/** * Handles returning a JSON response, makes sure Content-Type header is set * * @param array $array * @param bool $isJson Is the passed string already a json string * @return SS_HTTPResponse */ public function jsonResponse($array, $isJson = false) { $json = $array; if (!$isJson) { $json = Convert::raw2json($array); } $response = new SS_HTTPResponse($json); $response->addHeader('Content-Type', 'application/json'); $response->addHeader('Vary', 'Accept'); return $response; }
public function getGoogleMapPin(SS_HTTPRequest $request) { $color = Convert::raw2sql($request->param('Color')); $path = ASSETS_PATH . '/maps/pins'; // create folder on assets if does not exists .... if (!is_dir($path)) { mkdir($path, $mode = 0775, $recursive = true); } // if not get it from google (default) $ping_url = "http://chart.apis.google.com/chart?cht=mm&chs=32x32&chco=FFFFFF,{$color},000000&ext=.png"; $write_2_disk = true; if (file_exists($path . '/pin_' . $color . '.jpg')) { // if we have the file on assets use it $ping_url = $path . '/pin_' . $color . '.jpg'; $write_2_disk = false; } $body = file_get_contents($ping_url); if ($write_2_disk) { file_put_contents($path . '/pin_' . $color . '.jpg', $body); } $ext = 'jpg'; $response = new SS_HTTPResponse($body, 200); $response->addHeader('Content-Type', 'image/' . $ext); return $response; }
public function testAddCacheHeaders() { $body = "<html><head></head><body><h1>Mysite</h1></body></html>"; $response = new SS_HTTPResponse($body, 200); $this->assertEmpty($response->getHeader('Cache-Control')); HTTP::set_cache_age(30); HTTP::add_cache_headers($response); $this->assertNotEmpty($response->getHeader('Cache-Control')); // Ensure max-age is zero for development. Config::inst()->update('Director', 'environment_type', 'dev'); $response = new SS_HTTPResponse($body, 200); HTTP::add_cache_headers($response); $this->assertContains('max-age=0', $response->getHeader('Cache-Control')); // Ensure max-age setting is respected in production. Config::inst()->update('Director', 'environment_type', 'live'); $response = new SS_HTTPResponse($body, 200); HTTP::add_cache_headers($response); $this->assertContains('max-age=30', explode(', ', $response->getHeader('Cache-Control'))); $this->assertNotContains('max-age=0', $response->getHeader('Cache-Control')); // Still "live": Ensure header's aren't overridden if already set (using purposefully different values). $headers = array('Vary' => '*', 'Pragma' => 'no-cache', 'Cache-Control' => 'max-age=0, no-cache, no-store'); $response = new SS_HTTPResponse($body, 200); foreach ($headers as $name => $value) { $response->addHeader($name, $value); } HTTP::add_cache_headers($response); foreach ($headers as $name => $value) { $this->assertEquals($value, $response->getHeader($name)); } }
public function httpError($code, $message = null) { $response = new SS_HTTPResponse(); $response->setStatusCode($code); $response->addHeader('Content-Type', 'text/html'); return $response; }
/** * Action to handle upload of a single file * * @param SS_HTTPRequest $request * @return SS_HTTPResponse * @return SS_HTTPResponse */ public function upload(SS_HTTPRequest $request) { if ($this->isDisabled() || $this->isReadonly() || !$this->canUpload()) { return $this->httpError(403); } // Protect against CSRF on destructive action $token = $this->getForm()->getSecurityToken(); if (!$token->checkRequest($request)) { return $this->httpError(400); } // Get form details $name = $this->getName(); $postVars = $request->postVar($name); // Save the temporary file into a File object $uploadedFiles = $this->extractUploadedFileData($postVars); $firstFile = reset($uploadedFiles); $file = $this->saveTemporaryFile($firstFile, $error); if (empty($file)) { $return = array('error' => $error); } else { $return = $this->encodeFileAttributes($file); } // Format response with json $response = new SS_HTTPResponse(Convert::raw2json(array($return))); $response->addHeader('Content-Type', 'text/plain'); if (!empty($return['error'])) { $response->setStatusCode(200); } return $response; }
/** * Returns the unread count in a JSONobject * * @return SS_HTTPResponse */ public function count() { $notifications = TimelineEvent::get_unread(Member::currentUser()); $response = new SS_HTTPResponse(json_encode(array('count' => $notifications->count())), 200); $response->addHeader('Content-Type', 'application/json'); return $response; }
public function load($request) { $response = new SS_HTTPResponse(); $response->addHeader('Content-Type', 'application/json'); $response->setBody(Convert::array2json(array("_memberID" => Member::currentUserID()))); return $response; }
public function load($request) { $response = new SS_HTTPResponse(); $response->addHeader('Content-Type', 'application/json'); $response->setBody(Convert::array2json(call_user_func($this->source, $request->getVar('val')))); return $response; }
/** * Use cURL to request a URL, and return a SS_HTTPResponse object. */ protected function curlRequest($url, $method, $data = null, $headers = null, $curlOptions = array()) { $ch = curl_init(); $timeout = 5; $ssInfo = new SapphireInfo(); $useragent = 'SilverStripe/' . $ssInfo->version(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_USERAGENT, $useragent); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout); curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method); curl_setopt($ch, CURLOPT_HEADER, 1); if ($headers) { curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); } // Add fields to POST and PUT requests if ($method == 'POST') { curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); } elseif ($method == 'PUT') { $put = fopen("php://temp", 'r+'); fwrite($put, $data); fseek($put, 0); curl_setopt($ch, CURLOPT_PUT, 1); curl_setopt($ch, CURLOPT_INFILE, $put); curl_setopt($ch, CURLOPT_INFILESIZE, strlen($data)); } // Follow redirects curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE); // Set any custom options passed to the request() function curl_setopt_array($ch, $curlOptions); // Run request curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); $fullResponseBody = curl_exec($ch); $curlError = curl_error($ch); list($responseHeaders, $responseBody) = preg_split('/(\\n\\r?){2}/', $fullResponseBody, 2); if (preg_match("#^HTTP/1.1 100#", $responseHeaders)) { list($responseHeaders, $responseBody) = preg_split('/(\\n\\r?){2}/', $responseBody, 2); } $responseHeaders = explode("\n", trim($responseHeaders)); array_shift($responseHeaders); $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); if ($curlError !== '' || $statusCode == 0) { $statusCode = 500; } $response = new SS_HTTPResponse($responseBody, $statusCode); foreach ($responseHeaders as $headerLine) { if (strpos($headerLine, ":") !== false) { list($headerName, $headerVal) = explode(":", $headerLine, 2); // This header isn't relevant outside of curlRequest if (strtolower($headerName) == 'transfer-encoding') { continue; } $response->addHeader(trim($headerName), trim($headerVal)); } } curl_close($ch); return $response; }
/** * Creates and return the editing interface * * @return string Form's HTML */ public function index() { $form = $this->listForm(); $form->setTemplate('LeftAndMain_EditForm'); $form->addExtraClass('center cms-content'); $form->setAttribute('data-pjax-fragment', 'CurrentForm Content'); if ($this->request->isAjax()) { $response = new SS_HTTPResponse(Convert::raw2json(array('Content' => $form->forAjaxTemplate()->getValue()))); $response->addHeader('X-Pjax', 'Content'); $response->addHeader('Content-Type', 'text/json'); $response->addHeader('X-Title', 'SilverStripe - Bulk ' . $this->gridField->list->dataClass . ' Editing'); return $response; } else { $controller = $this->getToplevelController(); return $controller->customise(array('Content' => $form)); } }
function Places() { $Places = DataObject::get("Place"); $body = $this->owner->customise(array('Places' => $Places))->renderWith("KMLPlaces"); $response = new SS_HTTPResponse($body, 200); $response->addHeader('Content-type', "application/vnd.google-earth.kml+xml"); return $response; }
/** * Unlink the selected records passed from the unlink bulk action. * * @param SS_HTTPRequest $request * * @return SS_HTTPResponse List of affected records ID */ public function unLink(SS_HTTPRequest $request) { $ids = $this->getRecordIDList(); $this->gridField->list->removeMany($ids); $response = new SS_HTTPResponse(Convert::raw2json(array('done' => true, 'records' => $ids))); $response->addHeader('Content-Type', 'text/json'); return $response; }
/** * Returns a JSON string of tags, for lazy loading. * * @param SS_HTTPRequest $request * * @return SS_HTTPResponse */ public function suggest(SS_HTTPRequest $request) { $members = $this->getMembers($request->getVar('term')); $response = new SS_HTTPResponse(); $response->addHeader('Content-Type', 'application/json'); $response->setBody(json_encode($members)); return $response; }
/** * @param Object $originator * @param SS_HTTPRequest $request * @param SS_HTTPResponse $response * @param DataModel $model */ public function applyToResponse($originator, SS_HTTPRequest $request, SS_HTTPResponse $response, DataModel $model) { foreach ($this->headers as $key => $value) { if ($value !== "") { $response->addHeader($key, $value); } else { $response->removeHeader($key); } } }
public function postRequest(\SS_HTTPRequest $request, \SS_HTTPResponse $response, \DataModel $model) { $time = sprintf('%.3f ms', microtime(true) - $this->start); $response->addHeader('X-SilverStripe-Time', $time); $b = $response->getBody(); if (strpos($b, '</html>')) { $b = str_replace('</html>', "\n<!-- Generated in {$time} -->\n</html>", $b); $response->setBody($b); } }
/** * Require basic authentication. Will request a username and password if none is given. * * Used by {@link Controller::init()}. * * @throws SS_HTTPResponse_Exception * * @param string $realm * @param string|array $permissionCode Optional * @param boolean $tryUsingSessionLogin If true, then the method with authenticate against the * session log-in if those credentials are disabled. * @return Member $member */ public static function requireLogin($realm, $permissionCode = null, $tryUsingSessionLogin = true) { $isRunningTests = class_exists('SapphireTest', false) && SapphireTest::is_running_test(); if (!Security::database_is_ready() || Director::is_cli() && !$isRunningTests) { return true; } /* * Enable HTTP Basic authentication workaround for PHP running in CGI mode with Apache * Depending on server configuration the auth header may be in HTTP_AUTHORIZATION or * REDIRECT_HTTP_AUTHORIZATION * * The follow rewrite rule must be in the sites .htaccess file to enable this workaround * RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] */ $authHeader = isset($_SERVER['HTTP_AUTHORIZATION']) ? $_SERVER['HTTP_AUTHORIZATION'] : (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) ? $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] : null); $matches = array(); if ($authHeader && preg_match('/Basic\\s+(.*)$/i', $authHeader, $matches)) { list($name, $password) = explode(':', base64_decode($matches[1])); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } $member = null; if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { $member = MoreAdminsAuthenticator::authenticate(array('Email' => $_SERVER['PHP_AUTH_USER'], 'Password' => $_SERVER['PHP_AUTH_PW']), null); } if (!$member && $tryUsingSessionLogin) { $member = Member::currentUser(); } // If we've failed the authentication mechanism, then show the login form if (!$member) { $response = new SS_HTTPResponse(null, 401); $response->addHeader('WWW-Authenticate', "Basic realm=\"{$realm}\""); if (isset($_SERVER['PHP_AUTH_USER'])) { $response->setBody(_t('BasicAuth.ERRORNOTREC', "That username / password isn't recognised")); } else { $response->setBody(_t('BasicAuth.ENTERINFO', "Please enter a username and password.")); } // Exception is caught by RequestHandler->handleRequest() and will halt further execution $e = new SS_HTTPResponse_Exception(null, 401); $e->setResponse($response); throw $e; } if ($permissionCode && !Permission::checkMember($member->ID, $permissionCode)) { $response = new SS_HTTPResponse(null, 401); $response->addHeader('WWW-Authenticate', "Basic realm=\"{$realm}\""); if (isset($_SERVER['PHP_AUTH_USER'])) { $response->setBody(_t('BasicAuth.ERRORNOTADMIN', "That user is not an administrator.")); } // Exception is caught by RequestHandler->handleRequest() and will halt further execution $e = new SS_HTTPResponse_Exception(null, 401); $e->setResponse($response); throw $e; } return $member; }
public function getAndroidAssetLinksFile(SS_HTTPRequest $request) { global $APP_LINKS_ANDROID_FILE_CONFIG; $file = []; foreach ($APP_LINKS_ANDROID_FILE_CONFIG as $package => $fingerprints) { $file[] = ["relation" => ["delegate_permission/common.handle_all_urls"], "target" => ["namespace" => "android_app", "package_name" => $package, "sha256_cert_fingerprints" => $fingerprints]]; } $response = new SS_HTTPResponse(json_encode($file), 200); $response->addHeader('Content-Type', 'application/json; charset=utf-8'); return $response; }
/** * Generates the response containing the robots.txt content * * @return SS_HTTPResponse */ public function index() { $text = ""; $text .= $this->renderSitemap(); $text .= "User-agent: *\n"; $text .= $this->renderDisallow(); $text .= $this->renderAllow(); $response = new SS_HTTPResponse($text, 200); $response->addHeader("Content-Type", "text/plain; charset=\"utf-8\""); return $response; }
/** * Delete the selected records passed from the delete bulk action. * * @param SS_HTTPRequest $request * * @return SS_HTTPResponse List of deleted records ID */ public function delete(SS_HTTPRequest $request) { $ids = array(); foreach ($this->getRecords() as $record) { array_push($ids, $record->ID); $record->delete(); } $response = new SS_HTTPResponse(Convert::raw2json(array('done' => true, 'records' => $ids))); $response->addHeader('Content-Type', 'text/json'); return $response; }
public function handleAssignBulkAction($gridField, $request) { $entity_id = $request->param('EntityID'); $controller = $gridField->getForm()->Controller(); $this->gridField = $gridField; $ids = $this->getRecordIDList(); $this->processRecordIds($ids, $entity_id, $gridField, $request); $response = new SS_HTTPResponse(Convert::raw2json(array('done' => true, 'records' => $ids))); $response->addHeader('Content-Type', 'text/json'); $response->setStatusCode(200); return $response; }
public function postRequest(\SS_HTTPRequest $request, \SS_HTTPResponse $response, \DataModel $model) { if ($request->getVar('clear') && Member::currentUserID() && Permission::check('ADMIN')) { $key = trim($request->getVar('url'), '/'); $key = (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : '') . '/' . $key; $item = $this->dynamicCache->get($key); if ($item) { $response->addHeader('X-SilverStripe-Cache', 'deleted ' . $key); $this->dynamicCache->delete($key); } } }
/** * AJAX Json Response handler * * @param array|null $retVars * @param boolean $success * @return \SS_HTTPResponse */ public function handleJsonResponse($success = false, $retVars = null) { $result = array(); if ($success) { $result = array('success' => $success); } if ($retVars) { $result = array_merge($retVars, $result); } $response = new SS_HTTPResponse(json_encode($result)); $response->addHeader('Content-Type', 'application/json'); return $response; }
/** * Unpublish the selected records passed from the unpublish bulk action * * @param SS_HTTPRequest $request * @return SS_HTTPResponse List of published record IDs */ public function unpublish(SS_HTTPRequest $request) { $ids = array(); foreach ($this->getRecords() as $record) { if ($record->hasExtension('Versioned')) { array_push($ids, $record->ID); $record->deleteFromStage(Versioned::get_live_stage()); } } $response = new SS_HTTPResponse(Convert::raw2json(array('done' => true, 'records' => $ids))); $response->addHeader('Content-Type', 'text/json'); return $response; }
public function getMemberProfileImage(SS_HTTPRequest $request) { $member_id = intval($request->param('MemberID')); $member = Member::get()->byID($member_id); if (is_null($member)) { return $this->notFound(); } $photo_url = $member->ProfilePhotoUrl($width = 100, $generic_photo_type = 'speaker'); $body = file_get_contents($photo_url); $ext = 'jpg'; $response = new SS_HTTPResponse($body, 200); $response->addHeader('Content-Type', 'image/' . $ext); return $response; }
public function load($request) { $response = new SS_HTTPResponse(); $response->addHeader('Content-Type', 'application/json'); $items = call_user_func($this->source, $request->getVar('val')); $results = array(); if ($items) { foreach ($items as $k => $v) { $results[] = array('k' => $k, 'v' => $v); } } $response->setBody(Convert::array2json($results)); return $response; }
public function returnToBrowser() { if ($this->ExternalLink) { return $this->ExternalLink; } else { if ($this->FileID) { if ($file = $this->File()) { return $file->AbsoluteURL(); } } else { $content = base64_decode($this->Content); $response = new SS_HTTPResponse($content, '200'); $response->addHeader('Content-Description', 'File Transfer'); $response->addHeader('Content-Type', $this->ContentType); if ($this->IsImage()) { $response->addHeader('Content-Disposition', 'inline; filename="' . basename($this->FileName) . '"'); } else { $response->addHeader('Content-Disposition', 'download; filename="' . basename($this->FileName) . '"'); } $response->addHeader('Content-Length', $this->Length); $response->output(); } } }
/** * Require basic authentication. Will request a username and password if none is given. * * Used by {@link Controller::init()}. * * @throws SS_HTTPResponse_Exception * * @param string $realm * @param string|array $permissionCode Optional * @param boolean $tryUsingSessionLogin If true, then the method with authenticate against the * session log-in if those credentials are disabled. * @return Member $member */ public static function requireLogin($realm, $permissionCode = null, $tryUsingSessionLogin = true) { $isRunningTests = class_exists('SapphireTest', false) && SapphireTest::is_running_test(); if (!Security::database_is_ready() || Director::is_cli() && !$isRunningTests) { return true; } $matches = array(); if (isset($_SERVER['HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1])); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } $member = null; if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { $member = MemberAuthenticator::authenticate(array('Email' => $_SERVER['PHP_AUTH_USER'], 'Password' => $_SERVER['PHP_AUTH_PW']), null); } if (!$member && $tryUsingSessionLogin) { $member = Member::currentUser(); } // If we've failed the authentication mechanism, then show the login form if (!$member) { $response = new SS_HTTPResponse(null, 401); $response->addHeader('WWW-Authenticate', "Basic realm=\"{$realm}\""); if (isset($_SERVER['PHP_AUTH_USER'])) { $response->setBody(_t('BasicAuth.ERRORNOTREC', "That username / password isn't recognised")); } else { $response->setBody(_t('BasicAuth.ENTERINFO', "Please enter a username and password.")); } // Exception is caught by RequestHandler->handleRequest() and will halt further execution $e = new SS_HTTPResponse_Exception(null, 401); $e->setResponse($response); throw $e; } if ($permissionCode && !Permission::checkMember($member->ID, $permissionCode)) { $response = new SS_HTTPResponse(null, 401); $response->addHeader('WWW-Authenticate', "Basic realm=\"{$realm}\""); if (isset($_SERVER['PHP_AUTH_USER'])) { $response->setBody(_t('BasicAuth.ERRORNOTADMIN', "That user is not an administrator.")); } // Exception is caught by RequestHandler->handleRequest() and will halt further execution $e = new SS_HTTPResponse_Exception(null, 401); $e->setResponse($response); throw $e; } return $member; }
public function index(SS_HTTPRequest $r) { $username = $r->postVar('username'); $password = $r->postVar('password'); if (!$username || !$password) { return $this->httpError(400, "You must provide 'username' and 'password' parameters in the request"); } if ($member = Member::get()->filter('Email', $username)->first()) { if ($member->checkPassword($password)) { $member->assignToken(); $member->write(); $response = new SS_HTTPResponse(200); $response->addHeader('Content-type', 'application/json')->setBody(Convert::array2json(array('token' => $member->AuthenticationToken))); return $response; } } return $this->httpError(403, "Invalid login"); }
/** * Filter executed AFTER a request * * @param SS_HTTPRequest $request Request container object * @param SS_HTTPResponse $response Response output object * @param DataModel $model Current DataModel * @return boolean Whether to continue processing other filters. Null or true will continue processing (optional) */ public function postRequest(SS_HTTPRequest $request, SS_HTTPResponse $response, DataModel $model) { $code = $response->getStatusCode(); $error_page_path = Director::baseFolder() . "/errors_pages/ui/{$code}/index.html"; if (!$request->isAjax() && file_exists($error_page_path)) { //clean buffer ob_clean(); $page_file = fopen($error_page_path, "r") or die("Unable to open file!"); $body = fread($page_file, filesize($error_page_path)); fclose($page_file); // set content type $response->addHeader('Content-Type', 'text/html'); $response->setBody($body); $response->setStatusCode(200); return true; } return true; }
/** * Unlink the selected records by setting the foreign key to zero * in both Stage and Live tables. * * @param SS_HTTPRequest $request * @return SS_HTTPResponse List of published record IDs */ public function versionedunlink(SS_HTTPRequest $request) { $ids = $this->getRecordIDList(); // remove the selected entries from Stage. $this->gridField->list->removeMany($ids); // Unpublish the unlinked records. // This is potentially destructive, but there's no other "good" way to do this. // When a unlinked record gets added to another page, the only way to "activate" the // record is to publish it.. so the published version will be overwritten anyway! foreach ($this->getRecords() as $record) { if ($record->hasExtension('Versioned')) { $record->deleteFromStage(Versioned::get_live_stage()); } } $response = new SS_HTTPResponse(Convert::raw2json(array('done' => true, 'records' => $ids))); $response->addHeader('Content-Type', 'text/json'); return $response; }