/** * Handles the given Exception. * * @param Throwable|Exception $exception The Exception to handle * @param bool $showTrace */ public static function handleException($exception, $showTrace = true) { rex_logger::logException($exception); while (ob_get_level()) { ob_end_clean(); } $status = rex_response::HTTP_INTERNAL_ERROR; if ($exception instanceof rex_http_exception && $exception->getHttpCode()) { $status = $exception->getHttpCode(); } rex_response::setStatus($status); if (rex::isSetup() || rex::isDebugMode() || ($user = rex_backend_login::createUser()) && $user->isAdmin()) { // TODO add a beautiful error page with usefull debugging info $buf = ''; $buf .= '<pre>'; $buf .= '"' . get_class($exception) . '" thrown in ' . $exception->getFile() . ' on line ' . $exception->getLine() . "\n"; if ($exception->getMessage()) { $buf .= '<b>' . ($exception instanceof ErrorException ? self::getErrorType($exception->getSeverity()) . ': ' : '') . $exception->getMessage() . "</b>\n"; } $cause = $exception->getPrevious(); while ($cause) { $buf .= "\n"; $buf .= 'caused by ' . get_class($cause) . ' in ' . $cause->getFile() . ' on line ' . $cause->getLine() . "\n"; if ($cause->getMessage()) { $buf .= '<b>' . ($cause instanceof ErrorException ? self::getErrorType($cause->getSeverity()) . ': ' : '') . $cause->getMessage() . "</b>\n"; } $cause = $cause->getPrevious(); } if ($showTrace) { $buf .= "\n"; $buf .= $exception->getTraceAsString(); } if (!rex::isSetup() && rex::isBackend() && !rex::isSafeMode()) { $buf .= "\n\n"; $buf .= '<a href="' . rex_url::backendPage('packages', ['safemode' => 1]) . '">activate safe mode</a>'; } $buf .= '</pre>'; } else { // TODO small error page, without debug infos $buf = 'Oooops, an internal error occured!'; } rex_response::sendContent($buf); exit; }
$impname = basename($impname); if ($function == 'dbimport' && substr($impname, -4, 4) != '.sql') { $impname = ''; } elseif ($function == 'fileimport' && substr($impname, -7, 7) != '.tar.gz') { $impname = ''; } elseif (($function == 'delete' || $function == 'download') && substr($impname, -4, 4) != '.sql' && substr($impname, -7, 7) != '.tar.gz') { $impname = ''; } } if ($function == 'delete' && $impname) { // ------------------------------ FUNC DELETE if (rex_file::delete(rex_backup::getDir() . '/' . $impname)) { } $success = rex_i18n::msg('backup_file_deleted'); } elseif ($function == 'download' && $impname && is_readable(rex_backup::getDir() . '/' . $impname)) { rex_response::sendFile(rex_backup::getDir() . '/' . $impname, substr($impname, -7, 7) != '.tar.gz' ? 'tar/gzip' : 'plain/test', 'attachment'); exit; } elseif ($function == 'dbimport') { // ------------------------------ FUNC DBIMPORT // noch checken das nicht alle tabellen geloescht werden // install/temp.sql aendern if (isset($_FILES['FORM']) && $_FILES['FORM']['size']['importfile'] < 1 && $impname == '') { $error = rex_i18n::msg('backup_no_import_file_chosen_or_wrong_version') . '<br>'; } else { if ($impname != '') { $file_temp = rex_backup::getDir() . '/' . $impname; } else { $file_temp = rex_backup::getDir() . '/temp.sql'; } if ($impname != '' || @move_uploaded_file($_FILES['FORM']['tmp_name']['importfile'], $file_temp)) { $state = rex_backup::importDb($file_temp);
if ($cronjob instanceof rex_cronjob) { $cronjobs[$class] = $cronjob; $select->addOption($cronjob->getTypeName(), $class); } } if ($func == 'add') { $select->setSelected('rex_cronjob_phpcode'); } $activeType = $field->getValue(); if ($func != 'add' && !in_array($activeType, $types)) { if (!$activeType && !$field->getValue()) { $warning = rex_i18n::rawMsg('cronjob_not_found'); } else { $warning = rex_i18n::rawMsg('cronjob_type_not_found', $field->getValue(), $activeType); } rex_response::sendRedirect(rex_url::currentBackendPage([rex_request('list', 'string') . '_warning' => $warning], false)); } $form->addFieldset($this->i18n('type_parameters')); $fieldContainer = $form->addContainerField('parameters'); $fieldContainer->setAttribute('style', 'display: none'); $fieldContainer->setMultiple(false); $fieldContainer->setActive($activeType); $env_js = ''; $visible = []; foreach ($cronjobs as $group => $cronjob) { $disabled = []; $envs = (array) $cronjob->getEnvironments(); if (!in_array('frontend', $envs)) { $disabled[] = 0; } if (!in_array('backend', $envs)) {
/** * checks whether an api function is bound to the current requests. If so, so the api function will be executed. */ public static function handleCall() { if (static::hasFactoryClass()) { return static::callFactoryClass(__FUNCTION__, func_get_args()); } $apiFunc = self::factory(); if ($apiFunc != null) { if ($apiFunc->published !== true) { if (rex::isBackend() !== true) { throw new rex_http_exception(new rex_api_exception('the api function ' . get_class($apiFunc) . ' is not published, therefore can only be called from the backend!'), rex_response::HTTP_FORBIDDEN); } if (!rex::getUser()) { throw new rex_http_exception(new rex_api_exception('missing backend session to call api function ' . get_class($apiFunc) . '!'), rex_response::HTTP_UNAUTHORIZED); } } $urlResult = rex_get(self::REQ_RESULT_PARAM, 'string'); if ($urlResult) { // take over result from url and do not execute the apiFunc $result = rex_api_result::fromJSON($urlResult); $apiFunc->result = $result; } else { try { $result = $apiFunc->execute(); if (!$result instanceof rex_api_result) { throw new rex_exception('Illegal result returned from api-function ' . rex_get(self::REQ_CALL_PARAM) . '. Expected a instance of rex_api_result but got "' . (is_object($result) ? get_class($result) : gettype($result)) . '".'); } $apiFunc->result = $result; if ($result->requiresReboot()) { $context = rex_context::fromGet(); // add api call result to url $context->setParam(self::REQ_RESULT_PARAM, $result->toJSON()); // and redirect to SELF for reboot rex_response::sendRedirect($context->getUrl([], false)); } } catch (rex_api_exception $e) { $message = $e->getMessage(); $result = new rex_api_result(false, $message); $apiFunc->result = $result; } } } }
include_once rex_path::core('packages.php'); // ----- Prepare AddOn Pages if (rex::getUser()) { rex_be_controller::appendPackagePages(); } $pages = rex_extension::registerPoint(new rex_extension_point('PAGES_PREPARED', rex_be_controller::getPages())); rex_be_controller::setPages($pages); // Set Startpage if ($user = rex::getUser()) { // --- page pruefen und benoetigte rechte checken rex_be_controller::checkPagePermissions($user); } $page = rex_be_controller::getCurrentPage(); rex_view::setJsProperty('page', $page); // ----- EXTENSION POINT // page variable validated rex_extension::registerPoint(new rex_extension_point('PAGE_CHECKED', $page, ['pages' => $pages], true)); // trigger api functions // If the backend session is timed out, rex_api_function would throw an exception // so only trigger api functions if page != login if ($page != 'login') { rex_api_function::handleCall(); } // include the requested backend page rex_be_controller::includeCurrentPage(); // ----- caching end für output filter $CONTENT = ob_get_contents(); ob_end_clean(); // ----- inhalt ausgeben rex_response::sendPage($CONTENT);
/** * Checks if content has changed by the etag cachekey. * * HTTP_IF_NONE_MATCH feature * * @param string $cacheKey HTTP Cachekey to identify the cache */ public static function sendEtag($cacheKey) { // Laut HTTP Spec muss der Etag in " sein $cacheKey = '"' . $cacheKey . '"'; // Sende CacheKey als ETag header('ETag: ' . $cacheKey); // CacheKey gefunden // => den Browser anweisen, den Cache zu verwenden if (isset($_SERVER['HTTP_IF_NONE_MATCH']) && $_SERVER['HTTP_IF_NONE_MATCH'] == $cacheKey) { self::cleanOutputBuffers(); header('HTTP/1.1 ' . self::HTTP_NOT_MODIFIED); exit; } self::$sentEtag = true; }
// ------------------------------ /FUNC EXPORT SQL } elseif ($exporttype == 'files') { // ------------------------------ FUNC EXPORT FILES $header = 'tar/gzip'; if (empty($EXPDIR)) { $error = rex_i18n::msg('backup_please_choose_folder'); } else { $content = rex_backup::exportFiles($EXPDIR); $hasContent = rex_file::put($export_path . $filename . $ext, $content); } // ------------------------------ /FUNC EXPORT FILES } if ($hasContent) { if ($exportdl) { $filename = $filename . $ext; rex_response::sendFile($export_path . $filename, $header, 'attachment'); rex_file::delete($export_path . $filename); exit; } else { $success = rex_i18n::msg('backup_file_generated_in') . ' ' . strtr($filename . $ext, '\\', '/'); } } else { $error = rex_i18n::msg('backup_file_could_not_be_generated') . ' ' . rex_i18n::msg('backup_check_rights_in_directory') . ' ' . $export_path; } } } if ($success != '') { echo rex_view::success($success); } if ($error != '') { echo rex_view::error($error);
public static function checkPage(rex_user $user) { $page = self::getCurrentPageObject(); // --- page pruefen und benoetigte rechte checken if (!$page || !$page->checkPermission($user)) { // --- fallback zur user startpage -> rechte checken $page = self::getPageObject($user->getStartPage()); if (!$page || !$page->checkPermission($user)) { // --- fallback zur system startpage -> rechte checken $page = self::getPageObject(rex::getProperty('start_page')); if (!$page || !$page->checkPermission($user)) { // --- fallback zur profile page $page = self::getPageObject('profile'); } } rex_response::setStatus(rex_response::HTTP_FORBIDDEN); rex_response::sendRedirect($page->getHref()); } if ($page !== ($leaf = $page->getFirstSubpagesLeaf())) { rex_response::setStatus(rex_response::HTTP_MOVED_PERMANENTLY); $url = $leaf->hasHref() ? $leaf->getHref() : rex_context::restore()->getUrl(['page' => $leaf->getFullKey()], false); rex_response::sendRedirect($url); } }
if (rex_media::isImageType(rex_file::extension($file_name))) { $js = "insertImage('{$file_name}','{$title}');"; } } elseif ($opener_input_field == 'TINY') { $js = "insertLink('" . $file_name . "');"; } elseif ($opener_input_field != '') { if (substr($opener_input_field, 0, 14) == 'REX_MEDIALIST_') { $js = "selectMedialist('" . $file_name . "');"; $js .= 'location.href = "' . rex_url::backendPage('mediapool', ['info' => rex_i18n::msg('pool_file_added'), 'opener_input_field' => $opener_input_field], false) . '";'; } else { $js = "selectMedia('" . $file_name . "');"; } } echo "<script language=javascript>\n"; echo $js; // echo "\nself.close();\n"; echo '</script>'; exit; } elseif ($return['ok'] == 1) { rex_response::sendRedirect(rex_url::backendPage('mediapool', ['info' => $info, 'opener_input_field' => $opener_input_field], false)); } else { $warning = rex_i18n::msg('pool_file_movefailed'); } } } else { $warning = rex_i18n::msg('pool_file_not_found'); } } } // ----- METHOD ADD FORM echo rex_mediapool_Uploadform($rex_file_category);
} else { $warning = rex_i18n::msg('content_errorcopyarticle'); } } else { $warning = rex_i18n::msg('no_rights_to_this_function'); } } // ------------------------------------------ END: COPY ARTICLE // ------------------------------------------ START: MOVE CATEGORY if (rex_post('movecategory', 'boolean')) { $category_id_new = rex_post('category_id_new', 'int'); if (rex::getUser()->hasPerm('moveCategory[]') && rex::getUser()->getComplexPerm('structure')->hasCategoryPerm($article->getValue('parent_id')) && rex::getUser()->getComplexPerm('structure')->hasCategoryPerm($category_id_new)) { if ($category_id != $category_id_new && rex_category_service::moveCategory($category_id, $category_id_new)) { $info = rex_i18n::msg('category_moved'); ob_end_clean(); rex_response::sendRedirect($context->getUrl(['page' => 'content/edit', 'info' => $info], false)); } else { $warning = rex_i18n::msg('content_error_movecategory'); } } else { $warning = rex_i18n::msg('no_rights_to_this_function'); } } // ------------------------------------------ END: MOVE CATEGORY // ------------------------------------------ START: CONTENT HEAD MENUE $editPage = rex_be_controller::getPageObject('content/edit'); $editPage->setHref($context->getUrl(['page' => 'content/edit'], false)); foreach ($ctypes as $key => $val) { $editPage->addSubpage((new rex_be_page('ctype' . $key, rex_i18n::translate($val)))->setHref(['page' => 'content/edit', 'article_id' => $article_id, 'clang' => $clang, 'ctype' => $key], false)->setIsActive($ctype == $key)); } $nav = rex_be_navigation::factory();
public function sendMedia() { $headerCacheFilename = $this->getHeaderCacheFilename(); $CacheFilename = $this->getCacheFilename(); if ($this->isCached()) { $header = rex_file::getCache($headerCacheFilename); if (isset($header['Last-Modified'])) { rex_response::sendLastModified(strtotime($header['Last-Modified'])); } foreach ($header as $t => $c) { header($t . ': ' . $c); } readfile($CacheFilename); } else { $this->media->sendMedia($CacheFilename, $headerCacheFilename, $this->use_cache); } exit; }
public function sendMedia($sourceCacheFilename, $headerCacheFilename, $save = false) { if ($this->asImage) { $src = $this->getImageSource(); } else { $src = rex_file::get($this->getMediapath()); } $this->setHeader('Content-Length', rex_string::size($src)); $header = $this->getHeader(); if (!array_key_exists('Content-Type', $header)) { $finfo = finfo_open(FILEINFO_MIME_TYPE); $content_type = finfo_file($finfo, $this->getMediapath()); if ($content_type != '') { $this->setHeader('Content-Type', $content_type); } } if (!array_key_exists('Content-Disposition', $header)) { $this->setHeader('Content-Disposition', 'inline; filename="' . $this->getMediaFilename() . '";'); } if (!array_key_exists('Last-Modified', $header)) { $this->setHeader('Last-Modified', gmdate('D, d M Y H:i:s T')); } rex_response::cleanOutputBuffers(); foreach ($this->header as $t => $c) { header($t . ': ' . $c); } echo $src; if ($save) { rex_file::putCache($headerCacheFilename, $this->header); rex_file::put($sourceCacheFilename, $src); } }
if (rex_be_controller::getCurrentPagePart(1) == 'content') { rex_be_controller::getPageObject('structure')->setIsActive(true); } }); if (rex_be_controller::getCurrentPagePart(1) == 'system') { rex_system_setting::register(new rex_system_setting_default_template_id()); } rex_extension::register('CLANG_DELETED', function (rex_extension_point $ep) { $del = rex_sql::factory(); $del->setQuery('delete from ' . rex::getTablePrefix() . "article_slice where clang_id='" . $ep->getParam('clang')->getId() . "'"); }); } else { rex_extension::register('FE_OUTPUT', function (rex_extension_point $ep) { $content = $ep->getSubject(); $article = new rex_article_content(); $article->setCLang(rex_clang::getCurrentId()); if ($article->setArticleId(rex_article::getCurrentId())) { $content .= $article->getArticleTemplate(); } else { $content .= 'Kein Startartikel selektiert / No starting Article selected. Please click here to enter <a href="' . rex_url::backendController() . '">redaxo</a>'; rex_response::sendPage($content); exit; } $art_id = $article->getArticleId(); if ($art_id == rex_article::getNotfoundArticleId() && $art_id != rex_article::getSiteStartArticleId()) { rex_response::setStatus(rex_response::HTTP_NOT_FOUND); } // ----- inhalt ausgeben rex_response::sendPage($content, $article->getValue('updatedate')); }); }
/** * @param rex_context $context * * @return string * * @package redaxo\structure */ function rex_structure_searchbar(rex_context $context) { $message = ''; $search_result = ''; // ------------ Parameter $clang = $context->getParam('clang', 1); $category_id = $context->getParam('category_id', 0); $article_id = $context->getParam('article_id', 0); $search_article_name = rex_request('search_article_name', 'string'); // ------------ Suche via ArtikelId if (preg_match('/^[0-9]+$/', $search_article_name, $matches)) { if ($OOArt = rex_article::get($matches[0], $clang)) { rex_response::sendRedirect($context->getUrl(['page' => 'content/edit', 'article_id' => $OOArt->getId()], false)); } } // Auswahl eines normalen Artikels => category holen if ($article_id != 0) { $OOArt = rex_article::get($article_id, $clang); // Falls Artikel gerade geloescht wird, gibts keinen rex_article if ($OOArt) { $category_id = $OOArt->getCategoryId(); } } // ------------ Suche via ArtikelName if (rex_request('search_start', 'bool')) { // replace LIKE wildcards $search_article_name_like = str_replace(['_', '%'], ['\\_', '\\%'], $search_article_name); $qry = ' SELECT id FROM ' . rex::getTablePrefix() . 'article WHERE clang_id = ' . $clang . ' AND ( name LIKE "%' . $search_article_name_like . '%" OR catname LIKE "%' . $search_article_name_like . '%" )'; if (rex_addon::get('structure')->getConfig('searchmode', 'local') != 'global') { // Suche auf aktuellen Kontext eingrenzen if ($category_id != 0) { $qry .= ' AND path LIKE "%|' . $category_id . '|%"'; } } $search = rex_sql::factory(); // $search->setDebug(); $search->setQuery($qry); $foundRows = $search->getRows(); // Suche ergab nur einen Treffer => Direkt auf den Treffer weiterleiten if ($foundRows == 1) { $OOArt = rex_article::get($search->getValue('id'), $clang); if (rex::getUser()->getComplexPerm('structure')->hasCategoryPerm($OOArt->getCategoryId())) { rex_response::sendRedirect($context->getUrl(['page' => 'content/edit', 'article_id' => $search->getValue('id')], false)); } } elseif ($foundRows > 0) { $needle = htmlspecialchars($search_article_name); $search_result .= '<div class="list-group">'; for ($i = 0; $i < $foundRows; ++$i) { $breadcrumb = []; $OOArt = rex_article::get($search->getValue('id'), $clang); $label = $OOArt->getName(); if (rex::getUser()->getComplexPerm('structure')->hasCategoryPerm($OOArt->getCategoryId())) { $label .= ' [' . $search->getValue('id') . ']'; $highlightHit = function ($string, $needle) { return preg_replace('/(.*)(' . preg_quote($needle, '/') . ')(.*)/i', '\\1<mark>\\2</mark>\\3', $string); }; foreach ($OOArt->getParentTree() as $treeItem) { $treeLabel = $treeItem->getName(); if (rex::getUser()->hasPerm('advancedMode[]')) { $treeLabel .= ' [' . $treeItem->getId() . ']'; } $treeLabel = htmlspecialchars($treeLabel); $treeLabel = $highlightHit($treeLabel, $needle); $e = []; $e['title'] = $treeLabel; $e['href'] = $context->getUrl(['page' => 'structure', 'category_id' => $treeItem->getId()]); $breadcrumb[] = $e; } $label = htmlspecialchars($label); $label = $highlightHit($label, $needle); $e = []; $e['title'] = $label; $e['href'] = $context->getUrl(['page' => 'content/edit', 'article_id' => $treeItem->getId()]); $breadcrumb[] = $e; $fragment = new rex_fragment(); $fragment->setVar('items', $breadcrumb, false); $search_result .= '<div class="list-group-item">' . $fragment->parse('core/navigations/breadcrumb.php') . '</div>'; } $search->next(); } $search_result .= '</div>'; $fragment = new rex_fragment(); $fragment->setVar('title', rex_i18n::msg('be_search_result'), false); $fragment->setVar('content', $search_result, false); $search_result = $fragment->parse('core/page/section.php'); } else { $message = rex_view::info(rex_i18n::msg('be_search_no_results')); } } $select_name = 'category_id'; $add_homepage = true; if (rex_be_controller::getCurrentPagePart(1) == 'content') { $select_name = 'article_id'; $add_homepage = false; } $category_select = new rex_category_select(false, false, true, $add_homepage); $category_select->setName($select_name); $category_select->setSize('1'); $category_select->setAttribute('onchange', 'this.form.submit();'); $category_select->setSelected($category_id); $select = $category_select->get(); $doc = new DOMDocument(); $doc->loadHTML('<?xml encoding="UTF-8">' . $select); $options = $doc->getElementsByTagName('option'); $droplistContext = new rex_context(['page' => 'structure', 'category_id' => 0]); $button_label = ''; $items = []; foreach ($options as $option) { $value = ''; $item = []; if ($option->hasAttributes()) { foreach ($option->attributes as $attribute) { if ($attribute->name == 'value') { $value = $attribute->value; $droplistContext->setParam('category_id', $value); if ($attribute->value == $category_id) { $button_label = str_replace(" ", '', $option->nodeValue); $item['active'] = true; } } } } $item['title'] = preg_replace('/\\[([0-9]+)\\]$/', '<small class="rex-primary-id">$1</small>', $option->nodeValue); $item['href'] = $droplistContext->getUrl(); $items[] = $item; } $fragment = new rex_fragment(); $fragment->setVar('button_prefix', rex_i18n::msg('be_search_quick_navi')); $fragment->setVar('button_label', $button_label); $fragment->setVar('items', $items, false); $droplist = '<div class="navbar-btn navbar-right">' . $fragment->parse('core/dropdowns/dropdown.php'); $formElements = []; $n = []; $n['field'] = '<input class="form-control" type="text" name="search_article_name" value="' . htmlspecialchars($search_article_name) . '" placeholder="' . htmlspecialchars(rex_i18n::msg('be_search_article_name') . '/' . rex_i18n::msg('be_search_article_id')) . '" />'; $n['right'] = '<button class="btn btn-search" type="submit" name="search_start" value="1">' . rex_i18n::msg('be_search_start') . '</button>'; $formElements[] = $n; $fragment = new rex_fragment(); $fragment->setVar('elements', $formElements, false); $toolbar = $fragment->parse('core/form/input_group.php'); $toolbar = ' <form action="' . rex_url::currentBackendPage() . '" method="post"> ' . $context->getHiddenInputFields() . ' <div class="navbar-form navbar-left"> <div class="form-group"> ' . $toolbar . ' </div> </div> </form>'; $toolbar = rex_view::toolbar($toolbar . $droplist, rex_i18n::msg('be_search_search')); return $toolbar . $search_result; }
public static function checkPagePermissions(rex_user $user) { $check = function (rex_be_page $page) use(&$check, $user) { if (!$page->checkPermission($user)) { return false; } $subpages = $page->getSubpages(); foreach ($subpages as $key => $subpage) { if (!$check($subpage)) { unset($subpages[$key]); } } $page->setSubpages($subpages); return true; }; foreach (self::$pages as $key => $page) { if (!$check($page)) { unset(self::$pages[$key]); } } self::$pageObject = null; $page = self::getCurrentPageObject(); // --- page pruefen und benoetigte rechte checken if (!$page) { // --- fallback zur user startpage -> rechte checken $page = self::getPageObject($user->getStartPage()); if (!$page) { // --- fallback zur system startpage -> rechte checken $page = self::getPageObject(rex::getProperty('start_page')); if (!$page) { // --- fallback zur profile page $page = self::getPageObject('profile'); } } rex_response::setStatus(rex_response::HTTP_NOT_FOUND); rex_response::sendRedirect($page->getHref()); } if ($page !== ($leaf = $page->getFirstSubpagesLeaf())) { rex_response::setStatus(rex_response::HTTP_MOVED_PERMANENTLY); $url = $leaf->hasHref() ? $leaf->getHref() : rex_context::restore()->getUrl(['page' => $leaf->getFullKey()], false); rex_response::sendRedirect($url); } }