jenskooij /
cloudcontrol
@@ -14,43 +14,43 @@ |
||
| 14 | 14 | class SitemapRouting |
| 15 | 15 | { |
| 16 | 16 | |
| 17 | - /** |
|
| 18 | - * SitemapRouting constructor. |
|
| 19 | - * @param \library\cc\Request $request |
|
| 20 | - * @param mixed|string $relativeCmsUri |
|
| 21 | - * @param CmsComponent $cmsComponent |
|
| 22 | - */ |
|
| 23 | - public function __construct($request, $relativeCmsUri, $cmsComponent) |
|
| 24 | - { |
|
| 25 | - if ($relativeCmsUri == '/sitemap') { |
|
| 26 | - $cmsComponent->subTemplate = 'cms/sitemap'; |
|
| 27 | - if (isset($request::$post[CmsComponent::POST_PARAMETER_SAVE])) { |
|
| 28 | - $cmsComponent->storage->saveSitemap($request::$post); |
|
| 29 | - } |
|
| 30 | - $cmsComponent->setParameter(CmsComponent::PARAMETER_MAIN_NAV_CLASS, CmsComponent::PARAMETER_SITEMAP); |
|
| 31 | - $cmsComponent->setParameter(CmsComponent::PARAMETER_SITEMAP, $cmsComponent->storage->getSitemap()); |
|
| 32 | - } elseif ($relativeCmsUri == '/sitemap/new') { |
|
| 33 | - $cmsComponent->subTemplate = 'cms/sitemap/form'; |
|
| 34 | - $cmsComponent->setParameter(CmsComponent::PARAMETER_MAIN_NAV_CLASS, CmsComponent::PARAMETER_SITEMAP); |
|
| 35 | - if (isset($request::$post[CmsComponent::POST_PARAMETER_TITLE], $request::$post[CmsComponent::POST_PARAMETER_TEMPLATE], $request::$post[CmsComponent::POST_PARAMETER_COMPONENT])) { |
|
| 36 | - $cmsComponent->storage->addSitemapItem($request::$post); |
|
| 37 | - header('Location: ' . $request::$subfolders . $cmsComponent->getParameter(CmsComponent::PARAMETER_CMS_PREFIX) . '/sitemap'); |
|
| 38 | - exit; |
|
| 39 | - } |
|
| 40 | - } elseif ($relativeCmsUri == '/sitemap/edit' && isset($request::$get[CmsComponent::GET_PARAMETER_SLUG])) { |
|
| 41 | - $cmsComponent->subTemplate = 'cms/sitemap/form'; |
|
| 42 | - $cmsComponent->setParameter(CmsComponent::PARAMETER_MAIN_NAV_CLASS, CmsComponent::PARAMETER_SITEMAP); |
|
| 43 | - $sitemapItem = $cmsComponent->storage->getSitemapItemBySlug($request::$get[CmsComponent::GET_PARAMETER_SLUG]); |
|
| 44 | - if (isset($request::$post[CmsComponent::POST_PARAMETER_TITLE], $request::$post[CmsComponent::POST_PARAMETER_TEMPLATE], $request::$post[CmsComponent::POST_PARAMETER_COMPONENT])) { |
|
| 45 | - $cmsComponent->storage->saveSitemapItem($request::$get[CmsComponent::GET_PARAMETER_SLUG], $request::$post); |
|
| 46 | - header('Location: ' . $request::$subfolders . $cmsComponent->getParameter(CmsComponent::PARAMETER_CMS_PREFIX) . '/sitemap'); |
|
| 47 | - exit; |
|
| 48 | - } |
|
| 49 | - $cmsComponent->setParameter(CmsComponent::PARAMETER_SITEMAP_ITEM, $sitemapItem); |
|
| 50 | - } elseif ($relativeCmsUri == '/sitemap/delete' && isset($request::$get[CmsComponent::GET_PARAMETER_SLUG])) { |
|
| 51 | - $cmsComponent->storage->deleteSitemapItemBySlug($request::$get[CmsComponent::GET_PARAMETER_SLUG]); |
|
| 52 | - header('Location: ' . $request::$subfolders . $cmsComponent->getParameter(CmsComponent::PARAMETER_CMS_PREFIX) . '/sitemap'); |
|
| 53 | - exit; |
|
| 54 | - } |
|
| 55 | - } |
|
| 17 | + /** |
|
| 18 | + * SitemapRouting constructor. |
|
| 19 | + * @param \library\cc\Request $request |
|
| 20 | + * @param mixed|string $relativeCmsUri |
|
| 21 | + * @param CmsComponent $cmsComponent |
|
| 22 | + */ |
|
| 23 | + public function __construct($request, $relativeCmsUri, $cmsComponent) |
|
| 24 | + { |
|
| 25 | + if ($relativeCmsUri == '/sitemap') { |
|
| 26 | + $cmsComponent->subTemplate = 'cms/sitemap'; |
|
| 27 | + if (isset($request::$post[CmsComponent::POST_PARAMETER_SAVE])) { |
|
| 28 | + $cmsComponent->storage->saveSitemap($request::$post); |
|
| 29 | + } |
|
| 30 | + $cmsComponent->setParameter(CmsComponent::PARAMETER_MAIN_NAV_CLASS, CmsComponent::PARAMETER_SITEMAP); |
|
| 31 | + $cmsComponent->setParameter(CmsComponent::PARAMETER_SITEMAP, $cmsComponent->storage->getSitemap()); |
|
| 32 | + } elseif ($relativeCmsUri == '/sitemap/new') { |
|
| 33 | + $cmsComponent->subTemplate = 'cms/sitemap/form'; |
|
| 34 | + $cmsComponent->setParameter(CmsComponent::PARAMETER_MAIN_NAV_CLASS, CmsComponent::PARAMETER_SITEMAP); |
|
| 35 | + if (isset($request::$post[CmsComponent::POST_PARAMETER_TITLE], $request::$post[CmsComponent::POST_PARAMETER_TEMPLATE], $request::$post[CmsComponent::POST_PARAMETER_COMPONENT])) { |
|
| 36 | + $cmsComponent->storage->addSitemapItem($request::$post); |
|
| 37 | + header('Location: ' . $request::$subfolders . $cmsComponent->getParameter(CmsComponent::PARAMETER_CMS_PREFIX) . '/sitemap'); |
|
| 38 | + exit; |
|
| 39 | + } |
|
| 40 | + } elseif ($relativeCmsUri == '/sitemap/edit' && isset($request::$get[CmsComponent::GET_PARAMETER_SLUG])) { |
|
| 41 | + $cmsComponent->subTemplate = 'cms/sitemap/form'; |
|
| 42 | + $cmsComponent->setParameter(CmsComponent::PARAMETER_MAIN_NAV_CLASS, CmsComponent::PARAMETER_SITEMAP); |
|
| 43 | + $sitemapItem = $cmsComponent->storage->getSitemapItemBySlug($request::$get[CmsComponent::GET_PARAMETER_SLUG]); |
|
| 44 | + if (isset($request::$post[CmsComponent::POST_PARAMETER_TITLE], $request::$post[CmsComponent::POST_PARAMETER_TEMPLATE], $request::$post[CmsComponent::POST_PARAMETER_COMPONENT])) { |
|
| 45 | + $cmsComponent->storage->saveSitemapItem($request::$get[CmsComponent::GET_PARAMETER_SLUG], $request::$post); |
|
| 46 | + header('Location: ' . $request::$subfolders . $cmsComponent->getParameter(CmsComponent::PARAMETER_CMS_PREFIX) . '/sitemap'); |
|
| 47 | + exit; |
|
| 48 | + } |
|
| 49 | + $cmsComponent->setParameter(CmsComponent::PARAMETER_SITEMAP_ITEM, $sitemapItem); |
|
| 50 | + } elseif ($relativeCmsUri == '/sitemap/delete' && isset($request::$get[CmsComponent::GET_PARAMETER_SLUG])) { |
|
| 51 | + $cmsComponent->storage->deleteSitemapItemBySlug($request::$get[CmsComponent::GET_PARAMETER_SLUG]); |
|
| 52 | + header('Location: ' . $request::$subfolders . $cmsComponent->getParameter(CmsComponent::PARAMETER_CMS_PREFIX) . '/sitemap'); |
|
| 53 | + exit; |
|
| 54 | + } |
|
| 55 | + } |
|
| 56 | 56 | } |
| 57 | 57 | \ No newline at end of file |
@@ -34,7 +34,7 @@ discard block |
||
| 34 | 34 | $cmsComponent->setParameter(CmsComponent::PARAMETER_MAIN_NAV_CLASS, CmsComponent::PARAMETER_SITEMAP); |
| 35 | 35 | if (isset($request::$post[CmsComponent::POST_PARAMETER_TITLE], $request::$post[CmsComponent::POST_PARAMETER_TEMPLATE], $request::$post[CmsComponent::POST_PARAMETER_COMPONENT])) { |
| 36 | 36 | $cmsComponent->storage->addSitemapItem($request::$post); |
| 37 | - header('Location: ' . $request::$subfolders . $cmsComponent->getParameter(CmsComponent::PARAMETER_CMS_PREFIX) . '/sitemap'); |
|
| 37 | + header('Location: '.$request::$subfolders.$cmsComponent->getParameter(CmsComponent::PARAMETER_CMS_PREFIX).'/sitemap'); |
|
| 38 | 38 | exit; |
| 39 | 39 | } |
| 40 | 40 | } elseif ($relativeCmsUri == '/sitemap/edit' && isset($request::$get[CmsComponent::GET_PARAMETER_SLUG])) { |
@@ -43,13 +43,13 @@ discard block |
||
| 43 | 43 | $sitemapItem = $cmsComponent->storage->getSitemapItemBySlug($request::$get[CmsComponent::GET_PARAMETER_SLUG]); |
| 44 | 44 | if (isset($request::$post[CmsComponent::POST_PARAMETER_TITLE], $request::$post[CmsComponent::POST_PARAMETER_TEMPLATE], $request::$post[CmsComponent::POST_PARAMETER_COMPONENT])) { |
| 45 | 45 | $cmsComponent->storage->saveSitemapItem($request::$get[CmsComponent::GET_PARAMETER_SLUG], $request::$post); |
| 46 | - header('Location: ' . $request::$subfolders . $cmsComponent->getParameter(CmsComponent::PARAMETER_CMS_PREFIX) . '/sitemap'); |
|
| 46 | + header('Location: '.$request::$subfolders.$cmsComponent->getParameter(CmsComponent::PARAMETER_CMS_PREFIX).'/sitemap'); |
|
| 47 | 47 | exit; |
| 48 | 48 | } |
| 49 | 49 | $cmsComponent->setParameter(CmsComponent::PARAMETER_SITEMAP_ITEM, $sitemapItem); |
| 50 | 50 | } elseif ($relativeCmsUri == '/sitemap/delete' && isset($request::$get[CmsComponent::GET_PARAMETER_SLUG])) { |
| 51 | 51 | $cmsComponent->storage->deleteSitemapItemBySlug($request::$get[CmsComponent::GET_PARAMETER_SLUG]); |
| 52 | - header('Location: ' . $request::$subfolders . $cmsComponent->getParameter(CmsComponent::PARAMETER_CMS_PREFIX) . '/sitemap'); |
|
| 52 | + header('Location: '.$request::$subfolders.$cmsComponent->getParameter(CmsComponent::PARAMETER_CMS_PREFIX).'/sitemap'); |
|
| 53 | 53 | exit; |
| 54 | 54 | } |
| 55 | 55 | } |
@@ -1,519 +1,519 @@ |
||
| 1 | 1 | <?php |
| 2 | 2 | namespace library\components { |
| 3 | 3 | |
| 4 | - use library\components\cms\DocumentRouting; |
|
| 5 | - use library\components\cms\ImagesRouting; |
|
| 6 | - use library\components\cms\SitemapRouting; |
|
| 7 | - use library\crypt\Crypt; |
|
| 8 | - use library\storage\Storage; |
|
| 9 | - |
|
| 10 | - class CmsComponent extends BaseComponent |
|
| 11 | - { |
|
| 12 | - /* |
|
| 4 | + use library\components\cms\DocumentRouting; |
|
| 5 | + use library\components\cms\ImagesRouting; |
|
| 6 | + use library\components\cms\SitemapRouting; |
|
| 7 | + use library\crypt\Crypt; |
|
| 8 | + use library\storage\Storage; |
|
| 9 | + |
|
| 10 | + class CmsComponent extends BaseComponent |
|
| 11 | + { |
|
| 12 | + /* |
|
| 13 | 13 | * var \library\storage\Storage |
| 14 | 14 | */ |
| 15 | - public $storage; |
|
| 16 | - |
|
| 17 | - const INVALID_CREDENTIALS_MESSAGE = 'Invalid username / password combination'; |
|
| 18 | - |
|
| 19 | - const MAIN_NAV_CLASS = 'default'; |
|
| 20 | - |
|
| 21 | - const PARAMETER_BLACKLIST_IPS = 'blacklistIps'; |
|
| 22 | - const PARAMETER_BODY = 'body'; |
|
| 23 | - const PARAMETER_BRICK = 'brick'; |
|
| 24 | - const PARAMETER_BRICKS = 'bricks'; |
|
| 25 | - const PARAMETER_CMS_PREFIX = 'cmsPrefix'; |
|
| 26 | - const PARAMETER_DOCUMENT = 'document'; |
|
| 27 | - const PARAMETER_DOCUMENTS = 'documents'; |
|
| 28 | - const PARAMETER_DOCUMENT_TYPE = 'documentType'; |
|
| 29 | - const PARAMETER_DOCUMENT_TYPES = 'documentTypes'; |
|
| 30 | - const PARAMETER_ERROR_MESSAGE = 'errorMsg'; |
|
| 31 | - const PARAMETER_FILES = 'files'; |
|
| 32 | - const PARAMETER_FOLDER = 'folder'; |
|
| 33 | - const PARAMETER_IMAGE = 'image'; |
|
| 34 | - const PARAMETER_IMAGES = 'images'; |
|
| 35 | - const PARAMETER_IMAGE_SET = 'imageSet'; |
|
| 36 | - const PARAMETER_MAIN_NAV_CLASS = 'mainNavClass'; |
|
| 37 | - const PARAMETER_MY_BRICK_SLUG = 'myBrickSlug'; |
|
| 38 | - const PARAMETER_SITEMAP = 'sitemap'; |
|
| 39 | - const PARAMETER_SITEMAP_ITEM = 'sitemapItem'; |
|
| 40 | - const PARAMETER_SMALLEST_IMAGE = 'smallestImage'; |
|
| 41 | - const PARAMETER_STATIC = 'static'; |
|
| 42 | - const PARAMETER_USER = 'user'; |
|
| 43 | - const PARAMETER_USERS = 'users'; |
|
| 44 | - const PARAMETER_USER_RIGHTS = 'userRights'; |
|
| 45 | - const PARAMETER_WHITELIST_IPS = 'whitelistIps'; |
|
| 46 | - |
|
| 47 | - const POST_PARAMETER_COMPONENT = 'component'; |
|
| 48 | - const POST_PARAMETER_PASSWORD = 'password'; |
|
| 49 | - const POST_PARAMETER_SAVE = 'save'; |
|
| 50 | - const POST_PARAMETER_TEMPLATE = 'template'; |
|
| 51 | - const POST_PARAMETER_TITLE = 'title'; |
|
| 52 | - const POST_PARAMETER_USERNAME = 'username'; |
|
| 53 | - |
|
| 54 | - const GET_PARAMETER_PATH = 'path'; |
|
| 55 | - const GET_PARAMETER_SLUG = 'slug'; |
|
| 56 | - |
|
| 57 | - const FILES_PARAMETER_FILE = 'file'; |
|
| 58 | - |
|
| 59 | - const SESSION_PARAMETER_CLOUD_CONTROL = 'cloudcontrol'; |
|
| 60 | - |
|
| 61 | - const LOGIN_TEMPLATE_PATH = 'cms/login'; |
|
| 62 | - |
|
| 63 | - const CONTENT_TYPE_APPLICATION_JSON = 'Content-type:application/json'; |
|
| 64 | - |
|
| 65 | - public $subTemplate = null; |
|
| 66 | - |
|
| 67 | - |
|
| 68 | - /** |
|
| 69 | - * @param \library\storage\Storage $storage |
|
| 70 | - * |
|
| 71 | - * @return void |
|
| 72 | - */ |
|
| 73 | - public function run(Storage $storage) |
|
| 74 | - { |
|
| 75 | - $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = self::MAIN_NAV_CLASS; |
|
| 76 | - $this->storage = $storage; |
|
| 77 | - |
|
| 78 | - $remoteAddress = $_SERVER['REMOTE_ADDR']; |
|
| 79 | - $this->checkWhiteList($remoteAddress); |
|
| 80 | - $this->checkBlackList($remoteAddress); |
|
| 81 | - |
|
| 82 | - $this->checkLogin(); |
|
| 83 | - |
|
| 84 | - $this->parameters[self::PARAMETER_USER_RIGHTS] = $_SESSION[self::SESSION_PARAMETER_CLOUD_CONTROL]->rights; |
|
| 85 | - |
|
| 86 | - $this->routing(); |
|
| 87 | - } |
|
| 88 | - |
|
| 89 | - /** |
|
| 90 | - * See if a user is logged or wants to log in and |
|
| 91 | - * takes appropriate actions. |
|
| 92 | - * |
|
| 93 | - * @throws \Exception |
|
| 94 | - */ |
|
| 95 | - protected function checkLogin() |
|
| 96 | - { |
|
| 97 | - $request = $this->request; |
|
| 98 | - |
|
| 99 | - if (!isset($_SESSION[self::SESSION_PARAMETER_CLOUD_CONTROL])) { |
|
| 100 | - if (isset($request::$post[self::POST_PARAMETER_USERNAME], $request::$post[self::POST_PARAMETER_PASSWORD])) { |
|
| 101 | - $user = $this->storage->getUserByUsername($request::$post[self::POST_PARAMETER_USERNAME]); |
|
| 102 | - $crypt = new Crypt(); |
|
| 103 | - if (empty($user)) { |
|
| 104 | - $crypt->encrypt($request::$post[self::POST_PARAMETER_PASSWORD], 16); // Buy time, to avoid brute forcing |
|
| 105 | - $this->parameters[self::PARAMETER_ERROR_MESSAGE] = self::INVALID_CREDENTIALS_MESSAGE; |
|
| 106 | - $this->showLogin(); |
|
| 107 | - } else { |
|
| 108 | - $salt = $user->salt; |
|
| 109 | - $password = $user->password; |
|
| 110 | - |
|
| 111 | - $passwordCorrect = $crypt->compare($request::$post[self::POST_PARAMETER_PASSWORD], $password, $salt); |
|
| 112 | - |
|
| 113 | - if ($passwordCorrect) { |
|
| 114 | - $_SESSION[self::SESSION_PARAMETER_CLOUD_CONTROL] = $user; |
|
| 115 | - } else { |
|
| 116 | - $this->parameters[self::PARAMETER_ERROR_MESSAGE] = self::INVALID_CREDENTIALS_MESSAGE; |
|
| 117 | - $this->showLogin(); |
|
| 118 | - } |
|
| 119 | - } |
|
| 120 | - } else { |
|
| 121 | - $this->showLogin(); |
|
| 122 | - } |
|
| 123 | - } |
|
| 124 | - } |
|
| 125 | - |
|
| 126 | - /** |
|
| 127 | - * Overrides normal behaviour and only renders the |
|
| 128 | - * login screen |
|
| 129 | - * |
|
| 130 | - * @throws \Exception |
|
| 131 | - */ |
|
| 132 | - protected function showLogin() |
|
| 133 | - { |
|
| 134 | - $loginTemplatePath = self::LOGIN_TEMPLATE_PATH; |
|
| 135 | - $this->renderTemplate($loginTemplatePath); |
|
| 136 | - ob_end_flush(); |
|
| 137 | - exit; |
|
| 138 | - } |
|
| 139 | - |
|
| 140 | - /** |
|
| 141 | - * As an exception, to keep the initial file structure simple |
|
| 142 | - * the cms implements it's own routing, apart from the regular sitemap functionality |
|
| 143 | - * |
|
| 144 | - * @throws \Exception |
|
| 145 | - */ |
|
| 146 | - protected function routing() |
|
| 147 | - { |
|
| 148 | - $relativeCmsUri = $this->getRelativeCmsUri($this->request); |
|
| 149 | - |
|
| 150 | - $userRights = $_SESSION[self::SESSION_PARAMETER_CLOUD_CONTROL]->rights; |
|
| 151 | - |
|
| 152 | - if ($relativeCmsUri == '' || $relativeCmsUri == '/') { |
|
| 153 | - $this->subTemplate = 'cms/dashboard'; |
|
| 154 | - } |
|
| 155 | - |
|
| 156 | - $this->logOffRouting($this->request, $relativeCmsUri); |
|
| 157 | - |
|
| 158 | - $this->apiRouting($relativeCmsUri); |
|
| 159 | - |
|
| 160 | - if (in_array(self::PARAMETER_DOCUMENTS, $userRights)) { |
|
| 161 | - new DocumentRouting($this->request, $relativeCmsUri, $this); |
|
| 162 | - } |
|
| 163 | - |
|
| 164 | - if (in_array(self::PARAMETER_SITEMAP, $userRights)) { |
|
| 165 | - new SitemapRouting($this->request, $relativeCmsUri, $this); |
|
| 166 | - } |
|
| 167 | - |
|
| 168 | - if (in_array(self::PARAMETER_IMAGES, $userRights)) { |
|
| 169 | - new ImagesRouting($this->request, $relativeCmsUri, $this); |
|
| 170 | - } |
|
| 171 | - |
|
| 172 | - if (in_array(self::PARAMETER_FILES, $userRights)) { |
|
| 173 | - $this->filesRouting($this->request, $relativeCmsUri); |
|
| 174 | - } |
|
| 175 | - |
|
| 176 | - if (in_array('configuration', $userRights)) { |
|
| 177 | - $this->configurationRouting($this->request, $relativeCmsUri); |
|
| 178 | - } |
|
| 179 | - |
|
| 180 | - if ($this->subTemplate !== null) { |
|
| 181 | - $this->parameters[self::PARAMETER_BODY] = $this->renderTemplate($this->subTemplate); |
|
| 182 | - } |
|
| 183 | - } |
|
| 184 | - |
|
| 185 | - /** |
|
| 186 | - * @param $remoteAddress |
|
| 187 | - * @throws \Exception |
|
| 188 | - */ |
|
| 189 | - private function checkWhiteList($remoteAddress) |
|
| 190 | - { |
|
| 191 | - if (isset($this->parameters[self::PARAMETER_WHITELIST_IPS])) { |
|
| 192 | - $whitelistIps = explode(',', $this->parameters[self::PARAMETER_WHITELIST_IPS]); |
|
| 193 | - $whitelistIps = array_map("trim", $whitelistIps); |
|
| 194 | - if (!in_array($remoteAddress, $whitelistIps)) { |
|
| 195 | - throw new \Exception('Ip address ' . $remoteAddress . ' is not on whitelist'); |
|
| 196 | - } |
|
| 197 | - } |
|
| 198 | - } |
|
| 199 | - |
|
| 200 | - /** |
|
| 201 | - * @param $remoteAddress |
|
| 202 | - * @throws \Exception |
|
| 203 | - */ |
|
| 204 | - private function checkBlackList($remoteAddress) |
|
| 205 | - { |
|
| 206 | - if (isset($this->parameters[self::PARAMETER_BLACKLIST_IPS])) { |
|
| 207 | - $blacklistIps = explode(',', $this->parameters[self::PARAMETER_BLACKLIST_IPS]); |
|
| 208 | - $blacklistIps = array_map("trim", $blacklistIps); |
|
| 209 | - if (in_array($remoteAddress, $blacklistIps)) { |
|
| 210 | - throw new \Exception('Ip address ' . $remoteAddress . ' is on blacklist'); |
|
| 211 | - } |
|
| 212 | - } |
|
| 213 | - } |
|
| 214 | - |
|
| 215 | - /** |
|
| 216 | - * @param $request |
|
| 217 | - * @return mixed|string |
|
| 218 | - */ |
|
| 219 | - private function getRelativeCmsUri($request) |
|
| 220 | - { |
|
| 221 | - // TODO Use regex match parameter instead of calculating relative uri |
|
| 222 | - $pos = strpos($request::$relativeUri, $this->parameters[self::PARAMETER_CMS_PREFIX]); |
|
| 223 | - $relativeCmsUri = '/'; |
|
| 224 | - if ($pos !== false) { |
|
| 225 | - $relativeCmsUri = substr_replace($request::$relativeUri, '', $pos, strlen($this->parameters[self::PARAMETER_CMS_PREFIX])); |
|
| 226 | - } |
|
| 227 | - return $relativeCmsUri; |
|
| 228 | - } |
|
| 229 | - |
|
| 230 | - /** |
|
| 231 | - * @param $relativeCmsUri |
|
| 232 | - */ |
|
| 233 | - private function apiRouting($relativeCmsUri) |
|
| 234 | - { |
|
| 235 | - if ($relativeCmsUri == '/images.json') { |
|
| 236 | - header(self::CONTENT_TYPE_APPLICATION_JSON); |
|
| 237 | - die(json_encode($this->storage->getImages())); |
|
| 238 | - } elseif ($relativeCmsUri == '/files.json') { |
|
| 239 | - header(self::CONTENT_TYPE_APPLICATION_JSON); |
|
| 240 | - die(json_encode($this->storage->getFiles())); |
|
| 241 | - } elseif ($relativeCmsUri == '/documents.json') { |
|
| 242 | - header(self::CONTENT_TYPE_APPLICATION_JSON); |
|
| 243 | - die(json_encode($this->storage->getDocuments())); |
|
| 244 | - } |
|
| 245 | - } |
|
| 246 | - |
|
| 247 | - /** |
|
| 248 | - * @param $request |
|
| 249 | - * @param $relativeCmsUri |
|
| 250 | - */ |
|
| 251 | - private function filesRouting($request, $relativeCmsUri) |
|
| 252 | - { |
|
| 253 | - if ($relativeCmsUri == '/files') { |
|
| 254 | - $this->subTemplate = 'cms/files'; |
|
| 255 | - $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = self::PARAMETER_FILES; |
|
| 256 | - $this->parameters[self::PARAMETER_FILES] = $this->storage->getFiles(); |
|
| 257 | - } elseif ($relativeCmsUri == '/files/new') { |
|
| 258 | - $this->subTemplate = 'cms/files/form'; |
|
| 259 | - $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = self::PARAMETER_FILES; |
|
| 260 | - if (isset($_FILES[self::FILES_PARAMETER_FILE])) { |
|
| 261 | - $this->storage->addFile($_FILES[self::FILES_PARAMETER_FILE]); |
|
| 262 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/files'); |
|
| 263 | - exit; |
|
| 264 | - } |
|
| 265 | - } elseif ($relativeCmsUri == '/files/get' && isset($request::$get[self::FILES_PARAMETER_FILE])) { |
|
| 266 | - $this->downloadFile($request::$get[self::FILES_PARAMETER_FILE]); |
|
| 267 | - } elseif ($relativeCmsUri == '/files/delete' && isset($request::$get[self::FILES_PARAMETER_FILE])) { |
|
| 268 | - $this->storage->deleteFileByName($request::$get[self::FILES_PARAMETER_FILE]); |
|
| 269 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/files'); |
|
| 270 | - exit; |
|
| 271 | - } |
|
| 272 | - } |
|
| 273 | - |
|
| 274 | - /** |
|
| 275 | - * @param $slug |
|
| 276 | - */ |
|
| 277 | - private function downloadFile($slug) |
|
| 278 | - { |
|
| 279 | - $file = $this->storage->getFileByName($slug); |
|
| 280 | - $path = realpath(__DIR__ . '/../../www/files/'); |
|
| 281 | - $quoted = sprintf('"%s"', addcslashes(basename($path . '/' . $file->file), '"\\')); |
|
| 282 | - $size = filesize($path . '/' . $file->file); |
|
| 283 | - |
|
| 284 | - header('Content-Description: File Transfer'); |
|
| 285 | - header('Content-Type: ' . $file->type); |
|
| 286 | - header('Content-Disposition: attachment; filename=' . $quoted); |
|
| 287 | - header('Content-Transfer-Encoding: binary'); |
|
| 288 | - header('Connection: Keep-Alive'); |
|
| 289 | - header('Expires: 0'); |
|
| 290 | - header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); |
|
| 291 | - header('Pragma: public'); |
|
| 292 | - header('Content-Length: ' . $size); |
|
| 293 | - |
|
| 294 | - readfile($path . '/' . $file->file); |
|
| 295 | - exit; |
|
| 296 | - } |
|
| 297 | - |
|
| 298 | - /** |
|
| 299 | - * @param $request |
|
| 300 | - * @param $relativeCmsUri |
|
| 301 | - */ |
|
| 302 | - private function configurationRouting($request, $relativeCmsUri) |
|
| 303 | - { |
|
| 304 | - if ($relativeCmsUri == '/configuration') { |
|
| 305 | - $this->subTemplate = 'cms/configuration'; |
|
| 306 | - $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 307 | - } |
|
| 308 | - |
|
| 309 | - $this->usersRouting($request, $relativeCmsUri); |
|
| 310 | - $this->documentTypesRouting($request, $relativeCmsUri); |
|
| 311 | - $this->bricksRouting($request, $relativeCmsUri); |
|
| 312 | - $this->imageSetRouting($request, $relativeCmsUri); |
|
| 313 | - $this->applicationComponentRouting($request, $relativeCmsUri); |
|
| 314 | - } |
|
| 315 | - |
|
| 316 | - |
|
| 317 | - /** |
|
| 318 | - * @param $request |
|
| 319 | - * @param $relativeCmsUri |
|
| 320 | - */ |
|
| 321 | - private function usersRouting($request, $relativeCmsUri) |
|
| 322 | - { |
|
| 323 | - if ($relativeCmsUri == '/configuration/users') { |
|
| 324 | - $this->subTemplate = 'cms/configuration/users'; |
|
| 325 | - $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 326 | - $this->parameters[self::PARAMETER_USERS] = $this->storage->getUsers(); |
|
| 327 | - } elseif ($relativeCmsUri == '/configuration/users/new') { |
|
| 328 | - $this->subTemplate = 'cms/configuration/users-form'; |
|
| 329 | - $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 330 | - if (isset($_POST[self::POST_PARAMETER_USERNAME])) { |
|
| 331 | - $this->storage->addUser($request::$post); |
|
| 332 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/users'); |
|
| 333 | - exit; |
|
| 334 | - } |
|
| 335 | - } elseif ($relativeCmsUri == '/configuration/users/delete' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
|
| 336 | - $this->storage->deleteUserBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
|
| 337 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/users'); |
|
| 338 | - exit; |
|
| 339 | - } elseif ($relativeCmsUri == '/configuration/users/edit' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
|
| 340 | - $this->subTemplate = 'cms/configuration/users-form'; |
|
| 341 | - $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 342 | - $this->parameters[self::PARAMETER_USER] = $this->storage->getUserBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
|
| 343 | - if (isset($_POST[self::POST_PARAMETER_USERNAME])) { |
|
| 344 | - $this->storage->saveUser($request::$get[self::GET_PARAMETER_SLUG], $request::$post); |
|
| 345 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/users'); |
|
| 346 | - exit; |
|
| 347 | - } |
|
| 348 | - } |
|
| 349 | - } |
|
| 350 | - |
|
| 351 | - /** |
|
| 352 | - * @param $request |
|
| 353 | - * @param $relativeCmsUri |
|
| 354 | - */ |
|
| 355 | - private function documentTypesRouting($request, $relativeCmsUri) |
|
| 356 | - { |
|
| 357 | - if ($relativeCmsUri == '/configuration/document-types') { |
|
| 358 | - $this->subTemplate = 'cms/configuration/document-types'; |
|
| 359 | - $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 360 | - $this->parameters[self::PARAMETER_DOCUMENT_TYPES] = $this->storage->getDocumentTypes(); |
|
| 361 | - } elseif ($relativeCmsUri == '/configuration/document-types/new') { |
|
| 362 | - $this->subTemplate = 'cms/configuration/document-types-form'; |
|
| 363 | - $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 364 | - $bricks = $this->storage->getBricks(); |
|
| 365 | - if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
|
| 366 | - $this->storage->addDocumentType($request::$post); |
|
| 367 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/document-types'); |
|
| 368 | - exit; |
|
| 369 | - } |
|
| 370 | - $this->parameters[self::PARAMETER_BRICKS] = $bricks; |
|
| 371 | - } elseif ($relativeCmsUri == '/configuration/document-types/edit' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
|
| 372 | - $this->subTemplate = 'cms/configuration/document-types-form'; |
|
| 373 | - $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 374 | - $documentType = $this->storage->getDocumentTypeBySlug($request::$get[self::GET_PARAMETER_SLUG], false); |
|
| 375 | - $bricks = $this->storage->getBricks(); |
|
| 376 | - if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
|
| 377 | - $this->storage->saveDocumentType($request::$get[self::GET_PARAMETER_SLUG], $request::$post); |
|
| 378 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/document-types'); |
|
| 379 | - exit; |
|
| 380 | - } |
|
| 381 | - $this->parameters[self::PARAMETER_DOCUMENT_TYPE] = $documentType; |
|
| 382 | - $this->parameters[self::PARAMETER_BRICKS] = $bricks; |
|
| 383 | - } elseif ($relativeCmsUri == '/configuration/document-types/delete' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
|
| 384 | - $this->storage->deleteDocumentTypeBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
|
| 385 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/document-types'); |
|
| 386 | - exit; |
|
| 387 | - } |
|
| 388 | - } |
|
| 389 | - |
|
| 390 | - /** |
|
| 391 | - * @param $request |
|
| 392 | - * @param $relativeCmsUri |
|
| 393 | - */ |
|
| 394 | - private function bricksRouting($request, $relativeCmsUri) |
|
| 395 | - { |
|
| 396 | - if ($relativeCmsUri == '/configuration/bricks') { |
|
| 397 | - $this->subTemplate = 'cms/configuration/bricks'; |
|
| 398 | - $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 399 | - $this->parameters[self::PARAMETER_BRICKS] = $this->storage->getBricks(); |
|
| 400 | - } elseif ($relativeCmsUri == '/configuration/bricks/new') { |
|
| 401 | - $this->subTemplate = 'cms/configuration/bricks-form'; |
|
| 402 | - $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 403 | - if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
|
| 404 | - $this->storage->addBrick($request::$post); |
|
| 405 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/bricks'); |
|
| 406 | - exit; |
|
| 407 | - } |
|
| 408 | - } elseif ($relativeCmsUri == '/configuration/bricks/edit' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
|
| 409 | - $this->subTemplate = 'cms/configuration/bricks-form'; |
|
| 410 | - $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 411 | - $brick = $this->storage->getBrickBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
|
| 412 | - if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
|
| 413 | - $this->storage->saveBrick($request::$get[self::GET_PARAMETER_SLUG], $request::$post); |
|
| 414 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/bricks'); |
|
| 415 | - exit; |
|
| 416 | - } |
|
| 417 | - $this->parameters[self::PARAMETER_BRICK] = $brick; |
|
| 418 | - } elseif ($relativeCmsUri == '/configuration/bricks/delete' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
|
| 419 | - $this->storage->deleteBrickBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
|
| 420 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/bricks'); |
|
| 421 | - exit; |
|
| 422 | - } elseif ($relativeCmsUri == '/configuration/image-set') { |
|
| 423 | - $this->subTemplate = 'cms/configuration/image-set'; |
|
| 424 | - $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 425 | - $this->parameters[self::PARAMETER_IMAGE_SET] = $this->storage->getImageSet(); |
|
| 426 | - } |
|
| 427 | - } |
|
| 428 | - |
|
| 429 | - /** |
|
| 430 | - * @param $request |
|
| 431 | - * @param $relativeCmsUri |
|
| 432 | - */ |
|
| 433 | - private function imageSetRouting($request, $relativeCmsUri) |
|
| 434 | - { |
|
| 435 | - if ($relativeCmsUri == '/configuration/image-set') { |
|
| 436 | - $this->subTemplate = 'cms/configuration/image-set'; |
|
| 437 | - $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 438 | - $this->parameters[self::PARAMETER_IMAGE_SET] = $this->storage->getImageSet(); |
|
| 439 | - } elseif ($relativeCmsUri == '/configuration/image-set/edit' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
|
| 440 | - $this->subTemplate = 'cms/configuration/image-set-form'; |
|
| 441 | - $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 442 | - $imageSet = $this->storage->getImageSetBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
|
| 443 | - if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
|
| 444 | - $this->storage->saveImageSet($request::$get[self::GET_PARAMETER_SLUG], $request::$post); |
|
| 445 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/image-set'); |
|
| 446 | - exit; |
|
| 447 | - } |
|
| 448 | - $this->parameters[self::PARAMETER_IMAGE_SET] = $imageSet; |
|
| 449 | - } elseif ($relativeCmsUri == '/configuration/image-set/new') { |
|
| 450 | - $this->subTemplate = 'cms/configuration/image-set-form'; |
|
| 451 | - $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 452 | - if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
|
| 453 | - $this->storage->addImageSet($request::$post); |
|
| 454 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/image-set'); |
|
| 455 | - exit; |
|
| 456 | - } |
|
| 457 | - } elseif ($relativeCmsUri == '/configuration/image-set/delete' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
|
| 458 | - $this->storage->deleteImageSetBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
|
| 459 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/image-set'); |
|
| 460 | - exit; |
|
| 461 | - } |
|
| 462 | - } |
|
| 463 | - |
|
| 464 | - /** |
|
| 465 | - * @param $request |
|
| 466 | - * @param $relativeCmsUri |
|
| 467 | - */ |
|
| 468 | - private function applicationComponentRouting($request, $relativeCmsUri) |
|
| 469 | - { |
|
| 470 | - if ($relativeCmsUri == '/configuration/application-components') { |
|
| 471 | - $this->subTemplate = 'cms/configuration/application-components'; |
|
| 472 | - $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 473 | - $this->parameters['applicationComponents'] = $this->storage->getApplicationComponents(); |
|
| 474 | - } elseif ($relativeCmsUri == '/configuration/application-components/new') { |
|
| 475 | - $this->subTemplate = 'cms/configuration/application-components-form'; |
|
| 476 | - $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 477 | - if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
|
| 478 | - $this->storage->addApplicationComponent($request::$post); |
|
| 479 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/application-components'); |
|
| 480 | - exit; |
|
| 481 | - } |
|
| 482 | - } elseif ($relativeCmsUri == '/configuration/application-components/edit' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
|
| 483 | - $this->subTemplate = 'cms/configuration/application-components-form'; |
|
| 484 | - $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 485 | - $applicationComponent = $this->storage->getApplicationComponentBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
|
| 486 | - if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
|
| 487 | - $this->storage->saveApplicationComponent($request::$get[self::GET_PARAMETER_SLUG], $request::$post); |
|
| 488 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/application-components'); |
|
| 489 | - exit; |
|
| 490 | - } |
|
| 491 | - $this->parameters['applicationComponent'] = $applicationComponent; |
|
| 492 | - } elseif ($relativeCmsUri == '/configuration/application-components/delete' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
|
| 493 | - $this->storage->deleteApplicationComponentBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
|
| 494 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/application-components'); |
|
| 495 | - exit; |
|
| 496 | - } |
|
| 497 | - } |
|
| 498 | - |
|
| 499 | - private function logOffRouting($request, $relativeCmsUri) |
|
| 500 | - { |
|
| 501 | - if ($relativeCmsUri == '/log-off') { |
|
| 502 | - $_SESSION[self::SESSION_PARAMETER_CLOUD_CONTROL] = null; |
|
| 503 | - unset($_SESSION[self::SESSION_PARAMETER_CLOUD_CONTROL]); |
|
| 504 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX]); |
|
| 505 | - exit; |
|
| 506 | - } |
|
| 507 | - } |
|
| 508 | - |
|
| 509 | - public function setParameter($parameterName, $parameterValue) |
|
| 510 | - { |
|
| 511 | - $this->parameters[$parameterName] = $parameterValue; |
|
| 512 | - } |
|
| 513 | - |
|
| 514 | - public function getParameter($parameterName) |
|
| 515 | - { |
|
| 516 | - return $this->parameters[$parameterName]; |
|
| 517 | - } |
|
| 518 | - } |
|
| 15 | + public $storage; |
|
| 16 | + |
|
| 17 | + const INVALID_CREDENTIALS_MESSAGE = 'Invalid username / password combination'; |
|
| 18 | + |
|
| 19 | + const MAIN_NAV_CLASS = 'default'; |
|
| 20 | + |
|
| 21 | + const PARAMETER_BLACKLIST_IPS = 'blacklistIps'; |
|
| 22 | + const PARAMETER_BODY = 'body'; |
|
| 23 | + const PARAMETER_BRICK = 'brick'; |
|
| 24 | + const PARAMETER_BRICKS = 'bricks'; |
|
| 25 | + const PARAMETER_CMS_PREFIX = 'cmsPrefix'; |
|
| 26 | + const PARAMETER_DOCUMENT = 'document'; |
|
| 27 | + const PARAMETER_DOCUMENTS = 'documents'; |
|
| 28 | + const PARAMETER_DOCUMENT_TYPE = 'documentType'; |
|
| 29 | + const PARAMETER_DOCUMENT_TYPES = 'documentTypes'; |
|
| 30 | + const PARAMETER_ERROR_MESSAGE = 'errorMsg'; |
|
| 31 | + const PARAMETER_FILES = 'files'; |
|
| 32 | + const PARAMETER_FOLDER = 'folder'; |
|
| 33 | + const PARAMETER_IMAGE = 'image'; |
|
| 34 | + const PARAMETER_IMAGES = 'images'; |
|
| 35 | + const PARAMETER_IMAGE_SET = 'imageSet'; |
|
| 36 | + const PARAMETER_MAIN_NAV_CLASS = 'mainNavClass'; |
|
| 37 | + const PARAMETER_MY_BRICK_SLUG = 'myBrickSlug'; |
|
| 38 | + const PARAMETER_SITEMAP = 'sitemap'; |
|
| 39 | + const PARAMETER_SITEMAP_ITEM = 'sitemapItem'; |
|
| 40 | + const PARAMETER_SMALLEST_IMAGE = 'smallestImage'; |
|
| 41 | + const PARAMETER_STATIC = 'static'; |
|
| 42 | + const PARAMETER_USER = 'user'; |
|
| 43 | + const PARAMETER_USERS = 'users'; |
|
| 44 | + const PARAMETER_USER_RIGHTS = 'userRights'; |
|
| 45 | + const PARAMETER_WHITELIST_IPS = 'whitelistIps'; |
|
| 46 | + |
|
| 47 | + const POST_PARAMETER_COMPONENT = 'component'; |
|
| 48 | + const POST_PARAMETER_PASSWORD = 'password'; |
|
| 49 | + const POST_PARAMETER_SAVE = 'save'; |
|
| 50 | + const POST_PARAMETER_TEMPLATE = 'template'; |
|
| 51 | + const POST_PARAMETER_TITLE = 'title'; |
|
| 52 | + const POST_PARAMETER_USERNAME = 'username'; |
|
| 53 | + |
|
| 54 | + const GET_PARAMETER_PATH = 'path'; |
|
| 55 | + const GET_PARAMETER_SLUG = 'slug'; |
|
| 56 | + |
|
| 57 | + const FILES_PARAMETER_FILE = 'file'; |
|
| 58 | + |
|
| 59 | + const SESSION_PARAMETER_CLOUD_CONTROL = 'cloudcontrol'; |
|
| 60 | + |
|
| 61 | + const LOGIN_TEMPLATE_PATH = 'cms/login'; |
|
| 62 | + |
|
| 63 | + const CONTENT_TYPE_APPLICATION_JSON = 'Content-type:application/json'; |
|
| 64 | + |
|
| 65 | + public $subTemplate = null; |
|
| 66 | + |
|
| 67 | + |
|
| 68 | + /** |
|
| 69 | + * @param \library\storage\Storage $storage |
|
| 70 | + * |
|
| 71 | + * @return void |
|
| 72 | + */ |
|
| 73 | + public function run(Storage $storage) |
|
| 74 | + { |
|
| 75 | + $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = self::MAIN_NAV_CLASS; |
|
| 76 | + $this->storage = $storage; |
|
| 77 | + |
|
| 78 | + $remoteAddress = $_SERVER['REMOTE_ADDR']; |
|
| 79 | + $this->checkWhiteList($remoteAddress); |
|
| 80 | + $this->checkBlackList($remoteAddress); |
|
| 81 | + |
|
| 82 | + $this->checkLogin(); |
|
| 83 | + |
|
| 84 | + $this->parameters[self::PARAMETER_USER_RIGHTS] = $_SESSION[self::SESSION_PARAMETER_CLOUD_CONTROL]->rights; |
|
| 85 | + |
|
| 86 | + $this->routing(); |
|
| 87 | + } |
|
| 88 | + |
|
| 89 | + /** |
|
| 90 | + * See if a user is logged or wants to log in and |
|
| 91 | + * takes appropriate actions. |
|
| 92 | + * |
|
| 93 | + * @throws \Exception |
|
| 94 | + */ |
|
| 95 | + protected function checkLogin() |
|
| 96 | + { |
|
| 97 | + $request = $this->request; |
|
| 98 | + |
|
| 99 | + if (!isset($_SESSION[self::SESSION_PARAMETER_CLOUD_CONTROL])) { |
|
| 100 | + if (isset($request::$post[self::POST_PARAMETER_USERNAME], $request::$post[self::POST_PARAMETER_PASSWORD])) { |
|
| 101 | + $user = $this->storage->getUserByUsername($request::$post[self::POST_PARAMETER_USERNAME]); |
|
| 102 | + $crypt = new Crypt(); |
|
| 103 | + if (empty($user)) { |
|
| 104 | + $crypt->encrypt($request::$post[self::POST_PARAMETER_PASSWORD], 16); // Buy time, to avoid brute forcing |
|
| 105 | + $this->parameters[self::PARAMETER_ERROR_MESSAGE] = self::INVALID_CREDENTIALS_MESSAGE; |
|
| 106 | + $this->showLogin(); |
|
| 107 | + } else { |
|
| 108 | + $salt = $user->salt; |
|
| 109 | + $password = $user->password; |
|
| 110 | + |
|
| 111 | + $passwordCorrect = $crypt->compare($request::$post[self::POST_PARAMETER_PASSWORD], $password, $salt); |
|
| 112 | + |
|
| 113 | + if ($passwordCorrect) { |
|
| 114 | + $_SESSION[self::SESSION_PARAMETER_CLOUD_CONTROL] = $user; |
|
| 115 | + } else { |
|
| 116 | + $this->parameters[self::PARAMETER_ERROR_MESSAGE] = self::INVALID_CREDENTIALS_MESSAGE; |
|
| 117 | + $this->showLogin(); |
|
| 118 | + } |
|
| 119 | + } |
|
| 120 | + } else { |
|
| 121 | + $this->showLogin(); |
|
| 122 | + } |
|
| 123 | + } |
|
| 124 | + } |
|
| 125 | + |
|
| 126 | + /** |
|
| 127 | + * Overrides normal behaviour and only renders the |
|
| 128 | + * login screen |
|
| 129 | + * |
|
| 130 | + * @throws \Exception |
|
| 131 | + */ |
|
| 132 | + protected function showLogin() |
|
| 133 | + { |
|
| 134 | + $loginTemplatePath = self::LOGIN_TEMPLATE_PATH; |
|
| 135 | + $this->renderTemplate($loginTemplatePath); |
|
| 136 | + ob_end_flush(); |
|
| 137 | + exit; |
|
| 138 | + } |
|
| 139 | + |
|
| 140 | + /** |
|
| 141 | + * As an exception, to keep the initial file structure simple |
|
| 142 | + * the cms implements it's own routing, apart from the regular sitemap functionality |
|
| 143 | + * |
|
| 144 | + * @throws \Exception |
|
| 145 | + */ |
|
| 146 | + protected function routing() |
|
| 147 | + { |
|
| 148 | + $relativeCmsUri = $this->getRelativeCmsUri($this->request); |
|
| 149 | + |
|
| 150 | + $userRights = $_SESSION[self::SESSION_PARAMETER_CLOUD_CONTROL]->rights; |
|
| 151 | + |
|
| 152 | + if ($relativeCmsUri == '' || $relativeCmsUri == '/') { |
|
| 153 | + $this->subTemplate = 'cms/dashboard'; |
|
| 154 | + } |
|
| 155 | + |
|
| 156 | + $this->logOffRouting($this->request, $relativeCmsUri); |
|
| 157 | + |
|
| 158 | + $this->apiRouting($relativeCmsUri); |
|
| 159 | + |
|
| 160 | + if (in_array(self::PARAMETER_DOCUMENTS, $userRights)) { |
|
| 161 | + new DocumentRouting($this->request, $relativeCmsUri, $this); |
|
| 162 | + } |
|
| 163 | + |
|
| 164 | + if (in_array(self::PARAMETER_SITEMAP, $userRights)) { |
|
| 165 | + new SitemapRouting($this->request, $relativeCmsUri, $this); |
|
| 166 | + } |
|
| 167 | + |
|
| 168 | + if (in_array(self::PARAMETER_IMAGES, $userRights)) { |
|
| 169 | + new ImagesRouting($this->request, $relativeCmsUri, $this); |
|
| 170 | + } |
|
| 171 | + |
|
| 172 | + if (in_array(self::PARAMETER_FILES, $userRights)) { |
|
| 173 | + $this->filesRouting($this->request, $relativeCmsUri); |
|
| 174 | + } |
|
| 175 | + |
|
| 176 | + if (in_array('configuration', $userRights)) { |
|
| 177 | + $this->configurationRouting($this->request, $relativeCmsUri); |
|
| 178 | + } |
|
| 179 | + |
|
| 180 | + if ($this->subTemplate !== null) { |
|
| 181 | + $this->parameters[self::PARAMETER_BODY] = $this->renderTemplate($this->subTemplate); |
|
| 182 | + } |
|
| 183 | + } |
|
| 184 | + |
|
| 185 | + /** |
|
| 186 | + * @param $remoteAddress |
|
| 187 | + * @throws \Exception |
|
| 188 | + */ |
|
| 189 | + private function checkWhiteList($remoteAddress) |
|
| 190 | + { |
|
| 191 | + if (isset($this->parameters[self::PARAMETER_WHITELIST_IPS])) { |
|
| 192 | + $whitelistIps = explode(',', $this->parameters[self::PARAMETER_WHITELIST_IPS]); |
|
| 193 | + $whitelistIps = array_map("trim", $whitelistIps); |
|
| 194 | + if (!in_array($remoteAddress, $whitelistIps)) { |
|
| 195 | + throw new \Exception('Ip address ' . $remoteAddress . ' is not on whitelist'); |
|
| 196 | + } |
|
| 197 | + } |
|
| 198 | + } |
|
| 199 | + |
|
| 200 | + /** |
|
| 201 | + * @param $remoteAddress |
|
| 202 | + * @throws \Exception |
|
| 203 | + */ |
|
| 204 | + private function checkBlackList($remoteAddress) |
|
| 205 | + { |
|
| 206 | + if (isset($this->parameters[self::PARAMETER_BLACKLIST_IPS])) { |
|
| 207 | + $blacklistIps = explode(',', $this->parameters[self::PARAMETER_BLACKLIST_IPS]); |
|
| 208 | + $blacklistIps = array_map("trim", $blacklistIps); |
|
| 209 | + if (in_array($remoteAddress, $blacklistIps)) { |
|
| 210 | + throw new \Exception('Ip address ' . $remoteAddress . ' is on blacklist'); |
|
| 211 | + } |
|
| 212 | + } |
|
| 213 | + } |
|
| 214 | + |
|
| 215 | + /** |
|
| 216 | + * @param $request |
|
| 217 | + * @return mixed|string |
|
| 218 | + */ |
|
| 219 | + private function getRelativeCmsUri($request) |
|
| 220 | + { |
|
| 221 | + // TODO Use regex match parameter instead of calculating relative uri |
|
| 222 | + $pos = strpos($request::$relativeUri, $this->parameters[self::PARAMETER_CMS_PREFIX]); |
|
| 223 | + $relativeCmsUri = '/'; |
|
| 224 | + if ($pos !== false) { |
|
| 225 | + $relativeCmsUri = substr_replace($request::$relativeUri, '', $pos, strlen($this->parameters[self::PARAMETER_CMS_PREFIX])); |
|
| 226 | + } |
|
| 227 | + return $relativeCmsUri; |
|
| 228 | + } |
|
| 229 | + |
|
| 230 | + /** |
|
| 231 | + * @param $relativeCmsUri |
|
| 232 | + */ |
|
| 233 | + private function apiRouting($relativeCmsUri) |
|
| 234 | + { |
|
| 235 | + if ($relativeCmsUri == '/images.json') { |
|
| 236 | + header(self::CONTENT_TYPE_APPLICATION_JSON); |
|
| 237 | + die(json_encode($this->storage->getImages())); |
|
| 238 | + } elseif ($relativeCmsUri == '/files.json') { |
|
| 239 | + header(self::CONTENT_TYPE_APPLICATION_JSON); |
|
| 240 | + die(json_encode($this->storage->getFiles())); |
|
| 241 | + } elseif ($relativeCmsUri == '/documents.json') { |
|
| 242 | + header(self::CONTENT_TYPE_APPLICATION_JSON); |
|
| 243 | + die(json_encode($this->storage->getDocuments())); |
|
| 244 | + } |
|
| 245 | + } |
|
| 246 | + |
|
| 247 | + /** |
|
| 248 | + * @param $request |
|
| 249 | + * @param $relativeCmsUri |
|
| 250 | + */ |
|
| 251 | + private function filesRouting($request, $relativeCmsUri) |
|
| 252 | + { |
|
| 253 | + if ($relativeCmsUri == '/files') { |
|
| 254 | + $this->subTemplate = 'cms/files'; |
|
| 255 | + $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = self::PARAMETER_FILES; |
|
| 256 | + $this->parameters[self::PARAMETER_FILES] = $this->storage->getFiles(); |
|
| 257 | + } elseif ($relativeCmsUri == '/files/new') { |
|
| 258 | + $this->subTemplate = 'cms/files/form'; |
|
| 259 | + $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = self::PARAMETER_FILES; |
|
| 260 | + if (isset($_FILES[self::FILES_PARAMETER_FILE])) { |
|
| 261 | + $this->storage->addFile($_FILES[self::FILES_PARAMETER_FILE]); |
|
| 262 | + header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/files'); |
|
| 263 | + exit; |
|
| 264 | + } |
|
| 265 | + } elseif ($relativeCmsUri == '/files/get' && isset($request::$get[self::FILES_PARAMETER_FILE])) { |
|
| 266 | + $this->downloadFile($request::$get[self::FILES_PARAMETER_FILE]); |
|
| 267 | + } elseif ($relativeCmsUri == '/files/delete' && isset($request::$get[self::FILES_PARAMETER_FILE])) { |
|
| 268 | + $this->storage->deleteFileByName($request::$get[self::FILES_PARAMETER_FILE]); |
|
| 269 | + header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/files'); |
|
| 270 | + exit; |
|
| 271 | + } |
|
| 272 | + } |
|
| 273 | + |
|
| 274 | + /** |
|
| 275 | + * @param $slug |
|
| 276 | + */ |
|
| 277 | + private function downloadFile($slug) |
|
| 278 | + { |
|
| 279 | + $file = $this->storage->getFileByName($slug); |
|
| 280 | + $path = realpath(__DIR__ . '/../../www/files/'); |
|
| 281 | + $quoted = sprintf('"%s"', addcslashes(basename($path . '/' . $file->file), '"\\')); |
|
| 282 | + $size = filesize($path . '/' . $file->file); |
|
| 283 | + |
|
| 284 | + header('Content-Description: File Transfer'); |
|
| 285 | + header('Content-Type: ' . $file->type); |
|
| 286 | + header('Content-Disposition: attachment; filename=' . $quoted); |
|
| 287 | + header('Content-Transfer-Encoding: binary'); |
|
| 288 | + header('Connection: Keep-Alive'); |
|
| 289 | + header('Expires: 0'); |
|
| 290 | + header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); |
|
| 291 | + header('Pragma: public'); |
|
| 292 | + header('Content-Length: ' . $size); |
|
| 293 | + |
|
| 294 | + readfile($path . '/' . $file->file); |
|
| 295 | + exit; |
|
| 296 | + } |
|
| 297 | + |
|
| 298 | + /** |
|
| 299 | + * @param $request |
|
| 300 | + * @param $relativeCmsUri |
|
| 301 | + */ |
|
| 302 | + private function configurationRouting($request, $relativeCmsUri) |
|
| 303 | + { |
|
| 304 | + if ($relativeCmsUri == '/configuration') { |
|
| 305 | + $this->subTemplate = 'cms/configuration'; |
|
| 306 | + $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 307 | + } |
|
| 308 | + |
|
| 309 | + $this->usersRouting($request, $relativeCmsUri); |
|
| 310 | + $this->documentTypesRouting($request, $relativeCmsUri); |
|
| 311 | + $this->bricksRouting($request, $relativeCmsUri); |
|
| 312 | + $this->imageSetRouting($request, $relativeCmsUri); |
|
| 313 | + $this->applicationComponentRouting($request, $relativeCmsUri); |
|
| 314 | + } |
|
| 315 | + |
|
| 316 | + |
|
| 317 | + /** |
|
| 318 | + * @param $request |
|
| 319 | + * @param $relativeCmsUri |
|
| 320 | + */ |
|
| 321 | + private function usersRouting($request, $relativeCmsUri) |
|
| 322 | + { |
|
| 323 | + if ($relativeCmsUri == '/configuration/users') { |
|
| 324 | + $this->subTemplate = 'cms/configuration/users'; |
|
| 325 | + $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 326 | + $this->parameters[self::PARAMETER_USERS] = $this->storage->getUsers(); |
|
| 327 | + } elseif ($relativeCmsUri == '/configuration/users/new') { |
|
| 328 | + $this->subTemplate = 'cms/configuration/users-form'; |
|
| 329 | + $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 330 | + if (isset($_POST[self::POST_PARAMETER_USERNAME])) { |
|
| 331 | + $this->storage->addUser($request::$post); |
|
| 332 | + header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/users'); |
|
| 333 | + exit; |
|
| 334 | + } |
|
| 335 | + } elseif ($relativeCmsUri == '/configuration/users/delete' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
|
| 336 | + $this->storage->deleteUserBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
|
| 337 | + header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/users'); |
|
| 338 | + exit; |
|
| 339 | + } elseif ($relativeCmsUri == '/configuration/users/edit' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
|
| 340 | + $this->subTemplate = 'cms/configuration/users-form'; |
|
| 341 | + $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 342 | + $this->parameters[self::PARAMETER_USER] = $this->storage->getUserBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
|
| 343 | + if (isset($_POST[self::POST_PARAMETER_USERNAME])) { |
|
| 344 | + $this->storage->saveUser($request::$get[self::GET_PARAMETER_SLUG], $request::$post); |
|
| 345 | + header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/users'); |
|
| 346 | + exit; |
|
| 347 | + } |
|
| 348 | + } |
|
| 349 | + } |
|
| 350 | + |
|
| 351 | + /** |
|
| 352 | + * @param $request |
|
| 353 | + * @param $relativeCmsUri |
|
| 354 | + */ |
|
| 355 | + private function documentTypesRouting($request, $relativeCmsUri) |
|
| 356 | + { |
|
| 357 | + if ($relativeCmsUri == '/configuration/document-types') { |
|
| 358 | + $this->subTemplate = 'cms/configuration/document-types'; |
|
| 359 | + $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 360 | + $this->parameters[self::PARAMETER_DOCUMENT_TYPES] = $this->storage->getDocumentTypes(); |
|
| 361 | + } elseif ($relativeCmsUri == '/configuration/document-types/new') { |
|
| 362 | + $this->subTemplate = 'cms/configuration/document-types-form'; |
|
| 363 | + $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 364 | + $bricks = $this->storage->getBricks(); |
|
| 365 | + if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
|
| 366 | + $this->storage->addDocumentType($request::$post); |
|
| 367 | + header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/document-types'); |
|
| 368 | + exit; |
|
| 369 | + } |
|
| 370 | + $this->parameters[self::PARAMETER_BRICKS] = $bricks; |
|
| 371 | + } elseif ($relativeCmsUri == '/configuration/document-types/edit' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
|
| 372 | + $this->subTemplate = 'cms/configuration/document-types-form'; |
|
| 373 | + $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 374 | + $documentType = $this->storage->getDocumentTypeBySlug($request::$get[self::GET_PARAMETER_SLUG], false); |
|
| 375 | + $bricks = $this->storage->getBricks(); |
|
| 376 | + if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
|
| 377 | + $this->storage->saveDocumentType($request::$get[self::GET_PARAMETER_SLUG], $request::$post); |
|
| 378 | + header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/document-types'); |
|
| 379 | + exit; |
|
| 380 | + } |
|
| 381 | + $this->parameters[self::PARAMETER_DOCUMENT_TYPE] = $documentType; |
|
| 382 | + $this->parameters[self::PARAMETER_BRICKS] = $bricks; |
|
| 383 | + } elseif ($relativeCmsUri == '/configuration/document-types/delete' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
|
| 384 | + $this->storage->deleteDocumentTypeBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
|
| 385 | + header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/document-types'); |
|
| 386 | + exit; |
|
| 387 | + } |
|
| 388 | + } |
|
| 389 | + |
|
| 390 | + /** |
|
| 391 | + * @param $request |
|
| 392 | + * @param $relativeCmsUri |
|
| 393 | + */ |
|
| 394 | + private function bricksRouting($request, $relativeCmsUri) |
|
| 395 | + { |
|
| 396 | + if ($relativeCmsUri == '/configuration/bricks') { |
|
| 397 | + $this->subTemplate = 'cms/configuration/bricks'; |
|
| 398 | + $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 399 | + $this->parameters[self::PARAMETER_BRICKS] = $this->storage->getBricks(); |
|
| 400 | + } elseif ($relativeCmsUri == '/configuration/bricks/new') { |
|
| 401 | + $this->subTemplate = 'cms/configuration/bricks-form'; |
|
| 402 | + $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 403 | + if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
|
| 404 | + $this->storage->addBrick($request::$post); |
|
| 405 | + header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/bricks'); |
|
| 406 | + exit; |
|
| 407 | + } |
|
| 408 | + } elseif ($relativeCmsUri == '/configuration/bricks/edit' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
|
| 409 | + $this->subTemplate = 'cms/configuration/bricks-form'; |
|
| 410 | + $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 411 | + $brick = $this->storage->getBrickBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
|
| 412 | + if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
|
| 413 | + $this->storage->saveBrick($request::$get[self::GET_PARAMETER_SLUG], $request::$post); |
|
| 414 | + header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/bricks'); |
|
| 415 | + exit; |
|
| 416 | + } |
|
| 417 | + $this->parameters[self::PARAMETER_BRICK] = $brick; |
|
| 418 | + } elseif ($relativeCmsUri == '/configuration/bricks/delete' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
|
| 419 | + $this->storage->deleteBrickBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
|
| 420 | + header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/bricks'); |
|
| 421 | + exit; |
|
| 422 | + } elseif ($relativeCmsUri == '/configuration/image-set') { |
|
| 423 | + $this->subTemplate = 'cms/configuration/image-set'; |
|
| 424 | + $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 425 | + $this->parameters[self::PARAMETER_IMAGE_SET] = $this->storage->getImageSet(); |
|
| 426 | + } |
|
| 427 | + } |
|
| 428 | + |
|
| 429 | + /** |
|
| 430 | + * @param $request |
|
| 431 | + * @param $relativeCmsUri |
|
| 432 | + */ |
|
| 433 | + private function imageSetRouting($request, $relativeCmsUri) |
|
| 434 | + { |
|
| 435 | + if ($relativeCmsUri == '/configuration/image-set') { |
|
| 436 | + $this->subTemplate = 'cms/configuration/image-set'; |
|
| 437 | + $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 438 | + $this->parameters[self::PARAMETER_IMAGE_SET] = $this->storage->getImageSet(); |
|
| 439 | + } elseif ($relativeCmsUri == '/configuration/image-set/edit' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
|
| 440 | + $this->subTemplate = 'cms/configuration/image-set-form'; |
|
| 441 | + $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 442 | + $imageSet = $this->storage->getImageSetBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
|
| 443 | + if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
|
| 444 | + $this->storage->saveImageSet($request::$get[self::GET_PARAMETER_SLUG], $request::$post); |
|
| 445 | + header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/image-set'); |
|
| 446 | + exit; |
|
| 447 | + } |
|
| 448 | + $this->parameters[self::PARAMETER_IMAGE_SET] = $imageSet; |
|
| 449 | + } elseif ($relativeCmsUri == '/configuration/image-set/new') { |
|
| 450 | + $this->subTemplate = 'cms/configuration/image-set-form'; |
|
| 451 | + $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 452 | + if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
|
| 453 | + $this->storage->addImageSet($request::$post); |
|
| 454 | + header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/image-set'); |
|
| 455 | + exit; |
|
| 456 | + } |
|
| 457 | + } elseif ($relativeCmsUri == '/configuration/image-set/delete' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
|
| 458 | + $this->storage->deleteImageSetBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
|
| 459 | + header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/image-set'); |
|
| 460 | + exit; |
|
| 461 | + } |
|
| 462 | + } |
|
| 463 | + |
|
| 464 | + /** |
|
| 465 | + * @param $request |
|
| 466 | + * @param $relativeCmsUri |
|
| 467 | + */ |
|
| 468 | + private function applicationComponentRouting($request, $relativeCmsUri) |
|
| 469 | + { |
|
| 470 | + if ($relativeCmsUri == '/configuration/application-components') { |
|
| 471 | + $this->subTemplate = 'cms/configuration/application-components'; |
|
| 472 | + $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 473 | + $this->parameters['applicationComponents'] = $this->storage->getApplicationComponents(); |
|
| 474 | + } elseif ($relativeCmsUri == '/configuration/application-components/new') { |
|
| 475 | + $this->subTemplate = 'cms/configuration/application-components-form'; |
|
| 476 | + $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 477 | + if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
|
| 478 | + $this->storage->addApplicationComponent($request::$post); |
|
| 479 | + header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/application-components'); |
|
| 480 | + exit; |
|
| 481 | + } |
|
| 482 | + } elseif ($relativeCmsUri == '/configuration/application-components/edit' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
|
| 483 | + $this->subTemplate = 'cms/configuration/application-components-form'; |
|
| 484 | + $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
|
| 485 | + $applicationComponent = $this->storage->getApplicationComponentBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
|
| 486 | + if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
|
| 487 | + $this->storage->saveApplicationComponent($request::$get[self::GET_PARAMETER_SLUG], $request::$post); |
|
| 488 | + header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/application-components'); |
|
| 489 | + exit; |
|
| 490 | + } |
|
| 491 | + $this->parameters['applicationComponent'] = $applicationComponent; |
|
| 492 | + } elseif ($relativeCmsUri == '/configuration/application-components/delete' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
|
| 493 | + $this->storage->deleteApplicationComponentBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
|
| 494 | + header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/application-components'); |
|
| 495 | + exit; |
|
| 496 | + } |
|
| 497 | + } |
|
| 498 | + |
|
| 499 | + private function logOffRouting($request, $relativeCmsUri) |
|
| 500 | + { |
|
| 501 | + if ($relativeCmsUri == '/log-off') { |
|
| 502 | + $_SESSION[self::SESSION_PARAMETER_CLOUD_CONTROL] = null; |
|
| 503 | + unset($_SESSION[self::SESSION_PARAMETER_CLOUD_CONTROL]); |
|
| 504 | + header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX]); |
|
| 505 | + exit; |
|
| 506 | + } |
|
| 507 | + } |
|
| 508 | + |
|
| 509 | + public function setParameter($parameterName, $parameterValue) |
|
| 510 | + { |
|
| 511 | + $this->parameters[$parameterName] = $parameterValue; |
|
| 512 | + } |
|
| 513 | + |
|
| 514 | + public function getParameter($parameterName) |
|
| 515 | + { |
|
| 516 | + return $this->parameters[$parameterName]; |
|
| 517 | + } |
|
| 518 | + } |
|
| 519 | 519 | } |
| 520 | 520 | \ No newline at end of file |
@@ -192,7 +192,7 @@ discard block |
||
| 192 | 192 | $whitelistIps = explode(',', $this->parameters[self::PARAMETER_WHITELIST_IPS]); |
| 193 | 193 | $whitelistIps = array_map("trim", $whitelistIps); |
| 194 | 194 | if (!in_array($remoteAddress, $whitelistIps)) { |
| 195 | - throw new \Exception('Ip address ' . $remoteAddress . ' is not on whitelist'); |
|
| 195 | + throw new \Exception('Ip address '.$remoteAddress.' is not on whitelist'); |
|
| 196 | 196 | } |
| 197 | 197 | } |
| 198 | 198 | } |
@@ -207,7 +207,7 @@ discard block |
||
| 207 | 207 | $blacklistIps = explode(',', $this->parameters[self::PARAMETER_BLACKLIST_IPS]); |
| 208 | 208 | $blacklistIps = array_map("trim", $blacklistIps); |
| 209 | 209 | if (in_array($remoteAddress, $blacklistIps)) { |
| 210 | - throw new \Exception('Ip address ' . $remoteAddress . ' is on blacklist'); |
|
| 210 | + throw new \Exception('Ip address '.$remoteAddress.' is on blacklist'); |
|
| 211 | 211 | } |
| 212 | 212 | } |
| 213 | 213 | } |
@@ -259,14 +259,14 @@ discard block |
||
| 259 | 259 | $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = self::PARAMETER_FILES; |
| 260 | 260 | if (isset($_FILES[self::FILES_PARAMETER_FILE])) { |
| 261 | 261 | $this->storage->addFile($_FILES[self::FILES_PARAMETER_FILE]); |
| 262 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/files'); |
|
| 262 | + header('Location: '.$request::$subfolders.$this->parameters[self::PARAMETER_CMS_PREFIX].'/files'); |
|
| 263 | 263 | exit; |
| 264 | 264 | } |
| 265 | 265 | } elseif ($relativeCmsUri == '/files/get' && isset($request::$get[self::FILES_PARAMETER_FILE])) { |
| 266 | 266 | $this->downloadFile($request::$get[self::FILES_PARAMETER_FILE]); |
| 267 | 267 | } elseif ($relativeCmsUri == '/files/delete' && isset($request::$get[self::FILES_PARAMETER_FILE])) { |
| 268 | 268 | $this->storage->deleteFileByName($request::$get[self::FILES_PARAMETER_FILE]); |
| 269 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/files'); |
|
| 269 | + header('Location: '.$request::$subfolders.$this->parameters[self::PARAMETER_CMS_PREFIX].'/files'); |
|
| 270 | 270 | exit; |
| 271 | 271 | } |
| 272 | 272 | } |
@@ -277,21 +277,21 @@ discard block |
||
| 277 | 277 | private function downloadFile($slug) |
| 278 | 278 | { |
| 279 | 279 | $file = $this->storage->getFileByName($slug); |
| 280 | - $path = realpath(__DIR__ . '/../../www/files/'); |
|
| 281 | - $quoted = sprintf('"%s"', addcslashes(basename($path . '/' . $file->file), '"\\')); |
|
| 282 | - $size = filesize($path . '/' . $file->file); |
|
| 280 | + $path = realpath(__DIR__.'/../../www/files/'); |
|
| 281 | + $quoted = sprintf('"%s"', addcslashes(basename($path.'/'.$file->file), '"\\')); |
|
| 282 | + $size = filesize($path.'/'.$file->file); |
|
| 283 | 283 | |
| 284 | 284 | header('Content-Description: File Transfer'); |
| 285 | - header('Content-Type: ' . $file->type); |
|
| 286 | - header('Content-Disposition: attachment; filename=' . $quoted); |
|
| 285 | + header('Content-Type: '.$file->type); |
|
| 286 | + header('Content-Disposition: attachment; filename='.$quoted); |
|
| 287 | 287 | header('Content-Transfer-Encoding: binary'); |
| 288 | 288 | header('Connection: Keep-Alive'); |
| 289 | 289 | header('Expires: 0'); |
| 290 | 290 | header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); |
| 291 | 291 | header('Pragma: public'); |
| 292 | - header('Content-Length: ' . $size); |
|
| 292 | + header('Content-Length: '.$size); |
|
| 293 | 293 | |
| 294 | - readfile($path . '/' . $file->file); |
|
| 294 | + readfile($path.'/'.$file->file); |
|
| 295 | 295 | exit; |
| 296 | 296 | } |
| 297 | 297 | |
@@ -329,12 +329,12 @@ discard block |
||
| 329 | 329 | $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
| 330 | 330 | if (isset($_POST[self::POST_PARAMETER_USERNAME])) { |
| 331 | 331 | $this->storage->addUser($request::$post); |
| 332 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/users'); |
|
| 332 | + header('Location: '.$request::$subfolders.$this->parameters[self::PARAMETER_CMS_PREFIX].'/configuration/users'); |
|
| 333 | 333 | exit; |
| 334 | 334 | } |
| 335 | 335 | } elseif ($relativeCmsUri == '/configuration/users/delete' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
| 336 | 336 | $this->storage->deleteUserBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
| 337 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/users'); |
|
| 337 | + header('Location: '.$request::$subfolders.$this->parameters[self::PARAMETER_CMS_PREFIX].'/configuration/users'); |
|
| 338 | 338 | exit; |
| 339 | 339 | } elseif ($relativeCmsUri == '/configuration/users/edit' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
| 340 | 340 | $this->subTemplate = 'cms/configuration/users-form'; |
@@ -342,7 +342,7 @@ discard block |
||
| 342 | 342 | $this->parameters[self::PARAMETER_USER] = $this->storage->getUserBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
| 343 | 343 | if (isset($_POST[self::POST_PARAMETER_USERNAME])) { |
| 344 | 344 | $this->storage->saveUser($request::$get[self::GET_PARAMETER_SLUG], $request::$post); |
| 345 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/users'); |
|
| 345 | + header('Location: '.$request::$subfolders.$this->parameters[self::PARAMETER_CMS_PREFIX].'/configuration/users'); |
|
| 346 | 346 | exit; |
| 347 | 347 | } |
| 348 | 348 | } |
@@ -364,7 +364,7 @@ discard block |
||
| 364 | 364 | $bricks = $this->storage->getBricks(); |
| 365 | 365 | if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
| 366 | 366 | $this->storage->addDocumentType($request::$post); |
| 367 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/document-types'); |
|
| 367 | + header('Location: '.$request::$subfolders.$this->parameters[self::PARAMETER_CMS_PREFIX].'/configuration/document-types'); |
|
| 368 | 368 | exit; |
| 369 | 369 | } |
| 370 | 370 | $this->parameters[self::PARAMETER_BRICKS] = $bricks; |
@@ -375,14 +375,14 @@ discard block |
||
| 375 | 375 | $bricks = $this->storage->getBricks(); |
| 376 | 376 | if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
| 377 | 377 | $this->storage->saveDocumentType($request::$get[self::GET_PARAMETER_SLUG], $request::$post); |
| 378 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/document-types'); |
|
| 378 | + header('Location: '.$request::$subfolders.$this->parameters[self::PARAMETER_CMS_PREFIX].'/configuration/document-types'); |
|
| 379 | 379 | exit; |
| 380 | 380 | } |
| 381 | 381 | $this->parameters[self::PARAMETER_DOCUMENT_TYPE] = $documentType; |
| 382 | 382 | $this->parameters[self::PARAMETER_BRICKS] = $bricks; |
| 383 | 383 | } elseif ($relativeCmsUri == '/configuration/document-types/delete' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
| 384 | 384 | $this->storage->deleteDocumentTypeBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
| 385 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/document-types'); |
|
| 385 | + header('Location: '.$request::$subfolders.$this->parameters[self::PARAMETER_CMS_PREFIX].'/configuration/document-types'); |
|
| 386 | 386 | exit; |
| 387 | 387 | } |
| 388 | 388 | } |
@@ -402,7 +402,7 @@ discard block |
||
| 402 | 402 | $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
| 403 | 403 | if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
| 404 | 404 | $this->storage->addBrick($request::$post); |
| 405 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/bricks'); |
|
| 405 | + header('Location: '.$request::$subfolders.$this->parameters[self::PARAMETER_CMS_PREFIX].'/configuration/bricks'); |
|
| 406 | 406 | exit; |
| 407 | 407 | } |
| 408 | 408 | } elseif ($relativeCmsUri == '/configuration/bricks/edit' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
@@ -411,13 +411,13 @@ discard block |
||
| 411 | 411 | $brick = $this->storage->getBrickBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
| 412 | 412 | if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
| 413 | 413 | $this->storage->saveBrick($request::$get[self::GET_PARAMETER_SLUG], $request::$post); |
| 414 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/bricks'); |
|
| 414 | + header('Location: '.$request::$subfolders.$this->parameters[self::PARAMETER_CMS_PREFIX].'/configuration/bricks'); |
|
| 415 | 415 | exit; |
| 416 | 416 | } |
| 417 | 417 | $this->parameters[self::PARAMETER_BRICK] = $brick; |
| 418 | 418 | } elseif ($relativeCmsUri == '/configuration/bricks/delete' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
| 419 | 419 | $this->storage->deleteBrickBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
| 420 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/bricks'); |
|
| 420 | + header('Location: '.$request::$subfolders.$this->parameters[self::PARAMETER_CMS_PREFIX].'/configuration/bricks'); |
|
| 421 | 421 | exit; |
| 422 | 422 | } elseif ($relativeCmsUri == '/configuration/image-set') { |
| 423 | 423 | $this->subTemplate = 'cms/configuration/image-set'; |
@@ -442,7 +442,7 @@ discard block |
||
| 442 | 442 | $imageSet = $this->storage->getImageSetBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
| 443 | 443 | if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
| 444 | 444 | $this->storage->saveImageSet($request::$get[self::GET_PARAMETER_SLUG], $request::$post); |
| 445 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/image-set'); |
|
| 445 | + header('Location: '.$request::$subfolders.$this->parameters[self::PARAMETER_CMS_PREFIX].'/configuration/image-set'); |
|
| 446 | 446 | exit; |
| 447 | 447 | } |
| 448 | 448 | $this->parameters[self::PARAMETER_IMAGE_SET] = $imageSet; |
@@ -451,12 +451,12 @@ discard block |
||
| 451 | 451 | $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
| 452 | 452 | if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
| 453 | 453 | $this->storage->addImageSet($request::$post); |
| 454 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/image-set'); |
|
| 454 | + header('Location: '.$request::$subfolders.$this->parameters[self::PARAMETER_CMS_PREFIX].'/configuration/image-set'); |
|
| 455 | 455 | exit; |
| 456 | 456 | } |
| 457 | 457 | } elseif ($relativeCmsUri == '/configuration/image-set/delete' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
| 458 | 458 | $this->storage->deleteImageSetBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
| 459 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/image-set'); |
|
| 459 | + header('Location: '.$request::$subfolders.$this->parameters[self::PARAMETER_CMS_PREFIX].'/configuration/image-set'); |
|
| 460 | 460 | exit; |
| 461 | 461 | } |
| 462 | 462 | } |
@@ -476,7 +476,7 @@ discard block |
||
| 476 | 476 | $this->parameters[self::PARAMETER_MAIN_NAV_CLASS] = 'configuration'; |
| 477 | 477 | if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
| 478 | 478 | $this->storage->addApplicationComponent($request::$post); |
| 479 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/application-components'); |
|
| 479 | + header('Location: '.$request::$subfolders.$this->parameters[self::PARAMETER_CMS_PREFIX].'/configuration/application-components'); |
|
| 480 | 480 | exit; |
| 481 | 481 | } |
| 482 | 482 | } elseif ($relativeCmsUri == '/configuration/application-components/edit' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
@@ -485,13 +485,13 @@ discard block |
||
| 485 | 485 | $applicationComponent = $this->storage->getApplicationComponentBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
| 486 | 486 | if (isset($request::$post[self::POST_PARAMETER_TITLE])) { |
| 487 | 487 | $this->storage->saveApplicationComponent($request::$get[self::GET_PARAMETER_SLUG], $request::$post); |
| 488 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/application-components'); |
|
| 488 | + header('Location: '.$request::$subfolders.$this->parameters[self::PARAMETER_CMS_PREFIX].'/configuration/application-components'); |
|
| 489 | 489 | exit; |
| 490 | 490 | } |
| 491 | 491 | $this->parameters['applicationComponent'] = $applicationComponent; |
| 492 | 492 | } elseif ($relativeCmsUri == '/configuration/application-components/delete' && isset($request::$get[self::GET_PARAMETER_SLUG])) { |
| 493 | 493 | $this->storage->deleteApplicationComponentBySlug($request::$get[self::GET_PARAMETER_SLUG]); |
| 494 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX] . '/configuration/application-components'); |
|
| 494 | + header('Location: '.$request::$subfolders.$this->parameters[self::PARAMETER_CMS_PREFIX].'/configuration/application-components'); |
|
| 495 | 495 | exit; |
| 496 | 496 | } |
| 497 | 497 | } |
@@ -501,7 +501,7 @@ discard block |
||
| 501 | 501 | if ($relativeCmsUri == '/log-off') { |
| 502 | 502 | $_SESSION[self::SESSION_PARAMETER_CLOUD_CONTROL] = null; |
| 503 | 503 | unset($_SESSION[self::SESSION_PARAMETER_CLOUD_CONTROL]); |
| 504 | - header('Location: ' . $request::$subfolders . $this->parameters[self::PARAMETER_CMS_PREFIX]); |
|
| 504 | + header('Location: '.$request::$subfolders.$this->parameters[self::PARAMETER_CMS_PREFIX]); |
|
| 505 | 505 | exit; |
| 506 | 506 | } |
| 507 | 507 | } |
