/** * @throws \Exception */ public function init() { $conf = Config::getSystemConfig(); if (!$conf->webservice->enabled) { throw new \Exception("Webservice API isn't enabled"); } if (!$this->getParam("apikey") && $_COOKIE["pimcore_admin_sid"]) { $user = Authentication::authenticateSession(); if (!$user instanceof User) { throw new \Exception("User is not valid"); } } else { if (!$this->getParam("apikey")) { throw new \Exception("API key missing"); } else { $apikey = $this->getParam("apikey"); $userList = new User\Listing(); $userList->setCondition("apiKey = ? AND type = ? AND active = 1", array($apikey, "user")); $users = $userList->load(); if (!is_array($users) or count($users) !== 1) { throw new \Exception("API key error."); } if (!$users[0]->getApiKey()) { throw new \Exception("Couldn't get API key for user."); } $user = $users[0]; } } \Zend_Registry::set("pimcore_admin_user", $user); parent::init(); }
public function init() { parent::init(); if (is_file(\Pimcore\Config::locateConfigFile("system.php"))) { // session authentication, only possible if user is logged in $user = \Pimcore\Tool\Authentication::authenticateSession(); if (!$user instanceof User) { die("Authentication failed!<br />If you don't have access to the admin interface any more, and you want to find out if the server configuration matches the requirements you have to rename the the system.php for the time of the check."); } } elseif ($this->getParam("mysql_adapter")) { } else { die("Not possible... no database settings given.<br />Parameters: mysql_adapter,mysql_host,mysql_username,mysql_password,mysql_database"); } }
public function init() { parent::init(); $maxExecutionTime = 300; @ini_set("max_execution_time", $maxExecutionTime); set_time_limit($maxExecutionTime); error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT); @ini_set("display_errors", "On"); $front = \Zend_Controller_Front::getInstance(); $front->throwExceptions(true); \Zend_Controller_Action_HelperBroker::addPrefix('Pimcore_Controller_Action_Helper'); if (is_file(PIMCORE_CONFIGURATION_SYSTEM)) { $this->redirect("/admin"); } }
/** * @throws \Zend_Controller_Router_Exception */ public function init() { // this is only executed once per request (first request) if (self::$isInitial) { \Pimcore::getEventManager()->trigger("frontend.controller.preInit", $this); } parent::init(); // log exceptions if handled by error_handler $this->checkForErrors(); // general definitions if (self::$isInitial) { \Pimcore::unsetAdminMode(); Document::setHideUnpublished(true); Object\AbstractObject::setHideUnpublished(true); Object\AbstractObject::setGetInheritedValues(true); Object\Localizedfield::setGetFallbackValues(true); } // assign variables $this->view->controller = $this; // init website config $config = Config::getWebsiteConfig(); $this->config = $config; $this->view->config = $config; $document = $this->getParam("document"); if (!$document instanceof Document) { \Zend_Registry::set("pimcore_editmode", false); $this->editmode = false; $this->view->editmode = false; self::$isInitial = false; // check for a locale first, and set it if available if ($this->getParam("pimcore_parentDocument")) { // this is a special exception for renderlets in editmode (ajax request), because they depend on the locale of the parent document // otherwise there'll be notices like: Notice: 'No translation for the language 'XX' available.' if ($parentDocument = Document::getById($this->getParam("pimcore_parentDocument"))) { if ($parentDocument->getProperty("language")) { $this->setLocaleFromDocument($parentDocument->getProperty("language")); } } } // no document available, continue, ... return; } else { $this->setDocument($document); // register global locale if the document has the system property "language" if ($this->getDocument()->getProperty("language")) { $this->setLocaleFromDocument($this->getDocument()->getProperty("language")); } if (self::$isInitial) { // append meta-data to the headMeta() view helper, if it is a document-request if (!Model\Staticroute::getCurrentRoute() && $this->getDocument() instanceof Document\Page) { if (is_array($this->getDocument()->getMetaData())) { foreach ($this->getDocument()->getMetaData() as $meta) { // only name if (!empty($meta["idName"]) && !empty($meta["idValue"]) && !empty($meta["contentValue"])) { $method = "append" . ucfirst($meta["idName"]); $this->view->headMeta()->{$method}($meta["idValue"], $meta["contentValue"]); } } } } } } // this is only executed once per request (first request) if (self::$isInitial) { // contains the logged in user if necessary $user = null; // default is to set the editmode to false, is enabled later if necessary \Zend_Registry::set("pimcore_editmode", false); if (Tool::isFrontentRequestByAdmin()) { $this->disableBrowserCache(); // start admin session & get logged in user $user = Authentication::authenticateSession(); } if (\Pimcore::inDebugMode()) { $this->disableBrowserCache(); } if (!$this->document->isPublished()) { if (Tool::isFrontentRequestByAdmin()) { if (!$user) { throw new \Zend_Controller_Router_Exception("access denied for " . $this->document->getFullPath()); } } else { throw new \Zend_Controller_Router_Exception("access denied for " . $this->document->getFullPath()); } } // logged in users only if ($user) { // set the user to registry so that it is available via \Pimcore\Tool\Admin::getCurrentUser(); \Zend_Registry::set("pimcore_admin_user", $user); // document editmode if ($this->getParam("pimcore_editmode")) { \Zend_Registry::set("pimcore_editmode", true); // check if there is the document in the session $docKey = "document_" . $this->getDocument()->getId(); $docSession = Session::getReadOnly("pimcore_documents"); if ($docSession->{$docKey}) { // if there is a document in the session use it $this->setDocument($docSession->{$docKey}); } else { // set the latest available version for editmode if there is no doc in the session $latestVersion = $this->getDocument()->getLatestVersion(); if ($latestVersion) { $latestDoc = $latestVersion->loadData(); if ($latestDoc instanceof Document\PageSnippet) { $this->setDocument($latestDoc); } } } // register editmode plugin $front = \Zend_Controller_Front::getInstance(); $front->registerPlugin(new \Pimcore\Controller\Plugin\Frontend\Editmode($this), 1000); } // document preview if ($this->getParam("pimcore_preview")) { // get document from session $docKey = "document_" . $this->getParam("document")->getId(); $docSession = Session::getReadOnly("pimcore_documents"); if ($docSession->{$docKey}) { $this->setDocument($docSession->{$docKey}); } } // object preview if ($this->getParam("pimcore_object_preview")) { $key = "object_" . $this->getParam("pimcore_object_preview"); $session = Session::getReadOnly("pimcore_objects"); if ($session->{$key}) { $object = $session->{$key}; // add the object to the registry so every call to Object::getById() will return this object instead of the real one \Zend_Registry::set("object_" . $object->getId(), $object); } } // for version preview if ($this->getParam("pimcore_version")) { // only get version data at the first call || because of embedded Snippets ... if (!\Zend_Registry::isRegistered("pimcore_version_active")) { $version = Model\Version::getById($this->getParam("pimcore_version")); $this->setDocument($version->getData()); \Zend_Registry::set("pimcore_version_active", true); } } } // for public versions if ($this->getParam("v")) { try { $version = Model\Version::getById($this->getParam("v")); if ($version->getPublic()) { $this->setDocument($version->getData()); } } catch (\Exception $e) { } } // check for persona if ($this->getDocument() instanceof Document\Page) { $this->getDocument()->setUsePersona(null); // reset because of preview and editmode (saved in session) if ($this->getParam("_ptp") && self::$isInitial) { $this->getDocument()->setUsePersona($this->getParam("_ptp")); } } // check if document is a wrapped hardlink, if this is the case send a rel=canonical header to the source document if ($this->getDocument() instanceof Document\Hardlink\Wrapper\WrapperInterface) { // get the cononical (source) document $hardlinkCanonicalSourceDocument = Document::getById($this->getDocument()->getId()); $request = $this->getRequest(); if (\Pimcore\Tool\Frontend::isDocumentInCurrentSite($hardlinkCanonicalSourceDocument)) { $this->getResponse()->setHeader("Link", '<' . $request->getScheme() . "://" . $request->getHttpHost() . $hardlinkCanonicalSourceDocument->getFullPath() . '>; rel="canonical"'); } } \Pimcore::getEventManager()->trigger("frontend.controller.postInit", $this); } // set some parameters $this->editmode = \Zend_Registry::get("pimcore_editmode"); $this->view->editmode = \Zend_Registry::get("pimcore_editmode"); self::$isInitial = false; }
/** * @throws \Zend_Exception */ public function init() { parent::init(); // set language if (\Zend_Registry::isRegistered("Zend_Locale")) { $locale = (string) \Zend_Registry::get("Zend_Locale"); $this->setLanguage($locale); } else { if ($this->getParam("language")) { $this->setLanguage($this->getParam("language")); } else { $config = Config::getSystemConfig(); $this->setLanguage($config->general->language); // try to set browser-language (validation if installed is in $this->setLanguage() ) $this->setLanguage(new \Zend_Locale()); } } if (self::$adminInitialized) { // this will be executed on every call to this init() method try { $this->setUser(\Zend_Registry::get("pimcore_admin_user")); } catch (\Exception $e) { \Logger::emerg("adminInitialized was set to true although there was no user set in the registry -> to be save the process was killed"); exit; } } else { // the following code is only called once, even when there are some subcalls (eg. with $this->action, ... ) \Pimcore::getEventManager()->trigger("admin.controller.preInit", $this); $this->disableBrowserCache(); // general definitions Model\Document::setHideUnpublished(false); Model\Object\AbstractObject::setHideUnpublished(false); Model\Object\AbstractObject::setGetInheritedValues(false); Model\Object\Localizedfield::setGetFallbackValues(false); \Pimcore::setAdminMode(); // init translations self::initTranslations($this); // init zend action helpers, we need to leave the prefixed class name here as the plugin loader isn't able to handle namespaces \Zend_Controller_Action_HelperBroker::addPrefix('Pimcore_Controller_Action_Helper'); // this is to make it possible to use the session id as a part of the route (ZF default route) used for external editors, etc. if ($this->getParam("pimcore_admin_sid")) { $_REQUEST["pimcore_admin_sid"] = $this->getParam("pimcore_admin_sid"); } // authenticate user, first try to authenticate with session information $user = Authentication::authenticateSession(); if ($user instanceof Model\User) { $this->setUser($user); if ($this->getUser()->getLanguage()) { $this->setLanguage($this->getUser()->getLanguage()); } } else { // try to authenticate with http basic auth, but this is only allowed for WebDAV if ($this->getParam("module") == "admin" && $this->getParam("controller") == "asset" && $this->getParam("action") == "webdav") { $user = Authentication::authenticateHttpBasic(); if ($user instanceof Model\User) { $this->setUser($user); \Zend_Registry::set("pimcore_admin_user", $this->getUser()); self::$adminInitialized = true; return; } } } // redirect to the login-page if the user isn't authenticated if (!$this->getUser() instanceof Model\User && !($this->getParam("module") == "admin" && $this->getParam("controller") == "login")) { // put a detailed message into the debug.log \Logger::error("Prevented access to " . $_SERVER["REQUEST_URI"] . " because there is no user in the session!", ["server" => $_SERVER, "get" => $_GET, "post" => $_POST, "session" => $_SESSION, "cookie" => $_COOKIE]); // send a auth header for the client (is covered by the ajax object in javascript) $this->getResponse()->setHeader("X-Pimcore-Auth", "required"); // redirect to login page $this->redirect("/admin/login"); // exit the execution -> just to be sure exit; } // we're now authenticated so we can remove the default error handler so that we get just the normal PHP errors if ($this->getParam("controller") != "login") { $front = \Zend_Controller_Front::getInstance(); $front->unregisterPlugin("Pimcore\\Controller\\Plugin\\ErrorHandler"); $front->throwExceptions(true); @ini_set("display_errors", "On"); @ini_set("display_startup_errors", "On"); } \Zend_Registry::set("pimcore_admin_user", $this->getUser()); self::$adminInitialized = true; // usage statistics $this->logUsageStatistics(); \Pimcore::getEventManager()->trigger("admin.controller.postInit", $this); } }
/** * @throws \Exception */ public function init() { parent::init(); if (!Configuration::get('frontend.enabled')) { return FALSE; } try { \Zend_Search_Lucene_Analysis_Analyzer::setDefault(new \Zend_Search_Lucene_Analysis_Analyzer_Common_Utf8Num_CaseInsensitive()); $this->frontendIndex = \Zend_Search_Lucene::open(Plugin::getFrontendSearchIndex()); $this->categories = Configuration::get('frontend.categories'); //set search term query $searchQuery = $this->cleanRequestString($this->getParam('q')); if (!empty($searchQuery)) { $this->query = Plugin::cleanTerm($searchQuery); $this->untouchedQuery = $this->query; } //set Language if (Configuration::get('frontend.ignoreLanguage') !== TRUE) { $this->searchLanguage = $this->getParam('language'); if (empty($this->searchLanguage)) { try { $this->searchLanguage = \Zend_Registry::get('Zend_Locale'); } catch (Exception $e) { $this->searchLanguage = 'en'; } } } else { $this->searchLanguage = NULL; } //Set Category $queryCategory = $this->cleanRequestString($this->getParam('category')); if (!empty($queryCategory)) { $this->category = $queryCategory; } //Set Country if (Configuration::get('frontend.ignoreCountry') !== TRUE) { $this->searchCountry = $this->getParam('country'); if ($this->searchCountry == 'global') { $this->searchCountry = 'international'; } else { if (empty($this->searchCountry)) { $this->searchCountry = 'international'; } } } else { $this->searchCountry = NULL; } //Set Restrictions (Auth) if (Configuration::get('frontend.ignoreRestriction') === FALSE) { $this->searchRestriction = TRUE; } //Set Fuzzy Search (Auth) $fuzzySearchRequest = $this->getParam('fuzzy'); if (Configuration::get('frontend.fuzzySearch') == TRUE || !empty($fuzzySearchRequest) && $fuzzySearchRequest !== 'false') { $this->fuzzySearch = TRUE; } //Set own Host Only if (Configuration::get('frontend.ownHostOnly') == TRUE) { $this->ownHostOnly = TRUE; } //Set Entries per Page $this->perPage = Configuration::get('frontend.view.maxPerPage'); $perPage = $this->getParam('perPage'); if (!empty($perPage)) { $this->perPage = (int) $perPage; } //Set max Suggestions $this->maxSuggestions = Configuration::get('frontend.view.maxSuggestions'); //Set Current Page $currentPage = $this->getParam('page'); if (!empty($currentPage)) { $this->currentPage = (int) $currentPage; } } catch (\Exception $e) { throw new \Exception('could not open index'); } }