public function member() { $EmailAddress = ""; $Member = ""; // Make sure the access is POST, not GET if (!$this->request->isPOST()) { return $this->httpError(403, 'Access Denied.'); } if (!defined('APPSEC')) { return $this->httpError(403, 'Access Denied.'); } // Make sure the APPSEC shared secret matches if ($this->request->postVar('APPSEC') != APPSEC) { return $this->httpError(403, 'Access Denied.'); } // Pull email address from POST variables $EmailAddress = $this->request->postVar('email'); // Sanitize the input $EmailAddress = convert::raw2sql($EmailAddress); // If an email address was provided, try to find a member with it if ($EmailAddress) { $Member = Member::get()->filter('Email', $EmailAddress)->first(); } $response = new SS_HTTPResponse(); // If a member was found return status 200 and 'OK' if ($Member && $Member->isFoundationMember()) { $response->setStatusCode(200); $response->setBody('OK'); $response->output(); } elseif ($EmailAddress) { $response->setStatusCode(404); $response->setBody('No Member Found.'); $response->output(); } else { $response->setStatusCode(500); $response->setBody('An error has occurred retrieving a member.'); $response->output(); } }
protected function write(array $record) { ini_set('display_errors', 0); // TODO: This coupling isn't ideal // See https://github.com/silverstripe/silverstripe-framework/issues/4484 if (\Controller::has_curr()) { $response = \Controller::curr()->getResponse(); } else { $response = new SS_HTTPResponse(); } // If headers have been sent then these won't be used, and may throw errors that we wont' want to see. if (!headers_sent()) { $response->setStatusCode($this->statusCode); $response->addHeader("Content-Type", $this->contentType); } else { // To supress errors aboot errors $response->setStatusCode(200); } $response->setBody($record['formatted']); $response->output(); return false === $this->bubble; }
public function returnToBrowser() { if ($this->ExternalLink) { return $this->ExternalLink; } else { if ($this->FileID) { if ($file = $this->File()) { return $file->AbsoluteURL(); } } else { $content = base64_decode($this->Content); $response = new SS_HTTPResponse($content, '200'); $response->addHeader('Content-Description', 'File Transfer'); $response->addHeader('Content-Type', $this->ContentType); if ($this->IsImage()) { $response->addHeader('Content-Disposition', 'inline; filename="' . basename($this->FileName) . '"'); } else { $response->addHeader('Content-Disposition', 'download; filename="' . basename($this->FileName) . '"'); } $response->addHeader('Content-Length', $this->Length); $response->output(); } } }
/** * Process the given URL, creating the appropriate controller and executing it. * * Request processing is handled as follows: * - Director::direct() creates a new SS_HTTPResponse object and passes this to Director::handleRequest(). * - Director::handleRequest($request) checks each of the Director rules and identifies a controller to handle this * request. * - Controller::handleRequest($request) is then called. This will find a rule to handle the URL, and call the rule * handling method. * - RequestHandler::handleRequest($request) is recursively called whenever a rule handling method returns a * RequestHandler object. * * In addition to request processing, Director will manage the session, and perform the output of the actual response * to the browser. * * @param $url String, the URL the user is visiting, without the querystring. * @uses handleRequest() rule-lookup logic is handled by this. * @uses Controller::run() Controller::run() handles the page logic for a Director::direct() call. */ static function direct($url) { // Validate $_FILES array before merging it with $_POST foreach ($_FILES as $k => $v) { if (is_array($v['tmp_name'])) { $v = ArrayLib::array_values_recursive($v['tmp_name']); foreach ($v as $tmpFile) { if ($tmpFile && !is_uploaded_file($tmpFile)) { user_error("File upload '{$k}' doesn't appear to be a valid upload", E_USER_ERROR); } } } else { if ($v['tmp_name'] && !is_uploaded_file($v['tmp_name'])) { user_error("File upload '{$k}' doesn't appear to be a valid upload", E_USER_ERROR); } } } $req = new SS_HTTPRequest(isset($_SERVER['X-HTTP-Method-Override']) ? $_SERVER['X-HTTP-Method-Override'] : $_SERVER['REQUEST_METHOD'], $url, $_GET, array_merge((array) $_POST, (array) $_FILES), @file_get_contents('php://input')); // @todo find better way to extract HTTP headers if (isset($_SERVER['HTTP_ACCEPT'])) { $req->addHeader("Accept", $_SERVER['HTTP_ACCEPT']); } if (isset($_SERVER['CONTENT_TYPE'])) { $req->addHeader("Content-Type", $_SERVER['CONTENT_TYPE']); } if (isset($_SERVER['HTTP_REFERER'])) { $req->addHeader("Referer", $_SERVER['HTTP_REFERER']); } // Load the session into the controller $session = new Session(isset($_SESSION) ? $_SESSION : null); $result = Director::handleRequest($req, $session); $session->inst_save(); // Return code for a redirection request if (is_string($result) && substr($result, 0, 9) == 'redirect:') { $response = new SS_HTTPResponse(); $response->redirect(substr($result, 9)); $response->output(); // Handle a controller } else { if ($result) { if ($result instanceof SS_HTTPResponse) { $response = $result; } else { $response = new SS_HTTPResponse(); $response->setBody($result); } // ?debug_memory=1 will output the number of bytes of memory used for this request if (isset($_REQUEST['debug_memory']) && $_REQUEST['debug_memory']) { Debug::message(sprintf("Peak memory usage in bytes: %s", number_format(memory_get_peak_usage(), 0))); } else { $response->output(); } //$controllerObj->getSession()->inst_save(); } } }
/** * Process the given URL, creating the appropriate controller and executing it. * * Request processing is handled as follows: * - Director::direct() creates a new SS_HTTPResponse object and passes this to Director::handleRequest(). * - Director::handleRequest($request) checks each of the Director rules and identifies a controller to handle this * request. * - Controller::handleRequest($request) is then called. This will find a rule to handle the URL, and call the rule * handling method. * - RequestHandler::handleRequest($request) is recursively called whenever a rule handling method returns a * RequestHandler object. * * In addition to request processing, Director will manage the session, and perform the output of the actual response * to the browser. * * @param $url String, the URL the user is visiting, without the querystring. * @uses handleRequest() rule-lookup logic is handled by this. * @uses Controller::run() Controller::run() handles the page logic for a Director::direct() call. */ static function direct($url, DataModel $model) { // Validate $_FILES array before merging it with $_POST foreach ($_FILES as $k => $v) { if (is_array($v['tmp_name'])) { $v = ArrayLib::array_values_recursive($v['tmp_name']); foreach ($v as $tmpFile) { if ($tmpFile && !is_uploaded_file($tmpFile)) { user_error("File upload '{$k}' doesn't appear to be a valid upload", E_USER_ERROR); } } } else { if ($v['tmp_name'] && !is_uploaded_file($v['tmp_name'])) { user_error("File upload '{$k}' doesn't appear to be a valid upload", E_USER_ERROR); } } } $req = new SS_HTTPRequest(isset($_SERVER['X-HTTP-Method-Override']) ? $_SERVER['X-HTTP-Method-Override'] : $_SERVER['REQUEST_METHOD'], $url, $_GET, array_merge((array) $_POST, (array) $_FILES), @file_get_contents('php://input')); // Load the request headers. If we're not running on Apache, then we // need to manually extract the headers from the $_SERVER array. if (function_exists('apache_request_headers')) { $headers = apache_request_headers(); } else { $headers = self::extract_request_headers($_SERVER); } foreach ($headers as $header => $value) { $req->addHeader($header, $value); } // Load the session into the controller $session = new Session(isset($_SESSION) ? $_SESSION : null); $result = Director::handleRequest($req, $session, $model); $session->inst_save(); // Return code for a redirection request if (is_string($result) && substr($result, 0, 9) == 'redirect:') { $response = new SS_HTTPResponse(); $response->redirect(substr($result, 9)); $response->output(); // Handle a controller } else { if ($result) { if ($result instanceof SS_HTTPResponse) { $response = $result; } else { $response = new SS_HTTPResponse(); $response->setBody($result); } // ?debug_memory=1 will output the number of bytes of memory used for this request if (isset($_REQUEST['debug_memory']) && $_REQUEST['debug_memory']) { Debug::message(sprintf("Peak memory usage in bytes: %s", number_format(memory_get_peak_usage(), 0))); } else { $response->output(); } //$controllerObj->getSession()->inst_save(); } } }