public function build($runData) { $userId = $runData->getUserId(); // get all membership - criteria with join ;-) wooo! $c = new Criteria(); $c->add("user_id", $userId); $c->addJoin("site_id", "site.site_id"); $c->add("site.deleted", true); $mems = DB_AdminPeer::instance()->select($c); if (count($mems) > 0) { $runData->contextAdd("admins", $mems); } // get the sites $sites = array(); foreach ($mems as $m) { $s = $m->getSite(); $sites[$s->getSiteId()] = $s->getFieldValuesArray(); // original unix name... $un = $s->getUnixName(); $un = explode('..del..', $un); $un = $un[0]; $sites[$s->getSiteId()]['unix_name'] = $un; } $json = new JSONService(SERVICES_JSON_LOOSE_TYPE); $runData->contextAdd('sitesData', $json->encode($sites)); }
public function saveEvent($runData) { $site = $runData->getTemp("site"); $pl = $runData->getParameterList(); $pageId = $pl->getParameterValue("pageId"); if (!is_numeric($pageId)) { throw new ProcessException(_("Page does not exist.")); } $page = DB_PagePeer::instance()->selectByPrimaryKey($pageId); if (!$page) { throw new ProcessException(_("Page does not exist.")); } // check permissions $category = $page->getCategory(); WDPermissionManager::instance()->hasPagePermission('edit', $runData->getUser(), $category, $page); $data = $pl->getParameterValue("data"); $json = new JSONService(); $listData = $json->decode($data); //it's time to do some checking $listData->label = trim($listData->label); if (!$listData->label) { throw new ProcessException(_('The SimpleTodo module must have an id (e.g. id="list1").')); } $dataArray['label'] = $listData->label; $listData->title = trim($listData->title); if (!$listData->title) { throw new ProcessException(_('Your title field is empty, please correct that.')); } $dataArray['title'] = $listData->title; for ($i = 0; $i < count($listData->data); $i++) { $listData->data[$i]->text = trim($listData->data[$i]->text); $listData->data[$i]->link = trim($listData->data[$i]->link); if (!is_bool($listData->data[$i]->checked)) { throw new ProcessException(_('Something is wrong witch checkbox (it is not a boolean value).')); } if (empty($listData->data[$i]->text)) { throw new ProcessException(_('One of your text fields is empty, please correct that.')); } $dataArray['data'][$i]['text'] = $listData->data[$i]->text; $dataArray['data'][$i]['link'] = $listData->data[$i]->link; $dataArray['data'][$i]['checked'] = $listData->data[$i]->checked; } $c = new Criteria(); $c->add('label', $listData->label); $c->add('site_id', $site->getSiteId()); $list = DB_SimpletodoListPeer::instance()->selectOne($c); if (!$list) { $list = new DB_SimpletodoList(); $list->setSiteId($site->getSiteId()); $list->setLabel($dataArray['label']); } $list->setTitle($dataArray['title']); $itemData = $json->encode($dataArray['data']); $list->setData($itemData); $list->save(); }
public function build($runData) { $site = $runData->getTemp("site"); $settings = $site->getSettings(); $runData->contextAdd("siteDomain", $site->getDomain()); $openIdServices = array(array('pattern' => '^[a-z0-9\\.\\-]+\\.myopenid\\.com\\/?$', 'server' => 'http://www.myopenid.com/server'), array('pattern' => '^[a-z0-9\\.\\-]+\\.getopenid\\.com\\/?$', 'server' => 'https://getopenid.com/server'), array('pattern' => '^[a-z0-9\\.\\-]+\\.livejournal\\.com\\/?$', 'server' => 'http://www.livejournal.com/openid/server.bml'), array('pattern' => '^[a-z0-9\\.\\-]+\\.vox\\.com\\/?$', 'server' => 'http://www.vox.com/openid/server'), array('pattern' => '^[a-z0-9\\.\\-]+\\.verisignlabs\\.com\\/?$', 'server' => 'https://pip.verisignlabs.com/server'), array('pattern' => '^[a-z0-9\\.\\-]+\\.openid\\.pl\\/?$', 'server' => 'http://openid.pl/server'), array('pattern' => '^myid\\.pl\\/id\\/', 'server' => 'http://myid.pl/auth')); $json = new JSONService(); $os = $json->encode($openIdServices); $runData->contextAdd("openIdServices", $os); // current settings $runData->contextAdd("enabled", $settings->getOpenidEnabled()); $c = new Criteria(); $c->add("site_id", $site->getSiteId()); $c->add("page_id", null); $ooroot = DB_OpenidEntryPeer::instance()->selectOne($c); $c = new Criteria(); $c->add("site_id", $site->getSiteId()); $c->add("page_id", null, "!="); $oos = DB_OpenidEntryPeer::instance()->select($c); $runData->contextAdd("openIdRoot", $ooroot); $runData->contextAdd("openIds", $oos); }
// Date in the past // all the parameters are stored in the POST body. $data = file_get_contents('php://input'); if ($data != null && $data !== '') { $json = new JSONService(SERVICES_JSON_LOOSE_TYPE); $parsedData = $json->decode($data); } // find quickmodule name $moduleName = $_GET['module']; // check if exists $modulePath = WIKIDOT_ROOT . "/php/quickmodules/" . $moduleName . ".php"; if (file_exists($modulePath)) { require_once $modulePath; $module = new $moduleName(); $response = $module->process($parsedData); if ($parsedData['callbackIndex'] !== null) { $response['callbackIndex'] = $parsedData['callbackIndex']; } if ($response != null) { if (!$json) { $json = new JSONService(SERVICES_JSON_LOOSE_TYPE); } echo $json->encode($response); } } else { return; } /* * example query: * http://www.example.com/quickmodule.php?module=PageLookupQModule&q=howto&s=1 */
public function uploadContactsForInvitationsEvent($runData) { $status = "ok"; // status variable that will be passed to template $pl = $runData->getParameterList(); $file = $_FILES['contactfile']; if ($file['size'] == 0) { $status = "zero_size"; $runData->contextAdd("status", $status); return; } if ($file['error'] != 0) { $status = "other error"; $runData->contextAdd("status", $file['error']); return; } if (!is_uploaded_file($file['tmp_name'])) { $status = "invalid_file"; $runData->contextAdd("status", $status); return; } // read the file, convert encoding...? $cont = file_get_contents($file['tmp_name']); $enc = mb_detect_encoding($cont, "UTF-8, UTF-16BE, UTF-16LE, UCS-2, UCS-2BE, UCS-2LE, UTF-16, ASCII"); if (!$enc) { $enc = $this->getUnicode($cont); } if ($enc != "UTF-8") { $cont = mb_convert_encoding($cont, "UTF-8", $enc); } //save to a tmp file $tmpfile = tmpfile(); fwrite($tmpfile, $cont); fseek($tmpfile, 0); // access as a CSV $header = fgetcsv($tmpfile); // look for name and email $namePos = 0; for ($i = 0; $i < count($header); $i++) { if (preg_match(";name;i", $header[$i])) { $namePos = $i; break; } } $emailPos = 0; for ($i = 0; $i < count($header); $i++) { if (preg_match(";e\\-?mail;i", $header[$i])) { $emailPos = $i; break; } } // read all the rows and get name + email $adrs = array(); while (($data = fgetcsv($tmpfile)) !== false) { $name = $data[$namePos]; $email = $data[$emailPos]; $adrs[] = array('name' => $name, 'email' => $email); } fclose($tmpfile); //encode adresses $json = new JSONService(); $adrs = $json->encode($adrs); $runData->contextAdd("status", $status); $runData->contextAdd("adrs", $adrs); }
public function process() { global $timeStart; // initialize logging service $logger = OzoneLogger::instance(); $loggerFileOutput = new OzoneLoggerFileOutput(); $loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log"); $logger->addLoggerOutput($loggerFileOutput); $logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL); $logger->debug("AJAX module request processing started, logger initialized"); Ozone::init(); $runData = new RunData(); /* processing an AJAX request! */ $runData->setAjaxMode(true); $runData->init(); // extra return array - just for ajax handling $runData->ajaxResponseAdd("status", "OK"); Ozone::setRunData($runData); $logger->debug("RunData object created and initialized"); // handle session at the begging of procession $runData->handleSessionStart(); $template = $runData->getModuleTemplate(); $classFile = $runData->getModuleClassPath(); $className = $runData->getModuleClassName(); $logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}"); require_once $classFile; $module = new $className(); // module security check if (!$module->isAllowed($runData)) { if ($classFile == $runData->getModuleClassPath()) { $runData->setModuleTemplate("errors/NotAllowed"); } else { // $module->isAllowed() should set the error template!!! if not - // default NotAllowed is used // reload the class again - we do not want the unsecure module to render! $classFile = $runData->getModuleClassPath(); $className = $runData->getModuleClassName(); $logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}"); require_once $classFile; $module = new $className(); $runData->setAction(null); } } Ozone::initSmarty(); $logger->debug("OZONE initialized"); Ozone::initServices(); $logger->debug("Smarty template services loaded"); Ozone::parseMacros(); $logger->debug("Smarty macros parsed"); Ozone::updateSmartyPlain(); $logger->debug("plain version of Smarty created"); $logger->info("Ozone engines successfully initialized"); // PROCESS ACTION $actionClass = $runData->getAction(); $logger->debug("processing action {$actionClass}"); while ($actionClass != null) { require_once PathManager::actionClass($actionClass); $tmpa1 = explode('/', $actionClass); $actionClassStripped = end($tmpa1); $action = new $actionClassStripped(); // action security check $classFile = $runData->getModuleClassPath(); if (!$action->isAllowed($runData)) { if ($classFile == $runData->getModuleClassPath()) { $runData->setModuleTemplate("errors/NotAllowed"); } // $action->isAllowed() should set the error template!!! if not - // default NotAllowed is used break; } $actionEvent = $runData->getActionEvent(); if ($actionEvent != null) { $action->{$actionEvent}($runData); $logger->debug("processing action: {$actionClass}, event: {$actionEvent}"); } else { $logger->debug("processing action: {$actionClass}"); $action->perform($runData); } // this is in case action changes the action name so that // the next action can be executed. if ($runData->getNextAction() != null) { $actionClass = $runData->getNextAction(); $runData->setAction($actionClass); $runData->setActionEvent($runData->getNextActionEvent()); } else { $actionClass = null; } } // end action process // check if template has been changed by the module. if so... if ($template != $runData->getModuleTemplate) { $classFile = $runData->getModuleClassPath(); $className = $runData->getModuleClassName(); $logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}"); require_once $classFile; $module = new $className(); } $module->setTemplate($template); $rendered = $module->render($runData); $rVars = $runData->getAjaxResponse(); if ($rendered != null) { // process modules... $moduleProcessor = new ModuleProcessor($runData); $out = $moduleProcessor->process($rendered); $rVars['body'] = $out; } $json = new JSONService(); $out = $json->encode($rVars); echo $out; $runData->handleSessionEnd(); }
public function process() { global $timeStart; // initialize logging service $logger = OzoneLogger::instance(); $loggerFileOutput = new OzoneLoggerFileOutput(); $loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log"); $logger->addLoggerOutput($loggerFileOutput); $logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL); $logger->debug("AJAX module request processing started, logger initialized"); Ozone::init(); $runData = new RunData(); /* processing an AJAX request! */ $runData->setAjaxMode(true); $runData->init(); // extra return array - just for ajax handling $runData->ajaxResponseAdd("status", "ok"); Ozone::setRunData($runData); $logger->debug("RunData object created and initialized"); try { // check security token if ($_COOKIE['wikidot_token7'] == null || $_COOKIE['wikidot_token7'] !== $runData->getParameterList()->getParameterValue('wikidot_token7', 'AMODULE')) { throw new ProcessException("no", "wrong_token7"); } //remove token from parameter list!!! $runData->getParameterList()->delParameter('wikidot_token7'); $callbackIndex = $runData->getParameterList()->getParameterValue('callbackIndex'); $runData->getParameterList()->delParameter('callbackIndex'); // check if site (wiki) exists! $siteHost = $_SERVER["HTTP_HOST"]; $memcache = Ozone::$memcache; if (preg_match("/^([a-zA-Z0-9\\-]+)\\." . GlobalProperties::$URL_DOMAIN_PREG . "\$/", $siteHost, $matches) == 1) { $siteUnixName = $matches[1]; // select site based on the unix name // check memcached first! // the memcache block is to avoid database connection if possible $mcKey = 'site..' . $siteUnixName; $site = $memcache->get($mcKey); if ($site == false) { $c = new Criteria(); $c->add("unix_name", $siteUnixName); $c->add("site.deleted", false); $site = DB_SitePeer::instance()->selectOne($c); $memcache->set($mcKey, $site, 0, 3600); } } else { // select site based on the custom domain $mcKey = 'site_cd..' . $siteHost; $site = $memcache->get($mcKey); if ($site == false) { $c = new Criteria(); $c->add("custom_domain", $siteHost); $c->add("site.deleted", false); $site = DB_SitePeer::instance()->selectOne($c); $memcache->set($mcKey, $site, 0, 3600); } GlobalProperties::$SESSION_COOKIE_DOMAIN = '.' . $siteHost; } if (!$site) { throw new ProcessException(_('The requested site does not exist.')); } $runData->setTemp("site", $site); //nasty global thing... $GLOBALS['siteId'] = $site->getSiteId(); $GLOBALS['site'] = $site; // set language $runData->setLanguage($site->getLanguage()); $GLOBALS['lang'] = $site->getLanguage(); // and for gettext too: $lang = $site->getLanguage(); switch ($lang) { case 'pl': $glang = "pl_PL"; break; case 'en': $glang = "en_US"; break; } putenv("LANG={$glang}"); putenv("LANGUAGE={$glang}"); setlocale(LC_ALL, $glang . '.UTF-8'); // Set the text domain as 'messages' $gdomain = 'messages'; bindtextdomain($gdomain, WIKIDOT_ROOT . '/locale'); textdomain($gdomain); $settings = $site->getSettings(); // handle SSL $sslMode = $settings->getSslMode(); if ($_SERVER['HTTPS']) { if (!$sslMode) { // not enabled, issue an errorr throw new ProcessException(_("Secure access is not enabled for this Wiki.")); } elseif ($sslMode == "ssl_only_paranoid") { // use secure authentication cookie // i.e. change authentication scheme GlobalProperties::$SESSION_COOKIE_NAME = "WIKIDOT_SESSION_SECURE_ID"; GlobalProperties::$SESSION_COOKIE_SECURE = true; } } else { // page accessed via http (nonsecure) switch ($sslMode) { case 'ssl': //enabled, but nonsecure allowed too. break; case 'ssl_only_paranoid': case 'ssl_only': throw new ProcessException(_("Nonsecure access is not enabled for this Wiki.")); break; } } // handle session at the begging of procession $runData->handleSessionStart(); // PRIVATE SITES: check if the site is private and if the user is its member if ($site->getPrivate()) { // check if not allow anyway $template = $runData->getModuleTemplate(); $actionClass = $runData->getAction(); $proceed = in_array($actionClass, array('', 'LoginAction', 'MembershipApplyAction', 'CreateAccountAction', 'PasswordRecoveryAction')) && ($template == '' || $template == 'Empty' || preg_match(';^createaccount/;', $template) || preg_match(';^login/;', $template) || preg_match(';^membership/;', $template) || preg_match(';^passwordrecovery/;', $template)); if (!$proceed) { $user = $runData->getUser(); if ($user && !$user->getSuperAdmin() && !$user->getSuperModerator()) { // check if member $c = new Criteria(); $c->add("site_id", $site->getSiteId()); $c->add("user_id", $user->getUserId()); $mem = DB_MemberPeer::instance()->selectOne($c); if (!$mem) { // check if a viewer $c = new Criteria(); $c->add("site_id", $site->getSiteId()); $c->add("user_id", $user->getUserId()); $vi = DB_SiteViewerPeer::instance()->selectOne($c); if (!$vi) { $user = null; } } } if ($user == null) { throw new ProcessException(_('This Site is private and accessible only to its members.')); } } } $template = $runData->getModuleTemplate(); $classFile = $runData->getModuleClassPath(); $className = $runData->getModuleClassName(); $logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}"); require_once $classFile; $module = new $className(); // module security check if (!$module->isAllowed($runData)) { throw new WDPermissionException(_("Not allowed.")); } Ozone::initSmarty(); $logger->debug("OZONE initialized"); $logger->info("Ozone engines successfully initialized"); // PROCESS ACTION $actionClass = $runData->getAction(); $logger->debug("processing action {$actionClass}"); $runData->setTemp("jsInclude", array()); $runData->setTemp("cssInclude", array()); if ($actionClass) { require_once PathManager::actionClass($actionClass); $tmpa1 = explode('/', $actionClass); $actionClassStripped = end($tmpa1); $action = new $actionClassStripped(); $classFile = $runData->getModuleClassPath(); if (!$action->isAllowed($runData)) { throw new WDPermissionException("Not allowed."); } $actionEvent = $runData->getActionEvent(); /*try{*/ if ($actionEvent != null) { $action->{$actionEvent}($runData); $logger->debug("processing action: {$actionClass}, event: {$actionEvent}"); } else { $logger->debug("processing action: {$actionClass}"); $action->perform($runData); } } // end action process // check if template has been changed by the module. if so... if ($template != $runData->getModuleTemplate()) { $classFile = $runData->getModuleClassPath(); $className = $runData->getModuleClassName(); $logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}"); require_once $classFile; $module = new $className(); } $module->setTemplate($template); $rendered = $module->render($runData); $jsInclude = $runData->getTemp("jsInclude"); $jsInclude = array_merge($jsInclude, $module->getExtraJs()); $runData->setTemp("jsInclude", $jsInclude); $cssInclude = $runData->getTemp("cssInclude"); $cssInclude = array_merge($cssInclude, $module->getExtraCss()); $runData->setTemp("cssInclude", $cssInclude); } catch (ProcessException $e) { $db = Database::connection(); $db->rollback(); $runData->ajaxResponseAdd("message", $e->getMessage()); $runData->ajaxResponseAdd("status", $e->getStatus()); $runData->setModuleTemplate(null); $template = null; } catch (WDPermissionException $e) { $db = Database::connection(); $db->rollback(); $runData->ajaxResponseAdd("message", $e->getMessage()); $runData->ajaxResponseAdd("status", "no_permission"); $runData->setModuleTemplate(null); $template = null; } catch (Exception $e) { $db = Database::connection(); $db->rollback(); $runData->ajaxResponseAdd("message", _("An error occured while processing the request.") . ' ' . $e->getMessage()); $runData->ajaxResponseAdd("status", "not_ok"); $runData->setModuleTemplate(null); $template = null; // LOG ERROR TOO!!! $logger = OzoneLogger::instance(); $logger->error("Exception caught while processing ajax module:\n\n" . $e->__toString()); } $rVars = $runData->getAjaxResponse(); if ($rendered != null) { // process modules... $moduleProcessor = new ModuleProcessor($runData); $out = $moduleProcessor->process($rendered); $rVars['body'] = $out; // check the javascript files for inclusion } if ($template != null && $template != "Empty") { $jsInclude = $runData->getTemp("jsInclude"); if ($module->getIncludeDefaultJs()) { $file = WIKIDOT_ROOT . '/' . GlobalProperties::$MODULES_JS_PATH . '/' . $template . '.js'; if (file_exists($file)) { $url = GlobalProperties::$MODULES_JS_URL . '/' . $template . '.js'; $incl = $url; $jsInclude[] = $incl; } } $rVars['jsInclude'] = $jsInclude; $cssInclude = $runData->getTemp("cssInclude"); if ($module->getIncludeDefaultCss()) { $file = WIKIDOT_ROOT . '/' . GlobalProperties::$MODULES_CSS_PATH . '/' . $template . '.css'; if (file_exists($file)) { $url = GlobalProperties::$MODULES_CSS_URL . '/' . $template . '.css'; $incl = $url; $cssInclude[] = $incl; } } $rVars['cssInclude'] = $cssInclude; } // specify (copy) jscallback. ugly, right? ;-) $rVars['callbackIndex'] = $callbackIndex; $json = new JSONService(); $out = $json->encode($rVars); $runData->handleSessionEnd(); echo $out; }