public function firstAction() { if (!$this->view->loginOk) { // Token is useful in the case that anonymous refresh is forbidden // and CRON task cannot be used with php command so the user can // set a CRON task to refresh his feeds by using token inside url $token = $this->view->conf->token; $token_param = Minz_Request::param('token', ''); $token_is_ok = $token != '' && $token == $token_param; $action = Minz_Request::actionName(); if (!(($token_is_ok || Minz_Configuration::allowAnonymousRefresh()) && $action === 'actualize')) { Minz_Error::error(403, array('error' => array(Minz_Translate::t('access_denied')))); } } }
/** * Lance le controller indiqué dans Request * Remplit le body de Response à partir de la Vue * @exception Minz_Exception */ public function run($ob = true) { $cache = new Minz_Cache(); // Le ob_start est dupliqué : sans ça il y a un bug sous Firefox // ici on l'appelle avec 'ob_gzhandler', après sans. // Vraisemblablement la compression fonctionne mais c'est sale // J'ignore les effets de bord :( if ($ob) { ob_start('ob_gzhandler'); } if (Minz_Cache::isEnabled() && !$cache->expired()) { if ($ob) { ob_start(); } $cache->render(); if ($ob) { $text = ob_get_clean(); } } else { $text = ''; //TODO: Clean this code while (Minz_Request::$reseted) { Minz_Request::$reseted = false; try { $this->createController('FreshRSS_' . Minz_Request::controllerName() . '_Controller'); $this->controller->init(); $this->controller->firstAction(); $this->launchAction(Minz_Request::actionName() . 'Action'); $this->controller->lastAction(); if (!Minz_Request::$reseted) { if ($ob) { ob_start(); } $this->controller->view()->build(); if ($ob) { $text = ob_get_clean(); } } } catch (Minz_Exception $e) { throw $e; } } if (Minz_Cache::isEnabled()) { $cache->cache($text); } } Minz_Response::setBody($text); }
/** * This action is called before every other action in that class. It is * the common boiler plate for every action. It is triggered by the * underlying framework. */ public function firstAction() { if (!FreshRSS_Auth::hasAccess()) { // Token is useful in the case that anonymous refresh is forbidden // and CRON task cannot be used with php command so the user can // set a CRON task to refresh his feeds by using token inside url $token = FreshRSS_Context::$user_conf->token; $token_param = Minz_Request::param('token', ''); $token_is_ok = $token != '' && $token == $token_param; $action = Minz_Request::actionName(); $allow_anonymous_refresh = FreshRSS_Context::$system_conf->allow_anonymous_refresh; if ($action !== 'actualize' || !($allow_anonymous_refresh || $token_is_ok)) { Minz_Error::error(403); } } }
/** * Lance le controller indiqué dans Request * Remplit le body de Response à partir de la Vue * @exception Minz_Exception */ public function run() { do { self::$needsReset = false; try { $this->createController(Minz_Request::controllerName()); $this->controller->init(); $this->controller->firstAction(); if (!self::$needsReset) { $this->launchAction(Minz_Request::actionName() . 'Action'); } $this->controller->lastAction(); if (!self::$needsReset) { $this->controller->view()->build(); } } catch (Minz_Exception $e) { throw $e; } } while (self::$needsReset); }
/** * Constructeur * Détermine si on utilise un layout ou non */ public function __construct() { $this->view_filename = APP_PATH . self::VIEWS_PATH_NAME . '/' . Minz_Request::controllerName() . '/' . Minz_Request::actionName() . '.phtml'; self::$title = Minz_Configuration::title(); }
/** * This action is called before every other action in that class. It is * the common boiler plate for every action. It is triggered by the * underlying framework. * * @todo clean up the access condition. */ public function firstAction() { if (!FreshRSS_Auth::hasAccess() && !(Minz_Request::actionName() === 'create' && !max_registrations_reached())) { Minz_Error::error(403); } }
/** * Constructeur * Détermine si on utilise un layout ou non */ public function __construct() { $this->change_view(Minz_Request::controllerName(), Minz_Request::actionName()); $conf = Minz_Configuration::get('system'); self::$title = $conf->title; }