示例#1
0
 public function appLogin($params)
 {
     // Determine where to redirect to once logged in
     $refererUrl = isset($_POST['refererUrl']) ? $_POST['refererUrl'] : (isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : "http://" . UrlCommand::createAbsoluteUrl('core'));
     // Test
     if (isset($_POST['password'])) {
         if ($_POST['password'] == Config::get('app.password')) {
             // Grant admin access
             Core::setAdminAccess(TRUE);
             // Redirect to referring URL
             header("Location: {$refererUrl}");
             exit;
         } else {
             SystemLog::add('Login incorrect.', SystemLog::WARNING);
         }
     }
     // Prepare view
     $view = new View();
     $view->setSource(Config::get('core.dir.views') . '/core/app-login.tpl.php');
     $view->rUrl = $refererUrl;
     return $this->wrapper($view);
 }
示例#2
0
 /**
  * @param string $actionCommand Action to invoke (lower-hyphenated format, ie. action-command)
  * @return View
  */
 public final function invokeAction($actionCommand)
 {
     // Convert the action name to the format used for class method names
     // (ie. ActionName)
     $actionMethodName = Inflector::actionCommand_actionMethod($actionCommand);
     // Disregard this invocation if the $actionMethodName is listed in the
     // $allPrivateMethods array
     if (in_array($actionMethodName, $this->allPrivateMethods)) {
         return $this->unknown($this->params, $actionMethodName);
     }
     // Invoke the method (ensuring it's "public"), or the 'unknown' method
     // if it doesn't exist
     if (method_exists($this, $actionMethodName)) {
         $r = new ReflectionClass($this);
         $m = $r->getMethod($actionMethodName);
         if (!$m->isPublic() || $m->getName() !== $actionMethodName) {
             SystemLog::add(['Attempting to call a non-public action method: %s', $actionMethodName], SystemLog::FATAL);
             return new View();
         } else {
             return $this->{$actionMethodName}($this->params);
         }
     } else {
         return $this->unknown($this->params, $actionCommand);
     }
 }
示例#3
0
 /**
  * This method allows you to execute any arbitrary SQL statement and the
  * results are returned as a PDOStatement, or FALSE if the query failed.
  *
  * If you want to use numeric parameters (ie. SELECT * FROM x WHERE y=?)
  * then pass $params as a normal 0-indexed array.
  * However, if you want to use named parameters
  * (ie. SELECT * FROM x WHERE y=:myparam), then send $params as a hash
  * key=>value pairs of ":param"=>"value".
  *
  * Really, you could just as easily use the PDO functions directly in your
  * code. This will give you more flexibilty with setting attributes, etc.
  * Just try to keep all database code within your Model or ModelManager
  * classes.
  *
  * @param string|\Buan\ModelCriteria The query to execute
  * @param array Parameters to bind to the query
  * @param string The DB connection through which the query will be executed
  * @return \PDOStatement
  * @throws \PDOException
  */
 public static function sqlQuery($sql, $params = [], $connection = null)
 {
     // Get the database connection
     if (is_null($connection)) {
         try {
             $connection = Database::getConnection('default');
         } catch (Exception $e) {
             SystemLog::add($e->getMessage(), SystemLog::WARNING);
             return false;
         }
     }
     // Execute the query
     try {
         if ($sql instanceof ModelCriteria) {
             $sql = $sql->sql();
             $stmt = $connection->prepare($sql->query);
             foreach ($sql->bindings as $binding) {
                 $stmt->bindValue($binding->parameter, $binding->value, $binding->dataType);
             }
             $stmt->execute();
         } else {
             if (count($params) > 0) {
                 $stmt = $connection->prepare($sql);
                 $stmt->execute($params);
             } else {
                 $stmt = $connection->query($sql);
             }
         }
         return $stmt;
     } catch (PDOException $e) {
         $dbg = debug_backtrace();
         $msg = $e->getMessage() . " (source: {$dbg[0]['file']} line {$dbg[0]['line']})";
         throw new PDOException($msg);
         return false;
     }
 }