public function removeAdminIsAutogeneratedAjax() { ipRequest()->mustBePost(); // Removing temporary data ipStorage()->remove('Ip', 'adminIsAutogenerated'); // If user wants to change credentials, redirecting to Administrators list if (ipRequest()->getPost('action') == 'change') { // todo: redirect and automatically select user and open popup $redirect = ipActionUrl(array('aa' => 'Administrators.index')) . "#/hash=&administrator=" . \Ip\Internal\Admin\Backend::userId(); \Ip\Internal\System\Model::sendUsageStatistics(array('action' => 'Install.adminChange')); return \Ip\Response\JsonRpc::result(array('redirect' => $redirect)); } \Ip\Internal\System\Model::sendUsageStatistics(array('action' => 'Install.adminKeep')); return \Ip\Response\JsonRpc::result(array('close' => 1)); }
public static function ipBeforeController() { //show admin submenu if needed if (ipRoute()->isAdmin()) { ipAddJs('Ip/Internal/Core/assets/js/jquery-ui/jquery-ui.js'); ipAddCss('Ip/Internal/Core/assets/js/jquery-ui/jquery-ui.css'); $submenu = Submenu::getSubmenuItems(); $submenu = ipFilter('ipAdminSubmenu', $submenu); if ($submenu) { ipResponse()->setLayoutVariable('submenu', $submenu); } } // Show admin toolbar if admin is logged in: if (ipAdminId() && !ipRequest()->getRequest('pa') || ipRequest()->getRequest('aa') && ipAdminId()) { if (!ipRequest()->getQuery('ipDesignPreview') && !ipRequest()->getQuery('disableAdminNavbar')) { ipAddJs('Ip/Internal/Admin/assets/admin.js'); ipAddJsVariable('ipAdminNavbar', static::getAdminNavbarHtml()); } } // Show popup with autogenerated user information if needed $adminIsAutogenerated = ipStorage()->get('Ip', 'adminIsAutogenerated'); if ($adminIsAutogenerated) { $adminId = \Ip\Internal\Admin\Backend::userId(); $admin = \Ip\Internal\Administrators\Model::getById($adminId); ipAddJs('Ip/Internal/Admin/assets/adminIsAutogenerated.js'); $data = array('adminUsername' => $admin['username'], 'adminPassword' => ipStorage()->get('Ip', 'adminIsAutogenerated'), 'adminEmail' => $admin['email']); ipAddJsVariable('ipAdminIsAutogenerated', ipView('view/adminIsAutoGenerated.php', $data)->render()); } if (ipContent()->getCurrentPage()) { // initialize management if (ipIsManagementState()) { if (!ipRequest()->getQuery('ipDesignPreview') && !ipRequest()->getQuery('disableManagement')) { \Ip\Internal\Content\Helper::initManagement(); } } //show page content $response = ipResponse(); $response->setDescription(\Ip\ServiceLocator::content()->getDescription()); $response->setKeywords(ipContent()->getKeywords()); $response->setTitle(ipContent()->getTitle()); } }
/** * @ignore * @param Request $request * @param array $options * @param bool $subrequest * @return Response\Json|Response\PageNotFound|Response\Redirect * @throws Exception * @ignore */ public function _handleOnlyRequest(\Ip\Request $request, $options = array(), $subrequest = true) { if (empty($options['skipInitEvents'])) { \Ip\ServiceLocator::dispatcher()->_bindApplicationEvents(); } $result = ipJob('ipRouteLanguage', array('request' => $request, 'relativeUri' => $request->getRelativePath())); if ($result) { $requestLanguage = $result['language']; $routeLanguage = $requestLanguage->getCode(); ipRequest()->_setRoutePath($result['relativeUri']); } else { $routeLanguage = null; $requestLanguage = ipJob('ipRequestLanguage', array('request' => $request)); ipRequest()->_setRoutePath($request->getRelativePath()); } //find out and set locale $locale = $requestLanguage->getCode(); if (strlen($locale) == '2') { $locale = strtolower($locale) . '_' . strtoupper($locale); } else { $locale = str_replace('-', '_', $locale); } $locale .= '.utf8'; if ($locale == "tr_TR.utf8" && (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION < 5)) { //Overcoming this bug https://bugs.php.net/bug.php?id=18556 setlocale(LC_COLLATE, $locale); setlocale(LC_MONETARY, $locale); setlocale(LC_NUMERIC, $locale); setlocale(LC_TIME, $locale); setlocale(LC_MESSAGES, $locale); setlocale(LC_CTYPE, "en_US.utf8"); } else { setLocale(LC_ALL, $locale); } setlocale(LC_NUMERIC, "C"); //user standard C syntax for numbers. Otherwise you will get funny things with when autogenerating CSS, etc. ipContent()->_setCurrentLanguage($requestLanguage); $_SESSION['ipLastLanguageId'] = $requestLanguage->getId(); if (empty($options['skipTranslationsInit'])) { if (!empty($options['translationsLanguageCode'])) { $languageCode = $options['translationsLanguageCode']; } else { $languageCode = $requestLanguage->getCode(); } $this->initTranslations($languageCode); } if (empty($options['skipModuleInit'])) { $this->modulesInit(); } ipEvent('ipInitFinished'); $routeAction = ipJob('ipRouteAction', array('request' => $request, 'relativeUri' => ipRequest()->getRoutePath(), 'routeLanguage' => $routeLanguage)); if (!empty($routeAction)) { if (!empty($routeAction['page'])) { ipContent()->_setCurrentPage($routeAction['page']); } if (!empty($routeAction['environment'])) { ipRoute()->setEnvironment($routeAction['environment']); } else { if (!empty($routeAction['controller']) && $routeAction['controller'] == 'AdminController') { ipRoute()->setEnvironment(\Ip\Route::ENVIRONMENT_ADMIN); } else { ipRoute()->setEnvironment(\Ip\Route::ENVIRONMENT_PUBLIC); } } if (!empty($routeAction['controller'])) { ipRoute()->setController($routeAction['controller']); } if (!empty($routeAction['plugin'])) { ipRoute()->setPlugin($routeAction['plugin']); } if (!empty($routeAction['name'])) { ipRoute()->setName($routeAction['name']); } if (!empty($routeAction['action'])) { ipRoute()->setAction($routeAction['action']); } } //check for CSRF attack if (empty($options['skipCsrfCheck']) && $request->isPost() && $request->getPost('securityToken') != $this->getSecurityToken() && (empty($routeAction['controller']) || $routeAction['controller'] != 'PublicController')) { ipLog()->error('Core.possibleCsrfAttack', array('post' => ipRequest()->getPost())); $data = array('status' => 'error'); if (ipConfig()->isDevelopmentEnvironment()) { $data['errors'] = array('securityToken' => __('Possible CSRF attack. Please pass correct securityToken.', 'Ip-admin')); } // TODO JSONRPC return new \Ip\Response\Json($data); } if (empty($routeAction)) { $routeAction = array('plugin' => 'Core', 'controller' => 'PublicController', 'action' => 'pageNotFound'); } $eventInfo = $routeAction; if (!empty($routeAction['plugin'])) { $plugin = $routeAction['plugin']; $controller = $routeAction['controller']; if (in_array($plugin, \Ip\Internal\Plugins\Model::getModules())) { $controllerClass = 'Ip\\Internal\\' . $plugin . '\\' . $controller; } else { if (!in_array($plugin, \Ip\Internal\Plugins\Service::getActivePluginNames())) { throw new \Ip\Exception("Plugin '" . esc($plugin) . "' doesn't exist or isn't activated."); } $controllerClass = 'Plugin\\' . $plugin . '\\' . $controller; } if (!class_exists($controllerClass)) { throw new \Ip\Exception('Requested controller doesn\'t exist. ' . esc($controllerClass)); } // check if user is logged in if ($controller == 'AdminController' && !\Ip\Internal\Admin\Backend::userId()) { if (ipConfig()->get('rewritesDisabled')) { return new \Ip\Response\Redirect(ipConfig()->baseUrl() . 'index.php/admin'); } else { return new \Ip\Response\Redirect(ipConfig()->baseUrl() . 'admin'); } } if ($controller == 'AdminController') { if (!ipAdminPermission($plugin)) { throw new \Ip\Exception('User has no permission to access ' . esc($plugin) . ''); } } $eventInfo['controllerClass'] = $controllerClass; $eventInfo['controllerType'] = $controller; } if (empty($eventInfo['page'])) { $eventInfo['page'] = null; } // change layout if safe mode if (\Ip\Internal\Admin\Service::isSafeMode()) { ipSetLayout(ipFile('Ip/Internal/Admin/view/safeModeLayout.php')); } else { if ($eventInfo['page']) { ipSetLayout($eventInfo['page']->getLayout()); } } ipEvent('ipBeforeController', $eventInfo); $controllerAnswer = ipJob('ipExecuteController', $eventInfo); return $controllerAnswer; }
protected function hasPermission() { if (!\Ip\Internal\Admin\Backend::loggedIn()) { return false; } return true; }
public function passwordReset() { if (\Ip\Internal\Admin\Backend::userId()) { //user has already been logged in \Ip\Internal\Content\Service::setManagementMode(1); return new \Ip\Response\Redirect(ipHomeUrl()); } $content = ipView('view/passwordReset2.php', array('passwordResetForm' => FormHelper::getPasswordResetForm2())); ipAddJs('Ip/Internal/Admin/assets/passwordReset2.js'); $response = ipResponse(); $response->setLayout('Ip/Internal/Admin/view/loginLayout.php'); $response->setLayoutVariable('content', $content); ipAddJs('assets/languageSelect.js'); $response->setLayoutVariable('languageSelectForm', FormHelper::getLanguageSelectForm()); return $response; }
public static function isManagementMode() { $backendLoggedIn = \Ip\Internal\Admin\Backend::loggedIn(); return $backendLoggedIn && !empty($_SESSION['Content']['managementMode']) && ipAdminPermission('Content') && !ipRequest()->getQuery('disableManagement'); //we can't check here if we are in a page. It will result in widget rendering in non management mode when widget is rendered using ajax }