function forgot() { if (get_request_method() == 'POST') { return $this->_sendPasswordTo($_POST['forgot']['email']); } $this->display('login/forgot', array('email' => Flash::get('email'))); }
public function settings() { $errors = false; if (get_request_method() == 'POST') { $data = $_POST['settings']; $settings = array(); $settings['filemanager_base'] = preg_replace('/\\s+/', '', $data['filemanager_base']); $settings['filemanager_base'] = trim($settings['filemanager_base'], '/'); $settings['filemanager_view'] = isset($data['filemanager_view']) ? $data['filemanager_view'] : 'grid'; // image extensions if (isset($data['filemanager_images'])) { $settings['filemanager_images'] = serialize($data['filemanager_images']); } else { $errors[] = __("You need to select at least one image extension!"); } $settings['filemanager_upload_size'] = !empty($data['filemanager_upload_size']) && is_numeric($data['filemanager_upload_size']) ? $data['filemanager_upload_size'] : '0'; $settings['filemanager_dateformat'] = !empty($data['filemanager_dateformat']) ? trim($data['filemanager_dateformat']) : 'd M Y H:i'; $booleans = array('filemanager_enabled', 'filemanager_browse_only', 'filemanager_upload_overwrite', 'filemanager_upload_images_only'); foreach ($booleans as $bool) { $settings[$bool] = isset($data[$bool]) && $data[$bool] == 1 ? '1' : '0'; } if (Plugin::setAllSettings($settings, 'ckeditor')) { Flash::setNow('success', 'Settings were updated successfully'); } else { $errors[] = __("There was a problem saving the settings."); } } else { $settings = Plugin::getAllSettings('ckeditor'); } if ($errors !== false) { Flash::setNow('error', implode('<br/>', $errors)); } $this->display('settings', array('settings' => $settings)); }
public function __construct() { parent::__construct(); if (get_request_method() != 'AJAX') { die('error request'); } }
function index() { // check if trying to save if (get_request_method() == 'POST') { return $this->_save(); } $this->display('setting/index'); }
/** * Calls save function or displays settings screen. */ public final function index() { // check if trying to save if (get_request_method() == 'POST') { $this->_save(); } $this->display('setting/index', array('csrf_token' => SecureToken::generateToken(BASE_URL . 'setting'))); }
function edit($id) { if (!($snippet = Snippet::findById($id))) { Flash::set('error', __('Snippet not found!')); redirect(get_url('snippet')); } // check if trying to save if (get_request_method() == 'POST') { return $this->_edit($id); } $this->display('snippet/edit', array('action' => 'edit', 'filters' => Filter::findAll(), 'snippet' => $snippet)); }
public function edit($id) { if (!($gallery = Gallery::findById($id))) { Flash::set('error', __('Image is not found!')); redirect(get_url('gallery')); } // check if trying to save if (get_request_method() == 'POST') { return $this->_edit($id); } $this->display('gallery/view', array('gallery' => $gallery)); }
function edit($id) { if (!($layout = Layout::findById($id))) { Flash::set('error', __('Layout not found!')); redirect(get_url('layout')); } // check if trying to save if (get_request_method() == 'POST') { return $this->_edit($id); } // display things... $this->display('layout/edit', array('action' => 'edit', 'layout' => $layout)); }
function edit($id = null) { if (is_null($id)) { redirect(get_url('plugin/comment')); } if (!($comment = Comment::findById($id))) { Flash::set('error', __('comment not found!')); redirect(get_url('plugin/comment')); } // check if trying to save if (get_request_method() == 'POST') { return $this->_edit($id); } // display things... $this->display('comment/views/edit', array('action' => 'edit', 'comment' => $comment)); }
function edit($id) { if (AuthUser::getId() != $id && !AuthUser::hasPermission('administrator')) { Flash::set('error', __('You do not have permission to access the requested page!')); redirect(get_url()); } // check if trying to save if (get_request_method() == 'POST') { return $this->_edit($id); } if ($user = User::findById($id)) { $this->display('user/edit', array('action' => 'edit', 'user' => $user, 'permissions' => Record::findAllFrom('Permission'))); } else { Flash::set('error', __('User not found!')); } redirect(get_url('user')); }
private function _send_headers() { header('Cache-Control: no-store, no-cache, must-revalidate'); header('Cache-Control: post-check=0, pre-check=0', FALSE); header('Pragma: no-cache'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); if (get_request_method() == 'AJAX') { //if( $this->param('ajaxtp') == 'xml' ) { // header('Content-type: application/xml; charset=utf-8'); //} //else { header('Content-type: text/plain; charset=utf-8'); //} } else { header('Content-type: text/html; charset=utf-8'); } }
/** * Saves the edited Snippet. * * @todo Merge _edit() and edit() * * @param string $id Snippet id. */ public function edit($id) { // check if user have already enter something $snippet = Flash::get('post_data'); if (empty($snippet)) { $snippet = Snippet::findById($id); if (!$snippet) { Flash::set('error', __('Snippet not found!')); redirect(get_url('snippet')); } } // check if trying to save if (get_request_method() == 'POST') { $this->_edit($id); } $this->display('snippet/edit', array('action' => 'edit', 'csrf_token' => SecureToken::generateToken(BASE_URL . 'snippet/edit'), 'filters' => Filter::findAll(), 'snippet' => $snippet)); }
public function collection_update($id = null) { if (is_null($id)) { redirect(get_url('plugin/ecommerce/collection')); } if (!($collection = Collection::findById($id))) { Flash::set('error', __('Collection not found!')); redirect(get_url('plugin/ecommerce/collection')); } if (get_request_method() == 'POST') { $collection_id = $this->_collection_save($id, 'collection', 'Collection'); //insert log $this->_insert_log('Collection <a href="' . get_url('plugin/ecommerce/collection_update/' . $collection_id) . '">' . $_POST['collection']['title'] . '</a> was updated.'); redirect(get_url('plugin/ecommerce/collection')); } //get products global $__FROG_CONN__; $sql = 'select pc.id, pc.collection_id, pc.product_id, p.title, pc.position from ecommerce_collection c inner join ecommerce_product_collection pc on c.id = pc.collection_id inner join ecommerce_product p on p.id = pc.product_id where c.id = ' . $id . ' order by pc.position;'; $stmt = $__FROG_CONN__->prepare($sql); $stmt->execute(); $products = $stmt->fetchAll(); $this->display('ecommerce/views/collections/update', array('action' => 'update', 'collection' => $collection, 'products' => $products)); }
public function add() { // check if trying to save if (get_request_method() == 'POST') { return $this->_add(); } // check if user have already enter something $sidebarlink = Flash::get('post_data'); if (empty($sidebarlink)) { $sidebarlink = new SidebarLink(); } $this->browse(); }
private function _check($permission = NULL) { global $pawUsers; if (!$pawUsers->isLoggedIn()) { $this->_redirect(get_url("login")); } if ($permission !== NULL && !$pawUsers->permissions->hasPermission($permission)) { Flash::set("error", __("You don't have the Permission to access the requested page!")); if (Setting::get("default_tab") === "user") { $this->_redirect(get_url("page")); } else { $this->_redirect(); } } return get_request_method(); }
/** * Provides a nice print out of the stack trace when an exception is thrown. * * @param Exception $e Exception object. */ function framework_exception_handler($e) { if (!DEBUG) { page_not_found(); } echo '<style>h1,h2,h3,p,td {font-family:Verdana; font-weight:lighter;}</style>'; echo '<p>Uncaught ' . get_class($e) . '</p>'; echo '<h1>' . $e->getMessage() . '</h1>'; $traces = $e->getTrace(); if (count($traces) > 1) { echo '<p><b>Trace in execution order:</b></p>' . '<pre style="font-family:Verdana; line-height: 20px">'; $level = 0; foreach (array_reverse($traces) as $trace) { ++$level; if (isset($trace['class'])) { echo $trace['class'] . '→'; } $args = array(); if (!empty($trace['args'])) { foreach ($trace['args'] as $arg) { if (is_null($arg)) { $args[] = 'null'; } else { if (is_array($arg)) { $args[] = 'array[' . sizeof($arg) . ']'; } else { if (is_object($arg)) { $args[] = get_class($arg) . ' Object'; } else { if (is_bool($arg)) { $args[] = $arg ? 'true' : 'false'; } else { if (is_int($arg)) { $args[] = $arg; } else { $arg = htmlspecialchars(substr($arg, 0, 64)); if (strlen($arg) >= 64) { $arg .= '...'; } $args[] = "'" . $arg . "'"; } } } } } } } echo '<b>' . $trace['function'] . '</b>(' . implode(', ', $args) . ') '; echo 'on line <code>' . (isset($trace['line']) ? $trace['line'] : 'unknown') . '</code> '; echo 'in <code>' . (isset($trace['file']) ? $trace['file'] : 'unknown') . "</code>\n"; echo str_repeat(" ", $level); } echo '</pre>'; } echo "<p>Exception was thrown on line <code>" . $e->getLine() . "</code> in <code>" . $e->getFile() . "</code></p>"; $dispatcher_status = Dispatcher::getStatus(); $dispatcher_status['request method'] = get_request_method(); debug_table($dispatcher_status, 'Dispatcher status'); if (!empty($_GET)) { debug_table($_GET, 'GET'); } if (!empty($_POST)) { debug_table($_POST, 'POST'); } if (!empty($_COOKIE)) { debug_table($_COOKIE, 'COOKIE'); } debug_table($_SERVER, 'SERVER'); }
function latest($limit = 0, $folder = null) { $folder = str_replace(':', '/', $folder); if (trim($folder)) { $_SESSION['assets_folder'] = $folder; } else { $folder = $_SESSION['assets_folder']; } if ('AJAX' == get_request_method()) { $this->setLayout(null); } $this->display('assets/views/latest', array('image_array' => assets_latest($limit, $folder))); }
public function index() { // WIDGET SETTINGS if (get_request_method() == "POST" && isset($_POST["widget_action"]) && isset($_POST["widget_secure_token"])) { if (DashboardWidgets::setWidgetSettings($_POST["widget_action"], $_POST)) { redirect(get_url("plugins/dashboard")); die; } } // RENDER DASHBOARD ob_start(); $this->renderDashboard(); $this->content = ob_get_contents(); ob_end_clean(); // OUTPUT $render = new View("../layouts/backend", array("content_for_layout" => $this->content)); $output = $render->render(); print $output; }
/** * Edit a page part form. * * @param id the id of the page part form to be edited */ public function edit($id) { if (!($page_part_form = Record::findByIdFrom('PagePartForm', $id))) { Flash::set('error', __('Page part form not found')); redirect(get_url(self::PLUGIN_URL)); } $data = self::Get_data(); if (get_request_method() == 'POST' && $this->check_constraints($data)) { $this->update($page_part_form, $data); } $this->display('edit', array('action' => 'edit', 'page_part_form' => $page_part_form, 'outline_structure' => $this->create_view('structure', array('structure' => self::Get_structure($page_part_form))))); }
function dashboard_events_widget_render() { global $dashboardEvents; if (get_request_method() == "POST") { if (isset($_POST["dashboard_events"]) && $_POST["dashboard_events"] == "clear_all") { $dashboardEvents->clear(); redirect(get_url("plugin/dashboard/")); die; } } $log_entries = Record::findAllFrom("DashboardLogEntry", "created_on=created_on ORDER BY created_on DESC"); $path = WOLF_PATH_WIDGETS . "events/"; ?> <form method="post" action=""> <table class="dashboardTable" cellpadding="0" cellspacing="0" border="0"> <thead> <tr> <th colspan="2"></th> <th><?php echo __("Event"); ?> </th> <th class="moment"><?php echo __("Time"); ?> <img src="<?php echo $path; ?> img/sort.png" /></th> </tr> </thead> <tbody> <?php $entrynum = 0; foreach ($log_entries as $entry) { ?> <tr class="<?php echo odd_even(); ?> "> <td class="hidden"><?php echo $entrynum; ?> </td> <td class="priority"> <img src="<?php echo $path; ?> img/<?php echo $entry->priority("string"); ?> .png" title="<?php echo $entry->priority("string"); ?> " /> </td> <td class="dashboardMessage"><?php echo $entry->message; ?> </td> <td class="date"> <a title="<?php echo $entry->created_on; ?> "><?php echo DateDifference::getString(new DateTime($entry->created_on)); ?> </a> </td> </tr> <?php $entrynum++; } ?> </tbody> </table> <p class="buttons"> <input type="hidden" name="dashboard_events" value="clear_all" /> <input type="submit" name="dashboard_action" value="<?php echo __("Clear all"); ?> " class="button" /> </p> </form> <?php }
/** * Action to edit a page. * * @aram int $id Page ID for page to edit. * @return <type> */ public function edit($id) { if (!is_numeric($id)) { redirect(get_url('page')); } // Check if trying to save. if (get_request_method() == 'POST') { return $this->_store('edit', $id); } $page = Page::findById($id); if (!$page) { Flash::set('error', __('Page not found!')); redirect(get_url('page')); } // check for protected page and editor user if (!AuthUser::hasPermission('page_edit') || !AuthUser::hasPermission('admin_edit') && $page->is_protected) { Flash::set('error', __('You do not have permission to access the requested page!')); redirect(get_url('page')); } // Encode the string to prevent page title input break // Unless people specify "Allow html in title" in the backend. // Then only replace double quotes. if (!Setting::get('allow_html_title')) { $page->title = html_encode($page->title); } else { $page->title = str_replace('"', '"', $page->title); } // find all page_part of this pages $page_parts = PagePart::findByPageId($id); if (empty($page_parts)) { $page_parts = array(new PagePart()); } // display things ... $this->setLayout('backend'); $this->display('page/edit', array('action' => 'edit', 'csrf_token' => SecureToken::generateToken(BASE_URL . 'page/edit'), 'page' => $page, 'tags' => $page->getTags(), 'filters' => Filter::findAll(), 'behaviors' => Behavior::findAll(), 'page_parts' => $page_parts, 'layouts' => Record::findAllFrom('Layout', '1=1 ORDER BY position'))); }
function edit_feature($id) { // check if trying to save if (get_request_method() == 'POST') { // form submission $this->_checkPermission(); if (isset($_POST['csrf_token'])) { $csrf_token = $_POST['csrf_token']; if (!SecureToken::validateToken($csrf_token, BASE_URL . 'facilities/edit_feature/' . $id)) { Flash::set('error', __('Invalid CSRF token found!')); redirect(get_url('facilities/edit_feature/' . $id)); } } else { Flash::set('error', __('No CSRF token found!')); redirect(get_url('facilities/edit_feature/' . $id)); } $data = $_POST['upload']; $path = str_replace('..', '', $data['path']); $overwrite = isset($data['overwrite']) ? true : false; $title = $_POST['title']; $featureimage = FeatureImage::findById($id); if (!empty($_FILES['upload_feature_file']['name']) && !file_exists(FILES_DIR . '/facilities/feature/' . $_FILES['upload_feature_file']['tmp_name'])) { $file = $this->upload_feature_file($featureimage->facilitiesid, $featureimage->id, $title, $_FILES['upload_feature_file']['name'], FILES_DIR . '/facilities/feature/', $_FILES['upload_feature_file']['tmp_name'], $overwrite); if ($file === false) { Flash::set('error', __('File has not been uploaded!')); redirect(get_url('facilities/edit_feature/' . $id)); } } else { $featureimage->title = $title; if (!$featureimage->save()) { Flash::set('error', __('Feature could not be saved!')); } else { Flash::set('success', __('Feature has been saved!')); } } if (isset($_POST['commit'])) { redirect(get_url('facilities/edit/' . $featureimage->facilitiesid)); } else { redirect(get_url('facilities/edit_feature/' . $id)); } } else { // display edit page $feature = FeatureImage::findById($id); $this->display('facilities/edit_feature', array('csrf_token' => SecureToken::generateToken(BASE_URL . 'facilities/edit_feature/' . $id), 'feature' => $feature)); } }
// Include the upload handler class require_once "handler.php"; $uploader = new UploadHandler(); // Specify the list of valid extensions, ex. array("jpeg", "xml", "bmp") $uploader->allowedExtensions = array(); // all files types allowed by default // Specify max file size in bytes. $uploader->sizeLimit = 20 * 1024 * 1024; // default is 10 MiB // Specify the input name set in the javascript. $uploader->inputName = "qqfile"; // matches Fine Uploader's default inputName value by default // If you want to use the chunking/resume feature, specify the folder to temporarily save parts. $uploader->chunksFolder = "chunks"; //$method = $_SERVER["REQUEST_METHOD"]; $method = get_request_method(); // This will retrieve the "intended" request method. Normally, this is the // actual method of the request. Sometimes, though, the intended request method // must be hidden in the parameters of the request. For example, when attempting to // send a DELETE request in a cross-origin environment in IE9 or older, it is not // possible to send a DELETE request. So, we send a POST with the intended method, // DELETE, in a "_method" parameter. function get_request_method() { global $HTTP_RAW_POST_DATA; // This should only evaluate to true if the Content-Type is undefined // or unrecognized, such as when XDomainRequest has been used to // send the request. if (isset($HTTP_RAW_POST_DATA)) { parse_str($HTTP_RAW_POST_DATA, $_POST); }
public function edit($id = null) { if (is_null($id)) { redirect(get_url('page')); } $page = Page::findById($id); if (!$page) { Flash::set('error', __('Page not found!')); redirect(get_url('page')); } // check for protected page and editor user if (!AuthUser::hasPermission('administrator') && !AuthUser::hasPermission('developer') && $page->is_protected) { Flash::set('error', __('You do not have permission to access the requested page!')); redirect(get_url('page')); } // check if trying to save if (get_request_method() == 'POST') { return $this->_edit($id); } // find all page_part of this pages $page_parts = PagePart::findByPageId($id); if (empty($page_parts)) { $page_parts = array(new PagePart()); } $tag_array = array(); foreach ($page->tags() as $tag) { $tag_array[] = $tag->name(); } // display things ... $this->setLayout('backend'); $this->display('page/edit', array('action' => 'edit', 'page' => $page, 'tags' => $tag_array, 'filters' => Filter::findAll(), 'behaviors' => Behavior::findAll(), 'page_parts' => $page_parts, 'layouts' => Layout::find(array('order' => 'position')))); }
public function add() { // check if trying to save if (get_request_method() == 'POST') { return $this->_add(); } // check if user have already enter something $news = Flash::get('post_data'); if (empty($news)) { $news = new News(); } $this->browse(); }
public function edit($id) { if (!($tag = Tagger::findById($id))) { Flash::set('error', __('Tag not found!')); redirect(get_url('plugin/tagger')); } // check if trying to save if (get_request_method() == 'POST') { return $this->_edit($id); } $this->display('tagger/views/edit', array('action' => 'edit', 'tag' => $tag)); }
public function edit($id) { if (!($testimonial = Testimonial::findById($id))) { Flash::set('error', __('Testimonial not found!')); redirect(get_url('testimonial')); } // check if trying to save if (get_request_method() == 'POST') { return $this->_edit($id); } //$testimonialgalleries = TestimonialImage::findByTestimonialId($id); //$features = FeatureImage::findByTestimonialId($id); $this->display('testimonial/edit', array('action' => 'edit', 'csrf_token' => SecureToken::generateToken(BASE_URL . 'testimonial/edit/' . $id), 'testimonial' => $testimonial, 'id' => $id, 'pages' => Record::findAllFrom('Page', 'parent_id=1 order by parent_id,position'))); }
public function delete() { global $pawUsers; // CHECK IF USER IS LOGGED IN if (!$pawUsers->isLoggedIn()) { $this->_redirect(get_url("login")); } // GET PARAMETER $input = func_get_args(); $input = array_slice(array_pad($input, 1, NULL), 0, 1); $input = array_combine(array("user"), $input); // GET USER if (is_numeric($input["user"]) && ($user = $pawUsers->getUser($input["user"], "id") !== false)) { $input["user"] = $user->username; } // GET POST $delete = false; if (get_request_method() === "POST" && isset($_POST["account"])) { $post = $_POST["account"]; if (isset($post["action"]) && $post["action"] == "delete") { $delete = $this->_action("delete", $post); $input["user"] = isset($post["user"]) ? $post["user"] : $input["user"]; } } // DISPLAY PAGE if ($delete === true) { $redirect = $pawUsers->config["redirect_pages"]["delete"]; if (defined("CMS_BACKEND") && CMS_BACKEND == true && startsWith($redirect, ADMIN_DIR . "/")) { $redirect = str_replace(ADMIN_DIR . "/", "", $redirect); } if (!startsWith($redirect, "http") && !startsWith($redirect, "www")) { $redirect = get_url($redirect); } $this->_redirect($redirect . "?success=delete"); } else { $this->display("../../plugins/paw_users/admin/account", array("action" => "delete", "input" => paw_xss_cleaner($input), "redirect" => $this->_redirect(false), "errors" => $this->errors, "success" => $this->success)); } }
public function add() { // check if trying to save if (get_request_method() == 'POST') { return $this->_add(); } // check if user have already enter something $about = Flash::get('post_data'); if (empty($about)) { $about = new About(); } // $this->display('about/index', array( // 'action' => 'add', // 'filters' => Filter::findAll(), // 'about' => $about // )); $this->browse(); }
public function edit($id) { if (!($pdf = Pdf::findById($id))) { Flash::set('error', __('Menu not found!')); redirect(get_url('pdf')); } // check if trying to save if (get_request_method() == 'POST') { return $this->_edit($id); } //$pdfgalleries = PdfImage::findByPdfId($id); //$locations = Location::findByPdfId($id); $this->display('pdf/edit', array('action' => 'edit', 'csrf_token' => SecureToken::generateToken(BASE_URL . 'pdf/edit/' . $id), 'pdf' => $pdf, 'id' => $id, 'pages' => Record::findAllFrom('Page', 'parent_id=1 order by parent_id,position'))); }