public function checkAnswer(\Phalcon\Http\Request $request)
{
if ($request->getPost('recaptcha_challenge_field') && $request->getPost('recaptcha_response_field')) {
$this->response = recaptcha_check_answer($this->privateKey, $request->getClientAddress(), $request->getPost('recaptcha_challenge_field'), $request->getPost('recaptcha_response_field'));
} else {
$this->error = 'This field could not be empty';
}
return $this->isValid();
}
private function composeCheckData()
{
$data = array();
if ($this->method == \core\RuleBase::$methodPost) {
$data = $this->request->getPost();
} else {
$data = $this->request->getQuery();
}
$this->formData = $data;
}
/**
* 初始化所有请求参数
*/
protected static function initParam()
{
if (self::$request === null) {
self::$request = new Request();
}
self::$all_param = self::$request->get();
if (isset(self::$all_param['__QP_url'])) {
unset(self::$all_param['__QP_url']);
}
self::$post_param = self::$request->getPost();
self::$non_post_param = array_diff(self::$all_param, self::$post_param);
}
public function setupAction()
{
$request = new Request();
if ($request->isPost()) {
$password = $request->getPost('password');
$userType = $request->getPost('userType');
$user = Users::findFirst("type = '" . $userType . "'");
if (!$user) {
$user = new Users();
$user->setType($userType);
}
$user->setPass($this->security->hash($password));
$user->save();
}
}
public function messageInformationAction()
{
$request = new Request();
if ($request->isPost() && $this->security->checkToken($this->request->getPost('value'), $this->request->getPost('key'))) {
$values = array("name" => $request->getPost('name'), "lastname" => $request->getPost('lastname'), "secondname" => $request->getPost('secondname'), "studies" => $request->getPost('studies'), "email" => $request->getPost('email'), "phone" => $request->getPost('phone'), "activity" => $request->getPost('activity'), "subject" => $request->getPost('subject'), "message" => $request->getPost('message'));
if ($this->SendEmailAccount($values)) {
$this->response(array("code" => 200, "message" => "ok"), 200);
} else {
$this->response(array("code" => 404, "message" => "data-error"), 200);
}
} else {
$this->response(array("message" => "Error try again", "code" => "404"), 404);
}
}
public function updateAction()
{
$auth = $this->auth();
$request = new Request();
$cid = $request->getPost("cid");
if ($request->isPost() && $request->isAjax() && $auth && $cid && $this->security->checkToken($this->request->getPost('value'), $this->request->getPost('key'))) {
$course = CdCourses::findFirst($cid);
$course->setName($request->getPost("name"))->setPermalink($request->getPost("permalink"))->setImage($request->getPost("image"))->setDescription($request->getPost("description"))->setObjective($request->getPost("objective"))->setDirected($request->getPost("directed"))->setContent($request->getPost("content"))->setCgid($request->getPost("category"))->setStatus($request->getPost("status"))->setUidUpdate($auth['uid']);
$token = $this->token();
if ($course->update()) {
$this->response(array("message" => "SUCCESS", "code" => "200", "token" => array("key" => $token['key'], "value" => $token["value"])), 200);
} else {
$this->response(array("message" => "Error, try again", "code" => "300", "token" => array("key" => $token['key'], "value" => $token["value"])), 200);
}
} else {
$this->response(array("message" => "error"), 404);
}
}
public function getPost($name = null, $filters = null, $defaultValue = null)
{
if ($this->isJson()) {
$post = $this->getJsonRawBody();
if ($name) {
return isset($post[$name]) ? $post[$name] : null;
}
return $post;
}
return parent::getPost($name, $filters, $defaultValue);
}
public function addToExitedList(Lists $list, Request $request)
{
$data = $request->getPost();
$listable = new Listables();
$listable->list_id = $list->id;
$listable->user_id = $this->getDI()->getShared('session')->get('auth')['id'];
//后面需要替换成登录用户id
$listable->listable_type = get_class($this);
$listable->listable_id = $this->id;
if (isset($data['comment'])) {
$listable->comment = $data['comment'];
}
$listable->save();
}
public function updateAction()
{
$request = new Request();
if ($request->isPost()) {
$donations = Donations::find();
$validIds = $request->getPost();
foreach ($donations as $donation) {
if (in_array($donation->getId(), $validIds)) {
$donation->setVerified(1);
} else {
$donation->setVerified(0);
}
$donation->save();
}
}
$this->dispatcher->forward(array('controller' => 'admin', 'action' => 'index'));
}
/**
* Get the body of a POST with multipart/form-data by Edison tsai on 16:52 2010/09/16
*
* Used for fetching the post parameters and to calculate the body signature.
*
* @return string null when no body present (or wrong content type for body)
*/
public function getRequestBodyOfMultipart()
{
$body = null;
$requestMethod = $this->request->getMethod();
if ($requestMethod == 'POST' || $requestMethod == 'PUT') {
$body = '';
$requestData = $requestMethod == 'PUT' ? $this->request->getPut() : $this->request->getPost();
foreach ($requestData as $k => $v) {
$body .= $this->encodeUrlParam($k, $v);
}
#end foreach
if (substr($body, -1) == '&') {
$body = substr($body, 0, strlen($body) - 1);
}
#end if
}
#end if
return $body;
}
/**
* extend to hook up possible case conversion
*
* @param string $name
* @param string $filters
* @param string $defaultValue
* @return object
*/
public function getPost($name = null, $filters = null, $defaultValue = null)
{
// perform parent function
$request = parent::getPost($name, $filters, $defaultValue);
// special handling for array requests, for individual inputs return what is request
if (is_array($request) and $this->defaultCaseFormat != false) {
return $this->convertCase($request);
} else {
return $request;
}
}
public function passThrouthMiddleWares(Request $request, Response $response, Dispatcher $dispatcher)
{
$route = $this->getMatchedRoute();
if (null == $route) {
$r = $this->getDI()->get('router');
$r->handle($request->getURI());
$route = $r->getMatchedRoute();
//为什么搜索“装备”会出现找不到路由的问题?估计与字符处理有关系
if (null == $route) {
die('url地址无效,找不到对应的路由设置!');
}
}
$pattern = $route->getPattern();
//对每个路由都进行验证的中间件! @todo 如果是get方式的话,目标对象如何获取呢?当前用户是否拥有该资源?
foreach ($this->middlewaresForEveryRoute as $validator) {
$data = null;
if (preg_match('|.*:.*|', $validator)) {
//此处设置了可以带中间件参数
list($validator, $data) = explode(':', $validator);
$data = $dispatcher->getParam($data);
}
/** @var myValidation $validator */
$validator = new $validator();
if (!in_array($route->getName(), $validator->excludedRoutes) and !$validator->isValid($data)) {
$url = $validator->getRedirectedUrl();
// dd($url);
$response->redirect($url, true);
return false;
}
}
//@todo 如果是get方式的如何过滤呢?应该如何设置才是正常的呢?例如get方式的search的过滤,单独处理?也许吧?
if ($this->hasMatchedMiddleWares($pattern) and $request->isPost()) {
$middleWares = $this->getMiddleWares($pattern);
foreach ($middleWares as $validator) {
$data = $request->getPost();
// dd($validator);
if (preg_match('|[^:]+:[^:]+|', $validator)) {
list($validator, $data) = explode(':', $validator);
$data = $dispatcher->getParam($data);
}
if (preg_match('|.*Rules$|', $validator)) {
$rules = new $validator();
$validator = (new myValidation())->take($rules);
} else {
$validator = new $validator();
}
if (!$validator->isValid($data)) {
$url = $validator->getRedirectedUrl();
// dd($url);
$response->redirect($url, true);
return false;
}
}
}
return true;
}
/**
* @param \Phalcon\Http\Request $request
* @return array All request params (GET, POST, PUT, RawJsonBody)
*/
public static function getMergeParams(Request $request)
{
$jsonRawBody = (array) $request->getJsonRawBody(true);
$params = array_merge((array) $request->get(), (array) $request->getPost(), (array) $request->getPut(), $jsonRawBody);
return self::convertDate($params, $request->getDI());
}
/**
* post
* @param string $name
* @param mixed $defaultVal
* @return mixed|void
*/
public function post($name = null, $defaultVal = null)
{
$request = new Request();
return $request->getPost($name, $defaultVal);
}
/**
* I fetch a value from pathparams and request
* @todo wrap pathparams and request in a composite
* @param $pathParams
* @param Request $Request
* @return bool
* @throws \Exception
*/
public function fetch($pathParams, Request $Request)
{
$this->value = null;
$this->_hasFetched = false;
$filters = [];
$name = $this->_data->name;
switch ($this->_data->in) {
case 'path':
if (array_key_exists($name, $pathParams)) {
$this->_hasFetched = true;
$this->setValue($pathParams[$name]);
}
break;
case 'query':
$this->_hasFetched = $Request->hasQuery($name);
$this->setValue($Request->getQuery($name, $filters, null));
break;
case 'header':
// this syntax won't work... yet???
//$value = $Request->getHeader($name, $filters, null);
$nameWithHttpPrefix = strtoupper(str_replace('-', '_', $name));
if ($Request->hasServer($name) || $Request->hasServer($nameWithHttpPrefix)) {
$this->setValue($Request->getHeader($name));
$this->_hasFetched = true;
}
break;
case 'formData':
switch (strtolower($Request->getMethod())) {
case 'post':
if ($Request->hasPost($name)) {
$this->_hasFetched = true;
$this->setValue($Request->getPost($name, $filters, null));
}
break;
case 'put':
if ($Request->hasPut($name)) {
$this->_hasFetched = true;
$this->setValue($Request->getPut($name, $filters, null));
}
break;
// parameters on delete request not supported yet
// parameters on delete request not supported yet
case 'delete':
default:
throw new \Exception('TBI: ' . $Request->getMethod());
}
break;
case 'body':
throw new \Exception('TBI');
break;
default:
throw new \Exception('invalid or not implemented "in" value: ' . $this->_data->in);
}
return $this->_hasFetched;
}
public function updateUserAction()
{
$request = new Request();
$auth = $this->auth();
if ($request->isAjax() && $request->isPost() && $auth && $this->security->checkToken($this->request->getPost('value'), $this->request->getPost('key'))) {
$uid = $request->getPost("uid");
$user = new CdUser();
$find = $user->findFirst($uid);
$usnm = str_replace(" ", "-", $request->getPost("username"));
$status = $request->getPost("status");
$find->setName($request->getPost("name"))->setLastName($request->getPost("last_name"))->setSecondName($request->getPost("second_name"))->setSex($request->getPost("sex"))->setPhone($request->getPost("phone"))->setUsername($usnm)->setEmail($request->getPost("email"))->setRol($request->getPost('rol') == null ? $auth['rol'] : $request->getPost('rol'))->setStatus(empty($status) ? 'ACTIVE' : $request->getPost("status"));
$token = $this->token();
if ($find->update()) {
$this->response(array("message" => "SUCCESS", "code" => 200, "redirect" => $request->getPost('redirect'), "token" => $token), 200);
} else {
$this->response(array("message" => "try again", "code" => 404, "token" => $token), 200);
}
} else {
$this->response(array("message" => "error", "code" => 404), 404);
exit;
}
}
/**
* Reads the parameters passed to the script, and selects the authorization key ULogin
*
* @return bool|mixed
*/
public function getToken()
{
$request = new Request();
if ($request->isPost() === true) {
$this->token = $request->getPost('token', null, false);
} else {
$this->token = $request->getQuery('token', null, false);
}
return $this->token;
}
public function validatePostRequest(Request $request)
{
if (!$request->isPost()) {
throw new ApplicationException('Invalid method');
}
if (!$this->isValid($request->getPost())) {
throw new ApplicationException($this->getMessages());
}
}
public function saveAction()
{
$auth = $this->auth();
$request = new Request();
if ($request->isPost() && $request->isAjax() && $auth && $this->security->checkToken($this->request->getPost('value'), $this->request->getPost('key'))) {
$course = new CdInstructor();
$date = $this->getFormatDate($request->getPost("beginning"));
$course->setName($request->getPost("name"))->setLastname($request->getPost("last_name"))->setSecondname($request->getPost("second_name"))->setImage($request->getPost("image"))->setCurriculum($request->getPost("curriculum"))->setSex($request->getPost("sex"))->setTitle($request->getPost("title"))->setDescription($request->getPost("description"))->setBeginning($date)->setJurisdiction($request->getPost("jurisdiction"))->setStatus($request->getPost("status"))->setDateCreation(date('Y-m-d H:i:s'));
$token = $this->token();
if ($course->save()) {
$this->response(array("message" => "SUCCESS", "code" => "200", "token" => array("key" => $token['key'], "value" => $token["value"])), 200);
} else {
/*foreach ($course->getMessages() as $message) {
$this->flash->error((string) $message);}*/
$this->response(array("message" => "Error, try again", "code" => "300", "token" => array("key" => $token['key'], "value" => $token["value"])), 200);
}
} else {
$this->response(array("message" => "error"), 404);
}
}
public function addTagAction(Request $request, Movies $movie)
{
$data = $request->getPost();
$movie->addTag(trim($data['tagName']), $this->auth);
return $this->redirectByRoute(['for' => 'movies.showTags', 'movie' => $movie->id]);
}
public function passThrouthMiddleWares(Request $request, Response $response, Dispatcher $dispatcher)
{
$route = $this->getMatchedRoute();
if (null == $route) {
die('url is invalid, their is no matched route for this url!');
}
$pattern = $route->getPattern();
//对每个路由都进行验证的中间件! @todo 如果是get方式的话,目标对象如何获取呢?当前用户是否拥有该资源?
foreach ($this->middlewaresForEveryRoute as $validator) {
$data = null;
if (preg_match('|.*:.*|', $validator)) {
//此处设置了可以带中间件参数
list($validator, $data) = explode(':', $validator);
$data = $dispatcher->getParam($data);
}
$validator = new $validator();
if (!in_array($route->getName(), $validator->excludedRoutes) and !$validator->isValid($data)) {
$url = $validator->getRedirectedUrl();
// dd($url);
$response->redirect($url, true);
return false;
}
}
//@todo 如果是get方式的如何过滤呢?应该如何设置才是正常的呢?例如get方式的search的过滤,单独处理?也许吧?
if ($this->hasMatchedMiddleWares($pattern) and $request->isPost()) {
$middleWares = $this->getMiddleWares($pattern);
foreach ($middleWares as $validator) {
$data = $request->getPost();
// dd($validator);
if (preg_match('|.*:.*|', $validator)) {
list($validator, $data) = explode(':', $validator);
$data = $dispatcher->getParam($data);
}
$validator = new $validator();
if (!$validator->isValid($data)) {
$url = $validator->getRedirectedUrl();
// dd($url);
$response->redirect($url, true);
return false;
}
}
}
return true;
}
public function getPost($name = null, $filters = null, $defaultValue = null, $notAllowEmpty = false, $noRecursive = false)
{
return parent::getPost($name, $filters, $defaultValue, $notAllowEmpty, $noRecursive);
}
