public function isLoggedIn() { if (isset($_REQUEST['auth-token']) && $_REQUEST['auth-token'] && strlen($_REQUEST['auth-token']) == 8) { return $this->loginFromToken($_REQUEST['auth-token']); } return parent::isLoggedIn(); }
/** * Overrides the Symphony isLoggedIn function to allow Authors * to become logged into the backend when `$_REQUEST['auth-token']` * is present. This logs an Author in using the loginFromToken function. * A token may be 6 or 8 characters in length in the backend. A 6 character token * is used for forget password requests, whereas the 8 character token is used to login * an Author into the page * * @see core.Symphony#loginFromToken() * @return boolean */ public function isLoggedIn() { if (isset($_REQUEST['auth-token']) && $_REQUEST['auth-token'] && in_array(strlen($_REQUEST['auth-token']), array(6, 8))) { return $this->loginFromToken($_REQUEST['auth-token']); } return parent::isLoggedIn(); }
/** * Overrides the Symphony `isLoggedIn()` function to allow Authors * to become logged into the frontend when `$_REQUEST['auth-token']` * is present. This logs an Author in using the loginFromToken function. * This function allows the use of 'admin' type pages, where a Frontend * page requires that the viewer be a Symphony Author * * @see core.Symphony#loginFromToken() * @see core.Symphony#isLoggedIn() * @return boolean */ public static function isLoggedIn() { if (isset($_REQUEST['auth-token']) && $_REQUEST['auth-token'] && strlen($_REQUEST['auth-token']) == 8) { return self::loginFromToken($_REQUEST['auth-token']); } return Symphony::isLoggedIn(); }
function renderer_json($mode) { if (strtolower($mode) == 'administration') { throw new Lib\Exceptions\InvalidModeException('JSON Renderer launcher is only available on the frontend'); } $renderer = Frontend::instance(); // Check if we should enable exception debug information $exceptionDebugEnabled = Symphony::isLoggedIn(); // Use the JSON exception and error handlers instead of the Symphony one. Lib\ExceptionHandler::initialise($exceptionDebugEnabled); Lib\ErrorHandler::initialise($exceptionDebugEnabled); // #1808 if (isset($_SERVER['HTTP_MOD_REWRITE'])) { throw new Exception("mod_rewrite is required, however is not enabled."); } $output = $renderer->display(getCurrentPage()); cleanup_session_cookies(); if (in_array('JSON', Frontend::Page()->pageData()['type'])) { // Load the output into a SimpleXML Container and convert to JSON try { $xml = new SimpleXMLElement($output, LIBXML_NOCDATA); // Convert the XML to a plain array. This step is necessary as we cannot // use JSON_PRETTY_PRINT directly on a SimpleXMLElement object $outputArray = json_decode(json_encode($xml), true); // Get the transforer object ready. Other extensions will // add their transormations to this. $transformer = new Lib\Transformer(); /** * Allow other extensions to add their own transformers */ Symphony::ExtensionManager()->notifyMembers('APIFrameworkJSONRendererAppendTransformations', '/frontend/', ['transformer' => &$transformer]); // Apply transformations $outputArray = $transformer->run($outputArray); // Now put the array through a json_encode $output = json_encode($outputArray, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES); } catch (\Exception $e) { // This happened because the input was not valid XML. This could // occur for a few reasons, but there are two scenarios // we are interested in. // 1) This is a devkit page (profile, debug etc). We want the data // to be passed through and displayed rather than converted into // JSON. There is no easy way in Symphony to tell if a devkit has // control over the page, so instead lets inspect the output for // any signs a devkit is rendering the page. // 2) It is actually bad XML. In that case we need to let the error // bubble through. // Currently the easiest method is to check for the devkit.min.css // in the output. This may fail in the furture if this file is // renamed or moved. if (!preg_match("@\\/symphony\\/assets\\/css\\/devkit.min.css@", $output)) { throw $e; } } } echo $output; return $renderer; }
public function write_page_cache(&$output) { if ($this->_in_excluded_pages() || !$this->_isGetRequest()) { return; } $logged_in = Symphony::isLoggedIn(); if (!$logged_in) { $this->_updateFromGetValues(); $render = $output['output']; // rebuild entry/section reference list for this page $this->_delete_page_references($this->_url); $this->_save_page_references($this->_url, $this->_sections, $this->_entries); if (!$this->_cacheLite->get($this->_url)) { $this->_cacheLite->save($render); } # Add comment if ($this->_get_comment_pref() == 'yes') { $render .= "<!-- Cache generated: " . $this->_cacheLite->_fileName . " -->"; } header("Expires: " . gmdate("D, d M Y H:i:s", $this->_lifetime) . " GMT"); header("Cache-Control: max-age=" . $this->_lifetime . ", must-revalidate"); header("Last-Modified: " . gmdate('D, d M Y H:i:s', time()) . ' GMT'); header("X-Frame-Options: SAMEORIGIN"); header("Access-Control-Allow-Origin: " . URL); header(sprintf('Content-Length: %d', strlen($render))); print $render; exit; } }