Пример #1
0
 /**
  * Gets content panel for the Debugbar
  *
  * @return string
  */
 public function getPanel()
 {
     $this->_request = Zend_Controller_Front::getInstance()->getRequest();
     $viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer');
     if ($viewRenderer->view && method_exists($viewRenderer->view, 'getVars')) {
         $viewVars = $this->_cleanData($viewRenderer->view->getVars());
     } else {
         $viewVars = "No 'getVars()' method in view class";
     }
     $vars = '<div style="width:50%;float:left;">';
     $vars .= '<h4>View variables</h4>' . '<div id="ZFDebug_vars" style="margin-left:-22px">' . $viewVars . '</div>' . '<h4>Request parameters</h4>' . '<div id="ZFDebug_requests" style="margin-left:-22px">' . $this->_cleanData($this->_request->getParams()) . '</div>';
     $vars .= '</div><div style="width:45%;float:left;">';
     if ($this->_request->isPost()) {
         $vars .= '<h4>Post variables</h4>' . '<div id="ZFDebug_post" style="margin-left:-22px">' . $this->_cleanData($this->_request->getPost()) . '</div>';
     }
     $vars .= '<h4>Constants</h4>';
     $constants = get_defined_constants(true);
     ksort($constants['user']);
     $vars .= '<div id="ZFDebug_constants" style="margin-left:-22px">' . $this->_cleanData($constants['user']) . '</div>';
     $registry = Zend_Registry::getInstance();
     $vars .= '<h4>Zend Registry</h4>';
     $registry->ksort();
     $vars .= '<div id="ZFDebug_registry" style="margin-left:-22px">' . $this->_cleanData($registry) . '</div>';
     $cookies = $this->_request->getCookie();
     $vars .= '<h4>Cookies</h4>' . '<div id="ZFDebug_cookie" style="margin-left:-22px">' . $this->_cleanData($cookies) . '</div>';
     $vars .= '</div><div style="clear:both">&nbsp;</div>';
     return $vars;
 }
Пример #2
0
 /**
  * Authenticate a user.
  * @param Zend_Controller_Request_Abstract $request The current request
  * @param Zend_Controller_Response_Abstract $response The current response
  * @return Array|Boolean User data, or FALSE
  */
 public function authenticate(Zend_Controller_Request_Abstract $request, Zend_Controller_Response_Abstract $response)
 {
     $authVars = new Garp_Util_Configuration($this->_getAuthVars()->toArray());
     $authVars->obligate('model')->obligate('identityColumn')->obligate('credentialColumn')->setDefault('hashMethod', 'MD5')->setDefault('salt', '');
     if (!$request->getPost($authVars['identityColumn']) || !$request->getPost($authVars['credentialColumn'])) {
         $this->_addError('Insufficient data received');
         return false;
     }
     $identityValue = $request->getPost($authVars['identityColumn']);
     $credentialValue = $request->getPost($authVars['credentialColumn']);
     $ini = Zend_Registry::get('config');
     $sessionColumns = null;
     if (!empty($ini->auth->login->sessionColumns)) {
         $sessionColumns = $ini->auth->login->sessionColumns;
         $sessionColumns = explode(',', $sessionColumns);
     }
     $model = new Model_AuthLocal();
     try {
         $result = $model->tryLogin($identityValue, $credentialValue, $authVars, $sessionColumns);
         return $result->toArray();
     } catch (Garp_Auth_Adapter_Db_UserNotFoundException $e) {
         $this->_addError('The email address is not found');
     } catch (Garp_Auth_Adapter_Db_InvalidPasswordException $e) {
         $this->_addError('The password is invalid');
     }
     return false;
 }
Пример #3
0
 public function process(Zend_Controller_Request_Abstract $request)
 {
     //echo "<br/>here at process.";
     $this->name = $this->sanitize($request->getPost('name'));
     $this->name = substr($this->name, 0, 255);
     if (strlen($this->name) == 0) {
         $this->addError('name', 'Please enter a name for this general membership due');
         //this is a giving FormProcessor.php function.
     }
     $this->price = $this->sanitize(trim($request->getPost('price')));
     //echo "<br/>your ticket_price is: ".$this->ticket_price;
     if ($this->price == 'FREE') {
         //echo "<br/>after ticket_price";
         $this->price = (int) 0;
         //echo "<br/>after ticket_price is: ".$this->ticket_price;
     }
     if (!is_numeric($this->price)) {
         $this->addError('price', 'Please enter a valid product price');
     }
     $this->content = FormProcessor_BlogPost::cleanHtml($request->getPost('content'));
     //echo "<br/>you are at after clean HTML";
     if (!$this->hasError()) {
         echo "<br/>you are at no error";
         $this->objects->profile->name = $this->name;
         $this->objects->profile->price = $this->price;
         $this->objects->profile->content = $this->content;
         //echo "<br/>you are at before save()";
         $this->objects->Save();
     }
     //echo "<br/>you are at before return";
     return !$this->hasError();
 }
Пример #4
0
 public function process(Zend_Controller_Request_Abstract $request)
 {
     //validate the user's name
     $this->product_types_id = $this->sanitize($request->getPost('id'));
     //sanitize uses FormProcessor's zend_filter funciton to clean strings.
     if (strlen($this->product_types_id) == 0) {
         echo 'length is: ' . strlen($this->product_types_id);
         //echo 'request measurmrent-name is: '.$request->getPost('size_name');
         $this->addError('product_types_id', 'Please enter the beginning size');
         echo 'here at size_name errorasdfasdf';
     } else {
         $this->colors->product_types_id = $this->product_types_id;
     }
     $this->name_of_color = $this->sanitize($request->getPost('name_of_color'));
     //sanitize uses FormProcessor's zend_filter funciton to clean strings.
     if (strlen($this->name_of_color) == 0) {
         echo 'length is: ' . strlen($this->name_of_color);
         //echo 'request measurmrent-name is: '.$request->getPost('size_name');
         $this->addError('name_of_color', 'Please enter the beginning size');
         echo 'here at size_name errorasdfasdf';
     } else {
         $this->colors->name_of_color = $this->name_of_color;
     }
     $this->price_of_product = $this->sanitize($request->getPost('price_of_product'));
     //sanitize uses FormProcessor's zend_filter funciton to clean strings.
     if (strlen($this->price_of_product) == 0) {
         echo 'length is: ' . strlen($this->price_of_product);
         //echo 'request measurmrent-name is: '.$request->getPost('size_name');
         $this->addError('price_of_product', 'Please enter the beginning size');
         echo 'here at size_name errorasdfasdf';
     } else {
         $this->colors->price_of_product = $this->price_of_product;
     }
     $this->discount_price = $this->sanitize($request->getPost('discount_price'));
     //sanitize uses FormProcessor's zend_filter funciton to clean strings.
     if (strlen($this->discount_price) == 0) {
         echo 'length is: ' . strlen($this->discount_price);
         //echo 'request measurmrent-name is: '.$request->getPost('size_name');
         $this->addError('discount_price', 'Please enter the beginning size');
         echo 'here at size_name errorasdfasdf';
     } else {
         $this->colors->discount_price = $this->discount_price;
     }
     $this->multiple_price = $this->sanitize($request->getPost('multiple_price'));
     //sanitize uses FormProcessor's zend_filter funciton to clean strings.
     if (strlen($this->multiple_price) == 0) {
         echo 'length is: ' . strlen($this->multiple_price);
         //echo 'request measurmrent-name is: '.$request->getPost('size_name');
         $this->addError('multiple_price', 'Please enter the beginning size');
         echo 'here at size_name errorasdfasdf';
     } else {
         $this->colors->multiple_price = $this->multiple_price;
     }
     if (!$this->_validateOnly && !$this->hasError()) {
         $this->productType->save();
     }
     //return true if no errors have occurred
     return !$this->hasError();
 }
Пример #5
0
 /**
  * Enter description here...
  *
  * @param Zend_Controller_Request_Abstract $request
  */
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     // ziskame instanci redirector helperu, ktery ma starosti presmerovani
     $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector');
     $auth = Zend_Auth::getInstance();
     // Stav o autentifikaci uzivatele (prihlaseni) se musi nekde udrzovat, vychozi zpusob je session
     // u session lze nastavit namespace, vychozi je Zend_Auth
     //$auth->setStorage(new Zend_Auth_Storage_Session('My_Auth'));
     if ($request->getParam('logout')) {
         // detekovano odhlaseni
         $auth->clearIdentity();
         // kvuli bezpecnosti provedeme presmerovani
         $redirector->gotoSimpleAndExit($this->failedAction, $this->failedController);
     }
     if ($request->getPost('login')) {
         $db = Zend_Db_Table::getDefaultAdapter();
         // Vytvarime instance adapteru pro autentifikaci
         // nastavime parametry podle naseho nazvu tabulky a sloupcu
         // treatment obsahuje pripadne pouzitou hashovaci funkci pro heslo, napr. SHA1
         $adapter = new Zend_Auth_Adapter_DbTable($db, $this->tableName, $this->identityColumn, $this->credentialColumn, $this->treatment);
         $form = new LoginForm();
         // validace se nezdari, napr. prazdny formular
         if (!$form->isValid($request->getPost())) {
             // FlashMessenger slouzi k uchovani zprav v session
             $flash = Zend_Controller_Action_HelperBroker::getStaticHelper('FlashMessenger');
             $flash->clearMessages();
             $flash->addMessage('Please fill the login form');
             $redirector->gotoSimpleAndExit($this->failedAction, $this->failedController, null, array('login-failed' => 1));
         }
         $username = $form->getValue($this->loginField);
         $password = $form->getValue($this->passwordField);
         // přidáme salt
         $password = "******" . $password;
         // jmeno a heslo predame adapteru
         $adapter->setIdentity($username);
         $adapter->setCredential($password);
         // obecny proces autentifikace s libovolnym adapterem
         $result = $auth->authenticate($adapter);
         if ($auth->hasIdentity()) {
             // Uzivatel byl uspesne overen a je prihlasen
             // identity obsahuje v nasem pripade ID uzivatele z databaze
             $identity = $auth->getIdentity();
             // presmerujeme
             $redirector->gotoSimpleAndExit($this->successAction, $this->successController);
         } else {
             // autentifikace byla neuspesna
             // FlashMessenger slouzi k uchovani zprav v session
             $flash = Zend_Controller_Action_HelperBroker::getStaticHelper('FlashMessenger');
             // vlozime do session rovnou chybove hlasky, ktere pak predame do view
             foreach ($result->getMessages() as $msg) {
                 $flash->addMessage($msg);
             }
             $redirector->gotoSimpleAndExit($this->failedAction, $this->failedController, null, array('login-failed' => 1));
         }
     }
 }
Пример #6
0
 /**
  * Get post data in a form of array ...
  */
 public function getPostData()
 {
     $data = array();
     foreach ($_POST as $key => $value) {
         if (!in_array($key, $this->_skipFields)) {
             $data[$key] = $this->_request->getPost($key);
         }
     }
     return $data;
 }
Пример #7
0
 public function process(Zend_Controller_Request_Abstract $request)
 {
     // validate the username
     $this->username = trim($request->getPost('username'));
     if (strlen($this->username) == 0) {
         $this->addError('username', 'Please enter a username');
     } else {
         if (!DatabaseObject_User::IsValidUsername($this->username)) {
             $this->addError('username', 'Please enter a valid username');
         } else {
             if ($this->user->usernameExists($this->username)) {
                 $this->addError('username', 'The selected username already exists');
             } else {
                 $this->user->username = $this->username;
             }
         }
     }
     // validate first and last name
     $this->first_name = $this->sanitize($request->getPost('first_name'));
     if (strlen($this->first_name) == 0) {
         $this->addError('first_name', 'Please enter your first name');
     } else {
         $this->user->profile->first_name = $this->first_name;
     }
     $this->last_name = $this->sanitize($request->getPost('last_name'));
     if (strlen($this->last_name) == 0) {
         $this->addError('last_name', 'Please enter your last name');
     } else {
         $this->user->profile->last_name = $this->last_name;
     }
     // validate the e-mail address
     $this->email = $this->sanitize($request->getPost('email'));
     $validator = new Zend_Validate_EmailAddress();
     if (strlen($this->email) == 0) {
         $this->addError('email', 'Please enter your e-mail address');
     } else {
         if (!$validator->isValid($this->email)) {
             $this->addError('email', 'Please enter a valid e-mail address');
         } else {
             $this->user->profile->email = $this->email;
         }
     }
     // validate CAPTCHA phrase
     $session = new Zend_Session_Namespace('captcha');
     $this->captcha = $this->sanitize($request->getPost('captcha'));
     if ($this->captcha != $session->phrase) {
         $this->addError('captcha', 'Please enter the correct phrase');
     }
     if (!$this->_validateOnly && !$this->hasError()) {
         $this->user->save();
         unset($session->phrase);
     }
     return !$this->hasError();
 }
Пример #8
0
 /**
  * Gets content panel for the Debugbar
  *
  * @return string
  */
 public function getPanel()
 {
     $this->_request = Zend_Controller_Front::getInstance()->getRequest();
     $viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer');
     $viewVars = $viewRenderer->view->getVars();
     $vars = '';
     if ($this->_request->isPost()) {
         $vars .= '<h4>$_POST</h4>' . '<div id="Centurion_ZFDebug_post">' . $this->_cleanData($this->_request->getPost()) . '</div>';
     }
     $vars .= '<h4>$_COOKIE</h4>' . '<div id="Centurion_ZFDebug_cookie">' . $this->_cleanData($this->_request->getCookie()) . '</div>' . '<h4>Request</h4>' . '<div id="Centurion_ZFDebug_requests">' . $this->_cleanData($this->_request->getParams()) . '</div>' . '<h4>View vars</h4>' . '<div id="Centurion_ZFDebug_vars">' . $this->_cleanData($viewVars) . '</div>';
     return $vars;
 }
Пример #9
0
 /**
  * Called before Zend_Controller_Front begins evaluating the
  * request against its routes.
  *
  * @param AbstractRequest $request
  * @return void
  */
 public function routeStartup(AbstractRequest $request)
 {
     if (!$request instanceof HttpRequest) {
         return;
     }
     if ($request->getQuery('monitor') === 'x' && $request->isXmlHttpRequest()) {
         $message = "A javascript error was detected.\n" . "================================\n" . 'Message: ' . $request->getPost('message', '') . "\n" . 'URI: ' . $request->getPost('errorUrl', 'unknown') . "\n" . 'Line: ' . $request->getPost('errorLine', 'unknown') . "\n";
         Zend_Registry::get('monitor')->writeLog($message, Zend_Log::WARN, 'javascript-error');
         // Immediately return empty response
         $this->getResponse()->setBody('')->sendResponse();
         exit;
     }
 }
Пример #10
0
 public function process(Zend_Controller_Request_Abstract $request)
 {
     $this->description = $this->sanitize($request->getPost('description'));
     $this->longitude = $request->getPost('longitude');
     $this->latitude = $request->getPost('latitude');
     if (!$this->hasError()) {
         $this->location->description = $this->description;
         $this->location->longitude = $this->longitude;
         $this->location->latitude = $this->latitude;
         $this->location->save();
     }
     return !$this->hasError();
 }
Пример #11
0
 public function process(Zend_Controller_Request_Abstract $request)
 {
     //echo "<br/>here at process.";
     $this->title = $this->sanitize($request->getPost('username'));
     $this->title = substr($this->title, 0, 255);
     if (strlen($this->title) == 0) {
         $this->addError('title', 'Please enter a title for this post');
         //this is a giving FormProcessor.php function.
     }
     $this->title_link = $this->sanitize($request->getPost('title_link'));
     //echo "the current year is: ".$request->getPost('ts_createdYear');
     //echo "the current month is: ".$request->getPost('ts_createdMonth');
     $date = array('y' => (int) $request->getPost('ts_createdYear'), 'm' => (int) $request->getPost('ts_createdMonth'), 'd' => (int) $request->getPost('ts_createdDay'));
     $time = array('h' => (int) $request->getPost('ts_createdHour'), 'm' => (int) $request->getPost('ts_createdMinute'));
     $time['h'] = max(1, min(12, $time['h']));
     $time['m'] = max(0, min(59, $time['m']));
     $meridian = strtolower($request->getPost('ts_createdMeridian'));
     if ($meridian != 'pm') {
         $meridian = 'am';
     }
     //conver the hour into 23 hour time
     if ($time['h'] < 12 && $meridian == 'pm') {
         $time['h'] += 12;
     } else {
         if ($time['h'] == 12 && $meridian == 'am') {
             $time['h'] = 0;
         }
     }
     if (!checkDate($date['m'], $date['d'], $date['y'])) {
         $this->addError('ts_created', 'Please select a valid date');
     }
     $this->ts_created = mktime($time['h'], $time['m'], 0, $date['m'], $date['d'], $date['y']);
     //echo "the time that is created is: ".date('Y-m-d', $this->ts_created);
     $this->content = self::cleanHtml($request->getPost('content'));
     //echo "<br/>here before there is error().";
     if (!$this->hasError()) {
         $this->post->profile->title = $this->title;
         $this->post->ts_created = $this->ts_created;
         $this->post->profile->content = $this->content;
         $this->post->profile->title_link = $this->title_link;
         $preview = !is_null($request->getPost('preview'));
         if (!$preview) {
             $this->post->sendLive();
         }
         $this->post->save();
     }
     return !$this->hasError();
 }
Пример #12
0
 /**
  * Authenticate a user.
  * @param Zend_Controller_Request_Abstract $request The current request
  * @param Zend_Controller_Response_Abstract $response The current response
  * @return Array|Boolean User data, or FALSE
  */
 public function authenticate(Zend_Controller_Request_Abstract $request, Zend_Controller_Response_Abstract $response)
 {
     if ($request->getPost('openid_identifier') || $request->getParam('openid_mode')) {
         $sreg = $this->getSreg();
         $openIdAdapter = new Zend_Auth_Adapter_OpenId($request->getPost('openid_identifier'), null, null, null, $sreg);
         $result = $openIdAdapter->authenticate();
         if ($result->isValid()) {
             return $this->_getUserData($result->getIdentity(), $sreg->getProperties());
         } else {
             $errors = $result->getMessages();
             array_walk($errors, array($this, '_addError'));
         }
     }
     $this->_addError('Insufficient data received');
     return false;
 }
Пример #13
0
 /**
  * Gets content panel for the Debugbar
  *
  * @return string
  */
 public function getPanel()
 {
     $this->_request = Zend_Controller_Front::getInstance()->getRequest();
     $viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer');
     if ($viewRenderer->view && method_exists($viewRenderer->view, 'getVars')) {
         $viewVars = $this->_cleanData($viewRenderer->view->getVars());
     } else {
         $viewVars = "Pas de m&eacute;thode 'getVars()' dans l\\'objet vue";
     }
     $vars = '';
     if ($this->_request->isPost()) {
         $vars .= '<h4>Superglobale $_POST</h4>' . '<div id="ZFDebug_post">' . $this->_cleanData($this->_request->getPost()) . '</div>';
     }
     $vars .= '<h4>Superglobale $_COOKIE</h4>' . '<div id="ZFDebug_cookie">' . $this->_cleanData($this->_request->getCookie()) . '</div>' . '<h4>Param&egrave;tres de l\'objet Request</h4>' . '<div id="ZFDebug_requests">' . $this->_cleanData($this->_request->getParams()) . '</div>' . '<h4>Variables de vue (Zend_View)</h4>' . '<div id="ZFDebug_vars">' . $viewVars . '</div>';
     return $vars;
 }
 /**
  * editAction
  * @author Cornelius Hansjakob <*****@*****.**>
  * @version 1.0
  */
 public function editAction()
 {
     $this->core->logger->debug('propterties->controllers->CategoryController->editAction()');
     $this->getForm($this->core->sysConfig->generic->actions->edit);
     /**
      * get form title
      */
     $this->view->formtitle = $this->objForm->Setup()->getFormTitle();
     $this->view->languageOptions = HtmlOutput::getOptionsOfSQL($this->core, 'SELECT id AS VALUE, languageCode AS DISPLAY FROM languages', $this->objForm->Setup()->getLanguageId());
     if ($this->objRequest->isPost() && $this->objRequest->isXmlHttpRequest()) {
         $arrFormData = $this->objRequest->getPost();
         $this->objForm->Setup()->setFieldValues($arrFormData);
         /**
          * set action
          */
         $this->objForm->setAction('/zoolu/properties/category/edit');
         /**
          * prepare form (add fields and region to the Zend_Form)
          */
         $this->objForm->prepareForm();
         if ($this->objForm->isValid($arrFormData)) {
             $this->objForm->saveFormData();
             $this->view->blnShowFormAlert = true;
         }
     }
     $this->view->form = $this->objForm;
     $this->renderScript('category/form.phtml');
 }
Пример #15
0
 /**
  * Called before Zend_Controller_Front calls on the router to evaluate the
  * request against the registered routes
  *
  * @param Zend_Controller_Request_Abstract $request
  */
 public function routeStartup(Zend_Controller_Request_Abstract $request)
 {
     if ($request instanceof Zend_Controller_Request_Http) {
         if ($request->isPost() || $request->isPut()) {
             $post = $request->getPost();
             if (empty($post) && empty($_FILES)) {
                 // Get maximum size and meassurement unit
                 $max = ini_get('post_max_size');
                 $unit = substr($max, -1);
                 if (!is_numeric($unit)) {
                     $max = substr($max, 0, -1);
                 }
                 // Convert to bytes
                 switch (strtoupper($unit)) {
                     case 'G':
                         $max *= 1024;
                     case 'M':
                         $max *= 1024;
                     case 'K':
                         $max *= 1024;
                 }
                 $length = $request->getServer('CONTENT_LENGTH');
                 if ($max < $length) {
                     if (!empty($this->_callback)) {
                         call_user_func($this->_callback, $request);
                     } else {
                         $e = new Zend_Controller_Exception('Maximum content length size (' . $max . ') exceeded', 1000);
                         $this->getResponse()->setException($e);
                     }
                 }
             }
         }
     }
 }
Пример #16
0
 protected function _login(Zend_Controller_Request_Abstract $request)
 {
     $userLogin = $request->getPost('login');
     $userName = trim($userLogin['alias']);
     $userPass = trim($userLogin['pass']);
     if ($userName == '') {
         $this->_exceptions[] = self::NO_USERNAME;
         return false;
     }
     if ($userPass == '') {
         $this->_exceptions[] = self::NO_PASSWORD;
         return false;
     }
     $auth = Zend_Auth::getInstance();
     $adapter = new Showcase_Auth_Adapter($userName, $userPass);
     $result = $auth->authenticate($adapter);
     if ($result) {
         if ($result->getCode() !== Zend_Auth_Result::SUCCESS) {
             // Let form know that login has failed...
             $this->_exceptions[] = self::LOGIN_FAILED;
             return false;
         }
         // YAY! Authentication was a success
         return true;
     }
     return false;
 }
Пример #17
0
 /**
  * Authenticate a user.
  *
  * @param Zend_Controller_Request_Abstract $request   The current request
  * @param Zend_Controller_Response_Abstract $response The current response
  * @return array|bool                                 User data,
  *                                                    or FALSE when no user is logged in yet
  */
 public function authenticate(Zend_Controller_Request_Abstract $request, Zend_Controller_Response_Abstract $response)
 {
     if (!$request->isPost()) {
         return $this->acceptToken($request->getParam('token'), $request->getParam('uid'));
     }
     $this->requestToken($request->getPost());
     return false;
 }
Пример #18
0
 /**
  * Gets content panel for the Debugbar
  *
  * @return string
  */
 public function getPanel()
 {
     $this->_request = Zend_Controller_Front::getInstance()->getRequest();
     $viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer');
     if ($viewRenderer->view && method_exists($viewRenderer->view, 'getVars')) {
         $viewVars = $this->_cleanData($viewRenderer->view->getVars());
     } else {
         $viewVars = "No 'getVars()' method in view class";
     }
     //        $front = Zend_Controller_Front::getInstance();
     $vars = '';
     if ($this->_request->isPost()) {
         $vars .= '<h4>$_POST</h4>' . '<div id="ZFDebug_post">' . $this->_cleanData($this->_request->getPost()) . '</div>';
     }
     $vars .= '<h4>$_COOKIE</h4>' . '<div id="ZFDebug_cookie">' . $this->_cleanData($this->_request->getCookie()) . '</div>' . '<h4>Request</h4>' . '<div id="ZFDebug_requests">' . $this->_cleanData($this->_request->getParams()) . '</div>' . '<h4>View vars</h4>' . '<div id="ZFDebug_vars">' . $viewVars . '</div>';
     return $vars;
 }
Пример #19
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $req = array('GET' => $request->getQuery(), 'POST' => $request->getPost(), 'COOKIE' => $request->getCookie(), 'PARAMS' => $request->getUserParams());
     $init = IDS_Init::init(APPLICATION_PATH . '/configs/phpids.ini');
     $ids = new IDS_Monitor($req, $init);
     $result = $ids->run();
     if (!$result->isEmpty()) {
         $compositeLog = new IDS_Log_Composite();
         $compositeLog->addLogger(IDS_Log_File::getInstance($init));
         $compositeLog->execute($result);
     }
 }
Пример #20
0
 public function process(Zend_Controller_Request_Abstract $request)
 {
     //validate the user's name
     $this->attribute_name = $this->sanitize($request->getPost('attribute_name'));
     //sanitize uses FormProcessor's zend_filter funciton to clean strings.
     if (strlen($this->attribute_name) == 0) {
         echo 'length is: ' . strlen($this->attribute_name);
         //echo 'request measurmrent-name is: '.$request->getPost('size_name');
         $this->addError('size_name', 'Please enter the beginning size');
         echo 'here at size_name errorasdfasdf';
     } else {
         $this->SizeAttribute->attribute_name = $this->attribute_name;
     }
     $this->size_name = $this->sanitize($request->getPost('size_name'));
     //sanitize uses FormProcessor's zend_filter funciton to clean strings.
     if (strlen($this->size_name) == 0) {
         echo 'length is: ' . strlen($this->size_name);
         //echo 'request measurmrent-name is: '.$request->getPost('size_name');
         $this->addError('size_name', 'Please enter the beginning size');
         echo 'here at size_name errorasdfasdf';
     } else {
         $this->SizeAttribute->size_name = $this->size_name;
     }
     $this->price_adjustment = $this->sanitize($request->getPost('price_adjustment'));
     //sanitize uses FormProcessor's zend_filter funciton to clean strings.
     if (strlen($this->price_adjustment) == 0) {
         $this->addError('price_adjustment', 'Please enter the price_adjustment');
         echo 'here at price_adjustment error';
     } else {
         $this->SizeAttribute->price_adjustment = $this->price_adjustment;
     }
     //echo $request->getPost('clubAdmin');
     //$this->user->user_type = $request->getPost('clubAdmin');
     //if no erros have occured, save the user
     if (!$this->_validateOnly && !$this->hasError()) {
         $this->SizeAttribute->save();
     }
     //return true if no errors have occurred
     return !$this->hasError();
 }
Пример #21
0
 /**
  * Validate every call against CSRF if it's a POST call
  * and there's an available token on the session.
  * */
 public function routeShutdown(Zend_Controller_Request_Abstract $request)
 {
     // Avoid error override! :S
     if (count($this->getResponse()->getException())) {
         return;
     }
     $auth = Zend_Auth::getInstance();
     $identity = $auth->getIdentity();
     $byPassMethods = array(App_Controller_Plugin_Auth::AUTH_TYPE_LOST_PASSWORD, App_Controller_Plugin_Auth::AUTH_TYPE_ASYNC, App_Controller_Plugin_Auth::AUTH_TYPE_EXTERNAL, App_Controller_Plugin_Auth::AUTH_TYPE_THIRD_PARTY);
     $byPassModules = array('async', 'external', 'externalr12', 'thirdparty');
     //Bypass some auth methods
     if (in_array($request->module, $byPassModules) || $identity['authType'] && in_array($identity['authType'], $byPassMethods)) {
         return;
     }
     $session = new Zend_Session_Namespace('csrf');
     if (empty($session->token)) {
         // Generate a new CSRF token and save it on the session
         \App::log()->info("Session token empty, generating new CSRF token...");
         $session->token = $this->_generateToken();
     }
     // Return the token on an HTTP header
     $resp = $this->getResponse();
     $resp->setHeader('X-CSRF-Token', $session->token);
     // Don't do anything if it's a GET request
     if ($request->isGet()) {
         return;
     }
     $post = $request->getPost();
     if (empty($post) && empty($_FILES)) {
         $max = ini_get('post_max_size');
         $length = $request->getServer('CONTENT_LENGTH');
         if ($max < $length) {
             return;
         }
     }
     // Try to get the CSRF token from frontend
     if (!($csrfToken = $this->_getFrontendToken($request))) {
         $message = 'Possible CSRF attack: CSRF token not found on request';
         $this->_throwError($request, $message);
         return;
     }
     // Disable plugin for dev environment
     if (App::config('csrf.disabled', false) && $csrfToken == 'dev') {
         return true;
     }
     // If tokens don't match log a possible CSRF attack a throw an exception
     if ($session->token != $csrfToken) {
         $message = 'Possible CSRF attack: BE and FE tokens don\'t match';
         $this->_throwError($request, $message);
         return;
     }
 }
Пример #22
0
 /**
  * Performs CSRF protection checks before dispatching occurs
  * @param Zend_Controller_Request_Abstract $request
  */
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $this->_initializeTokens();
     if ($request->isPost() === true && $this->_autoProtect) {
         if (empty($this->_previousToken)) {
             throw new RuntimeException('A possible CSRF attack detected - no token received');
         }
         $value = $request->getPost($this->_keyName);
         if (!$this->isValidToken($value)) {
             throw new RuntimeException('A possible CSRF attack detected - tokens do not match');
         }
     }
 }
Пример #23
0
 /**
  * deleteAction
  * @author Daniel Rotter <*****@*****.**>
  * @version 1.0
  */
 public function deleteAction()
 {
     $this->core->logger->debug('widgets->blog->CommentController->deleteAction');
     $this->_helper->viewRenderer->setNoRender();
     try {
         if ($this->objRequest->getPost() && $this->objRequest->isXmlHttpRequest()) {
             $this->getModelBlogEntryComment()->deleteBlogEntryComment($this->objRequest->getParam('id'));
         }
     } catch (Exception $exc) {
         $this->core->logger->err($exc);
         exit;
     }
 }
Пример #24
0
 /**
  * editAction
  * @author Cornelius Hansjakob <*****@*****.**>
  * @version 1.0
  */
 public function editAction()
 {
     $this->core->logger->debug('core->controllers->FolderController->editAction()');
     $this->getForm($this->core->sysConfig->generic->actions->edit);
     $this->addFolderSpecificFormElements();
     /**
      * get form title
      */
     $this->view->formtitle = $this->objForm->Setup()->getFormTitle();
     if ($this->objRequest->isPost() && $this->objRequest->isXmlHttpRequest()) {
         $arrFormData = $this->objRequest->getPost();
         $this->objForm->Setup()->setFieldValues($arrFormData);
         /**
          * prepare form (add fields and region to the Zend_Form)
          */
         $this->objForm->prepareForm();
         /**
          * set action
          */
         $this->objForm->setAction('/zoolu/core/folder/edit');
         if ($this->objForm->isValid($arrFormData)) {
             $this->objForm->saveFormData();
             /**
              * update start page
              */
             if (array_key_exists("rootLevelTypeId", $arrFormData) && $arrFormData["rootLevelTypeId"] == $this->core->sysConfig->root_level_types->portals) {
                 $intFolderId = $this->objForm->Setup()->getElementId();
                 $intUserId = Zend_Auth::getInstance()->getIdentity()->id;
                 $arrProperties = array('idUsers' => $intUserId, 'creator' => $this->objForm->Setup()->getCreatorId(), 'idStatus' => $this->objForm->Setup()->getStatusId(), 'showInNavigation' => $this->objForm->Setup()->getShowInNavigation(), 'changed' => date('Y-m-d H:i:s'));
                 $arrTitle = array('idUsers' => $intUserId, 'creator' => $this->objForm->Setup()->getCreatorId(), 'title' => $this->objForm->Setup()->getCoreField('title')->getValue(), 'idLanguages' => $this->objForm->Setup()->getLanguageId(), 'changed' => date('Y-m-d H:i:s'));
                 $this->getModelPages()->updateStartPageMainData($intFolderId, $arrProperties, $arrTitle);
                 //$this->view->assign('selectNavigationItemNow', true);
                 //$this->view->assign('itemId', 'folder'.$intFolderId);
             }
             $this->view->assign('blnShowFormAlert', true);
         } else {
             $this->view->assign('blnShowFormAlert', false);
         }
     } else {
         /**
          * prepare form (add fields and region to the Zend_Form)
          */
         $this->objForm->prepareForm();
     }
     /**
      * output of metainformation to hidden div
      */
     $this->setViewMetaInfos();
     $this->view->form = $this->objForm;
     $this->renderScript('folder/form.phtml');
 }
Пример #25
0
 /**
  * @access public
  * @param  Zend_Controller_Request_Abstract $request
  * @return boolean|null
  */
 public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request)
 {
     if (!$request->isPost()) {
         return null;
     }
     $formHelperToken = $this->getHelper();
     $token = $request->getPost($formHelperToken->getTokenKey());
     if (!empty($token) && $formHelperToken->hasToken($token)) {
         $formHelperToken->removeToken($token);
         return true;
     }
     $this->_checkFailed($request);
     return false;
 }
Пример #26
0
 public function process(Zend_Controller_Request_Abstract $request)
 {
     //$this->product_id = $request->getPost('id');
     foreach ($request->getPost() as $key => $value) {
         echo 'key: ' . $key . ' value: ' . $value . '<br/>';
         $v = $this->sanitize($value);
         if (substr($key, 0, 4) == 'sys_' && $key != 'generalImages' && $key != 'id') {
             $this->{$key} = $v;
             $this->inventoryProduct->{$key} = $v;
         } elseif ($key != 'generalImages' && $key != 'id') {
             $this->inventoryProduct->profile->{$key} = $v;
         } else {
             $this->{$key} = $value;
         }
     }
     $this->inventoryProduct->product_id = $request->getPost('id');
     $this->inventoryProduct->uploader_id = $this->userID;
     if (!$this->_validateOnly && !$this->hasError()) {
         $this->inventoryProduct->save();
     }
     //return true if no errors have occurred
     return !$this->hasError();
 }
Пример #27
0
 public function onSubmit(Zend_Controller_Request_Abstract $request)
 {
     // Form was valid
     if ($this->getForm()->isValid($request->getPost())) {
         $this->getSession()->data = $this->getForm()->getProcessedValues();
         $this->getSession()->active = false;
         $this->onSubmitIsValid();
         return true;
     } else {
         $this->getSession()->active = true;
         $this->onSubmitNotIsValid();
         return false;
     }
 }
Пример #28
0
 /**
  * editAction
  * @author Thomas Schedler <*****@*****.**>
  * @version 1.0
  */
 public function editAction()
 {
     $this->core->logger->debug('global->controllers->ElementController->editAction()');
     try {
         $this->getForm($this->core->sysConfig->generic->actions->edit);
         $this->addGlobalSpecificFormElements();
         /**
          * get form title
          */
         $this->view->formtitle = $this->objForm->Setup()->getFormTitle();
         if ($this->objRequest->isPost() && $this->objRequest->isXmlHttpRequest()) {
             $arrFormData = $this->objRequest->getPost();
             $this->objForm->Setup()->setFieldValues($arrFormData);
             /**
              * prepare form (add fields and region to the Zend_Form)
              */
             $this->objForm->prepareForm();
             if ($this->objForm->isValid($arrFormData)) {
                 $this->objForm->saveFormData();
                 $this->view->assign('blnShowFormAlert', true);
             } else {
                 $this->view->assign('blnShowFormAlert', false);
             }
         } else {
             /**
              * prepare form (add fields and region to the Zend_Form)
              */
             $this->objForm->prepareForm();
         }
         /**
          * update special field values
          */
         $this->objForm->updateSpecificFieldValues();
         /**
          * set action
          */
         $this->objForm->setAction('/zoolu/global/element/edit');
         /**
          * output of metainformation to hidden div
          */
         $this->setViewMetaInfos();
         $this->view->form = $this->objForm;
         $this->renderScript('element/form.phtml');
     } catch (Exception $exc) {
         $this->core->logger->err($exc);
         exit;
     }
 }
Пример #29
0
 public function process(Zend_Controller_Request_Abstract $request)
 {
     //validate the user's name
     $this->address_one = $this->sanitize($request->getPost('address_one'));
     //sanitize uses FormProcessor's zend_filter funciton to clean strings.
     if (strlen($this->address_one) == 0) {
         $this->addError('address_one', 'Please enter this address');
     } else {
         $this->shippingAddress->address_one = $this->address_one;
     }
     $this->address_two = $this->sanitize($request->getPost('address_two'));
     $this->shippingAddress->address_two = $this->address_two;
     $this->zip = $this->sanitize($request->getPost('zip'));
     if (strlen($this->zip) == 0) {
         $this->addError('zip', 'Please enter you zip');
     } else {
         $this->shippingAddress->zip = strtolower($this->zip);
     }
     $this->city = $this->sanitize($request->getPost('city'));
     if (strlen($this->city) == 0) {
         $this->addError('city', 'Please enter you city');
     } else {
         $this->shippingAddress->city = strtolower($this->city);
     }
     $this->state = $this->sanitize($request->getPost('state'));
     if (strlen($this->state) == 0) {
         $this->addError('state', 'Please enter your state');
     } else {
         $this->shippingAddress->state = strtolower($this->state);
     }
     $this->country = $this->sanitize($request->getPost('country'));
     if (strlen($this->country) == 0) {
         $this->addError('country', 'Please enter your country');
     } else {
         $this->shippingAddress->country = strtolower($this->country);
     }
     //validating the correct password
     //if no erros have occured, save the user
     if (!$this->hasError()) {
         $this->shippingAddress->save();
         //echo 'here at save';
         $this->shippingId = $this->shippingAddress->getId();
     }
     $this->defaultShipping = $this->sanitize($request->getPost('defaultShipping'));
     if ($this->defaultShipping != 'on') {
         $this->defaultShipping = 'off';
     }
     //return true if no errors have occurredd
     return !$this->hasError();
 }
 /**
  * Performs CSRF protection checks before dispatching occurs
  * @param Zend_Controller_Request_Abstract $request
  */
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $this->_initializeTokens();
     if ($request->isPost() === true) {
         $this->_error->message = null;
         if (empty($this->_previousToken)) {
             $this->_error->message = Zend_Registry::get('t')->_('No token received, please re-submit the form');
         }
         //A possible CSRF attack detected - no token received
         $value = $request->getPost($this->_keyName);
         if (!$this->isValidToken($value)) {
             $this->_error->message = Zend_Registry::get('t')->_('Tokens do not match, please re-submit the form');
         }
         //A possible CSRF attack detected - tokens do not match
     }
 }