public function rebuild()
{
$request = $this->getPageRequest();
$view = $this->getView();
if (!\Core\user()->checkAccess('g:admin')) {
return View::ERROR_ACCESSDENIED;
}
$changes = PackageRepositoryPackageModel::RebuildPackages();
$msgs = [];
if ($changes['updated']) {
$msgs[] = 'Updated ' . $changes['updated'] . ' packages.';
}
if ($changes['skipped']) {
$msgs[] = 'Skipped ' . $changes['skipped'] . ' packages.';
}
if ($changes['failed']) {
$msgs[] = 'Ignored ' . $changes['failed'] . ' corrupt packages.';
}
\Core\set_message(implode(' ', $msgs), 'success');
\Core\go_back();
}
/**
* Set a JSON error message and optionally redirect if the page is not an ajax request.
*
* @param $code
* @param $message
* @param $redirect
*
* @return int
*/
public function sendJSONError($code, $message, $redirect){
$view = $this->getView();
$request = $this->getPageRequest();
if($request->isAjax()){
$view->mode = View::MODE_PAGEORAJAX;
$view->jsondata = ['status' => $code, 'message' => $message];
$view->error = $code;
}
else{
\Core\set_message($message, 'error');
if($redirect){
\Core\redirect($redirect);
}
else{
\Core\go_back();
}
}
}
public function blacklistip_delete()
{
$view = $this->getView();
$request = $this->getPageRequest();
$ban = new IpBlacklistModel($request->getParameter(0));
if (!$ban->exists()) {
return View::ERROR_NOTFOUND;
}
if (!$request->isPost()) {
return View::ERROR_BADREQUEST;
}
$ban->delete();
\Core\set_message('Removed ban successfully', 'success');
\Core\go_back();
}
/**
* Page to display a user interface to select the optional stylesheets.
*/
public function selectstylesheets()
{
$request = $this->getPageRequest();
$view = $this->getView();
$file = $request->getParameter('template');
$tpl = \Core\Templates\Template::Factory($file);
$stylesheets = $tpl->getOptionalStylesheets();
$form = new Form();
foreach ($stylesheets as $style) {
$model = TemplateCssModel::Construct($file, $style['src']);
if (!$model->exists() && isset($style['default']) && $style['default']) {
$model->set('enabled', 1);
}
$form->addElement('checkbox', ['title' => $style['title'], 'name' => 'stylesheets[]', 'value' => $style['src'], 'checked' => $model->get('enabled')]);
}
$form->addElement('submit', ['name' => 'submit', 'value' => 'Update Stylesheets']);
// If it was a POST... then save that and go back.
if ($request->isPost()) {
if (!isset($_POST['stylesheets'])) {
$_POST['stylesheets'] = array();
}
// Run through the stylesheets retrieved and save their setting.
foreach ($stylesheets as $style) {
$model = TemplateCssModel::Construct($file, $style['src']);
$model->set('enabled', in_array($style['src'], $_POST['stylesheets']) ? 1 : 0);
$model->save();
}
\Core\set_message('Updated optional stylesheets successfully', 'success');
\Core\go_back(1);
}
//$view->addBreadcrumb('Theme Manager', '/theme');
$view->title = 'Select Optional Stylesheets';
$view->assign('file', $file);
$view->assign('form', $form);
}
/**
* POST-only view to disable a user's password login ability.
* @return int
*/
public function disable(){
$view = $this->getView();
$request = $this->getPageRequest();
$userid = $request->getParameter(0);
$isadmin = \Core\user()->checkAccess('p:/user/users/manage'); // Current user an admin?
$isself = (\Core\user()->get('id') == $userid);
if(!($isadmin || $isself)){
return View::ERROR_ACCESSDENIED;
}
if(!$request->isPost()){
return View::ERROR_BADREQUEST;
}
/** @var UserModel $user */
$user = UserModel::Construct($userid);
if(!$user->exists()){
return View::ERROR_NOTFOUND;
}
if(sizeof($user->getEnabledAuthDrivers()) == 1){
return View::ERROR_OTHER;
}
$user->disableAuthDriver('datastore');
$user->save();
\Core\set_message('t:MESSAGE_SUCCESS_DISABLED_PASSWORD_AUTH');
\Core\go_back();
}
/**
* Function that is fired off on page load.
* This checks if a form was submitted and that form was present in the SESSION.
*
* @return null
*/
public static function CheckSavedSessionData() {
// This needs to ignore the /form/savetemporary.ajax page!
// This is a custom page that's meant to intercept all POST submissions.
if(preg_match('#^/form/(.*)\.ajax$#', REL_REQUEST_PATH)) return;
// There has to be data in the session.
$forms = \Core\Session::Get('FormData/*');
$formid = (isset($_REQUEST['___formid'])) ? $_REQUEST['___formid'] : false;
$form = false;
foreach ($forms as $k => $v) {
// If the object isn't a valid object after unserializing...
if (!($el = unserialize($v))) {
\Core\Session::UnsetKey('FormData/' . $k);
continue;
}
// Check the expires time
if ($el->get('expires') <= Time::GetCurrent()) {
\Core\Session::UnsetKey('FormData/' . $k);
continue;
}
if ($k == $formid) {
// Remember this for after all the checks have finished.
$form = $el;
}
}
// No form found... simple enough
if (!$form) return;
// Otherwise
/** @var $form Form */
// Ensure the submission types match up.
if (strtoupper($form->get('method')) != $_SERVER['REQUEST_METHOD']) {
\Core\set_message('t:MESSAGE_ERROR_FORM_SUBMISSION_TYPE_DOES_NOT_MATCH');
return;
}
// Ensure the REFERRER and original URL match up.
if($_SERVER['HTTP_REFERER'] != $form->originalurl){
// @todo This is reported to be causing issues with production sites.
// If found true, this check may need to be removed / refactored.
//\Core\set_message('Form submission referrer does not match, please try your submission again.', 'error');
SystemLogModel::LogInfoEvent(
'Form Referrer Mismatch',
'Form referrer does not match! Submitted: [' . $_SERVER['HTTP_REFERER'] . '] Expected: [' . $form->originalurl . ']'
);
//return;
}
// Run though each element submitted and try to validate it.
if (strtoupper($form->get('method')) == 'POST') $src =& $_POST;
else $src =& $_GET;
$form->loadFrom($src);
// Try to load the form from that form. That will call all of the model's validation logic
// and will throw exceptions if it doesn't.
try{
$form->getModel();
// Still good?
if (!$form->hasError()){
$status = call_user_func($form->get('callsmethod'), $form);
}
else{
$status = false;
}
}
catch(ModelValidationException $e){
\Core\set_message($e->getMessage(), 'error');
$status = false;
}
catch(GeneralValidationException $e){
\Core\set_message($e->getMessage(), 'error');
$status = false;
}
catch(Exception $e){
if(DEVELOPMENT_MODE){
// Developers get the full message
\Core\set_message($e->getMessage(), 'error');
}
else{
// While users of production-enabled sites get a friendlier message.
\Core\set_message('t:MESSAGE_ERROR_FORM_SUBMISSION_UNHANDLED_EXCEPTION');
}
Core\ErrorManagement\exception_handler($e);
$status = false;
}
// The form was submitted. Set its persistent flag to true so that whatever may be listening for it can retrieve the user's values.
$form->persistent = true;
// Regardless, bundle this form back into the session so the controller can use it if needed.
\Core\Session::Set('FormData/' . $formid, serialize($form));
// Fail statuses.
if ($status === false) return;
if ($status === null) return;
// Guess it's not false and not null... must be good then.
// @todo Handle an internal save procedure for "special" groups such as pageinsertables and what not.
// Cleanup
\Core\Session::UnsetKey('FormData/' . $formid);
if ($status === 'die'){
// If it's set to die, simply exit the script without outputting anything.
exit;
}
elseif($status === 'back'){
if($form->referrer && $form->referrer != REL_REQUEST_PATH){
// Go back to the original form's referrer.
\Core\redirect($form->referrer);
}
else{
// Use Core to guess which page to redirect back to, (not as reliable).
\Core\go_back();
}
}
elseif ($status === true){
// If the return code is boolean true, it's a reload.
\Core\reload();
}
elseif($status === REL_REQUEST_PATH || $status === CUR_CALL){
// If the page returned the same page as the current url, force a reload, (as redirect will ignore it)
\Core\reload();
}
else{
// Anything else gets sent to the redirect system.
\core\redirect($status);
}
}
/**
* Delete a simple widget.
*/
public function widget_delete(){
$view = $this->getView();
$request = $this->getPageRequest();
if(!\Core\user()->checkAccess('p:/core/widgets/manage')){
return View::ERROR_ACCESSDENIED;
}
if(!$request->isPost()){
return View::ERROR_BADREQUEST;
}
$baseurl = $request->getParameter('baseurl');
$class = substr($baseurl, 0, strpos($baseurl, '/')) . 'widget';
if(!class_exists($class)){
\Core\set_message('t:MESSAGE_ERROR_CLASS_S_NOT_AVAILABLE', $class);
\Core\go_back();
}
/** @var Widget_2_1 $obj */
$obj = new $class();
if(!($obj instanceof Widget_2_1)){
\Core\set_message('t:MESSAGE_ERROR_CLASS_S_NOT_VALID_WIDGET', $class);
\Core\go_back();
}
if(!$obj->is_simple){
\Core\set_message('t:MESSAGE_ERROR_CLASS_S_NOT_SIMPLE_WIDGET', $class);
\Core\go_back();
}
$model = new WidgetModel($baseurl);
$model->delete();
\Core\set_message('t:MESSAGE_SUCCESS_DELETED_WIDGET_S', $baseurl);
\Core\go_back();
}
/**
* Controller view to update any instance-specific options for a given template.
*
* Usually consists of just access permissions and display template, but more options could come in the future.
*/
public function instance_movedown(){
$view = $this->getView();
$request = $this->getPageRequest();
if(!\Core\user()->checkAccess('p:/core/widgets/manage')){
return View::ERROR_ACCESSDENIED;
}
$instance = WidgetInstanceModel::Construct($request->getParameter(0));
if(!$instance->exists()){
return View::ERROR_NOTFOUND;
}
if(!$request->isPost()){
return View::ERROR_BADREQUEST;
}
// Figure out which instance is this one -1.
$otherCriteria = [
'site = ' . $instance->get('site'),
'template = ' . ($instance->get('template') === null ? 'NULL' : $instance->get('template')),
'page_baseurl = ' . ($instance->get('page_baseurl') === null ? 'NULL' : $instance->get('page_baseurl')),
'widgetarea = ' . $instance->get('widgetarea'),
'weight = ' . ($instance->get('weight') + 1),
];
$other = WidgetInstanceModel::Find($otherCriteria, 1);
if(!$other){
\Core\set_message('Widget is already in the bottom position!', 'error');
}
else{
$other->set('weight', $other->get('weight') - 1);
$instance->set('weight', $instance->get('weight') + 1);
$other->save();
$instance->save();
}
\Core\go_back();
}
public function delete()
{
$view = $this->getView();
$request = $this->getPageRequest();
// This is a POST-only page.
if (!$request->isPost()) {
return View::ERROR_BADREQUEST;
}
if (!$this->setAccess('p:/content/manage_all')) {
return View::ERROR_ACCESSDENIED;
}
$m = new ContentModel($request->getParameter(0));
$link = \Core\resolve_link($m->get('baseurl'));
if (!$m->exists()) {
return View::ERROR_NOTFOUND;
}
$m->delete();
\Core\set_message('Removed ' . $m->get('nickname') . ' successfully!', 'success');
$hist = $request->getReferrer();
if ($hist == $link) {
\Core\redirect('/admin/pages');
} else {
\Core\go_back();
}
}
/**
* Delete a blog article
*/
public function article_delete()
{
$view = $this->getView();
$request = $this->getPageRequest();
$article = new BlogArticleModel($request->getParameter(0));
if (!$article->exists()) {
return View::ERROR_NOTFOUND;
}
$blog = $article->getLink('Blog');
if (!$blog->exists()) {
return View::ERROR_NOTFOUND;
}
$manager = \Core\user()->checkAccess('p:/blog/manage_all');
$editor = \Core\user()->checkAccess($blog->get('manage_articles_permission ')) || $manager;
if (!$editor) {
return View::ERROR_ACCESSDENIED;
}
if (!$request->isPost()) {
return View::ERROR_BADREQUEST;
}
$article->delete();
\Core\go_back();
}
public function delete()
{
$view = $this->getView();
$request = $this->getPageRequest();
if (!\Core\user()->checkAccess('p:/gallery/manage_all')) {
return View::ERROR_ACCESSDENIED;
}
if ($request->getParameter(0)) {
$model = new WidgetModel('/gallery/view/' . $request->getParameter(0));
} else {
$model = new WidgetModel();
}
if (!$request->isPost()) {
return View::ERROR_BADREQUEST;
}
if (!$model->exists()) {
return View::ERROR_NOTFOUND;
}
$model->delete();
\Core\go_back();
}
/**
* Permanently delete a user account and all configuration options attached.
*
* @return int
*/
public function delete(){
$view = $this->getView();
$req = $this->getPageRequest();
$id = $req->getParameter(0);
$model = UserModel::Construct($id);
if(!\Core\user()->checkAccess('p:/user/users/manage')){
return View::ERROR_ACCESSDENIED;
}
if(!$req->isPost()){
return View::ERROR_BADREQUEST;
}
// Users are now a standard model, deleting a user account will automatically propagate down the stack.
$model->delete();
\Core\set_message('Removed user successfully', 'success');
\Core\go_back();
}
