/**
* Handles the rest request (if route is rest).
* @param Request $request
* @param array $cookie
* @return Response|\PHPixie\Response
*/
public function handleRequest(Request $request, $cookie = [])
{
$this->request = $request;
$this->response = $this->pixie->response();
try {
$this->doHandleRequest($cookie);
} catch (\Exception $e) {
$this->response = $this->handleException($e);
}
return $this->response;
}
public static function sendAllProductsAvailableInOrderNotification(Pixie $pixie, Order $order)
{
$emailView = $pixie->view('order/all_products_available_email');
$emailView->order = $order;
$params = $pixie->config->get('parameters') ?: [];
$robotEmail = $params['robot_email'] ?: '*****@*****.**';
$emailView->siteUrl = $_SERVER['HTTP_HOST'] ? 'http://' . $_SERVER['HTTP_HOST'] : $params['host'];
try {
$pixie->email->send($order->customer_email, $robotEmail, 'Вы можете оплатить ваш заказ №' . $order->uid . ' - evolveskateboards.ru', $emailView->render(), true);
} catch (\Swift_SwiftException $e) {
}
}
/**
* @return bool
*/
public function isValid()
{
if (!$this->loaded) {
return false;
}
$vuln = $this->pixie->getVulnService()->getField('photo');
if (is_array($vuln) && in_array('ArbitraryFileUpload', $vuln)) {
return true;
}
$ext = $this->getExtension();
if (!in_array($ext, $this->params['extensions'])) {
return false;
}
if (count($this->params['types'])) {
if (in_array('image', $this->params['types'])) {
try {
$size = getimagesize($this->getTmpName(), $imageInfo);
} catch (\Exception $e) {
$size = false;
}
if ($size === false || $size[0] == 0 || $size[1] == 0) {
return false;
}
}
}
return true;
}
protected function getVulns()
{
$service = $this->pixie->getVulnService();
if (!$service) {
return [];
}
return $service->getVulnerabilities();
}
public static function sendOrderCreatedNotificationToAdmin(Pixie $pixie, Order $order)
{
$parameters = $pixie->config->get('parameters') ?: [];
$robotEmail = $parameters['robot_email'] ?: '*****@*****.**';
$domain = preg_replace('#^https?://#', '', $parameters['host']);
$adminEmails = $parameters['admin_email'] ?: [];
$adminEmails = is_array($adminEmails) ? $adminEmails : [$adminEmails];
$emailView = $pixie->view('order/order_created_admin_email');
$emailView->order = $order;
$address = $order->orderAddress->find_all()->as_array();
$emailView->address = $address[0];
$emailView->siteUrl = $_SERVER['HTTP_HOST'] ? 'http://' . $_SERVER['HTTP_HOST'] : $parameters['host'];
foreach ($adminEmails as $adminEmail) {
try {
$pixie->email->send($adminEmail, $robotEmail, 'Оформлен заказ №' . $order->uid . ' - ' . $domain, $emailView->render(), false);
} catch (\Swift_SwiftException $e) {
}
}
}
public static function createController($controllerName, Request $request, Pixie $pixie, $isSubRequest = false)
{
if (!$controllerName || $controllerName == 'Default') {
$className = $request->param('namespace', $pixie->app_namespace) . 'Rest\\NoneController';
} else {
$className = $request->param('namespace', $pixie->app_namespace) . 'Rest\\Controller\\' . $controllerName;
}
if (!class_exists($className)) {
if (!in_array($controllerName, $pixie->restService->getExcludedModels()) && class_exists($pixie->app_namespace . 'Model\\' . $controllerName)) {
$className = $request->param('namespace', $pixie->app_namespace) . 'Rest\\Controller';
} else {
throw new NotFoundException();
}
}
$controller = $pixie->controller($className);
$controller->request = $request;
$controller->setIsSubRequest($isSubRequest);
// Inject model into the controller.
if (!$controller->getModelName()) {
$controller->setModelName($controllerName);
}
return $controller;
}
/**
* Checks that user is authenticated.
* @param PreActionEvent $event
* @throws \Exception
*/
public function authenticationListener(PreActionEvent $event)
{
$type = trim(strtolower($this->pixie->config->get('rest.auth.type')));
$type = $type ?: 'basic';
if ($this->pixie->getParameter('rest.auth.session') && $event->getRequest()->param('controller') != 'auth') {
try {
$this->getAuthFactory()->get('session')->setController($event->getController())->authenticate();
// If logged in - exit
if ($event->getController()->getUser()) {
return;
}
} catch (\Exception $e) {
}
}
$this->getAuthFactory()->get($type)->setController($event->getController())->authenticate();
}
/**
* Constructs an VulnInjection instance for the specified configuration
*
* @param Pixie $pixie Pixie dependency container
* @return VulnInjection
*/
public function __construct($pixie)
{
$this->pixie = $pixie;
$pixie->assets_dirs[] = dirname(dirname(dirname(__FILE__))) . '/assets/';
$pixie->addInstance('annotationReader', new AnnotationReader($pixie));
}
public function execute()
{
if ($this->processed) {
return;
}
$this->pixie->session->get();
if ($this->pixie->getParameter('parameters.use_external_dir')) {
if ($this->removeOld) {
if ($this->modifyUser) {
$this->user->photo = '';
}
}
if ($this->picture->isLoaded()) {
$uploadDir = $this->pixie->getParameter('parameters.user_pictures_external_dir');
$uploadPath = $uploadDir . "/sess_" . session_id() . "_uploadto";
if (!file_exists($uploadPath) || !is_dir($uploadPath)) {
mkdir($uploadPath, 0777, true);
}
$photoName = $this->generatePhotoName($this->picture);
if ($this->pixie->getParameter('parameters.use_perl_upload')) {
$scriptName = $this->pixie->isWindows() ? 'uploadwin.pl' : 'uploadux.pl';
$headers = $this->picture->upload('http' . ($_SERVER['HTTPS'] == 'on' ? 's' : '') . '://' . $_SERVER['HTTP_HOST'] . '/upload/' . $scriptName, $photoName);
if ($headers['X-Created-Filename']) {
/** @var File $newFile */
$newFile = $this->pixie->orm->get('file');
$newFile->path = $headers['X-Created-Filename'];
$newFile->user_id = $this->user->id();
$newFile->save();
$this->result = $newFile->id();
if ($this->modifyUser) {
$this->user->photo = $newFile->id();
}
}
} else {
$uniqueUploadPath = $uploadPath . '/' . substr(sha1(time() . $this->picture->getName()), 0, 2);
if (!file_exists($uniqueUploadPath) || !is_dir($uniqueUploadPath)) {
mkdir($uniqueUploadPath, 0777, true);
}
$newPhotoPath = $uniqueUploadPath . '/' . $photoName;
$this->picture->move($newPhotoPath);
/** @var File $newFile */
$newFile = $this->pixie->orm->get('file');
$newFile->path = $newPhotoPath;
$newFile->user_id = $this->user->id();
$newFile->save();
$this->result = $newFile->id();
if ($this->modifyUser) {
$this->user->photo = $newFile->id();
}
}
}
} else {
$relativePath = $this->pixie->getParameter('parameters.user_pictures_path');
$pathDelimiter = preg_match('|^[/\\\\]|', $relativePath) ? '' : DIRECTORY_SEPARATOR;
$photoPath = preg_replace('#/+$#i', '', $this->pixie->root_dir) . $pathDelimiter . $relativePath;
if ($this->removeOld && $this->user->photo && file_exists($photoPath . $this->user->photo)) {
unlink($photoPath . $this->user->photo);
if ($this->modifyUser) {
$this->user->photo = '';
}
}
if ($this->picture->isLoaded()) {
if ($this->user->photo && file_exists($photoPath . $this->user->photo)) {
unlink($photoPath . $this->user->photo);
}
$photoName = $this->generatePhotoName($this->picture);
$uniquePhotoDirName = substr(sha1(time() . $this->picture->getName()), 0, 2);
$uniquePhotoDir = $photoPath . $uniquePhotoDirName;
if (!file_exists($uniquePhotoDir) || !is_dir($uniquePhotoDir)) {
mkdir($uniquePhotoDir, 0777, true);
}
$this->picture->move($uniquePhotoDir . '/' . $photoName);
$uniquePhotoName = $uniquePhotoDirName . '/' . $photoName;
$this->result = $uniquePhotoName;
if ($this->modifyUser) {
$this->user->photo = $uniquePhotoName;
}
}
}
$this->processed = true;
}
