/**
* Gets content panel for the Debugbar
*
* @return string
*/
public function getPanel()
{
$this->_request = Zend_Controller_Front::getInstance()->getRequest();
$viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer');
if ($viewRenderer->view && method_exists($viewRenderer->view, 'getVars')) {
$viewVars = $this->_cleanData($viewRenderer->view->getVars());
} else {
$viewVars = "No 'getVars()' method in view class";
}
$vars = '<div style="width:50%;float:left;">';
$vars .= '<h4>View variables</h4>' . '<div id="ZFDebug_vars" style="margin-left:-22px">' . $viewVars . '</div>' . '<h4>Request parameters</h4>' . '<div id="ZFDebug_requests" style="margin-left:-22px">' . $this->_cleanData($this->_request->getParams()) . '</div>';
$vars .= '</div><div style="width:45%;float:left;">';
if ($this->_request->isPost()) {
$vars .= '<h4>Post variables</h4>' . '<div id="ZFDebug_post" style="margin-left:-22px">' . $this->_cleanData($this->_request->getPost()) . '</div>';
}
$vars .= '<h4>Constants</h4>';
$constants = get_defined_constants(true);
ksort($constants['user']);
$vars .= '<div id="ZFDebug_constants" style="margin-left:-22px">' . $this->_cleanData($constants['user']) . '</div>';
$registry = Zend_Registry::getInstance();
$vars .= '<h4>Zend Registry</h4>';
$registry->ksort();
$vars .= '<div id="ZFDebug_registry" style="margin-left:-22px">' . $this->_cleanData($registry) . '</div>';
$cookies = $this->_request->getCookie();
$vars .= '<h4>Cookies</h4>' . '<div id="ZFDebug_cookie" style="margin-left:-22px">' . $this->_cleanData($cookies) . '</div>';
$vars .= '</div><div style="clear:both"> </div>';
return $vars;
}
/**
* Authenticate a user.
* @param Zend_Controller_Request_Abstract $request The current request
* @param Zend_Controller_Response_Abstract $response The current response
* @return Array|Boolean User data, or FALSE
*/
public function authenticate(Zend_Controller_Request_Abstract $request, Zend_Controller_Response_Abstract $response)
{
$authVars = new Garp_Util_Configuration($this->_getAuthVars()->toArray());
$authVars->obligate('model')->obligate('identityColumn')->obligate('credentialColumn')->setDefault('hashMethod', 'MD5')->setDefault('salt', '');
if (!$request->getPost($authVars['identityColumn']) || !$request->getPost($authVars['credentialColumn'])) {
$this->_addError('Insufficient data received');
return false;
}
$identityValue = $request->getPost($authVars['identityColumn']);
$credentialValue = $request->getPost($authVars['credentialColumn']);
$ini = Zend_Registry::get('config');
$sessionColumns = null;
if (!empty($ini->auth->login->sessionColumns)) {
$sessionColumns = $ini->auth->login->sessionColumns;
$sessionColumns = explode(',', $sessionColumns);
}
$model = new Model_AuthLocal();
try {
$result = $model->tryLogin($identityValue, $credentialValue, $authVars, $sessionColumns);
return $result->toArray();
} catch (Garp_Auth_Adapter_Db_UserNotFoundException $e) {
$this->_addError('The email address is not found');
} catch (Garp_Auth_Adapter_Db_InvalidPasswordException $e) {
$this->_addError('The password is invalid');
}
return false;
}
public function process(Zend_Controller_Request_Abstract $request)
{
//echo "<br/>here at process.";
$this->name = $this->sanitize($request->getPost('name'));
$this->name = substr($this->name, 0, 255);
if (strlen($this->name) == 0) {
$this->addError('name', 'Please enter a name for this general membership due');
//this is a giving FormProcessor.php function.
}
$this->price = $this->sanitize(trim($request->getPost('price')));
//echo "<br/>your ticket_price is: ".$this->ticket_price;
if ($this->price == 'FREE') {
//echo "<br/>after ticket_price";
$this->price = (int) 0;
//echo "<br/>after ticket_price is: ".$this->ticket_price;
}
if (!is_numeric($this->price)) {
$this->addError('price', 'Please enter a valid product price');
}
$this->content = FormProcessor_BlogPost::cleanHtml($request->getPost('content'));
//echo "<br/>you are at after clean HTML";
if (!$this->hasError()) {
echo "<br/>you are at no error";
$this->objects->profile->name = $this->name;
$this->objects->profile->price = $this->price;
$this->objects->profile->content = $this->content;
//echo "<br/>you are at before save()";
$this->objects->Save();
}
//echo "<br/>you are at before return";
return !$this->hasError();
}
public function process(Zend_Controller_Request_Abstract $request)
{
//validate the user's name
$this->product_types_id = $this->sanitize($request->getPost('id'));
//sanitize uses FormProcessor's zend_filter funciton to clean strings.
if (strlen($this->product_types_id) == 0) {
echo 'length is: ' . strlen($this->product_types_id);
//echo 'request measurmrent-name is: '.$request->getPost('size_name');
$this->addError('product_types_id', 'Please enter the beginning size');
echo 'here at size_name errorasdfasdf';
} else {
$this->colors->product_types_id = $this->product_types_id;
}
$this->name_of_color = $this->sanitize($request->getPost('name_of_color'));
//sanitize uses FormProcessor's zend_filter funciton to clean strings.
if (strlen($this->name_of_color) == 0) {
echo 'length is: ' . strlen($this->name_of_color);
//echo 'request measurmrent-name is: '.$request->getPost('size_name');
$this->addError('name_of_color', 'Please enter the beginning size');
echo 'here at size_name errorasdfasdf';
} else {
$this->colors->name_of_color = $this->name_of_color;
}
$this->price_of_product = $this->sanitize($request->getPost('price_of_product'));
//sanitize uses FormProcessor's zend_filter funciton to clean strings.
if (strlen($this->price_of_product) == 0) {
echo 'length is: ' . strlen($this->price_of_product);
//echo 'request measurmrent-name is: '.$request->getPost('size_name');
$this->addError('price_of_product', 'Please enter the beginning size');
echo 'here at size_name errorasdfasdf';
} else {
$this->colors->price_of_product = $this->price_of_product;
}
$this->discount_price = $this->sanitize($request->getPost('discount_price'));
//sanitize uses FormProcessor's zend_filter funciton to clean strings.
if (strlen($this->discount_price) == 0) {
echo 'length is: ' . strlen($this->discount_price);
//echo 'request measurmrent-name is: '.$request->getPost('size_name');
$this->addError('discount_price', 'Please enter the beginning size');
echo 'here at size_name errorasdfasdf';
} else {
$this->colors->discount_price = $this->discount_price;
}
$this->multiple_price = $this->sanitize($request->getPost('multiple_price'));
//sanitize uses FormProcessor's zend_filter funciton to clean strings.
if (strlen($this->multiple_price) == 0) {
echo 'length is: ' . strlen($this->multiple_price);
//echo 'request measurmrent-name is: '.$request->getPost('size_name');
$this->addError('multiple_price', 'Please enter the beginning size');
echo 'here at size_name errorasdfasdf';
} else {
$this->colors->multiple_price = $this->multiple_price;
}
if (!$this->_validateOnly && !$this->hasError()) {
$this->productType->save();
}
//return true if no errors have occurred
return !$this->hasError();
}
/**
* Enter description here...
*
* @param Zend_Controller_Request_Abstract $request
*/
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
// ziskame instanci redirector helperu, ktery ma starosti presmerovani
$redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector');
$auth = Zend_Auth::getInstance();
// Stav o autentifikaci uzivatele (prihlaseni) se musi nekde udrzovat, vychozi zpusob je session
// u session lze nastavit namespace, vychozi je Zend_Auth
//$auth->setStorage(new Zend_Auth_Storage_Session('My_Auth'));
if ($request->getParam('logout')) {
// detekovano odhlaseni
$auth->clearIdentity();
// kvuli bezpecnosti provedeme presmerovani
$redirector->gotoSimpleAndExit($this->failedAction, $this->failedController);
}
if ($request->getPost('login')) {
$db = Zend_Db_Table::getDefaultAdapter();
// Vytvarime instance adapteru pro autentifikaci
// nastavime parametry podle naseho nazvu tabulky a sloupcu
// treatment obsahuje pripadne pouzitou hashovaci funkci pro heslo, napr. SHA1
$adapter = new Zend_Auth_Adapter_DbTable($db, $this->tableName, $this->identityColumn, $this->credentialColumn, $this->treatment);
$form = new LoginForm();
// validace se nezdari, napr. prazdny formular
if (!$form->isValid($request->getPost())) {
// FlashMessenger slouzi k uchovani zprav v session
$flash = Zend_Controller_Action_HelperBroker::getStaticHelper('FlashMessenger');
$flash->clearMessages();
$flash->addMessage('Please fill the login form');
$redirector->gotoSimpleAndExit($this->failedAction, $this->failedController, null, array('login-failed' => 1));
}
$username = $form->getValue($this->loginField);
$password = $form->getValue($this->passwordField);
// přidáme salt
$password = "******" . $password;
// jmeno a heslo predame adapteru
$adapter->setIdentity($username);
$adapter->setCredential($password);
// obecny proces autentifikace s libovolnym adapterem
$result = $auth->authenticate($adapter);
if ($auth->hasIdentity()) {
// Uzivatel byl uspesne overen a je prihlasen
// identity obsahuje v nasem pripade ID uzivatele z databaze
$identity = $auth->getIdentity();
// presmerujeme
$redirector->gotoSimpleAndExit($this->successAction, $this->successController);
} else {
// autentifikace byla neuspesna
// FlashMessenger slouzi k uchovani zprav v session
$flash = Zend_Controller_Action_HelperBroker::getStaticHelper('FlashMessenger');
// vlozime do session rovnou chybove hlasky, ktere pak predame do view
foreach ($result->getMessages() as $msg) {
$flash->addMessage($msg);
}
$redirector->gotoSimpleAndExit($this->failedAction, $this->failedController, null, array('login-failed' => 1));
}
}
}
/**
* Get post data in a form of array ...
*/
public function getPostData()
{
$data = array();
foreach ($_POST as $key => $value) {
if (!in_array($key, $this->_skipFields)) {
$data[$key] = $this->_request->getPost($key);
}
}
return $data;
}
public function process(Zend_Controller_Request_Abstract $request)
{
// validate the username
$this->username = trim($request->getPost('username'));
if (strlen($this->username) == 0) {
$this->addError('username', 'Please enter a username');
} else {
if (!DatabaseObject_User::IsValidUsername($this->username)) {
$this->addError('username', 'Please enter a valid username');
} else {
if ($this->user->usernameExists($this->username)) {
$this->addError('username', 'The selected username already exists');
} else {
$this->user->username = $this->username;
}
}
}
// validate first and last name
$this->first_name = $this->sanitize($request->getPost('first_name'));
if (strlen($this->first_name) == 0) {
$this->addError('first_name', 'Please enter your first name');
} else {
$this->user->profile->first_name = $this->first_name;
}
$this->last_name = $this->sanitize($request->getPost('last_name'));
if (strlen($this->last_name) == 0) {
$this->addError('last_name', 'Please enter your last name');
} else {
$this->user->profile->last_name = $this->last_name;
}
// validate the e-mail address
$this->email = $this->sanitize($request->getPost('email'));
$validator = new Zend_Validate_EmailAddress();
if (strlen($this->email) == 0) {
$this->addError('email', 'Please enter your e-mail address');
} else {
if (!$validator->isValid($this->email)) {
$this->addError('email', 'Please enter a valid e-mail address');
} else {
$this->user->profile->email = $this->email;
}
}
// validate CAPTCHA phrase
$session = new Zend_Session_Namespace('captcha');
$this->captcha = $this->sanitize($request->getPost('captcha'));
if ($this->captcha != $session->phrase) {
$this->addError('captcha', 'Please enter the correct phrase');
}
if (!$this->_validateOnly && !$this->hasError()) {
$this->user->save();
unset($session->phrase);
}
return !$this->hasError();
}
/**
* Gets content panel for the Debugbar
*
* @return string
*/
public function getPanel()
{
$this->_request = Zend_Controller_Front::getInstance()->getRequest();
$viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer');
$viewVars = $viewRenderer->view->getVars();
$vars = '';
if ($this->_request->isPost()) {
$vars .= '<h4>$_POST</h4>' . '<div id="Centurion_ZFDebug_post">' . $this->_cleanData($this->_request->getPost()) . '</div>';
}
$vars .= '<h4>$_COOKIE</h4>' . '<div id="Centurion_ZFDebug_cookie">' . $this->_cleanData($this->_request->getCookie()) . '</div>' . '<h4>Request</h4>' . '<div id="Centurion_ZFDebug_requests">' . $this->_cleanData($this->_request->getParams()) . '</div>' . '<h4>View vars</h4>' . '<div id="Centurion_ZFDebug_vars">' . $this->_cleanData($viewVars) . '</div>';
return $vars;
}
/**
* Called before Zend_Controller_Front begins evaluating the
* request against its routes.
*
* @param AbstractRequest $request
* @return void
*/
public function routeStartup(AbstractRequest $request)
{
if (!$request instanceof HttpRequest) {
return;
}
if ($request->getQuery('monitor') === 'x' && $request->isXmlHttpRequest()) {
$message = "A javascript error was detected.\n" . "================================\n" . 'Message: ' . $request->getPost('message', '') . "\n" . 'URI: ' . $request->getPost('errorUrl', 'unknown') . "\n" . 'Line: ' . $request->getPost('errorLine', 'unknown') . "\n";
Zend_Registry::get('monitor')->writeLog($message, Zend_Log::WARN, 'javascript-error');
// Immediately return empty response
$this->getResponse()->setBody('')->sendResponse();
exit;
}
}
public function process(Zend_Controller_Request_Abstract $request)
{
$this->description = $this->sanitize($request->getPost('description'));
$this->longitude = $request->getPost('longitude');
$this->latitude = $request->getPost('latitude');
if (!$this->hasError()) {
$this->location->description = $this->description;
$this->location->longitude = $this->longitude;
$this->location->latitude = $this->latitude;
$this->location->save();
}
return !$this->hasError();
}
public function process(Zend_Controller_Request_Abstract $request)
{
//echo "<br/>here at process.";
$this->title = $this->sanitize($request->getPost('username'));
$this->title = substr($this->title, 0, 255);
if (strlen($this->title) == 0) {
$this->addError('title', 'Please enter a title for this post');
//this is a giving FormProcessor.php function.
}
$this->title_link = $this->sanitize($request->getPost('title_link'));
//echo "the current year is: ".$request->getPost('ts_createdYear');
//echo "the current month is: ".$request->getPost('ts_createdMonth');
$date = array('y' => (int) $request->getPost('ts_createdYear'), 'm' => (int) $request->getPost('ts_createdMonth'), 'd' => (int) $request->getPost('ts_createdDay'));
$time = array('h' => (int) $request->getPost('ts_createdHour'), 'm' => (int) $request->getPost('ts_createdMinute'));
$time['h'] = max(1, min(12, $time['h']));
$time['m'] = max(0, min(59, $time['m']));
$meridian = strtolower($request->getPost('ts_createdMeridian'));
if ($meridian != 'pm') {
$meridian = 'am';
}
//conver the hour into 23 hour time
if ($time['h'] < 12 && $meridian == 'pm') {
$time['h'] += 12;
} else {
if ($time['h'] == 12 && $meridian == 'am') {
$time['h'] = 0;
}
}
if (!checkDate($date['m'], $date['d'], $date['y'])) {
$this->addError('ts_created', 'Please select a valid date');
}
$this->ts_created = mktime($time['h'], $time['m'], 0, $date['m'], $date['d'], $date['y']);
//echo "the time that is created is: ".date('Y-m-d', $this->ts_created);
$this->content = self::cleanHtml($request->getPost('content'));
//echo "<br/>here before there is error().";
if (!$this->hasError()) {
$this->post->profile->title = $this->title;
$this->post->ts_created = $this->ts_created;
$this->post->profile->content = $this->content;
$this->post->profile->title_link = $this->title_link;
$preview = !is_null($request->getPost('preview'));
if (!$preview) {
$this->post->sendLive();
}
$this->post->save();
}
return !$this->hasError();
}
/**
* Authenticate a user.
* @param Zend_Controller_Request_Abstract $request The current request
* @param Zend_Controller_Response_Abstract $response The current response
* @return Array|Boolean User data, or FALSE
*/
public function authenticate(Zend_Controller_Request_Abstract $request, Zend_Controller_Response_Abstract $response)
{
if ($request->getPost('openid_identifier') || $request->getParam('openid_mode')) {
$sreg = $this->getSreg();
$openIdAdapter = new Zend_Auth_Adapter_OpenId($request->getPost('openid_identifier'), null, null, null, $sreg);
$result = $openIdAdapter->authenticate();
if ($result->isValid()) {
return $this->_getUserData($result->getIdentity(), $sreg->getProperties());
} else {
$errors = $result->getMessages();
array_walk($errors, array($this, '_addError'));
}
}
$this->_addError('Insufficient data received');
return false;
}
/**
* Gets content panel for the Debugbar
*
* @return string
*/
public function getPanel()
{
$this->_request = Zend_Controller_Front::getInstance()->getRequest();
$viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer');
if ($viewRenderer->view && method_exists($viewRenderer->view, 'getVars')) {
$viewVars = $this->_cleanData($viewRenderer->view->getVars());
} else {
$viewVars = "Pas de méthode 'getVars()' dans l\\'objet vue";
}
$vars = '';
if ($this->_request->isPost()) {
$vars .= '<h4>Superglobale $_POST</h4>' . '<div id="ZFDebug_post">' . $this->_cleanData($this->_request->getPost()) . '</div>';
}
$vars .= '<h4>Superglobale $_COOKIE</h4>' . '<div id="ZFDebug_cookie">' . $this->_cleanData($this->_request->getCookie()) . '</div>' . '<h4>Paramètres de l\'objet Request</h4>' . '<div id="ZFDebug_requests">' . $this->_cleanData($this->_request->getParams()) . '</div>' . '<h4>Variables de vue (Zend_View)</h4>' . '<div id="ZFDebug_vars">' . $viewVars . '</div>';
return $vars;
}
/**
* editAction
* @author Cornelius Hansjakob <*****@*****.**>
* @version 1.0
*/
public function editAction()
{
$this->core->logger->debug('propterties->controllers->CategoryController->editAction()');
$this->getForm($this->core->sysConfig->generic->actions->edit);
/**
* get form title
*/
$this->view->formtitle = $this->objForm->Setup()->getFormTitle();
$this->view->languageOptions = HtmlOutput::getOptionsOfSQL($this->core, 'SELECT id AS VALUE, languageCode AS DISPLAY FROM languages', $this->objForm->Setup()->getLanguageId());
if ($this->objRequest->isPost() && $this->objRequest->isXmlHttpRequest()) {
$arrFormData = $this->objRequest->getPost();
$this->objForm->Setup()->setFieldValues($arrFormData);
/**
* set action
*/
$this->objForm->setAction('/zoolu/properties/category/edit');
/**
* prepare form (add fields and region to the Zend_Form)
*/
$this->objForm->prepareForm();
if ($this->objForm->isValid($arrFormData)) {
$this->objForm->saveFormData();
$this->view->blnShowFormAlert = true;
}
}
$this->view->form = $this->objForm;
$this->renderScript('category/form.phtml');
}
/**
* Called before Zend_Controller_Front calls on the router to evaluate the
* request against the registered routes
*
* @param Zend_Controller_Request_Abstract $request
*/
public function routeStartup(Zend_Controller_Request_Abstract $request)
{
if ($request instanceof Zend_Controller_Request_Http) {
if ($request->isPost() || $request->isPut()) {
$post = $request->getPost();
if (empty($post) && empty($_FILES)) {
// Get maximum size and meassurement unit
$max = ini_get('post_max_size');
$unit = substr($max, -1);
if (!is_numeric($unit)) {
$max = substr($max, 0, -1);
}
// Convert to bytes
switch (strtoupper($unit)) {
case 'G':
$max *= 1024;
case 'M':
$max *= 1024;
case 'K':
$max *= 1024;
}
$length = $request->getServer('CONTENT_LENGTH');
if ($max < $length) {
if (!empty($this->_callback)) {
call_user_func($this->_callback, $request);
} else {
$e = new Zend_Controller_Exception('Maximum content length size (' . $max . ') exceeded', 1000);
$this->getResponse()->setException($e);
}
}
}
}
}
}
protected function _login(Zend_Controller_Request_Abstract $request)
{
$userLogin = $request->getPost('login');
$userName = trim($userLogin['alias']);
$userPass = trim($userLogin['pass']);
if ($userName == '') {
$this->_exceptions[] = self::NO_USERNAME;
return false;
}
if ($userPass == '') {
$this->_exceptions[] = self::NO_PASSWORD;
return false;
}
$auth = Zend_Auth::getInstance();
$adapter = new Showcase_Auth_Adapter($userName, $userPass);
$result = $auth->authenticate($adapter);
if ($result) {
if ($result->getCode() !== Zend_Auth_Result::SUCCESS) {
// Let form know that login has failed...
$this->_exceptions[] = self::LOGIN_FAILED;
return false;
}
// YAY! Authentication was a success
return true;
}
return false;
}
/**
* Authenticate a user.
*
* @param Zend_Controller_Request_Abstract $request The current request
* @param Zend_Controller_Response_Abstract $response The current response
* @return array|bool User data,
* or FALSE when no user is logged in yet
*/
public function authenticate(Zend_Controller_Request_Abstract $request, Zend_Controller_Response_Abstract $response)
{
if (!$request->isPost()) {
return $this->acceptToken($request->getParam('token'), $request->getParam('uid'));
}
$this->requestToken($request->getPost());
return false;
}
/**
* Gets content panel for the Debugbar
*
* @return string
*/
public function getPanel()
{
$this->_request = Zend_Controller_Front::getInstance()->getRequest();
$viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer');
if ($viewRenderer->view && method_exists($viewRenderer->view, 'getVars')) {
$viewVars = $this->_cleanData($viewRenderer->view->getVars());
} else {
$viewVars = "No 'getVars()' method in view class";
}
// $front = Zend_Controller_Front::getInstance();
$vars = '';
if ($this->_request->isPost()) {
$vars .= '<h4>$_POST</h4>' . '<div id="ZFDebug_post">' . $this->_cleanData($this->_request->getPost()) . '</div>';
}
$vars .= '<h4>$_COOKIE</h4>' . '<div id="ZFDebug_cookie">' . $this->_cleanData($this->_request->getCookie()) . '</div>' . '<h4>Request</h4>' . '<div id="ZFDebug_requests">' . $this->_cleanData($this->_request->getParams()) . '</div>' . '<h4>View vars</h4>' . '<div id="ZFDebug_vars">' . $viewVars . '</div>';
return $vars;
}
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
$req = array('GET' => $request->getQuery(), 'POST' => $request->getPost(), 'COOKIE' => $request->getCookie(), 'PARAMS' => $request->getUserParams());
$init = IDS_Init::init(APPLICATION_PATH . '/configs/phpids.ini');
$ids = new IDS_Monitor($req, $init);
$result = $ids->run();
if (!$result->isEmpty()) {
$compositeLog = new IDS_Log_Composite();
$compositeLog->addLogger(IDS_Log_File::getInstance($init));
$compositeLog->execute($result);
}
}
public function process(Zend_Controller_Request_Abstract $request)
{
//validate the user's name
$this->attribute_name = $this->sanitize($request->getPost('attribute_name'));
//sanitize uses FormProcessor's zend_filter funciton to clean strings.
if (strlen($this->attribute_name) == 0) {
echo 'length is: ' . strlen($this->attribute_name);
//echo 'request measurmrent-name is: '.$request->getPost('size_name');
$this->addError('size_name', 'Please enter the beginning size');
echo 'here at size_name errorasdfasdf';
} else {
$this->SizeAttribute->attribute_name = $this->attribute_name;
}
$this->size_name = $this->sanitize($request->getPost('size_name'));
//sanitize uses FormProcessor's zend_filter funciton to clean strings.
if (strlen($this->size_name) == 0) {
echo 'length is: ' . strlen($this->size_name);
//echo 'request measurmrent-name is: '.$request->getPost('size_name');
$this->addError('size_name', 'Please enter the beginning size');
echo 'here at size_name errorasdfasdf';
} else {
$this->SizeAttribute->size_name = $this->size_name;
}
$this->price_adjustment = $this->sanitize($request->getPost('price_adjustment'));
//sanitize uses FormProcessor's zend_filter funciton to clean strings.
if (strlen($this->price_adjustment) == 0) {
$this->addError('price_adjustment', 'Please enter the price_adjustment');
echo 'here at price_adjustment error';
} else {
$this->SizeAttribute->price_adjustment = $this->price_adjustment;
}
//echo $request->getPost('clubAdmin');
//$this->user->user_type = $request->getPost('clubAdmin');
//if no erros have occured, save the user
if (!$this->_validateOnly && !$this->hasError()) {
$this->SizeAttribute->save();
}
//return true if no errors have occurred
return !$this->hasError();
}
/**
* Validate every call against CSRF if it's a POST call
* and there's an available token on the session.
* */
public function routeShutdown(Zend_Controller_Request_Abstract $request)
{
// Avoid error override! :S
if (count($this->getResponse()->getException())) {
return;
}
$auth = Zend_Auth::getInstance();
$identity = $auth->getIdentity();
$byPassMethods = array(App_Controller_Plugin_Auth::AUTH_TYPE_LOST_PASSWORD, App_Controller_Plugin_Auth::AUTH_TYPE_ASYNC, App_Controller_Plugin_Auth::AUTH_TYPE_EXTERNAL, App_Controller_Plugin_Auth::AUTH_TYPE_THIRD_PARTY);
$byPassModules = array('async', 'external', 'externalr12', 'thirdparty');
//Bypass some auth methods
if (in_array($request->module, $byPassModules) || $identity['authType'] && in_array($identity['authType'], $byPassMethods)) {
return;
}
$session = new Zend_Session_Namespace('csrf');
if (empty($session->token)) {
// Generate a new CSRF token and save it on the session
\App::log()->info("Session token empty, generating new CSRF token...");
$session->token = $this->_generateToken();
}
// Return the token on an HTTP header
$resp = $this->getResponse();
$resp->setHeader('X-CSRF-Token', $session->token);
// Don't do anything if it's a GET request
if ($request->isGet()) {
return;
}
$post = $request->getPost();
if (empty($post) && empty($_FILES)) {
$max = ini_get('post_max_size');
$length = $request->getServer('CONTENT_LENGTH');
if ($max < $length) {
return;
}
}
// Try to get the CSRF token from frontend
if (!($csrfToken = $this->_getFrontendToken($request))) {
$message = 'Possible CSRF attack: CSRF token not found on request';
$this->_throwError($request, $message);
return;
}
// Disable plugin for dev environment
if (App::config('csrf.disabled', false) && $csrfToken == 'dev') {
return true;
}
// If tokens don't match log a possible CSRF attack a throw an exception
if ($session->token != $csrfToken) {
$message = 'Possible CSRF attack: BE and FE tokens don\'t match';
$this->_throwError($request, $message);
return;
}
}
/**
* Performs CSRF protection checks before dispatching occurs
* @param Zend_Controller_Request_Abstract $request
*/
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
$this->_initializeTokens();
if ($request->isPost() === true && $this->_autoProtect) {
if (empty($this->_previousToken)) {
throw new RuntimeException('A possible CSRF attack detected - no token received');
}
$value = $request->getPost($this->_keyName);
if (!$this->isValidToken($value)) {
throw new RuntimeException('A possible CSRF attack detected - tokens do not match');
}
}
}
/**
* deleteAction
* @author Daniel Rotter <*****@*****.**>
* @version 1.0
*/
public function deleteAction()
{
$this->core->logger->debug('widgets->blog->CommentController->deleteAction');
$this->_helper->viewRenderer->setNoRender();
try {
if ($this->objRequest->getPost() && $this->objRequest->isXmlHttpRequest()) {
$this->getModelBlogEntryComment()->deleteBlogEntryComment($this->objRequest->getParam('id'));
}
} catch (Exception $exc) {
$this->core->logger->err($exc);
exit;
}
}
/**
* editAction
* @author Cornelius Hansjakob <*****@*****.**>
* @version 1.0
*/
public function editAction()
{
$this->core->logger->debug('core->controllers->FolderController->editAction()');
$this->getForm($this->core->sysConfig->generic->actions->edit);
$this->addFolderSpecificFormElements();
/**
* get form title
*/
$this->view->formtitle = $this->objForm->Setup()->getFormTitle();
if ($this->objRequest->isPost() && $this->objRequest->isXmlHttpRequest()) {
$arrFormData = $this->objRequest->getPost();
$this->objForm->Setup()->setFieldValues($arrFormData);
/**
* prepare form (add fields and region to the Zend_Form)
*/
$this->objForm->prepareForm();
/**
* set action
*/
$this->objForm->setAction('/zoolu/core/folder/edit');
if ($this->objForm->isValid($arrFormData)) {
$this->objForm->saveFormData();
/**
* update start page
*/
if (array_key_exists("rootLevelTypeId", $arrFormData) && $arrFormData["rootLevelTypeId"] == $this->core->sysConfig->root_level_types->portals) {
$intFolderId = $this->objForm->Setup()->getElementId();
$intUserId = Zend_Auth::getInstance()->getIdentity()->id;
$arrProperties = array('idUsers' => $intUserId, 'creator' => $this->objForm->Setup()->getCreatorId(), 'idStatus' => $this->objForm->Setup()->getStatusId(), 'showInNavigation' => $this->objForm->Setup()->getShowInNavigation(), 'changed' => date('Y-m-d H:i:s'));
$arrTitle = array('idUsers' => $intUserId, 'creator' => $this->objForm->Setup()->getCreatorId(), 'title' => $this->objForm->Setup()->getCoreField('title')->getValue(), 'idLanguages' => $this->objForm->Setup()->getLanguageId(), 'changed' => date('Y-m-d H:i:s'));
$this->getModelPages()->updateStartPageMainData($intFolderId, $arrProperties, $arrTitle);
//$this->view->assign('selectNavigationItemNow', true);
//$this->view->assign('itemId', 'folder'.$intFolderId);
}
$this->view->assign('blnShowFormAlert', true);
} else {
$this->view->assign('blnShowFormAlert', false);
}
} else {
/**
* prepare form (add fields and region to the Zend_Form)
*/
$this->objForm->prepareForm();
}
/**
* output of metainformation to hidden div
*/
$this->setViewMetaInfos();
$this->view->form = $this->objForm;
$this->renderScript('folder/form.phtml');
}
/**
* @access public
* @param Zend_Controller_Request_Abstract $request
* @return boolean|null
*/
public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request)
{
if (!$request->isPost()) {
return null;
}
$formHelperToken = $this->getHelper();
$token = $request->getPost($formHelperToken->getTokenKey());
if (!empty($token) && $formHelperToken->hasToken($token)) {
$formHelperToken->removeToken($token);
return true;
}
$this->_checkFailed($request);
return false;
}
public function process(Zend_Controller_Request_Abstract $request)
{
//$this->product_id = $request->getPost('id');
foreach ($request->getPost() as $key => $value) {
echo 'key: ' . $key . ' value: ' . $value . '<br/>';
$v = $this->sanitize($value);
if (substr($key, 0, 4) == 'sys_' && $key != 'generalImages' && $key != 'id') {
$this->{$key} = $v;
$this->inventoryProduct->{$key} = $v;
} elseif ($key != 'generalImages' && $key != 'id') {
$this->inventoryProduct->profile->{$key} = $v;
} else {
$this->{$key} = $value;
}
}
$this->inventoryProduct->product_id = $request->getPost('id');
$this->inventoryProduct->uploader_id = $this->userID;
if (!$this->_validateOnly && !$this->hasError()) {
$this->inventoryProduct->save();
}
//return true if no errors have occurred
return !$this->hasError();
}
public function onSubmit(Zend_Controller_Request_Abstract $request)
{
// Form was valid
if ($this->getForm()->isValid($request->getPost())) {
$this->getSession()->data = $this->getForm()->getProcessedValues();
$this->getSession()->active = false;
$this->onSubmitIsValid();
return true;
} else {
$this->getSession()->active = true;
$this->onSubmitNotIsValid();
return false;
}
}
/**
* editAction
* @author Thomas Schedler <*****@*****.**>
* @version 1.0
*/
public function editAction()
{
$this->core->logger->debug('global->controllers->ElementController->editAction()');
try {
$this->getForm($this->core->sysConfig->generic->actions->edit);
$this->addGlobalSpecificFormElements();
/**
* get form title
*/
$this->view->formtitle = $this->objForm->Setup()->getFormTitle();
if ($this->objRequest->isPost() && $this->objRequest->isXmlHttpRequest()) {
$arrFormData = $this->objRequest->getPost();
$this->objForm->Setup()->setFieldValues($arrFormData);
/**
* prepare form (add fields and region to the Zend_Form)
*/
$this->objForm->prepareForm();
if ($this->objForm->isValid($arrFormData)) {
$this->objForm->saveFormData();
$this->view->assign('blnShowFormAlert', true);
} else {
$this->view->assign('blnShowFormAlert', false);
}
} else {
/**
* prepare form (add fields and region to the Zend_Form)
*/
$this->objForm->prepareForm();
}
/**
* update special field values
*/
$this->objForm->updateSpecificFieldValues();
/**
* set action
*/
$this->objForm->setAction('/zoolu/global/element/edit');
/**
* output of metainformation to hidden div
*/
$this->setViewMetaInfos();
$this->view->form = $this->objForm;
$this->renderScript('element/form.phtml');
} catch (Exception $exc) {
$this->core->logger->err($exc);
exit;
}
}
public function process(Zend_Controller_Request_Abstract $request)
{
//validate the user's name
$this->address_one = $this->sanitize($request->getPost('address_one'));
//sanitize uses FormProcessor's zend_filter funciton to clean strings.
if (strlen($this->address_one) == 0) {
$this->addError('address_one', 'Please enter this address');
} else {
$this->shippingAddress->address_one = $this->address_one;
}
$this->address_two = $this->sanitize($request->getPost('address_two'));
$this->shippingAddress->address_two = $this->address_two;
$this->zip = $this->sanitize($request->getPost('zip'));
if (strlen($this->zip) == 0) {
$this->addError('zip', 'Please enter you zip');
} else {
$this->shippingAddress->zip = strtolower($this->zip);
}
$this->city = $this->sanitize($request->getPost('city'));
if (strlen($this->city) == 0) {
$this->addError('city', 'Please enter you city');
} else {
$this->shippingAddress->city = strtolower($this->city);
}
$this->state = $this->sanitize($request->getPost('state'));
if (strlen($this->state) == 0) {
$this->addError('state', 'Please enter your state');
} else {
$this->shippingAddress->state = strtolower($this->state);
}
$this->country = $this->sanitize($request->getPost('country'));
if (strlen($this->country) == 0) {
$this->addError('country', 'Please enter your country');
} else {
$this->shippingAddress->country = strtolower($this->country);
}
//validating the correct password
//if no erros have occured, save the user
if (!$this->hasError()) {
$this->shippingAddress->save();
//echo 'here at save';
$this->shippingId = $this->shippingAddress->getId();
}
$this->defaultShipping = $this->sanitize($request->getPost('defaultShipping'));
if ($this->defaultShipping != 'on') {
$this->defaultShipping = 'off';
}
//return true if no errors have occurredd
return !$this->hasError();
}
/**
* Performs CSRF protection checks before dispatching occurs
* @param Zend_Controller_Request_Abstract $request
*/
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
$this->_initializeTokens();
if ($request->isPost() === true) {
$this->_error->message = null;
if (empty($this->_previousToken)) {
$this->_error->message = Zend_Registry::get('t')->_('No token received, please re-submit the form');
}
//A possible CSRF attack detected - no token received
$value = $request->getPost($this->_keyName);
if (!$this->isValidToken($value)) {
$this->_error->message = Zend_Registry::get('t')->_('Tokens do not match, please re-submit the form');
}
//A possible CSRF attack detected - tokens do not match
}
}
