public function init() { parent::init(); // set language try { $locale = Zend_Registry::get("Zend_Locale"); $this->setLanguage($locale->getLanguage()); } catch (Exception $e) { if ($this->_getParam("language")) { $this->setLanguage($this->_getParam("language")); } else { $config = Pimcore_Config::getSystemConfig(); $this->setLanguage($config->general->language); } } try { Zend_Registry::get("pimcore_admin_initialized"); $this->setUser(Zend_Registry::get("pimcore_admin_user")); } catch (Exception $e) { // general definitions Document::setHideUnpublished(false); Object_Abstract::setHideUnpublished(false); Object_Abstract::setGetInheritedValues(false); Pimcore::setAdminMode(); // init translations self::initTranslations($this); // init zend action helpers Zend_Controller_Action_HelperBroker::addPrefix('Pimcore_Controller_Action_Helper'); // authenticate user, first try to authenticate with session information $user = Pimcore_Tool_Authentication::authenticateSession(); if ($user instanceof User) { $this->setUser($user); if ($this->getUser()->getLanguage()) { $this->setLanguage($this->getUser()->getLanguage()); } } else { // try to authenticate with digest, but this is only allowed for WebDAV if ($this->_getParam("module") == "admin" && $this->_getParam("controller") == "asset" && $this->_getParam("action") == "webdav") { $user = Pimcore_Tool_Authentication::authenticateDigest(); if ($user instanceof User) { $this->setUser($user); return; } } } // send a auth header for the client (is covered by the ajax object in javascript) if (!$this->getUser() instanceof User) { $this->getResponse()->setHeader("X-Pimcore-Auth", "required"); } // redirect to the login-page if the user isn't authenticated if (!$this->getUser() instanceof User && !($this->_getParam("module") == "admin" && $this->_getParam("controller") == "login")) { $this->_redirect("/admin/login"); $this->getResponse()->sendResponse(); exit; } Zend_Registry::set("pimcore_admin_user", $this->getUser()); Zend_Registry::set("pimcore_admin_initialized", true); } }
public function init() { parent::init(); $maxExecutionTime = 300; @ini_set("max_execution_time", $maxExecutionTime); set_time_limit($maxExecutionTime); Zend_Controller_Action_HelperBroker::addPrefix('Pimcore_Controller_Action_Helper'); if (is_file(PIMCORE_CONFIGURATION_SYSTEM)) { $this->_redirect("/admin"); } }
public function init() { if (!$this->_getParam("apikey")) { throw new Exception("API key missing"); } $userList = new User_List(); $userList->setCondition("password = ?", $this->_getParam("apikey")); $users = $userList->load(); if (!is_array($users) or count($users) !== 1) { throw new Exception("API key error"); } $user = $users[0]; Zend_Registry::set("pimcore_user", $user); parent::init(); }
public function init() { parent::init(); if (is_file(PIMCORE_CONFIGURATION_SYSTEM)) { // session authentication, only possible if user is logged in $user = Pimcore_Tool_Authentication::authenticateSession(); if (!$user instanceof User) { die("Authentication failed!<br />If you don't have access to the admin interface any more, and you want to find out if the server configuration matches the requirements you have to rename the the system.xml for the time of the check."); } } else { if ($this->_getParam("mysql_adapter")) { } else { die("Not possible... no database settings given.<br />Parameters: mysql_adapter,mysql_host,mysql_username,mysql_password,mysql_database"); } } }
public function init() { parent::init(); // set language if (Zend_Registry::isRegistered("Zend_Locale")) { $locale = Zend_Registry::get("Zend_Locale"); $this->setLanguage($locale->getLanguage()); } else { if ($this->_getParam("language")) { $this->setLanguage($this->_getParam("language")); } else { $config = Pimcore_Config::getSystemConfig(); $this->setLanguage($config->general->language); // try to set browser-language (validation if installed is in $this->setLanguage() ) $this->setLanguage(new Zend_Locale()); } } if (self::$adminInitialized) { // this will be executed on every call to this init() method try { $this->setUser(Zend_Registry::get("pimcore_admin_user")); } catch (Exception $e) { Logger::emerg("adminInitialized was set to true although there was no user set in the registry -> to be save the process was killed"); exit; } } else { // the following code is only called once, even when there are some subcalls (eg. with $this->action, ... ) $this->disableBrowserCache(); // general definitions Document::setHideUnpublished(false); Object_Abstract::setHideUnpublished(false); Object_Abstract::setGetInheritedValues(false); Pimcore::setAdminMode(); // init translations self::initTranslations($this); // init zend action helpers Zend_Controller_Action_HelperBroker::addPrefix('Pimcore_Controller_Action_Helper'); // this is to make it possible to use the session id as a part of the route (ZF default route) used for pixlr.com editors, etc. if ($this->_getParam("pimcore_admin_sid")) { $_REQUEST["pimcore_admin_sid"] = $this->_getParam("pimcore_admin_sid"); } // authenticate user, first try to authenticate with session information $user = Pimcore_Tool_Authentication::authenticateSession(); if ($user instanceof User) { $this->setUser($user); if ($this->getUser()->getLanguage()) { $this->setLanguage($this->getUser()->getLanguage()); } } else { // try to authenticate with digest, but this is only allowed for WebDAV if ($this->_getParam("module") == "admin" && $this->_getParam("controller") == "asset" && $this->_getParam("action") == "webdav") { $user = Pimcore_Tool_Authentication::authenticateDigest(); if ($user instanceof User) { $this->setUser($user); self::$adminInitialized = true; return; } } } // redirect to the login-page if the user isn't authenticated if (!$this->getUser() instanceof User && !($this->_getParam("module") == "admin" && $this->_getParam("controller") == "login")) { // put a detailed message into the debug.log Logger::warn("Prevented access to " . $_SERVER["REQUEST_URI"] . " because there is no user in the session!"); Logger::warn(array("server" => $_SERVER, "get" => $_GET, "post" => $_POST, "session" => $_SESSION, "cookie" => $_COOKIE)); // send a auth header for the client (is covered by the ajax object in javascript) $this->getResponse()->setHeader("X-Pimcore-Auth", "required"); // redirect to login page $this->_redirect("/admin/login"); // exit the execution -> just to be sure exit; } // we're now authenticated so we can remove the default error handler so that we get just the normal PHP errors if ($this->_getParam("controller") != "login") { $front = Zend_Controller_Front::getInstance(); $front->unregisterPlugin("Pimcore_Controller_Plugin_ErrorHandler"); $front->throwExceptions(true); @ini_set("display_errors", "On"); @ini_set("display_startup_errors", "On"); } Zend_Registry::set("pimcore_admin_user", $this->getUser()); self::$adminInitialized = true; } }
public function init() { parent::init(); // log exceptions if handled by error_handler $this->checkForErrors(); // general definitions Pimcore::unsetAdminMode(); Document::setHideUnpublished(true); Object_Abstract::setHideUnpublished(true); Object_Abstract::setGetInheritedValues(true); // contains the logged in user if necessary $user = null; // assign variables $this->view->controller = $this; // init website config $config = Pimcore_Config::getWebsiteConfig(); $this->config = $config; $this->view->config = $config; if (!$this->_getParam("document")) { Zend_Registry::set("pimcore_editmode", false); $this->editmode = false; $this->view->editmode = false; // no document available, continue, ... return; } else { $this->setDocument($this->_getParam("document")); } if ($this->_getParam("pimcore_editmode") || $this->_getParam("pimcore_version") || $this->_getParam("pimcore_preview") || $this->_getParam("pimcore_admin") || $this->_getParam("pimcore_object_preview")) { $specialAdminRequest = true; $this->disableBrowserCache(); // start admin session & get logged in user $user = Pimcore_Tool_Authentication::authenticateSession(); } if (!$this->document->isPublished()) { if ($specialAdminRequest) { if (!$user) { throw new Exception("access denied for " . $this->document->getFullPath()); } } else { throw new Exception("access denied for " . $this->document->getFullPath()); } } // register global locale if the document has the system property "language" if ($this->document->getProperty("language")) { $locale = new Zend_Locale($this->document->getProperty("language")); Zend_Registry::set('Zend_Locale', $locale); $this->getResponse()->setHeader("Content-Language", strtolower(str_replace("_", "-", (string) $locale)), true); } // for editmode if ($user) { if ($this->_getParam("pimcore_editmode") and !Zend_Registry::isRegistered("pimcore_editmode")) { Zend_Registry::set("pimcore_editmode", true); // check if there is the document in the session $docKey = "document_" . $this->getDocument()->getId(); $docSession = new Zend_Session_Namespace("pimcore_documents"); if ($docSession->{$docKey}) { // if there is a document in the session use it $this->setDocument($docSession->{$docKey}); } else { // set the latest available version for editmode if there is no doc in the session $latestVersion = $this->getDocument()->getLatestVersion(); if ($latestVersion) { $latestDoc = $latestVersion->loadData(); if ($latestDoc instanceof Document_PageSnippet) { $this->setDocument($latestDoc); } } } // register editmode plugin $front = Zend_Controller_Front::getInstance(); $front->registerPlugin(new Pimcore_Controller_Plugin_Frontend_Editmode($this), 1000); } else { Zend_Registry::set("pimcore_editmode", false); } } else { Zend_Registry::set("pimcore_editmode", false); } // for preview if ($user) { // document preview if ($this->_getParam("pimcore_preview")) { // get document from session $docKey = "document_" . $this->_getParam("document")->getId(); $docSession = new Zend_Session_Namespace("pimcore_documents"); if ($docSession->{$docKey}) { $this->setDocument($docSession->{$docKey}); } } // object preview if ($this->_getParam("pimcore_object_preview")) { $key = "object_" . $this->_getParam("pimcore_object_preview"); $session = new Zend_Session_Namespace("pimcore_objects"); if ($session->{$key}) { $object = $session->{$key}; // add the object to the registry so every call to Object_Abstract::getById() will return this object instead of the real one Zend_Registry::set("object_" . $object->getId(), $object); } } } // for version preview if ($this->_getParam("pimcore_version")) { if ($user) { // only get version data at the first call || because of embedded Snippets ... if (!Zend_Registry::isRegistered("pimcore_version_active")) { $version = Version::getById($this->_getParam("pimcore_version")); $this->setDocument($version->getData()); Zend_Registry::set("pimcore_version_active", true); } } } // for public versions if ($this->_getParam("v")) { try { $version = Version::getById($this->_getParam("v")); if ($version->getPublic()) { $this->setDocument($version->getData()); } } catch (Exception $e) { } } // check if document is a wrapped hardlink, if this is the case send a rel=canonical header to the source document if ($this->getDocument() instanceof Document_Hardlink_Wrapper_Interface) { // get the cononical (source) document $hardlinkCanonicalSourceDocument = Document::getById($this->getDocument()->getId()); $request = $this->getRequest(); $this->getResponse()->setHeader("Link", '<' . $request->getScheme() . "://" . $request->getHttpHost() . $hardlinkCanonicalSourceDocument->getFullPath() . '>; rel="canonical"'); } // set some parameters $this->editmode = Zend_Registry::get("pimcore_editmode"); $this->view->editmode = Zend_Registry::get("pimcore_editmode"); }
public function init() { parent::init(); // log exceptions if handled by error_handler $this->checkForErrors(); // general definitions Pimcore::unsetAdminMode(); Document::setHideUnpublished(true); Object_Abstract::setHideUnpublished(true); Object_Abstract::setGetInheritedValues(true); $adminSession = null; // assign variables $this->view->controller = $this; // init website config $config = Pimcore_Config::getWebsiteConfig(); $this->config = $config; $this->view->config = $config; if (!$this->_getParam("document")) { Zend_Registry::set("pimcore_editmode", false); $this->editmode = false; $this->view->editmode = false; // no document available, continue, ... return; } else { $this->setDocument($this->_getParam("document")); } if ($this->_getParam("pimcore_editmode") || $this->_getParam("pimcore_version") || $this->_getParam("pimcore_preview") || $this->_getParam("pimcore_admin") || $this->_getParam("pimcore_object_preview")) { $specialAdminRequest = true; Pimcore_Tool_Authentication::initSession(); // start admin session $adminSession = new Zend_Session_Namespace("pimcore_admin"); } if (!$this->document->isPublished()) { if ($specialAdminRequest) { if (!$adminSession->user instanceof User) { throw new Exception("access denied for " . $this->document->getFullPath()); } } else { throw new Exception("access denied for " . $this->document->getFullPath()); } } // register global locale if the document has the system property "language" if ($this->document->getProperty("language")) { $locale = new Zend_Locale($this->document->getProperty("language")); Zend_Registry::set('Zend_Locale', $locale); } // for editmode if ($adminSession && $adminSession->user instanceof User) { if ($this->_getParam("pimcore_editmode") and !Zend_Registry::isRegistered("pimcore_editmode")) { Zend_Registry::set("pimcore_editmode", true); // check if there is the document in the session $docKey = "document_" . $this->getDocument()->getId(); $docSession = new Zend_Session_Namespace("pimcore_documents"); if ($docSession->{$docKey}) { // if there is a document in the session use it $this->setDocument($docSession->{$docKey}); } else { // set the latest available version for editmode if there is no doc in the session $latestVersion = $this->getDocument()->getLatestVersion(); if ($latestVersion) { $latestDoc = $latestVersion->loadData(); if ($latestDoc instanceof Document_PageSnippet) { $this->setDocument($latestDoc); } } } // register editmode plugin $front = Zend_Controller_Front::getInstance(); $front->registerPlugin(new Pimcore_Controller_Plugin_Frontend_Editmode($this), 1000); } else { Zend_Registry::set("pimcore_editmode", false); } } else { Zend_Registry::set("pimcore_editmode", false); } // for preview if ($adminSession && $adminSession->user instanceof User) { // document preview if ($this->_getParam("pimcore_preview")) { // get document from session $docKey = "document_" . $this->_getParam("document")->getId(); $docSession = new Zend_Session_Namespace("pimcore_documents"); if ($docSession->{$docKey}) { $this->setDocument($docSession->{$docKey}); } } // object preview if ($this->_getParam("pimcore_object_preview")) { $key = "object_" . $this->_getParam("pimcore_object_preview"); $session = new Zend_Session_Namespace("pimcore_objects"); if ($session->{$key}) { $object = $session->{$key}; // add the object to the registry so every call to Object_Abstract::getById() will return this object instead of the real one Zend_Registry::set("object_" . $object->getId(), $object); } } } // for version preview if ($this->_getParam("pimcore_version")) { if ($adminSession && $adminSession->user instanceof User) { // only get version data at the first call || because of embedded Snippets ... try { Zend_Registry::get("pimcore_version_active"); } catch (Exception $e) { $version = Version::getById($this->_getParam("pimcore_version")); $this->setDocument($version->getData()); Zend_Registry::set("pimcore_version_active", true); } } } // for public versions if ($this->_getParam("v")) { try { $version = Version::getById($this->_getParam("v")); if ($version->getPublic()) { $this->setDocument($version->getData()); } } catch (Exception $e) { } } // set some parameters $this->editmode = Zend_Registry::get("pimcore_editmode"); $this->view->editmode = Zend_Registry::get("pimcore_editmode"); }