commit b4e3b9288ce40cd4a298b36f9eb5daa394ed7bcc parent 452718c5990f1fe74dea7b012bd39296cc48b3b1 Author: Jan Dankert <develop@jandankert.de> Date: Sun, 23 Feb 2020 04:49:34 +0100 Refactoring with Namespaces for the cms modules, part 2. Diffstat:
63 files changed, 568 insertions(+), 588 deletions(-)
diff --git a/api/index.php b/api/index.php @@ -2,9 +2,10 @@ // Excecuting the CMS application programming interface (API) require('../modules/autoload.php'); -require('../modules/cms-api/require.php'); +require('../modules/cms/base/require.php'); +require('../modules/cms/ui/require.php'); -use cms_api\API; +use cms\api\API; try { // Cookie-Path: Actual path without '/api'. diff --git a/index.php b/index.php @@ -1,9 +1,10 @@ <?php // Excecuting the CMS user interface (UI) require('modules/autoload.php'); -require('modules/cms-ui/require.php'); +require('modules/cms/base/require.php'); +require('modules/cms/ui/require.php'); -use cms_ui\UI; +use cms\ui\UI; try { UI::execute(); diff --git a/modules/cms/Dispatcher.class.php b/modules/cms/Dispatcher.class.php @@ -48,7 +48,9 @@ class Dispatcher global $conf; $conf = Session::getConfig(); - define('PRODUCTION', Conf()->is('production',true)); + require_once(__DIR__.'/../configuration/configuration.php'); + + define('PRODUCTION', Conf()->is('production',true)); define('DEVELOPMENT', !PRODUCTION); if( DEVELOPMENT) @@ -65,7 +67,6 @@ class Dispatcher $this->setContentLanguageHeader(); // Nachdem die Konfiguration gelesen wurde, kann nun der Logger benutzt werden. - require_once(OR_MODULES_DIR . "logger/require." . PHP_EXT); $this->initializeLogger(); // Sollte nur 1x pro Sitzung ausgeführt werden. Wie ermitteln wir das? @@ -172,7 +173,7 @@ class Dispatcher // Wenn Logfile relativ angegeben wurde, dann muss dies relativ zum Root der Anwendung sein. if ( !empty($logFile) && $logFile[0] != '/' ) - $logFile = __DIR__ . '/../modules/' .$logFile; + $logFile = __DIR__ . '/../cms09/' .$logFile; //$logFile = __DIR__.'/../../'.$logFile; Logger::$messageFormat = $logConfig['format']; @@ -209,7 +210,7 @@ class Dispatcher // Konfiguration lesen. // Wenn Konfiguration noch nicht in Session vorhanden oder die Konfiguration geändert wurde (erkennbar anhand des Datei-Datums) // dann die Konfiguration neu einlesen. - $configLoader = new ConfigurationLoader( __DIR__.'/../../config/config.yml' ); + $configLoader = new ConfigurationLoader(__DIR__ . '/../../config/config.yml'); if (!is_array($conf) || $conf['config']['auto_reload'] && $configLoader->lastModificationTime() > $conf['config']['last_modification_time']) { @@ -530,7 +531,7 @@ class Dispatcher $dir = $auditConfig->get('directory','./audit-log' ); if ( $dir[0] != '/' ) - $dir = __DIR__ . '/../modules/' .$dir; + $dir = __DIR__ . '/../../' .$dir; $micro_date = microtime(); $date = explode(" ",$micro_date); diff --git a/modules/cms/action/ElementAction.class.php b/modules/cms/action/ElementAction.class.php @@ -265,7 +265,7 @@ class ElementAction extends BaseAction case Element::ELEMENT_TYPE_DYNAMIC: $files = Array(); - $macroFiles = \util\FileUtils::readDir(__DIR__ . '/../../macros/macro'); + $macroFiles = \util\FileUtils::readDir(__DIR__ . '/../../cms-macros/macro'); foreach( $macroFiles as $macroFile ) { $file = substr($macroFile,0,strlen($macroFile)-10); diff --git a/modules/cms/action/LoginAction.class.php b/modules/cms/action/LoginAction.class.php @@ -19,7 +19,7 @@ use \DB; use cms\update\Update; use \Exception; use util\Http; -use \InternalAuth; +use cms\auth\InternalAuth; use logger\Logger; use \ObjectNotFoundException; use util\exception\OpenRatException; @@ -358,7 +358,7 @@ class LoginAction extends BaseAction { Logger::debug('Preselecting module: '.$module); $moduleClass = $module.'Auth'; - /** @var \Auth $auth */ + /** @var \cms\auth\Auth $auth */ $auth = new $moduleClass; $username = $auth->username(); diff --git a/modules/cms/api/API.class.php b/modules/cms/api/API.class.php @@ -1,6 +1,6 @@ <?php -namespace cms_api; +namespace cms\api; use BadMethodCallException; use cms\action\RequestParams; diff --git a/modules/cms/auth/Auth.class.php b/modules/cms/auth/Auth.class.php @@ -1,23 +1,27 @@ <?php - -DEFINE('OR_AUTH_STATUS_SUCCESS',1); -DEFINE('OR_AUTH_STATUS_FAILED',2); -DEFINE('OR_AUTH_STATUS_PW_EXPIRED',3); -DEFINE('OR_AUTH_STATUS_TOKEN_NEEDED',4); + +namespace cms\auth; +use Benutzername; +use Kennwort; + +DEFINE('OR_AUTH_STATUS_SUCCESS', 1); +DEFINE('OR_AUTH_STATUS_FAILED', 2); +DEFINE('OR_AUTH_STATUS_PW_EXPIRED', 3); +DEFINE('OR_AUTH_STATUS_TOKEN_NEEDED', 4); interface Auth { /** * Prüft den eingegebenen Benutzernamen und das Kennwort * auf Richtigkeit. - * + * * @param Benutzername * @param Kennwort */ - function login( $username, $password, $token ); - - + function login($username, $password, $token); + + /** * Ermittelt den Benutzernamen. * Der Benutzername wird verwendet, um die Loginmaske vorauszufüllen. diff --git a/modules/cms/auth/CookieAuth.class.php b/modules/cms/auth/CookieAuth.class.php @@ -1,27 +1,31 @@ <?php +namespace cms\auth; + +use cms\auth\Auth; + /** * Authentifizierung als Gast-User. - * + * * Falls konfiguriert, wird der Gast-Benutzer voreingestellt. - * + * * @author dankert */ class CookieAuth implements Auth { public function username() { - if ( isset($_COOKIE['or_username']) ) + if (isset($_COOKIE['or_username'])) return $_COOKIE['or_username']; else return null; } - - + + /** * Ueberpruefen des Kennwortes ist über Ident nicht möglich. */ - public function login( $user, $password, $token ) + public function login($user, $password, $token) { return false; } diff --git a/modules/cms/auth/DatabaseAuth.class.php b/modules/cms/auth/DatabaseAuth.class.php @@ -1,5 +1,8 @@ <?php +namespace cms\auth; + +use cms\auth\Auth; use database\Database; /** @@ -13,29 +16,29 @@ class DatabaseAuth implements Auth /** * Login. */ - public function login( $user, $password, $token ) + public function login($user, $password, $token) { global $conf; - + $authDbConf = $conf['security']['authdb']; - - if ( ! $authDbConf['enable'] ) + + if (!$authDbConf['enable']) return false; - $authdb = new Database( $authDbConf ); - - $sql = $authdb->sql( $conf['security']['authdb']['sql'] ); - $algo = $authdb->sql( $conf['security']['authdb']['hash_algo'] ); - $sql->setString('username',$user ); - $sql->setString('password',hash($algo,$password)); + $authdb = new Database($authDbConf); + + $sql = $authdb->sql($conf['security']['authdb']['sql']); + $algo = $authdb->sql($conf['security']['authdb']['hash_algo']); + $sql->setString('username', $user); + $sql->setString('password', hash($algo, $password)); $row = $sql->getRow(); $ok = !empty($row); - + // noch nicht implementiert: $authdb->close(); - - return $ok?OR_AUTH_STATUS_SUCCESS:OR_AUTH_STATUS_FAILED; + + return $ok ? OR_AUTH_STATUS_SUCCESS : OR_AUTH_STATUS_FAILED; } - + public function username() { return null; diff --git a/modules/cms/auth/GuestAuth.class.php b/modules/cms/auth/GuestAuth.class.php @@ -1,10 +1,14 @@ <?php +namespace cms\auth; + +use cms\auth\Auth; + /** * Authentifizierung als Gast-User. - * + * * Falls konfiguriert, wird der Gast-Benutzer voreingestellt. - * + * * @author dankert */ class GuestAuth implements Auth @@ -13,18 +17,18 @@ class GuestAuth implements Auth { global $conf; $guestConf = $conf['security']['guest']; - - if ( $guestConf['enable'] ) + + if ($guestConf['enable']) return $guestConf['user']; else return null; } - - + + /** * Ueberpruefen des Kennwortes ist über Ident nicht möglich. */ - public function login( $user, $password, $token ) + public function login($user, $password, $token) { return false; } diff --git a/modules/cms/auth/HttpAuth.class.php b/modules/cms/auth/HttpAuth.class.php @@ -1,13 +1,16 @@ <?php +namespace cms\auth; + +use cms\auth\Auth; use util\Http; /** * HTTP-Authentifzierung. - * + * * Das vom Benutzer eingegebene Kennwort wird gegen eine HTTP-Adresse * geprüft, bei der HTTP-Auth aktiviert ist. - * + * * @author Jan Dankert */ class HttpAuth implements Auth @@ -20,23 +23,23 @@ class HttpAuth implements Auth { return null; } - - + + /** * Ueberpruefen des Kennwortes. * * Das Kennwort wird gegen einen HTTP-Server geprüft. */ - public function login( $user, $password, $token ) + public function login($user, $password, $token) { global $conf; - - $http = new Http( $conf['security']['http']['url'] ); + + $http = new Http($conf['security']['http']['url']); $http->method = 'HEAD'; - $http->setBasicAuthentication( $this->name, $password ); - + $http->setBasicAuthentication($this->name, $password); + $ok = $http->request(); - + return $ok; } } diff --git a/modules/cms/auth/IdentAuth.class.php b/modules/cms/auth/IdentAuth.class.php @@ -1,57 +1,54 @@ <?php +namespace cms\auth; + +use cms\auth\Auth; use logger\Logger; use util\Http; /** * Authentifizierung via Ident-Server. - * + * * Der Benutzername wird über einen Ident-Server, der auf dem * Client installiert sein muss, ermittelt. - * + * * @author dankert */ class IdentAuth implements Auth { public function username() { - $ip = Http::getClientIP(); + $ip = Http::getClientIP(); $port = Http::getClientPort(); $identPort = 113; - if ( !$socket = @fsockopen($ip,$identPort,$errno, $errstr,10 )) - { + if (!$socket = @fsockopen($ip, $identPort, $errno, $errstr, 10)) { return null; } - - $line = $port.','.$_SERVER['SERVER_PORT']."\r\n"; + + $line = $port . ',' . $_SERVER['SERVER_PORT'] . "\r\n"; @fwrite($socket, $line); $line = @fgets($socket, 1000); // 1000 octets according to RFC 1413 fclose($socket); - + $array = explode(':', $line, 4); - if (count($array) >= 4 && ! strcasecmp(trim($array[1]), 'USERID')) - { + if (count($array) >= 4 && !strcasecmp(trim($array[1]), 'USERID')) { $username = trim($array[3]); - Logger::debug('Ident: User-Id: '.$username ); + Logger::debug('Ident: User-Id: ' . $username); return $username; - } - elseif (count($array) >= 3 && ! strcasecmp(trim($array[1]), 'ERROR')) - { - Logger::debug('Ident: Error: '.trim($array[2]) ); + } elseif (count($array) >= 3 && !strcasecmp(trim($array[1]), 'ERROR')) { + Logger::debug('Ident: Error: ' . trim($array[2])); + return null; + } else { + Logger::warn('Ident: Invalid ident server response: ' . $line); return null; - } - else - { - Logger::warn('Ident: Invalid ident server response: '.$line); - return null; } } - - + + /** * Ueberpruefen des Kennwortes ist über Ident nicht möglich. */ - public function login( $user, $password, $token ) + public function login($user, $password, $token) { return OR_AUTH_STATUS_FAILED; } diff --git a/modules/cms/auth/InternalAuth.class.php b/modules/cms/auth/InternalAuth.class.php @@ -1,91 +1,90 @@ <?php +namespace cms\auth; + +use cms\auth\Auth; use cms\model\User; +use LogicException; use security\Password; /** * Authentifizierungsmodul für die interne Benutzerdatenbank. - * + * * @author Jan Dankert * */ class InternalAuth implements Auth { var $mustChangePassword = false; - + /** * Ueberpruefen des Kennwortes * ueber die Benutzertabelle in der Datenbank. */ - function login( $username, $password,$token ) + function login($username, $password, $token) { // Lesen des Benutzers aus der DB-Tabelle - $sql = db()->sql( <<<SQL + $sql = db()->sql(<<<SQL SELECT * FROM {{user}} WHERE name={name} SQL ); - $sql->setString('name',$username); - + $sql->setString('name', $username); + $row_user = $sql->getRow(); - if ( empty($row_user) ) { - + if (empty($row_user)) { + // Benutzer ist nicht vorhanden. // Trotzdem das Kennwort hashen, um Timingattacken zu verhindern. - $unusedHash = Password::hash(User::pepperPassword($password),Password::bestAlgoAvailable() ); - return false; + $unusedHash = Password::hash(User::pepperPassword($password), Password::bestAlgoAvailable()); + return false; } - + // Pruefen ob Kennwort mit Datenbank uebereinstimmt. - if ( ! Password::check(User::pepperPassword($password),$row_user['password_hash'],$row_user['password_algo']) ) - { - return false; + if (!Password::check(User::pepperPassword($password), $row_user['password_hash'], $row_user['password_algo'])) { + return false; } - + // Behandeln von Klartext-Kennwoertern (Igittigitt). - if ( $row_user['password_algo'] == Password::ALGO_PLAIN ) - { - if ( config('security','password','force_change_if_cleartext') ) - // Kennwort steht in der Datenbank im Klartext. - // Das Kennwort muss geaendert werden - return OR_AUTH_STATUS_PW_EXPIRED; - - // Anderenfalls ist das Login zwar moeglich, aber das Kennwort wird automatisch neu gehasht, weil der beste Algo erzwungen wird. - // Das Klartextkennwort waere danach ueberschrieben. + if ($row_user['password_algo'] == Password::ALGO_PLAIN) { + if (config('security', 'password', 'force_change_if_cleartext')) + // Kennwort steht in der Datenbank im Klartext. + // Das Kennwort muss geaendert werden + return OR_AUTH_STATUS_PW_EXPIRED; + + // Anderenfalls ist das Login zwar moeglich, aber das Kennwort wird automatisch neu gehasht, weil der beste Algo erzwungen wird. + // Das Klartextkennwort waere danach ueberschrieben. } - - if ( $row_user['password_expires'] != null && $row_user['password_expires'] < time() ) - { + + if ($row_user['password_expires'] != null && $row_user['password_expires'] < time()) { // Kennwort ist abgelaufen. - - // Wenn das kennwort abgelaufen ist, kann es eine bestimmte Dauer noch benutzt und geändert werden. - // Nach Ablauf dieser Dauer wird das Login abgelehnt. - if ( $row_user['password_expires'] +(config('security','deny_after_expiration_duration')*60*60) < time() ) - return false; // Abgelaufenes Kennwort wird nicht mehr akzeptiert. - else - return OR_AUTH_STATUS_PW_EXPIRED; // Kennwort ist abgelaufen, kann aber noch geändert werden. + + // Wenn das kennwort abgelaufen ist, kann es eine bestimmte Dauer noch benutzt und geändert werden. + // Nach Ablauf dieser Dauer wird das Login abgelehnt. + if ($row_user['password_expires'] + (config('security', 'deny_after_expiration_duration') * 60 * 60) < time()) + return false; // Abgelaufenes Kennwort wird nicht mehr akzeptiert. + else + return OR_AUTH_STATUS_PW_EXPIRED; // Kennwort ist abgelaufen, kann aber noch geändert werden. } - - if ( $row_user['totp'] == 1 ) - { - $user = new User($row_user['id']); - $user->load(); - if ( Password::getTOTPCode($user->otpSecret) == $token ) - return true; - else - return OR_AUTH_STATUS_TOKEN_NEEDED; + + if ($row_user['totp'] == 1) { + $user = new User($row_user['id']); + $user->load(); + if (Password::getTOTPCode($user->otpSecret) == $token) + return true; + else + return OR_AUTH_STATUS_TOKEN_NEEDED; } - - if ( $row_user['hotp'] == 1 ) - { + + if ($row_user['hotp'] == 1) { throw new LogicException('HOTP not yet implemented.'); } - + // Benutzer wurde erfolgreich authentifiziert. return true; } - + public function username() { return null; diff --git a/modules/cms/auth/LdapAuth.class.php b/modules/cms/auth/LdapAuth.class.php @@ -1,74 +1,74 @@ <?php +namespace cms\auth; + +use cms\auth\Auth; use logger\Logger; +use User; use util\Ldap; class LdapAuth implements Auth { - public function login($username, $password, $token) + public function login($username, $password, $token) { - // Falls Modul LDAP nicht vorhanden ist können wir gleich beenden. - if (!extension_loaded('ldap')){ + // Falls Modul LDAP nicht vorhanden ist können wir gleich beenden. + if (!extension_loaded('ldap')) { - Logger::warn("LdapAuth: LDAP Login is not possible: LDAP-Extension ist not loaded."); - return false; - } + Logger::warn("LdapAuth: LDAP Login is not possible: LDAP-Extension ist not loaded."); + return false; + } - global $conf; + global $conf; $db = db_connection(); $this->mustChangePassword = false; - + // Lesen des Benutzers aus der DB-Tabelle - $sql = $db->sql( <<<SQL + $sql = $db->sql(<<<SQL SELECT * FROM {{user}} WHERE name={name} SQL ); - $sql->setString('name',$username); - + $sql->setString('name', $username); + $row_user = $sql->getRow(); - $userid = $row_user['id']; - + $userid = $row_user['id']; + $ldap = new Ldap(); $ldap->connect(); - - if ( empty($conf['ldap']['dn']) ) - { + + if (empty($conf['ldap']['dn'])) { // Der Benutzername wird im LDAP-Verzeichnis gesucht. // Falls gefunden, wird der DN (=der eindeutige Schl�ssel im Verzeichnis) ermittelt. - $dn = $ldap->searchUser( $username ); - - if ( empty($dn) ) - { - Logger::debug( 'User not found in LDAP directory' ); + $dn = $ldap->searchUser($username); + + if (empty($dn)) { + Logger::debug('User not found in LDAP directory'); return false; // Kein LDAP-Account gefunden. } - Logger::debug( 'User found: '.$dn ); - } - else - { - $dn = str_replace( '{user}',$username,$conf['ldap']['dn'] ); + Logger::debug('User found: ' . $dn); + } else { + $dn = str_replace('{user}', $username, $conf['ldap']['dn']); } - + // LDAP-Login versuchen - $ok = $ldap->bind( $dn, $password ); - - Logger::debug( 'LDAP bind: '.($ok?'success':'failed') ); - - if ( !$ok ) + $ok = $ldap->bind($dn, $password); + + Logger::debug('LDAP bind: ' . ($ok ? 'success' : 'failed')); + + if (!$ok) return false; - + $sucheAttribut = $conf['ldap']['authorize']['group_name']; - $sucheFilter = str_replace('{dn}',$dn,$conf['ldap']['authorize']['group_filter']); - - $this->groups = $ldap->searchAttribute( $sucheFilter, $sucheAttribut ); - $user = new User( $userid ); - + $sucheFilter = str_replace('{dn}', $dn, $conf['ldap']['authorize']['group_filter']); + + $this->groups = $ldap->searchAttribute($sucheFilter, $sucheAttribut); + $user = new User($userid); + // Html::debug($this->groups,'Gruppen/Ids des Benutzers'); - + // Verbindung zum LDAP-Server brav beenden $ldap->close(); @@ -79,7 +79,7 @@ SQL { return null; } - + } ?> \ No newline at end of file diff --git a/modules/cms/auth/LdapUserDNAuth.class.php b/modules/cms/auth/LdapUserDNAuth.class.php @@ -1,11 +1,14 @@ <?php +namespace cms\auth; + +use cms\auth\Auth; use logger\Logger; use util\Ldap; /** * Authentifizierung gegen einen LDAP-Server. - * + * * @author Jan Dankert */ class LdapUserDNAuth implements Auth @@ -13,47 +16,47 @@ class LdapUserDNAuth implements Auth /** * @see Auth::login() */ - public function login($username, $password, $token) + public function login($username, $password, $token) { $db = db_connection(); $this->mustChangePassword = false; - + // Lesen des Benutzers aus der DB-Tabelle - $sql = $db->sql( <<<SQL + $sql = $db->sql(<<<SQL SELECT * FROM {{user}} WHERE name={name} SQL ); - $sql->setString('name',$username); - + $sql->setString('name', $username); + $row_user = $sql->getRow(); - - if ( empty($row_user) ) + + if (empty($row_user)) return false; - + // Benutzername ist bereits in der Datenbank. - $userid = $row_user['id']; + $userid = $row_user['id']; $ldap_dn = $row_user['ldap_dn']; - - if ( empty($ldap_dn ) ) + + if (empty($ldap_dn)) return false; - // Falls Modul LDAP nicht vorhanden ist können wir gleich beenden. - if (!extension_loaded('ldap')){ + // Falls Modul LDAP nicht vorhanden ist können wir gleich beenden. + if (!extension_loaded('ldap')) { - Logger::warn("LDAP Login is not possible: LDAP-Extension ist not loaded."); - return false; - } + Logger::warn("LDAP Login is not possible: LDAP-Extension ist not loaded."); + return false; + } - Logger::debug( 'checking login via ldap' ); + Logger::debug('checking login via ldap'); $ldap = new Ldap(); $ldap->connect(); - + // Benutzer ist bereits in Datenbank // LDAP-Login mit dem bereits vorhandenen DN versuchen - $ok = $ldap->bind( $ldap_dn, $password ); - + $ok = $ldap->bind($ldap_dn, $password); + // Verbindung zum LDAP-Server brav beenden $ldap->close(); @@ -64,7 +67,7 @@ SQL { return null; } - + } ?> \ No newline at end of file diff --git a/modules/cms/auth/OpenIdAuth.class.php b/modules/cms/auth/OpenIdAuth.class.php @@ -1,6 +1,12 @@ <?php +namespace cms\auth; + +use cms\auth\Auth; use logger\Logger; +use OpenId; +use Parameter; +use unknown; use util\Http; @@ -14,48 +20,48 @@ class OpenIdAuth implements Auth { return null; } - - - function login( $username, $password, $token ) + + + function login($username, $password, $token) { return false; } - - + + function redirect() { $this->login2(); return $this->getRedirectUrl(); } - - + + function checkToken() { $this->checkAuthentication(); } - + /** * Open-Id Server, an den die Authentisierungsanfrage gestellt wird. * * @var String */ var $server; - - + + /** * Informationen zum Benutzer. * * @var Array */ var $info; - + /** * Open-Id Identity. * * @var String */ var $identity; - + /** * Fehlermeldung (falls vorhanden). * @@ -77,26 +83,26 @@ class OpenIdAuth implements Auth */ var $provider; - + var $supportAX; var $supportSREG; var $supportOpenId1_1; var $supportOpenId2_0; - - + + /** * Neue Open-Id Anfrage. * * @param String $user * @return OpenId */ - function OpenId( $provider='',$user='' ) + function OpenId($provider = '', $user = '') { $this->provider = $provider; - $this->user = $user; + $this->user = $user; } - + /** * Stellt fest, ob der Server vertrauenswuerdig ist. * @@ -106,29 +112,23 @@ class OpenIdAuth implements Auth { global $conf; $servers = $conf['security']['openid']['trusted_server']; - - if ( empty($servers) ) - { + + if (empty($servers)) { return true; - } - else - { - $serverList = explode(',',$servers); - + } else { + $serverList = explode(',', $servers); + $http = new Http($this->server); - if ( !in_array($http->url['host'],$serverList) ) - { - $this->error = 'Server '.$this->server.' is not trusted'; + if (!in_array($http->url['host'], $serverList)) { + $this->error = 'Server ' . $this->server . ' is not trusted'; return false; - } - else + } else return true; } - + } - - - + + /** * Authentisierung Schritt 1.<br> * Ermitteln der Identity. @@ -137,103 +137,96 @@ class OpenIdAuth implements Auth */ function login2() { - if ( $this->provider != 'identity' ) - { - $this->user = config('security','openid','provider.'.$this->provider.'.xrds_uri'); - $this->identity = 'http://specs.openid.net/auth/2.0/identifier_select'; + if ($this->provider != 'identity') { + $this->user = config('security', 'openid', 'provider.' . $this->provider . '.xrds_uri'); + $this->identity = 'http://specs.openid.net/auth/2.0/identifier_select'; } - $this->supportSREG = config('security','openid','provider.'.$this->provider.'.sreg_1_0'); - $this->supportAX = config('security','openid','provider.'.$this->provider.'.ax_1_0' ); - + $this->supportSREG = config('security', 'openid', 'provider.' . $this->provider . '.sreg_1_0'); + $this->supportAX = config('security', 'openid', 'provider.' . $this->provider . '.ax_1_0'); + // Schritt 1: Identity aus Yadis-Dokument laden. $this->getIdentityFromYadis(); // Schritt 2: Fallback auf HTML-Dokument. - if ( empty($this->server) ) - { + if (empty($this->server)) { $this->getIdentityFromHtmlMetaData(); } - + // Falls immer noch kein Servername gefunden wurde, dann Abbruch. - if ( empty($this->server) ) - { - if ( empty($this->error) ) + if (empty($this->server)) { + if (empty($this->error)) $this->error = 'Unable to locate OpenId-Server in URL'; return false; } - - if ( !$this->serverOk() ) + + if (!$this->serverOk()) return false; // Server nicht vertrauenswuerdig. - - if ( empty($this->identity) ) + + if (empty($this->identity)) // Falls die Identity bis hierher nicht deligiert wurde... // Lt. Spezifikation mit Prefix "http://". - $this->identity = 'http://'.$this->user; - + $this->identity = 'http://' . $this->user; + return true; } - - - + + /** * Erzeugt einen HTTP-Redirect auf den OpenId-Provider. */ public function getRedirectUrl() { global $conf; - - $this->handle = md5(microtime().session_id()); + + $this->handle = md5(microtime() . session_id()); $redirHttp = new Http($this->server); - - if ( $this->supportOpenId2_0 ) - $redirHttp->requestParameter['openid.ns' ] = 'http://specs.openid.net/auth/2.0'; - - $redirHttp->requestParameter['openid.mode' ] = 'checkid_setup'; - $redirHttp->requestParameter['openid.identity' ] = $this->identity; - - if ( $this->supportOpenId2_0 ) + + if ($this->supportOpenId2_0) + $redirHttp->requestParameter['openid.ns'] = 'http://specs.openid.net/auth/2.0'; + + $redirHttp->requestParameter['openid.mode'] = 'checkid_setup'; + $redirHttp->requestParameter['openid.identity'] = $this->identity; + + if ($this->supportOpenId2_0) $redirHttp->requestParameter['openid.claimed_id'] = $this->identity; - + // Profilangaben anfordern. E-Mail wird ben�tigt, Name und Sprache sind optional. - - if ( $this->supportAX ) - { + + if ($this->supportAX) { Logger::info("OpenId-Server is using OpenID Attribute Exchange 1.0"); - $redirHttp->requestParameter['openid.ns.ax' ] = 'http://openid.net/srv/ax/1.0'; - $redirHttp->requestParameter['openid.ax.mode' ] = 'fetch_request'; - $redirHttp->requestParameter['openid.ax.type.email' ] = 'http://axschema.org/contact/email'; - $redirHttp->requestParameter['openid.ax.type.username' ] = 'http://axschema.org/namePerson/friendly'; - $redirHttp->requestParameter['openid.ax.type.fullname' ] = 'http://axschema.org/namePerson'; - $redirHttp->requestParameter['openid.ax.type.language' ] = 'http://axschema.org/pref/language'; - $redirHttp->requestParameter['openid.ax.required' ] = 'username,email'; - $redirHttp->requestParameter['openid.ax.if_available' ] = 'language,fullname'; + $redirHttp->requestParameter['openid.ns.ax'] = 'http://openid.net/srv/ax/1.0'; + $redirHttp->requestParameter['openid.ax.mode'] = 'fetch_request'; + $redirHttp->requestParameter['openid.ax.type.email'] = 'http://axschema.org/contact/email'; + $redirHttp->requestParameter['openid.ax.type.username'] = 'http://axschema.org/namePerson/friendly'; + $redirHttp->requestParameter['openid.ax.type.fullname'] = 'http://axschema.org/namePerson'; + $redirHttp->requestParameter['openid.ax.type.language'] = 'http://axschema.org/pref/language'; + $redirHttp->requestParameter['openid.ax.required'] = 'username,email'; + $redirHttp->requestParameter['openid.ax.if_available'] = 'language,fullname'; } - - if ( $this->supportSREG ) - { + + if ($this->supportSREG) { Logger::info("OpenId-Server is using OpenID Simple Registration Extension 1.0"); - $redirHttp->requestParameter['openid.ns.sreg' ] = 'http://openid.net/sreg/1.0'; + $redirHttp->requestParameter['openid.ns.sreg'] = 'http://openid.net/sreg/1.0'; $redirHttp->requestParameter['openid.sreg.required'] = 'email,nickname'; $redirHttp->requestParameter['openid.sreg.optional'] = 'fullname,language'; } - + $trustRoot = @$conf['security']['openid']['trust_root']; $server = Http::getServer(); - if ( empty($trustRoot) ) + if (empty($trustRoot)) $trustRoot = $server; - - $redirHttp->requestParameter['openid.trust_root' ] = slashify($trustRoot); - $redirHttp->requestParameter['openid.return_to' ] = slashify($server).'openid.'.PHP_EXT; + + $redirHttp->requestParameter['openid.trust_root'] = slashify($trustRoot); + $redirHttp->requestParameter['openid.return_to'] = slashify($server) . 'openid.' . PHP_EXT; //$redirHttp->requestParameter['openid.realm' ] = slashify($server).'openid.'.PHP_EXT; - $redirHttp->requestParameter['openid.assoc_handle' ] = $this->handle; + $redirHttp->requestParameter['openid.assoc_handle'] = $this->handle; return $redirHttp->getUrl(); } - - - + + /** * Ermittelt OpenId-Server und OpenId-Identity aus Yadis-Dokument.<br> * @@ -245,59 +238,52 @@ class OpenIdAuth implements Auth // $http->url['host'] = $this->user; $http->header[] = 'Accept: application/xrds+xml'; - if ( ! $http->request() ) - { + if (!$http->request()) { $this->error = 'Unable to get XML delegate information'; return false; } - - Logger::debug("OpenId: Found YADIS-document for ".$http->getUrl()); + + Logger::debug("OpenId: Found YADIS-document for " . $http->getUrl()); //die(); $p = xml_parser_create(); $ok = xml_parse_into_struct($p, $http->body, $vals, $index); xml_parser_free($p); - foreach( $vals as $tag ) - { - if ( strtolower($tag['tag']) == 'type' ) - { - if ( $tag['value'] == 'http://openid.net/srv/ax/1.0' ) + foreach ($vals as $tag) { + if (strtolower($tag['tag']) == 'type') { + if ($tag['value'] == 'http://openid.net/srv/ax/1.0') $this->supportAX = true; - - if ( $tag['value'] == 'http://openid.net/sreg/1.0' ) + + if ($tag['value'] == 'http://openid.net/sreg/1.0') $this->supportSREG = true; - - if ( $tag['value'] == 'http://openid.net/signon/1.1' ) + + if ($tag['value'] == 'http://openid.net/signon/1.1') $this->supportOpenId1_1 = true; - - if ( $tag['value'] == 'http://specs.openid.net/auth/2.0/server' ) + + if ($tag['value'] == 'http://specs.openid.net/auth/2.0/server') $this->supportOpenId2_0 = true; } - - if ( strtolower($tag['tag']) == 'uri' ) - { + + if (strtolower($tag['tag']) == 'uri') { $this->server = $tag['value']; } - if ( strtolower($tag['tag']) == 'openid:delegate' ) - { + if (strtolower($tag['tag']) == 'openid:delegate') { $this->identity = $tag['value']; } } - - if ( !$this->supportOpenId1_1 && !$this->supportOpenId2_0 ) - { + + if (!$this->supportOpenId1_1 && !$this->supportOpenId2_0) { $this->error = 'Only OpenId 1.1 and 2.0 is supported but this identity-provider does not seem to support any of these.'; return false; } - if ( !$this->supportAX && !$this->supportSREG ) - { + if (!$this->supportAX && !$this->supportSREG) { $this->error = 'The identity-provider must support either Attribute-Exchange (AX) oder Simple-Registration (SREG), but it does not seem to support any of these.'; return false; } } - + /** * Ermittelt OpenId-Server und OpenId-Identity aus HTML Meta-Tags.<br> */ @@ -308,37 +294,34 @@ class OpenIdAuth implements Auth // $http->url['host'] = $this->user; $http->header[] = 'Accept: text/html'; - if ( ! $http->request() ) - { + if (!$http->request()) { $this->error = 'Unable to get HTML delegate information'; return false; } - + $seite = $http->body; - + // Die Meta-Tags mit regulaerem Ausdruck auslesen. $treffer = array(); - preg_match('/rel="openid.server"\s+href="(\S+)"/',$seite,$treffer); - if ( count($treffer) >= 1 ) - { + preg_match('/rel="openid.server"\s+href="(\S+)"/', $seite, $treffer); + if (count($treffer) >= 1) { $this->server = $treffer[1]; $this->supportOpenId1_1 = true; } $treffer = array(); - preg_match('/rel="openid2.provider"\s+href="(\S+)"/',$seite,$treffer); - if ( count($treffer) >= 1 ) - { + preg_match('/rel="openid2.provider"\s+href="(\S+)"/', $seite, $treffer); + if (count($treffer) >= 1) { $this->supportOpenId2_0 = true; $this->server = $treffer[1]; } $treffer = array(); - preg_match('/rel="openid.delegate"\s+href="(\S+)"/',$seite,$treffer); - if ( count($treffer) >= 1 ) + preg_match('/rel="openid.delegate"\s+href="(\S+)"/', $seite, $treffer); + if (count($treffer) >= 1) $this->identity = $treffer[1]; } - + /** * Ermittelt den Hostnamen aus der Identity. @@ -347,19 +330,16 @@ class OpenIdAuth implements Auth */ public function getUserFromIdentiy() { - if ( $this->provider == 'identity' ) - { + if ($this->provider == 'identity') { $http = new Http($this->identity); return $http->url['host']; - } - else - { - $attribute_name = config('security','openid','provider.'.$this->provider.'.map_attribute'); + } else { + $attribute_name = config('security', 'openid', 'provider.' . $this->provider . '.map_attribute'); return $this->info[$attribute_name]; } } - - + + /** * Open-Id Login, �berpr�fen der Anmeldung.<br> * Spezifikation: http://openid.net/specs/openid-authentication-1_1.html<br> @@ -373,98 +353,87 @@ class OpenIdAuth implements Auth */ public function checkAuthentication() { - $queryVars = $this->getQueryParamList(); - - if ( $queryVars['openid.invalidate_handle'] != $this->handle ) - { + $queryVars = $this->getQueryParamList(); + + if ($queryVars['openid.invalidate_handle'] != $this->handle) { throw new \util\exception\SecurityException('Association-Handle mismatch.'); } - if ( $queryVars['openid.mode'] != 'id_res' ) - { - throw new \util\exception\SecurityException('Open-Id: Unknown mode:'.$queryVars['openid.mode']); + if ($queryVars['openid.mode'] != 'id_res') { + throw new \util\exception\SecurityException('Open-Id: Unknown mode:' . $queryVars['openid.mode']); } - - if ( $this->provider=='identity' && $queryVars['openid.identity'] != $this->identity ) - { - throw new \util\exception\SecurityException('Open-Id: Identity mismatch. Wrong identity:'.$queryVars['openid.identity']); + + if ($this->provider == 'identity' && $queryVars['openid.identity'] != $this->identity) { + throw new \util\exception\SecurityException('Open-Id: Identity mismatch. Wrong identity:' . $queryVars['openid.identity']); } - + $params = array(); - - if ( $this->supportAX ) + + if ($this->supportAX) // Den Namespace-Prefix für AX (attribute exchange) herausfinden. // Leider kann das ein anderer Prefix sein, als wir im Request verwendet haben. - foreach( $queryVars as $request_key=>$request_value ) - if ( substr($request_key,0,10)=='openid.ns.' && $request_value == 'http://openid.net/srv/ax/1.0' ) - $axPrefix = substr($request_key,10); - - foreach( $queryVars as $request_key=>$request_value ) - { + foreach ($queryVars as $request_key => $request_value) + if (substr($request_key, 0, 10) == 'openid.ns.' && $request_value == 'http://openid.net/srv/ax/1.0') + $axPrefix = substr($request_key, 10); + + foreach ($queryVars as $request_key => $request_value) { // Benutzer-Attribute ermitteln. // Benutzer-Attribute über SREG ermitteln. - if ( $this->supportSREG && substr($request_key,0,12)=='openid.sreg.' ) - $this->info[ substr($request_key,12) ] = $request_value; + if ($this->supportSREG && substr($request_key, 0, 12) == 'openid.sreg.') + $this->info[substr($request_key, 12)] = $request_value; // Benutzer-Attribute über AX ermitteln. - elseif ( $this->supportAX && substr($request_key,0,14+strlen($axPrefix))=='openid.'.$axPrefix.'.value.' ) - $this->info[ substr($request_key,14+strlen($axPrefix)) ] = $request_value; + elseif ($this->supportAX && substr($request_key, 0, 14 + strlen($axPrefix)) == 'openid.' . $axPrefix . '.value.') + $this->info[substr($request_key, 14 + strlen($axPrefix))] = $request_value; // Alle OpenId-Parameter in den Check-Authentication-Request übertragen. - if ( substr($request_key,0,7)=='openid.' ) - $params['openid.'.substr($request_key,7) ] = $request_value; + if (substr($request_key, 0, 7) == 'openid.') + $params['openid.' . substr($request_key, 7)] = $request_value; } $params['openid.mode'] = 'check_authentication'; - + $checkRequest = new Http($this->server); - + $checkRequest->method = 'POST'; // Spezifikation verlangt POST. $checkRequest->header['Accept'] = 'text/plain'; $checkRequest->requestParameter = $params; - - if ( ! $checkRequest->request() ) - { + + if (!$checkRequest->request()) { // Der HTTP-Request ging in die Hose. $this->error = $checkRequest->error; return false; } //Html::debug($checkRequest); - + // Analyse der HTTP-Antwort, Parsen des BODYs. // Die Anmeldung ist best�tigt, wenn im BODY die Zeile "is_valid:true" vorhanden ist. // Siehe Spezifikation Kapitel 4.4.2 $result = array(); - foreach( explode("\n",$checkRequest->body) as $line ) - { - $pair = explode(':',trim($line)); - if (count($pair)==2) + foreach (explode("\n", $checkRequest->body) as $line) { + $pair = explode(':', trim($line)); + if (count($pair) == 2) $result[strtolower($pair[0])] = strtolower($pair[1]); } - - if ( !array_key_exists('is_valid',$result) ) - { + + if (!array_key_exists('is_valid', $result)) { // Zeile nicht gefunden. throw new \util\exception\SecurityException('Undefined Open-Id response: "is_valid" expected, but not found'); - } - elseif ( $result['is_valid'] == 'true' ) - { + } elseif ($result['is_valid'] == 'true') { // Anmeldung wurde mit "is_valid:true" best�tigt. return true; - } - else - { + } else { // Bestaetigung wurde durch den OpenId-Provider abgelehnt. throw new \util\exception\SecurityException('Server refused login.'); } } - - + + /** * Liefert die Query-Parameter aus der aktuellen URL.<br> * <br> * PHP hat leider die sehr bescheuerte Angewohnheit, Punkte und Leerzeichen in Request-Variablen * durch Unterstriche zu ersetzen. Diese Funktion liefert die GET-Parameter ohne diese Ersetzung. - * + * * @return Parameter der aktuellen URL */ private function getQueryParamList() @@ -473,16 +442,15 @@ class OpenIdAuth implements Auth $str = $_SERVER['QUERY_STRING']; $op = array(); $pairs = explode("&", $str); - foreach ($pairs as $pair) - { + foreach ($pairs as $pair) { list($k, $v) = array_map("urldecode", explode("=", $pair)); $op[$k] = $v; } - + return $op; } - + } ?> \ No newline at end of file diff --git a/modules/cms/auth/RememberAuth.class.php b/modules/cms/auth/RememberAuth.class.php @@ -1,79 +1,78 @@ <?php +namespace cms\auth; + +use cms\auth\Auth; use database\Database; use cms\model\User; use logger\Logger; +use ObjectNotFoundException; /** * Authentifizierung mit einem Login-Token. - * + * * @author dankert */ class RememberAuth implements Auth { - /** - * @return null - */ - public function username() + /** + * @return null + */ + public function username() { // Ermittelt den Benutzernamen aus den Login-Cookies. - if ( isset($_COOKIE['or_token' ]) && - isset($_COOKIE['or_dbid' ]) ) - { - try - { - list( $selector,$token) = array_pad( explode('.',$_COOKIE['or_token']),2,''); + if (isset($_COOKIE['or_token']) && + isset($_COOKIE['or_dbid'])) { + try { + list($selector, $token) = array_pad(explode('.', $_COOKIE['or_token']), 2, ''); $dbid = $_COOKIE['or_dbid']; - - $dbConfig = config()->subset('database'); - if ( ! $dbConfig->has( $dbid ) ) { + $dbConfig = config()->subset('database'); + + if (!$dbConfig->has($dbid)) { - Logger::info( 'unknown DB-Id for token-login: '.$dbid ); - return null; - } + Logger::info('unknown DB-Id for token-login: ' . $dbid); + return null; + } - $dbConfig = $dbConfig->subset($dbid ); + $dbConfig = $dbConfig->subset($dbid); - $key = 'read'; // Only reading in database. + $key = 'read'; // Only reading in database. - $db = new Database( $dbConfig->subset($key)->getConfig() + $dbConfig->getConfig() ); - $db->id = $dbid; + $db = new Database($dbConfig->subset($key)->getConfig() + $dbConfig->getConfig()); + $db->id = $dbid; $db->start(); - $stmt = $db->sql( <<<SQL + $stmt = $db->sql(<<<SQL SELECT userid,{{user}}.name as username,token,token_algo FROM {{auth}} LEFT JOIN {{user}} ON {{auth}}.userid = {{user}}.id WHERE selector = {selector} AND expires > {now} SQL - ); - $stmt->setString('selector',$selector); - $stmt->setInt ('now' ,time() ); + ); + $stmt->setString('selector', $selector); + $stmt->setInt('now', time()); $auth = $stmt->getRow(); - if ( $auth ) - { - if ( \security\Password::check($token, $auth['token'],$auth['token_algo']) ) - return $auth['username']; - } + if ($auth) { + if (\security\Password::check($token, $auth['token'], $auth['token_algo'])) + return $auth['username']; + } - } - catch( ObjectNotFoundException $e ) - { + } catch (ObjectNotFoundException $e) { // Benutzer nicht gefunden. } } - + return null; } - - + + /** * Ueberpruefen des Kennwortes ist über den Cookie nicht möglich. */ - public function login( $user, $password, $token ) + public function login($user, $password, $token) { return false; } diff --git a/modules/cms/auth/SSLAuth.class.php b/modules/cms/auth/SSLAuth.class.php @@ -1,24 +1,28 @@ <?php +namespace cms\auth; + +use cms\auth\Auth; + /** * Authentifizierung ueber ein SSL-Zertifikat. - * + * * @author dankert */ class SSLAuth implements Auth { public function username() { - $conf = config('security','ssl'); - if ( isset($_SERVER[config('security','ssl','client_cert_dn_env')])) - return $_SERVER[config('security','ssl','client_cert_dn_env')]; + $conf = config('security', 'ssl'); + if (isset($_SERVER[config('security', 'ssl', 'client_cert_dn_env')])) + return $_SERVER[config('security', 'ssl', 'client_cert_dn_env')]; } - - + + /** * Ueberpruefen des Kennwortes ist nicht möglich. */ - public function login( $user, $password, $token ) + public function login($user, $password, $token) { return false; } diff --git a/modules/cms/auth/SingleSignonAuth.class.php b/modules/cms/auth/SingleSignonAuth.class.php @@ -1,8 +1,12 @@ <?php +namespace cms\auth; + +use cms\auth\Auth; + /** * Single-Signon-Authentifizierung. - * + * * @author dankert */ class SingleSignonAuth implements Auth @@ -10,12 +14,12 @@ class SingleSignonAuth implements Auth public function username() { } - - + + /** * Ueberpruefen des Kennwortes ist über Ident nicht möglich. */ - public function login( $user, $password, $token ) + public function login($user, $password, $token) { return false; } diff --git a/modules/cms/base/init.php b/modules/cms/base/init.php @@ -29,12 +29,12 @@ define('PHP_EXT' ,'php' ); define('IMG_EXT' ,'.gif' ); define('IMG_ICON_EXT' ,'.png' ); -require(__DIR__.'/version.php'); +require(__DIR__ . '/version.php'); define('OR_TITLE' ,'OpenRat CMS'); -define( 'CMS_ROOT_DIR',__DIR__.'/../../'); +define( 'CMS_ROOT_DIR', __DIR__ . '/../cms09/'); -define('OR_MODULES_DIR' ,CMS_ROOT_DIR.'modules/'); +define('OR_MODULES_DIR' , __DIR__ . '/modules/'); define('OR_DYNAMICCLASSES_DIR',OR_MODULES_DIR.'cms-macros/macro/' ); define('OR_SERVICECLASSES_DIR',OR_MODULES_DIR.'util/' ); define('OR_AUTHCLASSES_DIR' ,OR_MODULES_DIR.'cms-core/auth/' ); diff --git a/modules/cms/base/require.php b/modules/cms/base/require.php @@ -1,29 +1,10 @@ <?php -// Require other modules -require_once(__DIR__ . '/../macros/require.php'); -require_once(__DIR__ . '/../publish/require.php'); -require_once(__DIR__ . '/../database/require.php'); -require_once(__DIR__ . '/../util/require.php'); -require_once(__DIR__ . '/../configuration/require.php'); -require_once(__DIR__ . '/../security/require.php'); -require_once(__DIR__ . '/../wikiparser/require.php'); -require_once(__DIR__ . '/../logger/require.php'); -require_once(__DIR__ . '/../language/require.php'); - -// Internal baseclasses -require_once(__DIR__ . '/action/Action.class.php'); -require_once(__DIR__ . '/action/BaseAction.class.php'); -require_once(__DIR__ . '/action/ObjectAction.class.php'); -require_once(__DIR__ . '/action/FileAction.class.php'); -require_once(__DIR__ . '/action/RequestParams.class.php'); - -// Internal packages -require_once(__DIR__ . "/model/require.php"); -require_once(__DIR__ . "/auth/require.php"); - -// Session functions -require_once(__DIR__ . "/../util/Session.class.php"); +require_once(__DIR__ . '/../../util/require.php'); +require_once(__DIR__ . '/../../configuration/require.php'); +require_once(__DIR__ . '/../../wikiparser/require.php'); +require_once(__DIR__ . '/../../logger/require.php'); +require_once(__DIR__ . '/../../language/require.php'); // Helper functions... require_once(__DIR__ . "/functions/common.inc.php"); @@ -33,7 +14,3 @@ require_once(__DIR__ . "/functions/request.inc.php"); require_once(__DIR__ . '/init.php'); -require_once(__DIR__ . "/Dispatcher.class.php"); -require_once(__DIR__ . "/ModelFactory.class.php"); - -?>- \ No newline at end of file diff --git a/modules/cms/macros/MacroRunner.class.php b/modules/cms/macros/MacroRunner.class.php @@ -1,6 +1,8 @@ <?php +namespace cms\macros; + use cms\model\Element; use cms\model\Template; use cms\model\Value; @@ -17,36 +19,29 @@ class MacroRunner { $this->page = $page; - $className = $name; + $className = 'cms\macros\macro\\'.$name; $output = ''; - $fileName = OR_DYNAMICCLASSES_DIR . $name . '.class.php'; - if (!is_file($fileName)) - throw new OpenRatException('ERROR_IN_ELEMENT','file not found:'.$fileName); - - require_once( $fileName ); - if (!class_exists($className)) throw new OpenRatException('ERROR_IN_ELEMENT', 'class not found:' . $className); - /** @var \util\Macro $macro */ $macro = new $className; if (!method_exists($macro, 'execute')) - throw new OpenRatException('ERROR_IN_ELEMENT',' (missing method: execute())'); + throw new OpenRatException('ERROR_IN_ELEMENT', ' (missing method: execute())'); $macro->setContextPage($page); $resolver = new VariableResolver(); - $parameters = $resolver->resolveVariablesInArrayWith( $parameter, [ + $parameters = $resolver->resolveVariablesInArrayWith($parameter, [ - 'setting'=> function ($var) { + 'setting' => function ($var) { return ArrayUtils::getSubValue($this->page->getSettings(), explode('.', $var)); }, - 'element'=>function ($var) { + 'element' => function ($var) { $template = new Template($this->page->templateid); $elements = $template->getElementNames(); $elementid = array_search($var, $elements); @@ -62,18 +57,18 @@ class MacroRunner return $value->getRawValue(); } - ] ); + ]); foreach ($parameters as $param_name => $param_value) { - if (! property_exists($macro, $param_name)) { + if (!property_exists($macro, $param_name)) { if (!$this->page->publisher->isPublic()) $output .= "*WARNING*: Unknown parameter $param_name in macro $className\n"; continue; } - Logger::trace("Setting parameter for Macro-class $className, " . $param_name . ':' . print_r($param_value,true)); + Logger::trace("Setting parameter for Macro-class $className, " . $param_name . ':' . print_r($param_value, true)); // Die Parameter der Makro-Klasse typisiert setzen. if (is_int($macro->$param_name)) diff --git a/modules/cms/macros/macro/Album.class.php b/modules/cms/macros/macro/Album.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de // diff --git a/modules/cms/macros/macro/Atom.class.php b/modules/cms/macros/macro/Atom.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // --------------------------------------------------------------------------- // $Id$ // --------------------------------------------------------------------------- diff --git a/modules/cms/macros/macro/BlockMenu.class.php b/modules/cms/macros/macro/BlockMenu.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // --------------------------------------------------------------------------- // $Id$ // --------------------------------------------------------------------------- diff --git a/modules/cms/macros/macro/BreadCrumb.class.php b/modules/cms/macros/macro/BreadCrumb.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // --------------------------------------------------------------------------- // $Id$ // --------------------------------------------------------------------------- diff --git a/modules/cms/macros/macro/CSVTable.class.php b/modules/cms/macros/macro/CSVTable.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de // diff --git a/modules/cms/macros/macro/ClassicMenu.class.php b/modules/cms/macros/macro/ClassicMenu.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de // diff --git a/modules/cms/macros/macro/CommonMenu.class.php b/modules/cms/macros/macro/CommonMenu.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // --------------------------------------------------------------------------- // $Id$ // --------------------------------------------------------------------------- diff --git a/modules/cms/macros/macro/DoiMenu.class.php b/modules/cms/macros/macro/DoiMenu.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // --------------------------------------------------------------------------- // $Id$ // --------------------------------------------------------------------------- diff --git a/modules/cms/macros/macro/GoogleMaps.class.php b/modules/cms/macros/macro/GoogleMaps.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // --------------------------------------------------------------------------- // $Id$ // --------------------------------------------------------------------------- diff --git a/modules/cms/macros/macro/LanguageLinksForPage.class.php b/modules/cms/macros/macro/LanguageLinksForPage.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // --------------------------------------------------------------------------- // $Id$ // --------------------------------------------------------------------------- diff --git a/modules/cms/macros/macro/LastChanges.class.php b/modules/cms/macros/macro/LastChanges.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de // diff --git a/modules/cms/macros/macro/LastPage.class.php b/modules/cms/macros/macro/LastPage.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // --------------------------------------------------------------------------- // $Id$ // --------------------------------------------------------------------------- diff --git a/modules/cms/macros/macro/Link.class.php b/modules/cms/macros/macro/Link.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // --------------------------------------------------------------------------- // $Id$ // --------------------------------------------------------------------------- diff --git a/modules/cms/macros/macro/LinkList.class.php b/modules/cms/macros/macro/LinkList.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // --------------------------------------------------------------------------- // $Id$ // --------------------------------------------------------------------------- diff --git a/modules/cms/macros/macro/ListMenu.class.php b/modules/cms/macros/macro/ListMenu.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // --------------------------------------------------------------------------- // $Id$ // --------------------------------------------------------------------------- diff --git a/modules/cms/macros/macro/MainMenu.class.php b/modules/cms/macros/macro/MainMenu.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // --------------------------------------------------------------------------- // $Id$ // --------------------------------------------------------------------------- diff --git a/modules/cms/macros/macro/NextPage.class.php b/modules/cms/macros/macro/NextPage.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // --------------------------------------------------------------------------- // $Id$ // --------------------------------------------------------------------------- diff --git a/modules/cms/macros/macro/OpenStreetMap.class.php b/modules/cms/macros/macro/OpenStreetMap.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // --------------------------------------------------------------------------- // $Id$ // --------------------------------------------------------------------------- diff --git a/modules/cms/macros/macro/PagesNavigation.class.php b/modules/cms/macros/macro/PagesNavigation.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // --------------------------------------------------------------------------- // $Id$ // --------------------------------------------------------------------------- diff --git a/modules/cms/macros/macro/RSSCreate.class.php b/modules/cms/macros/macro/RSSCreate.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // --------------------------------------------------------------------------- // $Id$ // --------------------------------------------------------------------------- diff --git a/modules/cms/macros/macro/RSSReader.class.php b/modules/cms/macros/macro/RSSReader.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // --------------------------------------------------------------------------- // $Id$ // --------------------------------------------------------------------------- diff --git a/modules/cms/macros/macro/SearchIndex.class.php b/modules/cms/macros/macro/SearchIndex.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; use cms\model\Folder; use cms\model\Name; diff --git a/modules/cms/macros/macro/Sitemap.class.php b/modules/cms/macros/macro/Sitemap.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // --------------------------------------------------------------------------- // $Id$ // --------------------------------------------------------------------------- diff --git a/modules/cms/macros/macro/TableFromFile.class.php b/modules/cms/macros/macro/TableFromFile.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de // diff --git a/modules/cms/macros/macro/TagCloud.class.php b/modules/cms/macros/macro/TagCloud.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de // diff --git a/modules/cms/macros/macro/TagList.class.php b/modules/cms/macros/macro/TagList.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de // diff --git a/modules/cms/macros/macro/TeaserList.class.php b/modules/cms/macros/macro/TeaserList.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de // diff --git a/modules/cms/macros/macro/Youtube.class.php b/modules/cms/macros/macro/Youtube.class.php @@ -1,4 +1,5 @@ <?php +namespace cms\macros\macro; // --------------------------------------------------------------------------- // $Id$ // --------------------------------------------------------------------------- diff --git a/modules/cms/macros/require.php b/modules/cms/macros/require.php @@ -1,3 +1 @@ <?php - -require_once(__DIR__ . '/MacroRunner.class.php'); diff --git a/modules/cms/model/Value.class.php b/modules/cms/model/Value.class.php @@ -2,7 +2,7 @@ namespace cms\model; use util\ArrayUtils; use cms\publish\Publish; -use MacroRunner; +use cms\macros\MacroRunner; use \ObjectNotFoundException; use logger\Logger; use util\Text; diff --git a/modules/cms/publish/FilePublisher.class.php b/modules/cms/publish/FilePublisher.class.php @@ -5,7 +5,7 @@ * Date: 10.08.18 * Time: 23:33 */ - +// UNUSED? class FilePublisher { public function publish() diff --git a/modules/cms/publish/FolderPublisher.class.php b/modules/cms/publish/FolderPublisher.class.php @@ -8,7 +8,7 @@ use util\Text; * Date: 10.08.18 * Time: 23:35 */ - +// UNUSED??? class FolderPublisher { function publish( $withPages,$withFiles,$subdirs = false ) diff --git a/modules/cms/publish/Ftp.class.php b/modules/cms/publish/Ftp.class.php @@ -15,6 +15,8 @@ // You should have received a copy of the GNU General Public License // along with this program; if not, write to the Free Software // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +namespace cms\publish; + use logger\Logger; use util\exception\OpenRatException; @@ -35,92 +37,86 @@ class Ftp var $log = array(); var $passive = false; - - var $ok = true; - private $path; + var $ok = true; + + private $path; - // Konstruktor - public function __construct( $url ) + // Konstruktor + public function __construct($url) { - $this->connect( $url ); + $this->connect($url); } - + // Aufbauen der Verbindung - private function connect( $url ) + private function connect($url) { $this->url = $url; - + global $conf; - + $conf_ftp = $conf['publish']['ftp']; - $ftp = parse_url( $this->url ); - + $ftp = parse_url($this->url); + // Die projektspezifischen Werte gewinnen bei �berschneidungen mit den Default-Werten - $ftp = array_merge($conf_ftp,$ftp); - + $ftp = array_merge($conf_ftp, $ftp); + // Nur FTP und FTPS (seit PHP 4.3) erlaubt - if ( !in_array(@$ftp['scheme'],array('ftp','ftps')) ) - { - throw new OpenRatException( 'ERROR_PUBLISH','Unknown scheme in FTP Url: '.@$ftp['scheme']. - '. Only FTP (and FTPS, if compiled in) are supported'); + if (!in_array(@$ftp['scheme'], array('ftp', 'ftps'))) { + throw new OpenRatException('ERROR_PUBLISH', 'Unknown scheme in FTP Url: ' . @$ftp['scheme'] . + '. Only FTP (and FTPS, if compiled in) are supported'); } - - if ( function_exists('ftp_ssl_connect') && $ftp['scheme'] == 'ftps' ) - $this->verb = @ftp_ssl_connect( $ftp['host'],$ftp['port'] ); + + if (function_exists('ftp_ssl_connect') && $ftp['scheme'] == 'ftps') + $this->verb = @ftp_ssl_connect($ftp['host'], $ftp['port']); else - $this->verb = @ftp_connect( $ftp['host'],$ftp['port'] ); + $this->verb = @ftp_connect($ftp['host'], $ftp['port']); - if ( !$this->verb ) - { - Logger::error('Cannot connect to '.$ftp['host'].':'.$ftp['port']); - throw new OpenRatException('ERROR_PUBLISH','Cannot connect to '.$ftp['scheme'].'-server: '.$ftp['host'].':'.$ftp['port']); + if (!$this->verb) { + Logger::error('Cannot connect to ' . $ftp['host'] . ':' . $ftp['port']); + throw new OpenRatException('ERROR_PUBLISH', 'Cannot connect to ' . $ftp['scheme'] . '-server: ' . $ftp['host'] . ':' . $ftp['port']); } - $this->log[] = 'Connected to FTP server '.$ftp['host'].':'.$ftp['port']; - - if ( empty($ftp['user']) ) - { + $this->log[] = 'Connected to FTP server ' . $ftp['host'] . ':' . $ftp['port']; + + if (empty($ftp['user'])) { $ftp['user'] = 'anonymous'; $ftp['pass'] = 'openrat@openrat.de'; } - - if ( ! ftp_login( $this->verb,$ftp['user'],$ftp['pass'] ) ) - throw new OpenRatException('ERROR_PUBLISH','Unable to login as user '.$ftp['user']); - $this->log[] = 'Logged in as user '.$ftp['user']; + if (!ftp_login($this->verb, $ftp['user'], $ftp['pass'])) + throw new OpenRatException('ERROR_PUBLISH', 'Unable to login as user ' . $ftp['user']); - $pasv = (!empty($ftp['fragment']) && $ftp['fragment'] == 'passive' ); - - $this->log[] = 'entering passive mode '.($pasv?'on':'off'); - if ( ! ftp_pasv($this->verb,true) ) - throw new OpenRatException('ERROR_PUBLISH','Cannot switch to FTP PASV mode'); + $this->log[] = 'Logged in as user ' . $ftp['user']; - if ( !empty($ftp['query']) ) - { - parse_str( $ftp['query'],$ftp_var ); - - if ( isset( $ftp_var['site'] ) ) - { - $site_commands = explode( ',',$ftp_var['site'] ); - foreach( $site_commands as $cmd ) - { - if ( ! @ftp_site( $this->verb,$cmd ) ) - throw new OpenRatException('ERROR_PUBLISH','unable to do SITE command: '.$cmd); + $pasv = (!empty($ftp['fragment']) && $ftp['fragment'] == 'passive'); + + $this->log[] = 'entering passive mode ' . ($pasv ? 'on' : 'off'); + if (!ftp_pasv($this->verb, true)) + throw new OpenRatException('ERROR_PUBLISH', 'Cannot switch to FTP PASV mode'); + + if (!empty($ftp['query'])) { + parse_str($ftp['query'], $ftp_var); + + if (isset($ftp_var['site'])) { + $site_commands = explode(',', $ftp_var['site']); + foreach ($site_commands as $cmd) { + if (!@ftp_site($this->verb, $cmd)) + throw new OpenRatException('ERROR_PUBLISH', 'unable to do SITE command: ' . $cmd); } } } - $this->path = rtrim( $ftp['path'],'/' ); - - $this->log[] = 'Changing directory to '.$this->path; - - if ( ! @ftp_chdir( $this->verb,$this->path ) ) - throw new OpenRatException('ERROR_PUBLISH','unable CHDIR to directory: '.$this->path); + $this->path = rtrim($ftp['path'], '/'); + + $this->log[] = 'Changing directory to ' . $this->path; + + if (!@ftp_chdir($this->verb, $this->path)) + throw new OpenRatException('ERROR_PUBLISH', 'unable CHDIR to directory: ' . $this->path); } - + /** * Kopieren einer Datei vom lokalen System auf den FTP-Server. @@ -129,75 +125,71 @@ class Ftp * @param String Ziel * @param int FTP-Mode (BINARY oder ASCII) */ - public function put( $source,$dest ) + public function put($source, $dest) { - $dest = $this->path.'/'.$dest; - + $dest = $this->path . '/' . $dest; + $this->log .= "Copying file: $source -> $dest ...\n"; - + $mode = FTP_BINARY; - $p = strrpos( basename($dest),'.' ); // Letzten Punkt suchen + $p = strrpos(basename($dest), '.'); // Letzten Punkt suchen - if ($p!==false) // Wennn letzten Punkt gefunden, dann dort aufteilen + if ($p !== false) // Wennn letzten Punkt gefunden, dann dort aufteilen { - $extension = substr( basename($dest),$p+1 ); - $type = config('mime-types',$extension); - if ( substr($type,0,5) == 'text/') + $extension = substr(basename($dest), $p + 1); + $type = config('mime-types', $extension); + if (substr($type, 0, 5) == 'text/') $mode = FTP_ASCII; } - - Logger::debug("FTP PUT target:$dest mode:".(($mode==FTP_ASCII)?'ascii':'binary')); - if ( !@ftp_put( $this->verb,$dest,$source,$mode ) ) - { - if ( !$this->mkdirs( dirname($dest) ) ) + Logger::debug("FTP PUT target:$dest mode:" . (($mode == FTP_ASCII) ? 'ascii' : 'binary')); + + if (!@ftp_put($this->verb, $dest, $source, $mode)) { + if (!$this->mkdirs(dirname($dest))) return; // Fehler. - ftp_chdir( $this->verb,$this->path ); + ftp_chdir($this->verb, $this->path); - if ( ! @ftp_put( $this->verb,$dest,$source,$mode ) ) - throw new OpenRatException('ERROR_PUBLISH', - "FTP PUT failed.\n". - "source : $source\n". - "destination: $dest"); + if (!@ftp_put($this->verb, $dest, $source, $mode)) + throw new OpenRatException('ERROR_PUBLISH', + "FTP PUT failed.\n" . + "source : $source\n" . + "destination: $dest"); } } - /** * Private Methode zum rekursiven Anlegen von Verzeichnissen. * * @param String Pfad * @return boolean true, wenn ok */ - private function mkdirs( $strPath ) + private function mkdirs($strPath) { - if ( @ftp_chdir($this->verb,$strPath) ) + if (@ftp_chdir($this->verb, $strPath)) return true; // Verzeichnis existiert schon :) - + $pStrPath = dirname($strPath); - - if ( !$this->mkdirs($pStrPath) ) + + if (!$this->mkdirs($pStrPath)) return false; - - if ( ! @ftp_mkdir($this->verb,$strPath) ) - throw new OpenRatException('ERROR_PUBLISH',"failed to create remote directory: $strPath"); + + if (!@ftp_mkdir($this->verb, $strPath)) + throw new OpenRatException('ERROR_PUBLISH', "failed to create remote directory: $strPath"); return true; } - - - + + /** * Schliessen der FTP-Verbindung.<br> * Sollte unbedingt aufgerufen werden, damit keine unn�tigen Sockets aufbleiben. */ public function close() { - if ( ! @ftp_quit( $this->verb ) ) - { + if (!@ftp_quit($this->verb)) { // Closing not possible. // Only logging. Maybe we could throw an Exception here? Logger::warn('Failed to close FTP connection. Continueing...'); diff --git a/modules/cms/publish/PublishPublic.class.php b/modules/cms/publish/PublishPublic.class.php @@ -10,7 +10,7 @@ use cms\model\Page; use cms\model\Project; use cms\model\Url; use util\FileUtils; -use Ftp; +use cms\publish\Ftp; use logger\Logger; use util\exception\OpenRatException; use util\Session; @@ -99,7 +99,7 @@ class PublishPublic extends Publish if ( $ftpUrl && $ftpUrl[0]!='#' ) { - $this->ftp = new \Ftp($project->ftp_url); // Aufbauen einer FTP-Verbindung + $this->ftp = new \cms\publish\Ftp($project->ftp_url); // Aufbauen einer FTP-Verbindung $this->ftp->passive = ( $project->ftp_passive == '1' ); } diff --git a/modules/cms/ui/UI.class.php b/modules/cms/ui/UI.class.php @@ -1,6 +1,6 @@ <?php -namespace cms_ui; +namespace cms\ui; use BadMethodCallException; use cms\action\RequestParams; @@ -94,7 +94,7 @@ class UI */ private static function outputTemplate($request, $templateName, $outputData) { - $templateFile = __DIR__.'/themes/default/html/views/' . $templateName . '.tpl.src.xml'; + $templateFile = __DIR__ . '/themes/default/html/views/' . $templateName . '.tpl.src.xml'; if ( DEVELOPMENT ) header('X-OR-Template: '.$templateFile); diff --git a/modules/cms/ui/action/IndexAction.class.php b/modules/cms/ui/action/IndexAction.class.php @@ -2,7 +2,7 @@ namespace cms\action; -use \Auth; +use cms\auth\Auth; use cms\model\BaseObject; use cms\model\Project; use cms\model\User; @@ -819,7 +819,7 @@ class IndexAction extends Action foreach( $modules as $module) { Logger::debug( 'Auto-Login module: '.$module ); - $moduleClass = $module.'Auth'; + $moduleClass = 'cms\auth\\'.$module.'Auth'; $auth = new $moduleClass; /* @type $auth Auth */ try { diff --git a/modules/cms/ui/require.php b/modules/cms/ui/require.php @@ -1,9 +1,4 @@ <?php -require_once(__DIR__ . "/../base/require.php"); -require_once(__DIR__ . "/../template_engine/require.php"); - -require_once(__DIR__ . "/UI.class.php"); - require_once(__DIR__ . "/action/IndexAction.class.php"); require_once(__DIR__ . "/action/TitleAction.class.php"); diff --git a/modules/template_engine/TemplateCompiler.php b/modules/template_engine/TemplateCompiler.php @@ -15,7 +15,7 @@ use template_engine\engine\TemplateEngine; use util\FileUtils; -$dir = __DIR__.'/../../modules/cms-ui/themes/default/html/views'; +$dir = __DIR__ . '/../../modules/cms-ui/themes/default/html/views'; require('../../modules/util/require.php'); require('../../modules/template_engine/require.php'); diff --git a/modules/template_engine/require.php b/modules/template_engine/require.php @@ -1,3 +1,2 @@ <?php -include( dirname(__FILE__) . '/TemplateEngineInfo.class.php'); diff --git a/modules/util/YAML.class.php b/modules/util/YAML.class.php @@ -4,6 +4,8 @@ namespace util; use Spyc; +require_once (__DIR__.'/Spyc.class.php'); + /** * YAML Wrapper for the Spyc implementation of a YAML-Parser. */ diff --git a/modules/wikiparser/renderer/HtmlRenderer.class.php b/modules/wikiparser/renderer/HtmlRenderer.class.php @@ -12,7 +12,7 @@ use Exception; use Geshi; use wikiparser\model\LineBreakElement; use wikiparser\model\LinkElement; -use MacroRunner; +use cms\macros\MacroRunner; use wikiparser\model\RawElement; use util\Text; use wikiparser\model\TextElement;