/** * Do something after resolving is done * * @param \Cx\Core\ContentManager\Model\Entity\Page $page The resolved page */ public function postResolve(\Cx\Core\ContentManager\Model\Entity\Page $page) { switch ($this->cx->getMode()) { case \Cx\Core\Core\Controller\Cx::MODE_BACKEND: global $plainCmd, $isRegularPageRequest; $objTemplate = $this->cx->getTemplate(); $objFWUser = \FWUser::getFWUserObject(); /* authentification */ $loggedIn = $objFWUser->objUser->login(true); //check if the user is already logged in if (!$loggedIn && (!empty($_POST['USERNAME']) && !empty($_POST['PASSWORD']) || !empty($_GET['auth-token']) && !empty($_GET['user-id'])) && (!isset($_GET['cmd']) || $_GET['cmd'] !== 'Login') && (!isset($_GET['act']) || $_GET['act'] !== 'resetpw')) { //not logged in already - do captcha and password checks $objFWUser->checkAuth(); } // User only gets the backend if he's logged in. // Exception: If it is a JsonData request, then the request will be // processed. In that case, JsonData will take over the // required access/permission check. // Default permission rule by JsonData is set to // only allow the execution of requests where the // requester is signed-in. if (!$objFWUser->objUser->login(true) && $plainCmd != 'JsonData') { $plainCmd = 'Login'; // If the user isn't logged in, the login mask will be showed. // This mask has its own template handling. // So we don't need to load any templates in the index.php. $isRegularPageRequest = false; } else { $userData = array('id' => \FWUser::getFWUserObject()->objUser->getId(), 'name' => \FWUser::getFWUserObject()->objUser->getUsername()); \Env::get('cx')->getDb()->setUsername(json_encode($userData)); } $objUser = \FWUser::getFWUserObject()->objUser; $firstname = $objUser->getProfileAttribute('firstname'); $lastname = $objUser->getProfileAttribute('lastname'); if (!empty($firstname) && !empty($lastname)) { $txtProfile = $firstname . ' ' . $lastname; } else { $txtProfile = $objUser->getUsername(); } $objTemplate->setVariable(array('TXT_PROFILE' => $txtProfile, 'USER_ID' => $objFWUser->objUser->getId())); if ($loggedIn) { break; } if (isset($_POST['redirect'])) { $redirect = \FWUser::getRedirectUrl(urlencode($_POST['redirect'])); \Cx\Core\Csrf\Controller\Csrf::header('location: ' . $redirect); } elseif (!empty($_GET['auth-token'])) { \Cx\Core\Csrf\Controller\Csrf::header('location: ' . \Env::get('cx')->getWebsiteBackendPath() . '/'); } break; default: break; } }
/** * Redirect to the page by requested redirect url */ public function handleRedirect() { if (empty($_REQUEST['redirect'])) { return; } $redirect = \FWUser::getRedirectUrl(urlencode(base64_decode(urldecode($_REQUEST['redirect'])))); \Cx\Core\Csrf\Controller\Csrf::redirect($redirect); exit; }
/** * Shows the image manipulation component. * * @global array $_ARRAYLANG * @return string Parsed content. */ function editMedia() { global $_ARRAYLANG; $this->_objTpl->loadTemplateFile('module_media_edit.html', true, true); $this->pageTitle = $_ARRAYLANG['TXT_MEDIA_EDIT_FILE']; if (isset($_GET['saveError']) && $_GET['saveError'] === 'true') { $this->_objTpl->setVariable(array('TXT_MEDIA_ERROR_OCCURED' => $_ARRAYLANG['TXT_MEDIA_ERROR_OCCURED'], 'TXT_MEDIA_ERROR_MESSAGE' => $_ARRAYLANG['TXT_MEDIA_CANNOT_SAVE_IMAGE'])); $this->_objTpl->parse('mediaErrorFile'); return; } // Activate cx \JS::activate('cx'); // Activate jQuery and imgAreaSelect \JS::activate('jquery'); \JS::activate('jquery-imgareaselect'); try { // Get quality options from the settings $arrImageSettings = $this->getImageSettings(); } catch (\Exception $e) { \DBG::msg('Could not query image settings: ' . $e->getMessage()); } $check = true; empty($this->getFile) ? $check = false : ''; empty($this->getPath) ? $check = false : ''; !file_exists($this->path . $this->getFile) ? $check = false : ''; if ($check) { // File exists $this->_objTpl->setVariable(array('TXT_MEDIA_SAVE' => $_ARRAYLANG['TXT_MEDIA_SAVE'], 'TXT_MEDIA_SAVE_AS' => $_ARRAYLANG['TXT_MEDIA_SAVE_AS'], 'TXT_MEDIA_RESET' => $_ARRAYLANG['TXT_MEDIA_RESET'], 'TXT_MEDIA_PREVIEW' => $_ARRAYLANG['TXT_PREVIEW'], 'MEDIA_EDIT_ACTION' => 'index.php?cmd=Media&archive=' . $this->archive . '&act=editImage&path=' . $this->webPath, 'MEDIA_DIR' => $this->webPath, 'MEDIA_FILE' => $this->getFile)); $icon = $this->_getIcon($this->path . $this->getFile); $info = pathinfo($this->getFile); $fileExt = $info['extension']; $ext = !empty($fileExt) ? '.' . $fileExt : ''; $fileName = substr($this->getFile, 0, strlen($this->getFile) - strlen($ext)); // Icon, file & extension name $this->_objTpl->setVariable(array('MEDIA_FILE_ICON' => self::_getIconWebPath() . $icon . '.png', 'MEDIA_FILE_DIR' => $this->webPath, 'MEDIA_FILE_NAME' => $fileName, 'MEDIA_FILE_EXT' => $fileExt)); // Edit image $imageSize = @getimagesize($this->path . $this->getFile); $this->_objTpl->setVariable(array('TXT_MEDIA_IMAGE_MANIPULATION' => $_ARRAYLANG['TXT_MEDIA_IMAGE_MANIPULATION'], 'TXT_MEDIA_WIDTH' => $_ARRAYLANG['TXT_MEDIA_WIDTH'], 'TXT_MEDIA_HEIGHT' => $_ARRAYLANG['TXT_MEDIA_HEIGHT'], 'TXT_MEDIA_BALANCE' => $_ARRAYLANG['TXT_MEDIA_BALANCE'], 'TXT_MEDIA_QUALITY' => $_ARRAYLANG['TXT_MEDIA_QUALITY'], 'TXT_MEDIA_SAVE' => $_ARRAYLANG['TXT_MEDIA_SAVE'], 'TXT_MEDIA_RESET' => $_ARRAYLANG['TXT_MEDIA_RESET'], 'TXT_MEDIA_SET_IMAGE_NAME' => $_ARRAYLANG['TXT_MEDIA_SET_IMAGE_NAME'], 'TXT_MEDIA_CONFIRM_REPLACE_IMAGE' => $_ARRAYLANG['TXT_MEDIA_CONFIRM_REPLACE_IMAGE'], 'TXT_MEDIA_REPLACE' => $_ARRAYLANG['TXT_MEDIA_REPLACE'], 'TXT_MEDIA_OR' => $_ARRAYLANG['TXT_MEDIA_OR'], 'TXT_MEDIA_SAVE_NEW_COPY' => $_ARRAYLANG['TXT_MEDIA_SAVE_NEW_COPY'], 'TXT_MEDIA_CROP' => $_ARRAYLANG['TXT_MEDIA_CROP'], 'TXT_MEDIA_CROP_INFO' => $_ARRAYLANG['TXT_MEDIA_CROP_INFO'], 'TXT_MEDIA_CANCEL' => $_ARRAYLANG['TXT_MEDIA_CANCEL'], 'TXT_MEDIA_ROTATE' => $_ARRAYLANG['TXT_MEDIA_ROTATE'], 'TXT_MEDIA_ROTATE_INFO' => $_ARRAYLANG['TXT_MEDIA_ROTATE_INFO'], 'TXT_MEDIA_SCALE_COMPRESS' => $_ARRAYLANG['TXT_MEDIA_SCALE_COMPRESS'], 'TXT_MEDIA_SCALE_INFO' => $_ARRAYLANG['TXT_MEDIA_SCALE_INFO'], 'TXT_MEDIA_PREVIEW' => $_ARRAYLANG['TXT_MEDIA_PREVIEW'], 'MEDIA_IMG_WIDTH' => $imageSize[0], 'MEDIA_IMG_HEIGHT' => $imageSize[1])); foreach ($this->arrImageQualityValues as $value) { $this->_objTpl->setVariable(array('IMAGE_QUALITY_VALUE' => $value, 'IMAGE_QUALITY_OPTION_CHECKED' => $value == $arrImageSettings['image_compression'] ? 'selected="selected"' : '')); $this->_objTpl->parse('mediaEditImageQualityOptions'); } $this->_objTpl->parse('mediaEditImage'); } else { // File doesn't exist $this->_objTpl->setVariable(array('TXT_MEDIA_ERROR_OCCURED' => $_ARRAYLANG['TXT_MEDIA_ERROR_OCCURED'], 'TXT_MEDIA_ERROR_MESSAGE' => $_ARRAYLANG['TXT_MEDIA_FILE_DONT_EXISTS'])); $this->_objTpl->parse('mediaErrorFile'); } $redirect = ''; if (!empty($_REQUEST['redirect'])) { $redirect = \FWUser::getRedirectUrl(urlencode(base64_decode(urldecode($_REQUEST['redirect'])))); } // Variables $this->_objTpl->setVariable(array('CSRF' => \Cx\Core\Csrf\Controller\Csrf::param(), 'MEDIA_EDIT_AJAX_ACTION' => 'index.php?cmd=Media&archive=' . $this->archive . '&act=editImage&path=' . $this->webPath, 'MEDIA_EDIT_REDIRECT' => $redirect, 'MEDIA_BACK_HREF' => 'index.php?cmd=Media&archive=' . $this->archive . '&path=' . $this->webPath, 'MEDIA_FILE_IMAGE_SRC' => 'index.php?cmd=Media&archive=' . $this->archive . '&act=getImage&path=' . $this->webPath . '&file=' . $this->getFile . '&' . \Cx\Core\Csrf\Controller\Csrf::param(), 'MEDIA_IMAGE_WIDTH' => !empty($imageSize) ? intval($imageSize[0]) : 0, 'MEDIA_IMAGE_HEIGHT' => !empty($imageSize) ? intval($imageSize[1]) : 0, 'MEDIA_IMAGE_CROP_WIDTH' => $arrImageSettings['image_cut_width'], 'MEDIA_IMAGE_CROP_HEIGHT' => $arrImageSettings['image_cut_height'], 'MEDIA_IMAGE_RESIZE_QUALITY' => $arrImageSettings['image_compression'])); }
/** * Checks if the user has been successfully authenticated * * If a user has been successfully authenticated then he will be * redirected to the requested page, otherwise the login page will be displayed * * @access private * @global array * @see cmsSession::cmsSessionStatusUpdate(), contrexx_strip_tags, \Cx\Core\Html\Sigma::get() * @return string \Cx\Core\Html\Sigma::get() */ function _login() { global $_CORELANG, $sessionObj; $objFWUser = \FWUser::getFWUserObject(); if (isset($_REQUEST['redirect'])) { $redirect = contrexx_strip_tags($_REQUEST['redirect']); } elseif (isset($_SESSION['redirect'])) { $redirect = $_SESSION['redirect']; } else { $redirect = ""; } \Cx\Lib\SocialLogin::parseSociallogin($this->_objTpl); $arrSettings = \User_Setting::getSettings(); if (function_exists('curl_init') && $arrSettings['sociallogin']['status'] && !empty($_GET['provider'])) { $providerLogin = $this->loginWithProvider($_GET['provider']); if ($providerLogin) { return $providerLogin; } } if ($objFWUser->objUser->login()) { if (isset($_POST['login']) && $objFWUser->checkLogin() || isset($_GET['auth-token']) && isset($_GET['user-id'])) { $objFWUser->objUser->reset(); $objFWUser->logoutAndDestroySession(); $sessionObj = \cmsSession::getInstance(); } elseif (isset($_POST['login'])) { $_GET['relogin'] = '******'; } } if ((!isset($_GET['relogin']) || $_GET['relogin'] != 'true') && $objFWUser->objUser->login() || $objFWUser->checkAuth()) { $groupRedirect = ($objGroup = $objFWUser->objGroup->getGroup($objFWUser->objUser->getPrimaryGroupId())) && $objGroup->getHomepage() ? preg_replace('/\\[\\[([A-Z0-9_-]+)\\]\\]/', '{\\1}', $objGroup->getHomepage()) : CONTREXX_SCRIPT_PATH; \LinkGenerator::parseTemplate($groupRedirect); if (isset($_SESSION['redirect'])) { unset($_SESSION['redirect']); } if (!empty($redirect)) { $redirect = \FWUser::getRedirectUrl(urlencode(base64_decode($redirect))); } \Cx\Core\Csrf\Controller\Csrf::header('Location: ' . (empty($redirect) ? $groupRedirect : $redirect)); exit; } else { if (isset($_POST['login'])) { $this->_statusMessage = $_CORELANG['TXT_PASSWORD_OR_USERNAME_IS_INCORRECT']; } } if (isset($_SESSION['auth']['loginLastAuthFailed'])) { $this->_objTpl->setVariable(array('TXT_CORE_CAPTCHA' => $_CORELANG['TXT_CORE_CAPTCHA'], 'CAPTCHA_CODE' => \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->getCode())); $this->_objTpl->parse('captcha'); } else { $this->_objTpl->hideBlock('captcha'); } // TODO: loading the language data of component Access at this // point is a workaround as the integration of the Access // component's functionality itself is hard-coded too and // has not been implemented through the system component // framework. $accessLang = \Env::get('init')->getComponentSpecificLanguageData('Access'); $this->_objTpl->setVariable(array('TXT_ACCESS_SIGNUP_BY_FACEBOOK' => $accessLang['TXT_ACCESS_SIGNUP_BY_FACEBOOK'], 'TXT_ACCESS_SIGNUP_BY_GOOGLE' => $accessLang['TXT_ACCESS_SIGNUP_BY_GOOGLE'], 'TXT_ACCESS_SIGNUP_BY_TWITTER' => $accessLang['TXT_ACCESS_SIGNUP_BY_TWITTER'], 'TXT_CORE_SIGN_UP' => $_CORELANG['TXT_CORE_SIGN_UP'], 'TXT_LOGIN' => $_CORELANG['TXT_LOGIN'], 'TXT_USER_NAME' => $_CORELANG['TXT_USER_NAME'], 'TXT_EMAIL' => $_CORELANG['TXT_EMAIL'], 'TXT_PASSWORD' => $_CORELANG['TXT_PASSWORD'], 'TXT_LOGIN_REMEMBER_ME' => $_CORELANG['TXT_CORE_REMEMBER_ME'], 'TXT_PASSWORD_LOST' => $_CORELANG['TXT_PASSWORD_LOST'], 'LOGIN_REDIRECT' => $redirect, 'LOGIN_STATUS_MESSAGE' => $this->_statusMessage)); return $this->_objTpl->get(); }
/** * Checks if the user has been successfully authenticated * * If a user has been successfully authenticated then he will be * redirected to the requested page, otherwise the login page will be displayed * * @access private * @global array * @see cmsSession::cmsSessionStatusUpdate(), contrexx_strip_tags, \Cx\Core\Html\Sigma::get() * @return string \Cx\Core\Html\Sigma::get() */ function _login() { global $_CORELANG, $sessionObj; $objFWUser = \FWUser::getFWUserObject(); if (isset($_REQUEST['redirect'])) { $redirect = contrexx_strip_tags($_REQUEST['redirect']); } elseif (isset($_SESSION['redirect'])) { $redirect = $_SESSION['redirect']; } else { $redirect = ""; } \Cx\Lib\SocialLogin::parseSociallogin($this->_objTpl); $arrSettings = \User_Setting::getSettings(); if (function_exists('curl_init') && $arrSettings['sociallogin']['status'] && !empty($_GET['provider'])) { $providerLogin = $this->loginWithProvider($_GET['provider']); if ($providerLogin) { return $providerLogin; } } if ($objFWUser->objUser->login()) { if (isset($_POST['login']) && $objFWUser->checkLogin() || isset($_GET['auth-token']) && isset($_GET['user-id'])) { $objFWUser->objUser->reset(); $objFWUser->logoutAndDestroySession(); $sessionObj = \cmsSession::getInstance(); } else { $_GET['relogin'] = '******'; } } if ((!isset($_GET['relogin']) || $_GET['relogin'] != 'true') && $objFWUser->objUser->login() || $objFWUser->checkAuth()) { $groupRedirect = ($objGroup = $objFWUser->objGroup->getGroup($objFWUser->objUser->getPrimaryGroupId())) && $objGroup->getHomepage() ? preg_replace('/\\[\\[([A-Z0-9_-]+)\\]\\]/', '{\\1}', $objGroup->getHomepage()) : CONTREXX_SCRIPT_PATH; \LinkGenerator::parseTemplate($groupRedirect); if (isset($_SESSION['redirect'])) { unset($_SESSION['redirect']); } if (!empty($redirect)) { $redirect = \FWUser::getRedirectUrl(urlencode(base64_decode($redirect))); } \Cx\Core\Csrf\Controller\Csrf::header('Location: ' . (empty($redirect) ? $groupRedirect : $redirect)); exit; } else { if (isset($_POST['login'])) { $this->_statusMessage = $_CORELANG['TXT_PASSWORD_OR_USERNAME_IS_INCORRECT']; } } if (isset($_SESSION['auth']['loginLastAuthFailed'])) { $this->_objTpl->setVariable(array('TXT_CORE_CAPTCHA' => $_CORELANG['TXT_CORE_CAPTCHA'], 'CAPTCHA_CODE' => \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->getCode())); $this->_objTpl->parse('captcha'); } else { $this->_objTpl->hideBlock('captcha'); } $this->_objTpl->setVariable(array('TXT_LOGIN' => $_CORELANG['TXT_LOGIN'], 'TXT_USER_NAME' => $_CORELANG['TXT_USER_NAME'], 'TXT_PASSWORD' => $_CORELANG['TXT_PASSWORD'], 'TXT_LOGIN_REMEMBER_ME' => $_CORELANG['TXT_CORE_REMEMBER_ME'], 'TXT_PASSWORD_LOST' => $_CORELANG['TXT_PASSWORD_LOST'], 'LOGIN_REDIRECT' => $redirect, 'LOGIN_STATUS_MESSAGE' => $this->_statusMessage)); return $this->_objTpl->get(); }