/** * @inheritdoc */ public function run($action) { $action = 'action_' . $action; $forceHyphens = $this->request->param('force_hyphens'); if (!method_exists($this, $action)) { // Try to change hyphens to underscores in action name $underscoredAction = str_replace('-', '_', $action); if (!$forceHyphens || !method_exists($this, $underscoredAction)) { throw new NotFoundException("Method {$action} doesn't exist in " . get_class($this)); } else { $action = $underscoredAction; } } $this->execute = true; $this->before(); $service = null; $isControllerLevel = true; if ($this->execute) { // Check referrer vulnerabilities $service = $this->pixie->getVulnService(); $config = $service->getConfig(); $isControllerLevel = $config->getLevel() <= 1; $actionName = $this->request->param('action'); if ($isControllerLevel) { if (!$config->has($actionName)) { $context = $config->getCurrentContext(); $context->addContext(Context::createFromData($actionName, [], $context)); } $service->goDown($actionName); // Check referrer for action level $this->vulninjection->checkReferrer(); } } if ($this->execute) { $this->{$action}(); } if ($this->execute) { $this->after(); } if ($this->execute && $isControllerLevel) { $service->goUp(); } }
/** * @inheritdoc */ public function run($action) { $actionName = $action; $action = 'action_' . $action; $forceHyphens = $this->request->param('force_hyphens'); if (!method_exists($this, $action)) { // Try to change hyphens to underscores in action name $underscoredAction = str_replace('-', '_', $action); if (!$forceHyphens || !method_exists($this, $underscoredAction)) { throw new NotFoundException("Action '{$actionName}' doesn't exist"); } else { $action = $underscoredAction; } } $this->execute = true; $this->before(); $service = $this->pixie->getVulnService(); if ($this->execute) { $service->getConfig()->getCurrentContext()->setRequest($this->request); $service->setRequest($this->request); } if ($this->execute) { $actionName = $this->request->param('action'); $service->goDown($actionName); $service->getConfig()->getCurrentContext()->setRequest($this->request); // Check referrer if (!$this instanceof Error && !$this instanceof \App\Admin\Controller\Error && !$this instanceof ErrorController) { $this->vulninjection->checkReferrer(); } } if ($this->execute) { $this->{$action}(); } if ($this->execute) { $this->after(); } if ($this->execute) { $service->goUp(); } }