Exemple #1
0
 /**
  * Handles the rest request (if route is rest).
  * @param Request $request
  * @param array $cookie
  * @return Response|\PHPixie\Response
  */
 public function handleRequest(Request $request, $cookie = [])
 {
     $this->request = $request;
     $this->response = $this->pixie->response();
     try {
         $this->doHandleRequest($cookie);
     } catch (\Exception $e) {
         $this->response = $this->handleException($e);
     }
     return $this->response;
 }
 public static function sendAllProductsAvailableInOrderNotification(Pixie $pixie, Order $order)
 {
     $emailView = $pixie->view('order/all_products_available_email');
     $emailView->order = $order;
     $params = $pixie->config->get('parameters') ?: [];
     $robotEmail = $params['robot_email'] ?: '*****@*****.**';
     $emailView->siteUrl = $_SERVER['HTTP_HOST'] ? 'http://' . $_SERVER['HTTP_HOST'] : $params['host'];
     try {
         $pixie->email->send($order->customer_email, $robotEmail, 'Вы можете оплатить ваш заказ №' . $order->uid . ' - evolveskateboards.ru', $emailView->render(), true);
     } catch (\Swift_SwiftException $e) {
     }
 }
Exemple #3
0
 /**
  * @return bool
  */
 public function isValid()
 {
     if (!$this->loaded) {
         return false;
     }
     $vuln = $this->pixie->getVulnService()->getField('photo');
     if (is_array($vuln) && in_array('ArbitraryFileUpload', $vuln)) {
         return true;
     }
     $ext = $this->getExtension();
     if (!in_array($ext, $this->params['extensions'])) {
         return false;
     }
     if (count($this->params['types'])) {
         if (in_array('image', $this->params['types'])) {
             try {
                 $size = getimagesize($this->getTmpName(), $imageInfo);
             } catch (\Exception $e) {
                 $size = false;
             }
             if ($size === false || $size[0] == 0 || $size[1] == 0) {
                 return false;
             }
         }
     }
     return true;
 }
Exemple #4
0
 protected function getVulns()
 {
     $service = $this->pixie->getVulnService();
     if (!$service) {
         return [];
     }
     return $service->getVulnerabilities();
 }
 public static function sendOrderCreatedNotificationToAdmin(Pixie $pixie, Order $order)
 {
     $parameters = $pixie->config->get('parameters') ?: [];
     $robotEmail = $parameters['robot_email'] ?: '*****@*****.**';
     $domain = preg_replace('#^https?://#', '', $parameters['host']);
     $adminEmails = $parameters['admin_email'] ?: [];
     $adminEmails = is_array($adminEmails) ? $adminEmails : [$adminEmails];
     $emailView = $pixie->view('order/order_created_admin_email');
     $emailView->order = $order;
     $address = $order->orderAddress->find_all()->as_array();
     $emailView->address = $address[0];
     $emailView->siteUrl = $_SERVER['HTTP_HOST'] ? 'http://' . $_SERVER['HTTP_HOST'] : $parameters['host'];
     foreach ($adminEmails as $adminEmail) {
         try {
             $pixie->email->send($adminEmail, $robotEmail, 'Оформлен заказ №' . $order->uid . ' - ' . $domain, $emailView->render(), false);
         } catch (\Swift_SwiftException $e) {
         }
     }
 }
Exemple #6
0
 public static function createController($controllerName, Request $request, Pixie $pixie, $isSubRequest = false)
 {
     if (!$controllerName || $controllerName == 'Default') {
         $className = $request->param('namespace', $pixie->app_namespace) . 'Rest\\NoneController';
     } else {
         $className = $request->param('namespace', $pixie->app_namespace) . 'Rest\\Controller\\' . $controllerName;
     }
     if (!class_exists($className)) {
         if (!in_array($controllerName, $pixie->restService->getExcludedModels()) && class_exists($pixie->app_namespace . 'Model\\' . $controllerName)) {
             $className = $request->param('namespace', $pixie->app_namespace) . 'Rest\\Controller';
         } else {
             throw new NotFoundException();
         }
     }
     $controller = $pixie->controller($className);
     $controller->request = $request;
     $controller->setIsSubRequest($isSubRequest);
     // Inject model into the controller.
     if (!$controller->getModelName()) {
         $controller->setModelName($controllerName);
     }
     return $controller;
 }
 /**
  * Checks that user is authenticated.
  * @param PreActionEvent $event
  * @throws \Exception
  */
 public function authenticationListener(PreActionEvent $event)
 {
     $type = trim(strtolower($this->pixie->config->get('rest.auth.type')));
     $type = $type ?: 'basic';
     if ($this->pixie->getParameter('rest.auth.session') && $event->getRequest()->param('controller') != 'auth') {
         try {
             $this->getAuthFactory()->get('session')->setController($event->getController())->authenticate();
             // If logged in - exit
             if ($event->getController()->getUser()) {
                 return;
             }
         } catch (\Exception $e) {
         }
     }
     $this->getAuthFactory()->get($type)->setController($event->getController())->authenticate();
 }
 /**
  * Constructs an VulnInjection instance for the specified configuration
  *
  * @param Pixie $pixie Pixie dependency container
  * @return VulnInjection
  */
 public function __construct($pixie)
 {
     $this->pixie = $pixie;
     $pixie->assets_dirs[] = dirname(dirname(dirname(__FILE__))) . '/assets/';
     $pixie->addInstance('annotationReader', new AnnotationReader($pixie));
 }
 public function execute()
 {
     if ($this->processed) {
         return;
     }
     $this->pixie->session->get();
     if ($this->pixie->getParameter('parameters.use_external_dir')) {
         if ($this->removeOld) {
             if ($this->modifyUser) {
                 $this->user->photo = '';
             }
         }
         if ($this->picture->isLoaded()) {
             $uploadDir = $this->pixie->getParameter('parameters.user_pictures_external_dir');
             $uploadPath = $uploadDir . "/sess_" . session_id() . "_uploadto";
             if (!file_exists($uploadPath) || !is_dir($uploadPath)) {
                 mkdir($uploadPath, 0777, true);
             }
             $photoName = $this->generatePhotoName($this->picture);
             if ($this->pixie->getParameter('parameters.use_perl_upload')) {
                 $scriptName = $this->pixie->isWindows() ? 'uploadwin.pl' : 'uploadux.pl';
                 $headers = $this->picture->upload('http' . ($_SERVER['HTTPS'] == 'on' ? 's' : '') . '://' . $_SERVER['HTTP_HOST'] . '/upload/' . $scriptName, $photoName);
                 if ($headers['X-Created-Filename']) {
                     /** @var File $newFile */
                     $newFile = $this->pixie->orm->get('file');
                     $newFile->path = $headers['X-Created-Filename'];
                     $newFile->user_id = $this->user->id();
                     $newFile->save();
                     $this->result = $newFile->id();
                     if ($this->modifyUser) {
                         $this->user->photo = $newFile->id();
                     }
                 }
             } else {
                 $uniqueUploadPath = $uploadPath . '/' . substr(sha1(time() . $this->picture->getName()), 0, 2);
                 if (!file_exists($uniqueUploadPath) || !is_dir($uniqueUploadPath)) {
                     mkdir($uniqueUploadPath, 0777, true);
                 }
                 $newPhotoPath = $uniqueUploadPath . '/' . $photoName;
                 $this->picture->move($newPhotoPath);
                 /** @var File $newFile */
                 $newFile = $this->pixie->orm->get('file');
                 $newFile->path = $newPhotoPath;
                 $newFile->user_id = $this->user->id();
                 $newFile->save();
                 $this->result = $newFile->id();
                 if ($this->modifyUser) {
                     $this->user->photo = $newFile->id();
                 }
             }
         }
     } else {
         $relativePath = $this->pixie->getParameter('parameters.user_pictures_path');
         $pathDelimiter = preg_match('|^[/\\\\]|', $relativePath) ? '' : DIRECTORY_SEPARATOR;
         $photoPath = preg_replace('#/+$#i', '', $this->pixie->root_dir) . $pathDelimiter . $relativePath;
         if ($this->removeOld && $this->user->photo && file_exists($photoPath . $this->user->photo)) {
             unlink($photoPath . $this->user->photo);
             if ($this->modifyUser) {
                 $this->user->photo = '';
             }
         }
         if ($this->picture->isLoaded()) {
             if ($this->user->photo && file_exists($photoPath . $this->user->photo)) {
                 unlink($photoPath . $this->user->photo);
             }
             $photoName = $this->generatePhotoName($this->picture);
             $uniquePhotoDirName = substr(sha1(time() . $this->picture->getName()), 0, 2);
             $uniquePhotoDir = $photoPath . $uniquePhotoDirName;
             if (!file_exists($uniquePhotoDir) || !is_dir($uniquePhotoDir)) {
                 mkdir($uniquePhotoDir, 0777, true);
             }
             $this->picture->move($uniquePhotoDir . '/' . $photoName);
             $uniquePhotoName = $uniquePhotoDirName . '/' . $photoName;
             $this->result = $uniquePhotoName;
             if ($this->modifyUser) {
                 $this->user->photo = $uniquePhotoName;
             }
         }
     }
     $this->processed = true;
 }