/**
* handler for JSON api requests
*
* @return JSON
*/
public function handle()
{
try {
// init server and request first
$server = new Zend_Json_Server();
$server->setClass('Setup_Frontend_Json', 'Setup');
$server->setClass('Tinebase_Frontend_Json', 'Tinebase');
$server->setAutoHandleExceptions(false);
$server->setAutoEmitResponse(false);
$request = new Zend_Json_Server_Request_Http();
Setup_Core::initFramework();
$method = $request->getMethod();
$jsonKey = isset($_SERVER['HTTP_X_TINE20_JSONKEY']) ? $_SERVER['HTTP_X_TINE20_JSONKEY'] : '';
Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' is JSON request. method: ' . $method);
$anonymnousMethods = array('Setup.getAllRegistryData', 'Setup.login', 'Tinebase.getAvailableTranslations', 'Tinebase.getTranslations', 'Tinebase.setLocale');
if (!Setup_Core::configFileExists()) {
$anonymnousMethods = array_merge($anonymnousMethods, array('Setup.envCheck'));
}
// check json key for all methods but some exceptoins
if (!in_array($method, $anonymnousMethods) && Setup_Core::configFileExists() && (empty($jsonKey) || $jsonKey != Setup_Core::get('jsonKey') || !Setup_Core::isRegistered(Setup_Core::USER))) {
if (!Setup_Core::isRegistered(Setup_Core::USER)) {
Setup_Core::getLogger()->INFO(__METHOD__ . '::' . __LINE__ . ' Attempt to request a privileged Json-API method without authorisation from "' . $_SERVER['REMOTE_ADDR'] . '". (session timeout?)');
throw new Tinebase_Exception_AccessDenied('Not Authorised', 401);
} else {
Setup_Core::getLogger()->WARN(__METHOD__ . '::' . __LINE__ . ' Fatal: got wrong json key! (' . $jsonKey . ') Possible CSRF attempt!' . ' affected account: ' . print_r(Setup_Core::getUser(), true) . ' request: ' . print_r($_REQUEST, true));
throw new Tinebase_Exception_AccessDenied('Not Authorised', 401);
}
}
$response = $server->handle($request);
} catch (Exception $exception) {
$response = $this->_handleException($server, $request, $exception);
}
echo $response;
}
/**
* Get redirect Settings from config table.
* If Tinebase is not installed, default values will be returned.
*
* @return array
*/
protected function _getRedirectSettings()
{
$return = array(Tinebase_Config::REDIRECTURL => '', Tinebase_Config::REDIRECTTOREFERRER => '0');
if (Setup_Core::get(Setup_Core::CHECKDB) && $this->isInstalled('Tinebase')) {
$return[Tinebase_Config::REDIRECTURL] = Tinebase_Config::getInstance()->get(Tinebase_Config::REDIRECTURL, '');
$return[Tinebase_Config::REDIRECTTOREFERRER] = Tinebase_Config::getInstance()->get(Tinebase_Config::REDIRECTTOREFERRER, '');
}
return $return;
}
/**
* Returns registry data of all applications current user has access to
* @see Tinebase_Application_Json_Abstract
*
* @return mixed array 'variable name' => 'data'
*/
public function getAllRegistryData()
{
$registryData['Setup'] = $this->getRegistryData();
// setup also need some core tinebase regdata
$locale = Tinebase_Core::get('locale');
$registryData['Tinebase'] = array('serviceMap' => Setup_Frontend_Http::getServiceMap(), 'timeZone' => Setup_Core::get('userTimeZone'), 'jsonKey' => Setup_Core::get('jsonKey'), 'locale' => array('locale' => $locale->toString(), 'language' => Zend_Locale::getTranslation($locale->getLanguage(), 'language', $locale), 'region' => Zend_Locale::getTranslation($locale->getRegion(), 'country', $locale)), 'version' => array('buildType' => TINE20_BUILDTYPE, 'codeName' => TINE20SETUP_CODENAME, 'packageString' => TINE20SETUP_PACKAGESTRING, 'releaseTime' => TINE20SETUP_RELEASETIME), 'changepw' => FALSE);
return $registryData;
}
/**
* update to 0.28
* - repair db charset for users with non default utf8 client charset
*/
public function update_27()
{
$config = Setup_Core::get(Setup_Core::CONFIG);
$tableprefix = $config->database->tableprefix;
// have a second db connection with default charset
$orgDb = Zend_Db::factory('Pdo_Mysql', $config->database->toArray());
// fix for signed / unsigned problem
$declaration = new Setup_Backend_Schema_Field_Xml('
<field>
<name>id</name>
<type>integer</type>
<autoincrement>true</autoincrement>
</field>
');
$this->_backend->alterCol('addressbook', $declaration);
/** addressbook: store image in separate table **/
$tableDefinition = '
<table>
<name>addressbook_image</name>
<version>1</version>
<declaration>
<field>
<name>contact_id</name>
<type>integer</type>
<notnull>true</notnull>
</field>
<field>
<name>image</name>
<type>blob</type>
</field>
<index>
<name>contact_id</name>
<primary>true</primary>
<field>
<name>contact_id</name>
</field>
</index>
<index>
<name>addressbook_image::contact_id-addressbook::id</name>
<field>
<name>contact_id</name>
</field>
<foreign>true</foreign>
<reference>
<table>addressbook</table>
<field>id</field>
<ondelete>CASCADE</ondelete>
</reference>
</index>
</declaration>
</table>
';
$table = Setup_Backend_Schema_Table_Factory::factory('String', $tableDefinition);
$this->_backend->createTable($table);
$select = $orgDb->select()->from("{$tableprefix}addressbook", array('id'))->where($orgDb->quoteIdentifier('jpegphoto') . " IS NOT NULL");
$contactIds = $orgDb->fetchAll($select);
foreach ($contactIds as $contactId) {
$contactId = $contactId['id'];
$select = $orgDb->select()->from("{$tableprefix}addressbook", array('id', 'jpegphoto'))->where($orgDb->quoteInto($orgDb->quoteIdentifier('id') . ' = ?', $contactId));
$imageData = $orgDb->fetchRow($select);
$orgDb->insert("{$tableprefix}addressbook_image", array('contact_id' => $imageData['id'], 'image' => base64_encode($imageData['jpegphoto'])));
}
$this->_backend->dropCol('addressbook', 'jpegphoto');
/** convert serialized object into json objects **/
$select = $orgDb->select()->from("{$tableprefix}filter", array('id', 'filters'));
$filters = $orgDb->fetchAll($select);
foreach ($filters as $filter) {
$filterObject = unserialize($filter['filters']);
$orgDb->update("{$tableprefix}filter", array('filters' => Zend_Json::encode($filterObject)), $orgDb->quoteInto($orgDb->quoteIdentifier('id') . ' = ?', $filter['id']));
}
/** convert db contenets for installations which had a clientcharset != utf8 **/
$originalCharset = Tinebase_Helper::array_value('Value', Tinebase_Helper::array_value(0, $orgDb->query("SHOW VARIABLES LIKE 'character_set_client'")->fetchAll()));
if (strtolower($originalCharset) != 'utf8') {
$this->_db->query("SET FOREIGN_KEY_CHECKS=0");
$orgDb->query("SET FOREIGN_KEY_CHECKS=0");
// build the list of tables to convert
$tables = array();
$rawTables = $this->_db->query("SHOW TABLES")->fetchAll();
foreach ($rawTables as $rawTable) {
$tableName = array_values($rawTable);
$tableName = $tableName[0];
if (preg_match("/^{$tableprefix}/", $tableName) && $tableName != "{$tableprefix}addressbook_image") {
$tables[] = $tableName;
}
}
// the actual charset conversion is done by the db.
foreach ($tables as $tableName) {
Setup_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' Converting table ' . $tableName);
//$this->_db->query("SET character_set_client = '$originalCharset'");
$select = $orgDb->select()->from($tableName);
$result = $orgDb->fetchAll($select);
$orgDb->query("TRUNCATE TABLE " . $this->_db->quoteIdentifier($tableName));
//$this->_db->query("SET character_set_client = 'utf8'");
foreach ($result as $row) {
try {
$this->_db->insert($tableName, $row);
} catch (Zend_Db_Statement_Exception $zdse) {
Setup_Core::getLogger()->warn(__METHOD__ . '::' . __LINE__ . ' ' . $zdse->getMessage());
// try to convert strings if failure
if (preg_match('/(description|title|note|old_value|org_name|adr_one_street)/', $zdse->getMessage(), $match)) {
$field = $match[1];
Setup_Core::getLogger()->warn(__METHOD__ . '::' . __LINE__ . ' Converting field ' . $field . (isset($row['id']) || array_key_exists('id', $row) ? ' of record ' . $row['id'] : ''));
$row[$field] = utf8_encode($row[$field]);
$this->_db->insert($tableName, $row);
} else {
Setup_Core::getLogger()->warn(__METHOD__ . '::' . __LINE__ . ' Could not convert field');
throw $zdse;
}
}
}
}
$this->_db->query("SET FOREIGN_KEY_CHECKS=1");
}
$orgDb->closeConnection();
$this->setApplicationVersion('Tinebase', '0.28');
}
/**
* Returns registry data of all applications current user has access to
* @see Tinebase_Application_Json_Abstract
*
* @return mixed array 'variable name' => 'data'
*
* TODO DRY: most of this already is part of Tinebase_Frontend_Json::_getAnonymousRegistryData
*/
public function getAllRegistryData()
{
$registryData['Setup'] = $this->getRegistryData();
// setup also need some core tinebase regdata
$locale = Tinebase_Core::get('locale');
$registryData['Tinebase'] = array('serviceMap' => Setup_Frontend_Http::getServiceMap(), 'timeZone' => Setup_Core::getUserTimezone(), 'jsonKey' => Setup_Core::get('jsonKey'), 'locale' => array('locale' => $locale->toString(), 'language' => Zend_Locale::getTranslation($locale->getLanguage(), 'language', $locale), 'region' => Zend_Locale::getTranslation($locale->getRegion(), 'country', $locale)), 'version' => array('buildType' => TINE20_BUILDTYPE, 'codeName' => TINE20SETUP_CODENAME, 'packageString' => TINE20SETUP_PACKAGESTRING, 'releaseTime' => TINE20SETUP_RELEASETIME), 'maxFileUploadSize' => Tinebase_Helper::convertToBytes(ini_get('upload_max_filesize')), 'maxPostSize' => Tinebase_Helper::convertToBytes(ini_get('post_max_size')));
return $registryData;
}
