public function postRequest(\SS_HTTPRequest $request, \SS_HTTPResponse $response, \DataModel $model) { if (defined('PROXY_CACHE_GENERATING') || isset($GLOBALS['__cache_publish']) || strpos($request->getURL(), 'admin/') !== false) { return; } $this->database = Db::getConn(); $queries = $this->database->queryRecord; $dupes = $this->database->getDuplicateQueries(); $str = "\n<!-- Total queries: " . count($queries) . "-->\n"; $str .= "\n<!-- Duplicate queries: " . count($dupes) . "-->\n"; $b = $response->getBody(); if (strpos($b, '</html>')) { if (count($queries) > $this->queryThreshold) { // add a floating div with info about the stuff $buildQueryList = function ($source, $class) { $html = ''; foreach ($source as $sql => $info) { $html .= "\n<p class='{$class}' style='display: none; border-top: 1px dashed #000;'>{$info->count} : {$info->query}</p>\n"; if ($info->source) { $html .= "\n<p class='{$class}' style='color: #a00; display: none; '>Last called from {$info->source}</p>\n"; } } return $html; }; $html = $buildQueryList($queries, 'debug-query'); $html .= $buildQueryList($dupes, 'debug-dupe-query'); $div = '<div id="query-stat-debugger" ' . 'style="position: fixed; bottom: 0; right: 0; border: 2px solid red; background: #fff; ' . 'font-size: 8px; font-family: sans-serif; width: 100px; z-index: 2000; padding: 1em;' . 'overflow: auto; max-height: 500px;">' . '<p id="debug-all-queries-list">Total of ' . count($queries) . ' queries</p>' . '<p id="debug-dupe-queries-list">Total of ' . count($dupes) . ' duplicates</p>' . $html . '<script>' . 'jQuery("#debug-all-queries-list").click(function () {' . 'var elems = jQuery(this).parent().find(".debug-query");' . 'jQuery(this).parent().css("width", "40%");' . 'elems.toggle();' . '}); ' . 'jQuery("#debug-dupe-queries-list").click(function () {' . 'var elems = jQuery(this).parent().find(".debug-dupe-query");' . 'jQuery(this).parent().css("width", "40%");' . 'elems.toggle();' . '}); ' . '' . '' . '</script>' . '</div>'; $b = str_replace('</body>', "{$div}</body>", $b); } $b = str_replace('</html>', "{$str}</html>", $b); $response->setBody($b); } }
public function load($request) { $response = new SS_HTTPResponse(); $response->addHeader('Content-Type', 'application/json'); $response->setBody(Convert::array2json(array("_memberID" => Member::currentUserID()))); return $response; }
public function load($request) { $response = new SS_HTTPResponse(); $response->addHeader('Content-Type', 'application/json'); $response->setBody(Convert::array2json(call_user_func($this->source, $request->getVar('val')))); return $response; }
public function postRequest(\SS_HTTPRequest $request, \SS_HTTPResponse $response, \DataModel $model) { if ($this->convertUrls && $response && $response->getStatusCode() == 200) { // only convert if we have an HTML content type response $body = $response->getBody(); // find urls inserted in content if (strpos($body, 'cdnfileid') > 0 && preg_match_all('/data-cdnfileid="(\\d+)"/', $body, $matches)) { $files = CdnImage::get()->filter('ID', $matches[1]); $fileIds = array(); foreach ($files as $file) { $url = $file->getUrl(); $filename = $file->Filename; $body = str_replace("src=\"{$filename}\"", "src=\"{$url}\"", $body); $fileIds[] = $file->ID; } $assets = ContentServiceAsset::get()->filter('SourceID', $matches[1]); foreach ($assets as $asset) { $url = $asset->getUrl(); $filename = $asset->Filename; // note the extra forward slash here, image_cached inserts it $body = str_replace("src=\"/{$filename}\"", "src=\"{$url}\"", $body); } $response->setBody($body); } } }
public function handleRequest(SS_HTTPRequest $request, DataModel $model = NULL) { $body = null; $lang = i18n::get_locale(); $path = Config::inst()->get('UniversalErrorPage', 'DefaultPath'); if (!$path) { $path = $this->defaultErrorPagePath; } $forCode = Config::inst()->get('UniversalErrorPage', $this->ErrorCode); $localeForCode = preg_replace('/\\.([a-z]+)$/i', '-' . $lang . '.$1', $forCode); $errorPages = array($localeForCode, $forCode, $path . "error-{$this->ErrorCode}-{$lang}.html", $path . "error-{$this->ErrorCode}-{$lang}.php", $path . "error-{$lang}.html", $path . "error-{$lang}.php", $path . 'error.html', $path . 'error.php'); $this->extend('updateHandleRequest', $errorPages); // now check if any of the pages exist foreach ($errorPages as $errorPage) { if (!$body && file_exists($errorPage)) { $ext = pathinfo($errorPage, PATHINFO_EXTENSION); if ($ext == 'php') { ob_start(); include $errorPage; $body = ob_get_clean(); } else { $body = file_get_contents($errorPage); } break; } } if ($body) { $response = new SS_HTTPResponse(); $response->setStatusCode($this->ErrorCode); $response->setBody($body); return $response; } return parent::handleRequest($request, $model); }
/** * Returns a JSON string of tags, for lazy loading. * * @param SS_HTTPRequest $request * * @return SS_HTTPResponse */ public function suggest(SS_HTTPRequest $request) { $members = $this->getMembers($request->getVar('term')); $response = new SS_HTTPResponse(); $response->addHeader('Content-Type', 'application/json'); $response->setBody(json_encode($members)); return $response; }
function testContentLengthHeader() { $r = new SS_HTTPResponse('123ü'); $this->assertNotNull($r->getHeader('Content-Length'), 'Content-length header is added'); $this->assertEquals(5, $r->getHeader('Content-Length'), 'Header matches actual content length in bytes'); $r->setBody('1234ü'); $this->assertEquals(6, $r->getHeader('Content-Length'), 'Header is updated when body is changed'); }
/** * Filter executed AFTER a request * * @param SS_HTTPRequest $request Request container object * @param SS_HTTPResponse $response Response output object * @param DataModel $model Current DataModel * @return boolean Whether to continue processing other filters. Null or true will continue processing (optional) */ public function postRequest(SS_HTTPRequest $request, SS_HTTPResponse $response, DataModel $model) { if (!self::isEnabled()) { return true; } $body = $response->getBody(); $response->setBody(self::replaceCDN($body)); return true; }
public function postRequest(\SS_HTTPRequest $request, \SS_HTTPResponse $response, \DataModel $model) { $time = sprintf('%.3f ms', microtime(true) - $this->start); $response->addHeader('X-SilverStripe-Time', $time); $b = $response->getBody(); if (strpos($b, '</html>')) { $b = str_replace('</html>', "\n<!-- Generated in {$time} -->\n</html>", $b); $response->setBody($b); } }
/** * Require basic authentication. Will request a username and password if none is given. * * Used by {@link Controller::init()}. * * @throws SS_HTTPResponse_Exception * * @param string $realm * @param string|array $permissionCode Optional * @param boolean $tryUsingSessionLogin If true, then the method with authenticate against the * session log-in if those credentials are disabled. * @return Member $member */ public static function requireLogin($realm, $permissionCode = null, $tryUsingSessionLogin = true) { $isRunningTests = class_exists('SapphireTest', false) && SapphireTest::is_running_test(); if (!Security::database_is_ready() || Director::is_cli() && !$isRunningTests) { return true; } /* * Enable HTTP Basic authentication workaround for PHP running in CGI mode with Apache * Depending on server configuration the auth header may be in HTTP_AUTHORIZATION or * REDIRECT_HTTP_AUTHORIZATION * * The follow rewrite rule must be in the sites .htaccess file to enable this workaround * RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] */ $authHeader = isset($_SERVER['HTTP_AUTHORIZATION']) ? $_SERVER['HTTP_AUTHORIZATION'] : (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) ? $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] : null); $matches = array(); if ($authHeader && preg_match('/Basic\\s+(.*)$/i', $authHeader, $matches)) { list($name, $password) = explode(':', base64_decode($matches[1])); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } $member = null; if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { $member = MoreAdminsAuthenticator::authenticate(array('Email' => $_SERVER['PHP_AUTH_USER'], 'Password' => $_SERVER['PHP_AUTH_PW']), null); } if (!$member && $tryUsingSessionLogin) { $member = Member::currentUser(); } // If we've failed the authentication mechanism, then show the login form if (!$member) { $response = new SS_HTTPResponse(null, 401); $response->addHeader('WWW-Authenticate', "Basic realm=\"{$realm}\""); if (isset($_SERVER['PHP_AUTH_USER'])) { $response->setBody(_t('BasicAuth.ERRORNOTREC', "That username / password isn't recognised")); } else { $response->setBody(_t('BasicAuth.ENTERINFO', "Please enter a username and password.")); } // Exception is caught by RequestHandler->handleRequest() and will halt further execution $e = new SS_HTTPResponse_Exception(null, 401); $e->setResponse($response); throw $e; } if ($permissionCode && !Permission::checkMember($member->ID, $permissionCode)) { $response = new SS_HTTPResponse(null, 401); $response->addHeader('WWW-Authenticate', "Basic realm=\"{$realm}\""); if (isset($_SERVER['PHP_AUTH_USER'])) { $response->setBody(_t('BasicAuth.ERRORNOTADMIN', "That user is not an administrator.")); } // Exception is caught by RequestHandler->handleRequest() and will halt further execution $e = new SS_HTTPResponse_Exception(null, 401); $e->setResponse($response); throw $e; } return $member; }
/** * Adds Intercom script tags just before the body */ public function postRequest(SS_HTTPRequest $request, SS_HTTPResponse $response, DataModel $model) { $mime = $response->getHeader('Content-Type'); if (!$mime || strpos($mime, 'text/html') !== false) { $intercomScriptTags = (new intercomScriptTags())->forTemplate(); if ($intercomScriptTags) { $content = $response->getBody(); $content = preg_replace("/(<\\/body[^>]*>)/i", $intercomScriptTags . "\\1", $content); $response->setBody($content); } } }
public function member() { $EmailAddress = ""; $Member = ""; // Make sure the access is POST, not GET if (!$this->request->isPOST()) { return $this->httpError(403, 'Access Denied.'); } if (!defined('APPSEC')) { return $this->httpError(403, 'Access Denied.'); } // Make sure the APPSEC shared secret matches if ($this->request->postVar('APPSEC') != APPSEC) { return $this->httpError(403, 'Access Denied.'); } // Pull email address from POST variables $EmailAddress = $this->request->postVar('email'); // Sanitize the input $EmailAddress = convert::raw2sql($EmailAddress); // If an email address was provided, try to find a member with it if ($EmailAddress) { $Member = Member::get()->filter('Email', $EmailAddress)->first(); } $response = new SS_HTTPResponse(); // If a member was found return status 200 and 'OK' if ($Member && $Member->isFoundationMember()) { $response->setStatusCode(200); $response->setBody('OK'); $response->output(); } elseif ($EmailAddress) { $response->setStatusCode(404); $response->setBody('No Member Found.'); $response->output(); } else { $response->setStatusCode(500); $response->setBody('An error has occurred retrieving a member.'); $response->output(); } }
public function load($request) { $response = new SS_HTTPResponse(); $response->addHeader('Content-Type', 'application/json'); $items = call_user_func($this->source, $request->getVar('val')); $results = array(); if ($items) { foreach ($items as $k => $v) { $results[] = array('k' => $k, 'v' => $v); } } $response->setBody(Convert::array2json($results)); return $response; }
/** * Get all content as a javascript-compatible string (only if there is an Ajax-Request present). * Falls back to {non_ajax_content}, {redirect_url} or Director::redirectBack() (in this order). * * @return string */ static function respond() { $response = new SS_HTTPResponse(); // we don't want non-ajax calls to receive javascript if (isset($_REQUEST['forcehtml'])) { $response->setBody(self::$non_ajax_content); } else { if (isset($_REQUEST['forceajax']) || Director::is_ajax()) { $response->addHeader('Content-Type', 'text/javascript'); $response->setBody(self::get_javascript()); } elseif (!empty(self::$non_ajax_content)) { $response->setBody(self::$non_ajax_content); } elseif (!empty(self::$redirect_url)) { Director::redirect(self::$redirect_url); return null; } elseif (!Director::redirected_to()) { Director::redirectBack(); return null; } else { return null; } } return $response; }
/** * Get a {@link SS_HTTPResponse} to response to a HTTP error code if an {@link ErrorPage} for that code is present. * * @param int $statusCode * @return SS_HTTPResponse */ public static function response_for($statusCode) { // first attempt to dynamically generate the error page if ($errorPage = DataObject::get_one('ErrorPage', "\"ErrorCode\" = {$statusCode}")) { return ModelAsController::controller_for($errorPage)->handleRequest(new SS_HTTPRequest('GET', ''), DataModel::inst()); } // then fall back on a cached version $cachedPath = self::get_filepath_for_errorcode($statusCode, class_exists('Translatable') ? Translatable::get_current_locale() : null); if (file_exists($cachedPath)) { $response = new SS_HTTPResponse(); $response->setStatusCode($statusCode); $response->setBody(file_get_contents($cachedPath)); return $response; } }
/** * Require basic authentication. Will request a username and password if none is given. * * Used by {@link Controller::init()}. * * @throws SS_HTTPResponse_Exception * * @param string $realm * @param string|array $permissionCode Optional * @param boolean $tryUsingSessionLogin If true, then the method with authenticate against the * session log-in if those credentials are disabled. * @return Member $member */ public static function requireLogin($realm, $permissionCode = null, $tryUsingSessionLogin = true) { $isRunningTests = class_exists('SapphireTest', false) && SapphireTest::is_running_test(); if (!Security::database_is_ready() || Director::is_cli() && !$isRunningTests) { return true; } $matches = array(); if (isset($_SERVER['HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1])); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } $member = null; if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { $member = MemberAuthenticator::authenticate(array('Email' => $_SERVER['PHP_AUTH_USER'], 'Password' => $_SERVER['PHP_AUTH_PW']), null); } if (!$member && $tryUsingSessionLogin) { $member = Member::currentUser(); } // If we've failed the authentication mechanism, then show the login form if (!$member) { $response = new SS_HTTPResponse(null, 401); $response->addHeader('WWW-Authenticate', "Basic realm=\"{$realm}\""); if (isset($_SERVER['PHP_AUTH_USER'])) { $response->setBody(_t('BasicAuth.ERRORNOTREC', "That username / password isn't recognised")); } else { $response->setBody(_t('BasicAuth.ENTERINFO', "Please enter a username and password.")); } // Exception is caught by RequestHandler->handleRequest() and will halt further execution $e = new SS_HTTPResponse_Exception(null, 401); $e->setResponse($response); throw $e; } if ($permissionCode && !Permission::checkMember($member->ID, $permissionCode)) { $response = new SS_HTTPResponse(null, 401); $response->addHeader('WWW-Authenticate', "Basic realm=\"{$realm}\""); if (isset($_SERVER['PHP_AUTH_USER'])) { $response->setBody(_t('BasicAuth.ERRORNOTADMIN', "That user is not an administrator.")); } // Exception is caught by RequestHandler->handleRequest() and will halt further execution $e = new SS_HTTPResponse_Exception(null, 401); $e->setResponse($response); throw $e; } return $member; }
/** * Executes this controller, and return an {@link SS_HTTPResponse} object with the result. * * This method first does a few set-up activities: * - Push this controller ont to the controller stack - * see {@link Controller::curr()} for information about this. * - Call {@link init()} * - Defer to {@link RequestHandler->handleRequest()} to determine which action * should be executed * * Note: $requestParams['executeForm'] support was removed, * make the following change in your URLs: * "/?executeForm=FooBar" -> "/FooBar" * Also make sure "FooBar" is in the $allowed_actions of your controller class. * * Note: You should rarely need to overload run() - * this kind of change is only really appropriate for things like nested * controllers - {@link ModelAsController} and {@link RootURLController} * are two examples here. If you want to make more * orthodox functionality, it's better to overload {@link init()} or {@link index()}. * * Important: If you are going to overload handleRequest, * make sure that you start the method with $this->pushCurrent() * and end the method with $this->popCurrent(). * Failure to do this will create weird session errors. * * @param $request The {@link SS_HTTPRequest} object that is responsible * for distributing request parsing. * @return SS_HTTPResponse The response that this controller produces, * including HTTP headers such as redirection info */ function handleRequest(SS_HTTPRequest $request, DataModel $model) { if(!$request) user_error("Controller::handleRequest() not passed a request!", E_USER_ERROR); $this->pushCurrent(); $this->urlParams = $request->allParams(); $this->request = $request; $this->response = new SS_HTTPResponse(); $this->setModel($model); $this->extend('onBeforeInit'); // Init $this->baseInitCalled = false; $this->init(); if(!$this->baseInitCalled) user_error("init() method on class '$this->class' doesn't call Controller::init(). Make sure that you have parent::init() included.", E_USER_WARNING); $this->extend('onAfterInit'); // If we had a redirection or something, halt processing. if($this->response->isFinished()) { $this->popCurrent(); return $this->response; } $body = parent::handleRequest($request, $model); if($body instanceof SS_HTTPResponse) { if(isset($_REQUEST['debug_request'])) Debug::message("Request handler returned SS_HTTPResponse object to $this->class controller; returning it without modification."); $this->response = $body; } else { if(is_object($body)) { if(isset($_REQUEST['debug_request'])) Debug::message("Request handler $body->class object to $this->class controller;, rendering with template returned by $body->class::getViewer()"); $body = $body->getViewer($request->latestParam('Action'))->process($body); } $this->response->setBody($body); } ContentNegotiator::process($this->response); HTTP::add_cache_headers($this->response); $this->popCurrent(); return $this->response; }
/** * Get a {@link SS_HTTPResponse} to response to a HTTP error code if an * {@link ErrorPage} for that code is present. First tries to serve it * through the standard SilverStripe request method. Falls back to a static * file generated when the user hit's save and publish in the CMS * * @param int $statusCode * * @return SS_HTTPResponse */ public static function response_for($statusCode) { // first attempt to dynamically generate the error page $errorPage = ErrorPage::get()->filter(array("ErrorCode" => $statusCode))->first(); if ($errorPage) { Requirements::clear(); Requirements::clear_combined_files(); return ModelAsController::controller_for($errorPage)->handleRequest(new SS_HTTPRequest('GET', ''), DataModel::inst()); } // then fall back on a cached version $cachedPath = self::get_filepath_for_errorcode($statusCode, class_exists('Translatable') ? Translatable::get_current_locale() : null); if (file_exists($cachedPath)) { $response = new SS_HTTPResponse(); $response->setStatusCode($statusCode); $response->setBody(file_get_contents($cachedPath)); return $response; } }
/** * Filter executed AFTER a request * * @param SS_HTTPRequest $request Request container object * @param SS_HTTPResponse $response Response output object * @param DataModel $model Current DataModel * @return boolean Whether to continue processing other filters. Null or true will continue processing (optional) */ public function postRequest(SS_HTTPRequest $request, SS_HTTPResponse $response, DataModel $model) { $code = $response->getStatusCode(); $error_page_path = Director::baseFolder() . "/errors_pages/ui/{$code}/index.html"; if (!$request->isAjax() && file_exists($error_page_path)) { //clean buffer ob_clean(); $page_file = fopen($error_page_path, "r") or die("Unable to open file!"); $body = fread($page_file, filesize($error_page_path)); fclose($page_file); // set content type $response->addHeader('Content-Type', 'text/html'); $response->setBody($body); $response->setStatusCode(200); return true; } return true; }
/** * Filter executed AFTER a request * * @param SS_HTTPRequest $request Request container object * @param SS_HTTPResponse $response Response output object * @param DataModel $model Current DataModel * @return boolean Whether to continue processing other filters. Null or true will continue processing (optional) */ public function postRequest(SS_HTTPRequest $request, SS_HTTPResponse $response, DataModel $model) { $debugbar = DebugBar::getDebugBar(); if (!$debugbar) { return; } // All queries have been displayed if (DebugBar::getShowQueries()) { exit; } $script = DebugBar::renderDebugBar(); // If the bar is not renderable, return early if (!$script) { return; } // Inject init script into the HTML response $body = $response->getBody(); if (strpos($body, '</body>') !== false) { $body = str_replace('</body>', $script . '</body>', $body); $response->setBody($body); } // Ajax support if (Director::is_ajax() && !headers_sent()) { if (DebugBar::IsAdminUrl() && !DebugBar::config()->enabled_in_admin) { return; } // Skip anything that is not a GET request if (!$request->isGET()) { return; } // Always enable in admin because everything is mostly loaded through ajax if (DebugBar::config()->ajax || DebugBar::IsAdminUrl()) { $headers = $debugbar->getDataAsHeaders(); // Prevent throwing js errors in case header size is too large if (is_array($headers)) { $debugbar->sendDataInHeaders(); } } } }
protected function write(array $record) { ini_set('display_errors', 0); // TODO: This coupling isn't ideal // See https://github.com/silverstripe/silverstripe-framework/issues/4484 if (\Controller::has_curr()) { $response = \Controller::curr()->getResponse(); } else { $response = new SS_HTTPResponse(); } // If headers have been sent then these won't be used, and may throw errors that we wont' want to see. if (!headers_sent()) { $response->setStatusCode($this->statusCode); $response->addHeader("Content-Type", $this->contentType); } else { // To supress errors aboot errors $response->setStatusCode(200); } $response->setBody($record['formatted']); $response->output(); return false === $this->bubble; }
/** * Display an error page on invalid request. * * @parameter <{ERROR_CODE}> integer * @parameter <{ERROR_MESSAGE}> string */ public function httpError($code, $message = null) { // Determine the error page for the given status code. $errorPages = ClassInfo::exists('SiteTree') ? ErrorPage::get()->filter('ErrorCode', $code) : null; // Allow extension customisation. $this->extend('updateErrorPages', $errorPages); // Retrieve the error page response. if ($errorPages && ($errorPage = $errorPages->first())) { Requirements::clear(); Requirements::clear_combined_files(); $response = ModelAsController::controller_for($errorPage)->handleRequest(new SS_HTTPRequest('GET', ''), DataModel::inst()); throw new SS_HTTPResponse_Exception($response, $code); } else { if ($errorPages && file_exists($cachedPage = ErrorPage::get_filepath_for_errorcode($code, class_exists('Translatable') ? Translatable::get_current_locale() : null))) { $response = new SS_HTTPResponse(); $response->setStatusCode($code); $response->setBody(file_get_contents($cachedPage)); throw new SS_HTTPResponse_Exception($response, $code); } else { return parent::httpError($code, $message); } } }
public function handleView($request) { if ($request->getExtension() != 'gif') { $this->httpError(404); } $newsletter = DataObject::get_one('Newsletter', sprintf('"Token" = \'%s\'', Convert::raw2sql($request->param('Newsletter')))); $user = DataObject::get_one('Member', sprintf('"NewsletterTrackingToken" = \'%s\'', Convert::raw2sql($request->param('User')))); if (!$newsletter || !$user) { $this->httpError(404); } $view = new NewsletterView(); $view->IP = $request->getIP(); $view->NewsletterID = $newsletter->ID; $view->MemberID = $user->ID; $view->write(); $gif = ''; foreach (self::$one_px_gif as $byte) { $gif .= chr($byte); } $response = new SS_HTTPResponse(); $response->addHeader('Content-Type', 'image/gif'); $response->setBody($gif); return $response; }
public function sendSignupConfirmation($request) { $body = $this->request->getBody(); $json = json_decode($body, true); if (!$this->securityToken->checkRequest($request)) { $response = new SS_HTTPResponse(); $response->setStatusCode(403); $response->addHeader('Content-Type', 'application/json'); $response->setBody(json_encode("Error")); return $response; } $this->securityToken->reset(); $to = $json['email']; $news_update_email_from = defined('NEWS_UPDATE_EMAIL_FROM') ? NEWS_UPDATE_EMAIL_FROM : '*****@*****.**'; $user_name = sprintf('%s %s', $json['first_name'], $json['last_name']); $email = EmailFactory::getInstance()->buildEmail('*****@*****.**', $to, 'Thank you for subscribing to OpenStack Foundation News updates'); $email->setTemplate('NewsPageSignupConfirmationEMail'); $email->populateTemplate(array('UserName' => $user_name, 'NewsUpdateEmailFrom' => $news_update_email_from)); $email->send(); return 'OK'; }
/** * Process the given URL, creating the appropriate controller and executing it. * * Request processing is handled as follows: * - Director::direct() creates a new SS_HTTPResponse object and passes this to * Director::handleRequest(). * - Director::handleRequest($request) checks each of the Director rules and identifies a controller * to handle this request. * - Controller::handleRequest($request) is then called. This will find a rule to handle the URL, * and call the rule handling method. * - RequestHandler::handleRequest($request) is recursively called whenever a rule handling method * returns a RequestHandler object. * * In addition to request processing, Director will manage the session, and perform the output of * the actual response to the browser. * * @uses handleRequest() rule-lookup logic is handled by this. * @uses Controller::run() Controller::run() handles the page logic for a Director::direct() call. * * @param string $url * @param DataModel $model * * @throws SS_HTTPResponse_Exception */ public static function direct($url, DataModel $model) { // Validate $_FILES array before merging it with $_POST foreach ($_FILES as $k => $v) { if (is_array($v['tmp_name'])) { $v = ArrayLib::array_values_recursive($v['tmp_name']); foreach ($v as $tmpFile) { if ($tmpFile && !is_uploaded_file($tmpFile)) { user_error("File upload '{$k}' doesn't appear to be a valid upload", E_USER_ERROR); } } } else { if ($v['tmp_name'] && !is_uploaded_file($v['tmp_name'])) { user_error("File upload '{$k}' doesn't appear to be a valid upload", E_USER_ERROR); } } } $req = new SS_HTTPRequest(isset($_SERVER['X-HTTP-Method-Override']) ? $_SERVER['X-HTTP-Method-Override'] : $_SERVER['REQUEST_METHOD'], $url, $_GET, ArrayLib::array_merge_recursive((array) $_POST, (array) $_FILES), @file_get_contents('php://input')); $headers = self::extract_request_headers($_SERVER); foreach ($headers as $header => $value) { $req->addHeader($header, $value); } // Initiate an empty session - doesn't initialize an actual PHP session until saved (see below) $session = Injector::inst()->create('Session', isset($_SESSION) ? $_SESSION : array()); // Only resume a session if its not started already, and a session identifier exists if (!isset($_SESSION) && Session::request_contains_session_id()) { $session->inst_start(); } $output = Injector::inst()->get('RequestProcessor')->preRequest($req, $session, $model); if ($output === false) { // @TODO Need to NOT proceed with the request in an elegant manner throw new SS_HTTPResponse_Exception(_t('Director.INVALID_REQUEST', 'Invalid request'), 400); } $result = Director::handleRequest($req, $session, $model); // Save session data. Note that inst_save() will start/resume the session if required. $session->inst_save(); // Return code for a redirection request if (is_string($result) && substr($result, 0, 9) == 'redirect:') { $url = substr($result, 9); if (Director::is_cli()) { // on cli, follow SilverStripe redirects automatically return Director::direct(str_replace(Director::absoluteBaseURL(), '', $url), DataModel::inst()); } else { $response = new SS_HTTPResponse(); $response->redirect($url); $res = Injector::inst()->get('RequestProcessor')->postRequest($req, $response, $model); if ($res !== false) { $response->output(); } } // Handle a controller } elseif ($result) { if ($result instanceof SS_HTTPResponse) { $response = $result; } else { $response = new SS_HTTPResponse(); $response->setBody($result); } $res = Injector::inst()->get('RequestProcessor')->postRequest($req, $response, $model); if ($res !== false) { $response->output(); } else { // @TODO Proper response here. throw new SS_HTTPResponse_Exception("Invalid response"); } //$controllerObj->getSession()->inst_save(); } }
/** * Handles formatting and output error message * then exit. * * @param RESTfulAPI_Error $error Error object to return */ public function error(RESTfulAPI_Error $error) { $answer = new SS_HTTPResponse(); $body = $this->serializer->serialize($error->body); $answer->setBody($body); $answer->setStatusCode($error->code, $error->message); $answer->addHeader('Content-Type', $this->serializer->getcontentType()); $answer = $this->setAnswerCORS($answer); // save controller's response then return/output $this->response = $answer; return $answer; }
public function getNavigationMenu() { $menu_html = $this->renderWith('Navigation_menu', array('WidgetCall' => true))->getValue(); $data = array('html' => $menu_html); $jsonp = "jsonCallback(" . json_encode($data) . ")"; $response = new SS_HTTPResponse(); $response->setStatusCode(200); $response->addHeader('Content-Type', 'application/javascript'); $response->setBody($jsonp); return $response; }
/** * Enable BasicAuth in a similar fashion as BasicAuth class * * @return boolean * @throws SS_HTTPResponse_Exception */ protected function basicAuth() { $username = self::config()->username; $password = self::config()->password; if (!$username || !$password) { return true; } $authHeader = null; if (isset($_SERVER['HTTP_AUTHORIZATION'])) { $authHeader = $_SERVER['HTTP_AUTHORIZATION']; } else { if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) { $authHeader = $_SERVER['REDIRECT_HTTP_AUTHORIZATION']; } } $matches = array(); if ($authHeader && preg_match('/Basic\\s+(.*)$/i', $authHeader, $matches)) { list($name, $password) = explode(':', base64_decode($matches[1])); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } $authSuccess = false; if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { if ($_SERVER['PHP_AUTH_USER'] == $username && $_SERVER['PHP_AUTH_PW'] == $password) { $authSuccess = true; } } if (!$authSuccess) { $realm = "Enter your credentials"; $response = new SS_HTTPResponse(null, 401); $response->addHeader('WWW-Authenticate', "Basic realm=\"{$realm}\""); if (isset($_SERVER['PHP_AUTH_USER'])) { $response->setBody(_t('BasicAuth.ERRORNOTREC', "That username / password isn't recognised")); } else { $response->setBody(_t('BasicAuth.ENTERINFO', "Please enter a username and password.")); } // Exception is caught by RequestHandler->handleRequest() and will halt further execution $e = new SS_HTTPResponse_Exception(null, 401); $e->setResponse($response); throw $e; } return $authSuccess; }
/** * Returns a JSON string of tags, for lazy loading. * * @param SS_HTTPRequest $request * * @return SS_HTTPResponse */ public function suggest(SS_HTTPRequest $request) { $tags = $this->getTags($request->getVar('term')); $response = new SS_HTTPResponse(); $response->addHeader('Content-Type', 'application/json'); $response->setBody(json_encode(array('items' => $tags))); return $response; }
/** * Process the given URL, creating the appropriate controller and executing it. * * Request processing is handled as follows: * - Director::direct() creates a new SS_HTTPResponse object and passes this to Director::handleRequest(). * - Director::handleRequest($request) checks each of the Director rules and identifies a controller to handle this * request. * - Controller::handleRequest($request) is then called. This will find a rule to handle the URL, and call the rule * handling method. * - RequestHandler::handleRequest($request) is recursively called whenever a rule handling method returns a * RequestHandler object. * * In addition to request processing, Director will manage the session, and perform the output of the actual response * to the browser. * * @param $url String, the URL the user is visiting, without the querystring. * @uses handleRequest() rule-lookup logic is handled by this. * @uses Controller::run() Controller::run() handles the page logic for a Director::direct() call. */ static function direct($url) { // Validate $_FILES array before merging it with $_POST foreach ($_FILES as $k => $v) { if (is_array($v['tmp_name'])) { $v = ArrayLib::array_values_recursive($v['tmp_name']); foreach ($v as $tmpFile) { if ($tmpFile && !is_uploaded_file($tmpFile)) { user_error("File upload '{$k}' doesn't appear to be a valid upload", E_USER_ERROR); } } } else { if ($v['tmp_name'] && !is_uploaded_file($v['tmp_name'])) { user_error("File upload '{$k}' doesn't appear to be a valid upload", E_USER_ERROR); } } } $req = new SS_HTTPRequest(isset($_SERVER['X-HTTP-Method-Override']) ? $_SERVER['X-HTTP-Method-Override'] : $_SERVER['REQUEST_METHOD'], $url, $_GET, array_merge((array) $_POST, (array) $_FILES), @file_get_contents('php://input')); // @todo find better way to extract HTTP headers if (isset($_SERVER['HTTP_ACCEPT'])) { $req->addHeader("Accept", $_SERVER['HTTP_ACCEPT']); } if (isset($_SERVER['CONTENT_TYPE'])) { $req->addHeader("Content-Type", $_SERVER['CONTENT_TYPE']); } if (isset($_SERVER['HTTP_REFERER'])) { $req->addHeader("Referer", $_SERVER['HTTP_REFERER']); } // Load the session into the controller $session = new Session(isset($_SESSION) ? $_SESSION : null); $result = Director::handleRequest($req, $session); $session->inst_save(); // Return code for a redirection request if (is_string($result) && substr($result, 0, 9) == 'redirect:') { $response = new SS_HTTPResponse(); $response->redirect(substr($result, 9)); $response->output(); // Handle a controller } else { if ($result) { if ($result instanceof SS_HTTPResponse) { $response = $result; } else { $response = new SS_HTTPResponse(); $response->setBody($result); } // ?debug_memory=1 will output the number of bytes of memory used for this request if (isset($_REQUEST['debug_memory']) && $_REQUEST['debug_memory']) { Debug::message(sprintf("Peak memory usage in bytes: %s", number_format(memory_get_peak_usage(), 0))); } else { $response->output(); } //$controllerObj->getSession()->inst_save(); } } }