/** * Gets content panel for the Debugbar * * @return string */ public function getPanel() { $this->_request = Zend_Controller_Front::getInstance()->getRequest(); $viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer'); if ($viewRenderer->view && method_exists($viewRenderer->view, 'getVars')) { $viewVars = $this->_cleanData($viewRenderer->view->getVars()); } else { $viewVars = "No 'getVars()' method in view class"; } $vars = '<div style="width:50%;float:left;">'; $vars .= '<h4>View variables</h4>' . '<div id="ZFDebug_vars" style="margin-left:-22px">' . $viewVars . '</div>' . '<h4>Request parameters</h4>' . '<div id="ZFDebug_requests" style="margin-left:-22px">' . $this->_cleanData($this->_request->getParams()) . '</div>'; $vars .= '</div><div style="width:45%;float:left;">'; if ($this->_request->isPost()) { $vars .= '<h4>Post variables</h4>' . '<div id="ZFDebug_post" style="margin-left:-22px">' . $this->_cleanData($this->_request->getPost()) . '</div>'; } $vars .= '<h4>Constants</h4>'; $constants = get_defined_constants(true); ksort($constants['user']); $vars .= '<div id="ZFDebug_constants" style="margin-left:-22px">' . $this->_cleanData($constants['user']) . '</div>'; $registry = Zend_Registry::getInstance(); $vars .= '<h4>Zend Registry</h4>'; $registry->ksort(); $vars .= '<div id="ZFDebug_registry" style="margin-left:-22px">' . $this->_cleanData($registry) . '</div>'; $cookies = $this->_request->getCookie(); $vars .= '<h4>Cookies</h4>' . '<div id="ZFDebug_cookie" style="margin-left:-22px">' . $this->_cleanData($cookies) . '</div>'; $vars .= '</div><div style="clear:both"> </div>'; return $vars; }
/** * Gets content panel for the Debugbar * * @return string */ public function getPanel() { $this->_request = Zend_Controller_Front::getInstance()->getRequest(); $viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer'); $viewVars = $viewRenderer->view->getVars(); $vars = ''; if ($this->_request->isPost()) { $vars .= '<h4>$_POST</h4>' . '<div id="Centurion_ZFDebug_post">' . $this->_cleanData($this->_request->getPost()) . '</div>'; } $vars .= '<h4>$_COOKIE</h4>' . '<div id="Centurion_ZFDebug_cookie">' . $this->_cleanData($this->_request->getCookie()) . '</div>' . '<h4>Request</h4>' . '<div id="Centurion_ZFDebug_requests">' . $this->_cleanData($this->_request->getParams()) . '</div>' . '<h4>View vars</h4>' . '<div id="Centurion_ZFDebug_vars">' . $this->_cleanData($viewVars) . '</div>'; return $vars; }
/** * Called before Zend_Controller_Front calls on the router to evaluate the * request against the registered routes * * @param Zend_Controller_Request_Abstract $request */ public function routeStartup(Zend_Controller_Request_Abstract $request) { if ($request instanceof Zend_Controller_Request_Http) { if ($request->isPost() || $request->isPut()) { $post = $request->getPost(); if (empty($post) && empty($_FILES)) { // Get maximum size and meassurement unit $max = ini_get('post_max_size'); $unit = substr($max, -1); if (!is_numeric($unit)) { $max = substr($max, 0, -1); } // Convert to bytes switch (strtoupper($unit)) { case 'G': $max *= 1024; case 'M': $max *= 1024; case 'K': $max *= 1024; } $length = $request->getServer('CONTENT_LENGTH'); if ($max < $length) { if (!empty($this->_callback)) { call_user_func($this->_callback, $request); } else { $e = new Zend_Controller_Exception('Maximum content length size (' . $max . ') exceeded', 1000); $this->getResponse()->setException($e); } } } } } }
public function addAction() { if ($this->_request->isPost()) { $url = $this->_request->getParam('currentUrl'); if ($this->_request->getParam('dataFormProducts')) { $dataProducts = $this->_request->getParam('dataFormProducts'); //основные - sku, name, description, note, sorting, path $product = new Catalog_Model_Products($dataProducts); //modDate, order $product->setMetaTitle($dataProducts['name'])->setMetaDescription($dataProducts['description'])->setMetaKeywords($dataProducts['name'])->setOrder($dataProducts['sorting'])->setActive(1)->setDeleted(0)->setAddDate(date("Y-m-d H:i:s"))->setModDate(date("Y-m-d H:i:s")); $this->_modelMapper->save($product); $productId = $this->_modelMapper->getDbTable()->getAdapter()->lastInsertId(); $categoriesMapperXref = new Catalog_Model_Mapper_CategoriesXref(); $categoriesMapperXref->save(new Catalog_Model_CategoriesXref(array('productId' => $productId, 'categoryId' => $this->_request->getParam('categoryId')))); $product = $this->_modelMapper->find($productId, $this->_model); $upload = new Zend_File_Transfer(); $uploadPath = '/upload/products/' . $product->getId() . '/'; //image if ($upload->isUploaded('fileLoadImage')) { $imageFile = $this->_uploadFiles($productId, $upload, 'fileLoadImage'); $product->setUploadPath($uploadPath)->setImage($imageFile['fileLoadImage']['name']); } //draft if ($upload->isUploaded('fileLoadDraft')) { $imageFile = $this->_uploadFiles($productId, $upload, 'fileLoadDraft'); $product->setUploadPathDraft($uploadPath)->setDraft($imageFile['fileLoadDraft']['name']); } $this->_modelMapper->save($product); $url = '/catalog/' . $product->getFullPath(); } $this->clearCache('CatalogProductsList'); $this->_redirector->gotoUrlAndExit($url); } //Zend_Debug::dump($this->_request->getParams()); }
/** * Gets content panel for the Debugbar * * @return string */ public function getPanel() { $this->_request = Zend_Controller_Front::getInstance()->getRequest(); $viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer'); if ($viewRenderer->view && method_exists($viewRenderer->view, 'getVars')) { $viewVars = $this->_cleanData($viewRenderer->view->getVars()); } else { $viewVars = "Pas de méthode 'getVars()' dans l\\'objet vue"; } $vars = ''; if ($this->_request->isPost()) { $vars .= '<h4>Superglobale $_POST</h4>' . '<div id="ZFDebug_post">' . $this->_cleanData($this->_request->getPost()) . '</div>'; } $vars .= '<h4>Superglobale $_COOKIE</h4>' . '<div id="ZFDebug_cookie">' . $this->_cleanData($this->_request->getCookie()) . '</div>' . '<h4>Paramètres de l\'objet Request</h4>' . '<div id="ZFDebug_requests">' . $this->_cleanData($this->_request->getParams()) . '</div>' . '<h4>Variables de vue (Zend_View)</h4>' . '<div id="ZFDebug_vars">' . $viewVars . '</div>'; return $vars; }
/** * Authenticate a user. * * @param Zend_Controller_Request_Abstract $request The current request * @param Zend_Controller_Response_Abstract $response The current response * @return array|bool User data, * or FALSE when no user is logged in yet */ public function authenticate(Zend_Controller_Request_Abstract $request, Zend_Controller_Response_Abstract $response) { if (!$request->isPost()) { return $this->acceptToken($request->getParam('token'), $request->getParam('uid')); } $this->requestToken($request->getPost()); return false; }
/** * Gets content panel for the Debugbar * * @return string */ public function getPanel() { $this->_request = Zend_Controller_Front::getInstance()->getRequest(); $viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer'); if ($viewRenderer->view && method_exists($viewRenderer->view, 'getVars')) { $viewVars = $this->_cleanData($viewRenderer->view->getVars()); } else { $viewVars = "No 'getVars()' method in view class"; } // $front = Zend_Controller_Front::getInstance(); $vars = ''; if ($this->_request->isPost()) { $vars .= '<h4>$_POST</h4>' . '<div id="ZFDebug_post">' . $this->_cleanData($this->_request->getPost()) . '</div>'; } $vars .= '<h4>$_COOKIE</h4>' . '<div id="ZFDebug_cookie">' . $this->_cleanData($this->_request->getCookie()) . '</div>' . '<h4>Request</h4>' . '<div id="ZFDebug_requests">' . $this->_cleanData($this->_request->getParams()) . '</div>' . '<h4>View vars</h4>' . '<div id="ZFDebug_vars">' . $viewVars . '</div>'; return $vars; }
/** * deleteAction * @author Cornelius Hansjakob <*****@*****.**> * @version 1.0 */ public function deleteAction() { $this->core->logger->debug('properties->controllers->CategoryController->deleteAction()'); $this->getModelCategories(); if ($this->objRequest->isPost() && $this->objRequest->isXmlHttpRequest()) { $this->objModelCategories->deleteCategoryNode($this->objRequest->getParam("id")); $this->view->blnShowFormAlert = true; } $this->renderScript('category/form.phtml'); }
/** * deleteAction * @author Cornelius Hansjakob <*****@*****.**> * @version 1.0 */ public function deleteAction() { $this->core->logger->debug('core->controllers->FolderController->deleteAction()'); $this->getModelFolders(); if ($this->objRequest->isPost() && $this->objRequest->isXmlHttpRequest()) { $this->objModelFolders->deleteFolderNode($this->objRequest->getParam("id")); $this->view->blnShowFormAlert = true; } $this->renderScript('folder/form.phtml'); }
/** * Authenticate a user. * @param Zend_Controller_Request_Abstract $request The current request * @param Zend_Controller_Response_Abstract $response The current response * @return Array|Boolean User data, or FALSE */ public function authenticate(Zend_Controller_Request_Abstract $request, Zend_Controller_Response_Abstract $response) { $facebook = $this->_getFacebookClient(); $authVars = $this->_getAuthVars(); $cookie = new Garp_Store_Cookie('Garp_Auth'); /** * Send the user to Facebook to login and give us access. * This happens when the form on the login page gets posted. * Then this request will be made one more time; when the user comes back from Facebook. * At that point he might has given us access, which is * checked in the try {...} catch(){...} block below. * Just note that any POST request here results in the user being redirected to Facebook. */ if ($request->isPost()) { if (!empty($this->_extendedUserColumns)) { $cookie->extendedUserColumns = serialize($this->_extendedUserColumns); } $cookie->writeCookie(); $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector'); $scope = isset($authVars->scope) ? $authVars->scope : null; $redirector->gotoUrl($facebook->getLoginUrl(array('scope' => $scope))); exit; } // Session based API call. try { if ($cookie->extendedUserColumns) { $this->setExtendedUserColumns(unserialize($cookie->extendedUserColumns)); $cookie->destroy('extendedUserColumns'); } $userData = $facebook->login(!!$authVars->grabUserImage); $userData = $this->_getUserData($userData); // Automatically fetch friends if so configured. if (!empty($authVars->friends->collect) && $authVars->friends->collect) { $bindingModel = 'Model_UserUser'; // A Sensible Default™ if (empty($authVars->friends->bindingModel)) { $bindingModel = $authVars->friends->bindingModel; } $facebook->mapFriends(array('bindingModel' => $bindingModel, 'user_id' => $userData['id'])); } return $userData; } catch (FacebookApiException $e) { $this->_addError($e->getMessage()); return false; } catch (Exception $e) { if (strpos($e->getMessage(), 'Duplicate entry') !== false && strpos($e->getMessage(), 'email_unique') !== false) { $this->_addError(__('this email address already exists')); return false; } throw $e; $this->_addError(__('login error')); return false; } }
/** * Creates an autosearch form for indexAction. * * @return \Gems_Form|null */ protected function getAutoSearchForm() { $data = $this->getSearchData(); // \MUtil_Echo::track($data); $this->form = $form = $this->createForm(array('name' => 'autosubmit', 'class' => 'form-inline', 'role' => 'form')); $elements = $this->getAutoSearchElements($data); if ($elements) { // Assign a name so autosubmit will only work on this form (when there are others) $form->setHtml('div'); $div = $form->getHtml(); $div->class = 'search'; $span = $div->div(array('class' => 'panel panel-default'))->div(array('class' => 'inputgroup panel-body')); $elements[] = $this->getAutoSearchSubmit(); if ($reset = $this->getAutoSearchReset()) { $elements[] = $reset; } foreach ($elements as $element) { if ($element instanceof \Zend_Form_Element) { $appendLabel = false; if ($element->getLabel()) { $labelDecor = $element->getDecorator('Label'); if ($labelDecor) { $appendLabel = \Zend_Form_Decorator_Abstract::APPEND === $labelDecor->getPlacement(); if (!$appendLabel) { $span->label($element); } } } $span->input($element); if ($appendLabel) { $span->label($element); } // TODO: Elementen automatisch toevoegen in \MUtil_Form $form->addElement($element); } elseif (null === $element) { $span = $div->div(array('class' => 'panel panel-default'))->div(array('class' => 'inputgroup panel-body')); } else { $span[] = $element; } } if ($this->request->isPost()) { if (!$form->isValid($data)) { $this->addMessage($form->getErrorMessages()); $this->addMessage($form->getMessages()); } } else { $form->populate($data); } $href = $this->getAutoSearchHref(); $form->setAutoSubmit($href, $this->containingId); return $form; } }
/** * Performs CSRF protection checks before dispatching occurs * @param Zend_Controller_Request_Abstract $request */ public function preDispatch(Zend_Controller_Request_Abstract $request) { $this->_initializeTokens(); if ($request->isPost() === true && $this->_autoProtect) { if (empty($this->_previousToken)) { throw new RuntimeException('A possible CSRF attack detected - no token received'); } $value = $request->getPost($this->_keyName); if (!$this->isValidToken($value)) { throw new RuntimeException('A possible CSRF attack detected - tokens do not match'); } } }
/** * @access public * @param Zend_Controller_Request_Abstract $request * @return boolean|null */ public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request) { if (!$request->isPost()) { return null; } $formHelperToken = $this->getHelper(); $token = $request->getPost($formHelperToken->getTokenKey()); if (!empty($token) && $formHelperToken->hasToken($token)) { $formHelperToken->removeToken($token); return true; } $this->_checkFailed($request); return false; }
/** * Performs CSRF protection checks before dispatching occurs * @param Zend_Controller_Request_Abstract $request */ public function preDispatch(Zend_Controller_Request_Abstract $request) { $this->_initializeTokens(); if ($request->isPost() === true) { $this->_error->message = null; if (empty($this->_previousToken)) { $this->_error->message = Zend_Registry::get('t')->_('No token received, please re-submit the form'); } //A possible CSRF attack detected - no token received $value = $request->getPost($this->_keyName); if (!$this->isValidToken($value)) { $this->_error->message = Zend_Registry::get('t')->_('Tokens do not match, please re-submit the form'); } //A possible CSRF attack detected - tokens do not match } }
public function routeStartup(Zend_Controller_Request_Abstract $request) { $this->_securitySession = new Zend_Session_Namespace('Zetta_Security'); if ($request->isPost() && (!$request->getParam('csrf_hash') || $request->getParam('csrf_hash') != $this->_securitySession->csrf_hash)) { throw new Exception('Access Denied (csrf attack detected)', 401); } $this->_csrf_hash = md5(rand()); if (!$this->_securitySession->csrf_hash) { $this->_securitySession->csrf_hash = $this->_csrf_hash; } $this->_view->headScript()->prependScript(' var _csrf_hash = "' . $this->_securitySession->csrf_hash . '";'); $this->_view->csrf_hash = $this->_securitySession->csrf_hash; Zend_Controller_Front::getInstance()->unregisterPlugin($this)->registerPlugin($this, 1000000); // перерегистрируем плагин чтобы dispatchLoopShutdown запустился последним }
/** * Create the snippets content * * This is a stub function either override getHtmlOutput() or override render() * * @param \Zend_View_Abstract $view Just in case it is needed here * @return \MUtil_Html_HtmlInterface Something that can be rendered */ public function getHtmlOutput(\Zend_View_Abstract $view) { if ($this->request->isPost()) { $this->export->render($this->getRespondentIds(), $this->request->getParam('group'), $this->request->getParam('format')); } else { $seq = new \MUtil_Html_Sequence(); if ($this->formTitle) { $seq->h2($this->formTitle); } $form = $this->export->getForm($this->hideGroup); $div = $seq->div(array('id' => 'mainform'), $form); $table = new \MUtil_Html_TableElement(array('class' => 'formTable')); $table->setAsFormLayout($form); $form->populate($this->request->getParams()); return $seq; } }
/** * dashboardAction * @author Thomas Schedler <*****@*****.**> * @version 1.0 */ public function dashboardAction() { $this->core->logger->debug('global->controllers->ElementController->dashboardAction()'); try { $this->getModelFolders(); if ($this->objRequest->isPost() && $this->objRequest->isXmlHttpRequest()) { $intRootLevelId = $this->objRequest->getParam('rootLevelId'); $intLimitNumber = 10; $objGlobals = $this->objModelFolders->loadLimitedRootLevelChilds($intRootLevelId, $intLimitNumber); $this->view->assign('objGlobals', $objGlobals); $this->view->assign('limit', $intLimitNumber); } } catch (Exception $exc) { $this->core->logger->err($exc); exit; } }
/** * Authenticate a user. * @param Zend_Controller_Request_Abstract $request The current request * @param Zend_Controller_Response_Abstract $response The current response * @return Array|Boolean User data, or FALSE */ public function authenticate(Zend_Controller_Request_Abstract $request, Zend_Controller_Response_Abstract $response) { $callbackUrl = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $request->getBaseUrl() . '/g/auth/login/process/twitter'; $authVars = $this->_getAuthVars(); if (!$authVars->consumerKey || !$authVars->consumerSecret) { throw new Garp_Auth_Exception('Required key "consumerKey" or "consumerSecret" not set in application.ini.'); } $config = array('siteUrl' => 'https://api.twitter.com/oauth', 'consumerKey' => $authVars->consumerKey, 'consumerSecret' => $authVars->consumerSecret, 'callbackUrl' => $callbackUrl); try { $consumer = new Zend_Oauth_Consumer($config); if ($request->isPost()) { $token = $consumer->getRequestToken(); $cookie = new Garp_Store_Cookie('Garp_Auth'); $cookie->token = serialize($token); if (!empty($this->_extendedUserColumns)) { $cookie->extendedUserColumns = serialize($this->_extendedUserColumns); } $cookie->writeCookie(); $consumer->redirect(); return true; } $cookie = new Garp_Store_Cookie('Garp_Auth'); if ($request->getParam('oauth_token') && isset($cookie->token)) { $accesstoken = $consumer->getAccessToken($_GET, unserialize($cookie->token)); // Discard request token if ($cookie->extendedUserColumns) { $this->setExtendedUserColumns(unserialize($cookie->extendedUserColumns)); $cookie->destroy('extendedUserColumns'); } $cookie->destroy('oauth_token'); return $this->_getUserData($this->_getTwitterService($accesstoken, $authVars->consumerKey, $authVars->consumerSecret), $accesstoken->getParam('user_id')); } $this->_addError('App was not authorized. Please try again.'); return false; } catch (Exception $e) { if (strpos($e->getMessage(), 'Duplicate entry') !== false && strpos($e->getMessage(), 'email_unique') !== false) { $this->_addError(__('this email address already exists')); return false; } // Provide generic error message $this->_addError(APPLICATION_ENV === 'development' ? $e->getMessage() : __('login error')); } return false; }
public function disabledAction() { $categoryId = $this->_request->getParam('id'); if (is_null($categoryId)) { $this->_redirector->gotoSimpleAndExit('index'); } $category = $this->_modelMapper->find($categoryId, new Catalog_Model_Categories()); if (is_null($category)) { throw new Zend_Controller_Action_Exception("Страница не найдена", 404); } if ($this->_request->isPost()) { $url = $this->_request->getParam('currentUrl'); $enabled = $category->getActive() != 0 ? 0 : 1; $category->setActive($enabled); $this->_modelMapper->save($category); $this->clearCache('CatalogCategories'); $this->_redirector->gotoUrlAndExit($url); } }
/** * listdeleteAction * @author Cornelius Hansjakob <*****@*****.**> * @version 1.0 */ public function listdeleteAction() { $this->core->logger->debug('contacts->controllers->MemberController->listdeleteAction()'); try { if ($this->objRequest->isPost() && $this->objRequest->isXmlHttpRequest()) { $strTmpUserIds = trim($this->objRequest->getParam('values'), '[]'); $arrMemberIds = array(); $arrMemberIds = split('\\]\\[', $strTmpUserIds); if (count($arrMemberIds) > 1) { $this->getModelMembers()->deleteMembers($arrMemberIds); } else { $this->getModelMembers()->deleteMember($arrMemberIds[0]); } } $this->_forward('list', 'member', 'contacts'); } catch (Exception $exc) { $this->core->logger->err($exc); } }
/** * Authenticate a user. * @param Zend_Controller_Request_Abstract $request The current request * @param Zend_Controller_Response_Abstract $response The current response * @return Array|Boolean User data, or FALSE */ public function authenticate(Zend_Controller_Request_Abstract $request, Zend_Controller_Response_Abstract $response) { $callbackUrl = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $request->getBaseUrl() . '/g/auth/login/process/vimeo'; $authVars = $this->_getAuthVars(); if (!$authVars->consumerKey || !$authVars->consumerSecret) { throw new Garp_Auth_Exception('Required key "consumerKey" or "consumerSecret" not set in application.ini.'); } $config = array('siteUrl' => 'http://vimeo.com/oauth', 'consumerKey' => $authVars->consumerKey, 'consumerSecret' => $authVars->consumerSecret, 'callbackUrl' => $callbackUrl); try { $consumer = new Zend_Oauth_Consumer($config); if ($request->isPost()) { $token = $consumer->getRequestToken(); $cookie = new Garp_Store_Cookie('Garp_Auth'); if (!empty($this->_extendedUserColumns)) { $cookie->extendedUserColumns = serialize($this->_extendedUserColumns); } $cookie->token = serialize($token); $cookie->writeCookie(); $consumer->redirect(); exit; } elseif ($request->getParam('oauth_token')) { $cookie = new Garp_Store_Cookie('Garp_Auth'); if (isset($cookie->token)) { $accesstoken = $consumer->getAccessToken($_GET, unserialize($cookie->token)); if ($cookie->extendedUserColumns) { $this->setExtendedUserColumns(unserialize($cookie->extendedUserColumns)); $cookie->destroy('extendedUserColumns'); } // Discard request token $cookie->destroy('token'); return $this->_getUserData($accesstoken); } else { $this->_addError('App was not authorized. Please try again.'); } } elseif ($request->getParam('denied')) { $this->_addError('App was not authorized. Please try again.'); } } catch (Exception $e) { $this->_addError($e->getMessage()); } return false; }
/** * When the form is submitted with a non 'save' button */ protected function onFakeSubmit() { if ($this->request->isPost()) { if (!empty($this->formData['preview'])) { $this->addMessage($this->_('Preview updated')); return; } if (!empty($this->formData['sendtest'])) { $this->mailer->setTo($this->formData['to']); // Make sure at least one template is set (for single language projects) $template = reset($this->formData['gctt']); $languageId = key($this->formData['gctt']); if ($this->formData['send_language']) { foreach ($this->formData['gctt'] as $languageId => $templateLanguage) { // Find the current template (for multi language projects) if ($templateLanguage['gctt_lang'] == $this->formData['send_language']) { $template = $templateLanguage; } } } // \MUtil_Echo::track($this->formData); $errors = false; if (!$template['gctt_subject']) { $this->addMessage(sprintf($this->_('Subject required for %s part.'), strtoupper($template['gctt_lang']))); $errors = true; } if (!$template['gctt_body']) { $this->addMessage(sprintf($this->_('Body required for %s part.'), strtoupper($template['gctt_lang']))); $errors = true; } if ($errors) { return; } $this->mailer->setFrom($this->formData['from']); $this->mailer->setSubject($template['gctt_subject']); $this->mailer->setBody($template['gctt_body'], 'Bbcode'); $this->mailer->setTemplateId($this->formData['gct_id_template']); $this->mailer->send(); $this->addMessage(sprintf($this->_('Test mail sent to %s'), $this->formData['to'])); } } }
/** * Hook that loads the form data from $_POST or the model * * Or from whatever other source you specify here. */ protected function loadFormData() { $model = $this->getModel(); // When creating and not posting nor having $this->formData set already // we gotta make a special call if ($this->createData && !($this->formData || $this->request->isPost())) { $filter['gtr_id_track'] = $this->trackId; $filter['gr2o_patient_nr'] = $this->patientId; $filter['gr2o_id_organization'] = $this->organizationId; $this->formData = $model->loadNew(null, $filter); } else { parent::loadFormData(); } if (isset($this->formData['gr2t_completed']) && $this->formData['gr2t_completed']) { // Cannot change start date after first answered token $model->set('gr2t_start_date', 'elementClass', 'Exhibitor', 'formatFunction', $this->util->getTranslated()->formatDateUnknown, 'description', $this->_('Cannot be changed after first answered token.')); } if (!$this->createData && isset($this->formData['grc_success']) && !$this->formData['grc_success']) { $model->set('grc_description', 'label', $this->_('Rejection code'), 'elementClass', 'Exhibitor'); } }
/** * @param Zend_Controller_Request_Abstract $request * @return void */ public function preDispatch(Zend_Controller_Request_Abstract $request) { $this->setSessionLifeTime(); if (!in_array($request->getModuleName(), $this->modules)) { return; } if (Zend_Auth::getInstance()->hasIdentity()) { $user = Zend_Registry::get('container')->getService('user')->getCurrentUser(); if (!$user->isAdmin()) { // can't go into admin $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector'); $redirector->direct('index', 'index', 'default'); } // set user for application $GLOBALS['g_user'] = $user; Zend_Registry::set('user', $user); // set view user $view = Zend_Registry::get('view'); $view->currentUser = $user; // set view navigation acl $acl = Zend_Registry::get('acl')->getAcl($user); /* @var $acl Zend_Acl */ $view->navigation()->setAcl($acl); $view->navigation()->setRole($user); return; } if (in_array($request->getControllerName(), $this->ignore)) { return; } if (empty($_POST['_next'])) { // action after login $_POST['_next'] = $request->isPost() ? 'post' : 'get'; } if ($this->_request->isXmlHttpRequest()) { $this->_response->setHeader('not-logged-in', true); } // use old login $_SERVER['REQUEST_URI'] = "/{$GLOBALS['ADMIN']}/login.php"; $request->setModuleName('admin')->setControllerName('legacy')->setActionName('index')->setDispatched(false); }
public function routeShutdown(Zend_Controller_Request_Abstract $request) { // Avoid error override! :S if (count($this->getResponse()->getException())) { return; } if ($request instanceof Zend_Controller_Request_Http) { if ($request->isPost() || $request->isPut()) { $post = $request->getPost(); if (empty($post) && empty($_FILES)) { // Get maximum size and meassurement unit $max = ini_get('post_max_size'); $unit = substr($max, -1); if (!is_numeric($unit)) { $max = substr($max, 0, -1); } // Convert to bytes switch (strtoupper($unit)) { case 'G': $max *= 1024; case 'M': $max *= 1024; case 'K': $max *= 1024; } $length = $request->getServer('CONTENT_LENGTH'); if ($max < $length) { if (!empty($this->_callback)) { call_user_func($this->_callback, $request); } else { $e = new \Application\Exceptions\InvalidArgumentException('Maximum content length size (' . $max . ') exceeded', ValidationCodes::SYSTEM_POST_SIZE_LIMIT_EXCEESED); $this->getResponse()->setException($e); } } } } } }
/** * PHP only parses the body into $_POST if its a POST request * this parses the reqest body in accordance with RFC2616 spec regardless of the HTTP method */ private function handleRequestBody(Zend_Controller_Request_Abstract $request) { $header = strtolower($request->getHeader('Content-Type')); // cleanup the charset part $header = current(explode(';', $header)); // detect request body content type foreach ($this->requestTypes as $contentType) { if ($header == $contentType) { break; } } // extract the raw body $rawBody = $request->getRawBody(); // treat these two separately because of the way PHP treats POST if (in_array($contentType, array('multipart/form-data', 'application/x-www-form-urlencoded'))) { // PHP takes care of everything for us in this case lets just modify the $_FILES array if ($request->isPost() && $contentType == 'multipart/form-data') { // if there are files, lets modify the array to match what we've done below foreach ($_FILES as &$file) { $data = file_get_contents($file['tmp_name']); $file['content'] = base64_encode($data); } // reset the array pointer unset($file); } else { switch ($contentType) { case 'application/x-www-form-urlencoded': parse_str($rawBody, $_POST); break; // this is wher the magic happens // creates the $_FILES array for none POST requests // this is wher the magic happens // creates the $_FILES array for none POST requests case 'multipart/form-data': // extract the boundary parse_str(end(explode(';', $request->getHeader('Content-Type')))); if (isset($boundary)) { // get rid of the boundary at the edges if (preg_match(sprintf('/--%s(.+)--%s--/s', $boundary, $boundary), $rawBody, $regs)) { // split into chuncks $chunks = explode('--' . $boundary, trim($regs[1])); foreach ($chunks as $chunk) { // parse each chunk if (preg_match('/Content-Disposition: form-data; name="(?P<name>.+?)"(?:; filename="(?P<filename>.+?)")?(?P<headers>(?:\\r|\\n)+?.+?(?:\\r|\\n)+?)?(?P<data>.+)/si', $chunk, $regs)) { // dedect a file upload if (!empty($regs['filename'])) { // put aside for further analysis $data = $regs['data']; $headers = $this->parseHeaders($regs['headers']); // set our params variable $_FILES[$regs['name']] = array('name' => $regs['filename'], 'type' => $headers['Content-Type'], 'size' => mb_strlen($data), 'content' => base64_encode($data)); // otherwise its a regular key=value combination } else { $_POST[$regs['name']] = trim($regs['data']); } } } } } break; } } $request->setParams($_POST + $_FILES); } elseif (!empty($rawBody)) { // seems like we are dealing with an encoded request try { switch ($contentType) { case 'text/javascript': case 'application/json': case 'application/javascript': $_POST = (array) Zend_Json::decode($rawBody, Zend_Json::TYPE_OBJECT); break; case 'text/xml': case 'application/xml': $json = @Zend_Json::fromXml($rawBody); $_POST = (array) Zend_Json::decode($json, Zend_Json::TYPE_OBJECT)->request; break; case 'text/php': case 'application/x-httpd-php': case 'application/x-httpd-php-source': $_POST = (array) unserialize($rawBody); break; default: $_POST = (array) $rawBody; break; } $request->setParams($_POST); } catch (Exception $e) { $request->dispatchError(REST_Response::BAD_REQUEST, 'Invalid Payload Format'); return; } } }
/** * Create HTML markup for request debugging. * * @param Zend_Controller_Request_Abstract $request Request object. * @param Zend_Controller_Router_Interface $router Router object. * @return string HTML markup. */ private function _getRequestMarkup($request, $router) { $requestUri = $request->getRequestUri(); $html = "<h2>Request Data</h2>\n\n<div>Request URI: <em>{$requestUri}</em>" . "</div>\n<div>Params:"; $reqParams = $request->getParams(); // Rendering the whole error_handler ArrayObject is annoying and causes // errors when request params are later used to assemble routes. if (array_key_exists('error_handler', $reqParams)) { $errHandler = $reqParams['error_handler']; $reqParams['exception'] = (string) $errHandler['exception']; $reqParams['exception_type'] = $errHandler['type']; unset($reqParams['error_handler']); } $html .= '<pre>' . print_r($reqParams, true) . '</pre>'; $html .= "</div>"; if ($request->isPost()) { $html .= "<h2>Post Data</h2>"; $html .= '<pre>' . print_r($_POST, true) . '</pre>'; } $html .= "<h2>Session Data</h2>"; $html .= '<pre>' . print_r($_SESSION, true) . '</pre>'; $html .= "<h2>Server Data</h2>"; $html .= '<pre>' . print_r($_SERVER, true) . '</pre>'; $currentRoute = $router->getCurrentRouteName(); $routes = $router->getRoutes(); $html .= "<h2>Routing Data</h2>"; $html .= "<div>Current Route: <strong>{$currentRoute}</strong></div>"; $html .= "<div>Defined routes:\n\n"; $html .= "<table><tr><th>Route Name</th><th>Matches Current Request</th><th>Assembled with current params</th></tr>"; foreach ($routes as $routeName => $route) { try { $assembledRoute = $route->assemble($reqParams, true, true); } catch (Exception $e) { $assembledRoute = "Could not assemble: " . $e->getMessage(); } if ($route instanceof Zend_Controller_Router_Route_Chain) { $routeIsMatched = $route->match($request); } else { $routeIsMatched = $route->match($request->getPathInfo()); } $html .= "<tr><td>{$routeName}</td><td>" . ($routeIsMatched ? 'true' : 'false') . "</td><td>{$assembledRoute}</td></tr>"; } $html .= "</table>"; $html .= "<h2>Cookie Data</h2>"; $html .= '<pre>' . print_r($_COOKIE, true) . '</pre>'; return $html; }
/** * Determine whether or not the request contains a form submission to either * the 'add', 'edit', or 'config' actions. * * @param Zend_Controller_Request_Abstract $request * @return boolean **/ public function isFormSubmission($request) { return in_array($request->getActionName(), array('add', 'edit', 'config')) and $request->isPost(); }
/** * Test if blogger is allowed to perform action * * @param Zend_Controller_Request_Abstract $request * @return bool */ public function isAllowed(\Zend_Controller_Request_Abstract $request, User $user = null) { if (in_array($request->getControllerName(), array('blog', 'auth'))) { return TRUE; } if ($request->isXmlHttpRequest()) { return TRUE; } if ($request->getParam('controller') == 'ad.php') { return TRUE; } if ($request->isPost() && $request->getParam('controller') == 'articles' && in_array($request->getParam('action'), $this->postArticleActions)) { if ($this->isRequestedArticleEditable($request, $user)) { return TRUE; } } if ($request->isGet() && $request->getParam('controller') == 'articles' && in_array($request->getParam('action'), $this->getArticleActions) && isset($user)) { if ($this->isRequestedArticleEditable($request, $user)) { return TRUE; } } return FALSE; }
public function onSubmit(Zend_Controller_Request_Abstract $request) { if ($request->getParam("skip") == "skipForm") { $this->setActive(false); $this->onSubmitIsValid(); $this->getSession()->skip = true; $this->_skip = true; return true; } //get default level_id $table = Engine_Api::_()->getDbtable('levels', 'authorization'); $defaultLevelDuplicates = $table->select()->from($table)->where('flag = ?', 'default')->query()->fetchAll(); $default_level = @$defaultLevelDuplicates[0]['level_id']; $viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('ViewRenderer'); if (null !== $viewRenderer && $viewRenderer->view instanceof Zend_View_Interface) { $this->view = $viewRenderer->view; } $settings = Engine_Api::_()->getApi('settings', 'core'); $this->view->step = ''; $task = $request->getPost('task', ''); $is_error = 0; if ($request->isPost()) { $values = $request->getPost(); $this->view->login = $post_login = $request->getPost('user'); if ($task == 'manual_invite') { $this->getSession()->manual_invite = $values; $this->onSubmitIsValid(); parent::onSubmit($request); return true; } elseif ($task == 'get_contacts' || isset($_POST['get_success'])) { $this->view->max_invitation = $max_invitation = Engine_Api::_()->authorization()->getPermission($default_level, 'contactimporter', 'max'); /******Get contact from openId*****/ $cur_url = $_SERVER['REQUEST_URI']; parse_str($cur_url, $params); $contacts = array(); $index = 0; $id = ""; $name = ""; $pic = ""; $getcontact = false; $token = ""; $secret_token = ""; $provider = ""; $is_openid = false; $page = 1; $checked = 0; foreach ($params as $key => $val) { if (strpos($key, '?user') !== false) { $provider = 'twitter'; $_SESSION['socialbridge_session']['provider'] = $provider; $_SESSION['socialbridge_session'][$provider]['user_id'] = $val; $is_openid = true; } if (strpos($key, 'oauth_tok3n') !== false) { $token = $val; $_SESSION['socialbridge_session'][$provider]['access_token'] = $token; $is_openid = true; } if (strpos($key, 'oauth_token_secret') !== false) { $secret_token = $val; $_SESSION['socialbridge_session'][$provider]['secret_token'] = $secret_token; $is_openid = true; } $pic = null; if (strpos($key, 'id_') !== false) { $id = $val; } if (strpos($key, 'name_') !== false) { $name = $val; } if (strpos($key, 'pic_') !== false) { $pic = $val; $index = 2; } if ($index >= 2) { $contacts[$id] = array('id' => $id, 'name' => $name, 'pic' => $pic); } } $totalFriends = $totalFriendSearch = $checked = 0; if ($provider == 'twitter') { $obj = Engine_Api::_()->socialbridge()->getInstance('twitter'); $params = $_SESSION['socialbridge_session']['twitter']; $contacts = $obj->getContacts($params); } if ($provider) { $getcontact = true; if ($_REQUEST['page_id']) { $page = $_REQUEST['page_id']; } if (!isset($_SESSION['ynfriends_checked'])) { $_SESSION['ynfriends_checked']['page_friendIds'] = ''; $_SESSION['ynfriends_checked']['page_friendNames'] = ''; } // check total checked $arr_Friends = explode(',', $_SESSION['ynfriends_checked']['page_friendIds']); if (isset($_REQUEST['page_friendIds']) && $_REQUEST['page_friendIds']) { $arr_FriendNames = explode(',', $_REQUEST['page_friendNames']); foreach (explode(',', $_REQUEST['page_friendIds']) as $key => $value) { if ($value && !in_array($value, $arr_Friends)) { $_SESSION['ynfriends_checked']['page_friendIds'] .= $value . ","; $_SESSION['ynfriends_checked']['page_friendNames'] .= $arr_FriendNames[$key] . ','; } } } $checked = count(explode(',', $_SESSION['ynfriends_checked']['page_friendIds'])); if ($checked) { $checked = $checked - 1; } $this->view->friendIds = $_SESSION['ynfriends_checked']['page_friendIds']; $this->view->friendNames = $_SESSION['ynfriends_checked']['page_friendNames']; $this->view->page = $page; $this->view->checked = $checked; $this->view->provider = $provider; $this->view->step = 'invite'; $this->view->plugType = "social"; $this->view->contacts = $contacts; $this->view->totalFriends = $totalFriends; $this->view->totalFriendSearch = $totalFriendSearch; $settings = Engine_Api::_()->getApi('settings', 'core'); $this->view->default_message = $settings->getSetting('invite.message'); $this->view->show_photo = 1; return; } //Yahoo and Gmail if (isset($_POST) && isset($_POST['contact'])) { $contacts = array(); $aYahooContacts = $_POST['contact']; $aYahooContacts = urldecode($aYahooContacts); $aYahooContacts = Zend_Json::decode($aYahooContacts); if (!$aYahooContacts || count($aYahooContacts) <= 0) { return $contacts; } foreach ($aYahooContacts as $key => $aContact) { $contacts[$aContact['email']] = $aContact['name']; } // Divide to 2 type: already register recipients & non-registered recipients $social_network = array(); $invite_list = array(); $invite_list_to_st = ""; foreach ($contacts as $email => $name) { if (Engine_Api::_()->contactimporter()->getUser($email)) { $user = Engine_Api::_()->contactimporter()->getUser($email); $social_network[$email] = array('name' => $user->getTitle(), 'pic' => $user->getPhotoUrl('thumb.icon')); } elseif (!in_array($email, $ignore_list)) { $invite_list[$email] = $name; if (is_array($name)) { $invite_list_to_st .= ";{$email}~~~~{$name['name']}"; } else { $invite_list_to_st .= ";{$email}~~~~{$name}"; } } } if ($social_network) { $this->view->contacts = $social_network; $this->view->invite_list = substr($invite_list_to_st, 1); $this->view->step = 'add'; $this->view->page = 1; $this->view->checked = 0; } else { $is_openid = false; $this->view->contacts = $contacts; $this->view->step = 'invite'; $settings = Engine_Api::_()->getApi('settings', 'core'); $this->view->default_message = $settings->getSetting('invite.message'); $this->view->show_photo = 0; $this->view->plugType = "email"; $this->view->page = 1; $this->view->checked = 0; } $getcontact = true; return; } $table = Engine_Api::_()->getDbtable('providers', 'Contactimporter'); $select = $table->select(); $select->where('enable = ?', 1)->order('order', 'ASC'); $oi_services = $table->fetchAll($select); $this->view->step = 'get_contacts'; $this->view->providers = $providers = $table->fetchAll($select); unset($_SESSION['ynfriends_checked']); } //ADD CONTACT LIST if ($task == 'do_add') { $this->view->max_invitation = $max_invitation = Engine_Api::_()->authorization()->getPermission($default_level, 'contactimporter', 'max'); $this->view->plugType = $values['plugType']; $this->view->oi_session_id = $values['oi_session_id']; $this->view->provider = $values['provider']; $selected_contacts = array(); $aFriendIdSelected = explode(',', $values['friendIds']); $aFriendNameSelected = explode(',', $values['friendNames']); foreach ($aFriendIdSelected as $key => $val) { if ($val) { $selected_contacts[$val] = $aFriendNameSelected[$key]; } } $this->getSession()->Contactimporter_add = $selected_contacts; if (isset($values['invite_list']) && $values['invite_list']) { $contacts = array(); $contacts_invite = explode(';', $values['invite_list']); foreach ($contacts_invite as $contact) { $tmp = explode("~~~~", $contact); if (isset($tmp[1])) { $contacts[$tmp[0]] = $tmp[1]; } } $this->view->contacts = $contacts; $this->view->page = 1; $this->view->checked = 0; if ($contacts) { $this->view->step = 'invite'; } } else { // FINISHED $this->onSubmitIsValid(); parent::onSubmit($request); return true; } unset($_SESSION['ynfriends_checked']); } if ($task == 'do_invite') { $plugType = $values['plugType']; $oi_session_id = $values['oi_session_id']; $this->view->max_invitation = $max_invitation = Engine_Api::_()->authorization()->getPermission($default_level, 'contactimporter', 'max'); $selected_contacts = array(); $aFriendIdSelected = explode(',', $values['friendIds']); $aFriendNameSelected = explode(',', $values['friendNames']); foreach ($aFriendIdSelected as $key => $val) { if ($val) { $selected_contacts[$val] = $aFriendNameSelected[$key]; } } $this->getSession()->Contactimporter_invite = array("contacts" => $selected_contacts, 'plugin_type' => $plugType, 'provider' => $values['provider'], 'message' => $values['message'], 'oi_session_id' => $oi_session_id); // FINISHED unset($_SESSION['ynfriends_checked']); $this->onSubmitIsValid(); parent::onSubmit($request); return true; } if ($task == 'skip_add') { if (isset($values['invite_list']) && $values['invite_list']) { $contacts = array(); $contacts_invite = explode(';', $values['invite_list']); foreach ($contacts_invite as $contact) { $tmp = explode("~~~~", $contact); if (isset($tmp[1])) { $contacts[$tmp[0]] = $tmp[1]; } } $this->view->contacts = $contacts; $this->view->step = 'invite'; $this->view->max_invitation = $max_invitation = Engine_Api::_()->authorization()->getPermission($default_level, 'contactimporter', 'max'); $this->view->plugType = $values['plugType']; $this->view->oi_session_id = $values['oi_session_id']; $this->view->provider = $values['provider']; $this->view->page = 1; $this->view->checked = 0; } else { $this->setActive(false); $this->onSubmitIsValid(); $this->getSession()->skip = true; $this->_skip = true; return true; } unset($_SESSION['ynfriends_checked']); } if ($task == 'skip_invite') { unset($_SESSION['ynfriends_checked']); // FINISHED $this->onSubmitIsValid(); parent::onSubmit($request); return true; } } $this->getSession()->active = true; $this->onSubmitNotIsValid(); return false; }