/** * @Route("/edit") * @Request({"id"}) */ public function editAction($id = '') { /** @var \Bixie\Formmaker\FormmakerModule $formmaker */ $formmaker = App::module('bixie/formmaker'); if (is_numeric($id)) { $field = Field::find($id); } else { $field = Field::create(); $field->setFieldType($id); } if (!$field) { App::abort(404, __('Field not found.')); } if (!($type = $formmaker->getFieldType($field->type))) { App::abort(404, __('Type not found.')); } //default values $fixedFields = ['multiple', 'required']; if (!$field->id) { foreach ($type->getConfig() as $key => $value) { if (!in_array($key, $fixedFields)) { $field->set($key, $value); } } } //check fixed value foreach ($fixedFields as $key) { if ($type[$key] != -1) { $field->set($key, $type[$key]); } } return ['field' => $field, 'type' => $type, 'roles' => array_values(Role::findAll())]; }
/** * @Request({"email": "string"}) */ public function requestAction($email) { try { if (App::user()->isAuthenticated()) { return App::redirect(); } if (!App::csrf()->validate()) { throw new Exception(__('Invalid token. Please try again.')); } if (empty($email)) { throw new Exception(__('Enter a valid email address.')); } if (!($user = User::findByEmail($email))) { throw new Exception(__('Unknown email address.')); } if ($user->isBlocked()) { throw new Exception(__('Your account has not been activated or is blocked.')); } $user->activation = App::get('auth.random')->generateString(32); $url = App::url('@user/resetpassword/confirm', ['user' => $user->username, 'key' => $user->activation], 0); try { $mail = App::mailer()->create(); $mail->setTo($user->email)->setSubject(__('Reset password for %site%.', ['%site%' => App::module('system/site')->config('title')]))->setBody(App::view('system/user:mails/reset.php', compact('user', 'url', 'mail')), 'text/html')->send(); } catch (\Exception $e) { throw new Exception(__('Unable to send confirmation link.')); } $user->save(); return ['message' => __('Check your email for the confirmation link.')]; } catch (Exception $e) { App::abort(400, $e->getMessage()); } }
/** * @Route(methods="POST", defaults={"_maintenance" = true}) * @Request({"credentials": "array", "_remember_me": "boolean"}) */ public function authenticateAction($credentials, $remember = false) { $isXml = App::request()->isXmlHttpRequest(); try { if (!App::csrf()->validate()) { throw new AuthException(__('Invalid token. Please try again.')); } App::auth()->authorize($user = App::auth()->authenticate($credentials, false)); if (!$isXml) { return App::auth()->login($user, $remember); } else { App::auth()->setUser($user, $remember); return ['success' => true]; } } catch (BadCredentialsException $e) { $error = __('Invalid username or password.'); } catch (AuthException $e) { $error = $e->getMessage(); } if (!$isXml) { App::message()->error($error); return App::redirect(App::url()->previous()); } else { App::abort(400, $error); } }
/** * {@inheritdoc} */ public function match(array $parameters = []) { if (isset($parameters['id'])) { return $parameters; } if (!isset($parameters['slug'])) { App::abort(404, 'Project not found.'); } $slug = $parameters['slug']; $id = false; foreach ($this->cacheEntries as $entry) { if ($entry['slug'] === $slug) { $id = $entry['id']; } } if (!$id) { if (!($project = Project::where(compact('slug'))->first())) { App::abort(404, 'Project not found.'); } $this->addCache($project); $id = $project->id; } $parameters['id'] = $id; return $parameters; }
/** * @Request({"user", "key"}) */ public function confirmAction($username = "", $activation = "") { if (empty($username) || empty($activation) || !($user = User::where(compact('username', 'activation'))->first())) { App::abort(400, __('Invalid key.')); } if ($user->isBlocked()) { App::abort(400, __('Your account has not been activated or is blocked.')); } if ('POST' === App::request()->getMethod()) { try { if (!App::csrf()->validate()) { throw new Exception(__('Invalid token. Please try again.')); } $password = App::request()->request->get('password'); if (empty($password)) { throw new Exception(__('Enter password.')); } if ($password != trim($password)) { throw new Exception(__('Invalid password.')); } $user->password = App::get('auth.password')->hash($password); $user->activation = null; $user->save(); App::message()->success(__('Your password has been reset.')); return App::redirect('@user/login'); } catch (Exception $e) { $error = $e->getMessage(); } } return ['$view' => ['title' => __('Reset Confirm'), 'name' => 'system/user/reset-confirm.php'], 'username' => $username, 'activation' => $activation, 'error' => isset($error) ? $error : '']; }
/** * @Route(methods="POST", defaults={"_maintenance" = true}) * @Request({"credentials": "array", "remember_me": "boolean", "redirect": "string"}) */ public function authenticateAction($credentials, $remember = false, $redirect = '') { try { if (!App::csrf()->validate()) { throw new CsrfException(__('Invalid token. Please try again.')); } App::auth()->authorize($user = App::auth()->authenticate($credentials, false)); if (($event = App::auth()->login($user, $remember)) && $event->hasResponse()) { return $event->getResponse(); } if (App::request()->isXmlHttpRequest()) { return App::response()->json(['csrf' => App::csrf()->generate()]); } else { return App::redirect(preg_replace('#(https?:)?//[^/]+#', '', $redirect)); } } catch (CsrfException $e) { if (App::request()->isXmlHttpRequest()) { return App::response()->json(['csrf' => App::csrf()->generate()], 401); } $error = $e->getMessage(); } catch (BadCredentialsException $e) { $error = __('Invalid username or password.'); } catch (AuthException $e) { $error = $e->getMessage(); } if (App::request()->isXmlHttpRequest()) { App::abort(401, $error); } else { App::message()->error($error); return App::redirect(preg_replace('#(https?:)?//[^/]+#', '', App::url()->previous())); } }
/** * @Request({"user": "******"}, csrf=true) */ public function saveAction($data) { $user = App::user(); if (!$user->isAuthenticated()) { App::abort(404); } try { $user = User::find($user->id); if ($password = @$data['password_new']) { if (!App::auth()->getUserProvider()->validateCredentials($user, ['password' => @$data['password_old']])) { throw new Exception(__('Invalid Password.')); } if (trim($password) != $password || strlen($password) < 3) { throw new Exception(__('Invalid Password.')); } $user->password = App::get('auth.password')->hash($password); } if (@$data['email'] != $user->email) { $user->set('verified', false); } $user->name = @$data['name']; $user->email = @$data['email']; $user->validate(); $user->save(); return ['message' => 'success']; } catch (Exception $e) { App::abort(400, $e->getMessage()); } }
/** * @Route("/{id}", methods="DELETE", requirements={"id"="\d+"}) * @Request({"id": "int"}, csrf=true) */ public function deleteAction($id) { if (!($widget = Widget::find($id))) { App::abort(404, 'Widget not found.'); } $widget->delete(); return ['message' => 'success']; }
/** * @Request({"id", "data"}, csrf=true) */ public function saveAction($id, $data) { if (!$id || !($record = TestBD::find($id))) { App::abort(404, __('Record not found.')); } $record->save($data); return ['res' => 'success']; }
public function indexAction($id = 0) { if (!($page = Page::find($id))) { App::abort(404, __('Page not found.')); } $page->content = App::content()->applyPlugins($page->content, ['page' => $page, 'markdown' => $page->get('markdown')]); return ['$view' => ['title' => $page->title, 'name' => 'system/site/page.php'], 'page' => $page, 'node' => App::node()]; }
/** * @Access(admin=true) * @Request({"order": "array"}) */ public function adminMenuAction($order) { if (!$order) { App::abort(400, __('Missing order data.')); } $user = User::find(App::user()->id); $user->set('admin.menu', $order); $user->save(); return ['message' => __('Order saved.')]; }
/** * @Access("userprofile: view profiles") * @Route("/{id}", methods="GET", name="id") * @Request({"id": "int"}) */ public function detailsAction($id) { if (!($user = App::auth()->getUserProvider()->find((int) $id)) or !($profileUser = ProfileUser::load($user))) { App::abort(404, __('User not found.')); } if ($breadcrumbs = App::module('bixie/breadcrumbs')) { $breadcrumbs->addUrl(['title' => $user->name, 'url' => '']); } return ['$view' => ['title' => __('User Profile'), 'name' => 'bixie/userprofile/profile-details.php'], '$data' => [], 'config' => App::module('bixie/userprofile')->config(), 'profileUser' => $profileUser, 'node' => App::node()]; }
/** * @Access("user: manage users") * @Request({"id": "int"}) */ public function editAction($id = 0) { if (!$id) { $user = User::create(['roles' => [Role::ROLE_AUTHENTICATED]]); } else { if (!($user = User::find($id))) { App::abort(404, 'User not found.'); } } return ['$view' => ['title' => $id ? __('Edit User') : __('Add User'), 'name' => 'system/user/admin/user-edit.php'], '$data' => ['user' => $user, 'config' => ['statuses' => User::getStatuses(), 'roles' => array_values($this->getRoles($user)), 'emailVerification' => App::module('system/user')->config('require_verification'), 'currentUser' => App::user()->id]]]; }
/** * @Request({"id": "int", "type": "string"}) */ public function editAction($id = 0, $type = null) { if (!$id) { $widget = Widget::create(['type' => $type]); } else { if (!($widget = Widget::find($id))) { App::abort(404, 'Widget not found.'); } } return ['$view' => ['title' => __('Widgets'), 'name' => 'system/widget/edit.php'], '$data' => ['widget' => $widget, 'config' => ['menus' => App::menu(), 'nodes' => array_values(Node::query()->get()), 'roles' => array_values(Role::findAll()), 'types' => array_values(App::widget()->all()), 'positions' => array_values(App::position()->all())]]]; }
/** * Reads the access expressions and evaluates them on the current user. */ public function onLateRequest($event, $request) { if (!($access = $request->attributes->get('_access'))) { return; } foreach ($access as $expression) { if (!App::user()->hasAccess($expression)) { App::abort(403, __('Insufficient User Rights.')); } } }
/** * @Route("category/edit", name="admin/category/edit") * @Access("download: manage categories") * @Request({"id": "int"}) */ public function editCategoryAction($id = 0) { if (!($category = Category::where(compact('id'))->related('files')->first())) { if ($id) { App::abort(404, __('Invalid file id.')); } $category = Category::create(['status' => 1, 'slug' => '']); $category->set('markdown', $this->download->config('markdown')); } return ['$view' => ['title' => $id ? __('Edit category') : __('Add category'), 'name' => 'bixie/download/admin/category.php'], '$data' => ['roles' => array_values(Role::findAll()), 'category' => $category], 'category' => $category]; }
/** * @Route("/{id}", name="id") */ public function projectAction($id = 0) { if (!($project = Project::where(['id = ?', 'date < ?'], [$id, new \DateTime()])->first())) { App::abort(404, __('Project not found.')); } $project->intro = App::content()->applyPlugins($project->intro, ['project' => $project, 'markdown' => $project->get('markdown')]); $project->content = App::content()->applyPlugins($project->content, ['project' => $project, 'markdown' => $project->get('markdown')]); $previous = Project::getPrevious($project); $next = Project::getNext($project); return ['$view' => ['title' => __($project->title), 'name' => 'bixie/portfolio/project.php'], 'portfolio' => $this->portfolio, 'config' => $this->portfolio->config(), 'previous' => $previous, 'next' => $next, 'project' => $project]; }
/** * @Route("/", methods="POST") * @Route("/{id}", methods="POST", requirements={"id"="\d+"}) * @Request({"role": "array", "id": "int"}, csrf=true) */ public function saveAction($data, $id = 0) { // is new ? if (!($role = Role::find($id))) { if ($id) { App::abort(404, __('Role not found.')); } $role = Role::create(); } $role->save($data); return ['message' => 'success', 'role' => $role]; }
/** * @Route("/ajax", methods="POST") * @Request({"field_id": "int", "action": "string"}) */ public function ajaxAction($field_id, $action) { if (!($field = Field::find($field_id))) { App::abort(400, __('Field not found.')); } $fieldValue = Profilevalue::create()->setField($field); $fieldType = $fieldValue->getFieldType(); if (method_exists($fieldType, $action)) { return call_user_func([$fieldType, $action], $fieldValue); } return 'No response'; }
/** * @Route("/", methods="POST") * @Route("/{id}", methods="POST", requirements={"id"="\d+"}) * @Request({"field": "array", "id": "int"}, csrf=true) */ public function saveAction($data, $id = 0) { if (!($field = Field::find($id))) { $field = Field::create(); unset($data['id']); } try { $field->save($data); } catch (Exception $e) { App::abort(400, $e->getMessage()); } return ['message' => 'success', 'field' => $field]; }
/** * @Route("/", methods="GET") * @Route("/{id}", methods="GET", requirements={"id"="\d+"}) */ public function indexAction($id = 0) { $self = App::user(); $userprofile = App::module('bixie/userprofile'); $id = $id ?: $self->id; if (!$self->hasAccess('user: manage users') && $id != $self->id) { App::abort(403, 'Insufficient permissions.'); } if (!($user = User::find($id))) { App::abort(404, 'User not found.'); } return ['config' => $userprofile->config(), 'fields' => Field::getProfileFields(), 'profilevalues' => Profilevalue::getUserProfilevalues($user), 'user' => ['id' => $user->id, 'username' => $user->username, 'name' => $user->name, 'email' => $user->email]]; }
/** * @Route("/{id}", name="id") */ public function postAction($id = 0) { if (!($post = Post::where(['id = ?', 'status = ?', 'date < ?'], [$id, Post::STATUS_PUBLISHED, new \DateTime()])->related('user')->first())) { App::abort(404, __('Post not found!')); } if (!$post->hasAccess(App::user())) { App::abort(403, __('Insufficient User Rights.')); } $post->excerpt = App::content()->applyPlugins($post->excerpt, ['post' => $post, 'markdown' => $post->get('markdown')]); $post->content = App::content()->applyPlugins($post->content, ['post' => $post, 'markdown' => $post->get('markdown')]); $user = App::user(); return ['$view' => ['title' => __($post->title), 'name' => 'blog/post.php'], '$comments' => ['config' => ['post' => $post->id, 'enabled' => $post->isCommentable(), 'requireinfo' => $this->blog->config('comments.require_email'), 'max_depth' => $this->blog->config('comments.max_depth')], 'user' => ['name' => $user->name, 'isAuthenticated' => $user->isAuthenticated(), 'canComment' => $user->hasAccess('blog: post comments'), 'skipApproval' => $user->hasAccess('blog: skip comment approval')]], 'blog' => $this->blog, 'post' => $post]; }
/** * @Route("/", methods="POST") * @Route("/{id}", methods="POST", requirements={"id"="\d+"}) * @Request({"project": "array", "id": "int"}, csrf=true) */ public function saveAction($data, $id = 0) { if (!$id || !($project = Project::find($id))) { if ($id) { App::abort(404, __('Post not found.')); } $project = Project::create(); } if (!($data['slug'] = App::filter($data['slug'] ?: $data['title'], 'slugify'))) { App::abort(400, __('Invalid slug.')); } $project->save($data); return ['message' => 'success', 'project' => $project]; }
/** * @Route("/", methods="POST") * @Route("/{id}", methods="POST", requirements={"id"="\d+"}) * @Request({"category": "array", "id": "int"}, csrf=true) */ public function saveAction($data, $id = 0) { if (!($category = Category::where(compact('id'))->related('files')->first())) { $category = Category::create(); unset($data['id']); } if (!($data['slug'] = App::filter($data['slug'] ?: $data['title'], 'slugify'))) { App::abort(400, __('Invalid slug.')); } $category->updateOrdering($data); //unset array typed files unset($data['files']); $category->save($data); return ['message' => 'success', 'category' => $category]; }
/** * @Route("/{id}") */ public function formAction($id = 0) { $user = App::user(); if (!($form = Form::where(['id = ?'], [$id])->where(function ($query) use($user) { if (!$user->isAdministrator()) { $query->where('status = 1'); } })->related('fields')->first())) { App::abort(404, __('Form not found!')); } if (!App::node()->hasAccess(App::user())) { App::abort(403, __('Insufficient User Rights.')); } return ['$view' => ['title' => __($form->title), 'name' => 'formmaker:views/form.php'], '$data' => ['formitem' => $form, 'fields' => array_values($form->fields)]]; }
/** * @Route("/", methods="POST") * @Route("/{id}", methods="POST", requirements={"id"="\d+"}) * @Request({"file": "array", "id": "int"}, csrf=true) */ public function saveAction($data, $id = 0) { /** @var File $file */ if (!$id || !($file = File::where(compact('id'))->related('categories')->first())) { if ($id) { App::abort(404, __('File not found.')); } $file = File::create(); } if (!($data['slug'] = App::filter($data['slug'] ?: $data['title'], 'slugify'))) { App::abort(400, __('Invalid slug.')); } $file->save($data); $file->saveCategories($data['category_ids']); return ['message' => 'success', 'file' => $file]; }
/** * @Route("/", methods="POST") * @Route("/{id}", methods="POST", requirements={"id"="\d+"}) * @Request({"field": "array", "id": "int"}, csrf=true) */ public function saveAction($data, $id = 0) { if (!($field = Field::find($id))) { $field = Field::create(['data' => ['value' => [], 'data' => [], 'classSfx' => '', 'help_text' => '', 'help_show' => '']]); unset($data['id']); } if (!($data['slug'] = App::filter($data['slug'] ?: $data['label'], 'slugify'))) { App::abort(400, __('Invalid slug.')); } try { $field->save($data); } catch (Exception $e) { App::abort(400, $e->getMessage()); } return ['message' => 'success', 'field' => $field]; }
/** * @Route("/", methods="POST") * @Route("/{id}", methods="POST", requirements={"id"="\d+"}) * @Request({"formitem": "array", "id": "int"}, csrf=true) */ public function saveAction($data, $id = 0) { if (!($form = Form::find($id))) { $form = Form::create(); unset($data['id']); } if (!($data['slug'] = $this->slugify($data['slug'] ?: $data['title']))) { App::abort(400, __('Invalid slug.')); } try { $form->save($data); } catch (Exception $e) { App::abort(400, $e->getMessage()); } return ['message' => 'success', 'formitem' => $form]; }
/** * @Route("/project/edit", name="project/edit") * @Access("portfolio: manage portfolio") * @Request({"id": "int"}) */ public function editAction($id = 0) { try { if (!($project = Project::where(compact('id'))->first())) { if ($id) { App::abort(404, __('Invalid project id.')); } $module = App::module('bixie/portfolio'); $project = Project::create(['data' => [], 'tags' => [], 'date' => new \DateTime()]); $project->set('markdown', $module->config('markdown')); } return ['$view' => ['title' => $id ? __('Edit Project') : __('Add Project'), 'name' => 'bixie/portfolio/admin/project.php'], '$data' => ['config' => App::module('bixie/portfolio')->config(), 'project' => $project, 'tags' => Project::allTags()], 'project' => $project]; } catch (\Exception $e) { App::message()->error($e->getMessage()); return App::redirect('@portfolio/post'); } }
/** * @Route("/", methods="POST") * @Request({"menu":"array"}, csrf=true) */ public function saveAction($menu) { $oldId = isset($menu['id']) ? trim($menu['id']) : null; $label = trim($menu['label']); if (!($id = App::filter($label, 'slugify'))) { App::abort(400, __('Invalid id.')); } if ($id != $oldId) { if ($this->config->has('menus.' . $id)) { throw new ConflictException(__('Duplicate Menu Id.')); } $this->config->remove('menus.' . $oldId); Node::where(['menu = :old'], [':old' => $oldId])->update(['menu' => $id]); } $this->config->merge(['menus' => [$id => compact('id', 'label')]]); App::menu()->assign($id, $menu['positions']); return ['message' => 'success', 'menu' => $menu]; }