/** * Pre-execute function for search functions * * @param framework\Request $request */ public function preExecute(framework\Request $request, $action) { $this->forward403unless(framework\Context::getUser()->hasPageAccess('search') && framework\Context::getUser()->canSearchForIssues()); if ($project_key = $request['project_key']) { $project = entities\Project::getByKey($project_key); } elseif (is_numeric($request['project_id']) && ($project_id = (int) $request['project_id'])) { $project = tables\Projects::getTable()->selectById($project_id); } else { $project = false; } if ($project instanceof entities\Project) { $this->forward403unless(framework\Context::getUser()->hasProjectPageAccess('project_issues', $project)); framework\Context::getResponse()->setPage('project_issues'); framework\Context::setCurrentProject($project); } $this->search_object = entities\SavedSearch::getFromRequest($request); $this->issavedsearch = $this->search_object instanceof entities\SavedSearch && $this->search_object->getB2DBID(); $this->show_results = $this->issavedsearch || $request->hasParameter('quicksearch') || $request->hasParameter('fs') || $request->getParameter('search', false) ? true : false; $this->searchterm = $this->search_object instanceof entities\SavedSearch ? $this->search_object->getSearchterm() : ''; $this->searchtitle = $this->search_object instanceof entities\SavedSearch ? $this->search_object->getTitle() : ''; if ($this->issavedsearch) { if (!($this->search_object instanceof entities\SavedSearch && framework\Context::getUser()->canAccessSavedSearch($this->search_object))) { framework\Context::setMessage('search_error', framework\Context::getI18n()->__("You don't have access to this saved search")); } } }
protected function _parse_insert_template($matches) { switch ($matches[1]) { case 'CURRENTMONTH': return date('m'); case 'CURRENTMONTHNAMEGEN': case 'CURRENTMONTHNAME': return date('F'); case 'CURRENTDAY': return date('d'); case 'CURRENTDAYNAME': return date('l'); case 'CURRENTYEAR': return date('Y'); case 'CURRENTTIME': return date('H:i'); case 'NUMBEROFARTICLES': return 0; case 'PAGENAME': return framework\Context::getResponse()->getPage(); case 'NAMESPACE': return 'None'; case 'TOC': return isset($this->options['included']) ? '' : '{{TOC}}'; case 'SITENAME': case 'SITETAGLINE': return \thebuggenie\core\framework\Settings::getSiteHeaderName(); default: $details = explode('|', $matches[1]); $template_name = array_shift($details); if (substr($template_name, 0, 1) == ':') { $template_name = substr($template_name, 1); } $template_name = Article::doesArticleExist($template_name) ? $template_name : 'Template:' . $template_name; $template_article = Articles::getTable()->getArticleByName($template_name); $parameters = array(); if (count($details)) { foreach ($details as $parameter) { $param = explode('=', $parameter); if (count($param) == 2) { $parameters[$param[0]] = $param[1]; } else { $parameters[] = $parameter; } } } if ($template_article instanceof Article) { return tbg_parse_text($template_article->getContent(), false, null, array('included' => true, 'parameters' => $parameters)); } else { return $matches[0]; } } }
/** * Returns the logged in user, or default user if not logged in * * @param \thebuggenie\core\framework\Request $request * @param \thebuggenie\core\framework\Action $action * * @return \thebuggenie\core\entities\User */ public static function loginCheck(framework\Request $request, framework\Action $action) { try { $authentication_method = $action->getAuthenticationMethodForAction(framework\Context::getRouting()->getCurrentRouteAction()); $user = null; $external = false; switch ($authentication_method) { case framework\Action::AUTHENTICATION_METHOD_ELEVATED: case framework\Action::AUTHENTICATION_METHOD_CORE: $username = $request['tbg3_username']; $password = $request['tbg3_password']; if ($authentication_method == framework\Action::AUTHENTICATION_METHOD_ELEVATED) { $elevated_password = $request['tbg3_elevated_password']; } $raw = true; // If no username and password specified, check if we have a session that exists already if ($username === null && $password === null) { if (framework\Context::getRequest()->hasCookie('tbg3_username') && framework\Context::getRequest()->hasCookie('tbg3_password')) { $username = framework\Context::getRequest()->getCookie('tbg3_username'); $password = framework\Context::getRequest()->getCookie('tbg3_password'); $user = self::getB2DBTable()->getByUsername($username); if ($authentication_method == framework\Action::AUTHENTICATION_METHOD_ELEVATED) { $elevated_password = framework\Context::getRequest()->getCookie('tbg3_elevated_password'); if ($user instanceof User && !$user->hasPasswordHash($password)) { $user = null; } else { if ($user instanceof User && !$user->hasPasswordHash($elevated_password)) { framework\Context::setUser($user); framework\Context::getRouting()->setCurrentRouteName('elevated_login_page'); throw new framework\exceptions\ElevatedLoginException('reenter'); } } } else { if ($user instanceof User && !$user->hasPasswordHash($password)) { $user = null; } } if (!$user instanceof User) { framework\Context::logout(); throw new \Exception('No such login'); } } } // If we have authentication details, validate them if (framework\Settings::isUsingExternalAuthenticationBackend() && $username !== null && $password !== null) { $external = true; framework\Logging::log('Authenticating with backend: ' . framework\Settings::getAuthenticationBackend(), 'auth', framework\Logging::LEVEL_INFO); try { $mod = framework\Context::getModule(framework\Settings::getAuthenticationBackend()); if ($mod->getType() !== Module::MODULE_AUTH) { framework\Logging::log('Auth module is not the right type', 'auth', framework\Logging::LEVEL_FATAL); } if (framework\Context::getRequest()->hasCookie('tbg3_username') && framework\Context::getRequest()->hasCookie('tbg3_password')) { $user = $mod->verifyLogin($username, $password); } else { $user = $mod->doLogin($username, $password); } if (!$user instanceof User) { // Invalid framework\Context::logout(); throw new \Exception('No such login'); //framework\Context::getResponse()->headerRedirect(framework\Context::getRouting()->generate('login')); } } catch (\Exception $e) { throw $e; } } elseif (framework\Settings::isUsingExternalAuthenticationBackend()) { $external = true; framework\Logging::log('Authenticating without credentials with backend: ' . framework\Settings::getAuthenticationBackend(), 'auth', framework\Logging::LEVEL_INFO); try { $mod = framework\Context::getModule(framework\Settings::getAuthenticationBackend()); if ($mod->getType() !== Module::MODULE_AUTH) { framework\Logging::log('Auth module is not the right type', 'auth', framework\Logging::LEVEL_FATAL); } $user = $mod->doAutoLogin(); if ($user == false) { // Invalid framework\Context::logout(); throw new \Exception('No such login'); //framework\Context::getResponse()->headerRedirect(framework\Context::getRouting()->generate('login')); } else { if ($user == true) { $user = null; } } } catch (\Exception $e) { throw $e; } } elseif ($username !== null && $password !== null && !$user instanceof User) { $external = false; framework\Logging::log('Using internal authentication', 'auth', framework\Logging::LEVEL_INFO); $user = self::getB2DBTable()->getByUsername($username); if ($user instanceof User && !$user->hasPassword($password)) { $user = null; } if (!$user instanceof User) { framework\Context::logout(); } } break; case framework\Action::AUTHENTICATION_METHOD_DUMMY: $user = self::getB2DBTable()->getByUserID(framework\Settings::getDefaultUserID()); break; case framework\Action::AUTHENTICATION_METHOD_CLI: $user = self::getB2DBTable()->getByUsername(framework\Context::getCurrentCLIusername()); break; case framework\Action::AUTHENTICATION_METHOD_RSS_KEY: $user = self::getB2DBTable()->getByRssKey($request['rsskey']); break; case framework\Action::AUTHENTICATION_METHOD_APPLICATION_PASSWORD: $user = self::getB2DBTable()->getByUsername($request['api_username']); if (!$user->authenticateApplicationPassword($request['api_token'])) { $user = null; } break; } if ($user === null && !framework\Settings::isLoginRequired()) { $user = self::getB2DBTable()->getByUserID(framework\Settings::getDefaultUserID()); } if ($user instanceof User) { if (!$user->isActivated()) { throw new \Exception('This account has not been activated yet'); } elseif (!$user->isEnabled()) { throw new \Exception('This account has been suspended'); } elseif (!$user->isConfirmedMemberOfScope(framework\Context::getScope())) { if (!framework\Settings::isRegistrationAllowed()) { throw new \Exception('This account does not have access to this scope'); } } if ($external == false && $authentication_method == framework\Action::AUTHENTICATION_METHOD_CORE) { $password = $user->getHashPassword(); if (!$request->hasCookie('tbg3_username') && !$user->isGuest()) { if ($request->getParameter('tbg3_rememberme')) { framework\Context::getResponse()->setCookie('tbg3_username', $user->getUsername()); framework\Context::getResponse()->setCookie('tbg3_password', $user->getPassword()); } else { framework\Context::getResponse()->setSessionCookie('tbg3_username', $user->getUsername()); framework\Context::getResponse()->setSessionCookie('tbg3_password', $user->getPassword()); } } } } elseif (framework\Settings::isLoginRequired()) { throw new \Exception('Login required'); } else { throw new \Exception('No such login'); } } catch (\Exception $e) { throw $e; } return $user; }
function tbg_get_stylesheets() { return \thebuggenie\core\framework\Context::getResponse()->getStylesheets(); }
public function runAddCommitGitorious(framework\Request $request) { framework\Context::getResponse()->setContentType('text/plain'); framework\Context::getResponse()->renderHeaders(); $passkey = framework\Context::getRequest()->getParameter('passkey'); $project_id = framework\Context::getRequest()->getParameter('project_id'); $project = Project::getB2DBTable()->selectByID($project_id); // Validate access if (!$project) { echo 'Error: The project with the ID ' . $project_id . ' does not exist'; exit; } if (framework\Settings::get('access_method_' . $project->getID(), 'vcs_integration') == Vcs_integration::ACCESS_DIRECT) { echo 'Error: This project uses the CLI access method, and so access via HTTP has been disabled'; exit; } if (framework\Settings::get('access_passkey_' . $project->getID(), 'vcs_integration') != $passkey) { echo 'Error: The passkey specified does not match the passkey specified for this project'; exit; } // Validate data $data = html_entity_decode(framework\Context::getRequest()->getParameter('payload', null, false)); if (empty($data) || $data == null) { die('Error: No payload was provided'); } $entries = json_decode($data); if ($entries == null) { die('Error: The payload could not be decoded'); } $entries = json_decode($data); $previous = $entries->before; // Branch is stored in the ref $ref = $entries->ref; $parts = explode('/', $ref); if (count($parts) == 3) { $branch = $parts[2]; } else { $branch = null; } // Parse each commit individually foreach (array_reverse($entries->commits) as $commit) { $email = $commit->author->email; $author = $commit->author->name; $new_rev = $commit->id; $old_rev = $previous; $commit_msg = $commit->message; $time = strtotime($commit->timestamp); // Add commit echo Vcs_integration::processCommit($project, $commit_msg, $old_rev, $previous, $time, "", $author, $branch); $previous = $new_rev; exit; } }
public function doLogin($username, $password, $mode = 1) { $validgroups = $this->getSetting('groups'); $base_dn = $this->getSetting('b_dn'); $dn_attr = $this->escape($this->getSetting('dn_attr')); $username_attr = $this->escape($this->getSetting('u_attr')); $fullname_attr = $this->escape($this->getSetting('f_attr')); $buddyname_attr = $this->escape($this->getSetting('b_attr')); $email_attr = $this->escape($this->getSetting('e_attr')); $groups_members_attr = $this->escape($this->getSetting('g_attr')); $user_class = framework\Context::getModule('auth_ldap')->getSetting('u_type'); $group_class = framework\Context::getModule('auth_ldap')->getSetting('g_type'); $email = null; $integrated_auth = $this->getSetting('integrated_auth'); /* * Do the LDAP check here. * * If a connection error or something, throw an exception and log * * If we can, set $mail and $realname to correct values from LDAP * otherwise don't touch those variables. * * To log do: * framework\Logging::log('error goes here', 'ldap', framework\Logging::LEVEL_FATAL); */ try { /* * First job is to connect to our control user (may be an anonymous bind) * so we can find the user we want to log in as/validate. */ $connection = $this->connect(); $control_user = $this->getSetting('control_user'); $control_password = $this->getSetting('control_pass'); $this->bind($connection, $control_user, $control_password); // Assume bind successful, otherwise we would have had an exception /* * Search for a user with the username specified. We search in the base_dn, so we can * find users in multiple parts of the directory, and only return users of a specific * class (default person). * * We want exactly 1 user to be returned. We get the user's full name, email, cn * and dn. */ $fields = array($fullname_attr, $buddyname_attr, $email_attr, 'cn', $dn_attr); $filter = '(&(objectClass=' . $this->escape($user_class) . ')(' . $username_attr . '=' . $this->escape($username) . '))'; $results = ldap_search($connection, $base_dn, $filter, $fields); if (!$results) { framework\Logging::log('failed to search for user: '******'ldap', framework\Logging::LEVEL_FATAL); throw new \Exception(framework\Context::geti18n()->__('Search failed: ') . ldap_error($connection)); } $data = ldap_get_entries($connection, $results); // User does not exist if ($data['count'] == 0) { framework\Logging::log('could not find user ' . $username . ', class ' . $user_class . ', attribute ' . $username_attr, 'ldap', framework\Logging::LEVEL_FATAL); throw new \Exception(framework\Context::geti18n()->__('User does not exist in the directory')); } // If we have more than 1 user, something is seriously messed up... if ($data['count'] > 1) { framework\Logging::log('too many users for ' . $username . ', class ' . $user_class . ', attribute ' . $username_attr, 'ldap', framework\Logging::LEVEL_FATAL); throw new \Exception(framework\Context::geti18n()->__('This user was found multiple times in the directory, please contact your administrator')); } /* * If groups are specified, perform group restriction tests */ if ($validgroups != '') { /* * We will repeat this for every group, but groups are supplied as a comma-separated list */ if (strstr($validgroups, ',')) { $groups = explode(',', $validgroups); } else { $groups = array(); $groups[] = $validgroups; } // Assumed we are initially banned $allowed = false; foreach ($groups as $group) { // No need to carry on looking if we have access if ($allowed == true) { continue; } /* * Find the group we are looking for, we search the entire directory as per users (See that stuff) * We want to find 1 group, if we don't get 1, silently ignore this group. */ $fields2 = array($groups_members_attr); $filter2 = '(&(objectClass=' . $this->escape($group_class) . ')(cn=' . $this->escape($group) . '))'; $results2 = ldap_search($connection, $base_dn, $filter2, $fields2); if (!$results2) { framework\Logging::log('failed to search for user after binding: ' . ldap_error($connection), 'ldap', framework\Logging::LEVEL_FATAL); throw new \Exception(framework\Context::geti18n()->__('Search failed ') . ldap_error($connection)); } $data2 = ldap_get_entries($connection, $results2); if ($data2['count'] != 1) { continue; } /* * Look through the group's member list. If we are found, grant access. */ foreach ($data2[0][strtolower($groups_members_attr)] as $member) { $member = preg_replace('/(?<=,) +(?=[a-zA-Z])/', '', $member); $user_dn = preg_replace('/(?<=,) +(?=[a-zA-Z])/', '', $data[0][strtolower($dn_attr)][0]); if (!is_numeric($member) && strtolower($member) == strtolower($user_dn)) { $allowed = true; } } } if ($allowed == false) { throw new \Exception(framework\Context::getI18n()->__('You are not a member of a group allowed to log in')); } } /* * Set user's properties. * Realname is obtained from directory, if not found we set it to the username * Email is obtained from directory, if not found we set it to blank */ if (!array_key_exists(strtolower($fullname_attr), $data[0])) { $realname = $username; } else { $realname = $data[0][strtolower($fullname_attr)][0]; } if (!array_key_exists(strtolower($buddyname_attr), $data[0])) { $buddyname = $username; } else { $buddyname = $data[0][strtolower($buddyname_attr)][0]; } if (!array_key_exists(strtolower($email_attr), $data[0])) { $email = ''; } else { $email = $data[0][strtolower($email_attr)][0]; } /* * If we are performing a non integrated authentication login, * now bind to the user and see if the credentials * are valid. We bind using the full DN of the user, so no need for DOMAIN\ stuff * on Windows, and more importantly it fixes other servers. * * If the bind fails (exception), we throw a nicer exception and don't continue. */ if ($mode == 1 && !$integrated_auth) { try { if (!is_array($data[0][strtolower($dn_attr)])) { $dn = $data[0][strtolower($dn_attr)]; } else { $dn = $data[0][strtolower($dn_attr)][0]; } $bind = $this->bind($connection, $this->escape($dn), $password); } catch (\Exception $e) { throw new \Exception(framework\Context::geti18n()->__('Your password was not accepted by the server')); } } elseif ($mode == 1) { if (!isset($_SERVER[$this->getSetting('integrated_auth_header')]) || $_SERVER[$this->getSetting('integrated_auth_header')] != $username) { throw new \Exception(framework\Context::geti18n()->__('HTTP authentication internal error.')); } } } catch (\Exception $e) { ldap_unbind($connection); throw $e; } try { /* * Get the user object. If the user exists, update the user's * data from the directory. */ $user = \thebuggenie\core\entities\User::getByUsername($username); if ($user instanceof \thebuggenie\core\entities\User) { $user->setBuddyname($buddyname); $user->setRealname($realname); $user->setPassword($user->getJoinedDate() . $username); // update password $user->setEmail($email); // update email address $user->save(); } else { /* * If not, and we are performing an initial login, create the user object * if we are validating a log in, kick the user out as the session is invalid. */ if ($mode == 1) { // create user $user = new \thebuggenie\core\entities\User(); $user->setUsername($username); $user->setRealname('temporary'); $user->setBuddyname($username); $user->setEmail('temporary'); $user->setEnabled(); $user->setActivated(); $user->setJoined(); $user->setPassword($user->getJoinedDate() . $username); $user->save(); } else { throw new \Exception('User does not exist in TBG'); } } } catch (\Exception $e) { ldap_unbind($connection); throw $e; } ldap_unbind($connection); /* * Set cookies and return user row for general operations. */ framework\Context::getResponse()->setCookie('tbg3_username', $username); framework\Context::getResponse()->setCookie('tbg3_password', \thebuggenie\core\entities\User::hashPassword($user->getJoinedDate() . $username, $user->getSalt())); return \thebuggenie\core\entities\tables\Users::getTable()->getByUsername($username); }
public function componentLogin() { $this->selected_tab = isset($this->section) ? $this->section : 'login'; $this->options = $this->getParameterHolder(); if (framework\Context::hasMessage('login_referer')) { $this->referer = htmlentities(framework\Context::getMessage('login_referer'), ENT_COMPAT, framework\Context::getI18n()->getCharset()); } elseif (array_key_exists('HTTP_REFERER', $_SERVER)) { $this->referer = htmlentities($_SERVER['HTTP_REFERER'], ENT_COMPAT, framework\Context::getI18n()->getCharset()); } else { $this->referer = framework\Context::getRouting()->generate('dashboard'); } try { $this->loginintro = null; $this->registrationintro = null; $this->loginintro = \thebuggenie\modules\publish\entities\tables\Articles::getTable()->getArticleByName('LoginIntro'); $this->registrationintro = \thebuggenie\modules\publish\entities\tables\Articles::getTable()->getArticleByName('RegistrationIntro'); } catch (\Exception $e) { } if (framework\Settings::isLoginRequired()) { framework\Context::getResponse()->deleteCookie('tbg3_username'); framework\Context::getResponse()->deleteCookie('tbg3_password'); $this->error = framework\Context::geti18n()->__('You need to log in to access this site'); } elseif (!framework\Context::getUser()->isAuthenticated()) { $this->error = framework\Context::geti18n()->__('Please log in'); } else { //$this->error = framework\Context::geti18n()->__('Please log in'); } }
/** * Do login (AJAX call) * * @Route(name="login", url="/do/login") * @AnonymousRoute * * @param \thebuggenie\core\framework\Request $request */ public function runDoLogin(framework\Request $request) { $i18n = framework\Context::getI18n(); $options = $request->getParameters(); $forward_url = framework\Context::getRouting()->generate('home'); if ($request->hasParameter('persona') && $request['persona'] == 'true') { $url = 'https://verifier.login.persona.org/verify'; $assert = filter_input(INPUT_POST, 'assertion', FILTER_UNSAFE_RAW, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH); //Use the $_POST superglobal array for PHP < 5.2 and write your own filter $params = 'assertion=' . urlencode($assert) . '&audience=' . urlencode(framework\Context::getURLhost() . ':80'); $ch = curl_init(); $options = array(CURLOPT_URL => $url, CURLOPT_RETURNTRANSFER => TRUE, CURLOPT_POST => 2, CURLOPT_POSTFIELDS => $params); curl_setopt_array($ch, $options); $result = curl_exec($ch); curl_close($ch); $details = json_decode($result); $user = null; if ($details->status == 'okay') { $user = entities\User::getByEmail($details->email); if ($user instanceof entities\User) { framework\Context::getResponse()->setCookie('tbg3_password', $user->getPassword()); framework\Context::getResponse()->setCookie('tbg3_username', $user->getUsername()); framework\Context::getResponse()->setCookie('tbg3_persona_session', true); $user->setOnline(); $user->save(); return $this->renderJSON(array('status' => 'login ok', 'redirect' => in_array($request['referer_route'], array('home', 'login')))); } } if (!$user instanceof entities\User) { $this->getResponse()->setHttpStatus(401); $this->renderJSON(array('message' => $this->getI18n()->__('Invalid login'))); } return; } if (framework\Settings::isOpenIDavailable()) { $openid = new \LightOpenID(framework\Context::getRouting()->generate('login_page', array(), false)); } if (framework\Settings::isOpenIDavailable() && !$openid->mode && $request->isPost() && $request->hasParameter('openid_identifier')) { $openid->identity = $request->getRawParameter('openid_identifier'); $openid->required = array('contact/email'); $openid->optional = array('namePerson/first', 'namePerson/friendly'); return $this->forward($openid->authUrl()); } elseif (framework\Settings::isOpenIDavailable() && $openid->mode == 'cancel') { $this->error = framework\Context::getI18n()->__("OpenID authentication cancelled"); } elseif (framework\Settings::isOpenIDavailable() && $openid->mode) { try { if ($openid->validate()) { if ($this->getUser()->isAuthenticated() && !$this->getUser()->isGuest()) { if (tables\OpenIdAccounts::getTable()->getUserIDfromIdentity($openid->identity)) { framework\Context::setMessage('openid_used', true); throw new \Exception('OpenID already in use'); } $user = $this->getUser(); } else { $user = entities\User::getByOpenID($openid->identity); } if ($user instanceof entities\User) { $attributes = $openid->getAttributes(); $email = array_key_exists('contact/email', $attributes) ? $attributes['contact/email'] : null; if (!$user->getEmail()) { if (array_key_exists('contact/email', $attributes)) { $user->setEmail($attributes['contact/email']); } if (array_key_exists('namePerson/first', $attributes)) { $user->setRealname($attributes['namePerson/first']); } if (array_key_exists('namePerson/friendly', $attributes)) { $user->setBuddyname($attributes['namePerson/friendly']); } if (!$user->getNickname() || $user->isOpenIdLocked()) { $user->setBuddyname($user->getEmail()); } if (!$user->getRealname()) { $user->setRealname($user->getBuddyname()); } $user->save(); } if (!$user->hasOpenIDIdentity($openid->identity)) { tables\OpenIdAccounts::getTable()->addIdentity($openid->identity, $user->getID()); } framework\Context::getResponse()->setCookie('tbg3_password', $user->getPassword()); framework\Context::getResponse()->setCookie('tbg3_username', $user->getUsername()); $user->setOnline(); $user->save(); if ($this->checkScopeMembership($user)) { return true; } return $this->forward(framework\Context::getRouting()->generate(framework\Settings::get('returnfromlogin'))); } else { $this->error = framework\Context::getI18n()->__("Didn't recognize this OpenID. Please log in using your username and password, associate it with your user account in your account settings and try again."); } } else { $this->error = framework\Context::getI18n()->__("Could not validate against the OpenID provider"); } } catch (\Exception $e) { $this->error = framework\Context::getI18n()->__("Could not validate against the OpenID provider: %message", array('%message' => htmlentities($e->getMessage(), ENT_COMPAT, framework\Context::getI18n()->getCharset()))); } } elseif ($request->getMethod() == framework\Request::POST) { try { if ($request->hasParameter('tbg3_username') && $request->hasParameter('tbg3_password') && $request['tbg3_username'] != '' && $request['tbg3_password'] != '') { $user = entities\User::loginCheck($request, $this); $user->setOnline(); $user->save(); framework\Context::setUser($user); if ($this->checkScopeMembership($user)) { return true; } if ($request->hasParameter('return_to')) { $forward_url = $request['return_to']; } else { if (framework\Settings::get('returnfromlogin') == 'referer') { $forward_url = $request->getParameter('tbg3_referer', framework\Context::getRouting()->generate('dashboard')); } else { $forward_url = framework\Context::getRouting()->generate(framework\Settings::get('returnfromlogin')); } } $forward_url = htmlentities($forward_url, ENT_COMPAT, framework\Context::getI18n()->getCharset()); } else { throw new \Exception('Please enter a username and password'); } } catch (\Exception $e) { if ($request->isAjaxCall()) { $this->getResponse()->setHttpStatus(401); framework\Logging::log($e->getMessage(), 'openid', framework\Logging::LEVEL_WARNING_RISK); return $this->renderJSON(array("error" => $i18n->__("Invalid login details"))); } else { $this->forward403($e->getMessage()); } } } else { if ($request->isAjaxCall()) { $this->getResponse()->setHttpStatus(401); return $this->renderJSON(array("error" => $i18n->__('Please enter a username and password'))); } else { $this->forward403($i18n->__('Please enter a username and password')); } } if (!isset($user)) { $this->forward403($i18n->__("Invalid login details")); } if ($this->checkScopeMembership($user)) { return true; } $user->setOnline(); $user->save(); if ($request->isAjaxCall()) { return $this->renderJSON(array('forward' => $forward_url)); } else { $this->forward($this->getRouting()->generate('account')); } }
<?php \thebuggenie\core\framework\Context::getResponse()->addHeader('Content-Disposition: attachment; filename="' . $searchtitle . '.csv"'); include_component('search/results_normal_csv', compact('search_object'));
<?php /** * Configuration for theme */ \thebuggenie\core\framework\Context::getResponse()->addStylesheet('firehouse/firehouse.css'); \thebuggenie\core\framework\Settings::setIconsetName('oxygen');