예제 #1
0
 public function isLoggedIn()
 {
     if (isset($_REQUEST['auth-token']) && $_REQUEST['auth-token'] && strlen($_REQUEST['auth-token']) == 8) {
         return $this->loginFromToken($_REQUEST['auth-token']);
     }
     return parent::isLoggedIn();
 }
 /**
  * Overrides the Symphony isLoggedIn function to allow Authors
  * to become logged into the backend when `$_REQUEST['auth-token']`
  * is present. This logs an Author in using the loginFromToken function.
  * A token may be 6 or 8 characters in length in the backend. A 6 character token
  * is used for forget password requests, whereas the 8 character token is used to login
  * an Author into the page
  *
  * @see core.Symphony#loginFromToken()
  * @return boolean
  */
 public function isLoggedIn()
 {
     if (isset($_REQUEST['auth-token']) && $_REQUEST['auth-token'] && in_array(strlen($_REQUEST['auth-token']), array(6, 8))) {
         return $this->loginFromToken($_REQUEST['auth-token']);
     }
     return parent::isLoggedIn();
 }
예제 #3
0
 /**
  * Overrides the Symphony `isLoggedIn()` function to allow Authors
  * to become logged into the frontend when `$_REQUEST['auth-token']`
  * is present. This logs an Author in using the loginFromToken function.
  * This function allows the use of 'admin' type pages, where a Frontend
  * page requires that the viewer be a Symphony Author
  *
  * @see core.Symphony#loginFromToken()
  * @see core.Symphony#isLoggedIn()
  * @return boolean
  */
 public static function isLoggedIn()
 {
     if (isset($_REQUEST['auth-token']) && $_REQUEST['auth-token'] && strlen($_REQUEST['auth-token']) == 8) {
         return self::loginFromToken($_REQUEST['auth-token']);
     }
     return Symphony::isLoggedIn();
 }
function renderer_json($mode)
{
    if (strtolower($mode) == 'administration') {
        throw new Lib\Exceptions\InvalidModeException('JSON Renderer launcher is only available on the frontend');
    }
    $renderer = Frontend::instance();
    // Check if we should enable exception debug information
    $exceptionDebugEnabled = Symphony::isLoggedIn();
    // Use the JSON exception and error handlers instead of the Symphony one.
    Lib\ExceptionHandler::initialise($exceptionDebugEnabled);
    Lib\ErrorHandler::initialise($exceptionDebugEnabled);
    // #1808
    if (isset($_SERVER['HTTP_MOD_REWRITE'])) {
        throw new Exception("mod_rewrite is required, however is not enabled.");
    }
    $output = $renderer->display(getCurrentPage());
    cleanup_session_cookies();
    if (in_array('JSON', Frontend::Page()->pageData()['type'])) {
        // Load the output into a SimpleXML Container and convert to JSON
        try {
            $xml = new SimpleXMLElement($output, LIBXML_NOCDATA);
            // Convert the XML to a plain array. This step is necessary as we cannot
            // use JSON_PRETTY_PRINT directly on a SimpleXMLElement object
            $outputArray = json_decode(json_encode($xml), true);
            // Get the transforer object ready. Other extensions will
            // add their transormations to this.
            $transformer = new Lib\Transformer();
            /**
             * Allow other extensions to add their own transformers
             */
            Symphony::ExtensionManager()->notifyMembers('APIFrameworkJSONRendererAppendTransformations', '/frontend/', ['transformer' => &$transformer]);
            // Apply transformations
            $outputArray = $transformer->run($outputArray);
            // Now put the array through a json_encode
            $output = json_encode($outputArray, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES);
        } catch (\Exception $e) {
            // This happened because the input was not valid XML. This could
            // occur for a few reasons, but there are two scenarios
            // we are interested in.
            // 1) This is a devkit page (profile, debug etc). We want the data
            //    to be passed through and displayed rather than converted into
            //    JSON. There is no easy way in Symphony to tell if a devkit has
            //    control over the page, so instead lets inspect the output for
            //    any signs a devkit is rendering the page.
            // 2) It is actually bad XML. In that case we need to let the error
            //    bubble through.
            // Currently the easiest method is to check for the devkit.min.css
            // in the output. This may fail in the furture if this file is
            // renamed or moved.
            if (!preg_match("@\\/symphony\\/assets\\/css\\/devkit.min.css@", $output)) {
                throw $e;
            }
        }
    }
    echo $output;
    return $renderer;
}
예제 #5
0
 public function write_page_cache(&$output)
 {
     if ($this->_in_excluded_pages() || !$this->_isGetRequest()) {
         return;
     }
     $logged_in = Symphony::isLoggedIn();
     if (!$logged_in) {
         $this->_updateFromGetValues();
         $render = $output['output'];
         // rebuild entry/section reference list for this page
         $this->_delete_page_references($this->_url);
         $this->_save_page_references($this->_url, $this->_sections, $this->_entries);
         if (!$this->_cacheLite->get($this->_url)) {
             $this->_cacheLite->save($render);
         }
         # Add comment
         if ($this->_get_comment_pref() == 'yes') {
             $render .= "<!-- Cache generated: " . $this->_cacheLite->_fileName . " -->";
         }
         header("Expires: " . gmdate("D, d M Y H:i:s", $this->_lifetime) . " GMT");
         header("Cache-Control: max-age=" . $this->_lifetime . ", must-revalidate");
         header("Last-Modified: " . gmdate('D, d M Y H:i:s', time()) . ' GMT');
         header("X-Frame-Options: SAMEORIGIN");
         header("Access-Control-Allow-Origin: " . URL);
         header(sprintf('Content-Length: %d', strlen($render)));
         print $render;
         exit;
     }
 }