/** * Vetos (denies) a login attempt, and forces the user to change his password. * * This handler is triggered by the 'user.login.veto' event. It vetos (denies) a * login attempt if the users's account record is flagged to force the user to change * his password maintained by the Users module. If the user does not maintain a * password on his Users account (e.g., he registered with and logs in with a Google * Account or an OpenID, and never established a Users password), then this handler * will not trigger a change of password. * * @param Zikula_Event $event The event that triggered this handler. * * @return void */ public static function forcedPasswordChangeListener(Zikula_Event $event) { $userObj = $event->getSubject(); $userMustChangePassword = UserUtil::getVar('_Users_mustChangePassword', $userObj['uid'], false); if ($userMustChangePassword && ($userObj['pass'] != Users_Constant::PWD_NO_USERS_AUTHENTICATION)) { $event->stop(); $event->setData(array( 'redirect_func' => array( 'modname' => self::$modname, 'type' => 'user', 'func' => 'changePassword', 'args' => array( 'login' => true, ), 'session' => array( 'var' => 'Users_Controller_User_changePassword', 'namespace' => 'Zikula_Users', ) ), )); LogUtil::registerError(__("Your log-in request was not completed. You must change your web site account's password first.")); } }
/** * Add 'anotherfunction' Event handler . * * @param Zikula_Event $event Handler. * * @return void */ public function anotherfunction(Zikula_Event $event) { // check if this is for this handler $subject = $event->getSubject(); if (!($event['method'] == 'anotherfunction' && $subject instanceof Users_Controller_Admin)) { return; } if (!SecurityUtil::checkPermission('Users::', '::', ACCESS_ADMIN)) { return LogUtil::registerPermissionError(); } $view = Zikula_View_plugin::getModulePluginInstance($this->moduleName, $this->pluginName); $event->setData($view->fetch('anotherfunction.tpl')); $event->stop(); }
/** * Event handler here. * * @param Zikula_Event $event Event handler. * * @return void */ public function handler(Zikula_Event $event) { // check if this is for this handler $subject = $event->getSubject(); if (!($event['method'] == 'extensions' && $subject instanceof Users_Controller_Admin)) { return; } if (!SecurityUtil::checkPermission('Users::', '::', ACCESS_ADMIN)) { return LogUtil::registerPermissionError(); } // Zikula Modules and Themes versions $view = Zikula_View::getInstance('Users'); $view->assign('mods', ModuleUtil::getModules()); $view->assign('themes', ThemeUtil::getAllThemes()); $event->setData($view->fetch('users_admin_extensions.tpl')); $event->stop(); }
/** * Run a module function. * * @param string $modname The name of the module. * @param string $type The type of function to run. * @param string $func The specific function to run. * @param array $args The arguments to pass to the function. * @param boolean $api Whether or not to execute an API (or regular) function. * @param string $instanceof Perform instanceof checking of target class. * * @throws Zikula_Exception_NotFound If method was not found. * @throws InvalidArgumentException If the controller is not an instance of the class specified in $instanceof. * * @return mixed. */ public static function exec($modname, $type = 'user', $func = 'main', $args = array(), $api = false, $instanceof = null) { // define input, all numbers and booleans to strings $modname = isset($modname) ? (string) $modname : ''; $ftype = $api ? 'api' : ''; $loadfunc = $api ? 'ModUtil::loadApi' : 'ModUtil::load'; // validate if (!System::varValidate($modname, 'mod')) { return null; } // Remove from 1.4 if (System::isLegacyMode() && $modname == 'Modules') { LogUtil::log(__('Warning! "Modules" module has been renamed to "Extensions". Please update your ModUtil::func() and ModUtil::apiFunc() calls.')); $modname = 'Extensions'; } $modinfo = self::getInfo(self::getIDFromName($modname)); $path = $modinfo['type'] == self::TYPE_SYSTEM ? 'system' : 'modules'; $controller = null; $modfunc = null; $loaded = call_user_func_array($loadfunc, array($modname, $type)); if (self::isOO($modname)) { $result = self::getCallable($modname, $type, $func, $api); if ($result) { $modfunc = $result['callable']; $controller = $modfunc[0]; if (!is_null($instanceof)) { if (!$controller instanceof $instanceof) { throw new InvalidArgumentException(__f('%1$s must be an instance of $2$s', array(get_class($controller), $instanceof))); } } } } $modfunc = $modfunc ? $modfunc : "{$modname}_{$type}{$ftype}_{$func}"; $eventManager = EventUtil::getManager(); if ($loaded) { $preExecuteEvent = new Zikula_Event('module_dispatch.preexecute', $controller, array('modname' => $modname, 'modfunc' => $modfunc, 'args' => $args, 'modinfo' => $modinfo, 'type' => $type, 'api' => $api)); $postExecuteEvent = new Zikula_Event('module_dispatch.postexecute', $controller, array('modname' => $modname, 'modfunc' => $modfunc, 'args' => $args, 'modinfo' => $modinfo, 'type' => $type, 'api' => $api)); if (is_callable($modfunc)) { $eventManager->notify($preExecuteEvent); // Check $modfunc is an object instance (OO) or a function (old) if (is_array($modfunc)) { if ($modfunc[0] instanceof Zikula_AbstractController) { $reflection = call_user_func(array($modfunc[0], 'getReflection')); $subclassOfReflection = new ReflectionClass($reflection->getParentClass()); if ($subclassOfReflection->hasMethod($modfunc[1])) { // Don't allow front controller to access any public methods inside the controller's parents throw new Zikula_Exception_NotFound(); } $modfunc[0]->preDispatch(); } $postExecuteEvent->setData(call_user_func($modfunc, $args)); if ($modfunc[0] instanceof Zikula_AbstractController) { $modfunc[0]->postDispatch(); } } else { $postExecuteEvent->setData($modfunc($args)); } return $eventManager->notify($postExecuteEvent)->getData(); } // get the theme if (ServiceUtil::getManager()->getService('zikula')->getStage() & Zikula_Core::STAGE_THEME) { $theme = ThemeUtil::getInfo(ThemeUtil::getIDFromName(UserUtil::getTheme())); if (file_exists($file = 'themes/' . $theme['directory'] . '/functions/' . $modname . "/{$type}{$ftype}/{$func}.php") || file_exists($file = 'themes/' . $theme['directory'] . '/functions/' . $modname . "/pn{$type}{$ftype}/{$func}.php")) { include_once $file; if (function_exists($modfunc)) { EventUtil::notify($preExecuteEvent); $postExecuteEvent->setData($modfunc($args)); return EventUtil::notify($postExecuteEvent)->getData(); } } } if (file_exists($file = "config/functions/{$modname}/{$type}{$ftype}/{$func}.php") || file_exists($file = "config/functions/{$modname}/pn{$type}{$ftype}/{$func}.php")) { include_once $file; if (is_callable($modfunc)) { $eventManager->notify($preExecuteEvent); $postExecuteEvent->setData($modfunc($args)); return $eventManager->notify($postExecuteEvent)->getData(); } } if (file_exists($file = "{$path}/{$modname}/{$type}{$ftype}/{$func}.php") || file_exists($file = "{$path}/{$modname}/pn{$type}{$ftype}/{$func}.php")) { include_once $file; if (is_callable($modfunc)) { $eventManager->notify($preExecuteEvent); $postExecuteEvent->setData($modfunc($args)); return $eventManager->notify($postExecuteEvent)->getData(); } } // try to load plugin // This kind of eventhandler should // 1. Check $event['modfunc'] to see if it should run else exit silently. // 2. Do something like $result = {$event['modfunc']}({$event['args'}); // 3. Save the result $event->setData($result). // 4. $event->setNotify(). // return void // This event means that no $type was found $event = new Zikula_Event('module_dispatch.type_not_found', null, array('modfunc' => $modfunc, 'args' => $args, 'modinfo' => $modinfo, 'type' => $type, 'api' => $api), false); $eventManager->notify($event); if ($preExecuteEvent->isStopped()) { return $preExecuteEvent->getData(); } return false; } // Issue not found exception for controller requests if (!System::isLegacyMode() && !$api) { throw new Zikula_Exception_NotFound(__f('The requested controller action %s_Controller_%s::%s() could not be found', array($modname, $type, $func))); } }
public static function moduleservices(Zikula_Event $event) { // check if this is for this handler $subject = $event->getSubject(); if (!($event['method'] == 'moduleservices' && strrpos(get_class($subject), '_Controller_Admin'))) { return; } $moduleName = $subject->getName(); if (!SecurityUtil::checkPermission($moduleName.'::', '::', ACCESS_ADMIN)) { return LogUtil::registerPermissionError(); } $view = Zikula_View::getInstance('Extensions', false); $view->assign('currentmodule', $moduleName); // notify EVENT here to gather any system service links $localevent = new Zikula_Event('module_dispatch.service_links', $subject, array('modname' => $moduleName)); EventUtil::notify($localevent); $sublinks = $localevent->getData(); $view->assign('sublinks', $sublinks); $event->setData($view->fetch('extensions_hookui_moduleservices.tpl')); $event->stop(); }
/** * Debug toolbar rendering (listener for 'theme.prefetch' and 'theme.postfetch' events). * * @param Zikula_Event $event Event. * * @return void */ public function debugToolbarRendering(Zikula_Event $event) { if (!$event->getSubject() instanceof Zikula_ErrorHandler_Ajax) { if ($event->getName() == 'theme.prefetch') { // force object construction (debug toolbar constructor registers javascript and css files via PageUtil) $this->serviceManager->getService('debug.toolbar'); } else { $toolbar = $this->serviceManager->getService('debug.toolbar'); $html = $toolbar->getContent() . "\n</body>"; $event->setData(str_replace('</body>', $html, $event->getData())); } } }
/** * Available plugins list. * * @return array List of the available plugins. */ public static function getPluginsAvailable() { $classNames = array(); $classNames['category'] = 'FilterUtil_Filter_Category'; $classNames['default'] = 'FilterUtil_Filter_Default'; $classNames['date'] = 'FilterUtil_Filter_Date'; $classNames['mnlist'] = 'FilterUtil_Filter_Mnlist'; $classNames['pmlist'] = 'FilterUtil_Filter_Pmlist'; $classNames['replaceName'] = 'FilterUtil_Filter_ReplaceName'; // collect classes from other providers also allows for override // TODO A [This is only allowed for the module which owns this object.] $event = new Zikula_Event('zikula.filterutil.get_plugin_classes'); $event->setData($classNames); $classNames = EventUtil::getManager()->notify($event)->getData(); return $classNames; }
/** * Format a variable for HTML display. This method is recursive array safe. * * @param string $var The variable to format. * * @return string The formatted variable. */ public static function formatForDisplayHTML($var) { // This search and replace finds the text 'x@y' and replaces // it with HTML entities, this provides protection against // email harvesters // // Note that the use of \024 and \022 are needed to ensure that // this does not break HTML tags that might be around either // the username or the domain name static $search = array( '/([^\024])@([^\022])/se'); static $replace = array('"&#" . sprintf("%03d", ord("\\1")) . ";@&#" . sprintf("%03d", ord("\\2")) . ";";'); static $allowedtags = null; static $outputfilter; static $event; if (!$event) { $event = new Zikula_Event('system.outputfilter'); } if (!isset($allowedtags)) { $allowedHTML = array(); $allowableHTML = System::getVar('AllowableHTML'); if (is_array($allowableHTML)) { foreach ($allowableHTML as $k => $v) { if ($k == '!--') { if ($v != 0) { $allowedHTML[] = "$k.*?--"; } } else { switch ($v) { case 0: break; case 1: $allowedHTML[] = "/?$k\s*/?"; break; case 2: $allowedHTML[] = "/?\s*$k" . "(\s+[\w:]+\s*=\s*(\"[^\"]*\"|'[^']*'))*" . '\s*/?'; break; } } } } if (count($allowedHTML) > 0) { $allowedtags = '~<\s*(' . implode('|', $allowedHTML) . ')\s*>~is'; } else { $allowedtags = ''; } } if (!isset($outputfilter)) { if (ModUtil::available('SecurityCenter') && !System::isInstalling()) { $outputfilter = System::getVar('outputfilter'); } else { $outputfilter = 0; } } if (is_array($var)) { foreach ($var as $k => $v) { $var[$k] = self::formatForDisplayHTML($v); } } else { // Run additional filters if ($outputfilter > 0) { $event->setData($var)->setArg('filter', $outputfilter); $var = EventUtil::notify($event)->getData(); } // Preparse var to mark the HTML that we want if (!empty($allowedtags)) { $var = preg_replace($allowedtags, "\022\\1\024", $var); } // Encode email addresses $var = preg_replace($search, $replace, $var); // Fix html entities $var = htmlspecialchars($var); // Fix the HTML that we want $var = preg_replace_callback('#\022([^\024]*)\024#', create_function('$m', 'return DataUtil::formatForDisplayHTML_callback($m);'), $var); // Fix entities if required if (System::getVar('htmlentities')) { $var = preg_replace('/&([a-z#0-9]+);/i', "&\\1;", $var); } } return $var; }
/** * Checks if the user is member of clients group and if it should be member of it * @author Albert Pérez Monfort * @return bool true authetication succesful */ public static function sendMail(Zikula_Event $event) { $args = $event->getArgs(); /* $args['html'] = FormUtil::getPassedValue('html', isset($args['html']) ? $args['html'] : 0, 'POST'); $args['toaddress'] = FormUtil::getPassedValue('toaddress', isset($args['toaddress']) ? $args['toaddress'] : null, 'POST'); $args['cc'] = FormUtil::getPassedValue('cc', isset($args['cc']) ? $args['cc'] : null, 'POST'); $args['bcc'] = FormUtil::getPassedValue('bcc', isset($args['bcc']) ? $args['bcc'] : null, 'POST'); $args['subject'] = FormUtil::getPassedValue('subject', isset($args['subject']) ? $args['subject'] : null, 'POST'); $args['body'] = FormUtil::getPassedValue('body', isset($args['body']) ? $args['body'] : null, 'POST'); $args['attachments'] = FormUtil::getPassedValue('attachments', isset($args['attachments']) ? $args['attachments'] : array(), 'POST'); $args['stringattachments'] = FormUtil::getPassedValue('stringattachments', isset($args['stringattachments']) ? $args['stringattachments'] : array(), 'POST'); $args['embeddedimages'] = FormUtil::getPassedValue('embeddedimages', isset($args['embeddedimages']) ? $args['embeddedimages'] : array(), 'POST'); */ // include php mailsender class file if (file_exists($file = "modules/SiriusXtecMailer/includes/mailsender.class.php")) { require_once($file); } else { return false; } // include php message class file if (file_exists($file = "modules/SiriusXtecMailer/includes/message.class.php")) { require_once($file); } else { return false; } $enabled = ModUtil::getVar('SiriusXtecMailer', 'enabled'); if ($enabled == 0) { // Add processed flag //$args['processed'] = 1; //$result = ModUtil::apiFunc('Mailer', 'user', 'sendmessage', $args); //return $result; return false; } $idApp = ModUtil::getVar('SiriusXtecMailer', 'idApp'); $replyAddress = ModUtil::getVar('SiriusXtecMailer', 'replyAddress'); $sender = ModUtil::getVar('SiriusXtecMailer', 'sender'); $environment = ModUtil::getVar('SiriusXtecMailer','environment'); $log = ModUtil::getVar('SiriusXtecMailer', 'log'); $debug = ModUtil::getVar('SiriusXtecMailer', 'debug'); $logpath = ModUtil::getVar('SiriusXtecMailer', 'logpath'); $mail = new mailsender($idApp, $replyAddress, $sender, $environment, $log, $debug, $logpath); // add body content type $contenttypes = ModUtil::func('SiriusXtecMailer', 'admin', 'getContentTypes'); // set HTML mail if required if (isset($args['html']) && is_bool($args['html'])) { if ($args['html']) { $bodyType = 'text/html'; } else { $bodyType = TEXTPLAIN; } } else { $bodyType = $contenttypes[ModUtil::getVar('SiriusXtecMailer', 'contenttype')]; } $message = new message($bodyType, $log, $debug, $logpath); // add any to addresses if (is_array($args['toaddress'])) { foreach ($args['toaddress'] as $to) { $message->set_to($to); } } else { // $toaddress is not an array -> old logic // process multiple names entered in a single field separated by commas (#262) foreach (explode(',', $args['toaddress']) as $to) { $message->set_to($to); } } // add any cc addresses if (isset($args['cc']) && is_array($args['cc'])) { foreach ($args['cc'] as $cc) { $message->set_cc($cc['address']); } } // add any bcc addresses if (isset($args['bcc']) && is_array($args['bcc'])) { foreach ($args['bcc'] as $bcc) { $message->set_bcc($bcc['address']); } } // add message subject and body $subject = $args['subject']; $message->set_subject($subject); $body = $args['body']; $message->set_bodyContent($body); // add attachments if (isset($args['attachments']) && !empty($args['attachments'])) { foreach ($args['attachments'] as $attachment) { if (is_array($attachment)) { if (count($attachment) != 4) { // skip invalid arrays continue; } $message->set_attachByPathOnAppServer($attachment[1], $attachment[0]); } else { $message->set_attachByPathOnAppServer(basename($attachment[0]), $attachment[0]); } } } // add string attachments. if (isset($args['stringattachments']) && !empty($args['stringattachments'])) { foreach ($args['stringattachments'] as $attachment) { if (is_array($attachment) && count($attachment) == 4) { $message->set_attachByContent($attachment[1], $attachment[0], $attachment[3]); } } } // add embedded images if (isset($args['embeddedimages']) && !empty($args['embeddedimages'])) { foreach ($args['embeddedimages'] as $embeddedimage) { $message->set_attachByPathOnAppServer(basename($embeddedimage), $embeddedimage); } } //add message to mailsender if (!$mail->add($message)) { // message not added return LogUtil::registerError(__f('Error! A problem occurred while adding an e-mail message to \'%1$s\' (%2$s) with subject \'%3$s\'', array($args['toname'], $args['toaddress'][0], $args['subject']))); } // send message if (!$mail->send_mail()) { // message not sent return LogUtil::registerError(__f('Error! A problem occurred while sending an e-mail message to \'%1$s\' (%2$s) with subject \'%3$s\'', array($args['toname'], $args['toaddress'][0], $args['subject']))); } $event->stop(); $event->setData(true); return true; // message sent }