/** * Handles HTTP requests. * * If you are going to overload handleRequest, make sure that you start the method with $this->pushCurrent() * and end the method with $this->popCurrent(). Failure to do this will create weird session errors. * * @param $request The {@link HTTPRequest} object that is responsible for distributing request parsing. */ function handleRequest(HTTPRequest $request) { if(!$request) user_error("Controller::handleRequest() not passed a request!", E_USER_ERROR); $this->pushCurrent(); $this->urlParams = $request->allParams(); $this->request = $request; $this->response = new HTTPResponse(); // Init $this->baseInitCalled = false; $this->init(); if(!$this->baseInitCalled) user_error("init() method on class '$this->class' doesn't call Controller::init(). Make sure that you have parent::init() included.", E_USER_WARNING); // If we had a redirection or something, halt processing. if($this->response->isFinished()) { $this->popCurrent(); return $this->response; } $body = parent::handleRequest($request); if($body instanceof HTTPResponse) { if(isset($_REQUEST['debug_request'])) Debug::message("Request handler returned HTTPResponse object to $this->class controller; returning it without modification."); $this->response = $body; } else { if(is_object($body)) { if(isset($_REQUEST['debug_request'])) Debug::message("Request handler $body->class object to $this->class controller;, rendering with template returned by $body->class::getViewer()"); $body = $body->getViewer($request->latestParam('Action'))->process($body); } $this->response->setBody($body); } ContentNegotiator::process($this->response); HTTP::add_cache_headers($this->response); $this->popCurrent(); return $this->response; }
function run($requestParams) { if (isset($_GET['debug_profile'])) { Profiler::mark("Controller", "run"); } $this->pushCurrent(); $this->response = new HTTPResponse(); $this->requestParams = $requestParams; $this->action = isset($this->urlParams['Action']) ? str_replace("-", "_", $this->urlParams['Action']) : ""; if (!$this->action) { $this->action = 'index'; } // Check security on the controller if (!$this->checkAccessAction($this->action)) { user_error("Disallowed action: '{$this->action}' on controller '{$this->class}'", E_USER_ERROR); } // Init $this->baseInitCalled = false; $this->init(); if (!$this->baseInitCalled) { user_error("init() method on class '{$this->class}' doesn't call Controller::init(). Make sure that you have parent::init() included.", E_USER_WARNING); } // If we had a redirection or something, halt processing. if ($this->response->isFinished()) { $this->popCurrent(); return $this->response; } // Look at the action variables for forms $funcName = null; foreach ($this->requestParams as $paramName => $paramVal) { if (substr($paramName, 0, 7) == 'action_') { // Cleanup action_, _x and _y from image fields $funcName = preg_replace(array('/^action_/', '/_x$|_y$/'), '', $paramName); break; } } // Form handler if (isset($this->requestParams['executeForm']) && is_string($this->requestParams['executeForm'])) { if (isset($funcName)) { Form::set_current_action($funcName); } // Get the appropraite ocntroller: sometimes we want to get a form from another controller if (isset($this->requestParams['formController'])) { $formController = Director::getControllerForURL($this->requestParams['formController']); while (is_a($formController, 'NestedController')) { $formController = $formController->getNestedController(); } } else { $formController = $this; } // Create the form object $form = $formController; $formObjParts = explode('.', $this->requestParams['executeForm']); foreach ($formObjParts as $formMethod) { if (isset($_GET['debug_profile'])) { Profiler::mark("Calling {$formMethod}", "on {$form->class}"); } $form = $form->{$formMethod}(); if (isset($_GET['debug_profile'])) { Profiler::unmark("Calling {$formMethod}", "on {$form->class}"); } if (!$form) { break; } //user_error("Form method '" . $this->requestParams['executeForm'] . "' returns null in controller class '$this->class' ($_SERVER[REQUEST_URI])", E_USER_ERROR); } // Populate the form if (isset($_GET['debug_profile'])) { Profiler::mark("Controller", "populate form"); } if ($form) { $form->loadDataFrom($this->requestParams, true); // disregard validation if a single field is called if (!isset($_REQUEST['action_callfieldmethod'])) { $valid = $form->beforeProcessing(); if (!$valid) { $this->popCurrent(); return $this->response; } } else { $fieldcaller = $form->dataFieldByName($requestParams['fieldName']); if (is_a($fieldcaller, "TableListField")) { if ($fieldcaller->hasMethod('php')) { $valid = $fieldcaller->php($requestParams); if (!$valid) { exit; } } } } // If the action wasnt' set, choose the default on the form. if (!isset($funcName) && ($defaultAction = $form->defaultAction())) { $funcName = $defaultAction->actionName(); } if (isset($funcName)) { $form->setButtonClicked($funcName); } } else { user_error("No form (" . Session::get('CMSMain.currentPage') . ") returned by {$formController->class}->{$_REQUEST['executeForm']}", E_USER_WARNING); } if (isset($_GET['debug_profile'])) { Profiler::unmark("Controller", "populate form"); } if (!isset($funcName)) { user_error("No action button has been clicked in this form executon, and no default has been allowed", E_USER_ERROR); } // Protection against CSRF attacks if ($form->securityTokenEnabled()) { $securityID = Session::get('SecurityID'); if (!$securityID || !isset($this->requestParams['SecurityID']) || $securityID != $this->requestParams['SecurityID']) { // Don't show error on live sites, as spammers create a million of these if (!Director::isLive()) { trigger_error("Security ID doesn't match, possible CRSF attack.", E_USER_ERROR); } else { die; } } } // First, try a handler method on the controller if ($this->hasMethod($funcName) || !$form) { if (isset($_GET['debug_controller'])) { Debug::show("Found function {$funcName} on the controller"); } if (isset($_GET['debug_profile'])) { Profiler::mark("{$this->class}::{$funcName} (controller action)"); } $result = $this->{$funcName}($this->requestParams, $form); if (isset($_GET['debug_profile'])) { Profiler::unmark("{$this->class}::{$funcName} (controller action)"); } // Otherwise, try a handler method on the form object } else { if (isset($_GET['debug_controller'])) { Debug::show("Found function {$funcName} on the form object"); } if (isset($_GET['debug_profile'])) { Profiler::mark("{$form->class}::{$funcName} (form action)"); } $result = $form->{$funcName}($this->requestParams, $form); if (isset($_GET['debug_profile'])) { Profiler::unmark("{$form->class}::{$funcName} (form action)"); } } // Normal action } else { if (!isset($funcName)) { $funcName = $this->action; } if ($this->hasMethod($funcName)) { if (isset($_GET['debug_controller'])) { Debug::show("Found function {$funcName} on the {$this->class} controller"); } if (isset($_GET['debug_profile'])) { Profiler::mark("{$this->class}::{$funcName} (controller action)"); } $result = $this->{$funcName}($this->urlParams); if (isset($_GET['debug_profile'])) { Profiler::unmark("{$this->class}::{$funcName} (controller action)"); } } else { if (isset($_GET['debug_controller'])) { Debug::show("Running default action for {$funcName} on the {$this->class} controller"); } if (isset($_GET['debug_profile'])) { Profiler::mark("Controller::defaultAction({$funcName})"); } $result = $this->defaultAction($funcName, $this->urlParams); if (isset($_GET['debug_profile'])) { Profiler::unmark("Controller::defaultAction({$funcName})"); } } } // If your controller function returns an array, then add that data to the // default template if (is_array($result)) { $extended = $this->customise($result); $viewer = $this->getViewer($funcName); $result = $viewer->process($extended); } $this->response->setBody($result); if ($result) { ContentNegotiator::process($this->response); } // Set up HTTP cache headers HTTP::add_cache_headers($this->response); if (isset($_GET['debug_profile'])) { Profiler::unmark("Controller", "run"); } $this->popCurrent(); return $this->response; }
/** * Executes this controller, and return an {@link SS_HTTPResponse} object with the result. * * This method first does a few set-up activities: * - Push this controller ont to the controller stack - * see {@link Controller::curr()} for information about this. * - Call {@link init()} * - Defer to {@link RequestHandler->handleRequest()} to determine which action * should be executed * * Note: $requestParams['executeForm'] support was removed, * make the following change in your URLs: * "/?executeForm=FooBar" -> "/FooBar" * Also make sure "FooBar" is in the $allowed_actions of your controller class. * * Note: You should rarely need to overload run() - * this kind of change is only really appropriate for things like nested * controllers - {@link ModelAsController} and {@link RootURLController} * are two examples here. If you want to make more * orthodox functionality, it's better to overload {@link init()} or {@link index()}. * * Important: If you are going to overload handleRequest, * make sure that you start the method with $this->pushCurrent() * and end the method with $this->popCurrent(). * Failure to do this will create weird session errors. * * @param $request The {@link SS_HTTPRequest} object that is responsible * for distributing request parsing. * @return SS_HTTPResponse The response that this controller produces, * including HTTP headers such as redirection info */ public function handleRequest(SS_HTTPRequest $request, DataModel $model) { if (!$request) { user_error("Controller::handleRequest() not passed a request!", E_USER_ERROR); } $this->pushCurrent(); $this->urlParams = $request->allParams(); $this->request = $request; $this->response = new SS_HTTPResponse(); $this->setDataModel($model); $this->extend('onBeforeInit'); // Init $this->baseInitCalled = false; $this->init(); if (!$this->baseInitCalled) { user_error("init() method on class '{$this->class}' doesn't call Controller::init()." . "Make sure that you have parent::init() included.", E_USER_WARNING); } $this->extend('onAfterInit'); // If we had a redirection or something, halt processing. if ($this->response->isFinished()) { $this->popCurrent(); return $this->response; } $body = parent::handleRequest($request, $model); if ($body instanceof SS_HTTPResponse) { if (isset($_REQUEST['debug_request'])) { Debug::message("Request handler returned SS_HTTPResponse object to {$this->class} controller;" . "returning it without modification."); } $this->response = $body; } else { if ($body instanceof Object && $body->hasMethod('getViewer')) { if (isset($_REQUEST['debug_request'])) { Debug::message("Request handler {$body->class} object to {$this->class} controller;" . "rendering with template returned by {$body->class}::getViewer()"); } $body = $body->getViewer($request->latestParam('Action'))->process($body); } $this->response->setBody($body); } ContentNegotiator::process($this->response); HTTP::add_cache_headers($this->response); $this->popCurrent(); return $this->response; }
public function handleRequest($request) { $this->request = $request; $this->response = new SS_HTTPResponse(); $this->pushCurrent(); if ($request->getUrl() == 'Paste') { $this->submitPaste($request->postVars()); } $paste = $this->getCurrentPaste(); $id = trim($this->request->getVar('url'), '/'); if (strpos($id, '/') !== FALSE) { list($id, $func, $view) = explode('/', $id) + array('', '', ''); $func = DataObject::get_one('PHPVersion', 'FuncName = \'' . Convert::raw2sql($func) . '\''); } if (!empty($func)) { $this->response->setBody($func->executePaste($paste->Filename, $view)); } else { $this->response->setBody($paste->renderWith(array('Paste', 'Paste'))); } ContentNegotiator::process($this->response); $this->popCurrent(); return $this->response; }
public function handleRequest(SS_HTTPRequest $request, DataModel $model) { if (!$request) { user_error("Controller::handleRequest() not passed a request!", E_USER_ERROR); } $this->urlParams = $request->allParams(); $this->request = $request; $this->setDataModel($model); // Find our action or set to index if not found $action = $this->request->param("Action"); if (!$action) { $action = "index"; } $result = $this->{$action}($request); // Try to determine what response we are dealing with if ($result instanceof SS_HTTPResponse) { $this->response = $result; } else { $this->response = new SS_HTTPResponse(); $this->response->setBody($result); } // If we had a redirection or something, halt processing. if ($this->response->isFinished()) { return $this->response; } ContentNegotiator::process($this->response); HTTP::add_cache_headers($this->response); return $this->response; }
/** * Prepare the response (we can receive an assortment of response types (strings/objects/HTTPResponses) and * changes the controller response object appropriately * * @param SS_HTTPResponse|Object $response */ protected function prepareResponse($response) { if ($response instanceof SS_HTTPResponse) { if (isset($_REQUEST['debug_request'])) { Debug::message("Request handler returned SS_HTTPResponse object to {$this->class} controller;" . "returning it without modification."); } $this->setResponse($response); } else { if ($response instanceof Object && $response->hasMethod('getViewer')) { if (isset($_REQUEST['debug_request'])) { Debug::message("Request handler {$response->class} object to {$this->class} controller;" . "rendering with template returned by {$response->class}::getViewer()"); } $response = $response->getViewer($this->getAction())->process($response); } $this->getResponse()->setbody($response); } //deal with content if appropriate ContentNegotiator::process($this->getResponse()); //add cache headers HTTP::add_cache_headers($this->getResponse()); }