/** * Authorizes the user with his username and password. Initializes * the user session if the user data are valid. * * @access protected * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\RequestAbstract $request * @param \Zepi\Turbo\Response\Response $response * @return string|boolean */ protected function generateNewPassword(Framework $framework, RequestAbstract $request, Response $response) { $uuid = $request->getRouteParam('uuid'); $token = $request->getRouteParam('token'); if ($uuid === false || !$this->userManager->hasUserForUuid($uuid) || $token === false) { $response->redirectTo('/'); return; } // Load the user $user = $this->userManager->getUserForUuid($uuid); if ($user->getMetaData('passwordRequestToken') == '') { return array('result' => false, 'message' => $this->translate('You haven\'t requested a new password.', '\\Zepi\\Web\\AccessControl')); } // If the validate function returned a string there was an error in the validation. if ($user->getMetaData('passwordRequestToken') !== $token || $user->getMetaData('passwordRequestTokenLifetime') < time()) { return array('result' => false, 'message' => $this->translate('The given token is invalid or expired. Please request a new password.', '\\Zepi\\Web\\AccessControl')); } // Generate a new password $password = $this->generateRandomPassword(); // Save the new password $user->setNewPassword($password); // Reset the token $user->setMetaData('passwordRequestToken', ''); $user->setMetaData('passwordRequestTokenLifetime', 0); // Update the user $this->userManager->updateUser($user); // Send the request mail $this->mailHelper->sendMail($user->getMetaData('email'), $this->translate('New password generated', '\\Zepi\\Web\\AccessControl'), $this->render('\\Zepi\\Web\\AccessControl\\Mail\\GenerateNewPassword', array('user' => $user, 'password' => $password))); return array('result' => true, 'message' => $this->translate('Your new password is generated and saved. You will receive an email with the new password.', '\\Zepi\\Web\\AccessControl')); }
/** * The RebuildFrameworkCache event handler deletes the events and routes * cache and executes the activation method on all modules. * * @access public * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\CliRequest $request * @param \Zepi\Turbo\Response\Response $response */ public function execute(Framework $framework, CliRequest $request, Response $response) { $framework->getRuntimeManager()->clearCache(false); $framework->getRouteManager()->clearCache(false); $framework->getModuleManager()->reactivateModules(); $response->setOutputPart('cacheCleared', 'The cache was successfully cleared and rebuilt!'); }
/** * Loads the data from the server * * @access public * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\WebRequest $request * @param \Zepi\Turbo\Response\Response $response */ public function execute(Framework $framework, WebRequest $request, Response $response) { // Verify the session if (!$request->hasSession() || $request->getRouteParam('token') == '') { $response->redirectTo('/'); return; } $token = $request->getRouteParam('token'); // Verify the datatable session data if (!$this->hasValidSessionData($request, $token)) { $response->redirectTo('/'); return; } $class = $request->getSessionData('dt-class-' . $token); $time = $request->getSessionData('dt-time-' . $token); // Session time expired if ($time > time() + 600) { $response->redirectTo('/'); return; } $table = new $class($framework, false); $generator = $this->getTableRenderer(); $preparedTable = $generator->prepareTable($request, $table, ''); $data = array('data' => array()); foreach ($preparedTable->getBody()->getRows() as $row) { $data['data'][] = $row->toArray(); } $response->setOutput(json_encode($data)); }
/** * If the request is a WebRequest, the user will be redirected to the login page. * Otherwise the event handler will display an information message. * * @access public * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\RequestAbstract $request * @param \Zepi\Turbo\Response\Response $response */ public function execute(Framework $framework, RequestAbstract $request, Response $response) { if ($request instanceof WebRequest) { $response->redirectTo('/login/', 307, true); return; } $response->setOutputPart('sessionNeeded', 'You need a session to execute this command!'); }
/** * Displays the profile page for an logged in user. * * @access public * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\WebRequest $request * @param \Zepi\Turbo\Response\Response $response */ public function execute(Framework $framework, WebRequest $request, Response $response) { // Prepare the page $this->setTitle($this->translate('Profile', '\\Zepi\\Web\\AccessControl')); $menuEntry = $this->activateMenuEntry(); $overviewPage = $this->getOverviewPageRenderer()->render($framework, $menuEntry); // Display logout message $response->setOutput($this->render('\\Zepi\\Web\\AccessControl\\Templates\\Profile', array('overviewPage' => $overviewPage))); }
/** * Test Event HAndler * * @access public * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\RequestAbstract $request * @param \Zepi\Turbo\Response\Response $response */ public function execute(Framework $framework, RequestAbstract $request, Response $response) { $eventName = $response->getData('_executedName'); if (!isset(self::$executedEvents[$eventName])) { self::$executedEvents[$eventName] = 1; } else { self::$executedEvents[$eventName]++; } }
/** * Displays the management page for groups. * * @access public * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\WebRequest $request * @param \Zepi\Turbo\Response\Response $response */ public function execute(Framework $framework, WebRequest $request, Response $response) { // Prepare the page $this->setTitle($this->translate('Group management', '\\Zepi\\Web\\AccessControl')); $this->activateMenuEntry('group-administration'); // Generate the Table $groupTable = new \Zepi\Web\AccessControl\Table\GroupTable($framework, true, true); // Displays the group table $response->setOutput($this->render('\\Zepi\\Web\\AccessControl\\Templates\\Administration\\Groups', array('groupTable' => $groupTable, 'tableRenderer' => $this->getTableRenderer()))); }
/** * Executes the event. This function must handle all exceptions. * If the function doesn't catch an exception, the exception * will terminate the whole process. * * @access public * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\RequestAbstract $request * @param \Zepi\Turbo\Response\Response $response */ public function execute(Framework $framework, RequestAbstract $request, Response $response) { if ($response->hasOutput()) { return; } $output = ' ' . PHP_EOL . ' _ ________ ______ ____ ____ ' . PHP_EOL . ' _______ _ __ (_) /_ __/ / / / __ \\/ __ )/ __ \\ ' . PHP_EOL . ' |_ / _ \\ \'_ \\| | / / / / / / /_/ / __ / / / / ' . PHP_EOL . ' / / __/ |_) | | / / / /_/ / _, _/ /_/ / /_/ / ' . PHP_EOL . ' /___\\___| .__/|_| /_/ \\____/_/ |_/_____/\\____/ ' . PHP_EOL . ' |_| ' . PHP_EOL . PHP_EOL . ' (C) Copyright ' . date('Y') . ' by zepi' . PHP_EOL . ' https://turbo.zepi.net ' . PHP_EOL . PHP_EOL . '________________________________________________________' . PHP_EOL . PHP_EOL; foreach ($response->getOutputParts() as $part) { $output .= $part . PHP_EOL; } $response->setOutput($output); }
/** * This event handler lists all activated modules with the description * of each module. * * @access public * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\CliRequest $request * @param \Zepi\Turbo\Response\Response $response */ public function execute(Framework $framework, CliRequest $request, Response $response) { $output = 'Activated modules:' . PHP_EOL; $output .= '==================' . PHP_EOL . PHP_EOL; $moduleManager = $framework->getModuleManager(); foreach ($moduleManager->getModules() as $namespace => $module) { $properties = $moduleManager->getModuleProperties($module->getDirectory()); $info = $properties->module; $output .= '- ' . $info->name . ' ' . $info->version . ' (' . $namespace . '):' . PHP_EOL; $output .= ' ' . $info->description . PHP_EOL . PHP_EOL; } $response->setOutputPart('modules', $output); }
/** * Displays the administration overview page * * @access public * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\WebRequest $request * @param \Zepi\Turbo\Response\Response $response */ public function execute(Framework $framework, WebRequest $request, Response $response) { // Redirect if the user hasn't a valid session if (!$request->hasSession()) { $response->redirectTo('/'); return; } // Prepare the page $this->setTitle($this->translate('Administration', '\\Zepi\\Web\\General')); $menuEntry = $this->activateMenuEntry(); // Generate the overview page $overviewPage = $this->getOverviewPageRenderer()->render($framework, $menuEntry); // Display the overview page $response->setOutput($this->render('\\Zepi\\Web\\General\\Templates\\Administration', array('overviewPage' => $overviewPage))); }
/** * Deletes a cluster in the database * * @access public * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\WebRequest $request * @param \Zepi\Turbo\Response\Response $response */ public function execute(Framework $framework, WebRequest $request, Response $response) { $title = $this->translate('Activate account', '\\Zepi\\Web\\AccessControl'); // Prepare the page $this->setTitle($title); // Get the cluster $uuid = $request->getRouteParam('uuid'); $activationToken = $request->getRouteParam('token'); // Activate the user $result = array('result' => false, 'message' => $this->translate('Wrong request parameters.', '\\Zepi\\Web\\AccessControl')); if ($uuid != false && $activationToken != false) { $result = $this->activateUser($uuid, $activationToken); } // Display the result $response->setOutput($this->render('\\Zepi\\Web\\AccessControl\\Templates\\Activation', array('result' => $result))); }
/** * Replaces the event name with a redirect event if the url * hasn't a slash at the end of the url. * * @access public * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\RequestAbstract $request * @param \Zepi\Turbo\Response\Response $response * @param mixed $value * @return mixed */ public function execute(Framework $framework, RequestAbstract $request, Response $response, $value = null) { if (!$request instanceof WebRequest) { return $value; } $fullUrl = $request->getRequestedUrl(); $urlParts = parse_url($fullUrl); if ($urlParts == false) { return $value; } $urlParts = $this->verifyPath($urlParts); $completeUrl = $response->buildUrl($urlParts); if ($completeUrl !== $request->getRequestedUrl()) { $response->redirectTo($completeUrl); return null; } return $value; }
/** * Displays the edit user form and saves the data to the database. * * @access public * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\WebRequest $request * @param \Zepi\Turbo\Response\Response $response */ public function execute(Framework $framework, WebRequest $request, Response $response) { // Prepare the page $additionalTitle = $this->translate('Delete group', '\\Zepi\\Web\\AccessControl'); $title = $this->translate('Group management', '\\Zepi\\Web\\AccessControl'); $this->activateMenuEntry('group-administration'); $this->setTitle($title, $additionalTitle); // Get the user $uuid = $request->getRouteParam('uuid'); // If the UUID does not exists redirect to the overview page if (!is_string($uuid) || !$this->groupManager->hasGroupForUuid($uuid)) { $response->redirectTo($request->getFullRoute('/administration/groups/')); return; } $group = $this->groupManager->getGroupForUuid($uuid); // If $result isn't true, display the edit user form if ($request->getRouteParam('confirmation') === 'confirmed') { $this->groupManager->deleteGroup($group); $response->setOutput($this->render('\\Zepi\\Web\\AccessControl\\Templates\\Administration\\DeleteGroupFinished', array('group' => $group))); } else { // Display the delete user confirmation $response->setOutput($this->render('\\Zepi\\Web\\AccessControl\\Templates\\Administration\\DeleteGroup', array('group' => $group))); } }
/** * Send the api result to the client * * @access public * @param \Zepi\Turbo\Request\WebRequest $request * @param \Zepi\Turbo\Response\Response $response * @param array $result */ public function sendResponse(WebRequest $request, Response $response, $result) { $dataType = $request->getHeader('Accept'); switch ($dataType) { case 'text/xml': $xml = new \SimpleXMLElement('<root/>'); $this->fillXml($xml, $result); $result = $xml->asXML(); if ($result === false) { $result = ''; } $response->sendHeader('Content-Type: text/xml'); $response->setOutput($result); break; case 'application/json': default: $response->sendHeader('Content-Type: application/json'); $response->setOutput(json_encode($result)); break; } }
/** * Adds the needed headers and prepares the content * * @param \Zepi\Turbo\Response\Response $response * @param string $type * @param string $hash * @param string $version * @param string $content */ protected function deliverContent(Response $response, $type, $hash, $version, $content) { // Define the if modified since timestamp $cachedAssetTimestamp = $this->assetCacheManager->getCachedAssetTimestamp($type, $hash, $version); $ifModifiedSince = -1; if ($this->isHeaderSetAndNotEmpty('HTTP_IF_MODIFIED_SINCE')) { $ifModifiedSince = $_SERVER['HTTP_IF_MODIFIED_SINCE']; } // Define the etag $eTag = md5($content); $eTagHeader = -1; if ($this->isHeaderSetAndNotEmpty('HTTP_IF_NONE_MATCH')) { $eTagHeader = $_SERVER['HTTP_IF_NONE_MATCH']; } // Set the cache headers $cacheTtl = 86400 * 365; header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $cachedAssetTimestamp) . ' GMT'); header('Expires: ' . gmdate("D, d M Y H:i:s", time() + $cacheTtl) . ' GMT'); header('Pragma: cache'); header('Etag: ' . $eTag); header('Cache-Control: max-age=' . $cacheTtl); // Verify the cached timestamp and the eTag if ($cachedAssetTimestamp === $ifModifiedSince || $eTag === $eTagHeader) { header('HTTP/1.1 304 Not Modified'); exit; } // Set the content type $contentType = $this->getContentType($type, $version); if ($contentType !== '') { header('Content-type: ' . $contentType, true); } // Display the content $response->setOutput($content); }
/** * Initializes the session * * @access public * @param \Zepi\Turbo\Request\WebRequest $request * @param \Zepi\Turbo\Response\Response $response */ public function reinitializeSession(Framework $framework, WebRequest $request, Response $response) { // Sets the correct name: session_name('ZTSM'); // Start the session session_start(); // If the session wasn't started before, we start it now... if ($request->getSessionData('sessionStarted') === false) { $this->startSession($request); } // Validate the session data $valid = $this->validateSessionData($request); // If the session not is valid we redirect to the start of everything if (!$valid) { $response->redirectTo(''); } // There is a 1% chance that we regenerate the session if (mt_rand(1, 100) <= 1) { $this->regenerateSession($request); } // Initialize the user session if ($request->getSessionData('userUuid') !== false) { $this->reinitializeUserSession($framework, $request, $response); } }
/** * Executes the framework. This executes the pre and post execution events. * Between these two events we call the correct request event. The * routing table from the RouteManager returns the needed event name. * * @access public */ public function execute() { // Execute the before execution event $this->runtimeManager->executeEvent('\\Zepi\\Turbo\\Event\\BeforeExecution'); // Get the event name for the request and execute the event $eventName = $this->routeManager->getEventNameForRoute($this->request); $eventName = $this->runtimeManager->executeFilter('\\Zepi\\Turbo\\Filter\\VerifyEventName', $eventName); if ($eventName !== false && $eventName != '') { $this->runtimeManager->executeEvent($eventName); } else { $this->runtimeManager->executeEvent('\\Zepi\\Turbo\\Event\\RouteNotFound'); } // Execute the after execution event $this->runtimeManager->executeEvent('\\Zepi\\Turbo\\Event\\AfterExecution'); // Finalize the output $this->runtimeManager->executeEvent('\\Zepi\\Turbo\\Event\\FinalizeOutput'); // Execute the before output event $this->runtimeManager->executeEvent('\\Zepi\\Turbo\\Event\\BeforeOutput'); // Print the output echo $this->response->getOutput(); // Execute the after output event $this->runtimeManager->executeEvent('\\Zepi\\Turbo\\Event\\AfterOutput'); }
/** * Homepage * * @access public * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\WebRequest $request * @param \Zepi\Turbo\Response\Response $response */ public function execute(Framework $framework, WebRequest $request, Response $response) { $templatesManager = $framework->getInstance('\\Zepi\\Web\\General\\Manager\\TemplatesManager'); $response->setOutput($templatesManager->renderTemplate('\\Zepi\\Starter\\Templates\\Homepage', $framework, $request, $response)); }
/** * Displays the edit user form and saves the data to the database. * * @access public * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\WebRequest $request * @param \Zepi\Turbo\Response\Response $response */ public function execute(Framework $framework, WebRequest $request, Response $response) { $uuid = $request->getRouteParam('uuid'); // If there is a request parameter we need to edit a user. Otherwise we create a new one. if (is_string($uuid)) { $additionalTitle = $this->translate('Modify user', '\\Zepi\\Web\\AccessControl'); $user = $this->userManager->getUserForUuid($uuid); } else { $additionalTitle = $this->translate('Add user', '\\Zepi\\Web\\AccessControl'); $user = new User('', '', '', '', array()); } $title = $this->translate('User management', '\\Zepi\\Web\\AccessControl'); $this->layout->setUser($user); // Prepare the page $this->activateMenuEntry('user-administration'); $this->setTitle($title, $additionalTitle); // Process the data $result = $this->processFormData($request, $user); if ($result === true) { // Display the successful saved message $response->setOutput($this->render('\\Zepi\\Web\\AccessControl\\Templates\\Administration\\EditUserFinished', array('title' => $this->getTitle()))); } else { // Display the form $response->setOutput($this->render('\\Zepi\\Web\\AccessControl\\Templates\\Administration\\EditUserForm', array('user' => $user, 'title' => $this->getTitle(), 'layout' => $this->layout->getLayout(), 'layoutRenderer' => $this->getLayoutRenderer()))); } }
/** * Filters the given menu entries and removes all protected menu * entries for which the sender hasn't the correct permission. * * @access public * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\WebRequest $request * @param \Zepi\Turbo\Response\Response $response */ public function execute(Framework $framework, WebRequest $request, Response $response) { // Redirect if the user already has a valid session if ($request->hasSession()) { $response->redirectTo('/', 307); return; } // Set the title for the page $this->setTitle($this->translate('Login', '\\Zepi\\Web\\AccessControl')); // Get the form object $loginForm = $this->createForm($framework, $request, $response); // Process the submitted form data $loginForm->processFormData($request); // Validate the form data and authorize the user $result = false; $errors = array(); if ($loginForm->isSubmitted()) { $errors = $loginForm->validateFormData($framework); if (count($errors) === 0) { $result = $this->authorizeUser($loginForm, $framework, $request, $response); } } // Fill the errors into the error box $errorBox = $loginForm->getPart('login-errors'); $errorBox->updateErrorBox($loginForm, $result, $errors); // If $result isn't true, display the login form if (!$loginForm->isSubmitted() || $errorBox->hasErrors()) { $renderedOutput = $this->render('\\Zepi\\Web\\AccessControl\\Templates\\LoginForm', array('result' => $result, 'errors' => $errors, 'form' => $loginForm, 'layoutRenderer' => $this->getLayoutRenderer(), 'allowRegistration' => $this->getSetting('accesscontrol.allowRegistration'), 'allowRenewPassword' => $this->getSetting('accesscontrol.allowRenewPassword'))); $response->setOutput($renderedOutput); } }
/** * Displays a message if the session has no access to the requested command. * * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\CliRequest $request * @param \Zepi\Turbo\Response\Response $response */ public function execute(Framework $framework, CliRequest $request, Response $response) { $response->setOutputPart('noAccess', 'You have no access to the requested command!'); }
/** * Displays a message if the session has no access to the requested command. * * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\WebRequest $request * @param \Zepi\Turbo\Response\Response $response */ public function execute(Framework $framework, WebRequest $request, Response $response) { $renderedOutput = $this->render('\\Zepi\\Web\\AccessControl\\Templates\\NoAccessMessage'); $response->setOutput($renderedOutput); }
/** * This event handler clears the assets cache. * * @access public * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\CliRequest $request * @param \Zepi\Turbo\Response\Response $response */ public function execute(Framework $framework, CliRequest $request, Response $response) { // Clean the asset cache $this->assetCacheManager->clearAssetCache(); $response->setOutputPart('cacheCleared', 'The asset cache was successfully cleared!'); }
/** * The DefaultRouteNotFound event handler will generate a * route not found error message. * * @access public * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\RequestAbstract $request * @param \Zepi\Turbo\Response\Response $response */ public function execute(Framework $framework, RequestAbstract $request, Response $response) { $response->setOutputPart('404', 'The requested route is not available. We can\'t execute the request. Route: "' . $request->getRoute() . '"'); }