1 | <?php |
||
2 | /** |
||
3 | * Elgg page handler functions |
||
4 | * |
||
5 | * @package Elgg.Core |
||
6 | * @subpackage Routing |
||
7 | */ |
||
8 | |||
9 | /** |
||
10 | * Register a new route |
||
11 | * |
||
12 | * Route paths can contain wildcard segments, i.e. /blog/owner/{username} |
||
13 | * To make a certain wildcard segment optional, add ? to its name, |
||
14 | * i.e. /blog/owner/{username?} |
||
15 | * |
||
16 | * Wildcard requirements for common named variables such as 'guid' and 'username' |
||
17 | * will be set automatically. |
||
18 | * |
||
19 | * @warning If you are registering a route in the path of a route registered by |
||
20 | * deprecated {@link elgg_register_page_handler}, your registration must |
||
21 | * preceed the call to elgg_register_page_handler() in the boot sequence. |
||
22 | * |
||
23 | * @param string $name Unique route name |
||
24 | * This name can later be used to generate route URLs |
||
25 | * @param array $params Route parameters |
||
26 | * - path : path of the route |
||
27 | * - resource : name of the resource view |
||
28 | * - defaults : default values of wildcard segments |
||
29 | * - requirements : regex patterns for wildcard segment requirements |
||
30 | * - methods : HTTP methods |
||
31 | * |
||
32 | * @return \Elgg\Router\Route |
||
33 | */ |
||
34 | function elgg_register_route($name, array $params = []) { |
||
35 | 112 | return _elgg_services()->router->registerRoute($name, $params); |
|
36 | } |
||
37 | |||
38 | /** |
||
39 | * Unregister a route by its name |
||
40 | * |
||
41 | * @param string $name Name of the route |
||
42 | * |
||
43 | * @return void |
||
44 | */ |
||
45 | function elgg_unregister_route($name) { |
||
46 | 19 | _elgg_services()->router->unregisterRoute($name); |
|
47 | 19 | } |
|
48 | |||
49 | /** |
||
50 | * Generate a URL for named route |
||
51 | * |
||
52 | * @param string $name Route name |
||
53 | * @param array $parameters Parameters |
||
54 | * |
||
55 | * @return string |
||
56 | */ |
||
57 | function elgg_generate_url($name, array $parameters = []) { |
||
58 | 32 | return _elgg_services()->router->generateUrl($name, $parameters); |
|
59 | } |
||
60 | |||
61 | /** |
||
62 | * Used at the top of a page to mark it as logged in users only. |
||
63 | * |
||
64 | * @return void |
||
65 | * @throws \Elgg\GatekeeperException |
||
66 | * @since 1.9.0 |
||
67 | */ |
||
68 | function elgg_gatekeeper() { |
||
69 | if (!elgg_is_logged_in()) { |
||
70 | _elgg_services()->redirects->setLastForwardFrom(); |
||
71 | |||
72 | $msg = elgg_echo('loggedinrequired'); |
||
73 | throw new \Elgg\GatekeeperException($msg); |
||
74 | } |
||
75 | } |
||
76 | |||
77 | /** |
||
78 | * Used at the top of a page to mark it as admin only. |
||
79 | * |
||
80 | * @return void |
||
81 | * @throws \Elgg\GatekeeperException |
||
82 | * @since 1.9.0 |
||
83 | */ |
||
84 | function elgg_admin_gatekeeper() { |
||
85 | elgg_gatekeeper(); |
||
86 | |||
87 | if (!elgg_is_admin_logged_in()) { |
||
88 | _elgg_services()->redirects->setLastForwardFrom(); |
||
89 | |||
90 | $msg = elgg_echo('adminrequired'); |
||
91 | throw new \Elgg\GatekeeperException($msg); |
||
92 | } |
||
93 | } |
||
94 | |||
95 | |||
96 | /** |
||
97 | * May the current user access item(s) on this page? If the page owner is a group, |
||
98 | * membership, visibility, and logged in status are taken into account. |
||
99 | * |
||
100 | * @param bool $forward If set to true (default), will forward the page; |
||
101 | * if set to false, will return true or false. |
||
102 | * |
||
103 | * @param int $group_guid The group that owns the page. If not set, this |
||
104 | * will be pulled from elgg_get_page_owner_guid(). |
||
105 | * |
||
106 | * @return bool Will return if $forward is set to false. |
||
107 | * @throws InvalidParameterException |
||
108 | * @throws SecurityException |
||
109 | * @since 1.9.0 |
||
110 | */ |
||
111 | function elgg_group_gatekeeper($forward = true, $group_guid = null) { |
||
112 | if (null === $group_guid) { |
||
113 | $group_guid = elgg_get_page_owner_guid(); |
||
114 | } |
||
115 | |||
116 | if (!$group_guid) { |
||
117 | return true; |
||
118 | } |
||
119 | |||
120 | // this handles non-groups and invisible groups |
||
121 | $visibility = \Elgg\GroupItemVisibility::factory($group_guid); |
||
122 | |||
123 | if (!$visibility->shouldHideItems) { |
||
124 | return true; |
||
125 | } |
||
126 | if ($forward) { |
||
127 | // only forward to group if user can see it |
||
128 | $group = get_entity($group_guid); |
||
129 | $forward_url = $group ? $group->getURL() : ''; |
||
130 | |||
131 | if (!elgg_is_logged_in()) { |
||
132 | _elgg_services()->redirects->setLastForwardFrom(); |
||
133 | $forward_reason = 'login'; |
||
134 | } else { |
||
135 | $forward_reason = 'member'; |
||
136 | } |
||
137 | |||
138 | $msg_keys = [ |
||
139 | 'non_member' => 'membershiprequired', |
||
140 | 'logged_out' => 'loggedinrequired', |
||
141 | 'no_access' => 'noaccess', |
||
142 | ]; |
||
143 | register_error(elgg_echo($msg_keys[$visibility->reasonHidden])); |
||
144 | forward($forward_url, $forward_reason); |
||
145 | } |
||
146 | |||
147 | return false; |
||
148 | } |
||
149 | |||
150 | /** |
||
151 | * Can the viewer see this entity? |
||
152 | * |
||
153 | * Tests if the entity exists and whether the viewer has access to the entity |
||
154 | * if it does. If the viewer cannot view this entity, it forwards to an |
||
155 | * appropriate page. |
||
156 | * |
||
157 | * @param int $guid Entity GUID |
||
158 | * @param string $type Optional required entity type |
||
159 | * @param string $subtype Optional required entity subtype |
||
160 | * @param bool $forward If set to true (default), will forward the page; |
||
161 | * if set to false, will return true or false. |
||
162 | * |
||
163 | * @return bool Will return if $forward is set to false. |
||
164 | * @throws \Elgg\BadRequestException |
||
165 | * @throws \Elgg\EntityNotFoundException |
||
166 | * @throws \Elgg\EntityPermissionsException |
||
167 | * @throws \Elgg\GatekeeperException |
||
168 | * @since 1.9.0 |
||
169 | */ |
||
170 | function elgg_entity_gatekeeper($guid, $type = null, $subtype = null, $forward = true) { |
||
171 | $entity = get_entity($guid); |
||
172 | if (!$entity && $forward) { |
||
173 | if (!elgg_entity_exists($guid)) { |
||
174 | // entity doesn't exist |
||
175 | throw new \Elgg\EntityNotFoundException(); |
||
176 | } else if (!elgg_is_logged_in()) { |
||
177 | // entity requires at least a logged in user |
||
178 | elgg_gatekeeper(); |
||
179 | } else { |
||
180 | // user is logged in but still does not have access to it |
||
181 | $msg = elgg_echo('limited_access'); |
||
182 | throw new \Elgg\GatekeeperException($msg); |
||
183 | } |
||
184 | } else if (!$entity) { |
||
185 | return false; |
||
186 | } |
||
187 | |||
188 | if ($type && !elgg_instanceof($entity, $type, $subtype)) { |
||
0 ignored issues
–
show
|
|||
189 | // entity is of wrong type/subtype |
||
190 | if ($forward) { |
||
191 | throw new \Elgg\BadRequestException(); |
||
192 | } else { |
||
193 | return false; |
||
194 | } |
||
195 | } |
||
196 | |||
197 | $hook_type = "{$entity->getType()}:{$entity->getSubtype()}"; |
||
198 | $hook_params = [ |
||
199 | 'entity' => $entity, |
||
200 | 'forward' => $forward, |
||
201 | ]; |
||
202 | if (!elgg_trigger_plugin_hook('gatekeeper', $hook_type, $hook_params, true)) { |
||
203 | if ($forward) { |
||
204 | throw new \Elgg\EntityPermissionsException(); |
||
205 | } else { |
||
206 | return false; |
||
207 | } |
||
208 | } |
||
209 | |||
210 | return true; |
||
211 | } |
||
212 | |||
213 | /** |
||
214 | * Require that the current request be an XHR. If not, execution of the current function |
||
215 | * will end and a 400 response page will be sent. |
||
216 | * |
||
217 | * @return void |
||
218 | * @throws \Elgg\BadRequestException |
||
219 | * @since 1.12.0 |
||
220 | */ |
||
221 | function elgg_ajax_gatekeeper() { |
||
222 | 17 | if (!elgg_is_xhr()) { |
|
223 | $msg = elgg_echo('ajax:not_is_xhr'); |
||
224 | throw new \Elgg\BadRequestException($msg); |
||
225 | } |
||
226 | 17 | } |
|
227 | |||
228 | /** |
||
229 | * Prepares a successful response to be returned by a page or an action handler |
||
230 | * |
||
231 | * @param mixed $content Response content |
||
232 | * In page handlers, response content should contain an HTML string |
||
233 | * In action handlers, response content can contain either a JSON string or an array of data |
||
234 | * @param string $message System message visible to the client |
||
235 | * Can be used by handlers to display a system message |
||
236 | * @param string $forward_url Forward URL |
||
237 | * Can be used by handlers to redirect the client on non-ajax requests |
||
238 | * @param int $status_code HTTP status code |
||
239 | * Status code of the HTTP response (defaults to 200) |
||
240 | * |
||
241 | * @return \Elgg\Http\OkResponse |
||
242 | */ |
||
243 | function elgg_ok_response($content = '', $message = '', $forward_url = null, $status_code = ELGG_HTTP_OK) { |
||
244 | 70 | if ($message) { |
|
245 | 8 | system_message($message); |
|
246 | } |
||
247 | |||
248 | 70 | return new \Elgg\Http\OkResponse($content, $status_code, $forward_url); |
|
249 | |||
250 | } |
||
251 | |||
252 | /** |
||
253 | * Prepare an error response to be returned by a page or an action handler |
||
254 | * |
||
255 | * @param string $error Error message |
||
256 | * Can be used by handlers to display an error message |
||
257 | * For certain requests this error message will also be used as the response body |
||
258 | * @param string $forward_url URL to redirect the client to |
||
259 | * Can be used by handlers to redirect the client on non-ajax requests |
||
260 | * @param int $status_code HTTP status code |
||
261 | * Status code of the HTTP response |
||
262 | * For BC reasons and due to the logic in the client-side AJAX API, |
||
263 | * this defaults to 200. Note that the Router and AJAX API will |
||
264 | * treat these responses as error in spite of the HTTP code assigned |
||
265 | * |
||
266 | * @return \Elgg\Http\ErrorResponse |
||
267 | */ |
||
268 | function elgg_error_response($error = '', $forward_url = REFERRER, $status_code = ELGG_HTTP_OK) { |
||
269 | 36 | if ($error) { |
|
270 | 32 | register_error($error); |
|
271 | } |
||
272 | |||
273 | 36 | return new \Elgg\Http\ErrorResponse($error, $status_code, $forward_url); |
|
274 | } |
||
275 | |||
276 | /** |
||
277 | * Prepare a silent redirect response to be returned by a page or an action handler |
||
278 | * |
||
279 | * @param string $forward_url Redirection URL |
||
280 | * Relative or absolute URL to redirect the client to |
||
281 | * @param int $status_code HTTP status code |
||
282 | * Status code of the HTTP response |
||
283 | * Note that the Router and AJAX API will treat these responses |
||
284 | * as redirection in spite of the HTTP code assigned |
||
285 | * Note that non-redirection HTTP codes will throw an exception |
||
286 | * |
||
287 | * @return \Elgg\Http\RedirectResponse |
||
288 | * @throws \InvalidArgumentException |
||
289 | */ |
||
290 | function elgg_redirect_response($forward_url = REFERRER, $status_code = ELGG_HTTP_FOUND) { |
||
291 | 6 | return new Elgg\Http\RedirectResponse($forward_url, $status_code); |
|
292 | } |
||
293 | |||
294 | |||
295 | /** |
||
296 | * @see \Elgg\Application::loadCore Do not do work here. Just register for events. |
||
297 | */ |
||
298 | return function (\Elgg\EventsService $events, \Elgg\HooksRegistrationService $hooks) { |
||
299 | |||
300 | }; |
||
301 |
In PHP, under loose comparison (like
==
, or!=
, orswitch
conditions), values of different types might be equal.For
string
values, the empty string''
is a special case, in particular the following results might be unexpected: