示例#1
0
 /**
  * Handle GET requests.
  *
  * @param Alpha\Util\Http\Request $request
  *
  * @return Alpha\Util\Http\Response
  *
  * @since 1.0
  */
 public function doGET($request)
 {
     self::$logger->debug('>>doGET(request=[' . var_export($request, true) . '])');
     $config = ConfigProvider::getInstance();
     if ($config->get('app.check.installed') && !ActiveRecord::isInstalled()) {
         $response = new Response(301);
         $response->redirect($config->get('app.url') . '/install');
         self::$logger->warn('App not installed so re-directing to the install controller');
         self::$logger->debug('<<doGET');
         return $response;
     }
     $params = $request->getParams();
     $body = View::loadTemplateFragment('html', 'head.phtml', array('title' => $config->get('app.title'), 'description' => 'Welcome to our site', 'allowCSSOverrides' => true));
     $body .= View::loadTemplateFragment('html', 'index.phtml');
     $body .= View::loadTemplateFragment('html', 'footer.phtml');
     self::$logger->debug('<<doGET');
     return new Response(200, $body, array('Content-Type' => 'text/html'));
 }
 /**
  * Method to handle DELETE requests.
  *
  * @param Alpha\Util\Http\Request $request
  *
  * @throws Alpha\Exception\IllegalArguementException
  * @throws Alpha\Exception\SecurityException
  *
  * @return Alpha\Util\Http\Response
  *
  * @since 2.0
  */
 public function doDELETE($request)
 {
     self::$logger->debug('>>doDELETE(request=[' . var_export($request, true) . '])');
     $config = ConfigProvider::getInstance();
     $params = $request->getParams();
     $accept = $request->getAccept();
     try {
         // check the hidden security fields before accepting the form data
         if (!$this->checkSecurityFields()) {
             throw new SecurityException('This page cannot accept data from remote servers!');
         }
         if (isset($params['ActiveRecordType'])) {
             $ActiveRecordType = urldecode($params['ActiveRecordType']);
         } else {
             throw new IllegalArguementException('No ActiveRecord available to edit!');
         }
         if (class_exists($ActiveRecordType)) {
             $record = new $ActiveRecordType();
         } else {
             throw new IllegalArguementException('No ActiveRecord [' . $ActiveRecordType . '] available to edit!');
         }
         // check the hidden security fields before accepting the form POST data
         if (!$this->checkSecurityFields()) {
             throw new SecurityException('This page cannot accept post data from remote servers!');
         }
         $record->load($params['ActiveRecordOID']);
         ActiveRecord::begin();
         $record->delete();
         ActiveRecord::commit();
         ActiveRecord::disconnect();
         self::$logger->action('Deleted ' . $ActiveRecordType . ' instance with OID ' . $params['ActiveRecordOID']);
         if ($accept == 'application/json') {
             $response = new Response(200);
             $response->setHeader('Content-Type', 'application/json');
             $response->setBody(json_encode(array('message' => 'deleted')));
         } else {
             $response = new Response(301);
             if (isset($params['statusMessage'])) {
                 $this->setStatusMessage(View::displayUpdateMessage($params['statusMessage']));
             } else {
                 $this->setStatusMessage(View::displayUpdateMessage('Deleted'));
             }
             if ($this->getNextJob() != '') {
                 $response->redirect($this->getNextJob());
             } else {
                 if ($this->request->isSecureURI()) {
                     $response->redirect(FrontController::generateSecureURL('act=Alpha\\Controller\\ActiveRecordController&ActiveRecordType=' . $ActiveRecordType . '&start=0&limit=' . $config->get('app.list.page.amount')));
                 } else {
                     $response->redirect($config->get('app.url') . '/records/' . $params['ActiveRecordType']);
                 }
             }
         }
     } catch (SecurityException $e) {
         self::$logger->warn($e->getMessage());
         throw new ResourceNotAllowedException($e->getMessage());
     } catch (RecordNotFoundException $e) {
         self::$logger->warn($e->getMessage());
         throw new ResourceNotFoundException('The item that you have requested cannot be found!');
     } catch (AlphaException $e) {
         self::$logger->error($e->getMessage());
         ActiveRecord::rollback();
     }
     self::$logger->debug('<<doDELETE');
     return $response;
 }
示例#3
0
 /**
  * Testing the redirect method.
  */
 public function testRedirect()
 {
     $response = new Response(301);
     try {
         $response->redirect('notreallythere');
         $this->fail('Testing the redirect method');
     } catch (IllegalArguementException $e) {
         $this->assertEquals('Unable to redirect to URL [notreallythere] as it is invalid', $e->getMessage());
     }
     $response->redirect('http://alphaframework.org/');
     $this->assertEquals('http://alphaframework.org/', $response->getHeader('Location'), 'Testing the redirect method');
     $this->assertEquals(1, count($response->getHeaders()), 'Testing the redirect method');
 }
示例#4
0
 /**
  * Login the user and re-direct to the defined destination.
  *
  * @param string $password The password supplied by the user logging in
  *
  * @throws Alpha\Exception\ValidationException
  *
  * @return Alpha\Util\Http\Response
  *
  * @since 1.0
  */
 protected function doLoginAndRedirect($password)
 {
     self::$logger->debug('>>doLoginAndRedirect(password=[' . $password . '])');
     $config = ConfigProvider::getInstance();
     if (!$this->personObject->isTransient() && $this->personObject->get('state') == 'Active') {
         if (password_verify($password, $this->personObject->get('password'))) {
             $sessionProvider = $config->get('session.provider.name');
             $session = SessionProviderFactory::getInstance($sessionProvider);
             $session->set('currentUser', $this->personObject);
             self::$logger->debug('Logging in [' . $this->personObject->get('email') . '] at [' . date('Y-m-d H:i:s') . ']');
             self::$logger->action('Login');
             $response = new Response(301);
             if ($this->getNextJob() != '') {
                 $response->redirect(FrontController::generateSecureURL('act=' . $this->getNextJob()));
                 $this->clearUnitOfWorkAttributes();
             } else {
                 $response->redirect($config->get('app.url'));
             }
             return $response;
         } else {
             throw new ValidationException('Failed to login user ' . $this->personObject->get('email') . ', the password is incorrect!');
             self::$logger->debug('<<doLoginAndRedirect');
         }
     }
 }
示例#5
0
 /**
  * Method to handle PUT requests.
  *
  * @param Alpha\Util\Http\Request
  *
  * @return Alpha\Util\Http\Response
  *
  * @since 1.0
  */
 public function doPUT($request)
 {
     self::$logger->debug('>>doPUT($request=[' . var_export($request, true) . '])');
     $config = ConfigProvider::getInstance();
     $params = $request->getParams();
     try {
         // check the hidden security fields before accepting the form POST data
         if (!$this->checkSecurityFields()) {
             throw new SecurityException('This page cannot accept post data from remote servers!');
             self::$logger->debug('<<doPUT');
         }
         if (isset($params['markdownTextBoxRows']) && $params['markdownTextBoxRows'] != '') {
             $viewState = ViewState::getInstance();
             $viewState->set('markdownTextBoxRows', $params['markdownTextBoxRows']);
         }
         if (isset($params['title']) || isset($params['ActiveRecordOID'])) {
             if (isset($params['ActiveRecordType']) && class_exists($params['ActiveRecordType'])) {
                 $record = new $params['ActiveRecordType']();
             } else {
                 $record = new Article();
             }
             if (isset($params['title'])) {
                 $title = str_replace($config->get('cms.url.title.separator'), ' ', $params['title']);
                 $record->loadByAttribute('title', $title, false, array('OID', 'version_num', 'created_ts', 'updated_ts', 'title', 'author', 'published', 'content', 'headerContent'));
             } else {
                 $record->load($params['ActiveRecordOID']);
             }
             // uploading an article attachment
             if (isset($params['uploadBut'])) {
                 $source = $request->getFile('userfile')['tmp_name'];
                 $dest = $record->getAttachmentsLocation() . '/' . $request->getFile('userfile')['name'];
                 // upload the file to the attachments directory
                 FileUtils::copy($source, $dest);
                 if (!file_exists($dest)) {
                     throw new AlphaException('Could not move the uploaded file [' . $request->getFile('userfile')['name'] . ']');
                 }
                 // set read/write permissions on the file
                 $success = chmod($dest, 0666);
                 if (!$success) {
                     throw new AlphaException('Unable to set read/write permissions on the uploaded file [' . $dest . '].');
                 }
                 if ($success) {
                     self::$logger->action('File ' . $source . ' uploaded to ' . $dest);
                     $this->setStatusMessage(View::displayUpdateMessage('File ' . $source . ' uploaded to ' . $dest));
                 }
             } elseif (isset($params['deletefile']) && $params['deletefile'] != '') {
                 $success = unlink($record->getAttachmentsLocation() . '/' . $params['deletefile']);
                 if (!$success) {
                     throw new AlphaException('Could not delete the file [' . $params['deletefile'] . ']');
                 }
                 if ($success) {
                     self::$logger->action('File ' . $record->getAttachmentsLocation() . '/' . $params['deletefile'] . ' deleted');
                     $this->setStatusMessage(View::displayUpdateMessage('File ' . $record->getAttachmentsLocation() . '/' . $params['deletefile'] . ' deleted'));
                 }
             } else {
                 self::$logger->debug('<<doPUT');
                 return parent::doPUT($request);
             }
         } else {
             throw new IllegalArguementException('No valid article ID provided!');
         }
     } catch (SecurityException $e) {
         $this->setStatusMessage(View::displayErrorMessage($e->getMessage()));
         self::$logger->warn($e->getMessage());
     } catch (IllegalArguementException $e) {
         $this->setStatusMessage(View::displayErrorMessage($e->getMessage()));
         self::$logger->error($e->getMessage());
     } catch (RecordNotFoundException $e) {
         self::$logger->warn($e->getMessage());
         $this->setStatusMessage(View::displayErrorMessage('Failed to load the requested article from the database!'));
     } catch (AlphaException $e) {
         $this->setStatusMessage(View::displayErrorMessage($e->getMessage()));
         self::$logger->error($e->getMessage());
     }
     $response = new Response(301);
     if ($this->getNextJob() != '') {
         $response->redirect($this->getNextJob());
     } else {
         if ($this->request->isSecureURI()) {
             $response->redirect(FrontController::generateSecureURL('act=Alpha\\Controller\\ActiveRecordController&ActiveRecordType=Alpha\\Model\\Article&ActiveRecordOID=' . $record->getOID() . '&view=edit'));
         } else {
             $title = str_replace(' ', $config->get('cms.url.title.separator'), $record->get('title'));
             $response->redirect($config->get('app.url') . '/a/' . $title . '/edit');
         }
     }
     self::$logger->debug('<<doPUT');
     return $response;
 }