public function cbCheckFrontendPagePermissions($context)
{
$this->initialiseCookie();
## Cookies only show up on page refresh. This flag helps in making sure the correct XML is being set
$loggedin = false;
$action = $_REQUEST['member-action'];
if (trim($action) == 'logout') {
$this->logout();
if (isset($_REQUEST['redirect'])) {
redirect($_REQUEST['redirect']);
}
redirect(URL);
} elseif (trim($action) == 'login') {
$username = Symphony::Database()->cleanValue($_REQUEST['username']);
$password = Symphony::Database()->cleanValue($_REQUEST['password']);
if ($this->login($username, $password)) {
if (isset($_REQUEST['redirect'])) {
redirect($_REQUEST['redirect']);
}
redirect(URL);
}
self::$_failed_login_attempt = true;
} else {
$loggedin = $this->isLoggedIn();
}
$this->initialiseMemberObject();
if ($loggedin && is_object($this->Member)) {
$role_data = $this->Member->getData($this->roleField());
$this->__updateSystemTimezoneOffset();
}
$role = $this->fetchRole($loggedin ? $role_data['role_id'] : 1, true);
if (!$role->canAccessPage((int) $context['page_data']['id'])) {
if ($row = Symphony::Database()->fetchRow(0, "SELECT `tbl_pages`.* FROM `tbl_pages`, `tbl_pages_types` \r\n\t\t\t\t\tWHERE `tbl_pages_types`.page_id = `tbl_pages`.id AND tbl_pages_types.`type` = '403' \r\n\t\t\t\t\tLIMIT 1")) {
$row['type'] = Symphony::Database()->fetchCol('type', "SELECT `type` FROM `tbl_pages_types` WHERE `page_id` = '" . $row['id'] . "' ");
$row['filelocation'] = PAGES . '/' . trim(str_replace('/', '_', $row['path'] . '_' . $row['handle']), '_') . '.xsl';
$context['page_data'] = $row;
return;
}
throw new SymphonyErrorPage('Please <a href="' . URL . '/symphony/login/">login</a> to view this page.', 'Forbidden', 'error', array('header' => 'HTTP/1.0 403 Forbidden'));
}
}
public function checkFrontendPagePermissions($context)
{
$this->initialiseCookie();
## Cookies only show up on page refresh. This flag helps in making sure the correct XML is being set
$loggedin = false;
$action = $_REQUEST['member-action'];
if (trim($action) == 'logout') {
$this->logout();
redirect(URL);
} elseif (isset($action['login'])) {
$username = Symphony::Database()->cleanValue($_REQUEST['username']);
$password = Symphony::Database()->cleanValue($_REQUEST['password']);
if ($this->login($username, $password)) {
if (isset($_REQUEST['redirect'])) {
redirect($_REQUEST['redirect']);
}
redirect(URL . $_SERVER['REQUEST_URI']);
}
self::$_failed_login_attempt = true;
} elseif (isset($context['env']['url']['member-token']) && preg_match('/^[a-f0-9]{8}$/', $context['env']['url']['member-token'])) {
$token = Symphony::Database()->fetchRow(0, "SELECT * FROM `tbl_members_login_tokens` WHERE `token` = '" . $context['env']['url']['member-token'] . "' LIMIT 1");
if (is_array($token) && !empty($token)) {
$entry = $this->fetchMemberFromID($token['member_id']);
$username_field_data = $entry->getData($this->usernameAndPasswordField());
$loggedin = $this->login($username_field_data['username'], $username_field_data['password'], true);
self::purgeTokens($token['member_id']);
}
} else {
$loggedin = $this->isLoggedIn();
}
$this->initialiseMemberObject();
if ($loggedin && is_object($this->Member)) {
$role_data = $this->Member->getData($this->roleField());
}
$role = $this->fetchRole($loggedin ? $role_data['role_id'] : 1, true);
if (!$role->canAccessPage((int) $context['page_data']['id'])) {
/*
Array
(
[id] => 115
[parent] => 91
[title] => New
[handle] => new
[path] => downloads
[params] => type
[data_sources] => menu
[events] => save_download
[sortorder] => 13
[type] => Array
(
)
[filelocation] => /Users/pointybeard/Sites/projects/overture/public/workspace/pages/downloads_new.xsl
)
Array
(
[id] => 136
[parent] =>
[title] => Forbidden
[handle] => forbidden
[path] =>
[params] =>
[data_sources] => menu
[events] =>
[sortorder] => 37
)
*/
if ($row = Symphony::Database()->fetchRow(0, "SELECT `tbl_pages`.* FROM `tbl_pages`, `tbl_pages_types`\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t WHERE `tbl_pages_types`.page_id = `tbl_pages`.id AND tbl_pages_types.`type` = '403'\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t LIMIT 1")) {
//redirect(URL . '/' . $row['path'] . '/' . $row['handle']);
//$page['filelocation'] = $this->resolvePageFileLocation($page['path'], $page['handle']);
//$page['type'] = $this->__fetchPageTypes($page['id']);
$row['type'] = Symphony::Database()->fetchCol('type', "SELECT `type` FROM `tbl_pages_types` WHERE `page_id` = '" . $row['id'] . "' ");
$row['filelocation'] = PAGES . '/' . trim(str_replace('/', '_', $row['path'] . '_' . $row['handle']), '_') . '.xsl';
$context['page_data'] = $row;
return;
}
$this->_Parent->customError(E_USER_ERROR, 'Forbidden', 'Please <a href="' . URL . '/symphony/login/">login</a> to view this page.', false, true, 'error', array('header' => 'HTTP/1.0 403 Forbidden'));
}
//$context['wrapper']->appendChild($this->buildXML());
}
public function checkFrontendPagePermissions($context)
{
$isLoggedIn = false;
$errors = array();
$action = null;
// Checks $_REQUEST to see if a Member Action has been requested,
// member-action['login'] and member-action['logout']/?member-action=logout
// are the only two supported at this stage.
if (isset($_REQUEST['member-action']) && is_array($_REQUEST['member-action'])) {
list($action) = array_keys($_REQUEST['member-action']);
} else {
if (isset($_REQUEST['member-action'])) {
$action = $_REQUEST['member-action'];
}
}
// Check to see a Member is already logged in.
$isLoggedIn = $this->getMemberDriver()->isLoggedIn($errors);
// Logout
if (trim($action) == 'logout') {
/**
* Fired just before a member is logged out (and page redirection),
* this delegate provides the current Member ID
*
* @delegate MembersPreLogout
* @param string $context
* '/frontend/'
* @param integer $member_id
* The Member ID of the member who is about to logged out
*/
Symphony::ExtensionManager()->notifyMembers('MembersPreLogout', '/frontend/', array('member_id' => $this->getMemberDriver()->getMemberID()));
$this->getMemberDriver()->logout();
// If a redirect is provided, redirect to that, otherwise return the user
// to the index of the site. Issue #51 & #121
if (isset($_REQUEST['redirect'])) {
redirect($_REQUEST['redirect']);
}
redirect(URL);
} else {
if (trim($action) == 'login' && !is_null($_POST['fields'])) {
// If a Member is already logged in and another Login attempt is requested
// log the Member out first before trying to login with new details.
if ($isLoggedIn) {
$this->getMemberDriver()->logout();
}
if ($this->getMemberDriver()->login($_POST['fields'])) {
/**
* Fired just after a Member has successfully logged in, this delegate
* provides the current Member ID. This delegate is fired just before
* the page redirection (if it is provided)
*
* @delegate MembersPostLogin
* @param string $context
* '/frontend/'
* @param integer $member_id
* The Member ID of the member who just logged in.
* @param Entry $member
* The Entry object of the logged in Member.
*/
Symphony::ExtensionManager()->notifyMembers('MembersPostLogin', '/frontend/', array('member_id' => $this->getMemberDriver()->getMemberID(), 'member' => $this->getMemberDriver()->getMember()));
if (isset($_POST['redirect'])) {
redirect($_POST['redirect']);
}
} else {
self::$_failed_login_attempt = true;
/**
* A failed Member login attempt
*
* @delegate MembersLoginFailure
* @param string $context
* '/frontend/'
* @param string $username
* The username of the Member who attempted to login.
*/
Symphony::ExtensionManager()->notifyMembers('MembersLoginFailure', '/frontend/', array('username' => Symphony::Database()->cleanValue($_POST['fields'][extension_Members::getFieldHandle('identity')])));
}
}
}
$this->Member->initialiseMemberObject();
$hasRoles = FieldManager::isFieldUsed(extension_Members::getFieldType('role'));
if ($isLoggedIn && $this->getMemberDriver()->getMember() instanceof Entry) {
$this->getMemberDriver()->updateSystemTimezoneOffset();
if ($hasRoles) {
$role_field = extension_Members::getField('role');
if ($role_field) {
$role_data = $this->getMemberDriver()->getMember()->getData($role_field->get('id'));
}
}
}
// If there is no role field, or a Developer is logged in, return, as Developers
// should be able to access every page. Handles Symphony 2.4 or Symphony 2.5
$isDeveloper = method_exists(Symphony::Engine(), 'Author') ? Symphony::Engine()->Author() instanceof Author && Symphony::Engine()->Author()->isDeveloper() : Symphony::Engine()->Author instanceof Author && Symphony::Engine()->Author->isDeveloper();
if (!$hasRoles || $isDeveloper) {
return;
}
$role_id = $isLoggedIn ? $role_data['role_id'] : Role::PUBLIC_ROLE;
$role = RoleManager::fetch($role_id);
if ($role instanceof Role && !$role->canAccessPage((int) $context['page_data']['id'])) {
// User has no access to this page, so look for a custom 403 page
if ($row = PageManager::fetchPageByType('403')) {
$row['type'] = PageManager::fetchPageTypes($row['id']);
$row['filelocation'] = PageManager::resolvePageFileLocation($row['path'], $row['handle']);
$context['page_data'] = $row;
return;
} else {
// No custom 403, just throw default 403
GenericExceptionHandler::$enabled = true;
Frontend::instance()->throwCustomError(__('The page you have requested has restricted access permissions.'), __('Forbidden'), Page::HTTP_STATUS_FORBIDDEN);
}
}
}
public function checkFrontendPagePermissions($context)
{
$isLoggedIn = false;
$errors = array();
// Checks $_REQUEST to see if a Member Action has been requested,
// member-action['login'] and member-action['logout']/?member-action=logout
// are the only two supported at this stage.
if (is_array($_REQUEST['member-action'])) {
list($action) = array_keys($_REQUEST['member-action']);
} else {
$action = $_REQUEST['member-action'];
}
// Check to see a Member is already logged in.
$isLoggedIn = $this->getMemberDriver()->isLoggedIn($errors);
// Logout
if (trim($action) == 'logout') {
/**
* Fired just before a member is logged out (and page redirection),
* this delegate provides the current Member ID
*
* @delegate MembersPreLogout
* @param string $context
* '/frontend/'
* @param integer $member_id
* The Member ID of the member who is about to logged out
*/
Symphony::ExtensionManager()->notifyMembers('MembersPreLogout', '/frontend/', array('member_id' => $this->getMemberDriver()->getMemberID()));
$this->getMemberDriver()->logout();
// If a redirect is provided, redirect to that, otherwise return the user
// to the index of the site. Issue #51 & #121
if (isset($_REQUEST['redirect'])) {
redirect($_REQUEST['redirect']);
}
redirect(URL);
} else {
if (trim($action) == 'login' && !is_null($_POST['fields'])) {
// If a Member is already logged in and another Login attempt is requested
// log the Member out first before trying to login with new details.
if ($isLoggedIn) {
$this->getMemberDriver()->logout();
}
if ($this->getMemberDriver()->login($_POST['fields'])) {
/**
* Fired just after a Member has successfully logged in, this delegate
* provides the current Member ID. This delegate is fired just before
* the page redirection (if it is provided)
*
* @delegate MembersPostLogin
* @param string $context
* '/frontend/'
* @param integer $member_id
* The Member ID of the member who just logged in.
* @param Entry $member
* The Entry object of the logged in Member.
*/
Symphony::ExtensionManager()->notifyMembers('MembersPostLogin', '/frontend/', array('member_id' => $this->getMemberDriver()->getMemberID(), 'member' => $this->getMemberDriver()->getMember()));
if (isset($_POST['redirect'])) {
redirect($_POST['redirect']);
}
} else {
self::$_failed_login_attempt = true;
}
}
}
$this->Member->initialiseMemberObject();
if ($isLoggedIn && $this->getMemberDriver()->getMember() instanceof Entry) {
$this->updateSystemTimezoneOffset($this->getMemberDriver()->getMemberID());
if (!is_null(extension_Members::getFieldHandle('role'))) {
$role_data = $this->getMemberDriver()->getMember()->getData(extension_Members::getField('role')->get('id'));
}
}
// If there is no role field, or a Developer is logged in, return, as Developers
// should be able to access every page.
if (is_null(extension_Members::getFieldHandle('role')) || Frontend::instance()->Author instanceof Author && Frontend::instance()->Author->isDeveloper()) {
return;
}
$role_id = $isLoggedIn ? $role_data['role_id'] : Role::PUBLIC_ROLE;
$role = RoleManager::fetch($role_id);
if ($role instanceof Role && !$role->canAccessPage((int) $context['page_data']['id'])) {
// User has no access to this page, so look for a custom 403 page
if ($row = Symphony::Database()->fetchRow(0, "\n\t\t\t\t\tSELECT `p`.*\n\t\t\t\t\tFROM `tbl_pages` as `p`\n\t\t\t\t\tLEFT JOIN `tbl_pages_types` AS `pt` ON(`p`.id = `pt`.page_id)\n\t\t\t\t\tWHERE `pt`.type = '403'\n\t\t\t\t")) {
$row['type'] = FrontendPage::fetchPageTypes($row['id']);
$row['filelocation'] = FrontendPage::resolvePageFileLocation($row['path'], $row['handle']);
$context['page_data'] = $row;
return;
} else {
// No custom 403, just throw default 403
GenericExceptionHandler::$enabled = true;
throw new SymphonyErrorPage(__('The page you have requested has restricted access permissions.'), __('Forbidden'), 'error', array('header' => 'HTTP/1.0 403 Forbidden'));
}
}
}
