/** * @Route(methods="POST", defaults={"_maintenance" = true}) * @Request({"credentials": "array", "_remember_me": "boolean"}) */ public function authenticateAction($credentials, $remember = false) { $isXml = App::request()->isXmlHttpRequest(); try { if (!App::csrf()->validate()) { throw new AuthException(__('Invalid token. Please try again.')); } App::auth()->authorize($user = App::auth()->authenticate($credentials, false)); if (!$isXml) { return App::auth()->login($user, $remember); } else { App::auth()->setUser($user, $remember); return ['success' => true]; } } catch (BadCredentialsException $e) { $error = __('Invalid username or password.'); } catch (AuthException $e) { $error = $e->getMessage(); } if (!$isXml) { App::message()->error($error); return App::redirect(App::url()->previous()); } else { App::abort(400, $error); } }
/** * @Route("/admin/login", defaults={"_maintenance"=true}) */ public function loginAction() { if (App::user()->isAuthenticated()) { return App::redirect('@system'); } return ['$view' => ['title' => __('Login'), 'name' => 'system/theme:views/login.php', 'layout' => false], 'last_username' => App::session()->get(Auth::LAST_USERNAME), 'redirect' => App::request()->get('redirect') ?: App::url('@system', [], true), 'remember_me_param' => Auth::REMEMBER_ME_PARAM]; }
/** * @Request({"email": "string"}) */ public function requestAction($email) { try { if (App::user()->isAuthenticated()) { return App::redirect(); } if (!App::csrf()->validate()) { throw new Exception(__('Invalid token. Please try again.')); } if (empty($email)) { throw new Exception(__('Enter a valid email address.')); } if (!($user = User::findByEmail($email))) { throw new Exception(__('Unknown email address.')); } if ($user->isBlocked()) { throw new Exception(__('Your account has not been activated or is blocked.')); } $user->activation = App::get('auth.random')->generateString(32); $url = App::url('@user/resetpassword/confirm', ['user' => $user->username, 'key' => $user->activation], 0); try { $mail = App::mailer()->create(); $mail->setTo($user->email)->setSubject(__('Reset password for %site%.', ['%site%' => App::module('system/site')->config('title')]))->setBody(App::view('system/user:mails/reset.php', compact('user', 'url', 'mail')), 'text/html')->send(); } catch (\Exception $e) { throw new Exception(__('Unable to send confirmation link.')); } $user->save(); return ['message' => __('Check your email for the confirmation link.')]; } catch (Exception $e) { App::abort(400, $e->getMessage()); } }
/** * @param FieldValueBase $fieldValue * @return array */ public function uploadAction(FieldValueBase $fieldValue) { try { if (!($path = $this->getPath($fieldValue->field->get('path')))) { return $this->error(__('Invalid path.')); } if (!is_dir($path) || !App::user()->hasAccess('system: manage storage | bixframework: upload files')) { return $this->error(__('Permission denied.')); } $fileInfo = []; $files = App::request()->files->get('files'); if (!$files) { return $this->error(__('No files uploaded.')); } /** @var UploadedFile $file */ foreach ($files as $file) { if (!$file->isValid()) { return $this->error(sprintf(__('Uploaded file invalid. (%s)'), $file->getErrorMessage())); } if (!($ext = $file->guessExtension()) or !in_array($ext, $fieldValue->field->get('allowed', []))) { return $this->error(__('File extension not allowed.')); } if (!($size = $file->getClientSize()) or $size > $fieldValue->field->get('max_size', 0) * 1024 * 1024) { return $this->error(__('File is too large.')); } //give file unique name $localFile = $file->move($path, sprintf('%d%d-%s', microtime(true) * 10000, rand(), preg_replace("/[^a-zA-Z0-9\\.]/", "-", $file->getClientOriginalName()))); $fileInfo[] = ['name' => $file->getClientOriginalName(), 'size' => $localFile->getSize(), 'path' => str_replace(App::path(), '', $localFile->getPathname()), 'url' => ltrim(App::url()->getStatic($localFile->getPathname(), [], 'base'), '/')]; } return ['message' => __('Upload complete.'), 'files' => $fileInfo]; } catch (\Exception $e) { return $this->error(__('Unable to upload.')); } }
/** * @Request({"path"}) */ public function indexAction($path) { if (!($dir = $this->getPath())) { return $this->error(__('Invalid path.')); } if (!is_dir($dir) || '-' === ($mode = $this->getMode($dir))) { throw new ForbiddenException(__('Permission denied.')); } $data = array_fill_keys(['items'], []); $data['mode'] = $mode; $finder = App::finder(); $finder->sort(function ($a, $b) { return $b->getRealpath() > $a->getRealpath() ? -1 : 1; }); foreach ($finder->depth(0)->in($dir) as $file) { if ('-' === ($mode = $this->getMode($file->getPathname()))) { continue; } $info = ['name' => $file->getFilename(), 'mime' => 'application/' . ($file->isDir() ? 'folder' : 'file'), 'path' => $this->normalizePath($path . '/' . $file->getFilename()), 'url' => ltrim(App::url()->getStatic($file->getPathname(), [], 'base'), '/'), 'writable' => $mode == 'w']; if (!$file->isDir()) { $info = array_merge($info, ['size' => $this->formatFileSize($file->getSize()), 'lastmodified' => date(\DateTime::ISO8601, $file->getMTime())]); } $data['items'][] = $info; } return $data; }
public function getFormUrl() { if (!$this->id) { return ''; } return App::url('@formmaker/form/front', ['id' => $this->id]); }
/** * @Route(methods="POST", defaults={"_maintenance" = true}) * @Request({"credentials": "array", "remember_me": "boolean", "redirect": "string"}) */ public function authenticateAction($credentials, $remember = false, $redirect = '') { try { if (!App::csrf()->validate()) { throw new CsrfException(__('Invalid token. Please try again.')); } App::auth()->authorize($user = App::auth()->authenticate($credentials, false)); if (($event = App::auth()->login($user, $remember)) && $event->hasResponse()) { return $event->getResponse(); } if (App::request()->isXmlHttpRequest()) { return App::response()->json(['csrf' => App::csrf()->generate()]); } else { return App::redirect(preg_replace('#(https?:)?//[^/]+#', '', $redirect)); } } catch (CsrfException $e) { if (App::request()->isXmlHttpRequest()) { return App::response()->json(['csrf' => App::csrf()->generate()], 401); } $error = $e->getMessage(); } catch (BadCredentialsException $e) { $error = __('Invalid username or password.'); } catch (AuthException $e) { $error = $e->getMessage(); } if (App::request()->isXmlHttpRequest()) { App::abort(401, $error); } else { App::message()->error($error); return App::redirect(preg_replace('#(https?:)?//[^/]+#', '', App::url()->previous())); } }
/** * @Route("/admin/login", defaults={"_maintenance"=true}) * @Request({"redirect": "string", "message": "string"}) */ public function loginAction($redirect = '', $message = '') { if (App::user()->isAuthenticated()) { return App::redirect('@system'); } return ['$view' => ['title' => __('Login'), 'name' => 'system/theme:views/login.php', 'layout' => false], 'last_username' => App::session()->get(Auth::LAST_USERNAME), 'redirect' => $redirect ?: App::url('@system'), 'message' => $message]; }
public function indexAction() { $user = App::user(); if (!$user->isAuthenticated()) { return App::redirect('@user/login', ['redirect' => App::url()->current()]); } return ['$view' => ['title' => __('Your Profile'), 'name' => 'system/user/profile.php'], '$data' => ['user' => ['name' => $user->name, 'email' => $user->email]]]; }
/** * @param int $category_id * @param bool|false $base * @return string|bool */ public function getUrl($category_id = 0, $base = false) { $category_id = $category_id ?: $this->get('primary_category', 0); if (!$category_id || App::config('bixie/download')->get('routing') == 'item') { return App::url('@download/id', ['id' => $this->id ?: 0], $base); } else { return App::url('@download/category/file/' . $category_id, ['id' => $this->id ?: 0], $base); } }
/** * Filter the response content. */ public function onResponse($event, $request, $response) { if (!is_string($content = $response->getContent())) { return; } $response->setContent(preg_replace_callback(self::REGEX_URL, function ($matches) { return sprintf(' %s="%s"', $matches['attr'], App::url($matches['url'])); }, $content)); }
public function indexAction() { $user = App::user(); $userprofile = App::module('bixie/userprofile'); if (!$user->isAuthenticated()) { return App::redirect('@user/login', ['redirect' => App::url()->current()]); } return ['$view' => ['title' => __('Your Profile'), 'name' => 'bixie/userprofile/profile.php'], '$data' => ['config' => $userprofile->config('default'), 'fields' => Field::getProfileFields(), 'profilevalues' => Profilevalue::getUserProfilevalues($user), 'user' => ['id' => $user->id, 'username' => $user->username, 'name' => $user->name, 'email' => $user->email]]]; }
/** * main profile edit page * @Route("/", methods="GET") */ public function indexAction() { $user = App::user(); $userprofile = App::module('bixie/userprofile'); if (!$user->isAuthenticated()) { return App::redirect('@user/login', ['redirect' => App::url()->current()]); } $profileUser = ProfileUser::load($user); return ['$view' => ['title' => __('Your Profile'), 'name' => 'bixie/userprofile/profile-edit.php'], '$data' => ['config' => $userprofile->config(), 'user' => ['id' => $user->id, 'username' => $user->username, 'name' => $user->name, 'email' => $user->email]], 'profileUser' => $profileUser]; }
/** * @Route("/{id}", name="view", requirements={"id"="\d+"}) */ public function viewAction($id) { $artist = Artist::query()->where('id = ?', [$id])->related('album')->first(); $request = App::request(); if (is_null($artist)) { $request->getSession()->getFlashBag()->add('error', __('Tried to view an non-existing Artist')); return App::response()->redirect('@shoutzor/artist/index'); } $topTracks = $artist->getTopMedia(); return ['$view' => ['title' => 'Artist: ' . $artist->name, 'name' => 'shoutzor:views/artist/view.php'], 'image' => is_null($artist->image) || empty($artist->image) ? App::url()->getStatic('shoutzor:assets/images/profile-placeholder.png') : App::url()->getStatic('shoutzor:' . App::module('shoutzor')->config('shoutzor')['imageDir'] . '/' . $artist->image), 'summary' => empty($artist->summary) ? __('No summary for this artist is available') : $artist->summary, 'artist' => $artist, 'topTracks' => $topTracks, 'albums' => $artist->getAlbums()]; }
/** * @Route(methods="POST", defaults={"_maintenance" = true}) * @Request({"credentials": "array"}) */ public function authenticateAction($credentials) { try { if (!App::csrf()->validate()) { throw new AuthException(__('Invalid token. Please try again.')); } App::auth()->authorize($user = App::auth()->authenticate($credentials, false)); return App::auth()->login($user, App::request()->get(Auth::REMEMBER_ME_PARAM)); } catch (BadCredentialsException $e) { App::message()->error(__('Invalid username or password.')); } catch (AuthException $e) { App::message()->error($e->getMessage()); } return App::redirect(App::url()->previous()); }
public function extensionsAction() { $packages = array_values(App::package()->all('pagekit-extension')); foreach ($packages as $package) { if ($module = App::module($package->get('module'))) { if ($settings = $module->get('settings') and $settings[0] === '@') { $settings = App::url($settings); } $package->set('enabled', true); $package->set('settings', $settings); $package->set('config', $module->config); $package->set('permissions', (bool) $module->get('permissions')); } } return ['$view' => ['title' => __('Extensions'), 'name' => 'installer:views/extensions.php'], '$data' => ['api' => App::get('system.api'), 'packages' => $packages]]; }
/** * Adds a menu item. * * @param string $id * @param array $item */ public function addItem($id, array $item) { $meta = App::user()->get('admin.menu', []); $route = App::request()->attributes->get('_route'); $item = new ArrObject($item, ['id' => $id, 'label' => $id, 'parent' => 'root', 'priority' => 0]); if (!App::user()->hasAccess($item['access'])) { return; } if (isset($meta[$id])) { $item['priority'] = $meta[$id]; } if ($item['icon']) { $item['icon'] = App::url()->getStatic($item['icon']); } $item['active'] = (bool) preg_match('#^' . str_replace('*', '.*', $item['active'] ?: $item['url']) . '$#', $route); $item['url'] = App::url($item['url']); $this->items[$id] = $item; }
/** * @Route("/{id}", name="id") */ public function postAction($id = 0) { if (!($post = Post::where(['id = ?', 'status = ?', 'date < ?'], [$id, Post::STATUS_PUBLISHED, new \DateTime()])->related('user')->first())) { App::abort(404, __('Post not found!')); } if (!$post->hasAccess(App::user())) { App::abort(403, __('Insufficient User Rights.')); } $post->excerpt = App::content()->applyPlugins($post->excerpt, ['post' => $post, 'markdown' => $post->get('markdown')]); $post->content = App::content()->applyPlugins($post->content, ['post' => $post, 'markdown' => $post->get('markdown')]); $user = App::user(); $description = $post->get('meta.og:description'); if (!$description) { $description = strip_tags($post->excerpt ?: $post->content); $description = rtrim(mb_substr($description, 0, 150), " \t\n\r\v.,") . '...'; } return ['$view' => ['title' => __($post->title), 'name' => 'blog/post.php', 'og:type' => 'article', 'article:published_time' => $post->date->format(\DateTime::ATOM), 'article:modified_time' => $post->modified->format(\DateTime::ATOM), 'article:author' => $post->user->name, 'og:title' => $post->get('meta.og:title') ?: $post->title, 'og:description' => $description, 'og:image' => $post->get('image.src') ? App::url()->getStatic($post->get('image.src'), [], 0) : false], '$comments' => ['config' => ['post' => $post->id, 'enabled' => $post->isCommentable(), 'requireinfo' => $this->blog->config('comments.require_email'), 'max_depth' => $this->blog->config('comments.max_depth'), 'user' => ['name' => $user->name, 'isAuthenticated' => $user->isAuthenticated(), 'canComment' => $user->hasAccess('blog: post comments'), 'skipApproval' => $user->hasAccess('blog: skip comment approval')]]], 'blog' => $this->blog, 'post' => $post]; }
/** * @Route("/feed") * @Route("/feed/{type}") */ public function feedAction($type = '') { if (!App::node()->hasAccess(App::user())) { App::abort(403, __('Insufficient User Rights.')); } // fetch locale and convert to ISO-639 (en_US -> en-us) $locale = App::module('system')->config('site.locale'); $locale = str_replace('_', '-', strtolower($locale)); $site = App::module('system/site'); $feed = App::feed()->create($type ?: $this->blog->config('feed.type'), ['title' => $site->config('title'), 'link' => App::url('@blog', [], true), 'description' => $site->config('description'), 'element' => ['language', $locale], 'selfLink' => App::url('@blog/feed', [], true)]); if ($last = Post::where(['status = ?', 'date < ?'], [Post::STATUS_PUBLISHED, new \DateTime()])->limit(1)->orderBy('modified', 'DESC')->first()) { $feed->setDate($last->modified); } foreach (Post::where(['status = ?', 'date < ?'], [Post::STATUS_PUBLISHED, new \DateTime()])->related('user')->limit($this->blog->config('feed.limit'))->orderBy('date', 'DESC')->get() as $post) { $url = App::url('@blog/id', ['id' => $post->id], true); $feed->addItem($feed->createItem(['title' => $post->title, 'link' => $url, 'description' => App::content()->applyPlugins($post->content, ['post' => $post, 'markdown' => $post->get('markdown'), 'readmore' => true]), 'date' => $post->date, 'author' => [$post->user->name, $post->user->email], 'id' => $url])); } return App::response($feed->output(), 200, ['Content-Type' => $feed->getMIMEType() . '; charset=' . $feed->getEncoding()]); }
/** * @Request({"user": "******"}) */ public function registerAction($data) { $message = ''; try { if (App::user()->isAuthenticated() || $this->module->config('registration') == 'admin') { return App::redirect(); } if (!App::csrf()->validate()) { throw new Exception(__('Invalid token. Please try again.')); } $password = @$data['password']; if (trim($password) != $password || strlen($password) < 6) { throw new Exception(__('Password must be 6 characters or longer.')); } $user = User::create(['registered' => new \DateTime(), 'name' => @$data['name'], 'username' => @$data['username'], 'email' => @$data['email'], 'password' => App::get('auth.password')->hash($password), 'status' => User::STATUS_BLOCKED]); $token = App::get('auth.random')->generateString(32); $admin = $this->module->config('registration') == 'approval'; if ($verify = $this->module->config('require_verification')) { $user->activation = $token; } elseif ($admin) { $user->activation = $token; $user->set('verified', true); } else { $user->status = User::STATUS_ACTIVE; } $user->validate(); $user->save(); if ($verify) { $this->sendVerificationMail($user); $message = __('Complete your registration by clicking the link provided in the mail that has been sent to you.'); } elseif ($admin) { $this->sendApproveMail($user); $message = __('Your user account has been created and is pending approval by the site administrator.'); } else { $this->sendWelcomeEmail($user); $message = __('Your user account has been created.'); } } catch (Exception $e) { App::abort(400, $e->getMessage()); } App::message()->success($message); return ['message' => $message, 'redirect' => App::url('@user/login', [], true)]; }
/** * Loads a package from data. * * @param string|array $data * @return Package */ public function load($data) { if (is_string($data) && strpos($data, '{') !== 0) { $path = strtr(dirname($data), '\\', '/'); $data = @file_get_contents($data); } if (is_string($data)) { $data = @json_decode($data, true); } if (is_array($data) && isset($data['name'])) { if (!isset($data['module'])) { $data['module'] = basename($data['name']); } if (isset($path)) { $data['path'] = $path; $data['url'] = App::url()->getStatic($path); } return new Package($data); } }
public function getRedirect() { return $this->form->get('afterSubmit') == 'redirect' ? App::url($this->form->get('redirect'), [], true) : false; }
/** * Gets the category URL. * * @param mixed $referenceType * @return string|bool */ public function getUrl($referenceType = false) { return App::url('@download/category/' . $this->id, [], $referenceType); }
/** * {@inheritdoc} */ public function jsonSerialize() { $data = ['url' => App::url('@portfolio/id', ['id' => $this->id ?: 0], 'base')]; return $this->toArray($data); }
/** * @Route("api/site/link", name="api/link") * @Request({"link"}) * @Access("site: manage site") */ public function linkAction($link) { return ['message' => 'success', 'url' => App::url($link, [], 'base') ?: $link]; }
/** * {@inheritdoc} */ public function jsonSerialize() { $data = $this->toArray([], []); $data['url'] = App::url('@shoutzor/artist/view', ['id' => $this->id]); return $data; }
/** * @param int $width * @param int $height * @return string */ public function getAvatar($width = 280, $height = 280) { $config = App::module('bixie/userprofile')->config(); $this->getProfile(); if ($avatar_field = $config['avatar_field'] and $fieldValue = $this->fieldValues[$avatar_field]) { $files = $fieldValue->getValuedata(); $file = reset($files); if ($file['url']) { return sprintf('<img height="%d" width="%d" alt="%s" src="%s">', $height, $width, $this->get('username'), $file['url']); } } if ($config['use_gravatar']) { return sprintf('<img height="%d" width="%d" alt="%s" v-gravatar.literal="%s">', $height, $width, $this->get('username'), $this->get('email')); } $fallback = $config['fallback_image_src'] ?: 'packages/bixie/pk-framework/assets/noimage.jpg'; return sprintf('<img height="%d" width="%d" alt="%s" src="%s">', $height, $width, $this->get('username'), App::url()->getStatic($fallback, [], 'base')); }
/** * Checks for the "system: access admin area" and redirects to login. */ public function onRequest($event, $request) { if (App::auth()->getUser() or !in_array('system: access admin area', $request->attributes->get('_access', []))) { return; } $params = []; // redirect to default URL for POST requests and don't explicitly redirect the default URL if ('POST' !== $request->getMethod() && $request->attributes->get('_route') != '@system') { $params['redirect'] = App::url()->current(true); } $event->setResponse(App::response()->redirect('@system/login', $params)); }
public function getFormUrl() { return App::url('@formmaker/form', ['id' => $this->id]); }
/** * Gets the node URL. * * @param mixed $referenceType * @return string */ public function getUrl($referenceType = false) { return App::url($this->link, [], $referenceType); }