public function init() { parent::init(); if (is_file(PIMCORE_CONFIGURATION_SYSTEM)) { // session authentication, only possible if user is logged in $user = Pimcore_Tool_Authentication::authenticateSession(); if (!$user instanceof User) { die("Authentication failed!<br />If you don't have access to the admin interface any more, and you want to find out if the server configuration matches the requirements you have to rename the the system.xml for the time of the check."); } } else { if ($this->_getParam("mysql_adapter")) { } else { die("Not possible... no database settings given.<br />Parameters: mysql_adapter,mysql_host,mysql_username,mysql_password,mysql_database"); } } }
public function loginAction() { $userInactive = false; try { $user = User::getByName($this->_getParam("username")); if ($user instanceof User) { if ($user->isActive()) { $authenticated = false; if ($user->getPassword() == Pimcore_Tool_Authentication::getPasswordHash($this->_getParam("username"), $this->_getParam("password"))) { $authenticated = true; } else { if ($this->_getParam("token") and Pimcore_Tool_Authentication::tokenAuthentication($this->_getParam("username"), $this->_getParam("token"), MCRYPT_TRIPLEDES, MCRYPT_MODE_ECB, false)) { $authenticated = true; } else { throw new Exception("User and Password doesn't match"); } } if ($authenticated) { $adminSession = new Zend_Session_Namespace("pimcore_admin"); $adminSession->user = $user; $adminSession->frozenuser = $user->getAsFrozen(); } } else { $userInactive = true; throw new Exception("User is inactive"); } } else { throw new Exception("User doesn't exist"); } } catch (Exception $e) { //see if module ore plugin authenticates user $user = Pimcore_API_Plugin_Broker::getInstance()->authenticateUser($this->_getParam("username"), $this->_getParam("password")); if ($user instanceof User) { $adminSession = new Zend_Session_Namespace("pimcore_admin"); $adminSession->user = $user; $adminSession->frozenuser = $user->getAsFrozen(); $this->_redirect("/admin/?_dc=" . time()); } else { $this->writeLogFile($this->_getParam("username"), $e->getMessage()); Logger::info("Login Exception" . $e); $this->_redirect("/admin/login/?auth_failed=true&inactive=" . $userInactive); $this->getResponse()->sendResponse(); exit; } } $this->_redirect("/admin/?_dc=" . time()); }
/** * @deprecated * @static * @return void */ public static function initSession() { Pimcore_Tool_Authentication::initSession(); }
/** * @static * @throws Exception * @param string $username * @param string $token * @param bool $adminRequired * @return User */ public static function tokenAuthentication($username, $token, $algorithm, $mode, $adminRequired = false) { $user = User::getByName($username); if (!$user instanceof User) { throw new Exception("invalid username"); } else { if (!$user->isActive()) { throw new Exception("user inactive"); } else { if ($adminRequired and !$user->isAdmin()) { throw new Exception("no permission"); } } } $passwordHash = $user->getPassword(); $decrypted = Pimcore_Tool_Authentication::decrypt($passwordHash, $token, $algorithm, $mode); $timestamp = $decrypted[0]; $timeZone = date_default_timezone_get(); date_default_timezone_set("UTC"); if ($timestamp > time() or $timestamp < time() - 60 * 30) { throw new Exception("invalid timestamp"); } date_default_timezone_set($timeZone); return $user; }
public function init() { parent::init(); // log exceptions if handled by error_handler $this->checkForErrors(); // general definitions Pimcore::unsetAdminMode(); Document::setHideUnpublished(true); Object_Abstract::setHideUnpublished(true); Object_Abstract::setGetInheritedValues(true); // contains the logged in user if necessary $user = null; // assign variables $this->view->controller = $this; // init website config $config = Pimcore_Config::getWebsiteConfig(); $this->config = $config; $this->view->config = $config; if (!$this->_getParam("document")) { Zend_Registry::set("pimcore_editmode", false); $this->editmode = false; $this->view->editmode = false; // no document available, continue, ... return; } else { $this->setDocument($this->_getParam("document")); } if ($this->_getParam("pimcore_editmode") || $this->_getParam("pimcore_version") || $this->_getParam("pimcore_preview") || $this->_getParam("pimcore_admin") || $this->_getParam("pimcore_object_preview")) { $specialAdminRequest = true; $this->disableBrowserCache(); // start admin session & get logged in user $user = Pimcore_Tool_Authentication::authenticateSession(); } if (!$this->document->isPublished()) { if ($specialAdminRequest) { if (!$user) { throw new Exception("access denied for " . $this->document->getFullPath()); } } else { throw new Exception("access denied for " . $this->document->getFullPath()); } } // register global locale if the document has the system property "language" if ($this->document->getProperty("language")) { $locale = new Zend_Locale($this->document->getProperty("language")); Zend_Registry::set('Zend_Locale', $locale); $this->getResponse()->setHeader("Content-Language", strtolower(str_replace("_", "-", (string) $locale)), true); } // for editmode if ($user) { if ($this->_getParam("pimcore_editmode") and !Zend_Registry::isRegistered("pimcore_editmode")) { Zend_Registry::set("pimcore_editmode", true); // check if there is the document in the session $docKey = "document_" . $this->getDocument()->getId(); $docSession = new Zend_Session_Namespace("pimcore_documents"); if ($docSession->{$docKey}) { // if there is a document in the session use it $this->setDocument($docSession->{$docKey}); } else { // set the latest available version for editmode if there is no doc in the session $latestVersion = $this->getDocument()->getLatestVersion(); if ($latestVersion) { $latestDoc = $latestVersion->loadData(); if ($latestDoc instanceof Document_PageSnippet) { $this->setDocument($latestDoc); } } } // register editmode plugin $front = Zend_Controller_Front::getInstance(); $front->registerPlugin(new Pimcore_Controller_Plugin_Frontend_Editmode($this), 1000); } else { Zend_Registry::set("pimcore_editmode", false); } } else { Zend_Registry::set("pimcore_editmode", false); } // for preview if ($user) { // document preview if ($this->_getParam("pimcore_preview")) { // get document from session $docKey = "document_" . $this->_getParam("document")->getId(); $docSession = new Zend_Session_Namespace("pimcore_documents"); if ($docSession->{$docKey}) { $this->setDocument($docSession->{$docKey}); } } // object preview if ($this->_getParam("pimcore_object_preview")) { $key = "object_" . $this->_getParam("pimcore_object_preview"); $session = new Zend_Session_Namespace("pimcore_objects"); if ($session->{$key}) { $object = $session->{$key}; // add the object to the registry so every call to Object_Abstract::getById() will return this object instead of the real one Zend_Registry::set("object_" . $object->getId(), $object); } } } // for version preview if ($this->_getParam("pimcore_version")) { if ($user) { // only get version data at the first call || because of embedded Snippets ... if (!Zend_Registry::isRegistered("pimcore_version_active")) { $version = Version::getById($this->_getParam("pimcore_version")); $this->setDocument($version->getData()); Zend_Registry::set("pimcore_version_active", true); } } } // for public versions if ($this->_getParam("v")) { try { $version = Version::getById($this->_getParam("v")); if ($version->getPublic()) { $this->setDocument($version->getData()); } } catch (Exception $e) { } } // check if document is a wrapped hardlink, if this is the case send a rel=canonical header to the source document if ($this->getDocument() instanceof Document_Hardlink_Wrapper_Interface) { // get the cononical (source) document $hardlinkCanonicalSourceDocument = Document::getById($this->getDocument()->getId()); $request = $this->getRequest(); $this->getResponse()->setHeader("Link", '<' . $request->getScheme() . "://" . $request->getHttpHost() . $hardlinkCanonicalSourceDocument->getFullPath() . '>; rel="canonical"'); } // set some parameters $this->editmode = Zend_Registry::get("pimcore_editmode"); $this->view->editmode = Zend_Registry::get("pimcore_editmode"); }
} } // complete the pimcore starup tasks (config, framework, modules, plugins ...) Pimcore::initConfiguration(); sleep(4); Pimcore::setupFramework(); Pimcore::initLogger(); Pimcore::initModules(); Pimcore::initPlugins(); /* * Now the pimcore_phpunit instance is up and running. It is a clean pimcore instance with a fresh database setup and * system config. The pimcore source code is identical to the current development unit */ //create admin user (normally this would be included in the pimcore install process) if (!$skipInstall) { $user = User::create(array("parentId" => 0, "username" => "admin", "password" => Pimcore_Tool_Authentication::getPasswordHash("admin", "admin"), "hasCredentials" => true, "active" => true)); $user->setAdmin(true); $user->save(); chdir($pimcoreRoot . "/tests"); } // set test config to registry - we might need it later $conf = new Zend_Config_Xml(TESTS_PATH . "/config/testconfig.xml"); Zend_Registry::set("pimcore_config_test", $conf); try { $conf = Zend_Registry::get("pimcore_config_system"); } catch (Exception $e) { die("config not present"); } // set timezone if ($conf instanceof Zend_Config) { if ($conf->general->timezone) {
public static function getSession() { return Pimcore_Tool_Authentication::getSession(); }
/** * @static * @throws Exception|Zend_Controller_Router_Exception */ public static function run() { self::setSystemRequirements(); // register shutdown function Pimcore_Event::register("pimcore.shutdown", array("Pimcore", "shutdown"), array(), 999); // detect frontend (website) $frontend = Pimcore_Tool::isFrontend(); // enable the output-buffer, why? see in self::outputBufferStart() //if($frontend) { self::outputBufferStart(); //} self::initAutoloader(); self::initConfiguration(); self::setupFramework(); // config is loaded now init the real logger self::initLogger(); // set locale data cache, this must be after self::initLogger() since Pimcore_Model_Cache requires the logger // to log if there's something wrong with the cache configuration in cache.xml Zend_Locale_Data::setCache(Pimcore_Model_Cache::getInstance()); // load plugins and modules (=core plugins) self::initModules(); self::initPlugins(); // init front controller $front = Zend_Controller_Front::getInstance(); $conf = Pimcore_Config::getSystemConfig(); if (!$conf) { // redirect to installer if configuration isn't present if (!preg_match("/^\\/install.*/", $_SERVER["REQUEST_URI"])) { header("Location: /install/"); exit; } } $front->registerPlugin(new Pimcore_Controller_Plugin_ErrorHandler(), 1); $front->registerPlugin(new Pimcore_Controller_Plugin_Maintenance(), 2); // register general pimcore plugins for frontend if ($frontend) { $front->registerPlugin(new Pimcore_Controller_Plugin_Less(), 799); } if (Pimcore_Tool::useFrontendOutputFilters(new Zend_Controller_Request_Http())) { $front->registerPlugin(new Pimcore_Controller_Plugin_Robotstxt(), 795); $front->registerPlugin(new Pimcore_Controller_Plugin_WysiwygAttributes(), 796); $front->registerPlugin(new Pimcore_Controller_Plugin_Webmastertools(), 797); $front->registerPlugin(new Pimcore_Controller_Plugin_Analytics(), 798); $front->registerPlugin(new Pimcore_Controller_Plugin_CssMinify(), 800); $front->registerPlugin(new Pimcore_Controller_Plugin_JavascriptMinify(), 801); $front->registerPlugin(new Pimcore_Controller_Plugin_ImageDataUri(), 803); $front->registerPlugin(new Pimcore_Controller_Plugin_TagManagement(), 804); $front->registerPlugin(new Pimcore_Controller_Plugin_HttpErrorLog(), 850); $front->registerPlugin(new Pimcore_Controller_Plugin_Cache(), 901); // for caching } self::initControllerFront($front); // set router $router = $front->getRouter(); $routeAdmin = new Zend_Controller_Router_Route('admin/:controller/:action/*', array('module' => 'admin', "controller" => "index", "action" => "index")); $routeInstall = new Zend_Controller_Router_Route('install/:controller/:action/*', array('module' => 'install', "controller" => "index", "action" => "index")); $routeUpdate = new Zend_Controller_Router_Route('admin/update/:controller/:action/*', array('module' => 'update', "controller" => "index", "action" => "index")); $routePlugins = new Zend_Controller_Router_Route('admin/plugin/:controller/:action/*', array('module' => 'pluginadmin', "controller" => "index", "action" => "index")); $routeExtensions = new Zend_Controller_Router_Route('admin/extensionmanager/:controller/:action/*', array('module' => 'extensionmanager', "controller" => "index", "action" => "index")); $routeReports = new Zend_Controller_Router_Route('admin/reports/:controller/:action/*', array('module' => 'reports', "controller" => "index", "action" => "index")); $routePlugin = new Zend_Controller_Router_Route('plugin/:module/:controller/:action/*', array("controller" => "index", "action" => "index")); $routeWebservice = new Zend_Controller_Router_Route('webservice/:controller/:action/*', array("module" => "webservice", "controller" => "index", "action" => "index")); $routeSearchAdmin = new Zend_Controller_Router_Route('admin/search/:controller/:action/*', array("module" => "searchadmin", "controller" => "index", "action" => "index")); // website route => custom router which check for a suitable document $routeFrontend = new Pimcore_Controller_Router_Route_Frontend(); $router->addRoute('default', $routeFrontend); // only do this if not frontend => performance issue if (!$frontend) { $router->addRoute("install", $routeInstall); $router->addRoute('plugin', $routePlugin); $router->addRoute('admin', $routeAdmin); $router->addRoute('update', $routeUpdate); $router->addRoute('plugins', $routePlugins); $router->addRoute('extensionmanager', $routeExtensions); $router->addRoute('reports', $routeReports); $router->addRoute('searchadmin', $routeSearchAdmin); if ($conf instanceof Zend_Config and $conf->webservice and $conf->webservice->enabled) { $router->addRoute('webservice', $routeWebservice); } } // check if webdav is configured and add router if ($conf instanceof Zend_Config) { if ($conf->assets->webdav->hostname) { $routeWebdav = new Zend_Controller_Router_Route_Hostname($conf->assets->webdav->hostname, array("module" => "admin", 'controller' => 'asset', 'action' => 'webdav')); $router->addRoute('webdav', $routeWebdav); } } $front->setRouter($router); Pimcore_API_Plugin_Broker::getInstance()->preDispatch(); // throw exceptions also when in preview or in editmode (documents) to see it immediately when there's a problem with this page $throwExceptions = false; if (array_key_exists("pimcore_editmode", $_REQUEST) || array_key_exists("pimcore_preview", $_REQUEST) || array_key_exists("pimcore_admin", $_REQUEST)) { $user = Pimcore_Tool_Authentication::authenticateSession(); if ($user instanceof User) { $throwExceptions = true; } } // run dispatcher if (!PIMCORE_DEBUG && !$throwExceptions && !PIMCORE_DEVMODE) { @ini_set("display_errors", "Off"); @ini_set("display_startup_errors", "Off"); $front->dispatch(); } else { @ini_set("display_errors", "On"); @ini_set("display_startup_errors", "On"); $front->throwExceptions(true); try { $front->dispatch(); } catch (Zend_Controller_Router_Exception $e) { header("HTTP/1.0 404 Not Found"); throw new Zend_Controller_Router_Exception("No route, document, custom route or redirect is matching the request: " . $_SERVER["REQUEST_URI"]); } catch (Exception $e) { header("HTTP/1.0 500 Internal Server Error"); throw $e; } } }
public function installAction() { // try to establish a mysql connection try { $db = Zend_Db::factory($this->_getParam("mysql_adapter"), array('host' => $this->_getParam("mysql_host"), 'username' => $this->_getParam("mysql_username"), 'password' => $this->_getParam("mysql_password"), 'dbname' => $this->_getParam("mysql_database"), "port" => $this->_getParam("mysql_port"))); $db->getConnection(); // check utf-8 encoding $result = $db->fetchRow('SHOW VARIABLES LIKE "character\\_set\\_database"'); if ($result['Value'] != "utf8") { $errors[] = "Database charset is not utf-8"; } } catch (Exception $e) { $errors[] = "Couldn't establish connection to mysql: " . $e->getMessage(); } // check username & password if (strlen($this->_getParam("admin_password")) < 4 || strlen($this->_getParam("admin_username")) < 4) { $errors[] = "Username and password should have at least 4 characters"; } if (empty($errors)) { // write configuration file $settings = array("general" => array("timezone" => "Europe/Berlin", "language" => "en", "validLanguages" => "en", "debug" => "1", "loginscreenimageservice" => "1", "loglevel" => array("debug" => "1", "info" => "1", "notice" => "1", "warning" => "1", "error" => "1", "critical" => "1", "alert" => "1", "emergency" => "1")), "database" => array("adapter" => $this->_getParam("mysql_adapter"), "params" => array("host" => $this->_getParam("mysql_host"), "username" => $this->_getParam("mysql_username"), "password" => $this->_getParam("mysql_password"), "dbname" => $this->_getParam("mysql_database"), "port" => $this->_getParam("mysql_port"))), "documents" => array("versions" => array("steps" => "10"), "default_controller" => "default", "default_action" => "default", "error_pages" => array("default" => "/"), "createredirectwhenmoved" => "", "allowtrailingslash" => "no", "allowcapitals" => "no"), "objects" => array("versions" => array("steps" => "10")), "assets" => array("versions" => array("steps" => "10")), "services" => array(), "cache" => array("excludeCookie" => "pimcore_admin_sid"), "httpclient" => array("adapter" => "Zend_Http_Client_Adapter_Socket")); $config = new Zend_Config($settings, true); $writer = new Zend_Config_Writer_Xml(array("config" => $config, "filename" => PIMCORE_CONFIGURATION_SYSTEM)); $writer->write(); // insert db dump $db = Pimcore_Resource::get(); $mysqlInstallScript = file_get_contents(PIMCORE_PATH . "/modules/install/mysql/install.sql"); // remove comments in SQL script $mysqlInstallScript = preg_replace("/\\s*(?!<\")\\/\\*[^\\*]+\\*\\/(?!\")\\s*/", "", $mysqlInstallScript); // get every command as single part $mysqlInstallScripts = explode(";", $mysqlInstallScript); // execute every script with a separate call, otherwise this will end in a PDO_Exception "unbufferd queries, ..." seems to be a PDO bug after some googling foreach ($mysqlInstallScripts as $m) { $sql = trim($m); if (strlen($sql) > 0) { $sql .= ";"; $db->query($m); } } // get a new database connection $db = Pimcore_Resource::reset(); // insert data into database $db->insert("assets", array("id" => 1, "parentId" => 0, "type" => "folder", "filename" => "", "path" => "/", "creationDate" => time(), "modificationDate" => time(), "userOwner" => 1, "userModification" => 1)); $db->insert("documents", array("id" => 1, "parentId" => 0, "type" => "page", "key" => "", "path" => "/", "index" => 999999, "published" => 1, "creationDate" => time(), "modificationDate" => time(), "userOwner" => 1, "userModification" => 1)); $db->insert("documents_page", array("id" => 1, "controller" => "", "action" => "", "template" => "", "title" => "", "description" => "", "keywords" => "")); $db->insert("objects", array("o_id" => 1, "o_parentId" => 0, "o_type" => "folder", "o_key" => "", "o_path" => "/", "o_index" => 999999, "o_published" => 1, "o_creationDate" => time(), "o_modificationDate" => time(), "o_userOwner" => 1, "o_userModification" => 1)); $db->insert("users", array("parentId" => 0, "name" => "system", "admin" => 1, "active" => 1)); $db->update("users", array("id" => 0), $db->quoteInto("name = ?", "system")); $userPermissions = array(array("key" => "assets"), array("key" => "classes"), array("key" => "clear_cache"), array("key" => "clear_temp_files"), array("key" => "document_types"), array("key" => "documents"), array("key" => "objects"), array("key" => "plugins"), array("key" => "predefined_properties"), array("key" => "routes"), array("key" => "seemode"), array("key" => "system_settings"), array("key" => "thumbnails"), array("key" => "translations"), array("key" => "redirects"), array("key" => "glossary"), array("key" => "reports")); foreach ($userPermissions as $up) { $db->insert("users_permission_definitions", $up); } Pimcore::initConfiguration(); $user = User::create(array("parentId" => 0, "username" => $this->_getParam("admin_username"), "password" => Pimcore_Tool_Authentication::getPasswordHash($this->_getParam("admin_username"), $this->_getParam("admin_password")), "active" => true)); $user->setAdmin(true); $user->save(); $this->_helper->json(array("success" => true)); } else { echo implode("<br />", $errors); die; } }
* * LICENSE * * This source file is subject to the new BSD license that is bundled * with this package in the file LICENSE.txt. * It is also available through the world-wide-web at this URL: * http://www.pimcore.org/license dsf sdaf asdf asdf * * @copyright Copyright (c) 2009-2010 elements.at New Media Solutions GmbH (http://www.elements.at) * @license http://www.pimcore.org/license New BSD License */ $workingDirectory = getcwd(); include "../../../cli/startup.php"; chdir($workingDirectory); // only for logged in users $user = Pimcore_Tool_Authentication::authenticateSession(); if (!$user instanceof User) { die("Authentication failed!"); } $conf = Pimcore_Config::getSystemConfig()->database->params; if (empty($_SERVER["QUERY_STRING"])) { header("Location: /pimcore/modules/3rdparty/adminer/index.php?username="******"&db=" . $conf->dbname); exit; } // adminer plugin function adminer_object() { // required to run any plugin include_once "./plugins/plugin.php"; // autoloader foreach (glob("plugins/*.php") as $filename) {
public function updateCurrentUserAction() { $user = $this->getUser(); if ($user != null) { if ($user->getId() == $this->_getParam("id")) { $values = Zend_Json::decode($this->_getParam("data")); if (!empty($values["password"])) { $values["password"] = Pimcore_Tool_Authentication::getPasswordHash($user->getUsername(), $values["password"]); } $user->setValues($values); $user->save(); $this->_helper->json(array("success" => true)); } else { Logger::warn("prevented save current user, because ids do not match. "); $this->_helper->json(false); } } else { $this->_helper->json(false); } }
public function init() { parent::init(); // log exceptions if handled by error_handler $this->checkForErrors(); // general definitions Pimcore::unsetAdminMode(); Document::setHideUnpublished(true); Object_Abstract::setHideUnpublished(true); Object_Abstract::setGetInheritedValues(true); $adminSession = null; // assign variables $this->view->controller = $this; // init website config $config = Pimcore_Config::getWebsiteConfig(); $this->config = $config; $this->view->config = $config; if (!$this->_getParam("document")) { Zend_Registry::set("pimcore_editmode", false); $this->editmode = false; $this->view->editmode = false; // no document available, continue, ... return; } else { $this->setDocument($this->_getParam("document")); } if ($this->_getParam("pimcore_editmode") || $this->_getParam("pimcore_version") || $this->_getParam("pimcore_preview") || $this->_getParam("pimcore_admin") || $this->_getParam("pimcore_object_preview")) { $specialAdminRequest = true; Pimcore_Tool_Authentication::initSession(); // start admin session $adminSession = new Zend_Session_Namespace("pimcore_admin"); } if (!$this->document->isPublished()) { if ($specialAdminRequest) { if (!$adminSession->user instanceof User) { throw new Exception("access denied for " . $this->document->getFullPath()); } } else { throw new Exception("access denied for " . $this->document->getFullPath()); } } // register global locale if the document has the system property "language" if ($this->document->getProperty("language")) { $locale = new Zend_Locale($this->document->getProperty("language")); Zend_Registry::set('Zend_Locale', $locale); } // for editmode if ($adminSession && $adminSession->user instanceof User) { if ($this->_getParam("pimcore_editmode") and !Zend_Registry::isRegistered("pimcore_editmode")) { Zend_Registry::set("pimcore_editmode", true); // check if there is the document in the session $docKey = "document_" . $this->getDocument()->getId(); $docSession = new Zend_Session_Namespace("pimcore_documents"); if ($docSession->{$docKey}) { // if there is a document in the session use it $this->setDocument($docSession->{$docKey}); } else { // set the latest available version for editmode if there is no doc in the session $latestVersion = $this->getDocument()->getLatestVersion(); if ($latestVersion) { $latestDoc = $latestVersion->loadData(); if ($latestDoc instanceof Document_PageSnippet) { $this->setDocument($latestDoc); } } } // register editmode plugin $front = Zend_Controller_Front::getInstance(); $front->registerPlugin(new Pimcore_Controller_Plugin_Frontend_Editmode($this), 1000); } else { Zend_Registry::set("pimcore_editmode", false); } } else { Zend_Registry::set("pimcore_editmode", false); } // for preview if ($adminSession && $adminSession->user instanceof User) { // document preview if ($this->_getParam("pimcore_preview")) { // get document from session $docKey = "document_" . $this->_getParam("document")->getId(); $docSession = new Zend_Session_Namespace("pimcore_documents"); if ($docSession->{$docKey}) { $this->setDocument($docSession->{$docKey}); } } // object preview if ($this->_getParam("pimcore_object_preview")) { $key = "object_" . $this->_getParam("pimcore_object_preview"); $session = new Zend_Session_Namespace("pimcore_objects"); if ($session->{$key}) { $object = $session->{$key}; // add the object to the registry so every call to Object_Abstract::getById() will return this object instead of the real one Zend_Registry::set("object_" . $object->getId(), $object); } } } // for version preview if ($this->_getParam("pimcore_version")) { if ($adminSession && $adminSession->user instanceof User) { // only get version data at the first call || because of embedded Snippets ... try { Zend_Registry::get("pimcore_version_active"); } catch (Exception $e) { $version = Version::getById($this->_getParam("pimcore_version")); $this->setDocument($version->getData()); Zend_Registry::set("pimcore_version_active", true); } } } // for public versions if ($this->_getParam("v")) { try { $version = Version::getById($this->_getParam("v")); if ($version->getPublic()) { $this->setDocument($version->getData()); } } catch (Exception $e) { } } // set some parameters $this->editmode = Zend_Registry::get("pimcore_editmode"); $this->view->editmode = Zend_Registry::get("pimcore_editmode"); }
public function postDispatch(Zend_Controller_Request_Abstract $request) { // add scripts to editmode $editmodeLibraries = array("/pimcore/static/js/pimcore/namespace.js", "/pimcore/static/js/lib/prototype-light.js", "/pimcore/static/js/lib/jquery-1.7.1.min.js", "/pimcore/static/js/lib/ext/adapter/jquery/ext-jquery-adapter-debug.js", "/pimcore/static/js/lib/ext/ext-all-debug.js", "/pimcore/static/js/lib/ext-plugins/ux/Spinner.js", "/pimcore/static/js/lib/ext-plugins/ux/SpinnerField.js", "/pimcore/static/js/lib/ext-plugins/ux/MultiSelect.js", "/pimcore/static/js/lib/ext-plugins/ux/Portal.js", "/pimcore/static/js/lib/ext-plugins/ux/PortalColumn.js", "/pimcore/static/js/lib/ext-plugins/ux/Portlet.js", "/pimcore/static/js/lib/ext-plugins/GridRowOrder/roworder.js", "/pimcore/static/js/lib/ckeditor/ckeditor.js", "/pimcore/static/js/lib/ckeditor-plugins/pimcore-image.js", "/pimcore/static/js/lib/ckeditor-plugins/pimcore-link.js", "/pimcore/static/js/pimcore/libfixes.js"); $editmodeScripts = array("/pimcore/static/js/pimcore/functions.js", "/pimcore/static/js/pimcore/document/edit/helper.js", "/pimcore/static/js/pimcore/document/edit/dnd.js", "/pimcore/static/js/pimcore/document/tag.js", "/pimcore/static/js/pimcore/document/tags/block.js", "/pimcore/static/js/pimcore/document/tags/date.js", "/pimcore/static/js/pimcore/document/tags/href.js", "/pimcore/static/js/pimcore/document/tags/multihref.js", "/pimcore/static/js/pimcore/document/tags/checkbox.js", "/pimcore/static/js/pimcore/document/tags/image.js", "/pimcore/static/js/pimcore/document/tags/input.js", "/pimcore/static/js/pimcore/document/tags/link.js", "/pimcore/static/js/pimcore/document/tags/select.js", "/pimcore/static/js/pimcore/document/tags/snippet.js", "/pimcore/static/js/pimcore/document/tags/textarea.js", "/pimcore/static/js/pimcore/document/tags/numeric.js", "/pimcore/static/js/pimcore/document/tags/wysiwyg.js", "/pimcore/static/js/pimcore/document/tags/renderlet.js", "/pimcore/static/js/pimcore/document/tags/table.js", "/pimcore/static/js/pimcore/document/tags/video.js", "/pimcore/static/js/pimcore/document/tags/multiselect.js", "/pimcore/static/js/pimcore/document/tags/areablock.js", "/pimcore/static/js/pimcore/document/tags/area.js", "/pimcore/static/js/pimcore/document/edit/helper.js"); $conf = Pimcore_Config::getSystemConfig(); $themeUrl = "/pimcore/static/js/lib/ext/resources/css/xtheme-blue.css"; if ($conf->general->theme) { $themeUrl = $conf->general->theme; } $editmodeStylesheets = array("/pimcore/static/js/lib/ext/resources/css/ext-all.css", $themeUrl, "/pimcore/static/css/icons.css", "/pimcore/static/css/editmode.css", "/pimcore/static/js/lib/ext-plugins/ux/css/Spinner.css", "/pimcore/static/js/lib/ext-plugins/ux/css/MultiSelect.css", "/pimcore/static/js/lib/ext-plugins/ux/css/Portal.css"); //add plugin editmode JS and CSS try { $pluginConfigs = Pimcore_ExtensionManager::getPluginConfigs(); $jsPaths = array(); $cssPaths = array(); if (!empty($pluginConfigs)) { //registering plugins foreach ($pluginConfigs as $p) { if (is_array($p['plugin']['pluginDocumentEditmodeJsPaths']['path'])) { $jsPaths = $p['plugin']['pluginDocumentEditmodeJsPaths']['path']; } else { if ($p['plugin']['pluginDocumentEditmodeJsPaths']['path'] != null) { $jsPaths[0] = $p['plugin']['pluginDocumentEditmodeJsPaths']['path']; } } //manipulate path for frontend if (is_array($jsPaths) and count($jsPaths) > 0) { for ($i = 0; $i < count($jsPaths); $i++) { if (is_file(PIMCORE_PLUGINS_PATH . $jsPaths[$i])) { $jsPaths[$i] = "/plugins" . $jsPaths[$i]; } } } if (is_array($p['plugin']['pluginDocumentEditmodeCssPaths']['path'])) { $cssPaths = $p['plugin']['pluginDocumentEditmodeCssPaths']['path']; } else { if ($p['plugin']['pluginDocumentEditmodeCssPaths']['path'] != null) { $cssPaths[0] = $p['plugin']['pluginDocumentEditmodeCssPaths']['path']; } } //manipulate path for frontend if (is_array($cssPaths) and count($cssPaths) > 0) { for ($i = 0; $i < count($cssPaths); $i++) { if (is_file(PIMCORE_PLUGINS_PATH . $cssPaths[$i])) { $cssPaths[$i] = "/plugins" . $cssPaths[$i]; } } } } } $editmodeScripts = array_merge($editmodeScripts, $jsPaths); $editmodeStylesheets = array_merge($editmodeStylesheets, $cssPaths); } catch (Exception $e) { Logger::alert("there is a problem with the plugin configuration"); Logger::alert($e); } $editmodeHeadHtml = "\n\n\n<!-- pimcore editmode -->\n"; // include stylesheets foreach ($editmodeStylesheets as $sheet) { $editmodeHeadHtml .= '<link rel="stylesheet" type="text/css" href="' . $sheet . '?_dc=' . Pimcore_Version::$revision . '" />'; $editmodeHeadHtml .= "\n"; } // include script libraries foreach ($editmodeLibraries as $script) { $editmodeHeadHtml .= '<script type="text/javascript" src="' . $script . '?_dc=' . Pimcore_Version::$revision . '"></script>'; $editmodeHeadHtml .= "\n"; } // combine the pimcore scripts in non-devmode if ($conf->general->devmode) { foreach ($editmodeScripts as $script) { $editmodeHeadHtml .= '<script type="text/javascript" src="' . $script . '?_dc=' . Pimcore_Version::$revision . '"></script>'; $editmodeHeadHtml .= "\n"; } } else { $scriptContents = ""; foreach ($editmodeScripts as $scriptUrl) { $scriptContents .= file_get_contents(PIMCORE_DOCUMENT_ROOT . $scriptUrl) . "\n\n\n"; } $editmodeHeadHtml .= '<script type="text/javascript" src="' . Pimcore_Tool_Admin::getMinimizedScriptPath($scriptContents) . '?_dc=' . Pimcore_Version::$revision . '"></script>' . "\n"; } $user = Pimcore_Tool_Authentication::authenticateSession(); $lang = $user->getLanguage(); $editmodeHeadHtml .= '<script type="text/javascript" src="/admin/misc/json-translations-system/language/' . $lang . '/?_dc=' . Pimcore_Version::$revision . '"></script>' . "\n"; $editmodeHeadHtml .= '<script type="text/javascript" src="/admin/misc/json-translations-admin/language/' . $lang . '/?_dc=' . Pimcore_Version::$revision . '"></script>' . "\n"; $editmodeHeadHtml .= "\n\n"; // set var for editable configurations which is filled by Document_Tag::admin() $editmodeHeadHtml .= '<script type="text/javascript"> var editableConfigurations = new Array(); var pimcore_document_id = ' . $request->getParam("document")->getId() . '; </script>'; $editmodeHeadHtml .= "\n\n<!-- /pimcore editmode -->\n\n\n"; // add html headers for snippets in editmode, so there is no problem with javascript $body = $this->getResponse()->getBody(); if ($this->controller->editmode && strpos($body, "</body>") === false && !$request->getParam("blockAutoHtml")) { $body = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head></head><body>' . $body . "</body></html>"; $this->getResponse()->setBody($body); } // add scripts in html header for pages in editmode if ($this->controller->editmode && Document_Service::isValidType($this->controller->document->getType())) { //ckogler include_once "simple_html_dom.php"; $body = $this->getResponse()->getBody(); $html = str_get_html($body); if ($html) { if ($head = $html->find("head", 0)) { $head->innertext = $head->innertext . "\n\n" . $editmodeHeadHtml; $bodyElement = $html->find("body", 0); $bodyElement->onunload = "pimcoreOnUnload();"; $bodyElement->innertext = $bodyElement->innertext . "\n\n" . '<script type="text/javascript" src="/pimcore/static/js/pimcore/document/edit/startup.js?_dc=' . Pimcore_Version::$revision . '"></script>' . "\n\n"; $body = $html->save(); $this->getResponse()->setBody($body); } } } }
public function logoutAction() { $adminSession = Pimcore_Tool_Authentication::getSession(); if ($adminSession->user instanceof User) { Pimcore_API_Plugin_Broker::getInstance()->preLogoutUser($adminSession->user); $adminSession->user = null; } Zend_Session::destroy(); // cleanup pimcore-cookies => 315554400 => strtotime('1980-01-01') setcookie("pimcore_opentabs", false, 315554400, "/"); $this->_redirect("/admin/login/"); }
public function updateCurrentUserAction() { $user = $this->getUser(); if ($user != null) { if ($user->getId() == $this->_getParam("id")) { $values = Zend_Json::decode($this->_getParam("data")); unset($values["admin"]); unset($values["permissions"]); unset($values["roles"]); unset($values["active"]); if (!empty($values["new_password"])) { $oldPasswordCheck = false; if (empty($values["old_password"])) { // if the user want to reset the password, the old password isn't required $adminSession = Pimcore_Tool_Authentication::getSession(); if ($adminSession->password_reset) { $oldPasswordCheck = true; } } else { // the password have to match $oldPassword = Pimcore_Tool_Authentication::getPasswordHash($user->getName(), $values["old_password"]); if ($oldPassword == $user->getPassword()) { $oldPasswordCheck = true; } } if ($oldPasswordCheck && $values["new_password"] == $values["retype_password"]) { $values["password"] = Pimcore_Tool_Authentication::getPasswordHash($user->getName(), $values["new_password"]); } else { $this->_helper->json(array("success" => false, "message" => "password_cannot_be_changed")); } } $user->setValues($values); $user->save(); $this->_helper->json(array("success" => true)); } else { Logger::warn("prevented save current user, because ids do not match. "); $this->_helper->json(false); } } else { $this->_helper->json(false); } }