function doLogin($error_string = null) { /* $currentUrl = Core_Helper::getModule() == 'Login' ? Core_Url::getReferer() : 'index.php' . Core_Url::getCurrentQueryString(); */ //self::checkForceSslLogin(); /* Keep reference to the url, so we can redirect there later */ $currentUrl = 'index.php' . Core_Url::getCurrentQueryString(); $urlToRedirect = Core_Common::getRequestVar('form_url', $currentUrl, 'string'); $urlToRedirect = htmlspecialchars_decode($urlToRedirect); $form = new Module_Login_LoginForm(); if ($form->validate()) { $login = $form->getSubmitValue('form_login'); $password = $form->getSubmitValue('form_password'); $rememberme = $form->getSubmitValue('form_rememberme'); try { $this->authenticateAndRedirect($login, $password, $rememberme); } catch (Exception $e) { $error_string = $e->getMessage(); } } $view = Core_View::factory('login'); $view->urlToRedirect = $urlToRedirect; $view->addForm($form); $view->subTemplate = 'genericForm.tpl'; $view->AccessErrorString = $error_string; echo $view->render(); }
function viewDaily() { $api = new Module_Plans_API(); $week_date = Core_Common::getRequestVar('week_date', null, 'string'); $daily_plans = $api->getDailyPlans($week_date); $view = Core_View::factory('daily'); $view->plans = $daily_plans; $view->week_date = $week_date; $view->coach = $_SESSION['coach']; echo $view->render(); }
/** * Apply generic filters to the DataTable object resulting from the API Call. * Disable this feature by setting the parameter disable_generic_filters to 1 in the API call request. * * @param Core_DataTable */ protected function applyGenericFilters($datatable) { if ($datatable instanceof Core_DataTable_Array) { $tables = $datatable->getArray(); foreach ($tables as $table) { $this->applyGenericFilters($table); } return; } $genericFilters = self::getGenericFiltersInformation(); foreach ($genericFilters as $filterName => $parameters) { $filterParameters = array(); $exceptionRaised = false; foreach ($parameters as $name => $info) { // parameter type to cast to $type = $info[0]; // default value if specified, when the parameter doesn't have a value $defaultValue = null; if (isset($info[1])) { $defaultValue = $info[1]; } try { $value = Core_Common::getRequestVar($name, $defaultValue, $type, $this->request); settype($value, $type); $filterParameters[] = $value; } catch (Exception $e) { $exceptionRaised = true; break; } } if (!$exceptionRaised) { // a generic filter class name must follow this pattern $class = "Core_DataTable_Filter_" . $filterName; if ($filterName == 'Limit') { $datatable->setRowsCountBeforeLimitFilter(); } // build the set of parameters for the filter $filterParameters = array_merge(array($datatable), $filterParameters); // use Reflection to create a new instance of the filter, given parameters $filterParameters $reflectionObj = new ReflectionClass($class); $filter = $reflectionObj->newInstanceArgs($filterParameters); } } }
/** * Handles the request to the API. * It first checks that the method called (parameter 'method') is available in the module (it means that the method exists and is public) * It then reads the parameters from the request string and throws an exception if there are missing parameters. * It then calls the API Proxy which will call the requested method. * * @return mixed The data resulting from the API call */ public function process() { // read the format requested for the output data //$outputFormat = strtolower(Core_Common::getRequestVar('format', 'xml', 'string', $this->request)); $outputFormat = strtolower(Core_Common::getRequestVar('format', 'json', 'string', $this->request)); // create the response $response = new API_ResponseBuilder($this->request, $outputFormat); try { // read parameters $moduleMethod = Core_Common::getRequestVar('method', null, null, $this->request); list($module, $method) = $this->extractModuleAndMethod($moduleMethod); /* Load the request module */ $api_file = "Module" . DIRECTORY_SEPARATOR . $module . DIRECTORY_SEPARATOR . "API.php"; /* Include the module */ if (!file_exists($api_file)) { echo "API not found " . $requested_module; return; } require_once $api_file; $api_class = "Module_" . $module . "_API"; if (!class_exists($api_class)) { // Error throw new Exception("Error: Unknown class " . $requested_module); } // Dynamically create the class $this->api = new $api_class(); // Dynamically call the action if (!method_exists($this->api, $method)) { // Error throw new Exception("Error: Unknown method " . $method); return; } // call the method $returnedValue = API_Proxy::getInstance()->call($api_class, $method, $this->request); $toReturn = $response->getResponse($returnedValue); } catch (Exception $e) { $toReturn = $response->getResponseException($e); } return $toReturn; }
function dispatch($module = null, $action = null, $parameters = null) { if (is_null($module)) { $defaultModule = Core_Helper::getDefaultModuleName(); $module = Core_Common::getRequestVar('module', $defaultModule, 'string'); } if (is_null($action)) { $action = Core_Common::getRequestVar('action', false); } if (is_null($parameters)) { $parameters = array(); } if (!ctype_alnum($module)) { throw new Exception("Invalid module name '{$module}'"); } $controllerClassName = "Module_" . $module . "_Controller"; /* Check if the plugin has been activated */ if (!Core_ModuleManager::getInstance()->isModuleActivated($module)) { throw new Core_FrontController_PluginDeactivatedException($module); } // Dynamically create the class $controller = new $controllerClassName(); if ($action === false) { $action = $controller->getDefaultAction(); } // Dynamically call the action if (!is_callable(array($controller, $action))) { throw new Exception("Action not found in {$controllerClassName}::{$action}()."); } try { $controller->preDispatch(); return call_user_func_array(array($controller, $action), $parameters); } catch (Core_Access_NoAccessException $e) { Core_PostEvent('FrontController.NoAccessException'); } catch (Exception $e) { echo 'Error: ' . $e; return null; } }
/** * Returns a HTML page containing help for all the successfully loaded APIs. * For each module it will return a mini help with the method names, parameters to give, * links to get the result in Xml/Csv/etc * * @return string */ public function getAllInterfaceString($outputExampleUrls = true, $prefixUrls = '') { $str = ''; $token_auth = "&token_auth=" . Core::getCurrentUserTokenAuth(); $parametersToSet = array('idSite' => Core_Common::getRequestVar('idSite', 1, 'int'), 'period' => Core_Common::getRequestVar('period', 'day', 'string'), 'date' => Core_Common::getRequestVar('date', 'today', 'string')); foreach (Core_API_Proxy::getInstance()->getMetadata() as $class => $info) { $moduleName = Core_API_Proxy::getInstance()->getModuleNameFromClassName($class); $str .= "\n<h2 id='{$moduleName}'>Module " . $moduleName . "</h2>"; foreach ($info as $methodName => $infoMethod) { $params = $this->getStrListParameters($class, $methodName); $str .= "\n" . "- <b>{$moduleName}.{$methodName} " . $params . "</b>"; $str .= '<small>'; if ($outputExampleUrls) { // we prefix all URLs with $prefixUrls // used when we include this output in the Core official documentation for example $str .= "<span class=\"example\">"; $exampleUrl = $this->getExampleUrl($class, $methodName, $parametersToSet); if ($exampleUrl !== false) { $lastNUrls = ''; if (preg_match('/(&period)|(&date)/', $exampleUrl)) { $exampleUrlRss1 = $prefixUrls . $this->getExampleUrl($class, $methodName, array('date' => 'last10') + $parametersToSet); $exampleUrlRss2 = $prefixUrls . $this->getExampleUrl($class, $methodName, array('date' => 'last5', 'period' => 'week') + $parametersToSet); $lastNUrls = ",\tRSS of the last <a target=_blank href='{$exampleUrlRss1}&format=rss{$token_auth}'>10 days</a>, <a target=_blank href='{$exampleUrlRss2}&format=Rss'>5 weeks</a>,\n\t\t\t\t\t\t\t\t\tXML of the <a target=_blank href='{$exampleUrlRss1}&format=xml{$token_auth}'>last 10 days</a>"; } $exampleUrl = $prefixUrls . $exampleUrl; $str .= " [ Example in \n\t\t\t\t\t\t\t\t\t<a target=_blank href='{$exampleUrl}&format=xml{$token_auth}'>XML</a>, \n\t\t\t\t\t\t\t\t\t<a target=_blank href='{$exampleUrl}&format=PHP&prettyDisplay=true{$token_auth}'>PHP</a>, \n\t\t\t\t\t\t\t\t\t<a target=_blank href='{$exampleUrl}&format=JSON{$token_auth}'>Json</a>, \n\t\t\t\t\t\t\t\t\t<a target=_blank href='{$exampleUrl}&format=Csv{$token_auth}'>Csv</a>, \n\t\t\t\t\t\t\t\t\t<a target=_blank href='{$exampleUrl}&format=Html{$token_auth}'>Basic html</a> \n\t\t\t\t\t\t\t\t\t{$lastNUrls}\n\t\t\t\t\t\t\t\t\t]"; } else { $str .= " [ No example available ]"; } $str .= "</span>"; } $str .= '</small>'; $str .= "\n<br>"; } } return $str; }
/** * Checks that the specified token matches the current logged in user token * Protection against CSRF * * @return throws exception if token doesn't match */ protected function checkTokenInUrl() { if (Core_Common::getRequestVar('token_auth', false) != Core_Common::getCurrentUserAuth()) { throw new Core_Access_NoAccessException('Invalid Auth Token'); } }
/** * Returns the current action read from the URL * * @return string */ public static function getAction() { return Core_Common::getRequestVar('action', '', 'string'); }
/** * Returns an array containing the values of the parameters to pass to the method to call * * @param array array of (parameter name, default value) * @return array values to pass to the function call * @throws exception If there is a parameter missing from the required function parameters */ private function getRequestParametersArray($requiredParameters, $parametersRequest) { $finalParameters = array(); foreach ($requiredParameters as $name => $defaultValue) { try { if ($defaultValue instanceof API_Proxy_NoDefaultValue) { $requestValue = Core_Common::getRequestVar($name, null, null, $parametersRequest); } else { try { $requestValue = Core_Common::getRequestVar($name, $defaultValue, null, $parametersRequest); } catch (Exception $e) { $requestValue = $defaultValue; } } } catch (Exception $e) { throw new Exception("The required variable '{$name}' is not correct or has not been found in the API Request. Add the parameter '&{$name}=' (with a value) in the URL."); } $finalParameters[] = $requestValue; } return $finalParameters; }
/** * View the parts on a bike. * * @return The Webpage Text */ function viewBike() { $api = new Module_UserManagement_API(); $bike_id = Core_Common::getRequestVar('id', null, 'int'); $view = Core_View::factory('viewBike'); $view->bikes = $api->getBikes(); $view->parts = $api->getBikeData($bike_id); echo $view->render(); }
function Core_Form_fieldHaveSameValue($element, $value, $arg) { $value2 = Core_Common::getRequestVar($arg, '', 'string'); $value2 = Core_Common::unsanitizeInputValue($value2); return $value === $value2; }
function viewLaps() { $api = new Module_SessionGraphs_API(); $session_date = Core_Common::getRequestVar('session_date', null, 'string'); $lap_num = Core_Common::getRequestVar('lap_num', null, 'string'); $view = Core_View::factory('sessionlaps'); $view->session_date = $session_date; $view->lap_num = $lap_num; $session = $api->getSession($session_date); $laps = $api->getLaps($session_date); $lap = $laps[$lap_num - 1]; $zones = $api->getZones($session_date, $lap['start_time'], $lap['end_time']); $view->zones = $zones; $view->laps = $laps; $view->lap = $lap; $session_labels = array(); $session_labels[] = array("label" => 'Date', "value" => $session['session_date'], "id" => 'session_date', "units" => ''); $session_labels[] = array("label" => 'Duration', "value" => $session['duration'], "id" => 'duration', "units" => ''); $session_labels[] = array("label" => 'Distance', "value" => $session['distance'], "id" => 'distance', "units" => 'km'); $session_labels[] = array("label" => 'Avg Speed', "value" => $session['avg_speed'], "id" => 'avg_speed', "units" => 'km/h'); $session_labels[] = array("label" => 'Max Speed', "value" => $session['max_speed'], "id" => 'max_speed', "units" => 'km/h'); $session_labels[] = array("label" => 'Avg Heart Rate', "value" => $session['avg_heartrate'], "id" => 'avg_heartrate', "units" => 'bpm'); $session_labels[] = array("label" => 'Max Heart Rate', "value" => $session['max_heartrate'], "id" => 'max_heartrate', "units" => 'bpm'); $session_labels[] = array("label" => 'Avg Heart Percent', "value" => $session['avg_heartrate_percent'], "id" => 'avg_heartrate_percent', "units" => '%'); $session_labels[] = array("label" => 'Max Heart Percent', "value" => $session['max_heartrate_percent'], "id" => 'max_heartrate_percent', "units" => '%'); $session_labels[] = array("label" => 'Energy', "value" => round($session['calories'] * 4.184), "id" => 'calories', "units" => 'kJ'); $session_labels[] = array("label" => 'Total Ascent', "value" => $session['total_ascent'], "id" => 'total_ascent', "units" => 'm'); $session_labels[] = array("label" => 'Total Descent', "value" => $session['total_descent'], "id" => 'total_descent', "units" => 'm'); $view->session = $session_labels; echo $view->render(); }
protected function handleDataTable($datatable) { // if the flag disable_generic_filters is defined we skip the generic filters if ('false' == Core_Common::getRequestVar('disable_generic_filters', 'false', 'string', $this->request)) { $genericFilter = new Core_API_DataTableGenericFilter($datatable, $this->request); $genericFilter->filter(); } // we automatically safe decode all datatable labels (against xss) $datatable->queueFilter('SafeDecodeLabel'); // if the flag disable_queued_filters is defined we skip the filters that were queued if (Core_Common::getRequestVar('disable_queued_filters', 'false', 'string', $this->request) == 'false') { $datatable->applyQueuedFilters(); } return $this->getRenderedDataTable($datatable); }