/**
* Handles HTTP requests.
*
* If you are going to overload handleRequest, make sure that you start the method with $this->pushCurrent()
* and end the method with $this->popCurrent(). Failure to do this will create weird session errors.
*
* @param $request The {@link HTTPRequest} object that is responsible for distributing request parsing.
*/
function handleRequest(HTTPRequest $request) {
if(!$request) user_error("Controller::handleRequest() not passed a request!", E_USER_ERROR);
$this->pushCurrent();
$this->urlParams = $request->allParams();
$this->request = $request;
$this->response = new HTTPResponse();
// Init
$this->baseInitCalled = false;
$this->init();
if(!$this->baseInitCalled) user_error("init() method on class '$this->class' doesn't call Controller::init(). Make sure that you have parent::init() included.", E_USER_WARNING);
// If we had a redirection or something, halt processing.
if($this->response->isFinished()) {
$this->popCurrent();
return $this->response;
}
$body = parent::handleRequest($request);
if($body instanceof HTTPResponse) {
if(isset($_REQUEST['debug_request'])) Debug::message("Request handler returned HTTPResponse object to $this->class controller; returning it without modification.");
$this->response = $body;
} else {
if(is_object($body)) {
if(isset($_REQUEST['debug_request'])) Debug::message("Request handler $body->class object to $this->class controller;, rendering with template returned by $body->class::getViewer()");
$body = $body->getViewer($request->latestParam('Action'))->process($body);
}
$this->response->setBody($body);
}
ContentNegotiator::process($this->response);
HTTP::add_cache_headers($this->response);
$this->popCurrent();
return $this->response;
}
function run($requestParams)
{
if (isset($_GET['debug_profile'])) {
Profiler::mark("Controller", "run");
}
$this->pushCurrent();
$this->response = new HTTPResponse();
$this->requestParams = $requestParams;
$this->action = isset($this->urlParams['Action']) ? str_replace("-", "_", $this->urlParams['Action']) : "";
if (!$this->action) {
$this->action = 'index';
}
// Check security on the controller
if (!$this->checkAccessAction($this->action)) {
user_error("Disallowed action: '{$this->action}' on controller '{$this->class}'", E_USER_ERROR);
}
// Init
$this->baseInitCalled = false;
$this->init();
if (!$this->baseInitCalled) {
user_error("init() method on class '{$this->class}' doesn't call Controller::init(). Make sure that you have parent::init() included.", E_USER_WARNING);
}
// If we had a redirection or something, halt processing.
if ($this->response->isFinished()) {
$this->popCurrent();
return $this->response;
}
// Look at the action variables for forms
$funcName = null;
foreach ($this->requestParams as $paramName => $paramVal) {
if (substr($paramName, 0, 7) == 'action_') {
// Cleanup action_, _x and _y from image fields
$funcName = preg_replace(array('/^action_/', '/_x$|_y$/'), '', $paramName);
break;
}
}
// Form handler
if (isset($this->requestParams['executeForm']) && is_string($this->requestParams['executeForm'])) {
if (isset($funcName)) {
Form::set_current_action($funcName);
}
// Get the appropraite ocntroller: sometimes we want to get a form from another controller
if (isset($this->requestParams['formController'])) {
$formController = Director::getControllerForURL($this->requestParams['formController']);
while (is_a($formController, 'NestedController')) {
$formController = $formController->getNestedController();
}
} else {
$formController = $this;
}
// Create the form object
$form = $formController;
$formObjParts = explode('.', $this->requestParams['executeForm']);
foreach ($formObjParts as $formMethod) {
if (isset($_GET['debug_profile'])) {
Profiler::mark("Calling {$formMethod}", "on {$form->class}");
}
$form = $form->{$formMethod}();
if (isset($_GET['debug_profile'])) {
Profiler::unmark("Calling {$formMethod}", "on {$form->class}");
}
if (!$form) {
break;
}
//user_error("Form method '" . $this->requestParams['executeForm'] . "' returns null in controller class '$this->class' ($_SERVER[REQUEST_URI])", E_USER_ERROR);
}
// Populate the form
if (isset($_GET['debug_profile'])) {
Profiler::mark("Controller", "populate form");
}
if ($form) {
$form->loadDataFrom($this->requestParams, true);
// disregard validation if a single field is called
if (!isset($_REQUEST['action_callfieldmethod'])) {
$valid = $form->beforeProcessing();
if (!$valid) {
$this->popCurrent();
return $this->response;
}
} else {
$fieldcaller = $form->dataFieldByName($requestParams['fieldName']);
if (is_a($fieldcaller, "TableListField")) {
if ($fieldcaller->hasMethod('php')) {
$valid = $fieldcaller->php($requestParams);
if (!$valid) {
exit;
}
}
}
}
// If the action wasnt' set, choose the default on the form.
if (!isset($funcName) && ($defaultAction = $form->defaultAction())) {
$funcName = $defaultAction->actionName();
}
if (isset($funcName)) {
$form->setButtonClicked($funcName);
}
} else {
user_error("No form (" . Session::get('CMSMain.currentPage') . ") returned by {$formController->class}->{$_REQUEST['executeForm']}", E_USER_WARNING);
}
if (isset($_GET['debug_profile'])) {
Profiler::unmark("Controller", "populate form");
}
if (!isset($funcName)) {
user_error("No action button has been clicked in this form executon, and no default has been allowed", E_USER_ERROR);
}
// Protection against CSRF attacks
if ($form->securityTokenEnabled()) {
$securityID = Session::get('SecurityID');
if (!$securityID || !isset($this->requestParams['SecurityID']) || $securityID != $this->requestParams['SecurityID']) {
// Don't show error on live sites, as spammers create a million of these
if (!Director::isLive()) {
trigger_error("Security ID doesn't match, possible CRSF attack.", E_USER_ERROR);
} else {
die;
}
}
}
// First, try a handler method on the controller
if ($this->hasMethod($funcName) || !$form) {
if (isset($_GET['debug_controller'])) {
Debug::show("Found function {$funcName} on the controller");
}
if (isset($_GET['debug_profile'])) {
Profiler::mark("{$this->class}::{$funcName} (controller action)");
}
$result = $this->{$funcName}($this->requestParams, $form);
if (isset($_GET['debug_profile'])) {
Profiler::unmark("{$this->class}::{$funcName} (controller action)");
}
// Otherwise, try a handler method on the form object
} else {
if (isset($_GET['debug_controller'])) {
Debug::show("Found function {$funcName} on the form object");
}
if (isset($_GET['debug_profile'])) {
Profiler::mark("{$form->class}::{$funcName} (form action)");
}
$result = $form->{$funcName}($this->requestParams, $form);
if (isset($_GET['debug_profile'])) {
Profiler::unmark("{$form->class}::{$funcName} (form action)");
}
}
// Normal action
} else {
if (!isset($funcName)) {
$funcName = $this->action;
}
if ($this->hasMethod($funcName)) {
if (isset($_GET['debug_controller'])) {
Debug::show("Found function {$funcName} on the {$this->class} controller");
}
if (isset($_GET['debug_profile'])) {
Profiler::mark("{$this->class}::{$funcName} (controller action)");
}
$result = $this->{$funcName}($this->urlParams);
if (isset($_GET['debug_profile'])) {
Profiler::unmark("{$this->class}::{$funcName} (controller action)");
}
} else {
if (isset($_GET['debug_controller'])) {
Debug::show("Running default action for {$funcName} on the {$this->class} controller");
}
if (isset($_GET['debug_profile'])) {
Profiler::mark("Controller::defaultAction({$funcName})");
}
$result = $this->defaultAction($funcName, $this->urlParams);
if (isset($_GET['debug_profile'])) {
Profiler::unmark("Controller::defaultAction({$funcName})");
}
}
}
// If your controller function returns an array, then add that data to the
// default template
if (is_array($result)) {
$extended = $this->customise($result);
$viewer = $this->getViewer($funcName);
$result = $viewer->process($extended);
}
$this->response->setBody($result);
if ($result) {
ContentNegotiator::process($this->response);
}
// Set up HTTP cache headers
HTTP::add_cache_headers($this->response);
if (isset($_GET['debug_profile'])) {
Profiler::unmark("Controller", "run");
}
$this->popCurrent();
return $this->response;
}
/**
* Executes this controller, and return an {@link SS_HTTPResponse} object with the result.
*
* This method first does a few set-up activities:
* - Push this controller ont to the controller stack -
* see {@link Controller::curr()} for information about this.
* - Call {@link init()}
* - Defer to {@link RequestHandler->handleRequest()} to determine which action
* should be executed
*
* Note: $requestParams['executeForm'] support was removed,
* make the following change in your URLs:
* "/?executeForm=FooBar" -> "/FooBar"
* Also make sure "FooBar" is in the $allowed_actions of your controller class.
*
* Note: You should rarely need to overload run() -
* this kind of change is only really appropriate for things like nested
* controllers - {@link ModelAsController} and {@link RootURLController}
* are two examples here. If you want to make more
* orthodox functionality, it's better to overload {@link init()} or {@link index()}.
*
* Important: If you are going to overload handleRequest,
* make sure that you start the method with $this->pushCurrent()
* and end the method with $this->popCurrent().
* Failure to do this will create weird session errors.
*
* @param $request The {@link SS_HTTPRequest} object that is responsible
* for distributing request parsing.
* @return SS_HTTPResponse The response that this controller produces,
* including HTTP headers such as redirection info
*/
public function handleRequest(SS_HTTPRequest $request, DataModel $model)
{
if (!$request) {
user_error("Controller::handleRequest() not passed a request!", E_USER_ERROR);
}
$this->pushCurrent();
$this->urlParams = $request->allParams();
$this->request = $request;
$this->response = new SS_HTTPResponse();
$this->setDataModel($model);
$this->extend('onBeforeInit');
// Init
$this->baseInitCalled = false;
$this->init();
if (!$this->baseInitCalled) {
user_error("init() method on class '{$this->class}' doesn't call Controller::init()." . "Make sure that you have parent::init() included.", E_USER_WARNING);
}
$this->extend('onAfterInit');
// If we had a redirection or something, halt processing.
if ($this->response->isFinished()) {
$this->popCurrent();
return $this->response;
}
$body = parent::handleRequest($request, $model);
if ($body instanceof SS_HTTPResponse) {
if (isset($_REQUEST['debug_request'])) {
Debug::message("Request handler returned SS_HTTPResponse object to {$this->class} controller;" . "returning it without modification.");
}
$this->response = $body;
} else {
if ($body instanceof Object && $body->hasMethod('getViewer')) {
if (isset($_REQUEST['debug_request'])) {
Debug::message("Request handler {$body->class} object to {$this->class} controller;" . "rendering with template returned by {$body->class}::getViewer()");
}
$body = $body->getViewer($request->latestParam('Action'))->process($body);
}
$this->response->setBody($body);
}
ContentNegotiator::process($this->response);
HTTP::add_cache_headers($this->response);
$this->popCurrent();
return $this->response;
}
public function handleRequest($request)
{
$this->request = $request;
$this->response = new SS_HTTPResponse();
$this->pushCurrent();
if ($request->getUrl() == 'Paste') {
$this->submitPaste($request->postVars());
}
$paste = $this->getCurrentPaste();
$id = trim($this->request->getVar('url'), '/');
if (strpos($id, '/') !== FALSE) {
list($id, $func, $view) = explode('/', $id) + array('', '', '');
$func = DataObject::get_one('PHPVersion', 'FuncName = \'' . Convert::raw2sql($func) . '\'');
}
if (!empty($func)) {
$this->response->setBody($func->executePaste($paste->Filename, $view));
} else {
$this->response->setBody($paste->renderWith(array('Paste', 'Paste')));
}
ContentNegotiator::process($this->response);
$this->popCurrent();
return $this->response;
}
public function handleRequest(SS_HTTPRequest $request, DataModel $model)
{
if (!$request) {
user_error("Controller::handleRequest() not passed a request!", E_USER_ERROR);
}
$this->urlParams = $request->allParams();
$this->request = $request;
$this->setDataModel($model);
// Find our action or set to index if not found
$action = $this->request->param("Action");
if (!$action) {
$action = "index";
}
$result = $this->{$action}($request);
// Try to determine what response we are dealing with
if ($result instanceof SS_HTTPResponse) {
$this->response = $result;
} else {
$this->response = new SS_HTTPResponse();
$this->response->setBody($result);
}
// If we had a redirection or something, halt processing.
if ($this->response->isFinished()) {
return $this->response;
}
ContentNegotiator::process($this->response);
HTTP::add_cache_headers($this->response);
return $this->response;
}
/**
* Prepare the response (we can receive an assortment of response types (strings/objects/HTTPResponses) and
* changes the controller response object appropriately
*
* @param SS_HTTPResponse|Object $response
*/
protected function prepareResponse($response)
{
if ($response instanceof SS_HTTPResponse) {
if (isset($_REQUEST['debug_request'])) {
Debug::message("Request handler returned SS_HTTPResponse object to {$this->class} controller;" . "returning it without modification.");
}
$this->setResponse($response);
} else {
if ($response instanceof Object && $response->hasMethod('getViewer')) {
if (isset($_REQUEST['debug_request'])) {
Debug::message("Request handler {$response->class} object to {$this->class} controller;" . "rendering with template returned by {$response->class}::getViewer()");
}
$response = $response->getViewer($this->getAction())->process($response);
}
$this->getResponse()->setbody($response);
}
//deal with content if appropriate
ContentNegotiator::process($this->getResponse());
//add cache headers
HTTP::add_cache_headers($this->getResponse());
}
