject = ModuleHandler::getModuleInstance('message', $display_mode); $oMessageObject->setError(-1); $oMessageObject->setMessage($this->error); $oMessageObject->dispMessage(); return $oMessageObject; } } if ($type == "view" && Mobile::isFromMobilePhone()) { $orig_type = "view"; $type = "mobile"; // create a module instance $oModule = self::getModuleInstance($forward->module, $type, $kind); if (!is_object($oModule) || !method_exists($oModule, $this->act)) { $type = $orig_type; Mobile::setMobile(FALSE); $oModule = self::getModuleInstance($forward->module, $type, $kind); } } else { $oModule = self::getModuleInstance($forward->module, $type, $kind); } if (!is_object($oModule)) { self::_setInputErrorToContext(); $oMessageObject = self::getModuleInstance('message', $display_mode); $oMessageObject->setError(-1); $oMessageObject->setMessage('msg_module_is_not_exists'); $oMessageObject->dispMessage(); if ($this->httpStatusCode) { $oMessageObject->setHttpStatusCode($this->httpStatusCode); } return $oMessageObject; } if ($this->module == "admin" && $type == "view") { if ($logged_info->is_admin == 'Y') { if ($this->act != 'dispLayoutAdminLayoutModify') { $oAdminView = getAdminView('admin'); $oAdminView->makeGnbUrl($forward->module); $oModule->setLayoutPath("./modules/admin/tpl"); $oModule->setLayoutFile("layout.html"); } } else { self::_setInputErrorToContext(); $this->error = 'admin.msg_is_not_administrator'; $oMessageObject = self::getModuleInstance('message', $display_mode); $oMessageObject->setError(-1); $oMessageObject->setMessage($this->error); $oMessageObject->dispMessage(); return $oMessageObject; } } if ($kind == 'admin') { $grant = $oModuleModel->getGrant($this->module_info, $logged_info); if (!$grant->manager) { self::_setInputErrorToContext(); $this->error = 'admin.msg_is_not_administrator'; $oMessageObject = self::getModuleInstance('message', $display_mode); $oMessageObject->setError(-1); $oMessageObject->setMessage($this->error); $oMessageObject->dispMessage(); return $oMessageObject; } else { if (!$grant->is_admin && $this->module != $this->orig_module->module && $xml_info->permission->{$this->act} != 'manager') { self::_setInputErrorToContext(); $this->error = 'admin.msg_is_not_administrator'; $oMessageObject = self::getModuleInstance('message', $display_mode); $oMessageObject->setError(-1); $oMessageObject->setMessage($this->error); $oMessageObject->dispMessage(); return $oMessageObject; } } } } else { if ($xml_info->default_index_act && method_exists($oModule, $xml_info->default_index_act)) { $this->act = $xml_info->default_index_act; } else { $this->error = 'msg_invalid_request'; $oModule->setError(-1); $oModule->setMessage($this->error); return $oModule; } } } // ruleset check... if (!empty($ruleset)) { $rulesetModule = $forward->module ? $forward->module : $this->module; $rulesetFile = $oModuleModel->getValidatorFilePath($rulesetModule, $ruleset, $this->mid); if (!empty($rulesetFile)) { if ($_SESSION['XE_VALIDATOR_ERROR_LANG']) { $errorLang = $_SESSION['XE_VALIDATOR_ERROR_LANG']; foreach ($errorLang as $key => $val) { Context::setLang($key, $val); } unset($_SESSION['XE_VALIDATOR_ERROR_LANG']); } $Validator = new Validator($rulesetFile); $result = $Validator->validate(); if (!$result) { $lastError = $Validator->getLastError(); $returnUrl = Context::get('error_return_url'); $errorMsg = $lastError['msg'] ? $lastError['msg'] : 'validation error'; //for xml response $oModule->setError(-1); $oModule->setMessage($errorMsg); //for html redirect $this->error = $errorMsg; $_SESSION['XE_VALIDATOR_ERROR'] = -1; $_SESSION['XE_VALIDATOR_MESSAGE'] = $this->error; $_SESSION['XE_VALIDATOR_MESSAGE_TYPE'] = 'error'; $_SESSION['XE_VALIDATOR_RETURN_URL'] = $returnUrl; $_SESSION['XE_VALIDATOR_ID'] = Context::get('xe_validator_id'); self::_setInputValueToSession(); return $oModule; } } } $oModule->setAct($this->act); $this->module_info->module_type = $type; $oModule->setModuleInfo($this->module_info, $xml_info); $skipAct = array('dispEditorConfigPreview' => 1, 'dispLayoutPreviewWithModule' => 1); $db_use_mobile = Mobile::isMobileEnabled(); $tablet_use = Rhymix\Framework\UA::isTablet(); $config_tablet_use = config('mobile.tablets'); if ($type == "view" && $this->module_info->use_mobile == "Y" && Mobile::isMobileCheckByAgent() && !isset($skipAct[Context::get('act')]) && $db_use_mobile === true && ($tablet_use === true && $config_tablet_use === false) === false) { global $lang; $header = '<style>div.xe_mobile{opacity:0.7;margin:1em 0;padding:.5em;background:#333;border:1px solid #666;border-left:0;border-right:0}p.xe_mobile{text-align:center;margin:1em 0}a.xe_mobile{color:#ff0;font-weight:bold;font-size:24px}@media only screen and (min-width:500px){a.xe_mobile{font-size:15px}}</style>'; $footer = '<div class="xe_mobile"><p class="xe_mobile"><a class="xe_mobile" href="' . getUrl('m', '1') . '">' . $lang->msg_pc_to_mobile . '</a></p></div>'; Context::addHtmlHeader($header); Context::addHtmlFooter($footer); } if ($type == "view" && $kind != 'admin') { $module_config = $oModuleModel->getModuleConfig('module'); if ($module_config->htmlFooter) { Context::addHtmlFooter($module_config->htmlFooter); } if ($module_config->siteTitle) { if (!Context::getBrowserTitle()) { Context::setBrowserTitle($module_config->siteTitle); } } } // if failed message exists in session, set context self::_setInputErrorToContext(); $procResult = $oModule->proc(); $methodList = array('XMLRPC' => 1, 'JSON' => 1, 'JS_CALLBACK' => 1); if (!$oModule->stop_proc && !isset($methodList[Context::getRequestMethod()])) { $error = $oModule->getError(); $message = $oModule->getMessage(); $messageType = $oModule->getMessageType(); $redirectUrl = $oModule->getRedirectUrl(); if (!$procResult) { $this->error = $message; if (!$redirectUrl && Context::get('error_return_url')) { $redirectUrl = Context::get('error_return_url'); } self::_setInputValueToSession(); } if ($error != 0) { $_SESSION['XE_VALIDATOR_ERROR'] = $error; } if ($validator_id = Context::get('xe_validator_id')) { $_SESSION['XE_VALIDATOR_ID'] = $validator_id; } if ($message != 'success') { $_SESSION['XE_VALIDATOR_MESSAGE'] = $message; $_SESSION['XE_VALIDATOR_MESSAGE_TYPE'] = $messageType; } if (Context::get('xeVirtualRequestMethod') != 'xml' && $redirectUrl) { $_SESSION['XE_VALIDATOR_RETURN_URL'] = $redirectUrl; } } unset($logged_info); return $oModule; }