/** * Check user permissions and authentication */ public function checkAuth() { $user = User::getInstance(); $uid = false; if ($user->isAuthorized()) { $uid = $user->id; } if (!$uid) { if (Request::isAjax()) { Response::jsonError($this->_lang->MSG_AUTHORIZE); } else { $this->loginAction(); } } /* * Check CSRF token */ if ($this->_configFrontend->get('use_csrf_token') && Request::hasPost()) { $csrf = new Security_Csrf(); $csrf->setOptions(array('lifetime' => $this->_configFrontend->get('use_csrf_token_lifetime'), 'cleanupLimit' => $this->_configFrontend->get('use_csrf_token_garbage_limit'))); if (!$csrf->checkHeader() && !$csrf->checkPost()) { $this->_errorResponse($this->_lang->MSG_NEED_CSRF_TOKEN); } } $this->_user = $user; }
private function get_form_results() { if(!Request::hasPost()) return array(); if(!Validate::checkRequest('post', 'name', 'string')) $error_message['name'] = 'Please enter a value for your name.'; if(!Validate::checkRequest('post', 'email', 'string')) $error_message['email'] = 'Please enter a valid email address.'; if(!Validate::checkRequest('post', 'message', 'string')) $error_message['message'] = 'Please enter a message.'; if(!empty($error_message)) { return array( 'error_message' => $error_message, 'value' => Request::getPost()); } global $container; $sent = $container['mail'] ->addTo($container['config']->admin_email) ->setSubject('Site Contact') ->setPlainMessage( 'Name: ' . Request::getPost('name') . "\n" . 'Email: ' . Request::getPost('email') . "\n" . 'Message: ' . Request::getPost('message') ) ->send(); return array( 'success_message' => "Thank you for your message, " . Request::getPost('name') . "! I'll get back to you as soon as possible."); }
public function get() { $new = ''; $titulos = array(); $nombres = array(); $urls = array(); foreach ($this->idiomas as $idioma) { $titulos[$idioma] = Request::getPost("titulo_{$idioma}", ''); $nombres[$idioma] = Request::getPost("nombre_{$idioma}", ''); $urls[$idioma] = Request::getPost("url_{$idioma}", ''); } if ($this->inmueble->found() && !Request::hasPost('codigo')) { $new = str_pad(Inmuebles_Paginas::pos($this->inmueble->id) + 1, 4, '0', STR_PAD_LEFT); } return array('unique' => $this->unique, 'idiomas' => $this->idiomas, 'codigo' => $this->codigo, 'inmueble' => $this->inmueble, 'contenidos' => $this->contenidos, 'pagina' => Request::getPost('codigo', $new), 'tipo' => Request::getPost('tipo', 0), 'titulos' => $titulos, 'nombres' => $nombres, 'urls' => $urls); }
public function submit() { if (Request::hasPost('guardar')) { list($this->validationFlag, $this->validation) = Validation::check(array('nombre' => 'required', 'apellido' => 'required')); if ($this->validationFlag) { $nombre = Request::getPost('nombre'); $apellido = Request::getPost('apellido'); $correo = Request::getPost('correo'); $cargo = Request::getPost('cargo'); $telOficina = Request::getPost('tel_oficina'); $telOficinaInt = Request::getPost('tel_oficina_int'); $telCelular = Request::getPost('tel_celular'); $telFax = Request::getPost('tel_fax'); $telCasa = Request::getPost('tel_casa'); Db::update('personas', array('nombre' => $nombre, 'apellido' => $apellido, 'correo' => $correo, 'cargo' => $cargo, 'tel_oficina' => $telOficina, 'tel_oficina_int' => $telOficinaInt, 'tel_celular' => $telCelular, 'tel_fax' => $telFax, 'tel_casa' => $telCasa, 'fecha_modificacion' => time()), "id_personas = '{$this->idPersonas}'"); Response::setRedirect("/personas/{$this->idPersonas}"); } } }
public function init() { if (!Session::getInstance()->usuario) { return '/admin/ingresar'; } $new = ''; $this->idiomas = Translate::all(); if (!Request::hasPost('codigo')) { $new = str_pad(Inmuebles::count() + 1, 4, '0', STR_PAD_LEFT); } $this->values = array(); $this->values['codigo'] = Request::getPost('codigo', $new); foreach ($this->idiomas as $idioma) { $this->values["nombre_{$idioma}"] = Request::getPost("nombre_{$idioma}", ''); $this->values["titulo_{$idioma}"] = Request::getPost("titulo_{$idioma}", ''); $this->values["url_{$idioma}"] = Request::getPost("url_{$idioma}", ''); } return true; }
public function init($inmueble) { if (!Session::getInstance()->usuario) { return '/admin/ingresar'; } $this->inmuebleCodigo = $inmueble; $this->inmueble = new Inmuebles(); $this->inmueble->codigo = $this->inmuebleCodigo; $this->inmueble->queryAll(); if (!$this->inmueble->found()) { return true; } $new = ''; if (Request::hasPost('codigo')) { $this->codigo = Request::getPost('codigo', ''); } else { $this->codigo = str_pad(Inmuebles_Fotos::count(array('inmueble_id' => $this->inmueble->id)) + 1, 4, '0', STR_PAD_LEFT); } return true; }
public function submit() { if (Request::hasPost('guardar')) { list($this->validationFlag, $this->validation) = Validation::check(array('nombre' => 'required')); if ($this->validationFlag) { $nombre = Request::getPost('nombre'); $direccion1 = Request::getPost('direccion_1'); $direccion2 = Request::getPost('direccion_2'); $ciudad = Request::getPost('ciudad'); $estado = Request::getPost('estado'); $codPostal = Request::getPost('cod_postal'); $idPaises = Request::getPost('id_paises'); $web = Request::getPost('web'); $telOficina = Request::getPost('tel_oficina'); $telFax = Request::getPost('tel_fax'); Db::update('empresas', array('nombre' => $nombre, 'direccion_1' => $direccion1, 'direccion_2' => $direccion2, 'ciudad' => $ciudad, 'estado' => $estado, 'cod_postal' => $codPostal, 'id_paises' => $idPaises, 'web' => $web, 'tel_oficina' => $telOficina, 'tel_fax' => $telFax, 'fecha_modificacion' => time()), "id_empresas = '{$this->idEmpresas}'"); Response::setRedirect("/empresas/{$this->idEmpresas}"); } } }
public function activate() { // todo why is this responsible for checking on valid calls if (!Request::hasPost()) { return false; } if (!Request::getPost('submit') == 'Submit Comment') { return false; } if (Request::getPost('catch') !== '') { return false; } $errors = $this->checkValidation(); if (count($errors) > 0) { return $errors; } $commentId = $this->save(Request::getPost()); // todo broken notifications $this->redirectToComment($commentId); }
private function process_form() { if(!Request::hasPost() || Request::getPost('submit') != 'Send Message!') return (object) array('display' => 'normal'); Loader::load('utility', 'Validate'); $error_result = array(); if(!Validate::checkRequest('post', 'name', 'string')) $error_result['name'] = 'please enter your name'; if(!Validate::checkRequest('post', 'email', 'string')) $error_result['email'] = 'please enter a valid email'; if(!Validate::checkRequest('post', 'message', 'string')) $error_result['message'] = 'please write a message'; $values = (object) array( 'name' => Request::getPost('name'), 'email' => Request::getPost('email'), 'message' => Request::getPost('message')); if(count($error_result) > 0) { return (object) array( 'display' => 'error', 'messages' => $error_result, 'values' => $values); } global $container; $sent = $container['mail'] ->addTo($container['config']->admin_email) ->setSubject('Home Page Contact') ->setPlainMessage( "Name: {$values->name}\n" . "Email: {$values->email}\n" . "Message: {$values->message}" ) ->send(); return (object) array('display' => 'success'); }
/** * Returns controller name read from mvc_controller URL parameter * (POST has precedence over GET). If mvc_controller is not given, * falls back to default controller. * * @param Request $request * @return null */ public function route($request) { // Fallback: route to default controller and action. $controller = $this->getDefaultController(); // GET parameter overrides the default controller. if ($request->hasGet('mvc_controller')) { $controller = $request->get('mvc_controller'); } // POST parameter overrides GET parameter. if ($request->hasPost('mvc_controller')) { $controller = $request->post('mvc_controller'); } return $controller; }
/** * @covers spriebsch\MVC\Request::__construct * @covers spriebsch\MVC\Request::__call */ public function testHasPostReturnsFalseForEmptyGetValue() { $request = new Request(array(), array('key' => '')); $this->assertFalse($request->hasPost('key')); }
/** * Check user permissions and authentication */ public function checkAuth() { $user = User::getInstance(); $uid = false; if ($user->isAuthorized()) { $uid = $user->id; } if (!$uid || !$user->isAdmin()) { if (Request::isAjax()) { Response::jsonError($this->_lang->MSG_AUTHORIZE); } else { $this->loginAction(); } } /* * Check CSRF token */ if ($this->_configBackend->get('use_csrf_token') && Request::hasPost()) { $csrf = new Security_Csrf(); $csrf->setOptions(array('lifetime' => $this->_configBackend->get('use_csrf_token_lifetime'), 'cleanupLimit' => $this->_configBackend->get('use_csrf_token_garbage_limit'))); if (!$csrf->checkHeader() && !$csrf->checkPost()) { $this->_errorResponse($this->_lang->MSG_NEED_CSRF_TOKEN); } } $this->_user = $user; $isSysController = in_array(get_called_class(), $this->_configBackend->get('system_controllers'), true); if ($isSysController) { return; } if (!$this->_user->canView($this->_module)) { $this->_errorResponse($this->_lang->CANT_VIEW); } $moduleManager = new Backend_Modules_Manager(); // $modules = Config::factory(Config::File_Array , $this->_configMain['backend_modules']); /* * Redirect for undefined module */ if (!$moduleManager->isValidModule($this->_module)) { $this->_errorResponse($this->_lang->WRONG_REQUEST); } $moduleCfg = $moduleManager->getModuleConfig($this->_module); /* * Redirect for disabled module */ if ($moduleCfg['active'] == false) { $this->_errorResponse($this->_lang->CANT_VIEW); } /* * Redirect for dev module at prouction */ if ($moduleCfg['dev'] && !$this->_configMain['development']) { $this->_errorResponse($this->_lang->CANT_VIEW); } }
protected function actionWebsite() { // Default action // $this->action = ''; $this->mappy = new Mappy(); $this->twitter = new Twitter(); if (Request::isPost()) { $saved = false; if (Request::hasPost('save') && $this->twitter->connected()) { $idCountry = Request::getPost('country', 0); $idArea = Request::getPost('area', 0); $idLocality = Request::getPost('locality', 0); if (!$idCountry) { $countryName = Request::getPost('country_name', ''); $countryISO = Request::getPost('country_iso', ''); $countryCode = self::encode($countryName); $country = Db::fetchRow("SELECT countries.id_country\n , countries.code\n , countries.name\n , countries.iso\n FROM twcensus_countries AS countries\n WHERE countries.code = '{$countryCode}'\n AND countries.iso = '{$countryISO}'"); if ($country) { $idCountry = $country['id_country']; } else { $idCountry = Db::insert('twcensus_countries', array('code' => $countryCode, 'name' => $countryName, 'iso' => $countryISO)); } } if (!$idArea) { $areaName = Request::getPost('area_name', ''); $areaCode = self::encode($areaName); $area = Db::fetchRow("SELECT areas.id_area\n , areas.code\n , areas.name\n FROM twcensus_areas AS areas\n WHERE areas.id_country = '{$idCountry}'\n AND areas.code = '{$areaCode}'"); if ($area) { $idArea = $area['id_area']; } else { $idArea = Db::insert('twcensus_areas', array('id_country' => $idCountry, 'code' => $areaCode, 'name' => $areaName)); } } if (!$idLocality) { $localityName = Request::getPost('locality_name', ''); $localityCode = self::encode($localityName); $locality = Db::fetchRow("SELECT localities.id_locality\n , localities.code\n , localities.name\n FROM twcensus_localities AS localities\n WHERE localities.id_area = '{$idArea}'\n AND localities.code = '{$localityCode}'"); if ($locality) { $idLocality = $locality['id_locality']; } else { $idLocality = Db::insert('twcensus_localities', array('id_area' => $idArea, 'code' => $localityCode, 'name' => $localityName)); } } $info = array('id_country' => $idCountry, 'id_area' => $idArea, 'id_locality' => $idLocality, 'address' => Request::getPost('address', ''), 'x' => Request::getPost('coord_x', 0), 'y' => Request::getPost('coord_y', 0), 'sex' => Request::getPost('sex', 0), 'age' => Request::getPost('age', 0), 'saved' => time()); Db::update('twcensus_users', $info, array('id_user' => $this->twitter->getID())); $saved = true; } TwCensus::redirect('/' . ($saved ? '?saved' : '')); } elseif (Request::hasQuery('destroy')) { $this->twitter->destroy(); } elseif ($this->twitter->connected()) { $data = $this->twitter->credentials(); $info = array('name' => $data['name'], 'username' => $data['username'], 'location' => $data['location'], 'description' => $data['description'], 'image' => $data['image'], 'url' => $data['url'], 'token' => $this->twitter->getToken(), 'secret' => $this->twitter->getTokenSecret()); if ($this->exists($data['id'])) { $info['modified'] = time(); Db::update('twcensus_users', $info, array('id_user' => $data['id'])); } else { $info['id_user'] = $data['id']; $info['created'] = time(); Db::insert('twcensus_users', $info); } $this->select($data['id']); } elseif (Request::hasQuery('area')) { $this->area = Db::fetchRow("SELECT areas.id_area\n , areas.code\n , areas.name\n FROM twcensus_areas AS areas\n INNER JOIN twcensus_countries AS countries\n ON countries.id_country = areas.id_country\n AND countries.iso = '" . self::$config['country'] . "'\n WHERE areas.code = '" . Request::getQuery('area', '') . "'\n LIMIT 1"); } }
/** * Returns controller name read from mvc_controller URL parameter * (POST has precedence over GET). If mvc_controller is not given, * falls back to default controller. * * @param Request $request * @return null * @todo currently only cares about first role. Make work for array of roles. */ public function getControllerName(Request $request) { // Fallback: route to default controller and action. $controllerName = $this->defaultControllerName; // GET parameter overrides the default controller. if ($request->hasGet('mvc_controller')) { $controllerName = $request->get('mvc_controller'); } // POST parameter overrides GET parameter. if ($request->hasPost('mvc_controller')) { $controllerName = $request->post('mvc_controller'); } $roles = $this->authenticationAdapter->getRoles(); $role = $roles[0]; // If that controller is not allowed, select authentication controller. if (!$this->acl->isAllowed($role, $controllerName)) { $controllerName = $this->authenticationControllerName; } // @todo remember selected controller & action to back-direct later // @todo either redirect to auth controller (for anonymous) OR FAIL? return $controllerName; }
protected function handle_comment_submit($site_id, $path, $redirect_url, $page_title) { if(Request::hasPost() && Request::getPost('submit') == 'Submit Comment') { $parameters = array($site_id, $path, $redirect_url, $page_title); $this->comment_errors = Loader::loadNew('module', 'form/CommentSubmitModule', $parameters)->activate(); } return; }