function startup(Controller $controller) { if (!isset($this->settings[$controller->name][$controller->action])) { return; } $settings = $this->settings[$controller->name][$controller->action]; if (!in_array('Filter.Filter', $controller->helpers)) { $controller->helpers[] = 'Filter.Filter'; } $sessionKey = sprintf('FilterPlugin.Filters.%s.%s', $controller->name, $controller->action); if (!$controller->request->is('post') || !isset($controller->request->data['Filter']['filterFormId'])) { $persistedData = array(); if ($this->Session->check($sessionKey)) { $persistedData = $this->Session->read($sessionKey); } if (empty($persistedData)) { return; } $this->formData = $persistedData; } else { $this->formData = $controller->request->data; $this->Session->write($sessionKey, $this->formData); $controller->redirect($controller->referer()); } foreach ($settings as $model => $options) { if (!isset($controller->{$model})) { trigger_error(__('Filter model not found: %s', $model)); continue; } $controller->{$model}->setFilterValues($this->formData); } }
/** * Logout user from application and Facebook * * @param string|array $redirectUrl */ public function logout($redirectUrl = null) { if (!$redirectUrl) { $redirectUrl = $this->Controller->referer(); } $logoutUrl = $this->getLogoutUrl($redirectUrl); $this->flash(__('Disconnecting from facebook'), $logoutUrl); }
/** * Called after the Controller::beforeFilter() and before the controller action * * @param Controller $controller Controller with components to startup * @return void */ public function startup(Controller $controller) { // ファイルアップロード等で post_max_size を超えると $_POSTが空っぽになるため、このタイミングでエラー表示 $contentLength = Hash::get($_SERVER, 'CONTENT_LENGTH'); if ($contentLength > CakeNumber::fromReadableSize(ini_get('post_max_size'))) { $message = __d('files', 'FileUpload.post_max_size.over'); $controller->NetCommons->setFlashNotification($message, array('class' => 'danger', 'interval' => NetCommonsComponent::ALERT_VALIDATE_ERROR_INTERVAL)); $controller->redirect($controller->referer()); } }
/** * Store the referer information for use later */ public function startup(Controller $controller) { $redirect = $controller->Session->read($this->_key); if (!in_array($controller->action, $this->_actions)) { return; } if (!empty($redirect)) { return; } $controller->Session->write($this->_key, $controller->referer()); }
/** * undocumented function * * @param string $officeId * @return void * @access public */ function admin_activate($officeId = null) { if ($officeId == Configure::read('Office.id')) { $msg = __('This office is already active.', true); return $this->Message->add($msg, 'ok'); } Assert::true(Office::isOwn($officeId), '403'); $office = $this->Office->find('first', array('conditions' => array('Office.id' => $officeId), 'contain' => array('SubOffice', 'ParentOffice'))); Assert::notEmpty($office, '404'); $this->Office->activate($office['Office']['id']); $msg = __('The office was successfully activated!', true); return $this->Message->add($msg, 'ok', true, Controller::referer()); }
/** * Is the passed ID valid ? * * By default we assume you want to validate an numeric string * like a normal incremental ids from MySQL * * Change the validateId settings key to "uuid" for UUID check instead * * @param mixed $id * @return boolean */ protected function _validateId($id) { if (isset($this->settings['validateId'])) { $type = $this->settings['validateId']; } else { $type = $this->_detectPrimaryKeyFieldType(); } if (!$type) { return true; } elseif ($type === 'uuid') { $valid = Validation::uuid($id); } else { $valid = is_numeric($id); } if ($valid) { return true; } $subject = $this->trigger('invalidId', compact('id')); $this->_setFlash('invalid_id.error'); return $this->_redirect($subject, $this->_controller->referer()); }
/** * Main execution method. Handles redirecting of invalid users, and processing * of login form data. * * @param Controller $controller A reference to the instantiating controller object * @return boolean */ public function startup(Controller $controller) { $methods = array_flip(array_map('strtolower', $controller->methods)); $action = strtolower($controller->request->params['action']); $isMissingAction = $controller->scaffold === false && !isset($methods[$action]); if ($isMissingAction) { return true; } if (!$this->_setDefaults()) { return false; } $request = $controller->request; $url = ''; if (isset($request->url)) { $url = $request->url; } $url = Router::normalize($url); $loginAction = Router::normalize($this->loginAction); $allowedActions = $this->allowedActions; $isAllowed = $this->allowedActions == array('*') || in_array($action, array_map('strtolower', $allowedActions)); if ($loginAction != $url && $isAllowed) { return true; } if ($loginAction == $url) { if (empty($request->data)) { if (!$this->Session->check('Auth.redirect') && !$this->loginRedirect && env('HTTP_REFERER')) { $this->Session->write('Auth.redirect', $controller->referer(null, true)); } } return true; } else { if (!$this->_getUser()) { if (!$request->is('ajax')) { $this->flash($this->authError); $this->Session->write('Auth.redirect', $request->here()); $controller->redirect($loginAction); return false; } elseif (!empty($this->ajaxLogin)) { $controller->viewPath = 'Elements'; echo $controller->render($this->ajaxLogin, $this->RequestHandler->ajaxLayout); $this->_stop(); return false; } else { $controller->redirect(null, 403); } } } if (empty($this->authorize) || $this->isAuthorized($this->user())) { return true; } $this->flash($this->authError); $default = '/'; if (!empty($this->loginRedirect)) { $default = $this->loginRedirect; } $controller->redirect($controller->referer($default), null, true); return false; }
function __checkDimensions($filePath) { $size = getimagesize($filePath); if (!$size) { $this->Session->setFlash('We could not check that image\'s size, so we can\'t upload it.', 'error'); $this->redirect(Controller::referer('/')); } $error = ''; if ($size[0] > 800 || $size[1] > 800) { $this->Session->setFlash('Images cannot be any larger than 800 by 800 pixels.', 'error'); $this->redirect(Controller::referer('/')); } }
/** * Test that the referer is not absolute if it is '/'. * * This avoids the base path being applied twice on string urls. * * @return void */ public function testRefererSlash() { $request = $this->getMock('CakeRequest', array('referer')); $request->base = '/base'; $request->expects($this->any())->method('referer')->will($this->returnValue('/')); Router::setRequestInfo($request); $controller = new Controller($request); $result = $controller->referer('/', true); $this->assertEquals('/', $result); $controller = new Controller($request); $result = $controller->referer('/some/path', true); $this->assertEquals('/base/some/path', $result); }
/** * testReferer method * * @access public * @return void */ function testReferer() { $Controller = new Controller(); $_SERVER['HTTP_REFERER'] = 'http://cakephp.org'; $result = $Controller->referer(null, false); $expected = 'http://cakephp.org'; $this->assertIdentical($result, $expected); $_SERVER['HTTP_REFERER'] = ''; $result = $Controller->referer('http://cakephp.org', false); $expected = 'http://cakephp.org'; $this->assertIdentical($result, $expected); $_SERVER['HTTP_REFERER'] = ''; $referer = array('controller' => 'pages', 'action' => 'display', 'home'); $result = $Controller->referer($referer, false); $expected = 'http://' . env('HTTP_HOST') . '/pages/display/home'; $this->assertIdentical($result, $expected); $_SERVER['HTTP_REFERER'] = ''; $result = $Controller->referer(null, false); $expected = '/'; $this->assertIdentical($result, $expected); $_SERVER['HTTP_REFERER'] = FULL_BASE_URL . $Controller->webroot . '/some/path'; $result = $Controller->referer(null, false); $expected = '/some/path'; $this->assertIdentical($result, $expected); $Controller->webroot .= '/'; $_SERVER['HTTP_REFERER'] = FULL_BASE_URL . $Controller->webroot . '/some/path'; $result = $Controller->referer(null, false); $expected = '/some/path'; $this->assertIdentical($result, $expected); $_SERVER['HTTP_REFERER'] = FULL_BASE_URL . $Controller->webroot . 'some/path'; $result = $Controller->referer(null, false); $expected = '/some/path'; $this->assertIdentical($result, $expected); $Controller->webroot = '/recipe/'; $_SERVER['HTTP_REFERER'] = FULL_BASE_URL . $Controller->webroot . 'recipes/add'; $result = $Controller->referer(); $expected = '/recipes/add'; $this->assertIdentical($result, $expected); }
/** * _popupStartup * POPUP型の場合はGetアクセスをはじく * POSTが来たときは、送信された認証キーとControllerが指定しているmodel, contentId, additionalIdでDBからデータを取り出し * マッチするか確認する * 一致しない場合は、前の画面を再度呼び出す * * @param Controller $controller Controller with components to startup * @return void * @throws ForbiddenException */ protected function _popupStartup(Controller $controller) { // 現在実行されようとしているActionがガード対象のものであればチェックを走らせる if ($controller->action == $this->targetAction) { if ($controller->request->is('post') || $controller->request->is('put')) { // POPUPのときはここでDBからデータを取り出す $authKey = $this->AuthorizationKey->getAuthorizationKeyByContentId($this->model, $this->contentId, $this->additionalId); // // 入力された認証キーが正しいことを確認する $data = $this->controller->request->data; if (!isset($data['AuthorizationKey']['authorization_key']) || $authKey['AuthorizationKey']['authorization_key'] !== $data['AuthorizationKey']['authorization_key']) { $this->_setErrorMessage(); $controller->redirect($controller->referer()); // 元に戻す } } else { // POPUP型のガード処理でPOST以外で来ているということはURL強制HACK! // 許さない throw new ForbiddenException(__d('authorization_keys', 'you can not access without entering authorization key.')); } } // それ以外の場合は何もせず通す return true; }
/** * Sets the referer page * * We need to know where were you, to get you back there * * @return void * @see CroogoComponent::redirect() */ public function setReferer() { $default = array('controller' => $this->_controller->request->params['controller'], 'action' => 'index'); $referer = $this->_controller->referer($default, true); $this->Session->write('Croogo.referer', array('url' => $referer)); }
function dump($object = 'options') { if ($object == 'view') { $this->set('header', 'Dumping a View Object'); $this->render('view_dump'); } elseif ($object == 'controller') { $this->Gatekeeper->restrict_from_app_modes(array('production'), '/demo/gatekeeper/blocked', 'this option is blocked in production mode'); $REPORT = array($this->name => $this); $this->set('header', 'Dumping the Controller Object'); $this->set('data', $REPORT); $this->render('report'); } elseif ($object == 'config') { $REPORT = array('App.mode' => Configure::Read('App.mode'), 'App.domain' => Configure::Read('App.domain'), 'debug' => Configure::read('debug'), 'Configure::Read(\'App\')' => Configure::Read('App')); $this->set('header', 'Cakewell Context-Specific App Values'); $this->set('data', $REPORT); $this->render('report'); } elseif ($object == 'phpinfo') { $this->Gatekeeper->restrict_from_app_modes(array('production'), '/demo/', 'this action is blocked in production mode'); ob_start(); phpinfo(); $phpinfo = ob_get_clean(); $this->set('content_for_view', $phpinfo); $this->render('blank', 'default'); } elseif ($object == 'request_handler') { $Report = array('$this->Session->id()' => $this->Session->id(), '$this->Session->id' => $this->Session->id, '$this->RequestHandler->getReferrer()' => $this->RequestHandler->getReferrer(), '$_SERVER[\'HTTP_REFERER\']' => $_SERVER['HTTP_REFERER'], '$_SERVER[\'HTTP_USER_AGENT\']' => $_SERVER['HTTP_USER_AGENT'], 'Controller::referer' => Controller::referer(), '$this->RequestHandler->getClientIP()' => $this->RequestHandler->getClientIP(), 'FULL_BASE_URL + Router::url(\'\', false)' => FULL_BASE_URL . Router::url('', false), '$this->RequestHandler' => $this->RequestHandler); $this->set('header', 'showing RequestHandler info for client at ip ' . $this->RequestHandler->getClientIP()); $this->set('data', $Report); $this->render('report'); } elseif ($object == 'referer') { $Data = array('referer' => $this->referer(), 'SERVER[\'HTTP_REFERER\']' => isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : 'NULL', 'Configure::read(\'Security.level\')' => Configure::read('Security.level')); $this->set('header', 'Checking Referrer'); $this->set('data', $Data); $this->render('report'); } elseif ($object == 'constants') { $this->set('header', 'Some CakePHP Constants and Globals (<a href="http://book.cakephp.org/view/122/Core-Definition-Constants">docs</a>)'); $this->set('data', $this->_cake_constants()); $this->render('report'); } else { $content = <<<EOMENU <h3>choose an object to dump</h3> <a href="/demo/dump/controller/">controller object</a><br /> <a href="/demo/dump/view/">view object</a><br /> <a href="/demo/dump/config/">configuration app values</a><br /> <a href="/demo/dump/request_handler/">request handler</a><br /> <a href="/demo/dump/referer/">referrer</a><br /> <a href="/demo/dump/constants/">cakephp constants</a><br /> <a href="/demo/dump/phpinfo/">phpinfo</a><br /> EOMENU; $this->set('header', 'Object Dumper'); $this->set('content', $content); $this->render('index'); } }
/** * undocumented function * * @return void */ function referer($default = null, $local = true) { return parent::referer($default, $local); }
/** * */ public function admin_update_multiple() { $this->autoRender = false; $modelArray = array_keys($this->data); if ($modelArray[0] == '_Token') { $modelArray[0] = $modelArray[1]; } if (!empty($this->data)) { $message = $this->{$modelArray[0]}->updateMultiple($this->data); $this->_message($message, Controller::referer()); } }
/** * testReferer method * * @return void */ public function testReferer() { $request = $this->getMock('CakeRequest'); $request->expects($this->any())->method('referer')->with(true)->will($this->returnValue('/posts/index')); $Controller = new Controller($request); $result = $Controller->referer(null, true); $this->assertEquals('/posts/index', $result); $Controller = new Controller($request); $request->setReturnValue('referer', '/', array(true)); $result = $Controller->referer(array('controller' => 'posts', 'action' => 'index'), true); $this->assertEquals('/posts/index', $result); $request = $this->getMock('CakeRequest'); $request->expects($this->any())->method('referer')->with(false)->will($this->returnValue('http://localhost/posts/index')); $Controller = new Controller($request); $result = $Controller->referer(); $this->assertEquals('http://localhost/posts/index', $result); $Controller = new Controller(null); $result = $Controller->referer(); $this->assertEquals('/', $result); }
/** * Handle unauthorized access attempt * * @param Controller $controller A reference to the controller object * @return bool Returns false * @throws ForbiddenException * @see AuthComponent::$unauthorizedRedirect */ protected function _unauthorized(Controller $controller) { if ($this->unauthorizedRedirect === false) { throw new ForbiddenException($this->authError); } $this->flash($this->authError); if ($this->unauthorizedRedirect === true) { $default = '/'; if (!empty($this->loginRedirect)) { $default = $this->loginRedirect; } $url = $controller->referer($default, true); } else { $url = $this->unauthorizedRedirect; } $controller->redirect($url, null, true); return false; }
/** * Saves the user selected rating value. Depending on the plugin * configuration, it also updates or deletes the rating. * * @param string $model Name of the model * @param integer $id Id of the model * @param integer $value User rating value */ function save($model = '', $id = 0, $value = 0) { $this->layout = null; $saved = false; $fallback = false; $referer = Controller::referer(); $name = $this->params['url']['name']; $config = $this->params['url']['config']; // load the config file $this->__loadConfig($config); // data from fallback form if (isset($this->params['url']['fallback']) && $this->params['url']['fallback']) { $fallback = true; $model = $this->params['url']['model']; $id = $this->params['url']['rating']; $value = $this->params['url']['value']; } // check if model id exists $modelInstance = ClassRegistry::init($model); $modelInstance->id = $id; if (!$modelInstance->exists(true)) { if (!$fallback) { $this->view($model, $id, base64_encode(json_encode(array('name' => $name, 'config' => $config)))); } else { $this->redirect($referer); } return; } // choose between user and guest id if (Configure::read('Rating.guest') && $this->Session->read('Rating.guest_id')) { $userId = $this->Session->read('Rating.guest_id'); } else { $userId = $this->Session->read(Configure::read('Rating.sessionUserId')); } // check if a rating already exists $userRating = $this->Rating->find(array('model' => $model, 'model_id' => $id, 'user_id' => $userId, 'name' => $name)); // save, update or delete rating if (!empty($userRating) && Configure::read('Rating.allowChange')) { $this->Rating->id = $userRating['Rating']['id']; if ($userRating['Rating']['rating'] == $value && Configure::read('Rating.allowDelete')) { $this->Rating->delete($userRating['Rating']['id']); $saved = true; } else { $saved = $this->Rating->saveField('rating', $value); } } else if (empty($userRating) && $userId) { $this->data['Rating']['rating'] = $value; $this->data['Rating']['model'] = $model; $this->data['Rating']['model_id'] = $id; $this->data['Rating']['user_id'] = $userId; $this->data['Rating']['name'] = $name; $this->Rating->create(); $saved = $this->Rating->save($this->data); } // set flash message if ($saved && Configure::read('Rating.flash')) { $this->Session->setFlash(Configure::read('Rating.flashMessage'), 'default', array('class' => 'rating-flash'), 'rating'); } // save rating values to model if ($saved && Configure::read('Rating.saveToModel')) { // check if fields exist in model if (!$modelInstance->hasField(Configure::read('Rating.modelAverageField')) && !$modelInstance->hasField(Configure::read('Rating.modelVotesField'))) { if (!$fallback) { $this->view($model, $id, base64_encode(json_encode(array('name' => $name, 'config' => $config)))); } else { $this->redirect($referer); } return; } // retrieve actual rating values $values = $this->Rating->find(array('model' => $model, 'model_id' => $id, 'name' => $name), array('AVG(Rating.rating)', 'COUNT(*)')); $avgRating = round($values[0]['AVG(`Rating`.`rating`)'], 1); $votes = $values[0]['COUNT(*)']; if ($avgRating && !strpos($avgRating, '.')) { $avgRating = $avgRating.'.0'; } else if (!$avgRating) { $avgRating = '0.0'; } if (empty($votes)) { $votes = '0'; } $modelInstance->id = $id; // save rating values if ($modelInstance->exists()) { $modelInstance->saveField(Configure::read('Rating.modelAverageField'), $avgRating); $modelInstance->saveField(Configure::read('Rating.modelVotesField'), $votes); } } // show view again if (!$fallback) { $this->view($model, $id, base64_encode(json_encode(array('name' => $name, 'config' => $config)))); } else { if ($saved && Configure::read('Rating.fallbackFlash')) { $this->flash(Configure::read('Rating.flashMessage'), Controller::referer()); $this->Session->setFlash(null); } else { $this->redirect($referer); } } $this->autoRender = false; }