/** * Constructor * @param $atk Atk * * @return IndexPage */ public function __construct(Atk $atk) { global $ATK_VARS; $this->atk = $atk; $this->m_page = Page::getInstance(); $this->m_ui = Ui::getInstance(); $this->m_output = Output::getInstance(); $this->m_user = SecurityManager::atkGetUser(); $this->m_flags = array_key_exists('atkpartial', $ATK_VARS) ? Page::HTML_PARTIAL : Page::HTML_STRICT; }
/** * This method handles the storage of the action in the database. * * @param string $action The action being performed * @param array $record The record on which the action is performed */ public function actionPerformed($action, $record) { $user = SecurityManager::atkGetUser(); $userid = $user[Config::getGlobal('auth_userpk')]; if ($userid == '') { $userid = 0; } // probably administrator $node = $this->m_node->atkNodeUri(); $db = $this->m_node->getDb(); $primarykey = $db->escapeSQL($this->m_node->primaryKey($record)); $db->query('INSERT INTO atkeventlog (id, userid, stamp, node, action, primarykey) VALUES(' . $db->nextid('atkeventlog') . ", {$userid}, " . $db->func_now() . ", '{$node}', '{$action}', '{$primarykey}')"); $db->commit(); }
/** * Handle the error. * * @param string $errorMessage * @param string $debugMessage */ public function handle($errorMessage, $debugMessage) { $sessionManager = SessionManager::getInstance(); $sessionData =& SessionManager::getSession(); $txt_app_title = Tools::atktext('app_title'); if ($this->params['mailto'] != '') { // only if enabled.. $atk = Atk::getInstance(); $subject = '[' . $_SERVER['SERVER_NAME'] . "] {$txt_app_title} error"; $defaultfrom = sprintf('%s <%s@%s>', $txt_app_title, Config::getGlobal('identifier', 'atk'), $_SERVER['SERVER_NAME']); $from = Config::getGlobal('mail_sender', $defaultfrom); $body = "Hello,\n\nAn error seems to have occurred in the atk application named '{$txt_app_title}'.\n"; $body .= "\nThe errormessage was:\n\n" . implode("\n", is_array($errorMessage) ? $errorMessage : array()) . "\n"; $body .= "\nA detailed report follows:\n"; $body .= "\nPHP Version: " . phpversion() . "\n\n"; $body .= "\nDEBUGMESSAGES\n" . str_repeat('-', 70) . "\n"; $lines = []; for ($i = 0, $_ = count($debugMessage); $i < $_; ++$i) { $lines[] = $this->_wordwrap(Tools::atk_html_entity_decode(preg_replace('(\\[<a.*</a>\\])', '', $debugMessage[$i]))); } $body .= implode("\n", $lines); if (is_array($_GET)) { $body .= "\n\n_GET\n" . str_repeat('-', 70) . "\n"; foreach ($_GET as $key => $value) { $body .= $this->_wordwrap($key . str_repeat(' ', max(1, 20 - strlen($key))) . ' = ' . var_export($value, 1)) . "\n"; } } if (function_exists('getallheaders')) { $request = getallheaders(); if (count($request) > 0) { $body .= "\n\nREQUEST INFORMATION\n" . str_repeat('-', 70) . "\n"; foreach ($request as $key => $value) { $body .= $this->_wordwrap($key . str_repeat(' ', max(1, 30 - strlen($key))) . ' = ' . var_export($value, 1)) . "\n"; } } } if (is_array($_POST)) { $body .= "\n\n_POST\n" . str_repeat('-', 70) . "\n"; foreach ($_POST as $key => $value) { $body .= $this->_wordwrap($key . str_repeat(' ', max(1, 20 - strlen($key))) . ' = ' . var_export($value, 1)) . "\n"; } } if (is_array($_COOKIE)) { $body .= "\n\n_COOKIE\n" . str_repeat('-', 70) . "\n"; foreach ($_COOKIE as $key => $value) { $body .= $this->_wordwrap($key . str_repeat(' ', max(1, 20 - strlen($key))) . ' = ' . var_export($value, 1)) . "\n"; } } $body .= "\n\nATK CONFIGURATION\n" . str_repeat('-', 70) . "\n"; foreach ($GLOBALS as $key => $value) { if (substr($key, 0, 7) == 'config_') { $body .= $this->_wordwrap($key . str_repeat(' ', max(1, 30 - strlen($key))) . ' = ' . var_export($value, 1)) . "\n"; } } $body .= "\n\nMODULE CONFIGURATION\n" . str_repeat('-', 70) . "\n"; foreach ($atk->g_modules as $modname => $modpath) { $modexists = file_exists($modpath) ? ' (path exists)' : ' (PATH DOES NOT EXIST!)'; $body .= $this->_wordwrap($modname . ':' . str_repeat(' ', max(1, 20 - strlen($modname))) . var_export($modpath, 1) . $modexists) . "\n"; } $body .= "\n\nCurrent User:\n" . str_repeat('-', 70) . "\n"; $user = SecurityManager::atkGetUser(); if (is_array($user) && count($user)) { foreach ($user as $key => $value) { $body .= $this->_wordwrap($key . str_repeat(' ', max(1, 30 - strlen($key))) . ' = ' . var_export($value, 1)) . "\n"; } } else { $body .= "Not known\n"; } if (is_object($sessionManager)) { $body .= "\n\nATK SESSION\n" . str_repeat('-', 70); $body .= "\nNamespace: " . $sessionManager->getNameSpace() . "\n"; if (isset($sessionData[$sessionManager->getNameSpace()]['stack'])) { $stack = $sessionData[$sessionManager->getNameSpace()]['stack']; for ($i = 0; $i < count($stack); ++$i) { $body .= "\nStack level {$i}:\n"; $item = isset($stack[$i]) ? $stack[$i] : null; if (is_array($item)) { foreach ($item as $key => $value) { $body .= $this->_wordwrap($key . str_repeat(' ', max(1, 30 - strlen($key))) . ' = ' . var_export($value, 1)) . "\n"; } } } } if (isset($sessionData[$sessionManager->getNameSpace()]['globals'])) { $ns_globals = $sessionData[$sessionManager->getNameSpace()]['globals']; if (count($ns_globals) > 0) { $body .= "\nNamespace globals:\n"; foreach ($ns_globals as $key => $value) { $body .= $this->_wordwrap($key . str_repeat(' ', max(1, 30 - strlen($key))) . ' = ' . var_export($value, 1)) . "\n"; } } } if (isset($sessionData['globals'])) { $globals = $sessionData['globals']; if (count($globals) > 0) { $body .= "\nGlobals:\n"; foreach ($globals as $key => $value) { $body .= $this->_wordwrap($key . str_repeat(' ', max(1, 30 - strlen($key))) . ' = ' . var_export($value, 1)) . "\n"; } } } } $body .= "\n\nSERVER INFORMATION\n" . str_repeat('-', 70) . "\n"; foreach ($_SERVER as $key => $value) { $body .= $this->_wordwrap($key . str_repeat(' ', max(1, 20 - strlen($key))) . ' = ' . var_export($value, 1)) . "\n"; } //TODO: replace with some mailer object mail($this->params['mailto'], $subject, $body, "From: {$from}"); } }
/** * Determine the export selections that should be displayed. * * @return array */ protected function getExportSelections() { $where = ' nodetype = "' . $this->m_postvars['atknodeuri'] . '"'; if ('none' !== strtolower(Config::getGlobal('authentication'))) { $user = SecurityManager::atkGetUser(); if ('administrator' !== strtolower($user['name'])) { $where .= ' AND user_id IN( 0, ' . (int) $user[Config::getGlobal('auth_userpk')] . ' )'; } } $db = Db::getInstance(); return $db->getRows($query = 'SELECT id, name FROM atk_exportcriteria WHERE ' . $where . ' ORDER BY name'); }
/** * Returns a piece of html code that can be used in a form to edit this * attribute's value. * * @param array $record The record that holds the value for this attribute. * @param string $fieldprefix The fieldprefix to put in front of the name * of any html form element for this attribute. * @param string $mode The mode we're in ('add' or 'edit') * * @return string A piece of htmlcode for editing this attribute */ public function edit($record, $fieldprefix, $mode) { $user = SecurityManager::atkGetUser(); $page = Page::getInstance(); $icons = "var ATK_PROFILE_ICON_OPEN = '" . Config::getGlobal('icon_plussquare') . "';"; $icons .= "var ATK_PROFILE_ICON_CLOSE = '" . Config::getGlobal('icon_minussquare') . "';"; $page->register_scriptcode($icons); $page->register_script(Config::getGlobal('assets_url') . 'javascript/class.atkprofileattribute.js'); $this->_restoreDivStates($page); $result = '<div align="right"> [<a href="javascript:void(0)" onclick="profile_checkAll(\'' . $this->fieldName() . '\'); return false;">' . Tools::atktext('check_all') . '</a> | <a href="javascript:void(0)" onclick="profile_checkNone(\'' . $this->fieldName() . '\'); return false;">' . Tools::atktext('check_none') . '</a> | <a href="javascript:void(0)" onclick="profile_checkInvert(\'' . $this->fieldName() . '\'); return false;">' . Tools::atktext('invert_selection') . '</a>]</div>'; $isAdmin = $user['name'] == 'administrator' || $this->canGrantAll(); $allActions = $this->getAllActions($record, true); $editableActions = $this->getEditableActions($record); $selectedActions = $this->getSelectedActions($record); foreach ($allActions as $section => $modules) { $result .= '<div class="profileSection">'; $result .= "<span onclick=\"profile_swapProfileDiv('div_{$section}');\" style=\"cursor: pointer; font-size: 110%; font-weight: bold\">"; $result .= ' <i class="' . Config::getGlobal('icon_plussquare') . "\" id=\"img_div_{$section}\"></i> " . Tools::atktext(array("title_{$section}", $section), $section); $result .= '</span><br/>'; $result .= "<div id='div_{$section}' name='div_{$section}' style='display: none; padding-left: 15px' class='checkbox'>"; $result .= " <input type='hidden' name=\"divstate['div_{$section}']\" id=\"divstate['div_{$section}']\" value='closed' />"; $result .= ' <div style="font-size: 80%; margin-top: 4px; margin-bottom: 4px" > [<a style="font-size: 100%" href="javascript:void(0)" onclick="profile_checkAllByValue(\'' . $this->fieldName() . '\',\'' . $section . '.\'); return false;">' . Tools::atktext('check_all', 'atk') . '</a> | <a style="font-size: 100%" href="javascript:void(0)" onclick="profile_checkNoneByValue(\'' . $this->fieldName() . '\',\'' . $section . '.\'); return false;">' . Tools::atktext('check_none', 'atk') . '</a> | <a style="font-size: 100%" href="javascript:void(0)" onclick="profile_checkInvertByValue(\'' . $this->fieldName() . '\',\'' . $section . '.\'); return false;">' . Tools::atktext('invert_selection', 'atk') . '</a>]'; $result .= ' </div>'; $result .= ' <br>'; foreach ($modules as $module => $nodes) { foreach ($nodes as $node => $actions) { $showBox = $isAdmin || count(array_intersect($actions, is_array($editableActions[$module][$node]) ? $editableActions[$module][$node] : array())) > 0; if ($showBox) { $result .= '<b>' . Tools::atktext($node, $module) . '</b><br>'; } $tabs_str = ''; $display_tabs_str = false; // Draw action checkboxes foreach ($actions as $action) { $temp_str = ''; $isEditable = $isAdmin || Tools::atk_in_array($action, $editableActions[$module][$node]); $isSelected = isset($selectedActions[$module][$node]) && in_array($action, $selectedActions[$module][$node]); if ($isEditable) { if (substr($action, 0, 4) == 'tab_') { $display_tabs_str = true; } $temp_str .= '<label>'; $temp_str .= '<input type="checkbox" name="' . $this->fieldName() . '[]" ' . $this->getCSSClassAttribute('atkcheckbox') . ' value="' . $section . '.' . $module . '.' . $node . '.' . $action . '" '; $temp_str .= ($isSelected ? ' checked="checked"' : '') . '>'; $temp_str .= ' ' . $this->permissionName($action, $node, $module); $temp_str .= '</label>'; } if (substr($action, 0, 4) == 'tab_') { $tabs_str .= $temp_str; } else { $result .= $temp_str; } } if ($display_tabs_str) { $result .= '<br>Tabs: '; } $result .= $tabs_str; if ($showBox) { $result .= "<br /><br />\n"; } } } $result .= ' </div>'; // end div_$section $result .= '</div>'; // end profileSection } return $result; }
/** * This method is overridden to make sure that when a form is posted ('save' button), the * current record is refreshed so the output on screen is accurate. * * @return array Array with userinfo, or "" if no user is logged in. */ public function initialValue() { $fakeRecord = array($this->fieldName() => SecurityManager::atkGetUser()); $this->populate($fakeRecord); return $fakeRecord[$this->fieldName()]; }
/** * Get the selected language of the current user if he/she set one, * otherwise we try to get it from the browser settings and if even THAT * fails, we return the default language. * * @static * * @return string */ public static function getUserLanguage() { $supported = self::getSupportedLanguages(); $sessionmanager = SessionManager::getInstance(); if (!empty($sessionmanager)) { $userinfo = SecurityManager::atkGetUser(); $fieldname = Config::getGlobal('auth_languagefield'); if (isset($userinfo[$fieldname]) && in_array($userinfo[$fieldname], $supported)) { return $userinfo[$fieldname]; } } // Otherwise we check the headers if (Config::getGlobal('use_browser_language', false)) { $headerlng = self::getLanguageFromHeaders(); if ($headerlng && in_array($headerlng, $supported)) { return $headerlng; } } // We give up and just return the default language return Config::getGlobal('language'); }