public static function handleEditRequest() { $GLOBALS['Session']->requireAuthentication(); $User = static::_getRequestedUser(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($_SERVER['CONTENT_TYPE'] == 'application/json') { $requestData = JSON::getRequestData(); } else { $requestData = $_REQUEST; } if (!$GLOBALS['Session']->hasAccountLevel('Administrator')) { $profileChanges = array_intersect_key($requestData, array_flip(static::$profileFields)); } else { $profileChanges = $requestData; } $User->setFields($profileChanges); if (static::$onBeforeProfileValidated) { call_user_func(static::$onBeforeProfileValidated, $User, $profileChanges, $requestData); } // validate if ($User->validate()) { if (static::$onBeforeProfileSaved) { call_user_func(static::$onBeforeProfileSaved, $User, $profileChanges, $requestData); } // save session $User->save(); if (static::$onProfileSaved) { call_user_func(static::$onProfileSaved, $User, $profileChanges, $requestData); } // fire created response return static::respond('profileSaved', array('success' => true, 'data' => $User)); } // fall through back to form if validation failed } return static::respond('profileEdit', array('data' => $User)); }
public static function handleMultiAssignRequest() { if (static::$accountLevelAssign) { $GLOBALS['Session']->requireAccountLevel(static::$accountLevelAssign); } if (static::$responseMode == 'json' && in_array($_SERVER['REQUEST_METHOD'], array('POST', 'PUT'))) { $_REQUEST = JSON::getRequestData(); } if (empty($_REQUEST['data']) || !is_array($_REQUEST['data'])) { return static::throwInvalidRequestError('Assign expects "data" field as array of assignments'); } $className = static::$recordClass; $results = array(); foreach ($_REQUEST['data'] as $datum) { if (!($Tag = $className::getByID($datum['TagID']))) { return static::throwNotFoundError(); } $TagItem = $Tag->assignItem($datum['ContextClass'], $datum['ContextID']); if ($TagItem->isNew) { $results[] = $TagItem; } } return static::respond($className::$pluralNoun . 'Saved', array('success' => true, 'data' => $results)); }
public static function handleMultiDestroyRequest() { if (0 === strpos($_SERVER['CONTENT_TYPE'], 'application/json')) { $_REQUEST = JSON::getRequestData(); } if (empty($_REQUEST['data']) || !is_array($_REQUEST['data'])) { return static::throwInvalidRequestError('Handler expects "data" field as array'); } $className = static::$recordClass; $results = []; $failed = []; foreach ($_REQUEST['data'] as $datum) { // get record if (is_numeric($datum)) { $recordID = $datum; } elseif (!empty($datum['ID']) && is_numeric($datum['ID'])) { $recordID = $datum['ID']; } else { $failed[] = ['record' => $datum, 'errors' => 'ID missing']; continue; } if (!($Record = $className::getByID($recordID))) { $failed[] = ['record' => $datum, 'errors' => 'ID not found']; continue; } // check write access if (!static::checkWriteAccess($Record)) { $failed[] = ['record' => $datum, 'errors' => 'Write access denied']; continue; } // destroy record if ($Record->destroy()) { $results[] = $Record; } } return static::respond(static::getTemplateName($className::$pluralNoun) . 'Destroyed', ['success' => count($results) || !count($failed), 'data' => $results, 'failed' => $failed]); }
public static function getRequestData() { if (0 === strpos($_SERVER['CONTENT_TYPE'], 'application/x-www-form-urlencoded')) { if ($_SERVER['REQUEST_METHOD'] == 'POST') { return $_POST; } else { $data = array(); parse_str(file_get_contents('php://input'), $data); return $data; } } elseif (0 === strpos($_SERVER['CONTENT_TYPE'], 'application/json')) { return JSON::getRequestData(); } else { throw new Exception('Incoming content type must be application/json or application/x-www-form-urlencoded'); } }
<?php $GLOBALS['Session']->requireAccountLevel('Developer'); $requestData = JSON::getRequestData(); if (!is_array($requestData['nodes'])) { JSON::error('Expecting array under nodes key'); } // TODO: something more elegant to prevent non-specified classes from being inherited? Site::$autoPull = true; $succeeded = array(); $failed = array(); foreach ($requestData['nodes'] as $updateData) { $Node = Site::resolvePath($updateData['path']); if ($Node->Collection->Site == 'Local') { $failed[] = array('path' => $updateData['path'], 'error' => 'CURRENT_IS_LOCAL', 'message' => 'Current node is local and blocks any remote updates'); continue; } if ($Node->SHA1 != $updateData['localSHA1']) { $failed[] = array('path' => $updateData['path'], 'error' => 'LOCAL_SHA1_MISMATCH', 'message' => 'Current node\'s SHA1 hash does not match that which this update was requested for'); continue; } if (empty($updateData['remoteSHA1'])) { $Node->delete(); } else { $NewNode = Emergence::resolveFileFromParent($Node->Collection, $Node->Handle, true); if (!$NewNode) { $failed[] = array('path' => $updateData['path'], 'error' => 'DOWNLOAD_FAILED', 'message' => 'The remote file failed to download'); continue; } if ($NewNode->SHA1 != $updateData['remoteSHA1']) { $NewNode->destroyRecord();
public static function handleStageMultiRequest() { if ($_SERVER['REQUEST_METHOD'] != 'POST') { return static::throwInvalidRequestError('Request must be POST'); } if (0 === strpos($_SERVER['CONTENT_TYPE'], 'application/json')) { $_REQUEST = \JSON::getRequestData(); } try { $layer = static::$_currentRepo; } catch (Exception $e) { return static::throwInvalidRequestError($e->getMessage()); } static::$responseMode = 'json'; $command = 'add'; $success = true; if (is_array($_REQUEST['Files'])) { foreach ($_REQUEST['Files'] as $file) { $file = escapeshellcmd($file); $args = [$file]; try { $output = $layer->getGitWrapper()->run($command, $args); $operations[] = ['success' => true, 'output' => $output, 'command' => $command, 'args' => $args]; } catch (Exception $e) { $success = false; $operations[] = ['success' => false, 'output' => $output, 'command' => $command, 'args' => $args, 'error' => $e->getMessage()]; } } } return static::respond('stage-multi', ['success' => $success, 'operations' => $operations]); }