/**
* Process the querystring
*
* @return void
*/
private function processQueryString()
{
// store the querystring local, so we don't alter it.
$queryString = $this->getQueryString();
// fix GET-parameters
$getChunks = explode('?', $queryString);
// are there GET-parameters
if (isset($getChunks[1])) {
// get key-value pairs
$get = explode('&', $getChunks[1]);
// remove from querystring
$queryString = str_replace('?' . $getChunks[1], '', $this->getQueryString());
// loop pairs
foreach ($get as $getItem) {
// get key and value
$getChunks = explode('=', $getItem, 2);
// key available?
if (isset($getChunks[0])) {
// reset in $_GET
$_GET[$getChunks[0]] = isset($getChunks[1]) ? (string) $getChunks[1] : '';
// add into parameters
if (isset($getChunks[1])) {
$this->parameters[(string) $getChunks[0]] = (string) $getChunks[1];
}
}
}
}
// split into chunks
$chunks = (array) explode('/', $queryString);
// single language
if (!SITE_MULTILANGUAGE) {
// set language id
$language = FrontendModel::getModuleSetting('core', 'default_language', SITE_DEFAULT_LANGUAGE);
} else {
// default value
$mustRedirect = false;
// get possible languages
$possibleLanguages = (array) FrontendLanguage::getActiveLanguages();
$redirectLanguages = (array) FrontendLanguage::getRedirectLanguages();
// the language is present in the URL
if (isset($chunks[0]) && in_array($chunks[0], $possibleLanguages)) {
// define language
$language = (string) $chunks[0];
// try to set a cookie with the language
try {
// set cookie
SpoonCookie::set('frontend_language', $language, 7 * 24 * 60 * 60, '/', '.' . $this->getDomain());
} catch (SpoonCookieException $e) {
// settings cookies isn't allowed, because this isn't a real problem we ignore the exception
}
// set sessions
SpoonSession::set('frontend_language', $language);
// remove the language part
array_shift($chunks);
} elseif (SpoonCookie::exists('frontend_language') && in_array(SpoonCookie::get('frontend_language'), $redirectLanguages)) {
// set languageId
$language = (string) SpoonCookie::get('frontend_language');
// redirect is needed
$mustRedirect = true;
} else {
// set languageId & abbreviation
$language = FrontendLanguage::getBrowserLanguage();
// try to set a cookie with the language
try {
// set cookie
SpoonCookie::set('frontend_language', $language, 7 * 24 * 60 * 60, '/', '.' . $this->getDomain());
} catch (SpoonCookieException $e) {
// settings cookies isn't allowed, because this isn't a real problem we ignore the exception
}
// redirect is needed
$mustRedirect = true;
}
// redirect is required
if ($mustRedirect) {
// build URL
$URL = rtrim('/' . $language . '/' . $this->getQueryString(), '/');
// set header & redirect
SpoonHTTP::redirect($URL, 301);
}
}
// define the language
define('FRONTEND_LANGUAGE', $language);
// sets the localefile
FrontendLanguage::setLocale($language);
// list of pageIds & their full URL
$keys = FrontendNavigation::getKeys();
// full URL
$URL = implode('/', $chunks);
$startURL = $URL;
// loop until we find the URL in the list of pages
while (!in_array($URL, $keys)) {
// remove the last chunk
array_pop($chunks);
// redefine the URL
$URL = implode('/', $chunks);
}
// remove language from querystring
if (SITE_MULTILANGUAGE) {
$queryString = trim(substr($queryString, strlen($language)), '/');
}
// if it's the homepage AND parameters were given (not allowed!)
if ($URL == '' && $queryString != '') {
// get 404 URL
$URL = FrontendNavigation::getURL(404);
// remove language
if (SITE_MULTILANGUAGE) {
$URL = str_replace('/' . $language, '', $URL);
}
}
// set pages
$URL = trim($URL, '/');
// currently not in the homepage
if ($URL != '') {
// explode in pages
$pages = explode('/', $URL);
// reset pages
$this->setPages($pages);
// reset parameters
$this->setParameters(array());
}
// set parameters
$parameters = trim(substr($startURL, strlen($URL)), '/');
// has at least one parameter
if ($parameters != '') {
// parameters will be separated by /
$parameters = explode('/', $parameters);
// set parameters
$this->setParameters($parameters);
}
// pageId, parentId & depth
$pageId = FrontendNavigation::getPageId(implode('/', $this->getPages()));
$pageInfo = FrontendNavigation::getPageInfo($pageId);
// invalid page, or parameters but no extra
if ($pageInfo === false || !empty($parameters) && !$pageInfo['has_extra']) {
// get 404 URL
$URL = FrontendNavigation::getURL(404);
// remove language
if (SITE_MULTILANGUAGE) {
$URL = trim(str_replace('/' . $language, '', $URL), '/');
}
// currently not in the homepage
if ($URL != '') {
// explode in pages
$pages = explode('/', $URL);
// reset pages
$this->setPages($pages);
// reset parameters
$this->setParameters(array());
}
}
// is this an internal redirect?
if (isset($pageInfo['redirect_page_id']) && $pageInfo['redirect_page_id'] != '') {
// get url for item
$newPageURL = FrontendNavigation::getURL((int) $pageInfo['redirect_page_id']);
$errorURL = FrontendNavigation::getURL(404);
// not an error?
if ($newPageURL != $errorURL) {
// redirect
SpoonHTTP::redirect($newPageURL, $pageInfo['redirect_code']);
}
}
// is this an external redirect?
if (isset($pageInfo['redirect_url']) && $pageInfo['redirect_url'] != '') {
// redirect
SpoonHTTP::redirect($pageInfo['redirect_url'], $pageInfo['redirect_code']);
}
}
/**
* Validate the form
*/
private function validateForm()
{
// get settings
$commentsAllowed = isset($this->settings['allow_comments']) && $this->settings['allow_comments'];
// comments aren't allowed so we don't have to validate
if (!$commentsAllowed) {
return false;
}
// is the form submitted
if ($this->frm->isSubmitted()) {
// cleanup the submitted fields, ignore fields that were added by hackers
$this->frm->cleanupFields();
// does the key exists?
if (SpoonSession::exists('blog_comment_' . $this->record['id'])) {
// calculate difference
$diff = time() - (int) SpoonSession::get('blog_comment_' . $this->record['id']);
// calculate difference, it it isn't 10 seconds the we tell the user to slow down
if ($diff < 10 && $diff != 0) {
$this->frm->getField('message')->addError(FL::err('CommentTimeout'));
}
}
// validate required fields
$this->frm->getField('author')->isFilled(FL::err('AuthorIsRequired'));
$this->frm->getField('email')->isEmail(FL::err('EmailIsRequired'));
$this->frm->getField('message')->isFilled(FL::err('MessageIsRequired'));
// validate optional fields
if ($this->frm->getField('website')->isFilled() && $this->frm->getField('website')->getValue() != 'http://') {
$this->frm->getField('website')->isURL(FL::err('InvalidURL'));
}
// no errors?
if ($this->frm->isCorrect()) {
// get module setting
$spamFilterEnabled = isset($this->settings['spamfilter']) && $this->settings['spamfilter'];
$moderationEnabled = isset($this->settings['moderation']) && $this->settings['moderation'];
// reformat data
$author = $this->frm->getField('author')->getValue();
$email = $this->frm->getField('email')->getValue();
$website = $this->frm->getField('website')->getValue();
if (trim($website) == '' || $website == 'http://') {
$website = null;
}
$text = $this->frm->getField('message')->getValue();
// build array
$comment['post_id'] = $this->record['id'];
$comment['language'] = FRONTEND_LANGUAGE;
$comment['created_on'] = FrontendModel::getUTCDate();
$comment['author'] = $author;
$comment['email'] = $email;
$comment['website'] = $website;
$comment['text'] = $text;
$comment['status'] = 'published';
$comment['data'] = serialize(array('server' => $_SERVER));
// get URL for article
$permaLink = FrontendNavigation::getURLForBlock('blog', 'detail') . '/' . $this->record['url'];
$redirectLink = $permaLink;
// is moderation enabled
if ($moderationEnabled) {
// if the commenter isn't moderated before alter the comment status so it will appear in the moderation queue
if (!FrontendBlogModel::isModerated($author, $email)) {
$comment['status'] = 'moderation';
}
}
// should we check if the item is spam
if ($spamFilterEnabled) {
// check for spam
$result = FrontendModel::isSpam($text, SITE_URL . $permaLink, $author, $email, $website);
// if the comment is spam alter the comment status so it will appear in the spam queue
if ($result) {
$comment['status'] = 'spam';
} elseif ($result == 'unknown') {
$comment['status'] = 'moderation';
}
}
// insert comment
$comment['id'] = FrontendBlogModel::insertComment($comment);
// trigger event
FrontendModel::triggerEvent('blog', 'after_add_comment', array('comment' => $comment));
// append a parameter to the URL so we can show moderation
if (strpos($redirectLink, '?') === false) {
if ($comment['status'] == 'moderation') {
$redirectLink .= '?comment=moderation#' . FL::act('Comment');
}
if ($comment['status'] == 'spam') {
$redirectLink .= '?comment=spam#' . FL::act('Comment');
}
if ($comment['status'] == 'published') {
$redirectLink .= '?comment=true#comment-' . $comment['id'];
}
} else {
if ($comment['status'] == 'moderation') {
$redirectLink .= '&comment=moderation#' . FL::act('Comment');
}
if ($comment['status'] == 'spam') {
$redirectLink .= '&comment=spam#' . FL::act('Comment');
}
if ($comment['status'] == 'published') {
$redirectLink .= '&comment=true#comment-' . $comment['id'];
}
}
// set title
$comment['post_title'] = $this->record['title'];
$comment['post_url'] = $this->record['url'];
// notify the admin
FrontendBlogModel::notifyAdmin($comment);
// store timestamp in session so we can block excesive usage
SpoonSession::set('blog_comment_' . $this->record['id'], time());
// store author-data in cookies
try {
SpoonCookie::set('comment_author', $author, 30 * 24 * 60 * 60, '/', '.' . $this->URL->getDomain());
SpoonCookie::set('comment_email', $email, 30 * 24 * 60 * 60, '/', '.' . $this->URL->getDomain());
SpoonCookie::set('comment_website', $website, 30 * 24 * 60 * 60, '/', '.' . $this->URL->getDomain());
} catch (Exception $e) {
// settings cookies isn't allowed, but because this isn't a real problem we ignore the exception
}
// redirect
$this->redirect($redirectLink);
}
}
}
public function testGet()
{
$this->assertFalse(SpoonCookie::get('why_does_my_neck_hurt'));
}
/**
* Logout a profile.
*
* @return void
*/
public static function logout()
{
// delete session records
FrontendModel::getDB(true)->delete('profiles_sessions', 'session_id = ?', array(SpoonSession::getSessionId()));
// set is_logged_in to false
SpoonSession::set('frontend_profile_logged_in', false);
// delete cookie
SpoonCookie::delete('frontend_profile_secret_key');
}
/**
* Process the querystring
*
* @return void
*/
private function processQueryString()
{
// store the querystring local, so we don't alter it.
$queryString = $this->getQueryString();
// find the position of ? (which seperates real URL and GET-parameters)
$positionQuestionMark = strpos($queryString, '?');
// remove the GET-chunk from the parameters
$processedQueryString = $positionQuestionMark === false ? $queryString : substr($queryString, 0, $positionQuestionMark);
// split into chunks, a Backend URL will always look like /<lang>/<module>/<action>(?GET)
$chunks = (array) explode('/', trim($processedQueryString, '/'));
// check if this is a request for a JS-file
$isJS = isset($chunks[1]) && $chunks[1] == 'js.php';
// check if this is a request for a AJAX-file
$isAJAX = isset($chunks[1]) && $chunks[1] == 'ajax.php';
// get the language, this will always be in front
$language = isset($chunks[1]) && $chunks[1] != '' ? SpoonFilter::getValue($chunks[1], array_keys(BackendLanguage::getWorkingLanguages()), '') : '';
// no language provided?
if ($language == '' && !$isJS && !$isAJAX) {
// remove first element
array_shift($chunks);
// redirect to login
SpoonHTTP::redirect('/' . NAMED_APPLICATION . '/' . SITE_DEFAULT_LANGUAGE . '/' . implode('/', $chunks));
}
// get the module, null will be the default
$module = isset($chunks[2]) && $chunks[2] != '' ? $chunks[2] : 'dashboard';
// get the requested action, if it is passed
if (isset($chunks[3]) && $chunks[3] != '') {
$action = $chunks[3];
} elseif (!$isJS && !$isAJAX) {
// build path to the module and define it. This is a constant because we can use this in templates.
if (!defined('BACKEND_MODULE_PATH')) {
define('BACKEND_MODULE_PATH', BACKEND_MODULES_PATH . '/' . $module);
}
// check if the config is present? If it isn't present there is a huge problem, so we will stop our code by throwing an error
if (!SpoonFile::exists(BACKEND_MODULE_PATH . '/config.php')) {
throw new BackendException('The configfile for the module (' . $module . ') can\'t be found.');
}
// build config-object-name
$configClassName = 'Backend' . SpoonFilter::toCamelCase($module . '_config');
// require the config file, we validated before for existence.
require_once BACKEND_MODULE_PATH . '/config.php';
// validate if class exists (aka has correct name)
if (!class_exists($configClassName)) {
throw new BackendException('The config file is present, but the classname should be: ' . $configClassName . '.');
}
// create config-object, the constructor will do some magic
$config = new $configClassName($module);
// set action
$action = $config->getDefaultAction() !== null ? $config->getDefaultAction() : 'index';
}
// if it is an request for a JS-file or an AJAX-file we only need the module
if ($isJS || $isAJAX) {
// set the working language, this is not the interface language
BackendLanguage::setWorkingLanguage(SpoonFilter::getGetValue('language', null, SITE_DEFAULT_LANGUAGE));
// set current module
$this->setModule(SpoonFilter::getGetValue('module', null, null));
// set action
$this->setAction('index');
} else {
// the person isn't logged in? or the module doesn't require authentication
if (!BackendAuthentication::isLoggedIn() && !BackendAuthentication::isAllowedModule($module)) {
// redirect to login
SpoonHTTP::redirect('/' . NAMED_APPLICATION . '/' . $language . '/authentication/?querystring=' . urlencode('/' . $this->getQueryString()));
} else {
// does our user has access to this module?
if (!BackendAuthentication::isAllowedModule($module)) {
// the user doesn't have access, redirect to error page
SpoonHTTP::redirect('/' . NAMED_APPLICATION . '/' . $language . '/error?type=module-not-allowed&querystring=' . urlencode('/' . $this->getQueryString()));
} else {
// can our user execute the requested action?
if (!BackendAuthentication::isAllowedAction($action, $module)) {
// the user hasn't access, redirect to error page
SpoonHTTP::redirect('/' . NAMED_APPLICATION . '/' . $language . '/error?type=action-not-allowed&querystring=' . urlencode('/' . $this->getQueryString()));
} else {
// set the working language, this is not the interface language
BackendLanguage::setWorkingLanguage($language);
// is the user authenticated
if (BackendAuthentication::getUser()->isAuthenticated()) {
// set interface language based on the user preferences
BackendLanguage::setLocale(BackendAuthentication::getUser()->getSetting('interface_language', 'nl'));
} else {
// init var
$interfaceLanguage = BackendModel::getModuleSetting('core', 'default_interface_language');
// override with cookie value if that exists
if (SpoonCookie::exists('interface_language') && in_array(SpoonCookie::get('interface_language'), array_keys(BackendLanguage::getInterfaceLanguages()))) {
// set interface language based on the perons' cookies
$interfaceLanguage = SpoonCookie::get('interface_language');
}
// set interface language
BackendLanguage::setLocale($interfaceLanguage);
}
// set current module
$this->setModule($module);
$this->setAction($action);
}
}
}
}
}
/**
* Set locale
* It will require the correct file and init the needed vars
*
* @return void
* @param string $language The language to load.
*/
public static function setLocale($language)
{
// redefine
$language = (string) $language;
// check if file exists
if (!SpoonFile::exists(BACKEND_CACHE_PATH . '/locale/' . $language . '.php')) {
// require the BackendLocaleModel
require_once BACKEND_MODULES_PATH . '/locale/engine/model.php';
// build locale file
BackendLocaleModel::buildCache($language, APPLICATION);
}
// store
self::$currentInterfaceLanguage = $language;
// attempt to set a cookie
try {
// store in cookie
SpoonCookie::set('interface_language', $language);
} catch (SpoonCookieException $e) {
// settings cookies isn't allowed, because this isn't a real problem we ignore the exception
}
// store in session for TinyMCE
SpoonSession::set('tiny_mce_language', $language);
SpoonSession::set('interface_language', $language);
// init vars
$err = array();
$lbl = array();
$msg = array();
// require file
require BACKEND_CACHE_PATH . '/locale/' . $language . '.php';
// set language specific labels
self::$err = (array) $err;
self::$lbl = (array) $lbl;
self::$msg = (array) $msg;
}
/**
* Set the locale
*/
private function setLocale()
{
$default = BackendModel::getModuleSetting('core', 'default_interface_language');
$locale = $default;
$possibleLocale = array_keys(BackendLanguage::getInterfaceLanguages());
// is the user authenticated
if (BackendAuthentication::getUser()->isAuthenticated()) {
$locale = BackendAuthentication::getUser()->getSetting('interface_language', $default);
} elseif (SpoonCookie::exists('interface_language')) {
$locale = SpoonCookie::get('interface_language');
}
// validate if the requested locale is possible
if (!in_array($locale, $possibleLocale)) {
$locale = $default;
}
BackendLanguage::setLocale($locale);
}
/**
* Set locale
* It will require the correct file and init the needed vars
*
* @param string $language The language to load.
*/
public static function setLocale($language)
{
$language = (string) $language;
// require the BackendLocaleModel
require_once BACKEND_MODULES_PATH . '/locale/engine/model.php';
// validate file, generate it if needed
if (!SpoonFile::exists(BACKEND_CACHE_PATH . '/locale/en.php')) {
BackendLocaleModel::buildCache('en', APPLICATION);
}
if (!SpoonFile::exists(BACKEND_CACHE_PATH . '/locale/' . $language . '.php')) {
BackendLocaleModel::buildCache($language, APPLICATION);
}
// store
self::$currentInterfaceLanguage = $language;
// attempt to set a cookie
try {
// store in cookie
SpoonCookie::set('interface_language', $language);
} catch (SpoonCookieException $e) {
// settings cookies isn't allowed, because this isn't a real problem we ignore the exception
}
// init vars
$err = array();
$lbl = array();
$msg = array();
// set English translations, they'll be the fallback
require BACKEND_CACHE_PATH . '/locale/en.php';
self::$err = (array) $err;
self::$lbl = (array) $lbl;
self::$msg = (array) $msg;
// overwrite with the requested language's translations
require BACKEND_CACHE_PATH . '/locale/' . $language . '.php';
foreach ($err as $module => $translations) {
if (!isset(self::$err[$module])) {
self::$err[$module] = array();
}
self::$err[$module] = array_merge(self::$err[$module], $translations);
}
foreach ($lbl as $module => $translations) {
if (!isset(self::$lbl[$module])) {
self::$lbl[$module] = array();
}
self::$lbl[$module] = array_merge(self::$lbl[$module], $translations);
}
foreach ($msg as $module => $translations) {
if (!isset(self::$msg[$module])) {
self::$msg[$module] = array();
}
self::$msg[$module] = array_merge(self::$msg[$module], $translations);
}
}
/**
* Get the visitor's id (using a tracking cookie)
*
* @return string
*/
public static function getVisitorId()
{
// check if tracking id is fetched already
if (self::$visitorId !== null) {
return self::$visitorId;
}
// get/init tracking identifier
self::$visitorId = SpoonCookie::exists('track') ? (string) SpoonCookie::get('track') : md5(uniqid() . SpoonSession::getSessionId());
// set/prolong tracking cookie
SpoonCookie::set('track', self::$visitorId, 86400 * 365);
return self::getVisitorId();
}