public function action_check()
{
$roles = GateKeeper::getRoles();
if (!$roles || !count($roles)) {
if (Controller::$debug) {
Backend::addNotice('No roles setup, addings some');
}
$roles = $this->getDefaultRoles();
if ($roles) {
foreach ($roles as $role) {
GateKeeper::assign($role['role'], $role['access_type'], $role['access_id']);
if (Controller::$debug) {
Backend::addSuccess('Added role ' . $role['role']);
}
}
}
$permits = $this->getDefaultPermissions();
if ($permits) {
foreach ($permits as $permit) {
GateKeeper::permit($permit['role'], $permit['control'], $permit['action'], $permit['subject'], $permit['subject_id']);
if (Controller::$debug) {
Backend::addSuccess('Added permission to ' . $role['action'] . ' to ' . $permit['role']);
}
}
}
} else {
if (Controller::$debug) {
var_dump($roles);
}
}
}
/**
* The standard action for an Area
*/
public final function action()
{
$toret = null;
$error_number = Controller::getVar('err');
if (!empty($error_number)) {
Backend::addError(self::getError($error_number));
}
if (Controller::$debug) {
Backend::addNotice('Checking Method ' . Controller::$action . ' for ' . get_class($this));
}
$request_method = strtolower(Controller::getMethod()) . '_' . Controller::$action;
$action_method = 'action_' . Controller::$action;
$view_method = Controller::$view->mode . '_' . Controller::$action;
//Determine / check method
$method = false;
if (method_exists($this, $request_method)) {
$method = $request_method;
} else {
if (method_exists($this, $action_method)) {
$method = $action_method;
} else {
if (method_exists($this, $view_method)) {
$method = true;
}
}
}
if (!$method) {
Controller::whoops('Unknown Method', array('message' => 'Method ' . Controller::$area . '::' . Controller::$action . ' does not exist'));
return null;
}
//Check permissions on existing method
if (Controller::getCheckPermissions() && !$this->checkPermissions()) {
//TODO Add a permission denied hook to give the controller a chance to handle the permission denied
Controller::whoops('Permission Denied', array('message' => 'You do not have permission to ' . Controller::$action . ' ' . get_class($this)));
return null;
}
if ($method === true) {
//View method, return null;
return null;
}
if (Controller::$debug) {
Backend::addNotice('Running ' . get_class($this) . '::' . $method);
}
return call_user_func_array(array($this, $method), Controller::$parameters);
}
public function import($file_name, $data = false)
{
$importer_name = get_class($this) . 'Importer';
if (!class_exists($importer_name, true)) {
$importer_name = 'GenericImporter';
}
$count = call_user_func(array($importer_name, 'import'), $this, $file_name, $data);
$error = call_user_func(array($importer_name, 'getLastError'));
if (!empty($error)) {
if (!$count) {
Backend::addError($error);
} else {
Backend::addNotice($error);
}
}
return $count;
}
<?php
$action_url = empty($action_url) ? Controller::$area . '/' . Controller::$action . (empty(Controller::$parameters[0]) ? '' : '/' . Controller::$parameters[0]) : $action_url;
$action_name = empty($action_name) ? ucwords(Controller::$action) : $action_name;
if (!empty($db_object)) {
?>
<form method="post" action="?q=<?php
echo $action_url;
?>
" enctype="multipart/form-data">
<input type="file" name="import_file" class="text" />
<input type="submit" value="<?php
echo $action_name;
?>
<?php
echo $db_object->getMeta('name');
?>
" class=""/>
</form>
<?php
} else {
Backend::addNotice('No Object to Import');
?>
No object
<?php
}
/**
* Add a DB definition to the Backend
*
* @param string The name of the DB
* @param array Options for the DB Connection. Can include
* + username, the username for the connection.
* + password, the password for the connection.
* + name, the name for the connection.
* + connection, An actual PDO connection.
* @returns boolean True if the connection succeeded.
*/
public static function addDB($name, array $options = array())
{
if (!self::checkSelf()) {
return false;
}
$dsn = array_key_exists('dsn', $options) ? $options['dsn'] : false;
if (!$dsn) {
$options['hostname'] = empty($options['hostname']) ? self::getConfig('database.hostname') : $options['hostname'];
$options['database'] = empty($options['database']) ? self::getConfig('database.database') : $options['database'];
$options['driver'] = empty($options['driver']) ? self::getConfig('backend.db.default_driver', 'mysql') : $options['driver'];
$dsn = array();
if (!empty($options['database'])) {
$dsn[] = 'dbname=' . $options['database'];
}
$dsn[] = 'host=' . (empty($options['host']) ? 'localhost' : $options['host']);
$dsn = strtolower($options['driver']) . ':' . implode(';', $dsn);
}
$alias = empty($options['alias']) ? null : $options['alias'];
$username = empty($options['username']) ? null : $options['username'];
$password = empty($options['password']) ? null : $options['password'];
$connection = empty($options['connection']) ? null : $options['connection'];
if (array_key_exists($name, self::$DB)) {
Backend::addNotice('Overwriting existing DB definition: ' . $name);
}
self::$DB[$name] = array('database' => $options['database'], 'dsn' => $dsn, 'username' => $username, 'password' => $password, 'connection' => $connection);
if (!is_null($alias) && $alias != $name) {
if (array_key_exists($alias, self::$DB)) {
Backend::addNotice('Overwriting existing DB definition: ' . $alias);
}
self::$DB[$alias] = self::$DB[$name];
}
return true;
}
public static function check($action = '*', $subject = '*', $subject_id = 0)
{
if (!BACKEND_WITH_DATABASE) {
return true;
}
static $cache = array();
if (is_object($subject)) {
$subject = get_class($subject);
}
$key = serialize(array($action, $subject, $subject_id));
if (array_key_exists($key, $cache)) {
//return $cache[$key];
}
$roles = GateKeeper::permittedRoles($action, class_for_url($subject), $subject_id);
$user = BackendUser::check();
$user = !$user && !empty($_SESSION['BackendUser']) ? $_SESSION['BackendUser'] : $user;
if (!$user && !in_array('anonymous', $roles)) {
if (Controller::$debug) {
Backend::addNotice('Anonymous User');
}
$cache[$key] = true;
return true;
}
if ($subject != '*' && !Component::isActive(class_name($subject))) {
if (Controller::$debug) {
Backend::addNotice('Invalid Component: ' . class_name($subject));
}
$cache[$key] = false;
return false;
}
if (empty($user->roles)) {
if (Controller::$debug) {
Backend::addNotice('No User Roles');
}
$cache[$key] = false;
return false;
}
$intersect = is_array($roles) ? array_intersect($user->roles, $roles) : $user->roles;
if (Controller::$debug >= 2) {
Backend::addNotice('Valid roles found: ' . json_encode($intersect));
}
$result = count($intersect) ? true : false;
$cache[$key] = $result;
return $result;
}
public static function permittedRoles($action = '*', $subject = '*', $subject_id = 0)
{
if (Controller::$debug >= 2) {
Backend::addNotice('Checking action ' . $action . ' for ' . $subject . ' with id ' . $subject_id);
}
$roles = self::permissionHolders($action, $subject, $subject_id);
$specific = false;
if ($roles) {
$result = array();
$most_spec = array(0 => array(), 1 => array(), 2 => array(), 3 => array());
foreach ($roles as $permission) {
$result[$permission['role']] = $permission['role'];
if ($action != '*' && $permission['action'] == $action) {
if ($subject != '*' && $permission['subject'] == $subject) {
if ($subject_id != 0 && $permission['subject_id'] == $subject_id) {
$specific = true;
$most_spec[3][$permission['role']] = $permission['role'];
} else {
if ($permission['subject_id'] == 0) {
$most_spec[2][$permission['role']] = $permission['role'];
}
}
} else {
if ($permission['subject'] == '*') {
$most_spec[1][$permission['role']] = $permission['role'];
}
}
} else {
if ($permission['action'] == '*') {
$most_spec[0][$permission['role']] = $permission['role'];
}
}
}
$most_spec = array_filter($most_spec);
} else {
$result = false;
}
$result = $specific ? end($most_spec) : $result;
if (Controller::$debug) {
Backend::addNotice('Roles found: ' . serialize($result));
}
return $result;
}
public function get_display($id)
{
if (Backend::getDB('default')) {
$id = Hook::run('table_display', 'pre', array($id), array('toret' => $id));
$result = Content::retrieve($id, 'dbobject');
if ($result instanceof DBObject && !empty($result->object)) {
if (!$this->checkPermissions(array('subject_id' => $result->object->id, 'subject' => 'content'))) {
Controller::whoops(array('title' => 'Permission Denied', 'message' => 'You do not have permission to display ' . $result->object->title));
$result = false;
}
} else {
if ($result instanceof DBObject && $id == 'last') {
$result->read(array('limit' => 1, 'conditions' => array('`active` = 1'), 'order' => '`added` DESC', 'mode' => 'object'));
if (!$result->object) {
$result = false;
}
} else {
if (Permission::check('create', 'content')) {
Backend::addNotice('The content does not exist, but you can create it now');
Controller::redirect('?q=content/create/' . $id);
$result = false;
} else {
Controller::whoops(array('title' => 'Unknown Content', 'message' => 'The page you requested could not be found.'));
$result = false;
}
}
}
if ($result && Controller::$debug) {
Backend::addNotice('Content ID: ' . $result->object->id);
}
$object = Hook::run('table_display', 'post', array($result), array('toret' => $result));
return $result;
} else {
//DB less content
$template_file = array($id . '.tpl.php', str_replace('/', '.', $id) . '.tpl.php');
if (Render::checkTemplateFile($template_file[0])) {
Backend::addContent(Render::file($template_file[0]));
} else {
if (Render::checkTemplateFile($template_file[1])) {
Backend::addContent(Render::file($template_file[1]));
} else {
Backend::addContent('Could not find file');
}
}
return true;
}
}
public function html_super_signup($result)
{
if ($result instanceof DBObject) {
//Give option after successful signup to edit details
Backend::addNotice('You can edit the details of the super user <a href="?q=backend_user/edit/1">here</a>');
Controller::redirect('?q=home');
} else {
if (!$result) {
Backend::addContent(Render::file('backend_user.super_signup.tpl.php'));
} else {
Controller::redirect('?q=home');
}
}
}
private static function installComponents($with_db = false)
{
$components = Component::getCoreComponents($with_db);
if (!$components) {
Backend::addError('Could not get components to pre install');
return false;
}
//Save original LogToFile setting
$original = ConfigValue::get('LogToFile', false);
$install_log_file = 'install_log_' . date('Ymd_His') . '.txt';
ConfigValue::set('LogToFile', $install_log_file);
//Pre Install components
Backend::addNotice(PHP_EOL . PHP_EOL . 'Installation started at ' . date('Y-m-d H:i:s'));
$components = array_flatten($components, null, 'name');
foreach ($components as $component) {
if (class_exists($component, true) && method_exists($component, 'pre_install')) {
Backend::addNotice('Pre Installing ' . $component);
if (!call_user_func_array(array($component, 'pre_install'), array())) {
Backend::addError('Error on pre install for ' . $component);
return false;
}
}
}
//Install Components
foreach ($components as $component) {
if (class_exists($component, true) && method_exists($component, 'install')) {
Backend::addNotice('Installing ' . $component);
if (!call_user_func_array(array($component, 'install'), array())) {
Backend::addError('Error on installing ' . $component);
return false;
}
}
}
//Install Application Components
if (is_callable(array('Application', 'getComponents'))) {
$app_components = Application::getComponents();
if (is_array($app_components)) {
foreach ($components as $component) {
if (class_exists($component, true) && method_exists($component, 'install')) {
Backend::addNotice('Installing ' . $component);
if (!call_user_func_array(array($component, 'install'), array())) {
Backend::addError('Error on installing ' . $component);
return false;
}
}
}
}
}
//Restore Original
ConfigValue::set('LogToFile', $original);
return true;
}
public function install(array $options = array())
{
$toret = false;
$this->error_msg = false;
if ($this->checkConnection()) {
$drop_table = array_key_exists('drop_table', $options) ? $options['drop_table'] : false;
$query = $this->getInstallSQL();
if ($query) {
if ($drop_table) {
$table = $this->getSource();
$drop_query = new CustomQuery('DROP TABLE IF EXISTS ' . Query::getTable($this) . '', array('connection' => $this->db));
$drop_query->execute();
Backend::addNotice('Dropping table ' . $table);
if (!empty($drop_query->error_msg)) {
$this->error_msg = $drop_query->error_msg;
}
}
$query = new CustomQuery($query, array('connection' => $this->db));
$toret = $query->execute();
if (!empty($query->error_msg)) {
$this->error_msg = $query->error_msg;
}
} else {
if (class_exists('BackendError', false)) {
BackendError::add(get_class($this) . ': No Install SQL', 'install');
}
$this->error_msg = 'No Install SQL for ' . class_name($this);
}
} else {
if (class_exists('BackendError', false)) {
BackendError::add(get_class($this) . ': DB Connection Error', 'install');
}
$this->error_msg = 'DB Connection error';
}
return $toret;
}
public static function run($hookName, $type, array $parameters = array(), array $options = array())
{
//Specify what should be returned if the result of the hook is NULL
//This ensures that hooks return what they should, even if the hook doesn't run
$result = null;
if (count($parameters)) {
$returnIndex = array_key_exists('return_index', $options) ? $options['return_index'] : null;
if (is_null($returnIndex)) {
//Default to the first parameter passed
$result = reset($parameters);
} else {
$result = $parameters[$returnIndex];
}
}
//If the result was specified, return that
$result = array_key_exists('toret', $options) ? $options['toret'] : $result;
if ($hooks = self::get($hookName, $type)) {
foreach ($hooks as $hook) {
//Check if the hook is active and callable
if (Component::isActive($hook['class'])) {
if (is_callable(array($hook['class'], $hook['method']))) {
if (Controller::$debug >= 2) {
$notice = 'Running ' . $hook['class'] . '::' . $hook['method'] . ' for hook ' . $hookName . '-' . $type;
Backend::addNotice($notice);
}
//Run it
$toret = call_user_func_array(array($hook['class'], $hook['method']), $parameters);
if (!is_null($toret)) {
$result = $toret;
if (count($parameters) && !is_null($returnIndex)) {
$parameters[$returnIndex] = $toret;
}
}
} else {
if (Controller::$debug) {
Backend::addNotice('Undefined Hook: ' . $hook['class'] . '::' . $hook['method']);
}
}
}
}
}
return $result;
}
/**
* Render the data into the correct format / as information
*
* This function takes data, and translates it into information.
*/
function display($data, $controller)
{
$data = Hook::run('display', 'pre', array($data, $controller), array('toret' => $data));
if (method_exists($this, 'hook_display')) {
$data = $this->hook_display($data, $controller);
}
if ($controller instanceof AreaCtl && $controller->checkPermissions()) {
$display_method = $this->mode . '_' . Controller::$action;
$view_method = 'output_' . Controller::$action;
$mode_method = $this->mode;
//Controller->view
if (method_exists($controller, $mode_method)) {
if (Controller::$debug) {
Backend::addNotice('Running ' . get_class($controller) . '::' . $mode_method);
}
$data = $controller->{$mode_method}($data);
}
//Application->view
$app_class = ConfigValue::get('settings.Class', 'Application');
if (is_callable(array($app_class, $mode_method))) {
if (Controller::$debug) {
Backend::addNotice('Running ' . $app_class . '::' . $mode_method);
}
$data = call_user_func(array($app_class, $mode_method), $data);
}
if (Controller::$debug) {
Backend::addNotice('Checking ' . get_class($controller) . '::' . $display_method . ' and then ' . get_class($this) . '::' . $view_method);
}
//Controller->display_method and View->view_method
if (method_exists($controller, $display_method)) {
if (Controller::$debug) {
Backend::addNotice('Running ' . get_class($controller) . '::' . $display_method);
}
$data = $controller->{$display_method}($data);
} else {
if (method_exists($this, $view_method)) {
if (Controller::$debug) {
Backend::addNotice('Running ' . get_class($this) . '::' . $view_method);
}
$data = $this->{$view_method}($data);
}
}
}
$data = Hook::run('display', 'post', array($data, $controller), array('toret' => $data));
if (method_exists($this, 'hook_post_display')) {
$data = $this->hook_post_display($data, $controller);
}
$this->output($data);
}
public static function handleRequest($ch, $returned, $options)
{
if (Controller::$debug) {
if ($curl_error = curl_errno($ch)) {
Backend::addNotice('CURL Error: ' . $curl_error);
}
$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
if ($http_code != 200) {
Backend::addNotice('HTTP Returned code: ' . $http_code);
}
}
return $returned;
}
private function generateSitemap($component)
{
if (!method_exists($component, 'getSitemap')) {
return false;
}
if (!Component::isActive($component)) {
Backend::addError('Could not generate sitemap: Component inactive. (' . $component . ')');
return false;
}
$controller = new $component();
$object = $component::retrieve();
if (!$controller instanceof TableCtl) {
Backend::addError('Could not generate sitemap: Invalid Area. (' . $component . ')');
return false;
}
$filename = WEB_FOLDER . '/sitemap_' . $component . '.xml';
if (file_exists($filename) && !is_writable($filename)) {
Backend::addError('Could not generate sitemap: Cannot open sitemap file. (' . $filename . ')');
return false;
}
$fp = fopen($filename, 'w');
if (!$fp) {
Backend::addError('Could not generate sitemap: Could not open sitemap file. (' . $component . ')');
return false;
}
$sitemap = $controller->getSitemap();
if (count($sitemap) == 2 && array_key_exists('list', $sitemap) && array_key_exists('options', $sitemap)) {
$list = $sitemap['list'];
$options = $sitemap['options'];
} else {
$list = $sitemap;
$options = array();
}
if (!$list) {
Backend::addError('Could not generate sitemap: Could not generate list. (' . $component . ')');
return false;
}
if (Controller::$debug) {
Backend::addNotice('Generating sitemap for ' . $component . ' at ' . WEB_FOLDER . '/sitemap_' . $component . '.xml found at ' . SITE_LINK . basename($filename));
}
$last_date = 0;
$links = array();
//Compile Links
foreach ($list as $row) {
$last_date = strtotime($row['modified']) > $last_date ? strtotime($row['modified']) : $last_date;
if (empty($options['id_field'])) {
$id = !empty($row['name']) ? $row['name'] : $row[$object->getMeta('id_field')];
} else {
$id = $row[$options['id_field']];
}
if (empty($id)) {
var_dump($id, $row, $object->getMeta('id_field'), $object->getMeta('id'));
die;
}
if (ConfigValue::get('CleanURLs', false)) {
$url = SITE_LINK . '/' . class_for_url($component) . '/' . $id;
} else {
$url = SITE_LINK . '/?q=' . class_for_url($component) . '/' . $id;
}
$row['url'] = $url;
$row = array_merge($row, $options);
$links[] = $row;
}
//Add link to area
//TODO Make this configurable
if (ConfigValue::get('CleanURLs', false)) {
$url = SITE_LINK . '/' . class_for_url($component);
} else {
$url = SITE_LINK . '/?q=' . class_for_url($component);
}
$link = array('url' => $url, 'modified' => date('Y-m-d H:i:s', $last_date));
$link['priority'] = array_key_exists('area_priority', $options) ? $options['area_priority'] : 0.8;
$link['frequency'] = array_key_exists('frequency', $options) ? $options['frequency'] : 'daily';
$links[] = $link;
fwrite($fp, Render::file('backend_sitemap/sitemap.tpl.php', array('links' => $links)));
return $filename;
}
public static function action()
{
if (self::$whoopsed) {
return array(null, null);
}
$control_name = class_name(self::$area);
if (Controller::$debug) {
Backend::addNotice('Trying Controller ' . $control_name);
}
$controller = class_exists($control_name, true) ? new $control_name() : false;
if (!($controller instanceof AreaCtl && Component::isActive($control_name))) {
if (Backend::getDB('default')) {
//We have a DB
Controller::whoops('Component ' . $control_name . ' is Inactive or Invalid', array('message' => 'The requested component doesn\'t exist or is inactive.', 'code_hint' => 404));
self::$area = ConfigValue::get('DefaultErrorController', 'home');
self::$action = ConfigValue::get('DefaultErrorAction', 'error');
$control_name = class_name(self::$area);
} else {
//No DB, allow Content to check if the template exists
self::$parameters[0] = self::$area . '/' . self::$action;
if (count(self::$parameters[0]) > 1) {
self::$parameters = array(self::$parameters[0]);
}
self::$area = ConfigValue::get('DefaultErrorController', 'content');
self::$action = ConfigValue::get('DefaultErrorAction', 'display');
$control_name = class_name(self::$area);
}
}
$controller = class_exists($control_name, true) ? new $control_name() : false;
if (!($controller instanceof AreaCtl && Component::isActive($control_name))) {
Controller::whoops('Invalid Error Area Controller', 'The DefaultErrorController is invalid or inactive.');
return null;
}
Backend::add('Area', self::$area);
Backend::add('Action', self::$action);
if (Controller::$debug) {
Backend::addNotice('Code for this page is in the ' . get_class($controller) . ' Controller');
}
$result = null;
$run_action = Hook::run('action', 'pre', array(), array('toret' => true));
if ($run_action) {
$result = $controller->action();
}
Hook::run('action', 'post');
return array($controller, $result);
}
