/** * Require to log in if not, and to be an admin or give an access denied page. */ public static function requireAdmin() { self::requireLogin(); if (!self::getInstance()->isAdmin()) { Output::accessDenied(); } }
/** * Determine which handler in the page to run. This will automatically * determine if there is a form based on the submitted action variable. * If no action variable, it will call get() or post() or any other * rest method. */ public function execute() { $request_type = strtolower(Request::type()); if (!$this->hasAccess()) { Output::accessDenied(); } if (!$this->validateToken()) { Navigation::redirect('/message?err=invalid_token'); } // If there is a requested action. if ($action = Request::get('action')) { $method = Request::convertFunctionName($request_type, $action); if (method_exists($this, $method)) { $this->{$method}(); $this->output(); } else { Output::error('There was an error processing your submission.'); } } else { if (method_exists($this, $request_type)) { $this->$request_type(); $this->output(); } else { // TODO: show 302 Output::error('Method not available'); } } }