/**
  * Prepare the controller for handling the response to this request.
  *
  * Copied from Security getResponseController() with minor modifications.
  *
  * @param string $title Title to use
  * @return Controller
  */
 public function getResponseController($title)
 {
     $temp_page = new Page();
     $temp_page->Title = $title;
     $temp_page->URLSegment = 'Security';
     $temp_page->ID = -1 * rand(1, 10000000);
     // Disable ID-based caching of the log-in page by making it a random number
     $controller = Page_Controller::create($temp_page);
     $controller->init();
     return $controller;
 }
 public function index()
 {
     Requirements::css(UNILOGIN_MODULE_DIR . '/css/style.css');
     // TODO. Add as composer requirement?
     Requirements::css('https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css');
     if (class_exists('SiteTree')) {
         $tmpPage = new Page();
         $tmpPage->Title = _t('UniLogIn.Title', 'Choose member to login');
         $tmpPage->URLSegment = "unilogin";
         // Disable ID-based caching  of the log-in page by making it a random number
         $tmpPage->ID = -1 * rand(1, 10000000);
         $controller = Page_Controller::create($tmpPage);
         $controller->setDataModel($this->model);
         $controller->init();
     } else {
         $controller = $this;
     }
     $customisedController = $controller->customise(array("Content" => _t('UniLogIn.Content', 'Choose member to login. Currently logged as {name}.', '', array('name' => Member::currentUser()->Title)), "Members" => Member::get()->exclude('ID', Member::currentUserID())->sort(array('FirstName' => 'asc', 'Surname' => 'asc'))));
     return $customisedController->renderWith(array('UniloginPage', 'Page'));
 }
 public function testCreateUserDefinedTemplate()
 {
     $this->logInWithPermission();
     $ut = new UserTemplate();
     $ut->Title = 'Template 1';
     $ut->Use = 'Layout';
     $ut->Content = 'UserTemplate 1 $Content';
     $ut->write();
     $page = Page::create();
     $page->Title = 'My page';
     $page->Content = 'PageContent';
     $page->write();
     $out = $page->renderWith(array('Page', 'Page'));
     $this->assertTrue(strpos($out, 'PageContent') > 0);
     $this->assertTrue(strpos($out, 'UserTemplate 1') === false);
     // bind the user template
     $page->LayoutTemplateID = $ut->ID;
     $page->write();
     $ctrl = Page_Controller::create($page);
     $viewer = $ctrl->getViewer('index');
     $out = $viewer->process($ctrl);
     $this->assertTrue(strpos($out, 'UserTemplate 1 PageContent') > 0);
 }
Exemplo n.º 4
0
 /**
  * Show the "change password" page.
  * This page can either be called directly by logged-in users
  * (in which case they need to provide their old password),
  * or through a link emailed through {@link lostpassword()}.
  * In this case no old password is required, authentication is ensured
  * through the Member.AutoLoginHash property.
  *
  * @see ChangePasswordForm
  *
  * @return string Returns the "change password" page as HTML code.
  */
 public function changepassword()
 {
     if (class_exists('SiteTree')) {
         $tmpPage = new Page();
         $tmpPage->Title = _t('Security.CHANGEPASSWORDHEADER', 'Change your password');
         $tmpPage->URLSegment = 'Security';
         // Disable ID-based caching  of the log-in page by making it a random number
         $tmpPage->ID = -1 * rand(1, 10000000);
         $controller = Page_Controller::create($tmpPage);
         $controller->init();
     } else {
         $controller = $this;
     }
     // if the controller calls Director::redirect(), this will break early
     if (($response = $controller->getResponse()) && $response->isFinished()) {
         return $response;
     }
     // Extract the member from the URL.
     $member = null;
     if (isset($_REQUEST['m'])) {
         $member = Member::get()->filter('ID', (int) $_REQUEST['m'])->First();
     }
     // Check whether we are merely changin password, or resetting.
     if (isset($_REQUEST['t']) && $member && $member->validateAutoLoginToken($_REQUEST['t'])) {
         // On first valid password reset request redirect to the same URL without hash to avoid referrer leakage.
         // if there is a current member, they should be logged out
         if ($curMember = Member::currentUser()) {
             $curMember->logOut();
         }
         // Store the hash for the change password form. Will be unset after reload within the ChangePasswordForm.
         Session::set('AutoLoginHash', $member->encryptWithUserSettings($_REQUEST['t']));
         return $this->redirect($this->Link('changepassword'));
     } elseif (Session::get('AutoLoginHash')) {
         // Subsequent request after the "first load with hash" (see previous if clause).
         $customisedController = $controller->customise(array('Content' => '<p>' . _t('Security.ENTERNEWPASSWORD', 'Please enter a new password.') . '</p>', 'Form' => $this->ChangePasswordForm()));
     } elseif (Member::currentUser()) {
         // Logged in user requested a password change form.
         $customisedController = $controller->customise(array('Content' => '<p>' . _t('Security.CHANGEPASSWORDBELOW', 'You can change your password below.') . '</p>', 'Form' => $this->ChangePasswordForm()));
     } else {
         // Show friendly message if it seems like the user arrived here via password reset feature.
         if (isset($_REQUEST['m']) || isset($_REQUEST['t'])) {
             $customisedController = $controller->customise(array('Content' => _t('Security.NOTERESETLINKINVALID', '<p>The password reset link is invalid or expired.</p>' . '<p>You can request a new one <a href="{link1}">here</a> or change your password after' . ' you <a href="{link2}">logged in</a>.</p>', array('link1' => $this->Link('lostpassword'), 'link2' => $this->link('login')))));
         } else {
             self::permissionFailure($this, _t('Security.ERRORPASSWORDPERMISSION', 'You must be logged in in order to change your password!'));
             return;
         }
     }
     return $customisedController->renderWith($this->getTemplate('changepassword'));
 }
Exemplo n.º 5
0
 /**
  * Prepare the controller for handling the response to this request
  *
  * @param string $title Title to use
  * @return Controller
  */
 protected function getResponseController($title)
 {
     if (!class_exists('SiteTree')) {
         return $this;
     }
     // Use sitetree pages to render the security page
     $tmpPage = new Page();
     $tmpPage->Title = $title;
     $tmpPage->URLSegment = "Security";
     // Disable ID-based caching  of the log-in page by making it a random number
     $tmpPage->ID = -1 * rand(1, 10000000);
     $controller = Page_Controller::create($tmpPage);
     $controller->setDataModel($this->model);
     $controller->init();
     return $controller;
 }
 /**
  * 
  * @return void
  */
 public function notAccessible()
 {
     $config = SiteConfig::current_site_config();
     if (!($content = $config->SecuredFileDefaultContent)) {
         $content = "<p>" . _t('SecuredFileController.SecuredFileDefaultContent', "The document is not accessible") . "</p>";
     }
     if (!($title = $config->SecuredFileDefaultTitle)) {
         $title = _t('SecuredFileController.SecuredFileDefaultTitle', "The document is not accessible");
     }
     if (isset($_GET['ContainerURL']) && $_GET['ContainerURL']) {
         $containerUrl = DBField::create_field('Varchar', $_GET['ContainerURL']);
         $backLink = '<p><a href="' . $containerUrl . '">Go back</a></p>';
         $content = $backLink . $content . $backLink;
     }
     if (class_exists('SiteTree')) {
         $tmpPage = new Page();
         $tmpPage->Title = $title;
         $tmpPage->Content = $content;
         // Disable ID-based caching  of the log-in page by making it a random number
         $tmpPage->ID = -1 * rand(1, 10000000);
         $controller = Page_Controller::create($tmpPage);
         $controller->setDataModel($this->model);
         $controller->init();
     } else {
         $controller = $this->customise(array("Content" => $content, "Title" => $title));
     }
     echo $controller->renderWith(array('Page'))->Value;
     exit(0);
 }
 public static function create_view($controller, $url = '', $action = '')
 {
     if (class_exists('SiteTree')) {
         $page = \Page::create();
         $page->URLSegment = $url ? $url : $controller->Link();
         $page->Action = $action;
         $page->ID = -1;
         $controller = \Page_Controller::create($page);
     }
     return $controller;
 }