public function __construct() { // check if the user is logged in $this->validateLogin(); // named application if (!defined('NAMED_APPLICATION')) { define('NAMED_APPLICATION', 'backend_ajax'); } // get values from the GET-parameters $module = isset($_GET['fork']['module']) ? $_GET['fork']['module'] : ''; $action = isset($_GET['fork']['action']) ? $_GET['fork']['action'] : ''; $language = isset($_GET['fork']['language']) ? $_GET['fork']['language'] : SITE_DEFAULT_LANGUAGE; // overrule the values with the ones provided through POST $module = isset($_POST['fork']['module']) ? $_POST['fork']['module'] : $module; $action = isset($_POST['fork']['action']) ? $_POST['fork']['action'] : $action; $language = isset($_POST['fork']['language']) ? $_POST['fork']['language'] : $language; // create URL instance, since the template modifiers need this object $URL = new BackendURL(); $URL->setModule($module); $this->setModule($module); $this->setAction($action); $this->setLanguage($language); // create a new action $action = new BackendAJAXAction(); $action->setModule($this->getModule()); $action->setAction($this->getAction()); try { $action->execute(); } catch (Exception $e) { // set correct headers SpoonHTTP::setHeadersByCode(500); // if we are debugging we should see the exceptions if (SPOON_DEBUG) { throw $e; } // output $fakeAction = new BackendBaseAJAXAction(); $fakeAction->output(BackendBaseAJAXAction::ERROR, null, $e->getMessage()); } }
/** * Set module * * @param string $value The module to use. */ private function setModule($value) { // set property $this->module = (string) $value; // core is a module that contains general stuff, so it has to be allowed if ($this->module !== 'core') { // is this module allowed? if (!BackendAuthentication::isAllowedModule($this->module)) { // set correct headers SpoonHTTP::setHeadersByCode(403); // stop script execution exit; } } // create URL instance, the templatemodifiers need this object $URL = new BackendURL(); // set the module $URL->setModule($this->module); }
/** * Set module * * @return void * @param string $value The module to use. */ public function setModule($value) { // set property $this->module = (string) $value; // is this module allowed? if (!BackendAuthentication::isAllowedModule($this->module)) { // set correct headers SpoonHTTP::setHeadersByCode(403); // output $fakeAction = new BackendBaseAJAXAction('', ''); $fakeAction->output(BackendBaseAJAXAction::FORBIDDEN, null, 'Module not allowed.'); } // create URL instance, the templatemodifiers need this object $URL = new BackendURL(); // set the module $URL->setModule($this->module); }