public function index()
{
ipAddJsVariable('ipTranslationAreYouSure', __('Are you sure?', 'Ip-admin', false));
ipAddJs('Ip/Internal/Core/assets/js/angular.js');
ipAddJs('Ip/Internal/Pages/assets/js/pages.js');
ipAddJs('Ip/Internal/Pages/assets/js/pagesLayout.js');
ipAddJs('Ip/Internal/Pages/assets/js/menuList.js');
ipAddJs('Ip/Internal/Pages/assets/jstree/jstree.min.js');
ipAddJs('Ip/Internal/Pages/assets/js/jquery.pageTree.js');
ipAddJs('Ip/Internal/Pages/assets/js/jquery.pageProperties.js');
ipAddJs('Ip/Internal/Grid/assets/grid.js');
ipAddJs('Ip/Internal/Grid/assets/gridInit.js');
ipAddJs('Ip/Internal/Grid/assets/subgridField.js');
ipAddJsVariable('languageList', Helper::languageList());
ipAddJsVariable('ipPagesLanguagesPermission', ipAdminPermission('Languages'));
$menus = Model::getMenuList();
foreach ($menus as $key => &$menu) {
$default = 'top';
if ($key == 0) {
$default = 'bottom';
}
$menu['defaultPosition'] = Model::getDefaultMenuPagePosition($menu['alias'], false, $default);
$default = 'below';
$menu['defaultPositionWhenSelected'] = Model::getDefaultMenuPagePosition($menu['alias'], true, $default);
}
$menus = ipFilter('ipPagesMenuList', $menus);
ipAddJsVariable('menuList', $menus);
$variables = array('addPageForm' => Helper::addPageForm(), 'addMenuForm' => Helper::addMenuForm(), 'languagesUrl' => ipConfig()->baseUrl() . '?aa=Languages.index');
$layout = ipView('view/layout.php', $variables);
ipResponse()->setLayoutVariable('removeAdminContentWrapper', true);
ipAddJsVariable('listStylePageSize', ipGetOption('Pages.pageListSize', 30));
return $layout->render();
}
public function saveValue()
{
$request = \Ip\ServiceLocator::request();
$request->mustBePost();
$post = $request->getPost();
if (empty($post['fieldName'])) {
throw new \Exception('Missing required parameter');
}
$fieldName = $post['fieldName'];
if (!isset($post['value'])) {
throw new \Exception('Missing required parameter');
}
$value = $post['value'];
if (!in_array($fieldName, array('websiteTitle', 'websiteEmail')) && !(in_array($fieldName, array('automaticCron', 'cronPassword', 'removeOldRevisions', 'removeOldRevisionsDays', 'removeOldEmails', 'removeOldEmailsDays', 'allowAnonymousUploads', 'trailingSlash')) && ipAdminPermission('Config advanced'))) {
throw new \Exception('Unknown config value');
}
$emailValidator = new \Ip\Form\Validator\Email();
$error = $emailValidator->getError(array('value' => $value), 'value', \Ip\Form::ENVIRONMENT_ADMIN);
if ($fieldName === 'websiteEmail' && $error !== false) {
return $this->returnError($error);
}
if (in_array($fieldName, array('websiteTitle', 'websiteEmail'))) {
if (!isset($post['languageId'])) {
throw new \Exception('Missing required parameter');
}
$languageId = $post['languageId'];
$language = ipContent()->getLanguage($languageId);
ipSetOptionLang('Config.' . $fieldName, $value, $language->getCode());
} else {
ipSetOption('Config.' . $fieldName, $value);
}
return new \Ip\Response\Json(array(1));
}
/**
* @return \Ip\Menu\Item[]
*/
public static function getSubmenuItems()
{
$modules = self::getModuleNames();
$submenuItems = array();
if (0) {
// It is for translation engine to find following strings
__('Content', 'Ip-admin');
__('Pages', 'Ip-admin');
__('Design', 'Ip-admin');
__('Plugins', 'Ip-admin');
__('Config', 'Ip-admin');
__('Languages', 'Ip-admin');
__('System', 'Ip-admin');
}
foreach ($modules as $module) {
$menuItem = new \Ip\Menu\Item();
$title = $module;
if ($title == 'Email') {
$title = 'Email log';
}
$menuItem->setTitle(__($title, 'Ip-admin', false));
//
$menuItem->setUrl(ipActionUrl(array('aa' => $module . '.index')));
if (ipRoute()->controllerClass() == 'Ip\\Internal\\' . $module . '\\AdminController') {
$menuItem->markAsCurrent(true);
}
if (ipAdminPermission($module)) {
$submenuItems[] = $menuItem;
}
}
return $submenuItems;
}
public static function ipPagePropertiesForm($form, $info)
{
if (ipAdminPermission('Php')) {
$fieldset = new \Ip\Form\Fieldset(__('Php snippet', 'Php'));
$form->addFieldset($fieldset);
$form->addField(new CodeEditor(array('name' => 'rawCode', 'layout' => \Ip\Form\Field::LAYOUT_NO_LABEL, 'value' => Model::getRawCode($info['pageId']), 'mode' => 'php', 'css' => 'ipPluginPhp-editor')));
}
return $form;
}
public static function ipPageUpdated($data)
{
if (ipAdminPermission('Php')) {
if (!isset($data['rawCode'])) {
return;
}
Model::updateRawCode($data);
}
}
public static function ipBeforeController()
{
if (ipIsManagementState()) {
// Works only if admin is logged in (AJAX is sent to Admin Controller)
if (isset($_SESSION['module']['system']['adminJustLoggedIn']) && ipAdminPermission('Super admin')) {
ipAddJs('Ip/Internal/System/assets/usageStatistics.js');
ipAddJsVariable('ipSystemSendUsageStatistics', 1);
}
}
}
/**
* Upload file to temporary folder
*/
public function upload()
{
ipRequest()->mustBePost();
$post = ipRequest()->getPost();
if (isset($post['secureFolder']) && $post['secureFolder']) {
//upload to secure publicly not accessible folder.
if (!ipGetOption('Config.allowAnonymousUploads', 1)) {
throw new \Exception('Anonymous uploads are not enabled. You can enable them by turning on "anonymous uploads" configuration value in admin.');
} else {
//do nothing. Anonymous uploads are allowed to secure folder
}
$secureFolder = true;
} else {
$secureFolder = false;
$this->backendOnly();
if (!ipAdminPermission('Repository upload')) {
throw new \Ip\Exception('Permission denied');
}
}
$uploadModel = UploadModel::instance();
try {
$uploadModel->handlePlupload($secureFolder);
} catch (\Ip\Exception\Repository\Upload\ForbiddenFileExtension $e) {
// Return JSON-RPC response
$message = __('Forbidden file type.', 'Ip-admin');
ipLog()->info('Repository.invalidUploadedFileExtension: ' . $e->getMessage(), array('plugin' => 'Repository'));
// TODO JSONRPC
$answer = array('jsonrpc' => '2.0', 'error' => array('code' => $e->getCode(), 'message' => $message, 'id' => 'id'));
return new \Ip\Response\Json($answer);
} catch (\Ip\Exception\Repository\Upload $e) {
ipLog()->error('Repository.fileUploadError', array('plugin' => 'Repository', 'exception' => $e));
$message = __('Can\'t store uploaded file. Please check server configuration.', 'Ip-admin');
// TODO JSONRPC
$answer = array('jsonrpc' => '2.0', 'error' => array('code' => $e->getCode(), 'message' => $message, 'id' => 'id'));
return new \Ip\Response\Json($answer);
}
$fileName = $uploadModel->getUploadedFileName();
$file = $uploadModel->getUploadedFile();
$targetDir = $uploadModel->getTargetDir();
// Return JSON-RPC response
$answerArray = array("jsonrpc" => "2.0", "result" => null, "id" => "id", "fileName" => $fileName);
if (!$secureFolder) {
$answerArray['dir'] = $targetDir;
$answerArray['file'] = $file;
}
return new \Ip\Response\Json($answerArray);
}
public static function ipBeforeController()
{
if (ipIsManagementState() || ipRoute()->isAdmin() || ipRequest()->getQuery('ipDesignPreview')) {
ipAddJs('Ip/Internal/Core/assets/js/jquery-ui/jquery-ui.js');
ipAddJs('Ip/Internal/Repository/assets/ipRepository.js');
ipAddJs('Ip/Internal/Repository/assets/ipRepositoryUploader.js');
ipAddJs('Ip/Internal/Repository/assets/ipRepositoryAll.js');
ipAddJs('Ip/Internal/Repository/assets/ipRepositoryBuy.js');
ipAddJs('Ip/Internal/System/assets/market.js');
ipAddJs('Ip/Internal/Core/assets/js/easyXDM/easyXDM.min.js');
$marketUrl = ipConfig()->get('imageMarketUrl', 'http://market.impresspages.org/images-v1/');
$popupData = array('marketUrl' => $marketUrl, 'allowUpload' => ipAdminPermission('Repository upload'), 'allowRepository' => ipAdminPermission('Repository'));
ipAddJsVariable('ipRepositoryHtml', ipView('view/popup.php', $popupData)->render());
ipAddJsVariable('ipRepositoryTranslate_confirm_delete', __('Are you sure you want to delete selected files?', 'Ip-admin'));
ipAddJsVariable('ipRepositoryTranslate_delete_warning', __('Some of the selected files are still used somewhere on your website. Do you still want to remove them? ', 'Ip-admin'));
}
}
/**
* @param string $currentModule Name of the current (active) module
* @return \Ip\Internal\Admin\MenuItem[]
*/
public function getAdminMenuItems($currentModule)
{
$answer = array();
$modules = \Ip\Internal\Plugins\Model::getModules();
foreach ($modules as $module) {
// skipping modules that don't have 'index' (default) action in AdminController
$controllerClass = 'Ip\\Internal\\' . $module . '\\AdminController';
if (!class_exists($controllerClass) || !method_exists($controllerClass, 'index')) {
continue;
}
$moduleItem = new \Ip\Internal\Admin\MenuItem();
$moduleItem->setTitle(__($module, 'Ip-admin', false));
$moduleItem->setUrl(ipActionUrl(array('aa' => $module . '.index')));
$moduleItem->setIcon($this->getAdminMenuItemIcon($module));
if ($module == $currentModule) {
$moduleItem->markAsCurrent(true);
}
if (ipAdminPermission($module)) {
$answer[] = $moduleItem;
}
}
$plugins = \Ip\Internal\Plugins\Service::getActivePlugins();
foreach ($plugins as $plugin) {
$controllerClass = '\\Plugin\\' . $plugin['name'] . '\\AdminController';
if (!class_exists($controllerClass) || !method_exists($controllerClass, 'index')) {
continue;
}
$moduleItem = new \Ip\Internal\Admin\MenuItem();
$moduleItem->setTitle(__($plugin['title'], 'Ip-admin', false));
$moduleItem->setUrl(ipActionUrl(array('aa' => $plugin['name'])));
$moduleItem->setIcon($this->getAdminMenuItemIcon($plugin['name']));
if ($plugin['name'] == $currentModule) {
$moduleItem->markAsCurrent(true);
}
if (ipAdminPermission($plugin['name'])) {
$answer[] = $moduleItem;
}
}
$answer = ipFilter('ipAdminMenu', $answer);
return $answer;
}
/**
* @ignore
* @param Request $request
* @param array $options
* @param bool $subrequest
* @return Response\Json|Response\PageNotFound|Response\Redirect
* @throws Exception
* @ignore
*/
public function _handleOnlyRequest(\Ip\Request $request, $options = array(), $subrequest = true)
{
if (empty($options['skipInitEvents'])) {
\Ip\ServiceLocator::dispatcher()->_bindApplicationEvents();
}
$result = ipJob('ipRouteLanguage', array('request' => $request, 'relativeUri' => $request->getRelativePath()));
if ($result) {
$requestLanguage = $result['language'];
$routeLanguage = $requestLanguage->getCode();
ipRequest()->_setRoutePath($result['relativeUri']);
} else {
$routeLanguage = null;
$requestLanguage = ipJob('ipRequestLanguage', array('request' => $request));
ipRequest()->_setRoutePath($request->getRelativePath());
}
//find out and set locale
$locale = $requestLanguage->getCode();
if (strlen($locale) == '2') {
$locale = strtolower($locale) . '_' . strtoupper($locale);
} else {
$locale = str_replace('-', '_', $locale);
}
$locale .= '.utf8';
if ($locale == "tr_TR.utf8" && (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION < 5)) {
//Overcoming this bug https://bugs.php.net/bug.php?id=18556
setlocale(LC_COLLATE, $locale);
setlocale(LC_MONETARY, $locale);
setlocale(LC_NUMERIC, $locale);
setlocale(LC_TIME, $locale);
setlocale(LC_MESSAGES, $locale);
setlocale(LC_CTYPE, "en_US.utf8");
} else {
setLocale(LC_ALL, $locale);
}
setlocale(LC_NUMERIC, "C");
//user standard C syntax for numbers. Otherwise you will get funny things with when autogenerating CSS, etc.
ipContent()->_setCurrentLanguage($requestLanguage);
$_SESSION['ipLastLanguageId'] = $requestLanguage->getId();
if (empty($options['skipTranslationsInit'])) {
if (!empty($options['translationsLanguageCode'])) {
$languageCode = $options['translationsLanguageCode'];
} else {
$languageCode = $requestLanguage->getCode();
}
$this->initTranslations($languageCode);
}
if (empty($options['skipModuleInit'])) {
$this->modulesInit();
}
ipEvent('ipInitFinished');
$routeAction = ipJob('ipRouteAction', array('request' => $request, 'relativeUri' => ipRequest()->getRoutePath(), 'routeLanguage' => $routeLanguage));
if (!empty($routeAction)) {
if (!empty($routeAction['page'])) {
ipContent()->_setCurrentPage($routeAction['page']);
}
if (!empty($routeAction['environment'])) {
ipRoute()->setEnvironment($routeAction['environment']);
} else {
if (!empty($routeAction['controller']) && $routeAction['controller'] == 'AdminController') {
ipRoute()->setEnvironment(\Ip\Route::ENVIRONMENT_ADMIN);
} else {
ipRoute()->setEnvironment(\Ip\Route::ENVIRONMENT_PUBLIC);
}
}
if (!empty($routeAction['controller'])) {
ipRoute()->setController($routeAction['controller']);
}
if (!empty($routeAction['plugin'])) {
ipRoute()->setPlugin($routeAction['plugin']);
}
if (!empty($routeAction['name'])) {
ipRoute()->setName($routeAction['name']);
}
if (!empty($routeAction['action'])) {
ipRoute()->setAction($routeAction['action']);
}
}
//check for CSRF attack
if (empty($options['skipCsrfCheck']) && $request->isPost() && $request->getPost('securityToken') != $this->getSecurityToken() && (empty($routeAction['controller']) || $routeAction['controller'] != 'PublicController')) {
ipLog()->error('Core.possibleCsrfAttack', array('post' => ipRequest()->getPost()));
$data = array('status' => 'error');
if (ipConfig()->isDevelopmentEnvironment()) {
$data['errors'] = array('securityToken' => __('Possible CSRF attack. Please pass correct securityToken.', 'Ip-admin'));
}
// TODO JSONRPC
return new \Ip\Response\Json($data);
}
if (empty($routeAction)) {
$routeAction = array('plugin' => 'Core', 'controller' => 'PublicController', 'action' => 'pageNotFound');
}
$eventInfo = $routeAction;
if (!empty($routeAction['plugin'])) {
$plugin = $routeAction['plugin'];
$controller = $routeAction['controller'];
if (in_array($plugin, \Ip\Internal\Plugins\Model::getModules())) {
$controllerClass = 'Ip\\Internal\\' . $plugin . '\\' . $controller;
} else {
if (!in_array($plugin, \Ip\Internal\Plugins\Service::getActivePluginNames())) {
throw new \Ip\Exception("Plugin '" . esc($plugin) . "' doesn't exist or isn't activated.");
}
$controllerClass = 'Plugin\\' . $plugin . '\\' . $controller;
}
if (!class_exists($controllerClass)) {
throw new \Ip\Exception('Requested controller doesn\'t exist. ' . esc($controllerClass));
}
// check if user is logged in
if ($controller == 'AdminController' && !\Ip\Internal\Admin\Backend::userId()) {
if (ipConfig()->get('rewritesDisabled')) {
return new \Ip\Response\Redirect(ipConfig()->baseUrl() . 'index.php/admin');
} else {
return new \Ip\Response\Redirect(ipConfig()->baseUrl() . 'admin');
}
}
if ($controller == 'AdminController') {
if (!ipAdminPermission($plugin)) {
throw new \Ip\Exception('User has no permission to access ' . esc($plugin) . '');
}
}
$eventInfo['controllerClass'] = $controllerClass;
$eventInfo['controllerType'] = $controller;
}
if (empty($eventInfo['page'])) {
$eventInfo['page'] = null;
}
// change layout if safe mode
if (\Ip\Internal\Admin\Service::isSafeMode()) {
ipSetLayout(ipFile('Ip/Internal/Admin/view/safeModeLayout.php'));
} else {
if ($eventInfo['page']) {
ipSetLayout($eventInfo['page']->getLayout());
}
}
ipEvent('ipBeforeController', $eventInfo);
$controllerAnswer = ipJob('ipExecuteController', $eventInfo);
return $controllerAnswer;
}
public static function ipAdminNavbarCenterElements($elements, $info)
{
if (ipContent()->getCurrentPage() && ipAdminPermission('Content')) {
$revision = \Ip\ServiceLocator::content()->getCurrentRevision();
$revisions = \Ip\Internal\Revision::getPageRevisions(ipContent()->getCurrentPage()->getId());
$managementUrls = array();
$currentPageLink = ipContent()->getCurrentPage()->getLink();
foreach ($revisions as $value) {
$managementUrls[] = $currentPageLink . '?_revision=' . $value['revisionId'];
}
$data = array('revisions' => $revisions, 'currentRevision' => $revision, 'managementUrls' => $managementUrls, 'isPublished' => !\Ip\Internal\Content\Model::isRevisionModified($revision['revisionId']) && ipContent()->getCurrentPage()->isVisible(), 'isVisible' => ipContent()->getCurrentPage()->isvisible());
$elements[] = ipView('view/publishButton.php', $data);
}
return $elements;
}
/**
* Downloads file from $_POST['url'] and stores it in repository as $_POST['filename']. If desired filename is taken,
* selects some alternative unoccupied name.
*
* Outputs repository file properties in JSON format.
*
* @throws \Ip\Exception
*/
public function addFromUrl()
{
if (!ipAdminPermission('Repository upload')) {
throw new \Ip\Exception("Permission denied");
}
if (!isset($_POST['files']) || !is_array($_POST['files'])) {
throw new \Ip\Exception('Invalid parameters.');
}
$files = $_POST['files'];
if (function_exists('set_time_limit')) {
set_time_limit(count($files) * 60 + 30);
}
$answer = array();
foreach ($files as $file) {
if (!empty($file['url']) && !empty($file['title'])) {
$fileData = $this->downloadFile($file['url'], $file['title']);
if ($fileData) {
$answer[] = $fileData;
}
}
}
return new \Ip\Response\Json($answer);
}
public static function isManagementMode()
{
$backendLoggedIn = \Ip\Internal\Admin\Backend::loggedIn();
return $backendLoggedIn && !empty($_SESSION['Content']['managementMode']) && ipAdminPermission('Content') && !ipRequest()->getQuery('disableManagement');
//we can't check here if we are in a page. It will result in widget rendering in non management mode when widget is rendered using ajax
}