/** * Scan available permissions and write to cfg file * @return string */ public function actionBuildperms() { // default permissions $permissions = ['global/write', 'global/modify', 'global/file', 'global/all']; // admin controllers $AdminAppControllers = '/Apps/Controller/Admin/'; // scan directory $scan = File::listFiles($AdminAppControllers, ['.php']); foreach ($scan as $file) { $className = Str::firstIn(Str::lastIn($file, DIRECTORY_SEPARATOR, true), '.'); // read as plain text $byte = File::read($file); preg_match_all('/public function action(\\w*?)\\(/', $byte, $matches); // matches[0] contains all methods ;) if (Obj::isArray($matches[1]) && count($matches[1]) > 0) { foreach ($matches[1] as $perm) { $permissions[] = 'Admin/' . $className . '/' . $perm; } } } // prepare save string $stringSave = "<?php \n\nreturn " . var_export($permissions, true) . ';'; File::write('/Private/Config/Permissions.php', $stringSave); return 'Permissions configuration is successful updated! Founded permissions: ' . count($permissions); }
/** * Get label value by variable name * @param string $param * @return mixed */ public final function getLabel($param) { $labels = $this->labels(); $response = null; // maybe array-dotted declaration? if (Str::contains('.', $param)) { // not defined for all array-dotted nesting? if (Str::likeEmpty($labels[$param])) { // lets set default array label (before first dot-separation) $response = $labels[Str::firstIn($param, '.')]; } else { $response = $labels[$param]; } } else { $response = $labels[$param]; } return Str::likeEmpty($response) ? Str::replace('.', ' ', Str::splitCamelCase($param)) : $response; }
/** * Get field value from input POST/GET/AJAX data with defined security level (html - safe html, !secure = fully unescaped) * @param string $field_name * @return array|null|string * @throws \InvalidArgumentException */ private function getFieldValue($field_name) { // get type of input data (where we must look it up) $inputType = Str::lowerCase($this->_sendMethod); $filterType = 'text'; // get declared field sources and types $sources = $this->sources(); $types = $this->types(); // validate sources for current field if (Obj::isArray($sources) && array_key_exists($field_name, $sources)) { $inputType = Str::lowerCase($sources[$field_name]); } if (Obj::isArray($types)) { // check if field is array-nested element by dots and use first element as general $filterField = $field_name; // check if field_name is dot-separated array and use general part if (Str::contains('.', $field_name)) { $filterField = Str::firstIn($field_name, '.'); } if (array_key_exists($filterField, $types)) { $filterType = Str::lowerCase($types[$filterField]); } } // get clear field value $field_value = $this->getRequest($field_name, $inputType); // apply security filter for input data if ($inputType !== 'file') { if ($filterType === 'html') { $field_value = App::$Security->secureHtml($field_value); } elseif ($filterType !== '!secure') { $field_value = App::$Security->strip_tags($field_value); } } return $field_value; }
/** * Check if uri $source is equal to current uri point with array of $aliases and active $order set * @param null $source * @param array|null $aliases * @param bool $order * @return bool */ public static function isCurrentLink($source = null, array $aliases = null, $order = false) { $elementPoint = Url::buildPathway($source); $currentPoint = Url::buildPathwayFromRequest(); // use special active element order type: controller, action switch ($order) { case 'controller': $elementPoint = Str::firstIn($elementPoint, '/'); $active = Str::startsWith($elementPoint, $currentPoint); break; case 'action': $elementArray = explode('/', $elementPoint); if (!Str::contains('/', $elementPoint) || count($elementArray) < 2) { $active = $elementPoint === $currentPoint; } else { $elementPoint = $elementArray[0] . '/' . $elementArray[1]; $active = Str::startsWith($elementPoint, $currentPoint); } break; case 'id': $elementArray = explode('/', $elementPoint); $elementPoint = $elementArray[0] . '/' . $elementArray[1]; if ($elementArray[2] === null) { // looks like id is not defined in element if (Str::contains('?', $currentPoint)) { $currentPoint = Str::firstIn($currentPoint, '?'); } $currentArray = explode('/', $currentPoint); $currentToId = implode('/', array_slice($currentArray, 0, 3)); $active = $elementPoint === $currentToId; } else { $elementPoint .= '/' . $elementArray[2]; $active = Str::startsWith($elementPoint, $currentPoint); } break; default: $active = $elementPoint === $currentPoint; break; } // check if current uri equals with aliases if (Obj::isArray($aliases) && count($aliases) > 0) { foreach ($aliases as $activeUri) { $activeUri = trim($activeUri, '/'); if (Str::endsWith('*', $activeUri)) { $activeUri = rtrim($activeUri, '*'); if (Str::startsWith($activeUri, $currentPoint)) { $active = true; } } else { if ($activeUri === $currentPoint) { $active = true; } } } } return $active; }
/** * Remove items from gallery (preview+full) * @param int $id * @param string $file * @throws ForbiddenException * @throws NativeException * @return string */ public function actionGallerydelete($id, $file = null) { if ($file === null || Str::likeEmpty($file)) { $file = (string) $this->request->query->get('file', null); } // check passed data if (Str::likeEmpty($file) || !Obj::isLikeInt($id)) { throw new NativeException('Wrong input data'); } // check passed file extension $fileExt = Str::lastIn($file, '.', true); $fileName = Str::firstIn($file, '.'); if (!Arr::in($fileExt, $this->allowedExt)) { throw new ForbiddenException('Wrong file extension'); } // generate path $thumb = '/upload/gallery/' . $id . '/thumb/' . $fileName . '.jpg'; $full = '/upload/gallery/' . $id . '/orig/' . $file; // check if file exists and remove if (File::exist($thumb) || File::exist($full)) { File::remove($thumb); File::remove($full); } else { throw new NativeException('Image is not founded'); } return json_encode(['status' => 1, 'msg' => 'Image is removed']); }