public function getHandler($conn)
{
Context::clear();
$app = \Slim\Slim::getInstance();
$credentials = $conn->WebSocket->request->getQuery()->toArray();
//
// Aparently, this doesn't work as expected.
//
// set x-auth-token
if (isset($credentials['X-Auth-Token'])) {
$app->request->headers->set('X-Auth-Token', $credentials['X-Auth-Token']);
unset($credentials['X-Auth-Token']);
}
// remove "/" and possible "ws/" from resource path
$resource = str_replace("ws/", "", substr($conn->WebSocket->request->getPath(), 1));
$hash = md5($resource . join(",", array_values($credentials)));
if (!isset($this->handlers[$hash])) {
if ($key = Model\AppKey::where('app_id', $credentials['X-App-Id'])->where('key', $credentials['X-App-Key'])->first()) {
Context::setKey($key);
$channel = Model\Module::channel($resource);
if ($channel) {
$this->handlers[$hash] = $channel->compile();
}
}
}
return isset($this->handlers[$hash]) ? $this->handlers[$hash] : null;
}
public static function link_to($args, $attributes)
{
$text = isset($args[1]) ? $args[1] : $args[0];
$app_key = \Hook\Application\Context::getKey();
$public_url = public_url($args[0]) . '?X-App-Id=' . $app_key->app_id . '&X-App-Key=' . $app_key->key;
return array('<a href="' . $public_url . '"' . html_attributes($attributes) . '>' . $text . '</a>', 'raw');
}
public static function isAllowed($model, $action)
{
// commandline always have full-access
if (Context::isTrusted() || $model instanceof Auth && $model->isTrustedAction()) {
return true;
}
$is_allowed = false;
$instance = static::getInstance();
$collection_name = $instance->getCollectioName($model);
$instance->token = AuthToken::current();
$roles = $instance->getConfig($collection_name, $action);
// Ensure array type for roles
if (!is_array($roles)) {
$roles = array($roles);
}
foreach ($roles as $role) {
// At least one of the configured roles must match
if ($is_allowed) {
break;
}
if (in_array($role, $instance->builtInRoles)) {
$is_allowed = call_user_func_array(array($instance, 'check' . ucfirst($role)), array($model));
} else {
$is_allowed = $instance->checkRole($role);
}
}
return $is_allowed;
}
public function testRegister()
{
$task = new ScheduledTask(array('task' => "something", 'schedule' => "daily"));
preg_match("/X-App-Key: ([^']+)/", $task->getCommand(), $matches);
$this->assertTrue(strlen($matches[1]) == 32, "should find a valid 32-char key.");
$this->assertEquals($matches[1], Context::getAppKeys(AppKey::TYPE_SERVER)->first()->key, "tasks should use a valid server key");
}
/**
* url
* @static
* @param string $segments segments
* @param array $options options
* @return Database\CollectionDelegator
*/
public static function url($segments, $options = array())
{
$request = Router::getInstance()->request;
$options['X-App-Id'] = Context::getKey()->app_id;
$options['X-App-Key'] = Context::getKey()->key;
$segments .= '?' . http_build_query($options);
return $request->getUrl() . $request->getScriptName() . '/' . $segments;
}
public static function getInstance()
{
$app_key = Context::getKey();
if (!static::$instance && $app_key) {
static::$instance = new static($app_key->app->secret, $app_key->app_id);
}
return static::$instance;
}
public function testTrustedCanUpdateRole()
{
Context::setTrusted(true);
$auth = Auth::where('email', "*****@*****.**")->first();
$auth->role = "admin";
$auth->setTrustedAction(true);
$auth->save();
$this->assertTrue($auth->role == "admin");
}
public function notify()
{
if (!(Context::getKey()->isServer() && Request::header('X-Scheduled-Task'))) {
throw new ForbiddenException("Need a 'device' key to perform this action.");
}
$notifier = new PushNotification\Notifier();
$messages = Model\App::collection('push_messages')->where('status', Model\PushMessage::STATUS_QUEUE);
return $notifier->push_messages($messages);
}
public function beforeSave()
{
if (!$this->getAttribute('_id')) {
if (!Context::getKey()->isServer()) {
throw new ForbiddenException("Need a 'server' key to perform this action.");
}
if (!$this->getAttribute('message')) {
throw new InternalException("Can't create PushMessage: 'message' is required.");
}
$this->setAttribute('status', self::STATUS_QUEUE);
$this->setAttribute('devices', 0);
$this->setAttribute('failure', 0);
}
parent::beforeSave();
}
public function getCommand()
{
$shortcuts = array('hourly' => '0 * * * *', 'daily' => '0 0 * * *', 'monthly' => '0 0 1 * *', 'weekly' => '0 0 * * 0');
$schedule = preg_match('/[a-z]/', $this->schedule) ? $shortcuts[$this->schedule] : $this->schedule;
$protocol = isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) ? 'https' : 'http';
// $public_url = $protocol . '://' . $_SERVER['SERVER_NAME'] . ':' . $_SERVER['SERVER_PORT'] . $_SERVER['SCRIPT_NAME'] . '/' . $this->task;
$public_url = $protocol . '://' . $_SERVER['SERVER_NAME'] . $_SERVER['SCRIPT_NAME'] . '/' . $this->task;
// retrieve server key to allow calls from crontab.
$server_key = Context::getAppKeys(AppKey::TYPE_SERVER)->first();
$curl_headers = "-H 'X-App-Id: {$server_key->app_id}' ";
$curl_headers .= "-H 'X-App-Key: {$server_key->key}' ";
$curl_headers .= "-H 'X-Scheduled-Task: yes' ";
// Output the response to application log file
$app = \Slim\Slim::getInstance();
$output_file = $app->log->getWriter()->getFilePath();
// Redirect stderr and stdout to file
return $schedule . ' ' . "curl -XGET {$curl_headers} '{$public_url}' &> " . $output_file;
}
public function call()
{
$app = $this->app;
$app_key = Context::getKey();
//
// TODO: need a way to enable/disable logs for production use
//
// Log all queries
$dispatcher = \Hook\Model\Collection::getEventDispatcher();
$dispatcher->listen('illuminate.query', function ($query, $bindings, $time, $name) use(&$app) {
$data = compact('bindings', 'time', 'name');
// Format binding data for sql insertion
foreach ($bindings as $i => $binding) {
if ($binding instanceof \DateTime) {
$bindings[$i] = $binding->format('\'Y-m-d H:i:s\'');
} else {
if (is_string($binding)) {
$bindings[$i] = "'{$binding}'";
}
}
}
// Insert bindings into query
$query = str_replace(array('%', '?'), array('%%', '%s'), $query);
$query = vsprintf($query, $bindings);
\Logger::debug($query);
});
if (!$app->request->isOptions() && $app_key) {
// set application log writer for this app
$log_file = storage_dir() . 'logs.txt';
$app->log->setWriter(new LogWriter($log_file));
// disable log if storage directory doesn't exists.
// maybe we're on a readonly filesystem
$app->log->setEnabled(is_writable($log_file));
if (strpos($app->request->getPath(), "/apps/") === false) {
$app->log->info($app->request->getIp() . ' - [' . date('d-m-Y H:i:s') . '] ' . $app->request->getMethod() . ' ' . $app->request->getResourceUri());
$app->log->info('Params: ' . json_encode($app->request->params()));
}
}
return $this->next->call();
}
public static function form()
{
$args = func_get_args();
$options = array_pop($args);
// use empty string as default action
if (!isset($options['hash']['action'])) {
$options['hash']['action'] = "";
}
// use GET method as default
if (!isset($options['hash']['method'])) {
$options['hash']['method'] = 'get';
}
// evaluate action url
$app_key = \Hook\Application\Context::getKey();
$action_url = parse_url($options['hash']['action']);
if (!isset($action_url['query'])) {
$action_url['query'] = 'X-App-Id=' . $app_key->app_id . '&X-App-Key=' . $app_key->key;
}
$options['hash']['action'] = unparse_url($action_url);
$html = '<form' . html_attributes($options['hash']) . '>' . "\n" . $options['fn']() . '</form>';
return $html;
}
public static function isAllowedIP()
{
$allowed = false;
$allowed_ip_addresses = Context::config('allowed_ip_addresses');
if ($allowed_ip_addresses && !empty($allowed_ip_addresses)) {
$allowed = in_array("*", $allowed_ip_addresses) || in_array(Request::ip(), $allowed_ip_addresses);
}
return $allowed;
}
public function delete($name, $_id = null)
{
$collection = Model\App::collection($name);
$success = false;
// trusted context:
// run a real truncate statement if performing a delete
if (Context::isTrusted() && $_id == null && count(Input::get('q')) == 0) {
$success = $collection->truncate();
} else {
// untrusted context:
// remove a single row, or the items from a filter in
$query = $_id ? $collection->find($_id) : $collection->filter(Input::get('q'));
$success = $query->delete();
}
return array('success' => $success);
}
/**
* migrate
*
* @param Hook\Model\Collection $model
* @param array $collection_config
*
* @return bool
*/
public function migrate($model, $collection_config, $is_dynamic = false)
{
$that = $this;
$result = false;
$connection = $model->getConnectionResolver()->connection();
// Ignore NoSQL databases.
if (!$connection->getPdo()) {
return;
}
// Get modified Schema\Grammar for hook features.
$connection->setSchemaGrammar($this->getSchemaGrammar($connection));
// Set custom blueprint resolver
$builder = $connection->getSchemaBuilder();
$builder->blueprintResolver(function ($table, $callback) {
return new \Hook\Database\Schema\Blueprint($table, $callback);
});
$table = $model->getTable();
$table_schema = Cache::get($table);
$table_prefix = Context::getPrefix();
$collection_config = $this->sanitizeConfigs($table, $collection_config, $is_dynamic);
$is_creating = !$builder->hasTable($table);
if (!empty($collection_config['attributes']) || !empty($collection_config['relationships'])) {
$migrate = function ($t) use($that, &$table, &$table_prefix, &$builder, &$is_creating, &$table_schema, $collection_config, &$result) {
$table_columns = array('created_at', 'updated_at', 'deleted_at');
if ($is_creating) {
$that->createCollection($t);
} else {
$table_columns = array_merge($table_columns, $builder->getColumnListing($table));
}
foreach ($collection_config['attributes'] as $attribute) {
if (!isset($attribute['name'])) {
throw new MethodFailureException('invalid_schema');
}
$field_name = strtolower(array_remove($attribute, 'name'));
$type = camel_case(array_remove($attribute, 'type') ?: 'string');
$default = array_remove($attribute, 'default');
$index = array_remove($attribute, 'index');
$unique = array_remove($attribute, 'unique') || $index == 'unique';
$required = array_remove($attribute, 'required');
// Skip if column already exists
// TODO: deprecate strtolower
if (in_array($field_name, array_map('strtolower', $table_columns))) {
continue;
}
// include field_name to list of collection columns
array_push($table_columns, $field_name);
if (count($attribute) > 0) {
// the remaining attributes on field definition are
// the data-type related collection_config, such as 'length',
// 'allowed', 'total', 'places', etc.
$column = $t->newColumn($type, $field_name, $attribute);
} else {
$column = $t->{$type}($field_name);
}
// apply default value
if ($default !== NULL) {
$required = true;
$column->default($default);
}
// spatial indexes are NOT NULL by default
$nullable = !$required && $type !== 'point';
// columns are nullable unless specified as 'required'
if ($nullable) {
$column->nullable();
}
if ($index == 'spatial') {
// apply geospatial index, only MyISAM
$t->spatialIndex($field_name);
} else {
if ($index && !$unique) {
// apply index if specified
$column->index();
}
}
if ($unique) {
// apply unique index if specified
$unique_fields = !is_array($unique) ? $field_name : array_unique(array_merge(array($field_name), $unique));
$t->unique($unique_fields);
}
}
// onDelete / onUpdate actions
$actions = array('restrict' => "RESTRICT", 'cascade' => "CASCADE", 'none' => "NO ACTION", 'null' => "SET NULL", 'default' => "SET DEFAULT");
if (!isset($collection_config['relationships'])) {
$collection_config['relationships'] = array();
}
foreach ($collection_config['relationships'] as $relation => $fields) {
// only create field on belongs_to relationships
if ($relation == "belongs_to") {
foreach ($fields as $field => $config) {
// create 'foreign_key' column on collection.
if (!in_array($config['foreign_key'], array_map('strtolower', $table_columns))) {
$column = $t->unsignedInteger($config['foreign_key']);
$column->nullable();
}
// create collection if it doesn't exists
if (!$builder->hasTable($config['collection'])) {
$builder->create($table_prefix . $config['collection'], function ($t) use($that) {
$that->createCollection($t);
});
}
// //
// // create foreign key on database
// //
// // TODO: list foreign keys already defined before
// // trying to create it.
// //
// $t->foreign($config['foreign_key'])
// ->references($config['primary_key'])
// ->on($table_prefix . $config['collection'])
// ->onDelete($actions[$config['on_delete']])
// ->onUpdate($actions[$config['on_update']]);
}
}
}
// return true when any modification is present
if (count($t->getColumns()) > 0 || count($t->getCommands()) > 0) {
$result = true;
}
};
if ($is_creating) {
// CREATE TABLE statement
$builder->create($table_prefix . $table, $migrate);
} else {
// ALTER TABLE statement.
$builder->table($table_prefix . $table, $migrate);
}
}
// merge previous schema with new one.
$table_schema = $this->mergeSchema($table_schema, $collection_config, $is_dynamic);
// Cache table schema for further reference
Cache::forever($table, $table_schema);
$app_collections = Cache::get('app_collections');
Cache::forever('app_collections', array_unique(array_merge($app_collections, array($table))));
return $result;
}
protected function isUpdateAllowed()
{
//
// Allow updates only when:
// - Is using 'server' context.
// - Is using 'commandline' context.
// - Authenticated user is updating it's own data
//
return Context::isTrusted() || Role::isAllowed($this, 'update') || $this->isAuthenticated();
}
public static function setKey($app_key)
{
static::$app_key = $app_key;
Context::setPrefix($app_key->app->_id);
return static::$app_key;
}
/**
* Reset auth password
*/
public function resetPassword()
{
$data = $this->getData();
if (!isset($data['token']) === 0) {
throw new Exceptions\BadRequestException("you must provide a 'token'.");
}
if (!isset($data['password']) || strlen($data['password']) === 0) {
throw new Exceptions\BadRequestException("you must provide a valid 'password'.");
}
// Set trusted context to update auths row
Context::setTrusted(true);
$auth = Auth::where(Auth::FORGOT_PASSWORD_FIELD, $data['token'])->first();
if ($auth && $auth->resetPassword($data['password'])) {
return array('success' => true);
} else {
throw new Exceptions\UnauthorizedException("invalid_token");
}
}
public function call()
{
// The Slim application
$app = $this->app;
self::decode_query_string();
$origin = $app->request->headers->get('ORIGIN', '*');
// Always keep connection open
$app->response->headers->set('Connection', 'Keep-Alive');
// Allow Cross-Origin Resource Sharing
$app->response->headers->set('Access-Control-Allow-Credentials', 'true');
$app->response->headers->set('Access-Control-Allow-Methods', 'GET, PUT, POST, DELETE');
$app->response->headers->set('Access-Control-Allow-Headers', 'x-app-id, x-app-key, x-auth-token, x-http-method-override, content-type, user-agent, accept');
if ($app->request->isOptions()) {
// Always allow OPTIONS requests.
$app->response->headers->set('Access-Control-Allow-Origin', $origin);
} else {
// Get application key
$app_key = Context::validateKey($app->request->headers->get('X-App-Id') ?: $app->request->get('X-App-Id'), $app->request->headers->get('X-App-Key') ?: $app->request->get('X-App-Key'));
if ($app_key) {
// Check the application key allowed origins, and block if necessary.
if ($app_key->isBrowser()) {
$app->response->headers->set('Access-Control-Allow-Origin', $origin);
$request_origin = preg_replace("/https?:\\/\\//", "", $origin);
$allowed_origins = Config::get('security.allowed_origins', array($request_origin));
$is_origin_allowed = array_filter($allowed_origins, function ($allowed_origin) use(&$request_origin) {
return fnmatch($allowed_origin, $request_origin);
});
if (count($is_origin_allowed) == 0) {
// throw new NotAllowedException("origin_not_allowed");
$app->response->setStatus(403);
// forbidden
$app->response->headers->set('Content-type', 'application/json');
$app->response->setBody(json_encode(array('error' => "origin_not_allowed")));
return;
}
}
// Require custom app packages
Package\Manager::autoload();
// // Register session handler
// Session\Handler::register(Config::get('session.handler', 'database'));
// Query and compile route module if found
$route_module_name = strtolower($app->request->getMethod()) . '_' . substr($app->request->getPathInfo(), 1) . '.php';
$alternate_route_module_name = 'any_' . substr($app->request->getPathInfo(), 1) . '.php';
$custom_route = Module::where('type', Module::TYPE_ROUTE)->where('name', $route_module_name)->orWhere('name', $alternate_route_module_name)->first();
if ($custom_route) {
// Flag request as "trusted".
Context::setTrusted(true);
// "Compile" the route to be available for the router
$custom_route->compile();
}
} else {
if (!\Hook\Controllers\ApplicationController::isRootOperation()) {
$app->response->setStatus(403);
$app->response->setBody(json_encode(array('error' => "Your IP Address is not allowed to perform this operation.")));
return;
}
}
//
// Parse incoming JSON data
if ($app->request->isPost() || $app->request->isPut() || $app->request->isDelete()) {
$input_data = $app->environment->offsetGet('slim.input');
$app->environment->offsetSet('slim.request.form_hash', json_decode($input_data, true));
}
return $this->next->call();
}
}
public function auth($strategy = null, $callback = null)
{
$query_params = $this->getQueryParams();
if (isset($_POST['opauth'])) {
$opauth = unserialize(base64_decode($_POST['opauth']));
if (isset($opauth['error'])) {
// throw new UnauthorizedException($opauth['error']['code']);
return $this->relay_frame_close();
}
$opauth_data = $opauth['auth'];
$identity = AuthIdentity::firstOrNew(array('provider' => strtolower($opauth_data['provider']), 'uid' => $opauth_data['uid']));
if (!$identity->auth_id || $identity->auth == NULL) {
// cleanup nested infos before registering it
foreach ($opauth_data['info'] as $key => $value) {
if (is_array($value)) {
unset($opauth_data['info'][$key]);
}
}
// register new auth
if (isset($opauth_data['info']['email'])) {
$auth = Auth::current() ?: Auth::firstOrNew(array('email' => $opauth_data['info']['email']));
} else {
// creating auth entry without email
$auth = Auth::current() ?: new Auth();
}
// If is a new user, fill and save with auth data
if (!$auth->_id) {
$auth->fill($opauth_data['info']);
}
// set visible provider_id on auth row.
// such as 'facebook_id', 'google_id', etc.
$auth->setTrustedAction(true);
$auth->setAttribute($identity->provider . '_id', $identity->uid);
$auth->save();
$identity->auth_id = $auth->_id;
$identity->save();
} else {
$auth = $identity->auth;
}
$data = $auth->dataWithToken();
// output oauth credentials on authentication request
if (isset($opauth_data['credentials'])) {
$data['credentials'] = $opauth_data['credentials'];
}
if (Context::getKey()->isBrowser()) {
$js_origin = "window.opener.location.protocol + '//' + window.opener.location.hostname + (window.opener.location.port ? ':' + window.opener.location.port: '')";
// Use mozilla/winchan to allow trusted cross-browser postMessages
$winchanjs = 'WinChan=function(){var RELAY_FRAME_NAME="__winchan_relay_frame";var CLOSE_CMD="die";function addListener(w,event,cb){if(w.attachEvent)w.attachEvent("on"+event,cb);else if(w.addEventListener)w.addEventListener(event,cb,false)}function removeListener(w,event,cb){if(w.detachEvent)w.detachEvent("on"+event,cb);else if(w.removeEventListener)w.removeEventListener(event,cb,false)}function isInternetExplorer(){var rv=-1;var ua=navigator.userAgent;if(navigator.appName==="Microsoft Internet Explorer"){var re=new RegExp("MSIE ([0-9]{1,}[.0-9]{0,})");if(re.exec(ua)!=null)rv=parseFloat(RegExp.$1)}else if(ua.indexOf("Trident")>-1){var re=new RegExp("rv:([0-9]{2,2}[.0-9]{0,})");if(re.exec(ua)!==null){rv=parseFloat(RegExp.$1)}}return rv>=8}function isFennec(){try{var userAgent=navigator.userAgent;return userAgent.indexOf("Fennec/")!=-1||userAgent.indexOf("Firefox/")!=-1&&userAgent.indexOf("Android")!=-1}catch(e){}return false}function isSupported(){return window.JSON&&window.JSON.stringify&&window.JSON.parse&&window.postMessage}function extractOrigin(url){if(!/^https?:\\/\\//.test(url))url=window.location.href;var a=document.createElement("a");a.href=url;return a.protocol+"//"+a.host}function findRelay(){var loc=window.location;var frames=window.opener.frames;for(var i=frames.length-1;i>=0;i--){try{if(frames[i].location.protocol===window.location.protocol&&frames[i].location.host===window.location.host&&frames[i].name===RELAY_FRAME_NAME){return frames[i]}}catch(e){}}return}var isIE=isInternetExplorer();if(isSupported()){return{open:function(opts,cb){if(!cb)throw"missing required callback argument";var err;if(!opts.url)err="missing required \'url\' parameter";if(!opts.relay_url)err="missing required \'relay_url\' parameter";if(err)setTimeout(function(){cb(err)},0);if(!opts.window_name)opts.window_name=null;if(!opts.window_features||isFennec())opts.window_features=undefined;var iframe;var origin=extractOrigin(opts.url);if(origin!==extractOrigin(opts.relay_url)){return setTimeout(function(){cb("invalid arguments: origin of url and relay_url must match")},0)}var messageTarget;if(isIE){iframe=document.createElement("iframe");iframe.setAttribute("src",opts.relay_url);iframe.style.display="none";iframe.setAttribute("name",RELAY_FRAME_NAME);document.body.appendChild(iframe);messageTarget=iframe.contentWindow}var w=window.open(opts.url,opts.window_name,opts.window_features);if(!messageTarget)messageTarget=w;var closeInterval=setInterval(function(){if(w&&w.closed){cleanup();if(cb){cb("unknown closed window");cb=null}}},500);var req=JSON.stringify({a:"request",d:opts.params});function cleanup(){if(iframe)document.body.removeChild(iframe);iframe=undefined;if(closeInterval)closeInterval=clearInterval(closeInterval);removeListener(window,"message",onMessage);removeListener(window,"unload",cleanup);if(w){try{w.close()}catch(securityViolation){messageTarget.postMessage(CLOSE_CMD,origin)}}w=messageTarget=undefined}addListener(window,"unload",cleanup);function onMessage(e){if(e.origin!==origin){return}try{var d=JSON.parse(e.data);if(d.a==="ready")messageTarget.postMessage(req,origin);else if(d.a==="error"){cleanup();if(cb){cb(d.d);cb=null}}else if(d.a==="response"){cleanup();if(cb){cb(null,d.d);cb=null}}}catch(err){}}addListener(window,"message",onMessage);return{close:cleanup,focus:function(){if(w){try{w.focus()}catch(e){}}}}},onOpen:function(cb){var o="*";var msgTarget=isIE?findRelay():window.opener;if(!msgTarget)throw"cant find relay frame";function doPost(msg){msg=JSON.stringify(msg);if(isIE)msgTarget.doPost(msg,o);else msgTarget.postMessage(msg,o)}function onMessage(e){var d;try{d=JSON.parse(e.data)}catch(err){}if(!d||d.a!=="request")return;removeListener(window,"message",onMessage);o=e.origin;if(cb){setTimeout(function(){cb(o,d.d,function(r){cb=undefined;doPost({a:"response",d:r})})},0)}}function onDie(e){if(e.data===CLOSE_CMD){try{window.close()}catch(o_O){}}}addListener(isIE?msgTarget:window,"message",onMessage);addListener(isIE?msgTarget:window,"message",onDie);try{doPost({a:"ready"})}catch(e){addListener(msgTarget,"load",function(e){doPost({a:"ready"})})}var onUnload=function(){try{removeListener(isIE?msgTarget:window,"message",onDie)}catch(ohWell){}if(cb)doPost({a:"error",d:"client closed window"});cb=undefined;try{window.close()}catch(e){}};addListener(window,"unload",onUnload);return{detach:function(){removeListener(window,"unload",onUnload)}}}}}else{return{open:function(url,winopts,arg,cb){setTimeout(function(){cb("unsupported browser")},0)},onOpen:function(cb){setTimeout(function(){cb("unsupported browser")},0)}}}}();';
return "<!DOCTYPE html>\n <html>\n <head>\n <meta http-equiv='X-UA-Compatible' content='chrome=1' />\n </head>\n <body>\n <script type='text/javascript'>\n {$winchanjs}\n WinChan.onOpen(function(origin, args, cb) {\n cb(" . to_json($data) . ");\n });\n </script>\n </body>\n </html>";
} else {
return $data;
}
}
ob_start();
$opauth = new Opauth(array('path' => substr($_SERVER['REQUEST_URI'], 0, strpos($_SERVER['REQUEST_URI'], 'oauth/') + 6), 'callback_url' => '{path}callback' . $query_params, 'callback_transport' => 'post', 'Strategy' => Config::get('oauth'), 'security_salt' => Context::getKey()->app->secret), false);
$this->fixOauthStrategiesCallback($opauth, $query_params);
$opauth->run();
$response = ob_get_contents();
ob_end_clean();
return $response;
}
public static function current()
{
return Context::getKey();
}
/**
* compile
* Compile module code
* @param array options
* @return mixed
*/
public function compile($options = array())
{
$app = Slim\Slim::getInstance();
$extension = '.' . pathinfo($this->name, PATHINFO_EXTENSION);
$name = basename($this->name, $extension);
if ($this->type == static::TYPE_OBSERVER || $this->type == static::TYPE_CHANNEL || $this->type == static::TYPE_ROUTE) {
//
// Expose handy aliases for modules
//
$aliases = '';
$aliases .= 'use Hook\\Application\\Context;';
$aliases .= 'use Hook\\Model\\Module;';
$aliases .= 'use Hook\\Model\\File;';
$aliases .= 'use Hook\\Model\\Auth;';
$aliases .= 'use Hook\\Model\\AuthToken;';
$aliases .= 'use Hook\\Model\\Collection;';
$aliases .= 'use Hook\\Cache\\Cache;';
$aliases .= 'use Hook\\Logger\\Logger;';
if ($this->type == self::TYPE_OBSERVER || $this->type == self::TYPE_CHANNEL) {
// Prevent name conflict by using unique class names for custom modules
$klass = 'CustomModule' . uniqid();
eval($aliases . preg_replace('/class ([^\\ {]+)/', 'class ' . $klass, $this->code, 1));
if (class_exists($klass)) {
// Return module instance for registering on model.
return new $klass();
} else {
throw new Exceptions\MethodFailureException("Module '{$name}.php' must define a class.");
}
} elseif ($this->type == self::TYPE_ROUTE) {
try {
eval($aliases . $this->code);
} catch (\Exception $e) {
$message = $this->name . ': ' . $e->getMessage();
$app->log->info($message);
$app->response->headers->set('X-Error-' . uniqid(), $message);
file_put_contents('php://stderr', $message);
}
}
} elseif ($this->type == static::TYPE_TEMPLATE) {
$app->view->setTemplateString($this->code);
// Expose app_key to compiled templates.
// Mainly used to generate server-side routes when
// `Hook\View\Helper::link_to` isn't capable to handle it
//
// TODO: remove this after implementing issue #131
// (https://github.com/doubleleft/hook/issues/131)
$options['app_key'] = \Hook\Application\Context::getKey();
return $app->view->render($this->name, $options);
}
}
/**
* Create a new Collection instance. No database operations here.
*
* @param array $attributes attributes
* @return \Model\Collection
*/
public function create_new(array $attributes = array())
{
$instance = null;
if (!$this->is_collection) {
$instance = new self::$custom_collections[$this->name]();
} else {
$instance = new Collection(array('table_name' => $this->name));
}
$instance->fill($attributes);
// Fill '_id' if it's provided and in a trusted context
if (isset($attributes['_id']) && Context::isTrusted()) {
$instance->_id = $attributes['_id'];
}
return $instance;
}
