public function frontendPreRenderHeaders($context)
{
$page = Frontend::Page();
foreach (self::$headers as $name => $value) {
$page->addHeaderToPage($name, $value);
}
}
function renderer_json($mode)
{
if (strtolower($mode) == 'administration') {
throw new Lib\Exceptions\InvalidModeException('JSON Renderer launcher is only available on the frontend');
}
$renderer = Frontend::instance();
// Check if we should enable exception debug information
$exceptionDebugEnabled = Symphony::isLoggedIn();
// Use the JSON exception and error handlers instead of the Symphony one.
Lib\ExceptionHandler::initialise($exceptionDebugEnabled);
Lib\ErrorHandler::initialise($exceptionDebugEnabled);
// #1808
if (isset($_SERVER['HTTP_MOD_REWRITE'])) {
throw new Exception("mod_rewrite is required, however is not enabled.");
}
$output = $renderer->display(getCurrentPage());
cleanup_session_cookies();
if (in_array('JSON', Frontend::Page()->pageData()['type'])) {
// Load the output into a SimpleXML Container and convert to JSON
try {
$xml = new SimpleXMLElement($output, LIBXML_NOCDATA);
// Convert the XML to a plain array. This step is necessary as we cannot
// use JSON_PRETTY_PRINT directly on a SimpleXMLElement object
$outputArray = json_decode(json_encode($xml), true);
// Get the transforer object ready. Other extensions will
// add their transormations to this.
$transformer = new Lib\Transformer();
/**
* Allow other extensions to add their own transformers
*/
Symphony::ExtensionManager()->notifyMembers('APIFrameworkJSONRendererAppendTransformations', '/frontend/', ['transformer' => &$transformer]);
// Apply transformations
$outputArray = $transformer->run($outputArray);
// Now put the array through a json_encode
$output = json_encode($outputArray, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES);
} catch (\Exception $e) {
// This happened because the input was not valid XML. This could
// occur for a few reasons, but there are two scenarios
// we are interested in.
// 1) This is a devkit page (profile, debug etc). We want the data
// to be passed through and displayed rather than converted into
// JSON. There is no easy way in Symphony to tell if a devkit has
// control over the page, so instead lets inspect the output for
// any signs a devkit is rendering the page.
// 2) It is actually bad XML. In that case we need to let the error
// bubble through.
// Currently the easiest method is to check for the devkit.min.css
// in the output. This may fail in the furture if this file is
// renamed or moved.
if (!preg_match("@\\/symphony\\/assets\\/css\\/devkit.min.css@", $output)) {
throw $e;
}
}
}
echo $output;
return $renderer;
}
public function load()
{
// set session data
if (!isset($_SESSION['canofspam'])) {
// generate hash value
$_SESSION['canofspam'] = sha1(uniqid($_SERVER['REMOTE_ADDR'], true));
}
// add hash value to param pool
Frontend::Page()->_param['canofspam'] = $_SESSION['canofspam'];
}
public function setContentDisposition(array $context = NULL)
{
$page_data = Frontend::Page()->pageData();
foreach ($page_data['type'] as $type) {
if (substr($type, 0, 1) == ".") {
$FileName = $page_data['handle'];
Frontend::Page()->addHeaderToPage('Content-Disposition', 'attachment; filename=' . $FileName . $type);
}
}
}
public function setContentType(array $context = NULL)
{
$page_data = Frontend::Page()->pageData();
if (!isset($page_data['type']) || !is_array($page_data['type']) || empty($page_data['type'])) {
return;
}
foreach ($page_data['type'] as $type) {
$content_type = $this->resolveType($type);
if (!is_null($content_type)) {
Frontend::Page()->addHeaderToPage('Content-Type', $content_type);
}
}
}
protected function __trigger()
{
// Cookies only show up on page refresh.
// This flag helps in making sure the correct XML is being set
$loggedin = false;
if (isset($_REQUEST['action']['login'])) {
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
$loggedin = Frontend::instance()->login($username, $password);
} else {
$loggedin = Frontend::instance()->isLoggedIn();
}
if ($loggedin) {
$result = new XMLElement('login-info');
$result->setAttribute('logged-in', 'true');
$author = null;
if (is_callable(array('Symphony', 'Author'))) {
$author = Symphony::Author();
} else {
$author = Frontend::instance()->Author;
}
$result->setAttributeArray(array('id' => $author->get('id'), 'user-type' => $author->get('user_type'), 'primary-account' => $author->get('primary')));
$fields = array('name' => new XMLElement('name', $author->getFullName()), 'username' => new XMLElement('username', $author->get('username')), 'email' => new XMLElement('email', $author->get('email')));
if ($author->isTokenActive()) {
$fields['author-token'] = new XMLElement('author-token', $author->createAuthToken());
}
// Section
if ($section = Symphony::Database()->fetchRow(0, "SELECT `id`, `handle`, `name` FROM `tbl_sections` WHERE `id` = '" . $author->get('default_area') . "' LIMIT 1")) {
$default_area = new XMLElement('default-area', $section['name']);
$default_area->setAttributeArray(array('id' => $section['id'], 'handle' => $section['handle'], 'type' => 'section'));
$fields['default-area'] = $default_area;
} else {
$default_area = new XMLElement('default-area', $author->get('default_area'));
$default_area->setAttribute('type', 'page');
$fields['default-area'] = $default_area;
}
foreach ($fields as $f) {
$result->appendChild($f);
}
} else {
$result = new XMLElement('user');
$result->setAttribute('logged-in', 'false');
}
// param output
Frontend::Page()->_param['login'] = $loggedin ? 'yes' : 'no';
Frontend::Page()->_param['login-filter'] = $loggedin ? 'yes,no' : 'yes';
return $result;
}
public function generatePDFAttachments(&$output)
{
$params = Frontend::Page()->_param;
$dom = new DOMDocument('1.0', 'UTF-8');
$doc->formatOutput = true;
$dom->loadHTML($output);
if ($dom === false) {
return $output;
}
$xpath = new DOMXPath($dom);
// Copy any <link rel='stylesheet'/> or <style type='text/css'> prepend to the blocks
$css = '';
$styling = $xpath->query('//link[@rel="stylesheet"] | //style[@type="text/css"]');
if ($styling->length !== 0) {
foreach ($styling as $style) {
$css .= $dom->saveXML($style);
}
}
// Find anything with @data-utp attribute set to attachment
$blocks = $xpath->query('//*[@data-utp = "attachment"]');
if ($blocks->length !== 0) {
foreach ($blocks as $block) {
// Get the content in those blocks
$data = $dom->saveXML($block);
// Send the block to the PDF generator, saving it in /TMP
$data = $css . $data;
$pdf = self::initPDF();
// output the HTML content
$pdf->writeHTML($data, true, false, true, false, '');
// reset pointer to the last page
$pdf->lastPage();
// get the output of the PDF as a string and save it to a file
// attempt to find the filename if it's provided with @data-utp-filename
if (!($filename = $xpath->evaluate('string(//@data-utp-filename)'))) {
$filename = md5(sprintf('%s - %s', $params['website-name'], $params['page-title']));
}
$filename = TMP . '/' . Lang::createFilename($filename) . '.pdf';
General::writeFile($filename, $pdf->Output($filename, 'S'), Symphony::Configuration()->get('write_mode', 'file'));
// Replace the attachment node with <link rel='attachment' href='{path/to/file}' />
$link = $dom->createElement('link');
$link->setAttribute('rel', 'attachment');
$link->setAttribute('href', str_replace(DOCROOT, URL, $filename));
$block->parentNode->replaceChild($link, $block);
}
}
$output = $dom->saveHTML();
}
public function setContentType(array $context = NULL)
{
$page_data = Frontend::Page()->pageData();
if (!isset($page_data['type']) || !is_array($page_data['type']) || empty($page_data['type'])) {
return;
}
foreach ($page_data['type'] as $type) {
$content_type = $this->resolveType($type);
if (!is_null($content_type)) {
Frontend::Page()->addHeaderToPage('Content-Type', $content_type);
}
if ($type[0] == '.') {
$FileName = $page_data['handle'];
Frontend::Page()->addHeaderToPage('Content-Disposition', "attachment; filename={$FileName}{$type}");
}
}
}
public function setBoilerplateXSL($context)
{
// @todo: This should only be available if logged in
if (!isset($_GET['boilerplate-xsl']) && (!in_array('JSON', Frontend::Page()->pageData()['type']) || !in_array('boilerplate-xsl', Frontend::Page()->pageData()['type']))) {
return;
}
$context['xsl'] = <<<'XSL'
<?xml version="1.0" encoding="UTF-8"?><xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<xsl:template match="node()|@*">
<xsl:copy>
<xsl:apply-templates select="node()|@*"/>
</xsl:copy>
</xsl:template>
</xsl:stylesheet>
XSL;
}
public function setContentType(array $context = NULL)
{
$page_data = Frontend::Page()->pageData();
if (!isset($page_data['type']) || !is_array($page_data['type']) || empty($page_data['type'])) {
return;
}
foreach ($page_data['type'] as $type) {
$content_type = $this->resolveType($type);
if (!is_null($content_type)) {
header('Content-Type:' . $content_type, true);
}
if (substr($type, 0, 1) == ".") {
$FileName = $page_data['handle'];
header('Content-Disposition: attachment; filename=' . $FileName . $type);
}
}
}
protected function __trigger()
{
session_start();
$xml = new XMLElement('session-monster');
$exclude = array('symphony-page', 'Debug', 'debug', 'profile');
$count = 0;
foreach ($_GET as $key => $val) {
if (!in_array($key, $exclude)) {
$_SESSION[__SYM_COOKIE_PREFIX__ . '-sessionmonster'][$key] = $val;
$xml->appendChild(new XMLElement('item', $val, array('name' => $key, 'action' => strlen($val) > 0 ? 'added' : 'removed')));
$count++;
}
}
if (is_array($_SESSION[__SYM_COOKIE_PREFIX__ . '-sessionmonster'])) {
foreach ($_SESSION[__SYM_COOKIE_PREFIX__ . '-sessionmonster'] as $key => $val) {
if (!in_array($key, $exclude)) {
Frontend::Page()->_param['sessionmonster-' . $key] = $val;
}
}
}
return $count == 0 ? NULL : $xml;
}
public function actionRequestCode($result, $values, $redirect)
{
$em = new EntryManager($this->parent);
$fm = new FieldManager($this->parent);
$section = $this->section;
$where = $joins = $group = null;
$name_where = $name_joins = $name_group = null;
// Get given fields:
foreach ($values as $key => $value) {
$field_id = $fm->fetchFieldIDFromElementName($key, $this->section->get('id'));
if (!is_null($field_id)) {
$field = $fm->fetch($field_id, $this->section->get('id'));
if ($field instanceof FieldMemberEmail) {
$field->buildDSRetrivalSQL($value, $joins, $where);
}
}
}
// Find matching entries:
$entries = $em->fetch(null, $this->section->get('id'), 1, null, $where, $joins, $group, true);
if (!($entry = @current($entries))) {
$result->setAttribute('status', 'failed');
$result->setAttribute('reason', 'incorrect-email');
return FMM::RESULT_INCORRECT_EMAIL;
}
$field = $this->getMemberField(FMM::FIELD_MEMBERSTATUS);
$data = $entry->getData($field->get('id'));
$status = is_array($data['value']) ? current($data['value']) : $data['value'];
// The member is banned:
if ($status == FMM::STATUS_BANNED) {
$result->setAttribute('status', 'failed');
$result->setAttribute('reason', 'banned');
return FMM::RESULT_ACCOUNT_BANNED;
}
// The member is inactive:
if ($status == FMM::STATUS_PENDING) {
$result->setAttribute('status', 'failed');
$result->setAttribute('reason', 'pending');
return FMM::RESULT_ACCOUNT_PENDING;
}
$email_field = $this->getMemberField(FMM::FIELD_MEMBEREMAIL);
$email_data = $entry->getData($email_field->get('id'));
$password_field = $this->getMemberField(FMM::FIELD_MEMBERPASSWORD);
$password_data = $entry->getData($password_field->get('id'));
// Save new recovery code:
$password_data['recovery_code'] = md5(time() . $entry->get('id') . $email_data['value']);
$entry->setData($password_field->get('id'), $password_data);
$entry->commit();
// Send recovery email:
$driver = Frontend::Page()->ExtensionManager->create('emailtemplatefilter');
$template_id = $this->parent->Configuration->get('recovery-email-template', 'frontendmembermanager');
$driver->sendEmail($entry->get('id'), $template_id);
$result->setAttribute('status', 'success');
if (!is_null($redirect)) {
redirect($redirect);
}
return FMM::RESULT_SUCCESS;
}
protected function __trigger()
{
$driver = Frontend::Page()->ExtensionManager->create('frontendmembermanager');
return $driver->actionRequestCode(@$_REQUEST['fields'], @$_REQUEST['redirect']);
}
public function conditionalize(&$context)
{
/*
'datasource' => $ds,
'xml' => &$xml,
'param_pool' => &$this->_env['pool']
*/
if (empty($context) || !isset($context['datasource']) || !isset($context['datasource']->dsParamConditionalizer) || empty($context['datasource']->dsParamConditionalizer)) {
return;
}
if (!class_exists('Conditionalizer')) {
require_once EXTENSIONS . '/conditionalizer/lib/class.conditionalizer.php';
}
$data = $context['datasource']->__processParametersInString($context['datasource']->dsParamConditionalizer, array('env' => Frontend::Page()->Env(), 'param' => Frontend::Page()->Params()));
$e = Conditionalizer::parse($data);
if (!empty($e) && !Conditionalizer::evaluate($e)) {
$context['xml'] = new XMLElement($context['datasource']->dsParamROOTELEMENT, '<error>' . __('Condition not met.') . '</error>');
}
}
protected function __trigger()
{
$driver = Frontend::Page()->ExtensionManager->create('frontendmembermanager');
return $driver->actionLogout();
}
public static function FrontendParamsResolve(array &$context)
{
Frontend::Page()->registerPHPFunction(array('htmlContextCleaner', 'scriptContextCleaner', 'attributeContextCleaner', 'styleContextCleaner', 'urlContextCleaner'));
}
