/** * Validates the supplied segments. Attempts to determine the path to * the controller. * * @access private * @param array * @return array */ function _validate_request($segments) { // the first segment is our WordPress gateway, so we remove it $gateway = array_shift($segments); if ($gateway != wpci_get_slug()) { return false; } // the second segment might be an app spec if ($segments[0] == WPCI::get_active_app()) { $this->set_app(array_shift($segments)); } // and if there's nothing else, stop validating... if (!count($segments)) { return $segments; } // Does the requested controller exist in the root folder? if (file_exists(WPCI::active_app_path() . '/controllers/' . $segments[0] . EXT)) { return $segments; } // Is the controller in a sub-folder? if (is_dir(WPCI::active_app_path() . '/controllers/' . $segments[0])) { // Set the directory and remove it from the segment array $this->set_directory($segments[0]); $segments = array_slice($segments, 1); if (count($segments) > 0) { // Does the requested controller exist in the sub-folder? if (!file_exists(WPCI::active_app_path() . '/controllers/' . $this->fetch_directory() . $segments[0] . EXT)) { wp_die("There are no controllers for <b>" . $this->fetch_directory() . $segments[0] . "</b>."); } } else { $this->set_class($this->default_controller); $this->set_method('index'); // Does the default controller exist in the sub-folder? if (!file_exists(WPCI::active_app_path() . '/controllers/' . $this->fetch_directory() . $this->default_controller . EXT)) { $this->directory = ''; return array(); } } return $segments; } // Is the requested controller // Can't find the requested controller... wp_die("There are no controllers for <b>{$segments['0']}</b>."); }
private static function execute_frontend() { global $RTR, $CI, $EXT, $BM, $URI; // set routing, triggering detection of active application (if any) $RTR->_set_routing(); $RTR->set_app(WPCI::get_active_app()); // complete CI logging log_message('debug', "Router Class Set"); // if a class was identified, try to execute it if ($RTR->fetch_class()) { $app_path = WPCI::include_controller($RTR); $BM->mark('loading_time_base_classes_end'); /* * ------------------------------------------------------ * Security check * ------------------------------------------------------ * * None of the functions in the app controller or the * loader class can be called via the URI, nor can * controller functions that begin with an underscore */ $class = $RTR->fetch_class(); $method = $RTR->fetch_method(); if (!class_exists($class)) { wp_die("I can't find <b>{$class}/{$method}</b>."); } // make sure app class is at the top of the annotations stack $ann = Annotations::get($RTR->fetch_app() . '/' . $RTR->fetch_class(), $app_path); // evaluate permissions, but only when they are specified for evaluation $user_can = true; if (count($ann->for_class('user_must') + $ann->for_class('user_can') + $ann->for_method($method, 'user_must') + $ann->for_method($method, 'user_can'))) { // first, test all user_must annotations foreach ($ann->for_class('user_must') as $cap) { if (!current_user_can($cap)) { $user_can = false; break; } } // next, test for method if ($user_can) { foreach ($ann->for_method($method, 'user_must') as $cap) { if (!current_user_can($cap)) { $user_can = false; break; } } // then, test user_can if ($user_can) { $user_can = false; foreach ($ann->for_class('user_can') as $cap) { $user_can = $user_can || current_user_can($cap); } foreach ($ann->for_method($method, 'user_can') as $cap) { $user_can = $user_can || current_user_can($cap); } } } } if ($method == 'controller' or strncmp($method, '_', 1) == 0 or in_array(strtolower($method), array_map('strtolower', get_class_methods('Controller'))) or !$user_can) { wp_die("You're not allowed to do <b>{$class}/{$method}</b>."); } /* * ------------------------------------------------------ * Is there a "pre_controller" hook? * ------------------------------------------------------ */ $EXT->_call_hook('pre_controller'); /* * ------------------------------------------------------ * Instantiate the controller and call requested method * ------------------------------------------------------ */ // Mark a start point so we can benchmark the controller $BM->mark('controller_execution_time_( ' . $class . ' / ' . $method . ' )_start'); $CI = new $class(); // add request method properties $CI->method = strtoupper($_SERVER['REQUEST_METHOD']); $is_ajax = $ann->for_class('ajax') || $ann->for_method($method, 'ajax'); $no_chrome = $ann->for_class('no_chrome') || $ann->for_method($method, 'no_chrome'); $ajax_content = null; // Is this a scaffolding request? if ($RTR->scaffolding_request === TRUE) { if ($EXT->_call_hook('scaffolding_override') === FALSE) { $CI->_ci_scaffolding(); } } else { /* * ------------------------------------------------------ * Is there a "post_controller_constructor" hook? * ------------------------------------------------------ */ $EXT->_call_hook('post_controller_constructor'); // grab the title annotation, if defined if (count($title = $ann->for_method($RTR->fetch_method(), 'title'))) { WPCI::set_title($title[0]); } // Is there a "remap" function? if (method_exists($CI, '_remap')) { $CI->_remap($method); } else { // is_callable() returns TRUE on some versions of PHP 5 for private and protected // methods, so we'll use this workaround for consistent behavior if (!in_array(strtolower($method), array_map('strtolower', get_class_methods($CI)))) { wp_die("I'm not allowed to do {$class}/{$method}."); } if (count(array_slice($URI->rsegments, 2)) > 0) { $param_list = trim(substr(preg_replace('/\\t/', '', preg_replace('/[\\n\\r]/', '', print_r(array_slice($URI->rsegments, 2), true))), 8)); } else { $param_list = ')'; } log_message('debug', "Executing {$class}/{$method}({$param_list}"); // Call the requested method. // Any URI segments present (besides the class/function) will be passed to the method for convenience if ($is_ajax || $no_chrome) { ob_start(); } call_user_func_array(array(&$CI, $method), array_slice($URI->rsegments, 2)); if ($is_ajax || $no_chrome) { $ajax_content = ob_get_clean(); } } } // Mark a benchmark end point $BM->mark('controller_execution_time_( ' . $class . ' / ' . $method . ' )_end'); /* * ------------------------------------------------------ * Is there a "post_controller" hook? * ------------------------------------------------------ */ $EXT->_call_hook('post_controller'); /* * ------------------------------------------------------ * Is there a "post_system" hook? * ------------------------------------------------------ */ $EXT->_call_hook('post_system'); /* * ------------------------------------------------------ * Close the DB connection if one exists * ------------------------------------------------------ */ if (class_exists('CI_DB') and isset($CI->db)) { $CI->db->close(); } // if this was an ajax request, then we display the output and terminate if ($is_ajax || $no_chrome) { if ($is_ajax) { header('Content-Type: application/json', true); } echo $ajax_content; $OUT->_display(); exit(0); } } }