/** * Default action handler for this page * * @param SS_HTTPRequest $request * @return Object AfterPurchasePage */ public function afterPurchase(SS_HTTPRequest $request) { if ($request->isGET()) { if ($this->validateClickBankRequest) { $cbreceipt = $request->getVar('cbreceipt'); $cbpop = $request->getVar('cbpop'); $name = $request->getVar('cname'); $email = $request->getVar('cemail'); if (!empty($cbreceipt) && !empty($cbpop)) { if (ClickBankManager::validate_afterpurchase_request($request->getVars())) { $member = DataObject::get_one('Member', "Email = '{$email}'"); // make the member status to logged-in if ($member && $this->loginAfterClickBankRequestIsValid) { $member->logIn(); } // few handy replacement texts $content = $this->Content; $content = str_replace('$CBReceipt', $cbreceipt, $content); $content = str_replace('$CBName', $name, $content); $data = array('Title' => $this->Title, 'Content' => $content); return $this->customise($data)->renderWith(array('AfterPurchasePage' => 'Page')); } } } else { $data = array('Title' => $this->Title, 'Content' => $this->Content); return $this->customise($data)->renderWith(array('AfterPurchasePage' => 'Page')); } } return $this->redirect('/server-error'); }
public function index(SS_HTTPRequest $request) { if ($request->isGET()) { return $this->getNotifications($request); } if ($request->isPOST()) { return $this->postNotifications($request); } }
/** * Sends download request to registered members * * @param object GET 'filename' request * @return object HTTP request */ public function download(SS_HTTPRequest $request) { $filename = $request->param('Filename'); if (Member::currentUserID() && $request->isGET() && !empty($filename)) { $file = DB::query("SELECT Filename FROM File WHERE Name = '" . Convert::raw2sql($filename) . "'")->value(); if (!empty($file) && Director::fileExists($file)) { $file_contents = file_get_contents(Director::getAbsFile($file)); return SS_HTTPRequest::send_file($file_contents, $filename); } } return Security::permissionFailure($this); }
public function testHttpMethodOverrides() { $request = new SS_HTTPRequest('GET', 'admin/crm'); $this->assertTrue($request->isGET(), 'GET with no method override'); $request = new SS_HTTPRequest('POST', 'admin/crm'); $this->assertTrue($request->isPOST(), 'POST with no method override'); $request = new SS_HTTPRequest('GET', 'admin/crm', array('_method' => 'DELETE')); $this->assertTrue($request->isGET(), 'GET with invalid POST method override'); $request = new SS_HTTPRequest('POST', 'admin/crm', array(), array('_method' => 'DELETE')); $this->assertTrue($request->isDELETE(), 'POST with valid method override to DELETE'); $request = new SS_HTTPRequest('POST', 'admin/crm', array(), array('_method' => 'put')); $this->assertTrue($request->isPUT(), 'POST with valid method override to PUT'); $request = new SS_HTTPRequest('POST', 'admin/crm', array(), array('_method' => 'head')); $this->assertTrue($request->isHEAD(), 'POST with valid method override to HEAD '); $request = new SS_HTTPRequest('POST', 'admin/crm', array(), array('_method' => 'head')); $this->assertTrue($request->isHEAD(), 'POST with valid method override to HEAD'); $request = new SS_HTTPRequest('POST', 'admin/crm', array('_method' => 'head')); $this->assertTrue($request->isPOST(), 'POST with invalid method override by GET parameters to HEAD'); }
/** * Filter executed AFTER a request * * @param SS_HTTPRequest $request Request container object * @param SS_HTTPResponse $response Response output object * @param DataModel $model Current DataModel * @return boolean Whether to continue processing other filters. Null or true will continue processing (optional) */ public function postRequest(SS_HTTPRequest $request, SS_HTTPResponse $response, DataModel $model) { $debugbar = DebugBar::getDebugBar(); if (!$debugbar) { return; } // All queries have been displayed if (DebugBar::getShowQueries()) { exit; } $script = DebugBar::renderDebugBar(); // If the bar is not renderable, return early if (!$script) { return; } // Inject init script into the HTML response $body = $response->getBody(); if (strpos($body, '</body>') !== false) { $body = str_replace('</body>', $script . '</body>', $body); $response->setBody($body); } // Ajax support if (Director::is_ajax() && !headers_sent()) { if (DebugBar::IsAdminUrl() && !DebugBar::config()->enabled_in_admin) { return; } // Skip anything that is not a GET request if (!$request->isGET()) { return; } // Always enable in admin because everything is mostly loaded through ajax if (DebugBar::config()->ajax || DebugBar::IsAdminUrl()) { $headers = $debugbar->getDataAsHeaders(); // Prevent throwing js errors in case header size is too large if (is_array($headers)) { $debugbar->sendDataInHeaders(); } } } }
/** * All requests pass through here and are redirected depending on HTTP verb and params * * @param SS_HTTPRequest $request HTTP request * @return DataObjec|DataList DataObject/DataList result or stdClass on error */ public function handleQuery(SS_HTTPRequest $request) { //get requested model(s) details $model = $request->param('ClassName'); $id = $request->param('ID'); $response = false; $queryParams = $this->parseQueryParameters($request->getVars()); //validate Model name + store if ($model) { $model = $this->deSerializer->unformatName($model); if (!class_exists($model)) { return new RESTfulAPI_Error(400, "Model does not exist. Received '{$model}'."); } else { //store requested model data and query data $this->requestedData['model'] = $model; } } else { //if model missing, stop + return blank object return new RESTfulAPI_Error(400, "Missing Model parameter."); } //validate ID + store if (($request->isPUT() || $request->isDELETE()) && !is_numeric($id)) { return new RESTfulAPI_Error(400, "Invalid or missing ID. Received '{$id}'."); } else { if ($id !== NULL && !is_numeric($id)) { return new RESTfulAPI_Error(400, "Invalid ID. Received '{$id}'."); } else { $this->requestedData['id'] = $id; } } //store query parameters if ($queryParams) { $this->requestedData['params'] = $queryParams; } //check API access rules on model if (!RESTfulAPI::api_access_control($model, $request->httpMethod())) { return new RESTfulAPI_Error(403, "API access denied."); } //map HTTP word to module method if ($request->isGET()) { $result = $this->findModel($model, $id, $queryParams, $request); } elseif ($request->isPOST()) { $result = $this->createModel($model, $request); } elseif ($request->isPUT()) { $result = $this->updateModel($model, $id, $request); } elseif ($request->isDELETE()) { $result = $this->deleteModel($model, $id, $request); } else { return new RESTfulAPI_Error(403, "HTTP method mismatch."); } return $result; }
/** * Handle the url parsing for the documentation. In order to make this * user friendly this does some tricky things.. * * The urls which should work * / - index page * /en/sapphire - the index page of sapphire (shows versions) * /2.4/en/sapphire - the docs for 2.4 sapphire. * /2.4/en/sapphire/installation/ * * @return SS_HTTPResponse */ public function handleRequest(SS_HTTPRequest $request) { // if we submitted a form, let that pass if (!$request->isGET() || isset($_GET['action_results'])) { return parent::handleRequest($request); } $firstParam = $request->param('Action') ? $request->param('Action') : $request->shift(); $secondParam = $request->shift(); $thirdParam = $request->shift(); $this->Remaining = $request->shift(10); DocumentationService::load_automatic_registration(); // if no params passed at all then it's the homepage if (!$firstParam && !$secondParam && !$thirdParam) { return parent::handleRequest($request); } if ($firstParam) { // allow assets if ($firstParam == "assets") { return parent::handleRequest($request); } // check for permalinks if ($link = DocumentationPermalinks::map($firstParam)) { // the first param is a shortcode for a page so redirect the user to // the short code. $this->response = new SS_HTTPResponse(); $this->redirect($link, 301); // 301 permanent redirect return $this->response; } // check to see if the module is a valid module. If it isn't, then we // need to throw a 404. if (!DocumentationService::is_registered_entity($firstParam)) { return $this->throw404(); } $this->entity = $firstParam; $this->language = $secondParam; if (isset($thirdParam) && (is_numeric($thirdParam) || in_array($thirdParam, array('master', 'trunk')))) { $this->version = $thirdParam; } else { // current version so store one area para array_unshift($this->Remaining, $thirdParam); $this->version = false; } } // 'current' version mapping $entity = DocumentationService::is_registered_entity($this->entity, null, $this->getLang()); if ($entity) { $current = $entity->getStableVersion(); $version = $this->getVersion(); if (!$version) { $this->version = $current; } // Check if page exists, otherwise return 404 if (!$this->locationExists()) { return $this->throw404(); } return parent::handleRequest($request); } return $this->throw404(); }