/** * Initializes the form. * * By default the action URL of the form is the current request URL, the form * method is POST and CSRF protection will be enabled. * * @param string $actionUrl Action URL the form will be sent to * @param string $method Method of the form * @param bool $csrfProtectionEnabled Whether to enable CSRF protection for the form */ public function __construct($actionUrl = null, $method = HttpRequest::METHOD_POST, $csrfProtectionEnabled = true) { $this->attributes = new OrderedMap(); $this->setAction($actionUrl === null ? Application::getRequestHandler()->getRequest()->getUri()->toString() : $actionUrl); $this->setMethod($method); $this->setCsrfProtectionEnabled($csrfProtectionEnabled); }
/** * Checks whether the maximum inactivity time has been exceeded. * * Returns TRUE in case the maximum inactivity time has not been exceeded. * Otherwise returns FALSE. * * @see \Ableron\Core\Session\Validators\ValidatorInterface::isValid() */ public function isValid(SessionEntity $session) { // get setting key for the timeout to use $settingKeySessionInactivityTimeout = Application::getRequestHandler()->isFrontendRequest() ? 'session.frontend.inactivityTimeoutValidator.timeout' : 'session.backend.inactivityTimeoutValidator.timeout'; // return whether session has timed out return $session->getLastActivityTime() > DateUtil::getCurrentUtcDateTime()->sub(Application::getConfig()->get($settingKeySessionInactivityTimeout)); }
/** * @see \Ableron\Core\Template\Plugins\Interfaces\CompilerPluginInterface::compileOpeningTag() */ public function compileOpeningTag(TemplateCompiler $templateCompiler) { // build base URL $actionUrl = new Uri(parent::compileOpeningTag($templateCompiler)); // add URL of current request as action source URL $actionUrl->addQueryParameter(ABLERON_PARAM_ACTION_SOURCE_URL, StringUtil::base64UrlEncode(Application::getRequestHandler()->getRequest()->getUri()->toString())); // add CSRF token query parameter to URL $actionUrl->addQueryParameter(ABLERON_PARAM_CSRF_TOKEN, self::$actionUrlCsrfTokenPlaceholder); // return final URL return str_replace(self::$actionUrlCsrfTokenPlaceholder, '<?php echo $application::getSecurityHandler()->getCsrfProtector()->getCurrentToken(); ?>', $actionUrl->toString()); }
/** * @see \Ableron\Core\Controller\ControllerInterface::processRequest() */ public function processRequest(HttpRequest $request) { // set request to process $this->request = $request; // process request try { $this->init(); $this->checkAccessPermissions(); $this->run(); } catch (RedirectRequiredException $e) { Application::getResponseHandler()->sendRedirect($e->getRedirectUri()); } catch (AccessDeniedException $e) { Application::getRequestHandler()->isFrontendRequest() ? new FrontendAccessDeniedPage($this->request) : new BackendAccessDeniedPage($this->request); } catch (SystemException $e) { // log exception Application::getLogManager()->logException('Unable to process request', $e); // stop script execution Application::exitWithInternalServerError(); } }
/** * Returns an internal URL based on the current base URL and the given * module namespace. * * E.g. EnvironmentUtil::getInternalUrl('/foo', 'Bar') -> http://example.com/acp/Bar/foo * * @param string $moduleInternalPath Path within the module * @param string $moduleNamespace Namespace of the module to return the URL for * @return \Ableron\Lib\Net\Uri */ public static function getInternalUrl(string $moduleInternalPath, string $moduleNamespace = null) { // get module repository /** @var \Ableron\Modules\Core\Model\Repositories\ModuleRepository $moduleRepository */ $moduleRepository = Application::getPersistenceManager()->getRepository('ModuleEntity'); // get module $module = $moduleRepository->findModuleByNamespace($moduleNamespace === null ? CoreModule::getNamespace() : $moduleNamespace); // build and return URL return new Uri(rtrim(self::getBaseUrl()->toString() . (Application::getRequestHandler()->isFrontendRequest() ? $module->getFrontendBasePath() : $module->getBackendBasePath()), '/') . $moduleInternalPath); }
/** * Initializes the entity. */ public function __construct() { $this->setOccurrenceTime(DateUtil::getCurrentUtcDateTime()); $this->setRequestMethod(Application::getRequestHandler()->getRequest()->getMethod()); $this->setRequestUri(Application::getRequestHandler()->getRequest()->getUri()); }
/** * Sends a response to the client indicating a fatal system error. * * @return void */ public function sendResponseSystemError() { $this->sendResponse(new HttpResponse(HttpResponse::STATUS_INTERNAL_SERVER_ERROR, new InternetMediaType('text', 'html', array('charset' => 'utf-8')), file_get_contents(sprintf('%s/%s/Pages/%s/Templates/SystemErrorPage.tpl', ABLERON_MODULE_DIR, CoreModule::getNamespace(), Application::getRequestHandler()->isFrontendRequest() ? 'Frontend' : 'Backend')))); }
/** * Tries to find a session ID provided along the current request. * * Returns a session ID provided along the current request if there is one. * Otherwise returns NULL. * * @return string|null */ protected function findSessionId() { // get request $request = Application::getRequestHandler()->getRequest(); // check post parameters if ($request->getPostParameters()->containsKey(ABLERON_PARAM_SESSION_ID)) { return $request->getPostParameters()->get(ABLERON_PARAM_SESSION_ID); } // check query parameters if ($request->getQueryParameters()->containsKey(ABLERON_PARAM_SESSION_ID)) { return $request->getQueryParameters()->get(ABLERON_PARAM_SESSION_ID); } // check cookies if ($request->getCookies()->containsKey(ABLERON_PARAM_SESSION_ID)) { return $request->getCookies()->get(ABLERON_PARAM_SESSION_ID)->getValue(); } // no session ID found return null; }