/** * Handle a generic action passed in by the URL mapping. * * @param HTTPRequest $request */ public function handleAction($request) { $action = str_replace("-","_",$request->param('Action')); if(!$this->action) $this->action = 'index'; if($this->checkAccessAction($action)) { if($this->hasMethod($action)) { $result = $this->$action($request); // Method returns an array, that is used to customise the object before rendering with a template if(is_array($result)) { return $this->getViewer($action)->process($this->customise($result)); // Method returns a string / object, in which case we just return that } else { return $result; } // There is no method, in which case we just render this object using a (possibly alternate) template } else { return $this->getViewer($action)->process($this); } } else { return $this->httpError(403, "Action '$action' isn't allowed on class $this->class"); } }
public function settheme(HTTPRequest $request) { $newTheme = $request->param("ID"); $newTheme = Convert::raw2sql($newTheme); DB::query("Update SiteConfig SET Theme = '{$newTheme}';"); Session::set("theme", $newTheme); SSViewer::flush_template_cache(); $this->redirect($this->Link()); }
/** * Allows the user to confirm their account by clicking on the validation link in * the confirmation email. * * @param HTTPRequest $request * @return array */ public function confirm($request) { if (Member::currentUser()) { return Security::permissionFailure($this, _t('MemberProfiles.CANNOTCONFIRMLOGGEDIN', 'You cannot confirm account while you are logged in.')); } if ($this->EmailType != 'Validation' || !($id = $request->param('ID')) || !($key = $request->getVar('key')) || !is_numeric($id) || !($member = DataObject::get_by_id('Member', $id))) { $this->httpError(404); } if ($member->ValidationKey != $key || !$member->NeedsValidation) { $this->httpError(403, 'You cannot validate this member.'); } $member->NeedsValidation = false; $member->ValidationKey = null; $member->write(); $member->logIn(); return array('Title' => $this->obj('ConfirmationTitle'), 'Content' => $this->obj('ConfirmationContent')); }
/** * Action to return specific version of a product. * This is really useful for sold products where you want to retrieve the actual version that you sold. * @TODO: this is not correct yet, as the versions of product and productvariation are muddled up! * @param HTTPRequest $request */ function viewversion($request) { $version = intval($request->param("ID")); $product = $this->Product(); if ($product) { $this->redirect($product->Link("viewversion/" . $product->ID . "/" . $version . "/")); } else { $page = ErrorPage::get()->Filter(array("ErrorCode" => '404'))->First(); if ($page) { $this->redirect($page->Link()); return; } } return array(); }
protected function fsockget_execute() { $uri = $this->uri; $host = $this->host; $port = $this->port; $type = $this->type; $HTTPVersion = $this->HTTPVersion; $data = property_exists($this, 'data') ? $this->data : null; $crlf = "\r\n"; $rsp = ''; // Deal with the data first. if ($data && $type === 'POST') { $data = $this->param($data); } else { if ($data && $type === 'GET') { $get_data = $data; $data = $crlf; } else { $data = $crlf; } } // Then add if ($type === 'POST') { $this->setHeader('Content-Type', 'application/x-www-form-urlencoded'); $this->setHeader('Content-Length', strlen($data)); $get_data = property_exists($this, 'query') && $this->query ? HTTPRequest::param($this->query) : false; } else { $this->setHeader('Content-Type', 'text/plain'); $this->setHeader('Content-Length', strlen($crlf)); } if ($type === 'GET') { if (isset($get_data)) { $get_data = $data; } else { if ($this->query) { $get_data = HTTPRequest::param($this->query); } } } if ($this->useBasicAuth === true) { $this->setHeader('Authorization', 'Basic ' . base64_encode($this->authUsername . ':' . $this->authPassword)); } $headers = $this->headers; $req = ''; $req .= $type . ' ' . $uri . (isset($get_data) ? '?' . $get_data : '') . ' HTTP/' . $HTTPVersion . $crlf; $req .= "Host: " . $host . $crlf; foreach ($headers as $header => $content) { $req .= $header . ': ' . $content . $crlf; } $req .= $crlf; if ($type === 'POST') { $req .= $data; } else { $req .= $crlf; } // Construct hostname. $fsock_host = ($port == 443 ? 'ssl://' : '') . $host; // Open socket. $httpreq = @fsockopen($fsock_host, $port, $errno, $errstr, 30); // Handle an error. if (!$httpreq) { $this->error = $errno . ': ' . $errstr; return false; } // Send the request. fputs($httpreq, $req); // Receive the response. while ($line = fgets($httpreq)) { $rsp .= $line; } // Extract the headers and the responseText. list($headers, $responseText) = explode($crlf . $crlf, $rsp); // Store the finalized response. $this->response = $rsp; $this->responseText = $responseText; $this->status = array_shift($headers); // Store the response headers. $headers = explode($crlf, $headers); $this->responseHeaders = array(); foreach ($headers as $header) { list($key, $val) = explode(': ', $header); $this->responseHeaders[$key] = $val; } // Mark as executed. $this->executed = true; // Store the resource so we can close it later. $this->fsock = $httpreq; }
/** * Show the "password sent" page, after a user has requested * to reset their password. * * @param HTTPRequest $request The HTTPRequest for this action. * @return string Returns the "password sent" page as HTML code. */ public function passwordsent($request) { Requirements::javascript(THIRDPARTY_DIR . '/behaviour.js'); Requirements::javascript(THIRDPARTY_DIR . '/loader.js'); Requirements::javascript(THIRDPARTY_DIR . '/prototype.js'); Requirements::javascript(THIRDPARTY_DIR . '/prototype_improvements.js'); Requirements::javascript(THIRDPARTY_DIR . '/scriptaculous/effects.js'); $tmpPage = new Page(); $tmpPage->Title = _t('Security.LOSTPASSWORDHEADER'); $tmpPage->URLSegment = 'Security'; $controller = new Page_Controller($tmpPage); $controller->init(); $email = Convert::raw2xml($request->param('ID') . '.' . $request->getExtension()); $customisedController = $controller->customise(array( 'Title' => sprintf(_t('Security.PASSWORDSENTHEADER', "Password reset link sent to '%s'"), $email), 'Content' => "<p>" . sprintf(_t('Security.PASSWORDSENTTEXT', "Thank you! The password reset link has been sent to '%s'."), $email) . "</p>", )); //Controller::$currentController = $controller; return $customisedController->renderWith(array('Security_passwordsent', 'Security', $this->stat('template_main'))); }
function popularsearchwords(HTTPRequest $HTTPRequest) { if (!$this->HasPopularSearchWords()) { Security::permissionFailure($this, _t('Security.PERMFAILURE', ' This page is secured and you need administrator rights to access it. Enter your credentials below and we will send you right along.')); return; } Requirements::themedCSS("popularsearches", "searchplus"); $days = intval($HTTPRequest->param("ID")); if (!$days) { $days = 100; } $limit = intval($HTTPRequest->param("OtherID") + 0); if (!$limit) { $limit++; } $do = $this->getPopularSearchWords($days, $limit); $page->MenuTitle = $do->Title; $do->Title = $do->Title; return $this->customise($do)->renderWith(array('SearchPlusPage_popularsearches', 'Page')); }
public function addfieldexplanation(HTTPRequest $HTTPRequest) { $bt = defined('DB::USE_ANSI_SQL') ? "\"" : "`"; $fieldName = $HTTPRequest->param("ID"); $fieldTitle = $HTTPRequest->param("OtherID"); $obj = DataObject::get_one("FormFieldExplanation", "{$bt}Name{$bt} = '" . $fieldName . "' AND ParentID = " . $this->owner->ID); if (!$obj) { $obj = new FormFieldExplanation(); } $obj->Name = $fieldName; $obj->Title = $fieldTitle; $obj->Explanation = "explanation to be added"; $obj->ParentID = $this->owner->ID; $obj->write(); if (Director::is_ajax()) { return self::CMSLink($this->owner->ID, $obj->ID); } else { Director::redirectBack(); } }
/** * You can specificy one or MORE * * @param HTTPRequest $request */ function filterforvariations($request) { $array = explode(",", $request->param("ID")); if (is_array($array) && count($array)) { $this->variationFilter = array_map("intval", $array); } return array(); }