/** * */ protected function removeCacheDir() { if (is_dir(TL_ROOT . '/system/cache/timelinejs')) { // Purge the folder $objFolder = new \Folder('system/cache/timelinejs'); $objFolder->purge(); $objFolder->delete(); // Add a log entry \Controller::log('Removed not used timelinejs cache directory', 'TimelineJSRunOnce run()', TL_CRON); } }
/** * Redirect to the content page when trying to access the content node. * * This fixes the edit links on the header. * * @return void */ public function redirect() { if ($this->input->get('table') === 'tl_content_node') { $model = \ContentModel::findByPk($this->input->get('id')); if (!$model) { \Controller::log(sprintf('Content node "%s" not found', $this->input->get('id')), __METHOD__, TL_ERROR); \Controller::redirect('contao/main.php?act=error'); } $nodes = $model->ptable === 'tl_content_node' ? '1' : ''; $url = \Backend::addToUrl('table=tl_content&nodes=' . $nodes); \Controller::redirect($url); } }
public function toggleVisibility($intId, $blnVisible) { $objUser = \BackendUser::getInstance(); $objDatabase = \Database::getInstance(); // Check permissions to publish if (!$objUser->isAdmin && !$objUser->hasAccess('tl_entity_cleaner::published', 'alexf')) { \Controller::log('Not enough permissions to publish/unpublish item ID "' . $intId . '"', 'tl_entity_cleaner toggleVisibility', TL_ERROR); \Controller::redirect('contao/main.php?act=error'); } $objVersions = new Versions('tl_entity_cleaner', $intId); $objVersions->initialize(); // Trigger the save_callback if (is_array($GLOBALS['TL_DCA']['tl_entity_cleaner']['fields']['published']['save_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_entity_cleaner']['fields']['published']['save_callback'] as $callback) { $this->import($callback[0]); $blnVisible = $this->{$callback}[0]->{$callback}[1]($blnVisible, $this); } } // Update the database $objDatabase->prepare("UPDATE tl_entity_cleaner SET tstamp=" . time() . ", published='" . ($blnVisible ? 1 : '') . "' WHERE id=?")->execute($intId); $objVersions->create(); \Controller::log('A new version of record "tl_entity_cleaner.id=' . $intId . '" has been created' . $this->getParentEntries('tl_entity_cleaner', $intId), 'tl_entity_cleaner toggleVisibility()', TL_GENERAL); }
/** * Toggle Subpalette * @param $id * @param $strField * @param bool $blnLoad * * @return ResponseError|ResponseSuccess */ function toggleSubpalette($id, $strField, $blnLoad = false) { if (!$this->dc->isSubmitted()) { return; } $varValue = Request::getPost($strField) ?: 0; if (!is_array($this->dca['palettes']['__selector__']) || !in_array($strField, $this->dca['palettes']['__selector__'])) { \Controller::log('Field "' . $strField . '" is not an allowed selector field (possible SQL injection attempt)', __METHOD__, TL_ERROR); return new ResponseError(); } $arrData = $this->dca['fields'][$strField]; if (!Validator::isValidOption($varValue, $arrData, $this->dc)) { \Controller::log('Field "' . $strField . '" value is not an allowed option (possible SQL injection attempt)', __METHOD__, TL_ERROR); return new ResponseError(); } if (empty(FormHelper::getFieldOptions($arrData, $this->dc))) { $varValue = intval($varValue) ? 1 : ''; } $this->dc->setSkipValidation(true); // do not validate fields $this->dc->setDoNotSubmit(true); $this->dc->activeRecord->{$strField} = $varValue; $objResponse = new ResponseSuccess(); if ($blnLoad) { $objResponse->setResult(new ResponseData($this->dc->edit(false, $id))); } return $objResponse; }
/** * Create symlink */ protected function createSymlink() { $target = TL_ROOT . '/composer/vendor/twbs/bootstrap'; $link = TL_ROOT . '/assets/bootstrap/bootstrap'; $dir = TL_ROOT . '/assets/bootstrap'; $success = false; // dir or link already exists if (is_dir($link) || is_link($link)) { return; } // create parent dir if (!is_dir($dir)) { mkdir($dir); } if (is_dir($target)) { $success = symlink($target, $link); } if (!$success) { \Controller::log("Error during creating symlink '{$target}'", __METHOD__, 'TL_ERROR'); } else { \Controller::log("Created symlink '{$target}'", __METHOD__, 'TL_INFO'); } }
public function deActivateCR() { $soap = new CleverRearchSoapHelper($this->pid); $result = $soap->setInActive($this); if ($result->status == self::$crsuccess) { \Controller::log($this->email . ' has been successfully deactivated to CleverReach for Channel ID' . $this->pid, 'Subscriber deActivateCR()', TL_NEWSLETTER); } }
/** * check if be user is logged in * * @param \BackendUser $objUser * * @return bool */ public function beUserLoggedIn($objUser) { $objUser->strIp = \Environment::get('ip'); $strCookie = 'BE_USER_AUTH'; $objUser->strHash = \Input::cookie($strCookie); // Check the cookie hash if ($objUser->strHash != sha1(session_id() . (!\Config::get('disableIpCheck') ? $objUser->strIp : '') . $strCookie)) { return false; } $objSession = \Database::getInstance()->prepare("SELECT * FROM tl_session WHERE hash=? AND name=?")->execute($objUser->strHash, $strCookie); // Try to find the session in the database if ($objSession->numRows < 1) { \Controller::log('Could not find the session record', __METHOD__, TL_ACCESS); return false; } $time = time(); // Validate the session if ($objSession->sessionID != session_id() || !\Config::get('disableIpCheck') && $objSession->ip != $objUser->strIp || $objSession->hash != $objUser->strHash || $objSession->tstamp + \Config::get('sessionTimeout') < $time) { \Controller::log('Could not verify the session', __METHOD__, TL_ACCESS); return false; } $objUser->intId = $objSession->pid; // Load the user object if ($objUser->findBy('id', $objUser->intId) == false) { \Controller::log('Could not find the session user', __METHOD__, TL_ACCESS); return false; } return true; }
/** * Trigger an error * * @param $message * @param bool $redirect */ public static function error($message, $redirect = true) { $arrDebug = debug_backtrace(); $strCall = $arrDebug[1]['class'] . ' ' . $arrDebug[1]['function']; \Controller::log($message, $strCall, 'TL_ERROR'); if ($redirect) { \Controller::redirect('contao/main.php?act=error'); } }
public function checkPermission() { $objUser = \BackendUser::getInstance(); $objSession = \Session::getInstance(); $objDatabase = \Database::getInstance(); // TODO if (true || $objUser->isAdmin) { return; } // Set root IDs if (!is_array($objUser->competition_reviews) || empty($objUser->competition_reviews)) { $root = array(0); } else { $root = $objUser->competition_reviews; } $GLOBALS['TL_DCA']['tl_competition_review_archive']['list']['sorting']['root'] = $root; // Check permissions to add archives if (!$objUser->hasAccess('create', 'competition_reviewp')) { $GLOBALS['TL_DCA']['tl_competition_review_archive']['config']['closed'] = true; } // Check current action switch (Input::get('act')) { case 'create': case 'select': // Allow break; case 'edit': // Dynamically add the record to the user profile if (!in_array(Input::get('id'), $root)) { $arrNew = $objSession->get('new_records'); if (is_array($arrNew['tl_competition_review_archive']) && in_array(Input::get('id'), $arrNew['tl_competition_review_archive'])) { // Add permissions on user level if ($objUser->inherit == 'custom' || !$objUser->groups[0]) { $objUser = $objDatabase->prepare("SELECT competition_reviews, competition_reviewp FROM tl_user WHERE id=?")->limit(1)->execute($objUser->id); $arrcompetition_reviews = deserialize($objUser->competition_reviews); if (is_array($arrcompetition_reviews) && in_array('create', $arrcompetition_reviews)) { $arrcompetition_reviews = deserialize($objUser->competition_reviews); $arrcompetition_reviews[] = Input::get('id'); $objDatabase->prepare("UPDATE tl_user SET competition_reviews=? WHERE id=?")->execute(serialize($arrcompetition_reviews), $objUser->id); } } elseif ($objUser->groups[0] > 0) { $objGroup = $objDatabase->prepare("SELECT competition_reviews, competition_reviewp FROM tl_user_group WHERE id=?")->limit(1)->execute($objUser->groups[0]); $arrcompetition_reviews = deserialize($objGroup->competition_reviews); if (is_array($arrcompetition_reviews) && in_array('create', $arrcompetition_reviews)) { $arrcompetition_reviews = deserialize($objGroup->competition_reviews); $arrcompetition_reviews[] = Input::get('id'); $objDatabase->prepare("UPDATE tl_user_group SET competition_reviews=? WHERE id=?")->execute(serialize($arrcompetition_reviews), $objUser->groups[0]); } } // Add new element to the user object $root[] = Input::get('id'); $objUser->competition_reviews = $root; } } // No break; // No break; case 'copy': case 'delete': case 'show': if (!in_array(Input::get('id'), $root) || Input::get('act') == 'delete' && !$objUser->hasAccess('delete', 'competition_reviews')) { \Controller::log('Not enough permissions to ' . Input::get('act') . ' competition reviews archive ID "' . Input::get('id') . '"', 'tl_competition_review_archive checkPermission', TL_ERROR); \Controller::redirect('contao/main.php?act=error'); } break; case 'editAll': case 'deleteAll': case 'overrideAll': $session = $objSession->getData(); if (Input::get('act') == 'deleteAll' && !$objUser->hasAccess('delete', 'competition_reviews')) { $session['CURRENT']['IDS'] = array(); } else { $session['CURRENT']['IDS'] = array_intersect($session['CURRENT']['IDS'], $root); } $objSession->setData($session); break; default: if (strlen(Input::get('act'))) { \Controller::log('Not enough permissions to ' . Input::get('act') . ' competition reviews archives', 'tl_competition_review_archive checkPermission', TL_ERROR); \Controller::redirect('contao/main.php?act=error'); } break; } }
/** * Build a given config by the model collection. * * @param Config $config The config being built. * @param Collection $collection The config collection. * * @return void */ protected function buildConfigTypes(Config $config, Collection $collection = null) { if (!$collection) { return; } /** @var BootstrapConfigModel $model */ foreach ($collection as $model) { try { $type = $this->getType($model->type); $type->buildConfig($config, $model); } catch (\Exception $e) { \Controller::log(sprintf('Unknown bootstrap config type "%s" (ID %s) stored in database', $model->type, $model->id), __METHOD__, 'TL_ERROR'); } } }
} // Get the base name for the property accessors. if (isset($info[0]) || isset($info['accessor'])) { $accessor = isset($info[0]) ? $info[0] : $info['accessor']; } else { $accessor = Controller::toCamelCase($source); } // Get or calculate new value. $value = $request[$source]; if (isset($info[2]) || isset($info['transform'])) { $transform = isset($info[2]) ? $info[2] : $info['transform']; $value = $transform($value); } // Important property, so check if it changes. if (isset($info[1]) || isset($info['important'])) { $important = isset($info[1]) ? $info[1] : $info['important']; if ($important) { $getter = 'get' . $accessor; if ($value != $object->{$getter}()) { $importantChange = true; } } } $setter = 'set' . $accessor; $object->{$setter}($value); } return $importantChange; } } Controller::$log = Logger::getLogger('controller');
} // Get the base name for the property accessors. if (isset($info[0]) || isset($info['accessor'])) { $accessor = isset($info[0]) ? $info[0] : $info['accessor']; } else { $accessor = Controller::toCamelCase($source); } // Get or calculate new value. $value = $request[$source]; if (isset($info[2]) || isset($info['transform'])) { $transform = isset($info[2]) ? $info[2] : $info['transform']; $value = $transform($value); } // Important property, so check if it changes. if (isset($info[1]) || isset($info['important'])) { $important = isset($info[1]) ? $info[1] : $info['important']; if ($important) { $getter = "get" . $accessor; if ($value != $object->{$getter}()) { $importantChange = true; } } } $setter = "set" . $accessor; $object->{$setter}($value); } return $importantChange; } } Controller::$log = Logger::getLogger("controller");
/** * Execute some operations at last step */ public function executeFinalOperations() { $arrReturn = array(); // HOOK: do some last operations if (isset($GLOBALS['TL_HOOKS']['syncExecuteFinalOperations']) && is_array($GLOBALS['TL_HOOKS']['syncExecuteFinalOperations'])) { foreach ($GLOBALS['TL_HOOKS']['syncExecuteFinalOperations'] as $callback) { try { // Add log. \Controller::log("Start executing TL_HOOK {$callback['0']} | {$callback['1']}", __CLASS__ . "|" . __FUNCTION__, TL_GENERAL); // Get the reflection class. $objReflection = new \ReflectionClass($callback[0]); // Check if we have a getiInstance or the normal new function. if ($objReflection->hasMethod("getInstance")) { $object = call_user_func_array(array($callback[0], "getInstance"), array()); call_user_func_array(array($object, $callback[1]), array()); } else { $object = new $callback[0](); call_user_func_array(array($object, $callback[1]), array()); } // Add final log. \Controller::log("Finished executing TL_HOOK {$callback['0']} | {$callback['1']}", __CLASS__ . "|" . __FUNCTION__, TL_GENERAL); } catch (Exception $exc) { $arrReturn[] = array('callback' => implode("|", $callback), 'info_msg' => "Error by: TL_HOOK {$callback['0']} | {$callback['1']} with Msg: " . $exc->getMessage()); \Controller::log("Error by: TL_HOOK {$callback['0']} | {$callback['1']} with Msg: " . $exc->getMessage(), __CLASS__ . "|" . __FUNCTION__, TL_ERROR); } } } return $arrReturn; }
/** * Initialize the backend view. * * @param DataContainer $dataContainer The data container. * * @return void */ public function initialize($dataContainer) { if (TL_MODE !== 'BE') { return; } $this->getServiceContainer()->getAssetsManager()->addStylesheet('system/modules/content-node/assets/css/backend.css'); $callback = $this->definition->get('list/sorting/child_record_callback'); if (is_array($callback)) { $callback[0] = \System::importStatic($callback[0]); } $renderer = new BackendRenderer($this->registry, $callback); $definition = $this->getServiceContainer()->getDcaManager()->get('tl_content'); $definition->set('list/sorting/child_record_callback', $renderer); $parentType = null; if ($dataContainer->parentTable === 'tl_content_node') { $parent = \ContentModel::findByPk(CURRENT_ID); if ($parent && $this->registry->hasNodeType($parent->tye)) { $parentType = $this->registry->getNode($parent->type); } } try { $restriction = new ContentElementAccess($this->definition, $this->registry, $this->getServiceContainer()->getDatabaseConnection(), $this->getServiceContainer()->getSession(), $this->getServiceContainer()->getInput()); $restriction->restrict($dataContainer->id, $parentType); } catch (AccessDeniedException $e) { \Controller::log($e->getMessage(), 'ContentElementAccess::resitrct', TL_ACCESS); \Controller::redirect(\Environment::get('script') . '?act=error'); } }
/** * initialize method * * Load default app settings (if configured to do so) * Set the referer info if it's not a requestAction call * Setup the user's language a * * * @param mixed $Controller * @param array $config * @return void * @access public */ public function initialize(Controller $C) { if (!empty($C->params['requested'])) { return; } $this->Controller = $C; $this->webroot = $this->Controller->webroot; $this->settings = array_merge($this->defaults, $this->settings); if ($this->settings['usingSubdomains'] === null) { $cookieDomain = ini_get('session.cookie_domain'); if ($cookieDomain && $cookieDomain[0] === '.') { $this->settings['usingSubdomains'] = true; } else { $this->settings['usingSubdomains'] = false; } } $this->_storeHistory(); if ($C->name === 'CakeError') { if ($this->settings['redirectOnError']) { if (Configure::read()) { $normalized = $this->_normalizeUrl($this->settings['redirectOnError']); $C->log('Request for ' . $C->here . ' generated an error. redirecting to ' . $normalized, LOG_DEBUG); } $this->_redirect($this->settings['redirectOnError']); } return; } $this->_autoLanguage(); if (!isset($C->postActions)) { $C->postActions = array(); } }