openrat-cms

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs

commit cf11fe62e3d2b91fa9404854c178ec732b34b5e4
parent f6b29badc5081a19b358859ad9289b9975b6b68e
Author: Jan Dankert <devnull@localhost>
Date:   Tue,  5 Dec 2017 23:12:06 +0100

Action-Klassen auf Namespace umgestellt.

Diffstat:
action/Action.class.php | 1483++++++++++++++++++++++++++++++++++++++++---------------------------------------
action/ConfigurationAction.class.php | 6+++++-
action/ElementAction.class.php | 6+++++-
action/FileAction.class.php | 21+++++++++++++--------
action/FilebrowserAction.class.php | 98+++++++++++++++++++++++++++++++++++++++++++------------------------------------
action/FolderAction.class.php | 546++++++++++++++++++++++++++++++++++++++++---------------------------------------
action/GroupAction.class.php | 150+++++++++++++++++++++++++++++++++++++++++--------------------------------------
action/GrouplistAction.class.php | 16+++++++++-------
action/IndexAction.class.php | 13++++++++++++-
action/LanguageAction.class.php | 8++++++--
action/LanguagelistAction.class.php | 10+++++++++-
action/LinkAction.class.php | 11++++++++++-
action/LoginAction.class.php | 1378++++++++++++++++++++++++++++++++++++++++---------------------------------------
action/ModelAction.class.php | 10+++++++++-
action/ModellistAction.class.php | 5++++-
action/ObjectAction.class.php | 271++++++++++++++++++++++++++++++++++++++++---------------------------------------
action/PageAction.class.php | 5++++-
action/PageelementAction.class.php | 3+++
action/ProfileAction.class.php | 151++++++++++++++++++++++++++++++++++++++++---------------------------------------
action/ProjectAction.class.php | 5++++-
action/ProjectlistAction.class.php | 5++++-
action/SearchAction.class.php | 220+++++++++++++++++++++++++++++++++++++++++--------------------------------------
action/StartAction.class.php | 1178++++++++++++++++++++++++++++++++++++++++---------------------------------------
action/TemplateAction.class.php | 11++++++++++-
action/TemplatelistAction.class.php | 5++++-
action/TitleAction.class.php | 5+++++
action/TreeAction.class.php | 12++++++++++++
action/UserAction.class.php | 19++++++++++++++++++-
action/UserlistAction.class.php | 5++++-
action/WebdavAction.class.php | 5++++-
action/WorkbenchAction.class.php | 24+++++++++++++++---------
dispatcher.php | 57+++++++++++++++++++++++++++++----------------------------
32 files changed, 2972 insertions(+), 2770 deletions(-)

diff --git a/action/Action.class.php b/action/Action.class.php @@ -1,4 +1,44 @@ <?php + +namespace { + + class ObjectNotFoundException extends Exception + { + } + + + define('OR_NOTICE_OK', 'ok'); + define('OR_NOTICE_WARN', 'warning'); + define('OR_NOTICE_ERROR', 'error'); + + define('OR_FILTER_ALPHA', 'abc'); + define('OR_FILTER_ALPHANUM', 'abc123'); + define('OR_FILTER_FILENAME', 'file'); + define('OR_FILTER_MAIL', 'mail'); + define('OR_FILTER_TEXT', 'text'); + define('OR_FILTER_FULL', 'full'); + define('OR_FILTER_NUMBER', '123'); + define('OR_FILTER_RAW', 'raw'); + define('OR_FILTER_ALL', 'all'); + + +} + + +namespace cms\action { + +use \DomainException; + use \Html; + use \Session; +use \Logger; +use \Http; + use \template_engine\TemplateEngine; + use \Text; + use \XML; +use \JSON; +use \Exception; +use \LogicException; + // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de // @@ -17,750 +57,723 @@ // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -define('OR_NOTICE_OK' ,'ok' ); -define('OR_NOTICE_WARN' ,'warning'); -define('OR_NOTICE_ERROR','error' ); - -define('OR_FILTER_ALPHA' ,'abc' ); -define('OR_FILTER_ALPHANUM','abc123'); -define('OR_FILTER_FILENAME','file' ); -define('OR_FILTER_MAIL' ,'mail' ); -define('OR_FILTER_TEXT' ,'text' ); -define('OR_FILTER_FULL' ,'full' ); -define('OR_FILTER_NUMBER' ,'123' ); -define('OR_FILTER_RAW' ,'raw' ); -define('OR_FILTER_ALL' ,'all' ); - -class ObjectNotFoundException extends Exception {} - -/** - * Eltern-Klasse fuer alle Actions. - * - * Diese Klasse stellt grundlegende action-uebergreifende Methoden - * bereit. - * Dient als Ueberklasse fuer alle abgeleiteten Action-Klassen in - * diesem Package bzw. Verzeichnis. - * - * @author Jan Dankert - * @package openrat.actions - * @abstract - */ -class Action -{ - var $db; - private $templateVars = Array(); - var $actionName; - var $subActionName; - var $actionClassName; - - var $writable; - var $publishing; - var $refresh; - - /** - * Aktuell angemeldeter Benutzer.<br> - * Wird ind er Funktion "init()" gesetzt. - * - * @var Object Benutzer - */ - var $currentUser; - - - - function setStyle( $style ) - { - $this->setControlVar( "new_style", $style ); - } - - - function nextView( $viewName ) - { - $this->setControlVar( "next_view", $viewName ); - } - - - - - /** - * Wird durch das Controller-Skript (do.php) nach der Kontruierung des Objektes aufgerufen. - * So koennen Unterklassen ihren eigenen Kontruktor besitzen, ohne den Superkontruktor - * (=diese Funktion) aufrufen zu m�ssen. - */ - function init() - { - global $conf; - $this->writable = !$conf['security']['readonly' ]; - $this->publishing = !$conf['security']['nopublish']; - $this->currentUser = Session::getUser(); - - $this->templateVars['errors' ] = array(); - $this->templateVars['notices'] = array(); - $this->templateVars['control'] = array(); - $this->templateVars['output' ] = array(); - - header('Content-Language: '.$conf['language']['language_code']); - - $this->refresh = false; - } - - - /** - * Liest eine Session-Variable - * - * @param String $varName Schl�ssel - * @return mixed - */ - protected function getSessionVar( $varName ) - { - global $SESS; - - if ( !isset($SESS[ $varName ]) ) - return ''; - else return $SESS[ $varName ]; - } - - - /** - * Setzt eine Session-Variable - * - * @param Sring $varName Schl�ssel - * @param mixed $value Inhalt - * @return mixed - */ - protected function setSessionVar( $varName,$value ) - { - global $SESS; - - $SESS[ $varName ] = $value; - } - - - /** - * Ermittelt den Inhalt der gew�nschten Request-Variablen. - * Falls nicht vorhanden, wird "" zur�ckgegeben. - * - * @param String $varName Schl�ssel - * @return String Inhalt - */ - protected function getRequestVar( $varName,$transcode=OR_FILTER_FULL ) - { - global $REQ; - - if ( !isset($REQ[ $varName ]) ) - return ''; - - - switch( $transcode ) - { - case OR_FILTER_ALPHA: - $white = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; - break; - - case OR_FILTER_ALPHANUM: - $white = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789.,_-!?%&/()'; - break; - - case OR_FILTER_FILENAME: - // RFC 1738, Section 2.2: - // Thus, only alphanumerics, the special characters "$-_.+!*'(),", and - // reserved characters used for their reserved purposes may be used - // unencoded within a URL. - $white = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789$-_.+!*(),'."'"; - break; - - case OR_FILTER_MAIL: - $white = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789._-@'; - break; - - case OR_FILTER_TEXT: - case OR_FILTER_FULL: - case OR_FILTER_ALL: - // Ausfiltern von Control-Chars ( ASCII < 32 außer CR,LF) und HTML (<,>) - $white = ''; - $white .= chr(10).chr(13); // Line-Feed, Carriage-Return - for ($i = 32; $i <= 59; $i++) $white .= chr($i); // Zahlen - // 60: '<' - $white .= chr(61); - // 62: '>' - for ($i = 63; $i <= 126; $i++) $white .= chr($i); // abc - for ($i = 128; $i <= 255; $i++) $white .= chr($i); // Sonderzeichen incl. UTF-8, UTF-16 (beginnen mit Bit 1) - break; - - case OR_FILTER_NUMBER: - $white = '1234567890.'; - break; - - case OR_FILTER_RAW: - return $REQ[ $varName ]; - - default: - Http::serverError('Unknown request filter','not found: '.$transcode); - return '?'; - } - - $value = $REQ[ $varName ]; - $newValue = Text::clean( $value, $white ); - - if ( strlen($newValue) != strlen($value) ) - $this->addNotice('','','UNEXPECTED_CHARS',OR_NOTICE_WARN); - - return $newValue; - } - - - /** - * Ermittelt, ob der aktuelle Request eine Variable mit dem - * angegebenen Namen enth�lt. - * - * @param String $varName Schl�ssel - * @return boolean true, falls vorhanden. - */ - protected function hasRequestVar( $varName ) - { - global $REQ; - - return( isset($REQ[$varName]) && (!empty($REQ[$varName]) || $REQ[$varName]=='0') ); - } - - - /** - * Ermittelt die aktuelle Id aus dem Request.<br> - * Um welche ID es sich handelt, ist abh�ngig von der Action. - * - * @return Integer - */ - protected function getRequestId() - { - if ( $this->hasRequestVar('idvar') ) - return intval( $this->getRequestVar( $this->getRequestVar('idvar') ) ); - else - return intval( $this->getRequestVar( REQ_PARAM_ID ) ); - } - - - - /** - * Setzt eine Variable f�r die Oberfl�che. - * - * @param String $varName Schl�ssel - * @param Mixed $value - */ - protected function setTemplateVar( $varName,$value ) - { - $this->templateVars[ 'output' ][ $varName ] = $value; - } - - - /** - * Setzt eine Variable f�r die Oberfl�che. - * - * @param String $varName Schl�ssel - * @param Mixed $value - */ - protected function setControlVar( $varName,$value ) - { - $this->templateVars[ 'control' ][ $varName ] = $value; - } - - - /** - * Setzt eine Liste von Variablen f�r die Oberfl�che. - * - * @param Array $varList Assoziatives Array - */ - protected function setTemplateVars( $varList ) - { - foreach( $varList as $name=>$value ) - { - $this->setTemplateVar( $name,$value ); - } - } - - - /** - * F�gt einen Validierungsfehler hinzu. - * - * @param String $name Name des validierten Eingabefeldes - * @param String Textschl�ssel der Fehlermeldung (optional) - */ - protected function addValidationError( $name,$message="COMMON_VALIDATION_ERROR",$vars=array(),$log=array() ) - { - if ( !empty($message) ) - $this->addNotice('','',$message,OR_NOTICE_ERROR,$vars,$log); - - $this->templateVars['errors'][] = $name; - } - - - public function handleResult( $result ) - { - // TODO - - } - - /** - * F�gt ein Meldung hinzu. - * - * @param String $type Typ des Objektes, zu dem diese Meldung geh�rt. - * @param String $name Name des Objektes, zu dem diese Meldung geh�rt. - * @param String $text Textschl�ssel der Fehlermeldung (optional) - * @param String $status Einer der Werte OR_NOTICE_(OK|WARN|ERROR) - * @param Array $vars Variablen f�r den Textschl�ssel - * @param Array $log Weitere Hinweistexte f�r diese Meldung. - */ - protected function addNotice( $type,$name,$text,$status=OR_NOTICE_OK,$vars=array(),$log=array() ) - { - if ( $status === true ) - $status = OR_NOTICE_OK; - elseif ( $status === false ) - $status = OR_NOTICE_ERROR; - - $this->templateVars['notice_status'] = $status; - $this->templateVars['status' ] = $status; - $this->templateVars['success' ] = ($status==OR_NOTICE_ERROR?'false':'true'); - - if ( $status == OR_NOTICE_OK && isset($_COOKIE['or_ignore_ok_notices'])) - return; - - if ( !is_array($log)) - $log = array($log); - - if ( !is_array($vars)) - $vars = array($vars); - - $this->templateVars['notices'][] = array('type'=>$type, - 'name'=>$name, - 'key'=>'NOTICE_'.$text, - 'vars'=>$vars, - 'text'=>lang('NOTICE_'.$text,$vars), - 'log'=>$log, - 'status'=>$status); - } - - - - /** - * Ausgabe des Templates.<br> - * <br> - * Erst hier soll die Ausgabe auf die Standardausgabe, also die - * Ausgabe f�r den Browser, starten.<br> - * <br> - */ - public function forward() - { - Session::close(); - global $conf; - - $db = db_connection(); - - if ( is_object( $db ) ) - $db->commit(); - - // Ablaufzeit für den Inhalt auf aktuelle Zeit setzen. - header('Expires: '.substr(date('r',time()-date('Z')),0,-5).'GMT',false ); - - if ( $conf['security']['content-security-policy'] ) - header('X-Content-Security-Policy: '.'allow \'self\'; img-src: *; script-src \'self\'; options inline-script'); - - - $httpAccept = getenv('HTTP_ACCEPT'); - $types = explode(',',$httpAccept); - - if ( version_compare(PHP_VERSION, '4.3.0', '>=') ) - Logger::trace('Output'."\n".print_r($this->templateVars,true)); - - // Weitere Variablen anreichern. - $this->templateVars['session'] = array('name'=>session_name(),'id'=>session_id(),'token'=>token() ); - $this->templateVars['version'] = OR_VERSION; - $this->templateVars['api' ] = '2'; - - if ( sizeof($types)==1 && in_array('application/php-array',$types) || $this->getRequestVar('output')=='php-array' ) - { - if (version_compare(PHP_VERSION, '4.3.0', '<')) - Http::serverError('application/php-array is only available with PHP >= 4.3'); - - header('Content-Type: application/php-array; charset=UTF-8'); - echo print_r($this->templateVars,true); - exit; - } - - if ( sizeof($types)==1 && in_array('application/php-serialized',$types) || $this->getRequestVar('output')=='php' ) - { - header('Content-Type: application/php-serialized; charset=UTF-8'); - echo serialize($this->templateVars); - exit; - } - - if ( sizeof($types)==1 && in_array('application/json',$types) || $this->getRequestVar('output')=='json' ) - { - $json = new JSON(); - header('Content-Type: application/json; charset=UTF-8'); - if ( function_exists('json_encode')) - // Native Methode ist schneller.. - echo json_encode( $this->templateVars, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES | JSON_NUMERIC_CHECK | JSON_PARTIAL_OUTPUT_ON_ERROR ); - else - // Fallback, falls json_encode() nicht existiert... - echo $json->encode( $this->templateVars ); - exit; - } - - if ( sizeof($types)==1 && in_array('application/xml',$types) || $this->getRequestVar('output')=='xml' ) - { - require_once( OR_SERVICECLASSES_DIR."XML.class.".PHP_EXT ); - $xml = new XML(); - $xml->root = 'server'; // Name des XML-root-Elementes - header('Content-Type: application/xml; charset=UTF-8'); - echo $xml->encode( $this->templateVars ); - exit; - } - - header('Content-Type: text/html; charset=UTF-8'); - $this->setMenu(); - - $tplName = $this->actionName.'/'.$this->subActionName; - - + + + + /** + * Eltern-Klasse fuer alle Actions. + * + * Diese Klasse stellt grundlegende action-uebergreifende Methoden + * bereit. + * Dient als Ueberklasse fuer alle abgeleiteten Action-Klassen in + * diesem Package bzw. Verzeichnis. + * + * @author Jan Dankert + * @package openrat.actions + * @abstract + */ + class Action + { + public $db; + private $templateVars = Array(); + public $actionName; + public $subActionName; + public $actionClassName; + + public $writable; + public $publishing; + public $refresh; + + /** + * Aktuell angemeldeter Benutzer.<br> + * Wird ind er Funktion "init()" gesetzt. + * + * @var Object Benutzer + */ + var $currentUser; + + + protected function setStyle($style) + { + $this->setControlVar("new_style", $style); + } + + + function nextView($viewName) + { + $this->setControlVar("next_view", $viewName); + } + + + /** + * Wird durch das Controller-Skript (do.php) nach der Kontruierung des Objektes aufgerufen. + * So koennen Unterklassen ihren eigenen Kontruktor besitzen, ohne den Superkontruktor + * (=diese Funktion) aufrufen zu m�ssen. + */ + public function init() + { + global $conf; + $this->writable = !$conf['security']['readonly']; + $this->publishing = !$conf['security']['nopublish']; + $this->currentUser = Session::getUser(); + + $this->templateVars['errors'] = array(); + $this->templateVars['notices'] = array(); + $this->templateVars['control'] = array(); + $this->templateVars['output'] = array(); + + header('Content-Language: ' . $conf['language']['language_code']); + + $this->refresh = false; + } + + + /** + * Liest eine Session-Variable + * + * @param String $varName Schl�ssel + * @return mixed + */ + protected function getSessionVar($varName) + { + global $SESS; + + if (!isset($SESS[$varName])) + return ''; + else return $SESS[$varName]; + } + + + /** + * Setzt eine Session-Variable + * + * @param Sring $varName Schl�ssel + * @param mixed $value Inhalt + * @return mixed + */ + protected function setSessionVar($varName, $value) + { + global $SESS; + + $SESS[$varName] = $value; + } + + + /** + * Ermittelt den Inhalt der gew�nschten Request-Variablen. + * Falls nicht vorhanden, wird "" zur�ckgegeben. + * + * @param String $varName Schl�ssel + * @return String Inhalt + */ + protected function getRequestVar($varName, $transcode = OR_FILTER_FULL) + { + global $REQ; + + if (!isset($REQ[$varName])) + return ''; + + + switch ($transcode) { + case OR_FILTER_ALPHA: + $white = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; + break; + + case OR_FILTER_ALPHANUM: + $white = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789.,_-!?%&/()'; + break; + + case OR_FILTER_FILENAME: + // RFC 1738, Section 2.2: + // Thus, only alphanumerics, the special characters "$-_.+!*'(),", and + // reserved characters used for their reserved purposes may be used + // unencoded within a URL. + $white = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789$-_.+!*(),' . "'"; + break; + + case OR_FILTER_MAIL: + $white = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789._-@'; + break; + + case OR_FILTER_TEXT: + case OR_FILTER_FULL: + case OR_FILTER_ALL: + // Ausfiltern von Control-Chars ( ASCII < 32 außer CR,LF) und HTML (<,>) + $white = ''; + $white .= chr(10) . chr(13); // Line-Feed, Carriage-Return + for ($i = 32; $i <= 59; $i++) $white .= chr($i); // Zahlen + // 60: '<' + $white .= chr(61); + // 62: '>' + for ($i = 63; $i <= 126; $i++) $white .= chr($i); // abc + for ($i = 128; $i <= 255; $i++) $white .= chr($i); // Sonderzeichen incl. UTF-8, UTF-16 (beginnen mit Bit 1) + break; + + case OR_FILTER_NUMBER: + $white = '1234567890.'; + break; + + case OR_FILTER_RAW: + return $REQ[$varName]; + + default: + Http::serverError('Unknown request filter', 'not found: ' . $transcode); + return '?'; + } + + $value = $REQ[$varName]; + $newValue = Text::clean($value, $white); + + if (strlen($newValue) != strlen($value)) + $this->addNotice('', '', 'UNEXPECTED_CHARS', OR_NOTICE_WARN); + + return $newValue; + } + + + /** + * Ermittelt, ob der aktuelle Request eine Variable mit dem + * angegebenen Namen enth�lt. + * + * @param String $varName Schl�ssel + * @return boolean true, falls vorhanden. + */ + protected function hasRequestVar($varName) + { + global $REQ; + + return (isset($REQ[$varName]) && (!empty($REQ[$varName]) || $REQ[$varName] == '0')); + } + + + /** + * Ermittelt die aktuelle Id aus dem Request.<br> + * Um welche ID es sich handelt, ist abh�ngig von der Action. + * + * @return Integer + */ + protected function getRequestId() + { + if ($this->hasRequestVar('idvar')) + return intval($this->getRequestVar($this->getRequestVar('idvar'))); + else + return intval($this->getRequestVar(REQ_PARAM_ID)); + } + + + /** + * Setzt eine Variable f�r die Oberfl�che. + * + * @param String $varName Schl�ssel + * @param Mixed $value + */ + protected function setTemplateVar($varName, $value) + { + $this->templateVars['output'][$varName] = $value; + } + + + /** + * Setzt eine Variable f�r die Oberfl�che. + * + * @param String $varName Schl�ssel + * @param Mixed $value + */ + protected function setControlVar($varName, $value) + { + $this->templateVars['control'][$varName] = $value; + } + + + /** + * Setzt eine Liste von Variablen f�r die Oberfl�che. + * + * @param Array $varList Assoziatives Array + */ + protected function setTemplateVars($varList) + { + foreach ($varList as $name => $value) { + $this->setTemplateVar($name, $value); + } + } + + + /** + * F�gt einen Validierungsfehler hinzu. + * + * @param String $name Name des validierten Eingabefeldes + * @param String Textschl�ssel der Fehlermeldung (optional) + */ + protected function addValidationError($name, $message = "COMMON_VALIDATION_ERROR", $vars = array(), $log = array()) + { + if (!empty($message)) + $this->addNotice('', '', $message, OR_NOTICE_ERROR, $vars, $log); + + $this->templateVars['errors'][] = $name; + } + + + public function handleResult($result) + { + // TODO - + } + + /** + * F�gt ein Meldung hinzu. + * + * @param String $type Typ des Objektes, zu dem diese Meldung geh�rt. + * @param String $name Name des Objektes, zu dem diese Meldung geh�rt. + * @param String $text Textschl�ssel der Fehlermeldung (optional) + * @param String $status Einer der Werte OR_NOTICE_(OK|WARN|ERROR) + * @param Array $vars Variablen f�r den Textschl�ssel + * @param Array $log Weitere Hinweistexte f�r diese Meldung. + */ + protected function addNotice($type, $name, $text, $status = OR_NOTICE_OK, $vars = array(), $log = array()) + { + if ($status === true) + $status = OR_NOTICE_OK; + elseif ($status === false) + $status = OR_NOTICE_ERROR; + + $this->templateVars['notice_status'] = $status; + $this->templateVars['status'] = $status; + $this->templateVars['success'] = ($status == OR_NOTICE_ERROR ? 'false' : 'true'); + + if ($status == OR_NOTICE_OK && isset($_COOKIE['or_ignore_ok_notices'])) + return; + + if (!is_array($log)) + $log = array($log); + + if (!is_array($vars)) + $vars = array($vars); + + $this->templateVars['notices'][] = array('type' => $type, + 'name' => $name, + 'key' => 'NOTICE_' . $text, + 'vars' => $vars, + 'text' => lang('NOTICE_' . $text, $vars), + 'log' => $log, + 'status' => $status); + } + + + /** + * Ausgabe des Templates.<br> + * <br> + * Erst hier soll die Ausgabe auf die Standardausgabe, also die + * Ausgabe f�r den Browser, starten.<br> + * <br> + */ + public function forward() + { + Session::close(); + global $conf; + + $db = db_connection(); + + if (is_object($db)) + $db->commit(); + + // Ablaufzeit für den Inhalt auf aktuelle Zeit setzen. + header('Expires: ' . substr(date('r', time() - date('Z')), 0, -5) . 'GMT', false); + + if ($conf['security']['content-security-policy']) + header('X-Content-Security-Policy: ' . 'allow \'self\'; img-src: *; script-src \'self\'; options inline-script'); + + + $httpAccept = getenv('HTTP_ACCEPT'); + $types = explode(',', $httpAccept); + + if (version_compare(PHP_VERSION, '4.3.0', '>=')) + Logger::trace('Output' . "\n" . print_r($this->templateVars, true)); + + // Weitere Variablen anreichern. + $this->templateVars['session'] = array('name' => session_name(), 'id' => session_id(), 'token' => token()); + $this->templateVars['version'] = OR_VERSION; + $this->templateVars['api'] = '2'; + + if (sizeof($types) == 1 && in_array('application/php-array', $types) || $this->getRequestVar('output') == 'php-array') { + if (version_compare(PHP_VERSION, '4.3.0', '<')) + Http::serverError('application/php-array is only available with PHP >= 4.3'); + + header('Content-Type: application/php-array; charset=UTF-8'); + echo print_r($this->templateVars, true); + exit; + } + + if (sizeof($types) == 1 && in_array('application/php-serialized', $types) || $this->getRequestVar('output') == 'php') { + header('Content-Type: application/php-serialized; charset=UTF-8'); + echo serialize($this->templateVars); + exit; + } + + if (sizeof($types) == 1 && in_array('application/json', $types) || $this->getRequestVar('output') == 'json') { + $json = new JSON(); + header('Content-Type: application/json; charset=UTF-8'); + if (function_exists('json_encode')) + // Native Methode ist schneller.. + echo json_encode($this->templateVars, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES | JSON_NUMERIC_CHECK | JSON_PARTIAL_OUTPUT_ON_ERROR); + else + // Fallback, falls json_encode() nicht existiert... + echo $json->encode($this->templateVars); + exit; + } + + if (sizeof($types) == 1 && in_array('application/xml', $types) || $this->getRequestVar('output') == 'xml') { + require_once(OR_SERVICECLASSES_DIR . "XML.class." . PHP_EXT); + $xml = new XML(); + $xml->root = 'server'; // Name des XML-root-Elementes + header('Content-Type: application/xml; charset=UTF-8'); + echo $xml->encode($this->templateVars); + exit; + } + + header('Content-Type: text/html; charset=UTF-8'); + $this->setMenu(); + + $tplName = $this->actionName . '/' . $this->subActionName; + + // if (isset($this->actionConfig[$this->subActionName]['target'])) // $targetSubActionName = $this->actionConfig[$this->subActionName]['target']; // else - $targetSubActionName = $this->subActionName; - - - global $REQ; - global $PHP_SELF; - global $HTTP_SERVER_VARS; - global $image_dir; - global $view; - - // Übertragen der Ausgabe-Variablen in den aktuellen Kontext - // - extract( $this->templateVars['output'] ); - - // Setzen einiger Standard-Variablen - // - $tpl_dir = OR_THEMES_DIR.$conf['interface']['theme'].'/pages/html/'; - $image_dir = OR_THEMES_EXT_DIR.$conf['interface']['theme'].'/images/'; - - $user = Session::getUser(); - - $self = $HTTP_SERVER_VARS['PHP_SELF']; - - if ( !empty($conf['interface']['override_title']) ) - $cms_title = $conf['interface']['override_title']; - else - $cms_title = OR_TITLE.' '.OR_VERSION; - - $subActionName = $this->subActionName; - $actionName = $this->actionName; - $requestId = $this->getRequestId(); - - $iFile = 'themes/default/templates/' . $tplName . '.tpl.out.'.PHP_EXT; - - if ( DEVELOPMENT ) - { - $srcXmlFilename = 'themes/default/templates/' . $tplName . '.tpl.src.xml'; - - // Das Template kompilieren. - // Aus dem XML wird eine PHP-Datei erzeugt. - try - { - $te = new template_engine\TemplateEngine(); - $te->compile($srcXmlFilename,$iFile); - unset($te); - } - catch (Exception $e) - { - throw new DomainException("Compilation failed for Template '$tplName'.", 0, $e); - } - header("X-CMS-Template-File: " . $iFile); - } - - - if ( is_file($iFile)) - // Einbinden des Templates - require_once( $iFile ); - else - throw new LogicException("File '$iFile' not found."); - } - - - /** - * Ruft eine weitere Subaction auf. - * - * @param String $subActionName Name der n�chsten Subaction. Es muss eine Methode mit diesem Namen geben. - */ - protected function callSubAction( $subActionName ) - { - return; - - /* - * - if ( in_array($this->actionName,array('page','file','link','folder')) ) - Session::setSubaction( $subActionName ); - - $this->subActionName = $subActionName; - - Logger::trace("next subaction is '$subActionName'"); - - $this->$subActionName(); - */ - } - - - /** - * Ruft eine weitere Subaction auf. - * - * @param String $subActionName Name der n�chsten Subaction. Es muss eine Methode mit diesem Namen geben. - */ - protected function nextSubAction( $subActionName ) - { - $this->subActionName = $subActionName; - - Logger::trace("next subaction is '$subActionName'"); - - $methodName = $subActionName.($_SERVER['REQUEST_METHOD'] == 'POST'?'Post':'View'); - $this->$methodName(); - } - - - /** - * Ermitteln, ob Benutzer Administratorrechte besitzt - * @return Boolean TRUE, falls der Benutzer ein Administrator ist. - */ - protected function userIsAdmin() - { - $user = Session::getUser(); - return is_object($user) && $user->isAdmin; - } - - - /** - * Ermitteln, ob Benutzer Administratorrechte besitzt - * @return Boolean TRUE, falls der Benutzer ein Administrator ist. - */ - public function userIsLoggedIn() - { - $user = Session::getUser(); - return is_object($user) && $user->isAdmin; - } - - - /** - * Ermitteln des Benutzerobjektes aus der Session - * @return User - */ - protected function getUserFromSession() - { - return Session::getUser(); - } - - - - /** - * Benutzen eines sog. "Conditional GET". - * - * Diese Funktion setzt einen "Last-Modified"-HTTP-Header. - * Ist der Inhalt der Seite nicht neuer, so wird der Inhalt - * der Seite nicht ausgegeben, sondern nur HTTP-Status 304 - * ("304 not modified") gesetzt. - * Der Rest der Seite muss dann nicht mehr erzeugt werden, - * wodurch die Performance stark erhoeht werden kann. - * - * Credits: Danke an Charles Miller - * @see http://fishbowl.pastiche.org/2002/10/21/http_conditional_get_for_rss_hackers - * - * Gefunden auf: - * @see http://simon.incutio.com/archive/2003/04/23/conditionalGet - * - * @param Timestamp Letztes Aenderungsdatum des Objektes - */ - protected function lastModified( $time, $expirationDuration = 0 ) - { - $user = Session::getUser(); - - // Conditional-Get eingeschaltet? - if ( ! config('cache','conditional_get') ) - return; - - $expires = substr(date('r',time()+$expirationDuration-date('Z')),0,-5).'GMT'; - $lastModified = substr(date('r',$time -date('Z')),0,-5).'GMT'; - $etag = '"'.base_convert($time,10,36).'"'; - - // Header senden - header('Expires: ' .$expires ); - header('Last-Modified: '.$lastModified ); - header('ETag: ' .$etag ); - - // Die vom Interpreter sonst automatisch gesetzten - // Header uebersteuern - header('Cache-Control: must-revalidate'); - header('Pragma:'); - - // See if the client has provided the required headers - $if_modified_since = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? stripslashes($_SERVER['HTTP_IF_MODIFIED_SINCE']) : false; - $if_none_match = isset($_SERVER['HTTP_IF_NONE_MATCH'] ) ? stripslashes($_SERVER['HTTP_IF_NONE_MATCH'] ) : false; - - // Bug in Apache 2.2, mod_deflat adds '-gzip' to E-Tag - if ( substr($if_none_match,-6) == '-gzip"' ) - $if_none_match = substr($if_none_match,0,-6).'"'; - - // At least one of the headers is there - check them - if ( $if_none_match && $if_none_match != $etag ) - return; // etag is there but doesn't match - - if ( $if_modified_since && $if_modified_since != $lastModified ) - return; // if-modified-since is there but doesn't match - - if ( !$if_modified_since && !$if_none_match ) - return; - - // Der entfernte Browser bzw. Proxy holt die Seite nun aus seinem Cache - header('HTTP/1.0 304 Not Modified'); - exit; // Sofortiges Skript-Ende - } - - - - /** - * @param max Anzahl der Sekunden, die die Seite im Browsercache bleiben darf - */ - protected function maxAge( $max=3600 ) - { - // Die Header "Last-Modified" und "ETag" wurden bereits in der - // Methode "lastModified()" gesetzt. - - header('Expires: '.substr(date('r',time()-date('Z')+$max),0,-5).'GMT' ); - header('Pragma: '); // 'Pragma' ist Bullshit und - // wird von den meisten Browsern ignoriert. - header('Cache-Control: public, max-age='.$max.", s-maxage=".$max); - } - - - - protected function setMenu() - { - return; - - $windowMenu = array(); - $name = $this->actionConfig[$this->subActionName]['menu']; - $menuList = explode(',',$this->actionConfig['menu']['menu']); - //$menuList = explode(',',$this->actionConfig['menu'][$name]); - - if ( isset($this->actionConfig[$this->subActionName]['menuaction'])) - $actionName = $this->actionConfig[$this->subActionName]['menuaction']; - else - $actionName = $this->subActionName; - - foreach( $menuList as $menuName ) - { - if ( isset($this->actionConfig[$menuName]['alias']) ) - $menuText = 'menu_'.$this->actionName.'_'.$this->actionConfig[$menuName]['alias']; - else - $menuText = 'menu_'.$this->actionName.'_'.$menuName; - - - $menuKey = 'accesskey_window_'.$menuName; - - $menuEntry = array('subaction'=>$menuName, - 'text' =>$menuText, - 'title' =>$menuText.'_DESC', - 'key' =>$menuKey ); - - if ( $this->checkMenu($menuName) ) - $menuEntry['url'] = Html::url($actionName,$menuName,$this->getRequestId()); - - $windowMenu[] = $menuEntry; - } - $this->setTemplateVar('windowMenu',$windowMenu); - } - - - - /** - * Ermittelt, ob der Men�punkt aktiv ist. - * Ob ein Men�punkt als aktiv angezeigt werden soll, steht meist erst zur Laufzeit fest. - * <br> - * Diese Methode kann von den Unterklassen �berschrieben werden. - * Falls diese Methode nicht �berschrieben wird, sind alle Men�punkte aktiv. - * - * @param String $name Logischer Name des Men�punktes - * @return boolean TRUE, wenn Men�punkt aktiv ist. - */ - protected function checkMenu( $name ) - { - // Standard: Alle Men�punkt sind aktiv. - return true; - } - - - - - - /** - * Erzeugt einen Redirect auf einen bestimmte URL. - */ - protected function redirect( $url ) - { - $this->setControlVar( 'redirect',$url ); - } - - - /** - * Sorgt dafür, dass alle anderen Views aktualisiert werden. - * - * Diese Methode sollte dann aufgerufen werden, wenn Objekte geändert werden - * und dies Einfluss auf andere Views hat. - */ - protected function refresh() - { - $this->refresh = true; - $this->setControlVar('refresh',true); - } - - - /** - * Setzt eine neue Perspektive für die Sitzung. - * - * @param String Name der Perspektive - */ - protected function setPerspective( $name ) - { - Session::set('perspective',$name); - $this->refresh(); - } -} + $targetSubActionName = $this->subActionName; -// TODO - nicht benutzt -interface ActionResult -{ - public function getErrorField(); - public function isSuccess(); -} + global $REQ; + global $PHP_SELF; + global $HTTP_SERVER_VARS; + global $image_dir; + global $view; -class ActionResultSuccess implements ActionResult -{ - public function isSuccess(){ - return true; - } - public function getErrorField(){ - return null; + // Übertragen der Ausgabe-Variablen in den aktuellen Kontext + // + extract($this->templateVars['output']); + + // Setzen einiger Standard-Variablen + // + $tpl_dir = OR_THEMES_DIR . $conf['interface']['theme'] . '/pages/html/'; + $image_dir = OR_THEMES_EXT_DIR . $conf['interface']['theme'] . '/images/'; + + $user = Session::getUser(); + + $self = $HTTP_SERVER_VARS['PHP_SELF']; + + if (!empty($conf['interface']['override_title'])) + $cms_title = $conf['interface']['override_title']; + else + $cms_title = OR_TITLE . ' ' . OR_VERSION; + + $subActionName = $this->subActionName; + $actionName = $this->actionName; + $requestId = $this->getRequestId(); + + $iFile = 'themes/default/templates/' . $tplName . '.tpl.out.' . PHP_EXT; + + if (DEVELOPMENT) { + $srcXmlFilename = 'themes/default/templates/' . $tplName . '.tpl.src.xml'; + + // Das Template kompilieren. + // Aus dem XML wird eine PHP-Datei erzeugt. + try { + $te = new TemplateEngine(); + $te->compile($srcXmlFilename, $iFile); + unset($te); + } catch (Exception $e) { + throw new DomainException("Compilation failed for Template '$tplName'.", 0, $e); + } + header("X-CMS-Template-File: " . $iFile); + } + + + if (is_file($iFile)) + // Einbinden des Templates + require_once($iFile); + else + throw new LogicException("File '$iFile' not found."); + } + + + /** + * Ruft eine weitere Subaction auf. + * + * @param String $subActionName Name der n�chsten Subaction. Es muss eine Methode mit diesem Namen geben. + */ + protected function callSubAction($subActionName) + { + return; + + /* + * + if ( in_array($this->actionName,array('page','file','link','folder')) ) + Session::setSubaction( $subActionName ); + + $this->subActionName = $subActionName; + + Logger::trace("next subaction is '$subActionName'"); + + $this->$subActionName(); + */ + } + + + /** + * Ruft eine weitere Subaction auf. + * + * @param String $subActionName Name der n�chsten Subaction. Es muss eine Methode mit diesem Namen geben. + */ + protected function nextSubAction($subActionName) + { + $this->subActionName = $subActionName; + + Logger::trace("next subaction is '$subActionName'"); + + $methodName = $subActionName . ($_SERVER['REQUEST_METHOD'] == 'POST' ? 'Post' : 'View'); + $this->$methodName(); + } + + + /** + * Ermitteln, ob Benutzer Administratorrechte besitzt + * @return Boolean TRUE, falls der Benutzer ein Administrator ist. + */ + protected function userIsAdmin() + { + $user = Session::getUser(); + return is_object($user) && $user->isAdmin; + } + + + /** + * Ermitteln, ob Benutzer Administratorrechte besitzt + * @return Boolean TRUE, falls der Benutzer ein Administrator ist. + */ + public function userIsLoggedIn() + { + $user = Session::getUser(); + return is_object($user) && $user->isAdmin; + } + + + /** + * Ermitteln des Benutzerobjektes aus der Session + * @return User + */ + protected function getUserFromSession() + { + return Session::getUser(); + } + + + /** + * Benutzen eines sog. "Conditional GET". + * + * Diese Funktion setzt einen "Last-Modified"-HTTP-Header. + * Ist der Inhalt der Seite nicht neuer, so wird der Inhalt + * der Seite nicht ausgegeben, sondern nur HTTP-Status 304 + * ("304 not modified") gesetzt. + * Der Rest der Seite muss dann nicht mehr erzeugt werden, + * wodurch die Performance stark erhoeht werden kann. + * + * Credits: Danke an Charles Miller + * @see http://fishbowl.pastiche.org/2002/10/21/http_conditional_get_for_rss_hackers + * + * Gefunden auf: + * @see http://simon.incutio.com/archive/2003/04/23/conditionalGet + * + * @param Timestamp Letztes Aenderungsdatum des Objektes + */ + protected function lastModified($time, $expirationDuration = 0) + { + $user = Session::getUser(); + + // Conditional-Get eingeschaltet? + if (!config('cache', 'conditional_get')) + return; + + $expires = substr(date('r', time() + $expirationDuration - date('Z')), 0, -5) . 'GMT'; + $lastModified = substr(date('r', $time - date('Z')), 0, -5) . 'GMT'; + $etag = '"' . base_convert($time, 10, 36) . '"'; + + // Header senden + header('Expires: ' . $expires); + header('Last-Modified: ' . $lastModified); + header('ETag: ' . $etag); + + // Die vom Interpreter sonst automatisch gesetzten + // Header uebersteuern + header('Cache-Control: must-revalidate'); + header('Pragma:'); + + // See if the client has provided the required headers + $if_modified_since = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? stripslashes($_SERVER['HTTP_IF_MODIFIED_SINCE']) : false; + $if_none_match = isset($_SERVER['HTTP_IF_NONE_MATCH']) ? stripslashes($_SERVER['HTTP_IF_NONE_MATCH']) : false; + + // Bug in Apache 2.2, mod_deflat adds '-gzip' to E-Tag + if (substr($if_none_match, -6) == '-gzip"') + $if_none_match = substr($if_none_match, 0, -6) . '"'; + + // At least one of the headers is there - check them + if ($if_none_match && $if_none_match != $etag) + return; // etag is there but doesn't match + + if ($if_modified_since && $if_modified_since != $lastModified) + return; // if-modified-since is there but doesn't match + + if (!$if_modified_since && !$if_none_match) + return; + + // Der entfernte Browser bzw. Proxy holt die Seite nun aus seinem Cache + header('HTTP/1.0 304 Not Modified'); + exit; // Sofortiges Skript-Ende + } + + + /** + * @param max Anzahl der Sekunden, die die Seite im Browsercache bleiben darf + */ + protected function maxAge($max = 3600) + { + // Die Header "Last-Modified" und "ETag" wurden bereits in der + // Methode "lastModified()" gesetzt. + + header('Expires: ' . substr(date('r', time() - date('Z') + $max), 0, -5) . 'GMT'); + header('Pragma: '); // 'Pragma' ist Bullshit und + // wird von den meisten Browsern ignoriert. + header('Cache-Control: public, max-age=' . $max . ", s-maxage=" . $max); + } + + + protected function setMenu() + { + return; + + $windowMenu = array(); + $name = $this->actionConfig[$this->subActionName]['menu']; + $menuList = explode(',', $this->actionConfig['menu']['menu']); + //$menuList = explode(',',$this->actionConfig['menu'][$name]); + + if (isset($this->actionConfig[$this->subActionName]['menuaction'])) + $actionName = $this->actionConfig[$this->subActionName]['menuaction']; + else + $actionName = $this->subActionName; + + foreach ($menuList as $menuName) { + if (isset($this->actionConfig[$menuName]['alias'])) + $menuText = 'menu_' . $this->actionName . '_' . $this->actionConfig[$menuName]['alias']; + else + $menuText = 'menu_' . $this->actionName . '_' . $menuName; + + + $menuKey = 'accesskey_window_' . $menuName; + + $menuEntry = array('subaction' => $menuName, + 'text' => $menuText, + 'title' => $menuText . '_DESC', + 'key' => $menuKey); + + if ($this->checkMenu($menuName)) + $menuEntry['url'] = Html::url($actionName, $menuName, $this->getRequestId()); + + $windowMenu[] = $menuEntry; + } + $this->setTemplateVar('windowMenu', $windowMenu); + } + + + /** + * Ermittelt, ob der Men�punkt aktiv ist. + * Ob ein Men�punkt als aktiv angezeigt werden soll, steht meist erst zur Laufzeit fest. + * <br> + * Diese Methode kann von den Unterklassen �berschrieben werden. + * Falls diese Methode nicht �berschrieben wird, sind alle Men�punkte aktiv. + * + * @param String $name Logischer Name des Men�punktes + * @return boolean TRUE, wenn Men�punkt aktiv ist. + */ + protected function checkMenu($name) + { + // Standard: Alle Men�punkt sind aktiv. + return true; + } + + + /** + * Erzeugt einen Redirect auf einen bestimmte URL. + */ + protected function redirect($url) + { + $this->setControlVar('redirect', $url); + } + + + /** + * Sorgt dafür, dass alle anderen Views aktualisiert werden. + * + * Diese Methode sollte dann aufgerufen werden, wenn Objekte geändert werden + * und dies Einfluss auf andere Views hat. + */ + protected function refresh() + { + $this->refresh = true; + $this->setControlVar('refresh', true); + } + + + /** + * Setzt eine neue Perspektive für die Sitzung. + * + * @param String Name der Perspektive + */ + protected function setPerspective($name) + { + Session::set('perspective', $name); + $this->refresh(); + } } -} -class ActionResultError implements ActionResult -{ - private $fieldName; - - public function __construct( $name ) + + +// TODO - nicht benutzt + interface ActionResult { - $this->fieldName = $name; + public function getErrorField(); + + public function isSuccess(); } - public function isSuccess(){ - return false; + + class ActionResultSuccess implements ActionResult + { + public function isSuccess() + { + return true; + } + + public function getErrorField() + { + return null; + } } - public function getErrorField(){ - return $fieldName; + + class ActionResultError implements ActionResult + { + private $fieldName; + + public function __construct($name) + { + $this->fieldName = $name; + } + + public function isSuccess() + { + return false; + } + + public function getErrorField() + { + return $fieldName; + } } -} -?>- \ No newline at end of file +}+ \ No newline at end of file diff --git a/action/ConfigurationAction.class.php b/action/ConfigurationAction.class.php @@ -1,4 +1,7 @@ <?php + +namespace cms\action; + // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de // @@ -15,6 +18,7 @@ // along with this program; if not, write to the Free Software // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +use Session; /** * Action-Klasse fuer die Bearbeitung eines Template-Elementes. * @@ -28,7 +32,7 @@ class ConfigurationAction extends Action /** * Konstruktor */ - function ConfigurationAction() + function __construct() { } diff --git a/action/ElementAction.class.php b/action/ElementAction.class.php @@ -1,11 +1,15 @@ <?php +namespace cms\action; + + use cms\model\Element; use cms\model\Template; use cms\model\Folder; use cms\model\Object; + // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de // @@ -37,7 +41,7 @@ class ElementAction extends Action /** * Konstruktor */ - function ElementAction() + function __construct() { if ( $this->getRequestId() == 0 ) die('no element-id available'); diff --git a/action/FileAction.class.php b/action/FileAction.class.php @@ -1,8 +1,13 @@ <?php + +namespace cms\action; + use cms\model\Folder; use cms\model\Object; use cms\model\File; +use Http; +use \Html; // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de @@ -38,7 +43,7 @@ class FileAction extends ObjectAction /** * Konstruktor */ - function FileAction() + function __construct() { $this->file = new File( $this->getRequestId() ); $this->file->load(); @@ -75,10 +80,10 @@ class FileAction extends ObjectAction $this->file->setTimestamp(); } - - /** - * Abspeichern der Eigenschaften zu dieser Datei. - * + + /** + * Abspeichern der Eigenschaften zu dieser Datei. + * */ function propPost() { @@ -104,7 +109,7 @@ class FileAction extends ObjectAction $url = Html::url('file','show',$this->file->objectid,array('target'=>'none') ); $this->setTemplateVar('preview_url',$url ); - $this->setTemplateVar('image',$this->file->isImage() ); + $this->setTemplateVar('image',$this->file->isImage() ); } @@ -159,7 +164,7 @@ class FileAction extends ObjectAction // Groesse des Bildes in Bytes // Der Browser hat so die Moeglichkeit, einen Fortschrittsbalken zu zeigen - header('Content-Length: '.filesize($this->file->tmpfile()) ); + header('Content-Length: '.filesize($this->file->tmpfile()) ); if ( in_array( getenv('HTTP_ACCEPT'),array('application/php-array','application/php-serialized','application/json','application/xml'))) { @@ -694,7 +699,7 @@ class FileAction extends ObjectAction $this->file->publish(); $this->file->publish->close(); - $this->addNotice('file',$this->file->fullFilename,'PUBLISHED'.($this->file->publish->ok?'':'_ERROR'),$this->file->publish->ok,array(),$this->file->publish->log); + $this->addNotice('file',$this->file->fullFilename,'PUBLISHED'.($this->file->publish->ok?'':'_ERROR'),$this->file->publish->ok,array(),$this->file->publish->log); } diff --git a/action/FilebrowserAction.class.php b/action/FilebrowserAction.class.php @@ -1,4 +1,12 @@ <?php + +namespace cms\action; + + +use Http; +use Session; +use \Html; + // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de // @@ -26,28 +34,28 @@ class FilebrowserAction extends ObjectAction { public $security = SECURITY_USER; - - var $command; - var $resourceType; - - /** - * Ordner - * - * @var String - */ - var $currentFolder; - - /** - * Aktueller Ordner - * - * @var Object - */ - var $folder; + + var $command; + var $resourceType; + + /** + * Ordner + * + * @var String + */ + var $currentFolder; + + /** + * Aktueller Ordner + * + * @var Object + */ + var $folder; /** * Konstruktor */ - function FilebrowserAction() + function __construct() { if ( $this->getRequestId() != 0 ) { @@ -62,8 +70,8 @@ class FilebrowserAction extends ObjectAction $this->folder = new Folder( $fid ); $this->folder->load(); - - } + + } @@ -73,40 +81,40 @@ class FilebrowserAction extends ObjectAction function show() { Http::notAuthorized('no subaction found'); - } + } - - /** - * Datei-Upload. - * - */ - public function directuploadPost() - { - $upload = new Upload( $this->getRequestVar('name','abc') ); - - if ( !$upload->isValid() ) - { - echo 'Upload failed, reason: '.$upload->error; - } - else - { - $file = new File(); - $file->parentid = $this->folder->objectid; + + /** + * Datei-Upload. + * + */ + public function directuploadPost() + { + $upload = new Upload( $this->getRequestVar('name','abc') ); + + if ( !$upload->isValid() ) + { + echo 'Upload failed, reason: '.$upload->error; + } + else + { + $file = new File(); + $file->parentid = $this->folder->objectid; $file->name = $upload->filename; $file->filename = $upload->filename; - $file->extension = $upload->extension; - $file->value = $upload->value; + $file->extension = $upload->extension; + $file->value = $upload->value; $file->add(); $newId = $file->objectid; $newUrl = str_replace('&amp;','&',Html::url('file','show',$newId,array('oid'=>'__OID__'.$newId.'__'))); - + echo '<script type="text/javascript">' ; echo 'window.parent.CKEDITOR.tools.callFunction('.$this->getRequestVar('CKEditorFuncNum',OR_FILTER_NUMBER).",'".$newUrl."','');</script>"; - echo '</script>' ; + echo '</script>' ; echo 'OK' ; - } - + } + } @@ -247,7 +255,7 @@ class FilebrowserAction extends ObjectAction $this->folder->setTimestamp(); $this->addNotice('file',$file->name,'ADDED','ok'); } - } + } } ?> \ No newline at end of file diff --git a/action/FolderAction.class.php b/action/FolderAction.class.php @@ -1,4 +1,7 @@ <?php + +namespace cms\action; + use cms\model\Template; use cms\model\Page; use cms\model\Folder; @@ -6,6 +9,9 @@ use cms\model\Object; use cms\model\File; use cms\model\Link; +use Http; +use Session; +use \Html; // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de // @@ -37,136 +43,136 @@ class FolderAction extends ObjectAction private $folder; - function FolderAction() + function __construct() { $this->folder = new Folder( $this->getRequestId() ); $this->folder->load(); } - - /** - * Neues Objekt anlegen.<br> - * Dies kann ein(e) Verzeichnis, Seite, Verkn�pfung oder Datei sein.<br> + + /** + * Neues Objekt anlegen.<br> + * Dies kann ein(e) Verzeichnis, Seite, Verkn�pfung oder Datei sein.<br> */ function createPost() - { + { global $conf; - $type = $this->getRequestVar('type' ); - - switch( $type ) - { - case 'folder': - $name = $this->getRequestVar('folder_name'); - - if ( !empty($name) ) - { - $f = new Folder(); + $type = $this->getRequestVar('type' ); + + switch( $type ) + { + case 'folder': + $name = $this->getRequestVar('folder_name'); + + if ( !empty($name) ) + { + $f = new Folder(); $f->name = $name; $f->parentid = $this->folder->objectid; $f->add(); $this->folder->setTimestamp(); $this->addNotice('folder',$f->name,'ADDED','ok'); } - else - { - $this->addValidationError('folder_name'); - $this->callSubAction('create'); - } + else + { + $this->addValidationError('folder_name'); + $this->callSubAction('create'); + } + break; + + case 'file': + $upload = new Upload(); + + if ( !$upload->isValid() ) + { + $this->addValidationError('file','COMMON_VALIDATION_ERROR',array(),$upload->error); + $this->callSubAction('createfile'); + return; + } + // Pr�fen der maximal erlaubten Dateigr��e. + elseif ( $upload->size > $this->maxFileSize() ) + { + // Maximale Dateigr��e ist �berschritten + $this->addValidationError('file','MAX_FILE_SIZE_EXCEEDED'); + $this->callSubAction('createfile'); + return; + } + elseif( $upload->size > 0 ) + { + $file = new File(); + $file->desc = ''; + $file->filename = $upload->filename; + $file->name = $upload->filename; + $file->extension = $upload->extension; + $file->size = $upload->size; + $file->parentid = $this->folder->objectid; + + $file->value = $upload->value; + + $file->add(); // Datei hinzufuegen + $this->folder->setTimestamp(); + $this->addNotice('file',$file->name,'ADDED','ok'); + } + + break; + + case 'page': + + $name = $this->getRequestVar('page_name'); + if ( !empty($name) ) + { + $page = new Page(); + $page->name = $name; + $page->templateid = $this->getRequestVar('page_templateid'); + $page->parentid = $this->folder->objectid; + $page->add(); + $this->folder->setTimestamp(); + + $this->addNotice('page',$page->name,'ADDED','ok'); + } + else + { + $this->addValidationError('page_name'); + $this->callSubAction('create'); + } break; + + case 'link': + + $name = $this->getRequestVar('link_name'); + if ( !empty($name) ) + { + $link = new Link(); + $link->name = $name; + $link->parentid = $this->folder->objectid; + + $link->isLinkToObject = false; + $link->url = $name; + + $link->add(); + $this->folder->setTimestamp(); - case 'file': - $upload = new Upload(); - - if ( !$upload->isValid() ) - { - $this->addValidationError('file','COMMON_VALIDATION_ERROR',array(),$upload->error); - $this->callSubAction('createfile'); - return; - } - // Pr�fen der maximal erlaubten Dateigr��e. - elseif ( $upload->size > $this->maxFileSize() ) - { - // Maximale Dateigr��e ist �berschritten - $this->addValidationError('file','MAX_FILE_SIZE_EXCEEDED'); - $this->callSubAction('createfile'); - return; - } - elseif( $upload->size > 0 ) - { - $file = new File(); - $file->desc = ''; - $file->filename = $upload->filename; - $file->name = $upload->filename; - $file->extension = $upload->extension; - $file->size = $upload->size; - $file->parentid = $this->folder->objectid; - - $file->value = $upload->value; - - $file->add(); // Datei hinzufuegen - $this->folder->setTimestamp(); - $this->addNotice('file',$file->name,'ADDED','ok'); - } - - break; - - case 'page': - - $name = $this->getRequestVar('page_name'); - if ( !empty($name) ) - { - $page = new Page(); - $page->name = $name; - $page->templateid = $this->getRequestVar('page_templateid'); - $page->parentid = $this->folder->objectid; - $page->add(); - $this->folder->setTimestamp(); - - $this->addNotice('page',$page->name,'ADDED','ok'); - } - else - { - $this->addValidationError('page_name'); - $this->callSubAction('create'); - } - break; - - case 'link': - - $name = $this->getRequestVar('link_name'); - if ( !empty($name) ) - { - $link = new Link(); - $link->name = $name; - $link->parentid = $this->folder->objectid; - - $link->isLinkToObject = false; - $link->url = $name; - - $link->add(); - $this->folder->setTimestamp(); - - $this->addNotice('link',$link->name,'ADDED','ok'); - } - else - { - $this->addValidationError('link_name'); - $this->callSubAction('create'); - } - - break; - - default: - $this->addValidationError('type'); - $this->callSubAction('create'); - - } + $this->addNotice('link',$link->name,'ADDED','ok'); + } + else + { + $this->addValidationError('link_name'); + $this->callSubAction('create'); + } + + break; + + default: + $this->addValidationError('type'); + $this->callSubAction('create'); + + } } - - - + + + function createfolderPost() { $type = $this->getRequestVar('type' ); @@ -186,11 +192,11 @@ class FolderAction extends ObjectAction $this->addNotice('folder',$f->name,'ADDED','ok'); $this->setTemplateVar('objectid',$f->objectid); } - else - { - $this->addValidationError('name'); - $this->callSubAction('createfolder'); - } + else + { + $this->addValidationError('name'); + $this->callSubAction('createfolder'); + } $this->folder->setTimestamp(); } @@ -204,38 +210,38 @@ class FolderAction extends ObjectAction $filename = $this->getRequestVar('filename' ); $description = $this->getRequestVar('description'); - $file = new File(); - - // Die neue Datei wird über eine URL geladen und dann im CMS gespeichert. - if ( $this->hasRequestVar('url') ) - { - $url = $this->getRequestVar('url'); - $http = new Http(); - $http->setUrl( $url ); - - $ok = $http->request(); - - if ( !$ok ) - { - $this->addValidationError('url','COMMON_VALIDATION_ERROR',array(),$http->error); - $this->callSubAction('createfile'); - return; - } - - $file->desc = $description; + $file = new File(); + + // Die neue Datei wird über eine URL geladen und dann im CMS gespeichert. + if ( $this->hasRequestVar('url') ) + { + $url = $this->getRequestVar('url'); + $http = new Http(); + $http->setUrl( $url ); + + $ok = $http->request(); + + if ( !$ok ) + { + $this->addValidationError('url','COMMON_VALIDATION_ERROR',array(),$http->error); + $this->callSubAction('createfile'); + return; + } + + $file->desc = $description; $file->filename = basename($url); $file->name = !empty($name)?$name:basename($url); $file->size = strlen($http->body); $file->value = $http->body; $file->parentid = $this->folder->objectid; - } - else - { - $upload = new Upload(); + } + else + { + $upload = new Upload(); - if ( $upload->isValid() ) - { - $file->desc = $description; + if ( $upload->isValid() ) + { + $file->desc = $description; $file->filename = $upload->filename; $file->name = !empty($name)?$name:$upload->filename; $file->extension = $upload->extension; @@ -256,11 +262,11 @@ class FolderAction extends ObjectAction else { $this->addValidationError('file','COMMON_VALIDATION_ERROR',array(),$upload->error); - $this->callSubAction('createfile'); - return; - } + $this->callSubAction('createfile'); + return; + } - } + } } $file->add(); // Datei hinzufuegen @@ -286,15 +292,15 @@ class FolderAction extends ObjectAction $link->desc = $description; $link->parentid = $this->folder->objectid; - if ( $this->hasRequestVar('targetobjectid') ) - { - $link->isLinkToObject = true; - $link->isLinkToUrl = false; - $link->linkedObjectId = $this->getRequestVar('targetobjectid'); - } - else - { - $link->isLinkToObject = false; + if ( $this->hasRequestVar('targetobjectid') ) + { + $link->isLinkToObject = true; + $link->isLinkToUrl = false; + $link->linkedObjectId = $this->getRequestVar('targetobjectid'); + } + else + { + $link->isLinkToObject = false; $link->isLinkToUrl = true; $link->url = $this->getRequestVar('name'); } @@ -305,12 +311,12 @@ class FolderAction extends ObjectAction $this->addNotice('link',$link->name,'ADDED','ok'); $this->setTemplateVar('objectid',$link->objectid); } - else - { - $this->addValidationError('name'); - $this->callSubAction('createlink'); - return; - } + else + { + $this->addValidationError('name'); + $this->callSubAction('createlink'); + return; + } $this->folder->setTimestamp(); } @@ -338,12 +344,12 @@ class FolderAction extends ObjectAction $this->addNotice('page',$page->name,'ADDED','ok'); $this->setTemplateVar('objectid',$page->objectid); } - else - { - $this->addValidationError('name'); - $this->callSubAction('createpage'); - return; - } + else + { + $this->addValidationError('name'); + $this->callSubAction('createpage'); + return; + } $this->folder->setTimestamp(); } @@ -359,15 +365,15 @@ class FolderAction extends ObjectAction // Ordnereigenschaften speichern if ( $this->getRequestVar('name') != '' ) $this->folder->name = $this->getRequestVar('name' ,'full'); - elseif ($this->getRequestVar('filename') != '' ) - $this->folder->name = $this->getRequestVar('filename',OR_FILTER_ALPHANUM); - else - { - $this->addValidationError('name'); - $this->addValidationError('filename'); - //$this->callSubAction('prop'); - return; - } + elseif ($this->getRequestVar('filename') != '' ) + $this->folder->name = $this->getRequestVar('filename',OR_FILTER_ALPHANUM); + else + { + $this->addValidationError('name'); + $this->addValidationError('filename'); + //$this->callSubAction('prop'); + return; + } $this->folder->filename = $this->getRequestVar('filename' ,OR_FILTER_ALPHANUM); $this->folder->desc = $this->getRequestVar('description','full' ); @@ -765,14 +771,14 @@ class FolderAction extends ObjectAction break; default: - Http::serverError('Internal Error while deleting: What type to delete?'); + Http::serverError('Internal Error while deleting: What type to delete?'); } $this->addNotice($o->getType(),$o->name,'DELETED',OR_NOTICE_OK); } - else - { + else + { $this->addNotice($o->getType(),$o->name,'NOTHING_DONE',OR_NOTICE_WARN); - } + } break; @@ -906,17 +912,17 @@ class FolderAction extends ObjectAction function createView() { - // Maximale Dateigroesse. - $maxSizeBytes = $this->maxFileSize(); - $this->setTemplateVar('max_size' ,($maxSizeBytes/1024).' KB' ); - $this->setTemplateVar('maxlength',$maxSizeBytes ); - - $all_templates = Template::getAll(); - $this->setTemplateVar('templates' ,$all_templates ); - - if ( count($all_templates) == 0 ) - $this->addNotice('folder',$this->folder->name,'NO_TEMPLATES_AVAILABLE',OR_NOTICE_WARN); - + // Maximale Dateigroesse. + $maxSizeBytes = $this->maxFileSize(); + $this->setTemplateVar('max_size' ,($maxSizeBytes/1024).' KB' ); + $this->setTemplateVar('maxlength',$maxSizeBytes ); + + $all_templates = Template::getAll(); + $this->setTemplateVar('templates' ,$all_templates ); + + if ( count($all_templates) == 0 ) + $this->addNotice('folder',$this->folder->name,'NO_TEMPLATES_AVAILABLE',OR_NOTICE_WARN); + $this->setTemplateVar('objectid' ,$this->folder->objectid ); } @@ -928,83 +934,83 @@ class FolderAction extends ObjectAction } - - /** - * Ermittelt die maximale Gr��e einer hochzuladenden Datei.<br> - * Der Wert wird aus der PHP- und OpenRat-Konfiguration ermittelt.<br> - * - * @return Integer maximale Dateigroesse in Bytes - */ + + /** + * Ermittelt die maximale Gr��e einer hochzuladenden Datei.<br> + * Der Wert wird aus der PHP- und OpenRat-Konfiguration ermittelt.<br> + * + * @return Integer maximale Dateigroesse in Bytes + */ private function maxFileSize() - { - global $conf; - - // When querying memory size values: - // Many ini memory size values, such as upload_max_filesize, - // are stored in the php.ini file in shorthand notation. - // ini_get() will return the exact string stored in the php.ini file - // and NOT its integer equivalent. - $sizes = array(10*1024*1024*1024); // Init with 10GB enough? :) - - foreach( array('upload_max_filesize','post_max_size','memory_limit') as $var ) - { - $v = $this->stringToBytes(ini_get($var)); - - if ($v > 0 ) - $sizes[] = $v; + { + global $conf; + + // When querying memory size values: + // Many ini memory size values, such as upload_max_filesize, + // are stored in the php.ini file in shorthand notation. + // ini_get() will return the exact string stored in the php.ini file + // and NOT its integer equivalent. + $sizes = array(10*1024*1024*1024); // Init with 10GB enough? :) + + foreach( array('upload_max_filesize','post_max_size','memory_limit') as $var ) + { + $v = $this->stringToBytes(ini_get($var)); + + if ($v > 0 ) + $sizes[] = $v; } - - $confMaxSize = intval($conf['content']['file']['max_file_size'])*1024; - if ( $confMaxSize > 0 ) - $sizes[] = $confMaxSize; - + + $confMaxSize = intval($conf['content']['file']['max_file_size'])*1024; + if ( $confMaxSize > 0 ) + $sizes[] = $confMaxSize; + return min($sizes); } - - - /** - * Hochladen einer Datei. - * - */ + + + /** + * Hochladen einer Datei. + * + */ function createfileView() - { - // Maximale Dateigroesse. - $maxSizeBytes = $this->maxFileSize(); - $this->setTemplateVar('max_size' ,($maxSizeBytes/1024).' KB' ); - $this->setTemplateVar('maxlength',$maxSizeBytes ); + { + // Maximale Dateigroesse. + $maxSizeBytes = $this->maxFileSize(); + $this->setTemplateVar('max_size' ,($maxSizeBytes/1024).' KB' ); + $this->setTemplateVar('maxlength',$maxSizeBytes ); $this->setTemplateVar('objectid',$this->folder->objectid ); } - - - /** - * Umwandlung von abgek�rzten Bytewerten ("Shorthand Notation") wie - * "4M" oder "500K" in eine ganzzahlige Byteanzahl.<br> - * <br> - * Quelle: http://de.php.net/manual/de/function.ini-get.php - * - * @param String Abgek�rzter Bytewert - * @return Integer Byteanzahl - */ - function stringToBytes($val) - { - $val = trim($val); - $last = strtolower($val{strlen($val)-1}); - // Achtung: Der Trick ist das "Fallthrough", kein "break" vorhanden! - switch($last) - { - // The 'G' modifier is available since PHP 5.1.0 - case 'g': - $val *= 1024; - case 'm': - $val *= 1024; - case 'k': - $val *= 1024; - } - - return intval($val); - } - + + + /** + * Umwandlung von abgek�rzten Bytewerten ("Shorthand Notation") wie + * "4M" oder "500K" in eine ganzzahlige Byteanzahl.<br> + * <br> + * Quelle: http://de.php.net/manual/de/function.ini-get.php + * + * @param String Abgek�rzter Bytewert + * @return Integer Byteanzahl + */ + function stringToBytes($val) + { + $val = trim($val); + $last = strtolower($val{strlen($val)-1}); + // Achtung: Der Trick ist das "Fallthrough", kein "break" vorhanden! + switch($last) + { + // The 'G' modifier is available since PHP 5.1.0 + case 'g': + $val *= 1024; + case 'm': + $val *= 1024; + case 'k': + $val *= 1024; + } + + return intval($val); + } + function createlinkView() @@ -1018,9 +1024,9 @@ class FolderAction extends ObjectAction $all_templates = Template::getAll(); $this->setTemplateVar('templates' ,$all_templates ); $this->setTemplateVar('objectid' ,$this->folder->objectid ); - - if ( count($all_templates) == 0 ) - $this->addNotice('folder',$this->folder->name,'NO_TEMPLATES_AVAILABLE',OR_NOTICE_WARN); + + if ( count($all_templates) == 0 ) + $this->addNotice('folder',$this->folder->name,'NO_TEMPLATES_AVAILABLE',OR_NOTICE_WARN); } @@ -1422,7 +1428,7 @@ class FolderAction extends ObjectAction //$this->setTemplateVar('clean' ,$this->folder->isRoot ); // Gefaehrliche Option, da dies bestehende Dateien, die evtl. nicht zum CMS gehören, überschreibt. - // Daher deaktiviert. + // Daher deaktiviert. $this->setTemplateVar('clean' ,false ); } @@ -1442,15 +1448,15 @@ class FolderAction extends ObjectAction $this->folder->publish = &$publish; $this->folder->publish( $pages,$files,$subdirs ); $this->folder->publish->close(); - + $list = array(); foreach( $publish->publishedObjects as $o ) $list[] = $o['full_filename']; - - if ( !$publish->ok ) - $this->addNotice('folder',$this->folder->name,'PUBLISHED_ERROR',OR_NOTICE_ERROR,array(),$publish->log); - else - $this->addNotice('folder',$this->folder->name,'PUBLISHED',OR_NOTICE_OK,array(),$list); + + if ( !$publish->ok ) + $this->addNotice('folder',$this->folder->name,'PUBLISHED_ERROR',OR_NOTICE_ERROR,array(),$publish->log); + else + $this->addNotice('folder',$this->folder->name,'PUBLISHED',OR_NOTICE_OK,array(),$list); // Wenn gewuenscht, das Zielverzeichnis aufraeumen if ( $this->hasRequestVar('clean') ) diff --git a/action/GroupAction.class.php b/action/GroupAction.class.php @@ -1,4 +1,7 @@ <?php + +namespace cms\action; + use cms\model\Acl; use cms\model\User; use cms\model\Project; @@ -6,6 +9,7 @@ use cms\model\Group; use cms\model\Object; use cms\model\Language; +use \Html; // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de // @@ -25,7 +29,7 @@ use cms\model\Language; /** - * Action-Klasse zum Bearbeiten einer Benutzergruppe. + * Action-Klasse zum Bearbeiten einer Benutzergruppe. * * @author $Author$ * @version $Revision$ @@ -39,7 +43,7 @@ class GroupAction extends Action private $group; - function GroupAction() + function __construct() { $this->group = new Group( $this->getRequestId() ); $this->group->load(); @@ -72,63 +76,63 @@ class GroupAction extends Action function editPost() - { - if ( $this->getRequestVar('name') != '' ) - { + { + if ( $this->getRequestVar('name') != '' ) + { $this->group->name = $this->getRequestVar('name'); $this->group->save(); $this->addNotice('group',$this->group->name,'SAVED','ok'); } - else - { - $this->addValidationError('name'); - $this->callSubAction('edit'); - } + else + { + $this->addValidationError('name'); + $this->callSubAction('edit'); + } } function adduser() { - $this->setTemplateVar('users',$this->group->getOtherUsers()); + $this->setTemplateVar('users',$this->group->getOtherUsers()); } - - /** - * Benutzer zur Gruppe hinzuf�gen.<br> - * Es kann eine Liste oder eine einzelne Person zur Gruppe hinzugef�gt werden. + + /** + * Benutzer zur Gruppe hinzuf�gen.<br> + * Es kann eine Liste oder eine einzelne Person zur Gruppe hinzugef�gt werden. */ function addusertogroup() { - $userid = $this->getRequestVar('userid'); - - if ( is_array($userid)) - { - // Im Request steht eine Liste von User-Ids. - foreach( $userid as $uid ) + $userid = $this->getRequestVar('userid'); + + if ( is_array($userid)) + { + // Im Request steht eine Liste von User-Ids. + foreach( $userid as $uid ) { $this->group->addUser( $uid ); - } - $this->addNotice('group',$this->group->name,'USER_ADDED_TO_GROUP',OR_NOTICE_OK,array('count'=>count($userid))); - } - elseif( intval($userid) > 0 ) - { - // Nur 1 Benutzer hinzuf�gen. + } + $this->addNotice('group',$this->group->name,'USER_ADDED_TO_GROUP',OR_NOTICE_OK,array('count'=>count($userid))); + } + elseif( intval($userid) > 0 ) + { + // Nur 1 Benutzer hinzuf�gen. $this->group->addUser( intval($userid) ); - $this->addNotice('group',$this->group->name,'USER_ADDED_TO_GROUP',OK_NOTICE_OK,array('count'=>'1')); + $this->addNotice('group',$this->group->name,'USER_ADDED_TO_GROUP',OK_NOTICE_OK,array('count'=>'1')); } - else - { - // Es wurde kein Benutzer ausgew�hlt. - $this->addNotice('group',$this->group->name,'NOTHING_DONE',OR_NOTICE_WARN); + else + { + // Es wurde kein Benutzer ausgew�hlt. + $this->addNotice('group',$this->group->name,'NOTHING_DONE',OR_NOTICE_WARN); } } - - - /** - * Einen Benutzer aus der Gruppe entfernen. + + + /** + * Einen Benutzer aus der Gruppe entfernen. */ function deluser() { @@ -138,9 +142,9 @@ class GroupAction extends Action } - - /** - * Liste aller Gruppen. + + /** + * Liste aller Gruppen. */ function listingView() { @@ -162,27 +166,27 @@ class GroupAction extends Action $this->setTemplateVars( $this->group->getProperties() ); } - - - - - - /** - * Liste aller Benutzer in dieser Gruppe. - * + + + + + + /** + * Liste aller Benutzer in dieser Gruppe. + * */ function membershipsView() { // Mitgliedschaften ermitteln - // - $userliste = array(); + // + $userliste = array(); $allUsers = User::listAll(); $actualGroupUsers = $this->group->getUsers(); - foreach( $allUsers as $id=>$name ) - { + foreach( $allUsers as $id=>$name ) + { $hasUser = array_key_exists($id,$actualGroupUsers); $varName = 'user'.$id; $userliste[$id] = array('name' => $name, @@ -221,7 +225,7 @@ class GroupAction extends Action $this->addNotice('user',$name,'DELETED'); } } - } + } @@ -287,31 +291,31 @@ class GroupAction extends Action $this->setTemplateVar('show',Acl::getAvailableRights() ); } - - - - /** - * Men�. - * - * @param String $menu Men�eintrag. - * @return boolean TRUE, wenn Men�eintrag aktiv ist. - */ - function checkMenu( $menu ) - { - switch( $menu ) - { + + + + /** + * Men�. + * + * @param String $menu Men�eintrag. + * @return boolean TRUE, wenn Men�eintrag aktiv ist. + */ + function checkMenu( $menu ) + { + switch( $menu ) + { case 'remove': case 'add': return !readonly(); - case 'users': + case 'users': return true; - case 'adduser': - // Benutzer k�nnen nur hinzugef�gt werden, wenn noch nicht alle - // in der Gruppe sind. - return !readonly() && count($this->group->getOtherUsers()) > 0; - default: - return true; - } + case 'adduser': + // Benutzer k�nnen nur hinzugef�gt werden, wenn noch nicht alle + // in der Gruppe sind. + return !readonly() && count($this->group->getOtherUsers()) > 0; + default: + return true; + } } } \ No newline at end of file diff --git a/action/GrouplistAction.class.php b/action/GrouplistAction.class.php @@ -1,6 +1,8 @@ <?php -use cms\model\Group; +namespace cms\action; + +use cms\model\Group; // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de // @@ -20,7 +22,7 @@ use cms\model\Group; /** - * Action-Klasse zum Bearbeiten einer Benutzergruppe. + * Action-Klasse zum Bearbeiten einer Benutzergruppe. * * @author $Author$ * @version $Revision$ @@ -31,13 +33,13 @@ class GrouplistAction extends Action { public $security = SECURITY_ADMIN; - function GrouplistAction() + function __construct() { } - - /** - * Liste aller Gruppen. + + /** + * Liste aller Gruppen. */ function showView() { @@ -85,5 +87,5 @@ class GrouplistAction extends Action - + } \ No newline at end of file diff --git a/action/IndexAction.class.php b/action/IndexAction.class.php @@ -1,5 +1,16 @@ <?php + +namespace cms\action; + +use \Auth; use cms\model\User; +use Exception; +use JSqueeze; +use Less_Parser; +use Logger; +use ObjectNotFoundException; +use Session; + // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de @@ -33,7 +44,7 @@ class IndexAction extends Action /** * Konstruktor */ - function IndexAction() + function __construct() { $this->perspective = Session::get('perspective'); diff --git a/action/LanguageAction.class.php b/action/LanguageAction.class.php @@ -1,6 +1,10 @@ <?php -use cms\model\Language; +namespace cms\action; + +use cms\model\Language; +use Session; +use \Html; // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de // @@ -42,7 +46,7 @@ class LanguageAction extends Action /** * Konstruktor */ - function LanguageAction() + function __construct() { $this->language = new Language( $this->getRequestId() ); $this->language->load(); diff --git a/action/LanguagelistAction.class.php b/action/LanguagelistAction.class.php @@ -1,6 +1,14 @@ <?php + +namespace cms\action; + use cms\model\Language; + + +use Session; +use \Html; + // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de // @@ -33,7 +41,7 @@ class LanguagelistAction extends Action /** * Konstruktor */ - function LanguagelistAction() + function __construct() { $this->project = Session::getProject(); } diff --git a/action/LinkAction.class.php b/action/LinkAction.class.php @@ -1,7 +1,16 @@ <?php + +namespace cms\action; + use cms\model\Folder; use cms\model\Link; + + + + +use Session; + // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de // @@ -36,7 +45,7 @@ class LinkAction extends ObjectAction /** * Konstruktor */ - function LinkAction() + function __construct() { $this->link = new Link( $this->getRequestId() ); $this->link->load(); diff --git a/action/LoginAction.class.php b/action/LoginAction.class.php @@ -1,5 +1,8 @@ <?php +namespace cms\action; + + use cms\model\User; use cms\model\Project; use cms\model\Group; @@ -11,6 +14,19 @@ use cms\model\Language; use cms\model\Model; +use DB; +use DbUpdate; +use Http; +use InternalAuth; +use Logger; +use ObjectNotFoundException; +use Password; +use Session; +use \Html; +use \Mail; +use \Text; + + // OpenRat Content Management System // Copyright (C) 2002-2007 Jan Dankert, jandankert@jandankert.de // @@ -111,13 +127,13 @@ class LoginAction extends Action unset( $SESS['user'] ); - $db = db_connection(); - - if ( !is_object($db) ) - { - $this->addNotice('database','','DATABASE_CONNECTION_ERROR',OR_NOTICE_ERROR,array(),array('no connection')); - //$this->callSubAction('showlogin'); - return false; + $db = db_connection(); + + if ( !is_object($db) ) + { + $this->addNotice('database','','DATABASE_CONNECTION_ERROR',OR_NOTICE_ERROR,array(),array('no connection')); + //$this->callSubAction('showlogin'); + return false; } if ( !$db->available ) @@ -132,28 +148,28 @@ class LoginAction extends Action $user = new User(); $user->name = $name; - $ok = $user->checkPassword( $pw ); + $ok = $user->checkPassword( $pw ); $mustChangePassword = $user->mustChangePassword; if ( $mustChangePassword ) { // Der Benutzer hat zwar ein richtiges Kennwort eingegeben, aber dieses ist abgelaufen. - // Wir versuchen hier, das neue zu setzen (sofern eingegeben). - if ( empty($pw1) ) - { + // Wir versuchen hier, das neue zu setzen (sofern eingegeben). + if ( empty($pw1) ) + { } - elseif ( $pw1 != $pw2 ) - { - $this->addValidationError('password1','PASSWORDS_DO_NOT_MATCH'); + elseif ( $pw1 != $pw2 ) + { + $this->addValidationError('password1','PASSWORDS_DO_NOT_MATCH'); $this->addValidationError('password2',''); } elseif ( strlen($pw2) < $conf['security']['password']['min_length'] ) - { - $this->addValidationError('password1','PASSWORD_MINLENGTH',array('minlength'=>$conf['security']['password']['min_length'])); - $this->addValidationError('password2',''); - } - else + { + $this->addValidationError('password1','PASSWORD_MINLENGTH',array('minlength'=>$conf['security']['password']['min_length'])); + $this->addValidationError('password2',''); + } + else { // Kennw?rter identisch und lang genug. $user->setPassword( $pw1,true ); @@ -162,8 +178,8 @@ class LoginAction extends Action $ok = true; $mustChangePassword = false; - $pw = $pw1; - } + $pw = $pw1; + } } // Falls Login erfolgreich @@ -372,25 +388,25 @@ class LoginAction extends Action $this->setTemplateVar('register' ,$conf['login' ]['register' ]); $this->setTemplateVar('send_password',$conf['login' ]['send_password']); - // Versuchen, einen Benutzernamen zu ermitteln, der im Eingabeformular vorausgewählt wird. - $modules = explode(',',$conf['security']['modules']['preselect']); - - $username = ''; - foreach( $modules as $module) - { + // Versuchen, einen Benutzernamen zu ermitteln, der im Eingabeformular vorausgewählt wird. + $modules = explode(',',$conf['security']['modules']['preselect']); + + $username = ''; + foreach( $modules as $module) + { Logger::debug('Preselecting module: '.$module); - $moduleClass = $module.'Auth'; - $auth = new $moduleClass; - $username = $auth->username(); - + $moduleClass = $module.'Auth'; + $auth = new $moduleClass; + $username = $auth->username(); + if ( !empty($username) ) { - Logger::debug('Preselecting User '.$username); + Logger::debug('Preselecting User '.$username); break; // Benutzername gefunden. - } - } - - $this->setTemplateVar('login_name',$username); + } + } + + $this->setTemplateVar('login_name',$username); } @@ -467,14 +483,14 @@ class LoginAction extends Action // Projekte ermitteln $projects = $user->projects; - $list = array(); + $list = array(); foreach( $projects as $id=>$name ) { $p = array(); $p['url' ] = Html::url('index','project',$id); - $p['name'] = $name; - $p['id' ] = $id; + $p['name'] = $name; + $p['id' ] = $id; $tmpProject = new Project( $id ); $p['defaultmodelid' ] = $tmpProject->getDefaultModelId(); @@ -485,19 +501,19 @@ class LoginAction extends Action $list[] = $p; } - $this->setTemplateVar('projects',$list); - - if ( empty($list) ) - { - // Kein Projekt vorhanden. Eine Hinweismeldung ausgeben. - if ( $this->userIsAdmin() ) - // Administratoren bekommen bescheid, dass sie ein Projekt anlegen sollen - $this->addNotice('','','ADMIN_NO_PROJECTS_AVAILABLE',OR_NOTICE_WARN); - else - // Normale Benutzer erhalten eine Meldung, dass kein Projekt zur Verf?gung steht - $this->addNotice('','','NO_PROJECTS_AVAILABLE',OR_NOTICE_WARN); - } - + $this->setTemplateVar('projects',$list); + + if ( empty($list) ) + { + // Kein Projekt vorhanden. Eine Hinweismeldung ausgeben. + if ( $this->userIsAdmin() ) + // Administratoren bekommen bescheid, dass sie ein Projekt anlegen sollen + $this->addNotice('','','ADMIN_NO_PROJECTS_AVAILABLE',OR_NOTICE_WARN); + else + // Normale Benutzer erhalten eine Meldung, dass kein Projekt zur Verf?gung steht + $this->addNotice('','','NO_PROJECTS_AVAILABLE',OR_NOTICE_WARN); + } + $this->metaValues(); } @@ -513,23 +529,23 @@ class LoginAction extends Action // Diese Seite gilt pro Sitzung. $user = Session::getUser(); $userGroups = $user->getGroups(); - $this->lastModified( $user->loginDate ); + $this->lastModified( $user->loginDate ); - // Applikationen ermitteln + // Applikationen ermitteln $list = array(); foreach( $conf['applications'] as $id=>$app ) { if ( !is_array($app) ) continue; - if ( isset($app['group']) ) - if ( !in_array($app['group'],$userGroups) ) - continue; // Keine Berechtigung, da Benutzer nicht in Gruppe vorhanden. - + if ( isset($app['group']) ) + if ( !in_array($app['group'],$userGroups) ) + continue; // Keine Berechtigung, da Benutzer nicht in Gruppe vorhanden. + $p = array(); - $p['url'] = $app['url']; - $p['description'] = @$app['description']; - if ( isset($app['param']) ) + $p['url'] = $app['url']; + $p['description'] = @$app['description']; + if ( isset($app['param']) ) { $p['url'] .= strpos($p['url'],'?')!==false?'&':'?'; $p['url'] .= $app['param'].'='.session_id(); @@ -538,136 +554,136 @@ class LoginAction extends Action $list[] = $p; } - - - $this->metaValues(); + + + $this->metaValues(); $this->setTemplateVar('applications',$list); } - - - - /** - * Ermittelt Meta-Angaben f?r den HTML-Kopf.<br> - * Falls der Browser die Meta-Angaben entsprechend auswertet, k?nnen ?ber feste Browser-Men?s - die Projekt direkt ausgew?hlt werden. - */ - function metaValues() - { - global $conf; - $metaList = array(); - - $user = Session::getUser(); - if ( is_object($user) ) - { - // Projekte ermitteln - $projects = $user->projects; - foreach( $projects as $id=>$name ) - { - $metaList[] = array('name' => 'chapter', - 'url' => Html::url('index','project',$id), - 'title'=> $name ); - } - - if ( $this->userIsAdmin() ) - { - $metaList[] = array('name' => 'appendix', - 'url' => Html::url('index','projectmenu',0 ), - 'title'=> lang('MENU_TREETITLE_ADMINISTRATION' ) ); - - $metaList[] = array('name' => 'chapter', - 'url' => Html::url('index','administration',0), - 'title'=> lang('administration') ); - } - - // Applikationen ermitteln - foreach( $conf['applications'] as $id=>$app ) - { - if ( !is_array($app) ) - continue; - $appUrl = $app['url']; - if ( isset($app['param']) ) - { - $appUrl .= strpos($appUrl,'?')!==false?'&':'?'; - $appUrl .= $app['param'].'='.session_id(); - } - - $metaList[] = array('name' => 'bookmark', - 'url' => $appUrl , - 'title'=> $app['name'] ); - } - } - - $project = Session::getProject(); - if ( is_object($project) && $project->projectid > 0 ) - { - $languages =$project->getLanguages(); - - foreach( $project->getModels() as $modelid=>$modelname ) - { - foreach( $languages as $languageid=>$languagename ) - { - - $metaList[] = array('name' => 'subsection', - 'url' => Html::url('index', - 'project', - $project->projectid, - array('languageid'=>$languageid, - 'modelid' =>$modelid) ), - 'title'=> $modelname.' - '.$languagename - ); - } - } - } - - $metaList[] = array('name' => 'author', - 'url' => $conf['login']['logo']['url'], - 'title'=> $conf['login']['logo']['url'] ); - - $metaList[] = array('name' => 'top', - 'url' => Html::url('index','logout',0 ), - 'title'=> 'Start' ); - - $metaList[] = array('name' => 'contents', - 'url' => Html::url('index','projectmenu',0 ), - 'title'=> lang('MENU_TREETITLE_PROJECTMENU' ) ); - - - $this->setTemplateVar('metaList',$metaList); + + + + /** + * Ermittelt Meta-Angaben f?r den HTML-Kopf.<br> + * Falls der Browser die Meta-Angaben entsprechend auswertet, k?nnen ?ber feste Browser-Men?s + die Projekt direkt ausgew?hlt werden. + */ + function metaValues() + { + global $conf; + $metaList = array(); + + $user = Session::getUser(); + if ( is_object($user) ) + { + // Projekte ermitteln + $projects = $user->projects; + foreach( $projects as $id=>$name ) + { + $metaList[] = array('name' => 'chapter', + 'url' => Html::url('index','project',$id), + 'title'=> $name ); + } + + if ( $this->userIsAdmin() ) + { + $metaList[] = array('name' => 'appendix', + 'url' => Html::url('index','projectmenu',0 ), + 'title'=> lang('MENU_TREETITLE_ADMINISTRATION' ) ); + + $metaList[] = array('name' => 'chapter', + 'url' => Html::url('index','administration',0), + 'title'=> lang('administration') ); + } + + // Applikationen ermitteln + foreach( $conf['applications'] as $id=>$app ) + { + if ( !is_array($app) ) + continue; + $appUrl = $app['url']; + if ( isset($app['param']) ) + { + $appUrl .= strpos($appUrl,'?')!==false?'&':'?'; + $appUrl .= $app['param'].'='.session_id(); + } + + $metaList[] = array('name' => 'bookmark', + 'url' => $appUrl , + 'title'=> $app['name'] ); + } + } + + $project = Session::getProject(); + if ( is_object($project) && $project->projectid > 0 ) + { + $languages =$project->getLanguages(); + + foreach( $project->getModels() as $modelid=>$modelname ) + { + foreach( $languages as $languageid=>$languagename ) + { + + $metaList[] = array('name' => 'subsection', + 'url' => Html::url('index', + 'project', + $project->projectid, + array('languageid'=>$languageid, + 'modelid' =>$modelid) ), + 'title'=> $modelname.' - '.$languagename + ); + } + } + } + + $metaList[] = array('name' => 'author', + 'url' => $conf['login']['logo']['url'], + 'title'=> $conf['login']['logo']['url'] ); + + $metaList[] = array('name' => 'top', + 'url' => Html::url('index','logout',0 ), + 'title'=> 'Start' ); + + $metaList[] = array('name' => 'contents', + 'url' => Html::url('index','projectmenu',0 ), + 'title'=> lang('MENU_TREETITLE_PROJECTMENU' ) ); + + + $this->setTemplateVar('metaList',$metaList); } - - - - /** - * Open-Id Login, ?berpr?fen der Anmeldung.<br> - * Spezifikation: http://openid.net/specs/openid-authentication-1_1.html<br> - * Kapitel "4.4. check_authentication"<br> - * <br> - * Im 2. Schritt (Mode "id_res") erfolgte ein Redirect vom Open-Id Provider an OpenRat zur?ck.<br> - * Wir befinden uns nun im darauf folgenden Request des Browsers.<br> - * <br> - * Es muss noch beim OpenId-Provider die Best?tigung eingeholt werden, danach ist der - * Benutzer angemeldet.<br> + + + + /** + * Open-Id Login, ?berpr?fen der Anmeldung.<br> + * Spezifikation: http://openid.net/specs/openid-authentication-1_1.html<br> + * Kapitel "4.4. check_authentication"<br> + * <br> + * Im 2. Schritt (Mode "id_res") erfolgte ein Redirect vom Open-Id Provider an OpenRat zur?ck.<br> + * Wir befinden uns nun im darauf folgenden Request des Browsers.<br> + * <br> + * Es muss noch beim OpenId-Provider die Best?tigung eingeholt werden, danach ist der + * Benutzer angemeldet.<br> */ public function openidloginView() - { - global $conf; - $openId = Session::get('openid'); - - if ( !$openId->checkAuthentication() ) - { + { + global $conf; + $openId = Session::get('openid'); + + if ( !$openId->checkAuthentication() ) + { Http::notAuthorized('OpenId-Login failed' ); die(); $this->addNotice('user',$openId->user,'LOGIN_OPENID_FAILED',OR_NOTICE_ERROR,array('name'=>$openId->user),array($openId->error) ); - $this->addValidationError('openid_url',''); - $this->callSubAction('showlogin'); - return; + $this->addValidationError('openid_url',''); + $this->callSubAction('showlogin'); + return; } - //Html::debug($openId); - - // Anmeldung wurde mit "is_valid:true" best?tigt. + //Html::debug($openId); + + // Anmeldung wurde mit "is_valid:true" best?tigt. // Der Benutzer ist jetzt eingeloggt. - $username = $openId->getUserFromIdentiy(); + $username = $openId->getUserFromIdentiy(); Logger::debug("OpenId-Login successful for $username"); @@ -678,46 +694,46 @@ class LoginAction extends Action die(); $this->addNotice('user',$username,'LOGIN_OPENID_FAILED','error',array('name'=>$username) ); $this->addValidationError('openid_url',''); - $this->callSubAction('showlogin'); + $this->callSubAction('showlogin'); return; } - - $user = User::loadWithName( $username ); - - if ( $user->userid <=0) - { - // Benutzer ist (noch) nicht vorhanden. - if ( $conf['security']['openid']['add']) // Anlegen? - { - $user->name = $username; - $user->add(); - - $user->mail = @$openId->info['email']; - $user->fullname = @$openId->info['fullname']; - $user->save(); // Um E-Mail zu speichern (wird bei add() nicht gemacht) - } + + $user = User::loadWithName( $username ); + + if ( $user->userid <=0) + { + // Benutzer ist (noch) nicht vorhanden. + if ( $conf['security']['openid']['add']) // Anlegen? + { + $user->name = $username; + $user->add(); + + $user->mail = @$openId->info['email']; + $user->fullname = @$openId->info['fullname']; + $user->save(); // Um E-Mail zu speichern (wird bei add() nicht gemacht) + } else - { + { Logger::debug("OpenId-Login failed for $username"); // Benutzer ist nicht in Benutzertabelle vorhanden (und angelegt werden soll er auch nicht). Http::notAuthorized('user',$username,'LOGIN_OPENID_FAILED','error',array('name'=>$username) ); die(); - - $this->addNotice('user',$username,'LOGIN_OPENID_FAILED','error',array('name'=>$username) ); - $this->addValidationError('openid_url',''); - return; - } - } - else - { - // Benutzer ist bereits vorhanden. - if ( @$conf['security']['openid']['update_user']) - { - $user->fullname = @$openId->info['fullname']; - $user->mail = @$openId->info['email']; - $user->save(); - } - } + + $this->addNotice('user',$username,'LOGIN_OPENID_FAILED','error',array('name'=>$username) ); + $this->addValidationError('openid_url',''); + return; + } + } + else + { + // Benutzer ist bereits vorhanden. + if ( @$conf['security']['openid']['update_user']) + { + $user->fullname = @$openId->info['fullname']; + $user->mail = @$openId->info['email']; + $user->save(); + } + } Logger::info("User login successful: ".$username); $user->setCurrent(); // Benutzer ist jetzt in der Sitzung. @@ -729,11 +745,11 @@ class LoginAction extends Action Logger::debug("Redirecting to $server"); header('Location: '.slashify($server) ); exit(); - } - - - /** - * Login. + } + + + /** + * Login. */ function openidPost() { @@ -749,28 +765,28 @@ class LoginAction extends Action $loginName = $this->getRequestVar('login_name' ,OR_FILTER_ALPHANUM); $loginPassword = $this->getRequestVar('login_password',OR_FILTER_ALPHANUM); $newPassword1 = $this->getRequestVar('password1' ,OR_FILTER_ALPHANUM); - $newPassword2 = $this->getRequestVar('password2' ,OR_FILTER_ALPHANUM); + $newPassword2 = $this->getRequestVar('password2' ,OR_FILTER_ALPHANUM); // Cookie setzen setcookie('or_username',$loginName,time()+(60*60*24*30*12*2) ); - - // Login mit Open-Id. - if ( $this->hasRequestVar('openid_provider') && ($this->getRequestVar('openid_provider') != 'identity' || !empty($openid_user)) ) - { - $openId = new OpenId($this->getRequestVar('openid_provider'),$openid_user); - - if ( ! $openId->login() ) - { - $this->addNotice('user',$openid_user,'LOGIN_OPENID_FAILED','error',array('name'=>$openid_user),array($openId->error) ); - $this->addValidationError('openid_url',''); - $this->callSubAction('showlogin'); - return; + + // Login mit Open-Id. + if ( $this->hasRequestVar('openid_provider') && ($this->getRequestVar('openid_provider') != 'identity' || !empty($openid_user)) ) + { + $openId = new OpenId($this->getRequestVar('openid_provider'),$openid_user); + + if ( ! $openId->login() ) + { + $this->addNotice('user',$openid_user,'LOGIN_OPENID_FAILED','error',array('name'=>$openid_user),array($openId->error) ); + $this->addValidationError('openid_url',''); + $this->callSubAction('showlogin'); + return; } Session::set('openid',$openId); - $this->redirect( $openId->getRedirectUrl() ); - return; - } + $this->redirect( $openId->getRedirectUrl() ); + return; + } } @@ -819,9 +835,9 @@ class LoginAction extends Action } - /** + /** * Login. - * Zuerst wird die Datenbankverbindung aufgebaut und falls notwendig, aktualisiert. + * Zuerst wird die Datenbankverbindung aufgebaut und falls notwendig, aktualisiert. */ function loginPost() { @@ -834,18 +850,18 @@ class LoginAction extends Action if ( !is_array($conf['database'][$dbid]) ) $this->addValidationError('dbid'); - $db = new DB( $conf['database'][$dbid],true ); + $db = new DB( $conf['database'][$dbid],true ); $db->id = $dbid; - // Datenbank aktualisieren, sofern notwendig. + // Datenbank aktualisieren, sofern notwendig. require_once( OR_DBCLASSES_DIR.'DbUpdate.class.'.PHP_EXT ); - $updater = new DbUpdate(); + $updater = new DbUpdate(); $updater->update( $db ); - - unset($db); - } - - $this->checkForDb(); + + unset($db); + } + + $this->checkForDb(); Session::setUser(''); // Altes Login entfernen. @@ -856,14 +872,14 @@ class LoginAction extends Action $loginPassword = $this->getRequestVar('login_password',OR_FILTER_ALPHANUM); $newPassword1 = $this->getRequestVar('password1' ,OR_FILTER_ALPHANUM); $newPassword2 = $this->getRequestVar('password2' ,OR_FILTER_ALPHANUM); - $token = $this->getRequestVar('user_token' ,OR_FILTER_ALPHANUM); + $token = $this->getRequestVar('user_token' ,OR_FILTER_ALPHANUM); - // Der Benutzer hat zwar ein richtiges Kennwort eingegeben, aber dieses ist abgelaufen. - // Wir versuchen hier, das neue zu setzen (sofern eingegeben). - if ( empty($newPassword1) ) + // Der Benutzer hat zwar ein richtiges Kennwort eingegeben, aber dieses ist abgelaufen. + // Wir versuchen hier, das neue zu setzen (sofern eingegeben). + if ( empty($newPassword1) ) { // Kein neues Kennwort, - // nichts zu tun... + // nichts zu tun... } else { @@ -872,56 +888,56 @@ class LoginAction extends Action if ( $auth->login($loginName, $loginPassword) || $auth->mustChangePassword ) { if ( $newPassword1 != $newPassword2 ) - { - $this->addValidationError('password1','PASSWORDS_DO_NOT_MATCH'); - $this->addValidationError('password2',''); - return; + { + $this->addValidationError('password1','PASSWORDS_DO_NOT_MATCH'); + $this->addValidationError('password2',''); + return; } - elseif ( strlen($newPassword1) < $conf['security']['password']['min_length'] ) - { - $this->addValidationError('password1','PASSWORD_MINLENGTH',array('minlength'=>$conf['security']['password']['min_length'])); - $this->addValidationError('password2',''); + elseif ( strlen($newPassword1) < $conf['security']['password']['min_length'] ) + { + $this->addValidationError('password1','PASSWORD_MINLENGTH',array('minlength'=>$conf['security']['password']['min_length'])); + $this->addValidationError('password2',''); return; - } - else - { + } + else + { // Kennwoerter identisch und lang genug. - $user = User::loadWithName($loginName); + $user = User::loadWithName($loginName); $user->setPassword( $newPassword1,true ); // Das neue gesetzte Kennwort für die weitere Authentifizierung benutzen. - $loginPassword = $newPassword1; - } + $loginPassword = $newPassword1; + } } else { - // Anmeldung gescheitert. - $this->addNotice('user',$loginName,'LOGIN_FAILED','error',array('name'=>$loginName) ); - $this->addValidationError('login_name' ,''); - $this->addValidationError('login_password',''); + // Anmeldung gescheitert. + $this->addNotice('user',$loginName,'LOGIN_FAILED','error',array('name'=>$loginName) ); + $this->addValidationError('login_name' ,''); + $this->addValidationError('login_password',''); return; } - } + } // Cookie setzen $cookieLifetime = 60*60*24*30*12*2; // 2 Jahre. setcookie('or_username',$loginName ,time()+$cookieLifetime ); setcookie('or_dbid' ,$this->getRequestVar('dbid'),time()+$cookieLifetime ); - // Authentifzierungs-Module. - $modules = explode(',',$conf['security']['modules']['authenticate']); - + // Authentifzierungs-Module. + $modules = explode(',',$conf['security']['modules']['authenticate']); + $loginOk = false; $mustChangePassword = false; $tokenFailed = false; $groups = null; $lastModule = null; - // Jedes Authentifizierungsmodul durchlaufen, bis ein Login erfolgreich ist. - foreach( $modules as $module) - { - $moduleClass = $module.'Auth'; - $auth = new $moduleClass; + // Jedes Authentifizierungsmodul durchlaufen, bis ein Login erfolgreich ist. + foreach( $modules as $module) + { + $moduleClass = $module.'Auth'; + $auth = new $moduleClass; Logger::info('Trying to login with module '.$moduleClass); $loginStatus = $auth->login( $loginName,$loginPassword, $token ); $loginOk = $loginStatus === true || $loginStatus === OR_AUTH_STATUS_SUCCESS; @@ -929,19 +945,19 @@ class LoginAction extends Action if ( $loginStatus === OR_AUTH_STATUS_PW_EXPIRED ) $mustChangePassword = true; if ( $loginStatus === OR_AUTH_STATUS_TOKEN_NEEDED ) - $tokenFailed = true; - + $tokenFailed = true; + if ( $loginOk ) { Logger::info('Login successful for '.$loginName); $lastModule = $module; - + if ( isset($auth->groups ) ) $groups = $auth->groups; - break; // Login erfolgreich, erstes Modul gewinnt. - } - } + break; // Login erfolgreich, erstes Modul gewinnt. + } + } /* $loginOk = $this->checkLogin( $loginName, @@ -997,33 +1013,33 @@ class LoginAction extends Action { // Anmeldung nicht erfolgreich - Logger::debug("Login failed for user '$loginName' from IP $ip"); + Logger::debug("Login failed for user '$loginName' from IP $ip"); - if ( $tokenFailed ) + if ( $tokenFailed ) { - // Token falsch. - $this->addNotice('user',$loginName,'LOGIN_FAILED_TOKEN_FAILED','error' ); - $this->addValidationError('user_token',''); + // Token falsch. + $this->addNotice('user',$loginName,'LOGIN_FAILED_TOKEN_FAILED','error' ); + $this->addValidationError('user_token',''); } - elseif ( $mustChangePassword ) + elseif ( $mustChangePassword ) { - // Anmeldung gescheitert, Benutzer muss Kennwort ?ndern. - $this->addNotice('user',$loginName,'LOGIN_FAILED_MUSTCHANGEPASSWORD','error' ); - $this->addValidationError('password1',''); - $this->addValidationError('password2',''); + // Anmeldung gescheitert, Benutzer muss Kennwort ?ndern. + $this->addNotice('user',$loginName,'LOGIN_FAILED_MUSTCHANGEPASSWORD','error' ); + $this->addValidationError('password1',''); + $this->addValidationError('password2',''); } else - { - // Anmeldung gescheitert. - $this->addNotice('user',$loginName,'LOGIN_FAILED','error',array('name'=>$loginName) ); + { + // Anmeldung gescheitert. + $this->addNotice('user',$loginName,'LOGIN_FAILED','error',array('name'=>$loginName) ); $this->addValidationError('login_name' ,''); $this->addValidationError('login_password',''); } - + //$this->callSubAction('login'); - return; - } + return; + } else { @@ -1031,46 +1047,46 @@ class LoginAction extends Action $this->checkGroups( $user, $groups ); - if ( $this->hasRequestVar('remember') ) - { - // Cookie setzen + if ( $this->hasRequestVar('remember') ) + { + // Cookie setzen setcookie('or_username',$user->name ,time()+(60*60*24*30*12*2) ); - setcookie('or_token' ,$user->loginToken(),time()+(60*60*24*30*12*2) ); - } - + setcookie('or_token' ,$user->loginToken(),time()+(60*60*24*30*12*2) ); + } + // Anmeldung erfolgreich. if ( config('security','renew_session_login') ) $this->recreateSession(); - + $this->addNotice('user',$user->name,'LOGIN_OK',OR_NOTICE_OK,array('name'=>$user->fullname)); - $this->setStyle( $user->style ); - - $this->evaluateRequestVars(); - - $object = Session::getObject(); - // Falls noch kein Objekt ausgewaehlt, dann das zuletzt ge?nderte benutzen. + $this->setStyle( $user->style ); + + $this->evaluateRequestVars(); + + $object = Session::getObject(); + // Falls noch kein Objekt ausgewaehlt, dann das zuletzt ge?nderte benutzen. if ( !is_object($object) && @$conf['login']['start']['start_lastchanged_object'] ) - { - $objectid = Value::getLastChangedObjectByUserId($user->userid); - if ( Object::available($objectid)) - { - $object = new Object($objectid); - $object->load(); - Session::setObject($object); - - $project = new Project( $object->projectid ); - $project->load(); - Session::setProject( $project ); - - $language = new Language( isset($vars[REQ_PARAM_LANGUAGE_ID])&&Language::available($vars[REQ_PARAM_LANGUAGE_ID])?$vars[REQ_PARAM_LANGUAGE_ID]:$project->getDefaultLanguageId() ); - $language->load(); - Session::setProjectLanguage( $language ); - - $model = new Model( isset($vars[REQ_PARAM_MODEL_ID])&&Model::available($vars[REQ_PARAM_MODEL_ID])?$vars[REQ_PARAM_MODEL_ID]:$project->getDefaultModelId() ); - $model->load(); - Session::setProjectModel( $model ); - } + { + $objectid = Value::getLastChangedObjectByUserId($user->userid); + if ( Object::available($objectid)) + { + $object = new Object($objectid); + $object->load(); + Session::setObject($object); + + $project = new Project( $object->projectid ); + $project->load(); + Session::setProject( $project ); + + $language = new Language( isset($vars[REQ_PARAM_LANGUAGE_ID])&&Language::available($vars[REQ_PARAM_LANGUAGE_ID])?$vars[REQ_PARAM_LANGUAGE_ID]:$project->getDefaultLanguageId() ); + $language->load(); + Session::setProjectLanguage( $language ); + + $model = new Model( isset($vars[REQ_PARAM_MODEL_ID])&&Model::available($vars[REQ_PARAM_MODEL_ID])?$vars[REQ_PARAM_MODEL_ID]:$project->getDefaultModelId() ); + $model->load(); + Session::setProjectModel( $model ); + } } $this->setStyle( $user->style ); // Benutzer-Style setzen @@ -1105,24 +1121,24 @@ class LoginAction extends Action // Das einzige Projekt sofort starten. $projectIds = array_keys($allProjects); - $project = new Project($projectIds[0]); - $project->load(); - $language = new Language( $project->getDefaultLanguageId() ); - $language->load(); - $model = new Model( $project->getDefaultModelId() ); - $model->load(); - - Session::setProject( $project ); - Session::setProjectLanguage( $language ); - Session::setProjectModel( $model ); - + $project = new Project($projectIds[0]); + $project->load(); + $language = new Language( $project->getDefaultLanguageId() ); + $language->load(); + $model = new Model( $project->getDefaultModelId() ); + $model->load(); + + Session::setProject( $project ); + Session::setProjectLanguage( $language ); + Session::setProjectModel( $model ); + $this->setPerspective('normal'); } elseif ( $conf['login']['start']['start_lastchanged_object'] ) - { - $user = Session::getUser(); - $objectid = Value::getLastChangedObjectByUserId($user->userid); + { + $user = Session::getUser(); + $objectid = Value::getLastChangedObjectByUserId($user->userid); if ( Object::available($objectid)) { // Das Projekt des zuletzt geänderten Objekts ermitteln @@ -1149,7 +1165,7 @@ class LoginAction extends Action // Erstmal die Startseite anzeigen. $this->setPerspective('start'); } - } + } else { @@ -1165,32 +1181,32 @@ class LoginAction extends Action * Benutzer meldet sich ab. */ function logoutPost() - { + { global $conf; $user = Session::getUser(); if ( is_object($user) ) - $this->setTemplateVar('login_username',$user->name); - - // Ausgew?hlte Objekte merken, um nach dem n?. Login wieder sofort auszuw?hlen. - $o = Session::getObject(); + $this->setTemplateVar('login_username',$user->name); + + // Ausgew?hlte Objekte merken, um nach dem n?. Login wieder sofort auszuw?hlen. + $o = Session::getObject(); if ( is_object($o) ) $this->setTemplateVar('objectid',$o->objectid); - $p = Session::getProject(); + $p = Session::getProject(); if ( is_object($p) ) - $this->setTemplateVar('projectid',$p->projectid); - $l = Session::getProjectLanguage(); + $this->setTemplateVar('projectid',$p->projectid); + $l = Session::getProjectLanguage(); if ( is_object($l) ) $this->setTemplateVar('languageid',$l->languageid); - $m = Session::getProjectModel(); + $m = Session::getProjectModel(); if ( is_object($m) ) - $this->setTemplateVar('modelid',$m->modelid); + $this->setTemplateVar('modelid',$m->modelid); $db = db_connection(); if ( is_object($db) ) $this->setTemplateVar('dbid',$db->id); /* - // Alle Variablen aus der Sitzung entfernen. + // Alle Variablen aus der Sitzung entfernen. session_unset(); // Damit wird die Session gel�scht, nicht nur die Session-Daten! @@ -1202,45 +1218,45 @@ class LoginAction extends Action } // Loeschen der Session. - session_destroy(); + session_destroy(); */ if ( config('security','renew_session_logout') ) $this->recreateSession(); session_unset(); - - if ( @$conf['theme']['compiler']['compile_at_logout'] ) - { - foreach( $conf['action'] as $actionName => $actionConfig ) - { - foreach( $actionConfig as $subActionName=>$subaction ) - { + + if ( @$conf['theme']['compiler']['compile_at_logout'] ) + { + foreach( $conf['action'] as $actionName => $actionConfig ) + { + foreach( $actionConfig as $subActionName=>$subaction ) + { if ( is_array($subaction) && - !isset($subaction['goto' ]) && - !isset($subaction['direct']) && + !isset($subaction['goto' ]) && + !isset($subaction['direct']) && !isset($subaction['action']) && - !isset($subaction['async' ]) && + !isset($subaction['async' ]) && !isset($subaction['alias' ]) && - $subActionName != 'menu' ) - { - $engine = new template_engine\TemplateEngine(); - $engine->compile( strtolower(str_replace('Action','',$actionName)).'/'.$subActionName); - } - } - } - } + $subActionName != 'menu' ) + { + $engine = new template_engine\TemplateEngine(); + $engine->compile( strtolower(str_replace('Action','',$actionName)).'/'.$subActionName); + } + } + } + } // Login-Token löschen: // Wenn der Benutzer sich abmelden will, dann soll auch die automatische // Anmeldung deaktiviert werden. - setcookie('or_token' ,'',0 ); - - // Umleiten auf eine definierte URL.s - $redirect_url = @$conf['security']['logout']['redirect_url']; - - if ( !empty($redirect_url) ) - { - $this->redirect($redirect_url); + setcookie('or_token' ,'',0 ); + + // Umleiten auf eine definierte URL.s + $redirect_url = @$conf['security']['logout']['redirect_url']; + + if ( !empty($redirect_url) ) + { + $this->redirect($redirect_url); } Session::set('perspective','login'); @@ -1266,7 +1282,7 @@ class LoginAction extends Action */ function administration() { - Session::setProject( new Project(-1) ); + Session::setProject( new Project(-1) ); } @@ -1341,13 +1357,13 @@ class LoginAction extends Action } $this->evaluateRequestVars( array('objectid'=>$this->getRequestId()) ); - + Session::setUser( $user ); } function language() - { + { $user = Session::getUser(); if ( ! is_object($user) ) { @@ -1359,7 +1375,7 @@ class LoginAction extends Action } - function model() + function model() { $user = Session::getUser(); if ( ! is_object($user) ) @@ -1368,29 +1384,29 @@ class LoginAction extends Action return; } - $this->evaluateRequestVars( array(REQ_PARAM_MODEL_ID=>$this->getRequestId()) ); + $this->evaluateRequestVars( array(REQ_PARAM_MODEL_ID=>$this->getRequestId()) ); - $user = Session::getUser(); - } - - - /** - * Auswerten der Request-Variablen. - * - * @param Array $add - */ - function evaluateRequestVars( $add = array() ) + $user = Session::getUser(); + } + + + /** + * Auswerten der Request-Variablen. + * + * @param Array $add + */ + function evaluateRequestVars( $add = array() ) { - global $REQ; - $vars = $REQ + $add; - - $db = db_connection(); - if ( !is_object($db) ) - { - if ( isset($vars[REQ_PARAM_DATABASE_ID]) ) - $this->setDb($vars[REQ_PARAM_DATABASE_ID]); - else - Http::serverError('no database available.'); + global $REQ; + $vars = $REQ + $add; + + $db = db_connection(); + if ( !is_object($db) ) + { + if ( isset($vars[REQ_PARAM_DATABASE_ID]) ) + $this->setDb($vars[REQ_PARAM_DATABASE_ID]); + else + Http::serverError('no database available.'); } else { @@ -1403,112 +1419,112 @@ class LoginAction extends Action $this->callSubAction('show'); return; } - } - - - if ( isset($vars[REQ_PARAM_OBJECT_ID]) && Object::available($vars[REQ_PARAM_OBJECT_ID]) ) - { - $object = new Object( $vars[REQ_PARAM_OBJECT_ID] ); - $object->objectLoadRaw(); - Session::setObject( $object ); - - $project = new Project( $object->projectid ); + } + + + if ( isset($vars[REQ_PARAM_OBJECT_ID]) && Object::available($vars[REQ_PARAM_OBJECT_ID]) ) + { + $object = new Object( $vars[REQ_PARAM_OBJECT_ID] ); + $object->objectLoadRaw(); + Session::setObject( $object ); + + $project = new Project( $object->projectid ); + $project->load(); + Session::setProject( $project ); + + $language = new Language( isset($vars[REQ_PARAM_LANGUAGE_ID])&&Language::available($vars[REQ_PARAM_LANGUAGE_ID])?$vars[REQ_PARAM_LANGUAGE_ID]:$project->getDefaultLanguageId() ); + $language->load(); + Session::setProjectLanguage( $language ); + + $model = new Model( isset($vars[REQ_PARAM_MODEL_ID])&&Model::available($vars[REQ_PARAM_MODEL_ID])?$vars[REQ_PARAM_MODEL_ID]:$project->getDefaultModelId() ); + $model->load(); + Session::setProjectModel( $model ); + } + elseif ( isset($vars[REQ_PARAM_LANGUAGE_ID]) && Language::available($vars[REQ_PARAM_LANGUAGE_ID]) ) + { + $language = new Language( $vars[REQ_PARAM_LANGUAGE_ID] ); + $language->load(); + Session::setProjectLanguage( $language ); + + $project = new Project( $language->projectid ); $project->load(); - Session::setProject( $project ); - - $language = new Language( isset($vars[REQ_PARAM_LANGUAGE_ID])&&Language::available($vars[REQ_PARAM_LANGUAGE_ID])?$vars[REQ_PARAM_LANGUAGE_ID]:$project->getDefaultLanguageId() ); - $language->load(); - Session::setProjectLanguage( $language ); - - $model = new Model( isset($vars[REQ_PARAM_MODEL_ID])&&Model::available($vars[REQ_PARAM_MODEL_ID])?$vars[REQ_PARAM_MODEL_ID]:$project->getDefaultModelId() ); - $model->load(); - Session::setProjectModel( $model ); - } - elseif ( isset($vars[REQ_PARAM_LANGUAGE_ID]) && Language::available($vars[REQ_PARAM_LANGUAGE_ID]) ) - { - $language = new Language( $vars[REQ_PARAM_LANGUAGE_ID] ); - $language->load(); - Session::setProjectLanguage( $language ); - - $project = new Project( $language->projectid ); - $project->load(); - Session::setProject( $project ); - - $model = Session::getProjectModel(); - if ( !is_object($model) ) - { - $model = new Model( $project->getDefaultModelId() ); - $model->load(); - Session::setProjectModel( $model ); - } - - $object = Session::getObject(); - if ( is_object($object) && $object->projectid == $project->projectid ) - { - $object->objectLoadRaw(); - Session::setObject( $object ); - } - else - { - Session::setObject( '' ); - } - } - elseif ( isset($vars[REQ_PARAM_MODEL_ID]) && Model::available($vars[REQ_PARAM_MODEL_ID]) ) - { - $model = new Model( $vars[REQ_PARAM_MODEL_ID] ); - $model->load(); - Session::setProjectModel( $model ); - - $project = new Project( $model->projectid ); - $project->load(); - Session::setProject( $project ); - - $language = Session::getProjectLanguage(); - if ( !is_object($language) || $language->projectid != $project->projectid ) - { - $language = new Language( $project->getDefaultLanguageId() ); - $language->load(); - Session::setProjectLanguage( $language ); - } - - $object = Session::getObject(); - $object->objectLoadRaw(); - if ( is_object($object) && $object->projectid == $project->projectid ) - { - $object->objectLoadRaw(); - Session::setObject( $object ); - } - else - { - Session::setObject( '' ); - } - } - elseif ( isset($vars[REQ_PARAM_PROJECT_ID])&&Project::available($vars[REQ_PARAM_PROJECT_ID]) ) - { - $project = new Project( $vars[REQ_PARAM_PROJECT_ID] ); - $project->load(); - - Session::setProject( $project ); - - $language = new Language( isset($vars[REQ_PARAM_LANGUAGE_ID])&& Language::available($vars[REQ_PARAM_LANGUAGE_ID])?$vars[REQ_PARAM_LANGUAGE_ID]:$project->getDefaultLanguageId() ); - $language->load(); - Session::setProjectLanguage( $language ); - - $model = new Model( isset($vars[REQ_PARAM_MODEL_ID])&& Model::available($vars[REQ_PARAM_MODEL_ID])?$vars[REQ_PARAM_MODEL_ID]:$project->getDefaultModelId() ); - $model->load(); - Session::setProjectModel( $model ); - - $object = Session::getObject(); - if ( is_object($object) && $object->projectid == $project->projectid ) - { - $object->objectLoadRaw(); - Session::setObject( $object ); - } - else - { - Session::setObject( '' ); - } - } + Session::setProject( $project ); + + $model = Session::getProjectModel(); + if ( !is_object($model) ) + { + $model = new Model( $project->getDefaultModelId() ); + $model->load(); + Session::setProjectModel( $model ); + } + + $object = Session::getObject(); + if ( is_object($object) && $object->projectid == $project->projectid ) + { + $object->objectLoadRaw(); + Session::setObject( $object ); + } + else + { + Session::setObject( '' ); + } + } + elseif ( isset($vars[REQ_PARAM_MODEL_ID]) && Model::available($vars[REQ_PARAM_MODEL_ID]) ) + { + $model = new Model( $vars[REQ_PARAM_MODEL_ID] ); + $model->load(); + Session::setProjectModel( $model ); + + $project = new Project( $model->projectid ); + $project->load(); + Session::setProject( $project ); + + $language = Session::getProjectLanguage(); + if ( !is_object($language) || $language->projectid != $project->projectid ) + { + $language = new Language( $project->getDefaultLanguageId() ); + $language->load(); + Session::setProjectLanguage( $language ); + } + + $object = Session::getObject(); + $object->objectLoadRaw(); + if ( is_object($object) && $object->projectid == $project->projectid ) + { + $object->objectLoadRaw(); + Session::setObject( $object ); + } + else + { + Session::setObject( '' ); + } + } + elseif ( isset($vars[REQ_PARAM_PROJECT_ID])&&Project::available($vars[REQ_PARAM_PROJECT_ID]) ) + { + $project = new Project( $vars[REQ_PARAM_PROJECT_ID] ); + $project->load(); + + Session::setProject( $project ); + + $language = new Language( isset($vars[REQ_PARAM_LANGUAGE_ID])&& Language::available($vars[REQ_PARAM_LANGUAGE_ID])?$vars[REQ_PARAM_LANGUAGE_ID]:$project->getDefaultLanguageId() ); + $language->load(); + Session::setProjectLanguage( $language ); + + $model = new Model( isset($vars[REQ_PARAM_MODEL_ID])&& Model::available($vars[REQ_PARAM_MODEL_ID])?$vars[REQ_PARAM_MODEL_ID]:$project->getDefaultModelId() ); + $model->load(); + Session::setProjectModel( $model ); + + $object = Session::getObject(); + if ( is_object($object) && $object->projectid == $project->projectid ) + { + $object->objectLoadRaw(); + Session::setObject( $object ); + } + else + { + Session::setObject( '' ); + } + } } @@ -1546,27 +1562,27 @@ class LoginAction extends Action global $PHP_AUTH_USER; global $PHP_AUTH_PW; - $user = Session::getUser(); - // Gast-Login + $user = Session::getUser(); + // Gast-Login + if ( ! is_object($user) ) + { + if ( $conf['security']['guest']['enable'] ) + { + $this->setDefaultDb(); + $username = $conf['security']['guest']['user']; + $user = User::loadWithName($username); + if ( $user->userid > 0 ) + $user->setCurrent(); + else + { + Logger::warn('Guest login failed, user not found: '.$username); + $this->addNotice('user',$username,'LOGIN_FAILED',OR_NOTICE_WARN,array('name'=>$username) ); + $user = null; + } + } + } + if ( ! is_object($user) ) - { - if ( $conf['security']['guest']['enable'] ) - { - $this->setDefaultDb(); - $username = $conf['security']['guest']['user']; - $user = User::loadWithName($username); - if ( $user->userid > 0 ) - $user->setCurrent(); - else - { - Logger::warn('Guest login failed, user not found: '.$username); - $this->addNotice('user',$username,'LOGIN_FAILED',OR_NOTICE_WARN,array('name'=>$username) ); - $user = null; - } - } - } - - if ( ! is_object($user) ) { switch( $conf['security']['login']['type'] ) { @@ -1593,7 +1609,7 @@ class LoginAction extends Action case 'form': // Benutzer ist nicht angemeldet - $this->callSubAction( 'showlogin' ); // Anzeigen der Login-Maske + $this->callSubAction( 'showlogin' ); // Anzeigen der Login-Maske return; break; @@ -1616,43 +1632,43 @@ class LoginAction extends Action $modelid = intval( $this->getRequestVar('modelid' ) ); $objectid = intval( $this->getRequestVar('objectid' ) ); $elementid = intval( $this->getRequestVar('elementid' ) ); - - if ( $projectid != 0 ) - { + + if ( $projectid != 0 ) + { $project = new Project( $projectid ); - $project->load(); - Session::setProject($project); - } - elseif ( $languageid != 0 ) - { + $project->load(); + Session::setProject($project); + } + elseif ( $languageid != 0 ) + { $language = new Language( $languageid ); - $language->load(); - Session::setProjectLanguage($language); - } - elseif ( $modelid != 0 ) - { + $language->load(); + Session::setProjectLanguage($language); + } + elseif ( $modelid != 0 ) + { $model = new Model( $modelid ); - $model->load(); - Session::setProjectModel($model); - } - elseif ( $objectid != 0 ) - { + $model->load(); + Session::setProjectModel($model); + } + elseif ( $objectid != 0 ) + { $object = new Object( $objectid ); $object->objectLoad(); - Session::setObject($object); - } - if ( $elementid != 0 ) - { - $element = new Element( $elementid ); - Session::setElement($element); - } + Session::setObject($object); + } + if ( $elementid != 0 ) + { + $element = new Element( $elementid ); + Session::setElement($element); + } $project = Session::getProject(); $object = Session::getObject(); - $elementid = 0; - - if ( is_object($project) ) - { + $elementid = 0; + + if ( is_object($project) ) + { if ( $project->projectid == PROJECTID_ADMIN ) { $project->name = lang('ADMINISTRATION'); @@ -1667,28 +1683,28 @@ class LoginAction extends Action if ( is_object($object) ) { - $type = $object->getType(); + $type = $object->getType(); - if ( $type == 'page' ) - { - $page = new Page($object->objectid); - $page->load(); - $elementList = $page->getWritableElements(); - if ( count($elementList) == 1 ) - $elementid = current(array_keys($elementList)); - } - - if ( $elementid > 0 ) - $this->setTemplateVar( 'frame_src_main',Html::url('main','pageelement',$object->objectid,array('elementid'=>$elementid,'targetSubAction'=>'edit')) ); - else - $this->setTemplateVar( 'frame_src_main',Html::url('main',$type,$object->objectid) ); - } - else - { - $this->setTemplateVar( 'frame_src_main',Html::url('main','empty',0,array(REQ_PARAM_TARGETSUBACTION=>'blank')) ); + if ( $type == 'page' ) + { + $page = new Page($object->objectid); + $page->load(); + $elementList = $page->getWritableElements(); + if ( count($elementList) == 1 ) + $elementid = current(array_keys($elementList)); + } + + if ( $elementid > 0 ) + $this->setTemplateVar( 'frame_src_main',Html::url('main','pageelement',$object->objectid,array('elementid'=>$elementid,'targetSubAction'=>'edit')) ); + else + $this->setTemplateVar( 'frame_src_main',Html::url('main',$type,$object->objectid) ); + } + else + { + $this->setTemplateVar( 'frame_src_main',Html::url('main','empty',0,array(REQ_PARAM_TARGETSUBACTION=>'blank')) ); } } - elseif ( is_object($project) && $project->projectid == PROJECTID_ADMIN ) + elseif ( is_object($project) && $project->projectid == PROJECTID_ADMIN ) { if ( $this->hasRequestVar('projectid') ) $this->setTemplateVar( 'frame_src_main',Html::url('main','project',$this->getRequestVar('projectid')) ); @@ -1696,7 +1712,7 @@ class LoginAction extends Action $this->setTemplateVar( 'frame_src_main',Html::url('main','group' ,$this->getRequestVar('groupid' )) ); elseif ( $this->hasRequestVar('userid') ) $this->setTemplateVar( 'frame_src_main',Html::url('main','user' ,$this->getRequestVar('userid' )) ); - else + else $this->setTemplateVar( 'frame_src_main',Html::url('main','empty',0,array(REQ_PARAM_TARGETSUBACTION=>'blank')) ); } else @@ -1714,8 +1730,8 @@ class LoginAction extends Action $this->setTemplateVar( 'frame_src_clipboard' ,Html::url( 'clipboard' ) ); $this->setTemplateVar( 'frame_src_status' ,Html::url( 'status' ) ); - $this->setTemplateVar( 'tree_width',$conf['interface']['tree_width'] ); - + $this->setTemplateVar( 'tree_width',$conf['interface']['tree_width'] ); + $this->metaValues(); } @@ -1734,25 +1750,25 @@ class LoginAction extends Action case 'register': // Registrierung // Nur, wenn aktiviert und gegen eigene Datenbank authentisiert wird. - return @$conf['login']['register'] && @$conf['security']['auth']['type'] == 'database'; - + return @$conf['login']['register'] && @$conf['security']['auth']['type'] == 'database'; + case 'password': // Kennwort vergessen - // Nur, wenn aktiviert und gegen eigene Datenbank authentisiert wird. - // Deaktiviert, falls LDAP-Lookup aktiviert ist. - return @$conf['login']['send_password'] && @$conf['security']['auth']['type'] == 'database' + // Nur, wenn aktiviert und gegen eigene Datenbank authentisiert wird. + // Deaktiviert, falls LDAP-Lookup aktiviert ist. + return @$conf['login']['send_password'] && @$conf['security']['auth']['type'] == 'database' && !@$conf['security']['auth']['userdn']; - - case 'administration': + + case 'administration': // "Administration" nat?rlich nur f?r Administratoren. return $this->userIsAdmin(); - - case 'login': + + case 'login': return !@$conf['login']['nologin']; - case 'logout': + case 'logout': return true; - case 'projectmenu': + case 'projectmenu': return true; default: @@ -1791,30 +1807,30 @@ class LoginAction extends Action else $this->setTemplateVar('actdbid',$conf['database']['default']); - - } - - - - public function registerPost() - { + + } + + + + public function registerPost() + { global $conf; - + Session::set('registerMail',$this->getRequestVar('mail') ); - + srand ((double)microtime()*1000003); $registerCode = rand(); Session::set('registerCode',$registerCode ); - $email_address = $this->getRequestVar('mail',OR_FILTER_MAIL); - - if ( ! Mail::checkAddress($email_address) ) - { - $this->addValidationError('mail'); - return; - } + $email_address = $this->getRequestVar('mail',OR_FILTER_MAIL); + + if ( ! Mail::checkAddress($email_address) ) + { + $this->addValidationError('mail'); + return; + } // E-Mail and die eingegebene Adresse verschicken $mail = new Mail($email_address, @@ -1841,7 +1857,7 @@ class LoginAction extends Action * Benutzer hat Best?tigungscode erhalten und eingegeben. */ function registercodePost() - { + { global $conf; $this->checkForDb(); @@ -1849,33 +1865,33 @@ class LoginAction extends Action $inputRegisterCode = $this->getRequestVar('code'); if ( $origRegisterCode != $inputRegisterCode ) - { + { // Best?tigungscode stimmt nicht. - $this->addValidationError('code','code_not_match'); - return; - } + $this->addValidationError('code','code_not_match'); + return; + } - // Best?tigungscode stimmt ?berein. + // Best?tigungscode stimmt ?berein. // Neuen Benutzer anlegen. - - if ( !$this->hasRequestVar('username') ) - { - $this->addValidationError('username'); - return; - } - - $user = User::loadWithName( $this->getRequestVar('username') ); - if ( $user->isValid() ) - { - $this->addValidationError('username','USER_ALREADY_IN_DATABASE'); - return; - } - - if ( strlen($this->getRequestVar('password')) < $conf['security']['password']['min_length'] ) - { - $this->addValidationError('password','password_minlength',array('minlength'=>$conf['security']['password']['min_length'])); - return; - } + + if ( !$this->hasRequestVar('username') ) + { + $this->addValidationError('username'); + return; + } + + $user = User::loadWithName( $this->getRequestVar('username') ); + if ( $user->isValid() ) + { + $this->addValidationError('username','USER_ALREADY_IN_DATABASE'); + return; + } + + if ( strlen($this->getRequestVar('password')) < $conf['security']['password']['min_length'] ) + { + $this->addValidationError('password','password_minlength',array('minlength'=>$conf['security']['password']['min_length'])); + return; + } $newUser = new User(); $newUser->name = $this->getRequestVar('username'); @@ -1966,12 +1982,12 @@ class LoginAction extends Action * Einen Kennwort-Anforderungscode an den Benutzer senden. */ function passwordPost() - { - if ( !$this->hasRequestVar('username') ) - { - $this->addValidationError('username'); - return; - } + { + if ( !$this->hasRequestVar('username') ) + { + $this->addValidationError('username'); + return; + } $this->checkForDb(); @@ -1988,8 +2004,8 @@ class LoginAction extends Action $eMail->setVar('name',$user->getName()); $eMail->setVar('code',$code); if ( $eMail->send() ) - $this->addNotice('user',$user->getName(),'mail_sent',OR_NOTICE_OK); - else + $this->addNotice('user',$user->getName(),'mail_sent',OR_NOTICE_OK); + else $this->addNotice('user',$user->getName(),'mail_not_sent',OR_NOTICE_ERROR,array(),$eMail->error); } @@ -2006,16 +2022,16 @@ class LoginAction extends Action $this->setSessionVar("password_commit_name",$user->name); $this->nextView('passwordcode'); } - - - - /** - * Anzeige Formular zum Eingeben des Kennwort-Codes. - * - */ - function passwordcodeView() - { - + + + + /** + * Anzeige Formular zum Eingeben des Kennwort-Codes. + * + */ + function passwordcodeView() + { + } @@ -2023,48 +2039,48 @@ class LoginAction extends Action * Neues Kennwort erzeugen und dem Benutzer zusenden. */ function passwordcodePost() - { - $username = $this->getSessionVar("password_commit_name"); - - if ( $this->getRequestVar("code")=='' || - $this->getSessionVar("password_commit_code") != $this->getRequestVar("code") ) - { - $this->addValidationError('code','PASSWORDCODE_NOT_MATCH'); + { + $username = $this->getSessionVar("password_commit_name"); + + if ( $this->getRequestVar("code")=='' || + $this->getSessionVar("password_commit_code") != $this->getRequestVar("code") ) + { + $this->addValidationError('code','PASSWORDCODE_NOT_MATCH'); return; - } + } $user = User::loadWithName( $username ); if ( !$user->isValid() ) - { + { // Benutzer konnte nicht geladen werden. $this->addNotice('user',$username,'error',OR_NOTICE_ERROR); - return; - } - - $newPw = User::createPassword(); // Neues Kennwort erzeugen. - + return; + } + + $newPw = User::createPassword(); // Neues Kennwort erzeugen. + $eMail = new Mail( $user->mail,'password_new' ); $eMail->setVar('name' ,$user->getName()); $eMail->setVar('password',$newPw ); - + if ( $eMail->send() ) - { + { $user->setPassword( $newPw, false ); // Kennwort muss beim n?. Login ge?ndert werden. $this->addNotice('user',$username,'mail_sent',OR_NOTICE_OK); - } - else - { - // Sollte eigentlich nicht vorkommen, da der Benutzer ja auch schon den - // Code per E-Mail erhalten hat. - $this->addNotice('user',$username,'error',OR_NOTICE_ERROR,array(),$eMail->error); } - } - + else + { + // Sollte eigentlich nicht vorkommen, da der Benutzer ja auch schon den + // Code per E-Mail erhalten hat. + $this->addNotice('user',$username,'error',OR_NOTICE_ERROR,array(),$eMail->error); + } + } + /** * Erzeugt eine neue Sitzung. - */ + */ function recreateSession() { diff --git a/action/ModelAction.class.php b/action/ModelAction.class.php @@ -1,6 +1,14 @@ <?php + +namespace cms\action; + use cms\model\Model; + + +use Session; +use \Html; + // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de // @@ -33,7 +41,7 @@ class ModelAction extends Action var $model; - function ModelAction() + function __construct() { $this->model = new Model( $this->getRequestId() ); $this->model->load(); diff --git a/action/ModellistAction.class.php b/action/ModellistAction.class.php @@ -1,4 +1,7 @@ <?php + +namespace cms\action; + use cms\model\Model; // OpenRat Content Management System @@ -29,7 +32,7 @@ class ModellistAction extends Action { public $security = SECURITY_USER; - function ModellistAction() + function __construct() { if ( $this->getRequestId() != 0 ) { diff --git a/action/ObjectAction.class.php b/action/ObjectAction.class.php @@ -1,4 +1,7 @@ <?php + +namespace cms\action; + use cms\model\Acl; use cms\model\User; use cms\model\Group; @@ -43,24 +46,24 @@ class ObjectAction extends Action public function copyView() { $this->actionName = 'object'; - global $conf_php; + global $conf_php; $sourceObject = new Object( $this->getRequestId()); $sourceObject->load(); $targetFolder = new Object( $this->getRequestVar('targetFolderId',OR_FILTER_NUMBER)); $targetFolder->load(); - - $this->setTemplateVar('source' ,$sourceObject->getProperties() ); + + $this->setTemplateVar('source' ,$sourceObject->getProperties() ); $this->setTemplateVar('sourceId',$sourceObject->objectid ); $this->setTemplateVar('target' ,$targetFolder->getProperties() ); - $this->setTemplateVar('targetId',$targetFolder->objectid ); - $this->setTemplateVar('types' ,array('move'=>'move','moveandlink'=>'moveandlink','copy'=>'copy','link'=>'link') ); - - if ( ! $targetFolder->hasRight(ACL_WRITE) ) - { - $this->addNotice('folder', $targetFolder->name, 'NOT_WRITABLE',OR_NOTICE_ERROR); - } + $this->setTemplateVar('targetId',$targetFolder->objectid ); + $this->setTemplateVar('types' ,array('move'=>'move','moveandlink'=>'moveandlink','copy'=>'copy','link'=>'link') ); + + if ( ! $targetFolder->hasRight(ACL_WRITE) ) + { + $this->addNotice('folder', $targetFolder->name, 'NOT_WRITABLE',OR_NOTICE_ERROR); + } } @@ -69,44 +72,44 @@ class ObjectAction extends Action */ public function copyPost() { - $type = $this->getRequestVar('type'); - $targetObjectId = $this->getRequestVar('targetid',OR_FILTER_NUMBER); - $sourceObjectId = $this->getRequestVar('sourceid',OR_FILTER_NUMBER); - - $sourceObject = new Object( $sourceObjectId ); - $sourceObject->load(); - - $targetFolder = new Object( $targetObjectId ); + $type = $this->getRequestVar('type'); + $targetObjectId = $this->getRequestVar('targetid',OR_FILTER_NUMBER); + $sourceObjectId = $this->getRequestVar('sourceid',OR_FILTER_NUMBER); + + $sourceObject = new Object( $sourceObjectId ); + $sourceObject->load(); + + $targetFolder = new Object( $targetObjectId ); $targetFolder->load(); - - // Prüfen, ob Schreibrechte im Zielordner bestehen. - if ( ! $targetFolder->hasRight(ACL_WRITE) ) + + // Prüfen, ob Schreibrechte im Zielordner bestehen. + if ( ! $targetFolder->hasRight(ACL_WRITE) ) + { + $this->addNotice('folder', $targetFolder->name, 'NOT_WRITABLE',OR_NOTICE_ERROR); + return; + } + + switch( $type ) { - $this->addNotice('folder', $targetFolder->name, 'NOT_WRITABLE',OR_NOTICE_ERROR); - return; - } - - switch( $type ) - { case 'move': - if ( $sourceObject->isFolder ) + if ( $sourceObject->isFolder ) { - $f = new Folder( $sourceObjectId ); - $allsubfolders = $f->getAllSubFolderIds(); - - // Plausibilisierungsprüfung: - // - // Wenn - // - Das Zielverzeichnis sich nicht in einem Unterverzeichnis des zu verschiebenen Ordners liegt - // und - // - Das Zielverzeichnis nicht der zu verschiebene Ordner ist - // dann verschieben - if ( in_array($targetObjectId,$allsubfolders) || $sourceObjectId == $targetObjectId ) - { + $f = new Folder( $sourceObjectId ); + $allsubfolders = $f->getAllSubFolderIds(); + + // Plausibilisierungsprüfung: + // + // Wenn + // - Das Zielverzeichnis sich nicht in einem Unterverzeichnis des zu verschiebenen Ordners liegt + // und + // - Das Zielverzeichnis nicht der zu verschiebene Ordner ist + // dann verschieben + if ( in_array($targetObjectId,$allsubfolders) || $sourceObjectId == $targetObjectId ) + { $this->addNotice('folder',$sourceObject->name,'ERROR',OR_NOTICE_ERROR); return; - } + } } // TODO: @@ -114,18 +117,18 @@ class ObjectAction extends Action // zum Erstellen von Ordner, Dateien oder Seiten vorhanden sein. $sourceObject->setParentId( $targetObjectId ); $this->addNotice($sourceObject->type, $sourceObject->name, 'moved'); - break; - + break; + case 'moveandlink': - $oldParentId = $sourceObject->parentid; - - $sourceObject->setParentId( $targetObjectId ); - $this->addNotice($sourceObject->type, $sourceObject->name, 'moved'); + $oldParentId = $sourceObject->parentid; + + $sourceObject->setParentId( $targetObjectId ); + $this->addNotice($sourceObject->type, $sourceObject->name, 'moved'); $link = new Link(); $link->parentid = $oldParentId; - $link->name = lang('LINK_TO').' '.$sourceObject->name; + $link->name = lang('LINK_TO').' '.$sourceObject->name; $link->filename = $sourceObject->filename; $link->linkedObjectId = $sourceObjectId; $link->add(); @@ -135,79 +138,79 @@ class ObjectAction extends Action case 'copy': - switch( $sourceObject->getType() ) - { - case 'folder': - // Ordner zur Zeit nicht kopieren - // Funktion waere zu verwirrend - $this->addNotice($sourceObject->getType(),$sourceObject->name,'CANNOT_COPY_FOLDER','error'); - break; - - case 'file': - $f = new File( $sourceObjectId ); - $f->load(); - $f->filename = ''; - $f->name = lang('COPY_OF').' '.$f->name; - $f->parentid = $targetObjectId; - $f->add(); - $f->copyValueFromFile( $sourceObjectId ); - - $this->addNotice($sourceObject->getType(),$sourceObject->name,'COPIED','ok'); - break; - - case 'page': - $p = new Page( $sourceObjectId ); - $p->load(); - $p->filename = ''; - $p->name = lang('COPY_OF').' '.$p->name; - $p->parentid = $targetObjectId; - $p->add(); - $p->copyValuesFromPage( $sourceObjectId ); - $this->addNotice($sourceObject->getType(),$sourceObject->name,'COPIED','ok'); - break; - - case 'link': - $l = new Link( $sourceObjectId ); - $l->load(); - $l->filename = ''; - $l->name = lang('COPY_OF').' '.$l->name; - $l->parentid = $targetObjectId; - $l->add(); - $this->addNotice($sourceObject->getType(),$sourceObject->name,'COPIED','ok'); - break; - - default: - Http::serverError('fatal: unknown type while deleting'); - } - break; + switch( $sourceObject->getType() ) + { + case 'folder': + // Ordner zur Zeit nicht kopieren + // Funktion waere zu verwirrend + $this->addNotice($sourceObject->getType(),$sourceObject->name,'CANNOT_COPY_FOLDER','error'); + break; + + case 'file': + $f = new File( $sourceObjectId ); + $f->load(); + $f->filename = ''; + $f->name = lang('COPY_OF').' '.$f->name; + $f->parentid = $targetObjectId; + $f->add(); + $f->copyValueFromFile( $sourceObjectId ); + + $this->addNotice($sourceObject->getType(),$sourceObject->name,'COPIED','ok'); + break; + + case 'page': + $p = new Page( $sourceObjectId ); + $p->load(); + $p->filename = ''; + $p->name = lang('COPY_OF').' '.$p->name; + $p->parentid = $targetObjectId; + $p->add(); + $p->copyValuesFromPage( $sourceObjectId ); + $this->addNotice($sourceObject->getType(),$sourceObject->name,'COPIED','ok'); + break; + + case 'link': + $l = new Link( $sourceObjectId ); + $l->load(); + $l->filename = ''; + $l->name = lang('COPY_OF').' '.$l->name; + $l->parentid = $targetObjectId; + $l->add(); + $this->addNotice($sourceObject->getType(),$sourceObject->name,'COPIED','ok'); + break; + + default: + Http::serverError('fatal: unknown type while deleting'); + } + break; case 'link': - // Beim Verkn�pfen muss im Zielordner die Berechtigung zum Erstellen - // von Verkn�pfungen vorhanden sein. - if ( ! $targetFolder->hasRight(ACL_CREATE_LINK) ) - { - $this->addNotice('folder', $targetFolder->name, 'NOT_WRITABLE',OR_NOTICE_ERROR); - return; + // Beim Verkn�pfen muss im Zielordner die Berechtigung zum Erstellen + // von Verkn�pfungen vorhanden sein. + if ( ! $targetFolder->hasRight(ACL_CREATE_LINK) ) + { + $this->addNotice('folder', $targetFolder->name, 'NOT_WRITABLE',OR_NOTICE_ERROR); + return; } - - $link = new Link(); - $link->parentid = $targetObjectId; - $link->name = lang('LINK_TO').' '.$sourceObject->name; - $link->filename = $sourceObject->filename; + + $link = new Link(); + $link->parentid = $targetObjectId; + $link->name = lang('LINK_TO').' '.$sourceObject->name; + $link->filename = $sourceObject->filename; $link->linkedObjectId = $sourceObjectId; - $link->isLinkToObject = true; - $link->add(); - $this->addNotice('link', $link->name, 'added'); + $link->isLinkToObject = true; + $link->add(); + $this->addNotice('link', $link->name, 'added'); // OK break; default: Http::serverError('Unknown type for copying'); - break; - } - - $targetFolder->setTimestamp(); + break; + } + + $targetFolder->setTimestamp(); } @@ -233,32 +236,32 @@ class ObjectAction extends Action switch( $this->getRequestVar('type') ) { case 'user': - $acl->userid = $this->getRequestVar('userid' ); - - if ( $acl->userid <= 0 ) - { - $this->addValidationError('type' ); - $this->addValidationError('userid',''); - $this->callSubAction('aclform'); + $acl->userid = $this->getRequestVar('userid' ); + + if ( $acl->userid <= 0 ) + { + $this->addValidationError('type' ); + $this->addValidationError('userid',''); + $this->callSubAction('aclform'); return; } break; case 'group': - $acl->groupid = $this->getRequestVar('groupid'); - if ( $acl->groupid <= 0 ) - { - $this->addValidationError('type' ); - $this->addValidationError('groupid',''); - $this->callSubAction('aclform'); - return; - } - break; + $acl->groupid = $this->getRequestVar('groupid'); + if ( $acl->groupid <= 0 ) + { + $this->addValidationError('type' ); + $this->addValidationError('groupid',''); + $this->callSubAction('aclform'); + return; + } + break; case 'all': break; default: $this->addValidationError('type'); - $this->callSubAction('aclform'); - return; + $this->callSubAction('aclform'); + return; } $acl->languageid = $this->getRequestVar(REQ_PARAM_LANGUAGE_ID); @@ -275,7 +278,7 @@ class ObjectAction extends Action $acl->grant = ( $this->hasRequestVar('grant' ) ); $acl->transmit = ( $this->hasRequestVar('transmit' ) ); - $acl->add(); + $acl->add(); // Falls die Berechtigung vererbbar ist, dann diese sofort an // Unterobjekte vererben. @@ -298,10 +301,10 @@ class ObjectAction extends Action - + $this->addNotice('','','ADDED',OR_NOTICE_OK); - $o->setTimestamp(); + $o->setTimestamp(); } @@ -470,8 +473,8 @@ class ObjectAction extends Action if ( !$o->hasRight( ACL_GRANT ) ) Http::notAuthorized('no grant rights'); // Da wollte uns wohl einer vereimern. - $acl->delete(); // Weg mit der ACL - + $acl->delete(); // Weg mit der ACL + $this->addNotice('','','DELETED',OR_NOTICE_OK); } } \ No newline at end of file diff --git a/action/PageAction.class.php b/action/PageAction.class.php @@ -1,4 +1,7 @@ <?php + +namespace cms\action; + use cms\model\Project; use cms\model\Value; use cms\model\Element; @@ -41,7 +44,7 @@ class PageAction extends ObjectAction var $defaultSubAction = 'show'; - function PageAction() + function __construct() { $this->page = new Page( $this->getRequestId() ); $this->page->load(); diff --git a/action/PageelementAction.class.php b/action/PageelementAction.class.php @@ -1,4 +1,7 @@ <?php + +namespace cms\action; + use cms\model\User; use cms\model\Value; use cms\model\Element; diff --git a/action/ProfileAction.class.php b/action/ProfileAction.class.php @@ -1,5 +1,8 @@ <?php +namespace cms\action; + + // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de // @@ -36,7 +39,7 @@ class ProfileAction extends Action * Konstruktor. * Setzen der Benutzer-Objektes. */ - function ProfileAction() + function __construct() { $this->user = Session::getUser(); } @@ -59,16 +62,16 @@ class ProfileAction extends Action $this->setStyle( $this->user->style ); // Style sofort anwenden Session::setUser( $this->user ); - - if ( !empty($this->user->fullname) ) - { + + if ( !empty($this->user->fullname) ) + { $this->user->save(); $this->setStyle($this->user->style); $this->addNotice('user',$this->user->name,'SAVED','ok'); - } + } else - { - $this->addValidationError('fullname'); + { + $this->addValidationError('fullname'); } @@ -117,44 +120,44 @@ class ProfileAction extends Action /* * Es wird eine E-Mail mit einem Freischaltcode an die eingegebene Adresse geschickt. - */ - function mailPost() - { + */ + function mailPost() + { srand ((double)microtime()*1000003); $code = rand(); // Zufalls-Freischaltcode erzeugen $newMail = $this->getRequestVar('mail'); - + if ( empty($newMail) ) { // Keine E-Mail-Adresse eingegeben. - $this->addValidationError('mail'); - return; - } - else + $this->addValidationError('mail'); + return; + } + else { - // Der Freischaltcode wird in der Sitzung gespeichert. - Session::set('mailChangeCode',$code ); - Session::set('mailChangeMail',$newMail); + // Der Freischaltcode wird in der Sitzung gespeichert. + Session::set('mailChangeCode',$code ); + Session::set('mailChangeMail',$newMail); // E-Mail an die neue Adresse senden. $mail = new Mail( $newMail,'mail_change_code' ); $mail->setVar('code',$code ); $mail->setVar('name',$this->user->getName()); - - if ( $mail->send() ) - { + + if ( $mail->send() ) + { $this->addNotice('user',$this->user->name,'mail_sent',OR_NOTICE_OK); // Meldung - $this->nextView('confirmmail'); - } - else - { - $this->addNotice('user',$this->user->name,'mail_not_sent',OR_NOTICE_ERROR,array(),$mail->error); // Meldung - return; + $this->nextView('confirmmail'); + } + else + { + $this->addNotice('user',$this->user->name,'mail_not_sent',OR_NOTICE_ERROR,array(),$mail->error); // Meldung + return; } } - } - - + } + + /** * Anzeige einer Maske, in die der Freischaltcode für das @@ -183,34 +186,34 @@ class ProfileAction extends Action $this->user->save(); $this->addNotice('user',$this->user->name,'SAVED',OR_NOTICE_OK); - } + } else { // Best�tigungscode stimmt nicht. $this->addValidationError('code','code_not_match'); - } + } } public function pwPost() - { - if ( ! $this->user->checkPassword( $this->getRequestVar('act_password') ) ) - { - $this->addValidationError('act_password'); - } - elseif ( $this->getRequestVar('password1') == '' ) - { - $this->addValidationError('password1'); - } - elseif ( $this->getRequestVar('password1') != $this->getRequestVar('password2') ) - { - $this->addValidationError('password2','PASSWORDS_DO_NOT_MATCH'); + { + if ( ! $this->user->checkPassword( $this->getRequestVar('act_password') ) ) + { + $this->addValidationError('act_password'); + } + elseif ( $this->getRequestVar('password1') == '' ) + { + $this->addValidationError('password1'); + } + elseif ( $this->getRequestVar('password1') != $this->getRequestVar('password2') ) + { + $this->addValidationError('password2','PASSWORDS_DO_NOT_MATCH'); } elseif ( strlen($this->getRequestVar('password1'))<intval(config('security','password','min_length')) ) { - $this->addValidationError('password1','PASSWORD_MINLENGTH',array('minlength'=>config('security','password','min_length'))); + $this->addValidationError('password1','PASSWORD_MINLENGTH',array('minlength'=>config('security','password','min_length'))); } else { @@ -256,39 +259,39 @@ class ProfileAction extends Action } - - - - /** - * Anzeige aller Gruppen des angemeldeten Benutzers. - * - */ + + + + /** + * Anzeige aller Gruppen des angemeldeten Benutzers. + * + */ function membershipsView() { $this->setTemplateVar( 'groups',$this->user->getGroups() ); - } - - - - /** - * @param String $name Menüpunkt - * @return boolean true, falls Menüpunkt zugelassen - */ - function checkMenu( $name ) - { - global $conf; - - switch( $name ) - { + } + + + + /** + * @param String $name Menüpunkt + * @return boolean true, falls Menüpunkt zugelassen + */ + function checkMenu( $name ) + { + global $conf; + + switch( $name ) + { case 'pwchange': // Die Funktion "Kennwort setzen" ist nur aktiv, wenn als Authentifizierungs-Backend - // auch die interne Benutzerdatenbank eingesetzt wird. - return @$conf['security']['auth']['type'] == 'database' - && !@$conf['security']['auth']['userdn']; - - default: - return true; - } - } + // auch die interne Benutzerdatenbank eingesetzt wird. + return @$conf['security']['auth']['type'] == 'database' + && !@$conf['security']['auth']['userdn']; + + default: + return true; + } + } } \ No newline at end of file diff --git a/action/ProjectAction.class.php b/action/ProjectAction.class.php @@ -1,4 +1,7 @@ <?php + +namespace cms\action; + use cms\model\Project; use cms\model\Folder; @@ -34,7 +37,7 @@ class ProjectAction extends Action var $defaultSubAction = 'listing'; - function ProjectAction() + function __construct() { $this->project = new Project( $this->getRequestId() ); $this->project->load(); diff --git a/action/ProjectlistAction.class.php b/action/ProjectlistAction.class.php @@ -1,4 +1,7 @@ <?php + +namespace cms\action; + use cms\model\Project; // OpenRat Content Management System @@ -29,7 +32,7 @@ class ProjectlistAction extends Action { public $security = SECURITY_ADMIN; - function ProjectlistAction() + function __construct() { } diff --git a/action/SearchAction.class.php b/action/SearchAction.class.php @@ -1,123 +1,133 @@ -<?php -use cms\model\User; -use cms\model\Value; -use cms\model\Template; -use cms\model\Object; -use cms\model\File; - -// OpenRat Content Management System -// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; either version 2 -// of the License, or (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - -define('SEARCH_FLAG_ID' , 1); +<?php + +namespace cms\action; + +use cms\model\User; +use cms\model\Value; +use cms\model\Template; +use cms\model\Object; +use cms\model\File; + + + +use Session; +use \Html; + + + +// OpenRat Content Management System +// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de +// +// This program is free software; you can redistribute it and/or +// modify it under the terms of the GNU General Public License +// as published by the Free Software Foundation; either version 2 +// of the License, or (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program; if not, write to the Free Software +// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + + +define('SEARCH_FLAG_ID' , 1); define('SEARCH_FLAG_NAME' , 2); define('SEARCH_FLAG_FILENAME' , 4); define('SEARCH_FLAG_DESCRIPTION', 8); define('SEARCH_FLAG_VALUE' ,16); - - -/** + + +/** * Action-Klasse fuer die Suchfunktion. - * - * @author $Author$ - * @version $Revision$ - * @package openrat.actions - */ -class SearchAction extends Action -{ - public $security = SECURITY_USER; - - - /** - * leerer Kontruktor - */ - function SearchAction() - { - } - - - + * + * @author $Author$ + * @version $Revision$ + * @package openrat.actions + */ +class SearchAction extends Action +{ + public $security = SECURITY_USER; + + + /** + * leerer Kontruktor + */ + function __construct() + { + } + + + public function editView() { $user = Session::getUser(); $this->setTemplateVar( 'users' ,User::listAll() ); $this->setTemplateVar( 'act_userid',$user->userid ); } - - /** - * Durchf?hren der Suche - * und Anzeige der Ergebnisse - */ - public function resultView() - { - $suchText = $this->getRequestVar('text'); - $searchFlags = 0; - + + /** + * Durchf?hren der Suche + * und Anzeige der Ergebnisse + */ + public function resultView() + { + $suchText = $this->getRequestVar('text'); + $searchFlags = 0; + if ( $this->hasRequestVar('id' ) ) $searchFlags |= SEARCH_FLAG_ID; if ( $this->hasRequestVar('filename' ) ) $searchFlags |= SEARCH_FLAG_FILENAME; if ( $this->hasRequestVar('name' ) ) $searchFlags |= SEARCH_FLAG_NAME; if ( $this->hasRequestVar('description') ) $searchFlags |= SEARCH_FLAG_DESCRIPTION; if ( $this->hasRequestVar('content' ) ) $searchFlags |= SEARCH_FLAG_VALUE; - $this->performSearch($suchText, $searchFlags); - - /* - case 'lastchange_user': - $e = new Value(); - - $language = Session::getProjectLanguage(); - $e->languageid = $language->languageid; - - $listObjectIds = $e->getObjectIdsByLastChangeUserId( $this->getRequestVar('userid') ); - break; - }*/ - } - - - - /** - * Durchf?hren der Suche - * und Anzeige der Ergebnisse - */ - public function quicksearchView() - { - global $conf; - - $text = $this->getRequestVar('search'); - - $flag = $conf['search']['quicksearch']['flag']; - $searchFlags = 0; - if ( $flag['id' ] ) $searchFlags |= SEARCH_FLAG_ID; - if ( $flag['name' ] ) $searchFlags |= SEARCH_FLAG_NAME; - if ( $flag['filename' ] ) $searchFlags |= SEARCH_FLAG_FILENAME; - if ( $flag['description'] ) $searchFlags |= SEARCH_FLAG_DESCRIPTION; - if ( $flag['content' ] ) $searchFlags |= SEARCH_FLAG_VALUE; - - $this->performSearch($text, $searchFlags); - } - - - + $this->performSearch($suchText, $searchFlags); + + /* + case 'lastchange_user': + $e = new Value(); + + $language = Session::getProjectLanguage(); + $e->languageid = $language->languageid; + + $listObjectIds = $e->getObjectIdsByLastChangeUserId( $this->getRequestVar('userid') ); + break; + }*/ + } + + + + /** + * Durchf?hren der Suche + * und Anzeige der Ergebnisse + */ + public function quicksearchView() + { + global $conf; + + $text = $this->getRequestVar('search'); + + $flag = $conf['search']['quicksearch']['flag']; + $searchFlags = 0; + if ( $flag['id' ] ) $searchFlags |= SEARCH_FLAG_ID; + if ( $flag['name' ] ) $searchFlags |= SEARCH_FLAG_NAME; + if ( $flag['filename' ] ) $searchFlags |= SEARCH_FLAG_FILENAME; + if ( $flag['description'] ) $searchFlags |= SEARCH_FLAG_DESCRIPTION; + if ( $flag['content' ] ) $searchFlags |= SEARCH_FLAG_VALUE; + + $this->performSearch($text, $searchFlags); + } + + + /** * Durchf?hren der Suche * und Anzeige der Ergebnisse */ private function performSearch( $text, $flag) - { + { global $conf; $listObjectIds = array(); @@ -181,8 +191,8 @@ class SearchAction extends Action } } - - + + /** * */ @@ -195,7 +205,7 @@ class SearchAction extends Action $o = new Object( $objectid ); $o->load(); $resultList[$objectid] = array(); - $resultList[$objectid]['id' ] = $objectid; + $resultList[$objectid]['id' ] = $objectid; $resultList[$objectid]['url' ] = Html::url($o->getType(),'',$objectid); $resultList[$objectid]['type'] = $o->getType(); $resultList[$objectid]['name'] = $o->name; @@ -212,7 +222,7 @@ class SearchAction extends Action $t = new Template( $templateid ); $t->load(); $resultList['t'.$templateid] = array(); - $resultList['t'.$templateid]['id' ] = $templateid; + $resultList['t'.$templateid]['id' ] = $templateid; $resultList['t'.$templateid]['url' ] = Html::url('template','',$templateid); $resultList['t'.$templateid]['type'] = 'template'; $resultList['t'.$templateid]['name'] = $t->name; @@ -222,7 +232,7 @@ class SearchAction extends Action $this->setTemplateVar( 'result',$resultList ); } - -} - + +} + ?> \ No newline at end of file diff --git a/action/StartAction.class.php b/action/StartAction.class.php @@ -1,4 +1,7 @@ <?php + +namespace cms\action; + use cms\model\User; use cms\model\Project; use cms\model\Value; @@ -8,6 +11,13 @@ use cms\model\Object; use cms\model\Language; use cms\model\Model; + +use Logger; +use Password; +use Session; +use \Html; +use \Mail; + // OpenRat Content Management System // Copyright (C) 2002-2007 Jan Dankert, jandankert@jandankert.de // @@ -104,51 +114,51 @@ class StartAction extends Action unset( $SESS['user'] ); - $db = db_connection(); - - if ( !$db->available ) - { - $this->addNotice('database',$db->conf['description'],'DATABASE_CONNECTION_ERROR',OR_NOTICE_ERROR,array(),array('Database Error: '.$db->error)); - $this->callSubAction('showlogin'); - return false; - } + $db = db_connection(); + + if ( !$db->available ) + { + $this->addNotice('database',$db->conf['description'],'DATABASE_CONNECTION_ERROR',OR_NOTICE_ERROR,array(),array('Database Error: '.$db->error)); + $this->callSubAction('showlogin'); + return false; + } $ip = getenv("REMOTE_ADDR"); $user = new User(); $user->name = $name; - $ok = $user->checkPassword( $pw ); + $ok = $user->checkPassword( $pw ); $this->mustChangePassword = $user->mustChangePassword; if ( $this->mustChangePassword ) { // Der Benutzer hat zwar ein richtiges Kennwort eingegeben, aber dieses ist abgelaufen. - // Wir versuchen hier, das neue zu setzen (sofern eingegeben). - if ( empty($pw1) ) - { + // Wir versuchen hier, das neue zu setzen (sofern eingegeben). + if ( empty($pw1) ) + { } - elseif ( $pw1 != $pw2 ) - { - $this->addValidationError('password1','PASSWORDS_DO_NOT_MATCH'); + elseif ( $pw1 != $pw2 ) + { + $this->addValidationError('password1','PASSWORDS_DO_NOT_MATCH'); $this->addValidationError('password2',''); } elseif ( strlen($pw2) < $conf['security']['password']['min_length'] ) - { - $this->addValidationError('password1','PASSWORD_MINLENGTH',array('minlength'=>$conf['security']['password']['min_length'])); - $this->addValidationError('password2',''); - } - else + { + $this->addValidationError('password1','PASSWORD_MINLENGTH',array('minlength'=>$conf['security']['password']['min_length'])); + $this->addValidationError('password2',''); + } + else { // Kennw�rter identisch und lang genug. $user->setPassword( $pw1,true ); // Das neue Kennwort ist gesetzt, die Anmeldung ist also doch noch gelungen. $ok = true; - $this->mustChangePassword = false; - $user->mustChangePassword = false; - } + $this->mustChangePassword = false; + $user->mustChangePassword = false; + } } // Falls Login erfolgreich @@ -179,15 +189,15 @@ class StartAction extends Action * Login-Fehlermeldung erscheinen kann */ function loginView() - { - global $conf; + { + global $conf; $sso = $conf['security']['sso']; $ssl = $conf['security']['ssl']; $ssl_trust = false; $ssl_user_var = ''; extract( $ssl, EXTR_PREFIX_ALL, 'ssl' ); - + if ( $sso['enable'] ) { $authid = $this->getRequestVar( $sso['auth_param_name']); @@ -291,7 +301,7 @@ class StartAction extends Action foreach( $conf['database'] as $dbname=>$dbconf ) { if ( is_array($dbconf) && $dbconf['enabled'] ) - $dbids[$dbname] = array('key' =>$dbname, + $dbids[$dbname] = array('key' =>$dbname, 'value'=>Text::maxLength($dbconf['description']), 'title'=>$dbconf['description'].' ('.$dbconf['host'].')' ); } @@ -309,19 +319,19 @@ class StartAction extends Action if ( !isset($this->templateVars['login_name']) && isset($_COOKIE['or_username']) ) $this->setTemplateVar('login_name',$_COOKIE['or_username']); - - if ( !isset($this->templateVars['login_name']) ) - $this->setTemplateVar('login_name',@$conf['security']['default']['username']); - + + if ( !isset($this->templateVars['login_name']) ) + $this->setTemplateVar('login_name',@$conf['security']['default']['username']); + if ( $this->templateVars['login_name']== @$conf['security']['default']['username']) - $this->setTemplateVar('login_password',@$conf['security']['default']['password']); + $this->setTemplateVar('login_password',@$conf['security']['default']['password']); $this->setTemplateVar( 'dbids',$dbids ); $db = Session::getDatabase(); if ( is_object($db) ) $this->setTemplateVar('actdbid',$db->id); - elseif( isset($this->templateVars['actid']) ) + elseif( isset($this->templateVars['actid']) ) ; else $this->setTemplateVar('actdbid',$conf['database']['default']); @@ -348,7 +358,7 @@ class StartAction extends Action $this->setTemplateVar('projectid' ,$this->getRequestVar('projectid' ,OR_FILTER_NUMBER) ); $this->setTemplateVar('modelid' ,$this->getRequestVar('modelid' ,OR_FILTER_NUMBER) ); $this->setTemplateVar('languageid',$this->getRequestVar('languageid',OR_FILTER_NUMBER) ); - + $this->setTemplateVar('register' ,$conf['login' ]['register' ]); $this->setTemplateVar('send_password',$conf['login' ]['send_password']); } @@ -387,14 +397,14 @@ class StartAction extends Action // Projekte ermitteln $projects = $user->getReadableProjects(); - $list = array(); + $list = array(); foreach( $projects as $id=>$name ) { $p = array(); $p['url' ] = Html::url('start','project',$id); - $p['name'] = $name; - $p['id' ] = $id; + $p['name'] = $name; + $p['id' ] = $id; $tmpProject = new Project( $id ); $p['defaultmodelid' ] = $tmpProject->getDefaultModelId(); @@ -406,18 +416,18 @@ class StartAction extends Action } $this->setTemplateVar('projects',$list); - - if ( empty($list) ) - { - // Kein Projekt vorhanden. Eine Hinweismeldung ausgeben. - if ( $this->userIsAdmin() ) - // Administratoren bekommen bescheid, dass sie ein Projekt anlegen sollen - $this->addNotice('','','ADMIN_NO_PROJECTS_AVAILABLE',OR_NOTICE_WARN); - else - // Normale Benutzer erhalten eine Meldung, dass kein Projekt zur Verf�gung steht - $this->addNotice('','','NO_PROJECTS_AVAILABLE',OR_NOTICE_WARN); - } - + + if ( empty($list) ) + { + // Kein Projekt vorhanden. Eine Hinweismeldung ausgeben. + if ( $this->userIsAdmin() ) + // Administratoren bekommen bescheid, dass sie ein Projekt anlegen sollen + $this->addNotice('','','ADMIN_NO_PROJECTS_AVAILABLE',OR_NOTICE_WARN); + else + // Normale Benutzer erhalten eine Meldung, dass kein Projekt zur Verf�gung steht + $this->addNotice('','','NO_PROJECTS_AVAILABLE',OR_NOTICE_WARN); + } + //$this->metaValues(); } @@ -433,23 +443,23 @@ class StartAction extends Action // Diese Seite gilt pro Sitzung. $user = Session::getUser(); $userGroups = $user->getGroups(); - $this->lastModified( $user->loginDate ); + $this->lastModified( $user->loginDate ); - // Applikationen ermitteln + // Applikationen ermitteln $list = array(); foreach( $conf['applications'] as $id=>$app ) { if ( !is_array($app) ) continue; - if ( isset($app['group']) ) - if ( !in_array($app['group'],$userGroups) ) - continue; // Keine Berechtigung, da Benutzer nicht in Gruppe vorhanden. - + if ( isset($app['group']) ) + if ( !in_array($app['group'],$userGroups) ) + continue; // Keine Berechtigung, da Benutzer nicht in Gruppe vorhanden. + $p = array(); - $p['url'] = $app['url']; - $p['description'] = @$app['description']; - if ( isset($app['param']) ) + $p['url'] = $app['url']; + $p['description'] = @$app['description']; + if ( isset($app['param']) ) { $p['url'] .= strpos($p['url'],'?')!==false?'&':'?'; $p['url'] .= $app['param'].'='.session_id(); @@ -458,135 +468,135 @@ class StartAction extends Action $list[] = $p; } - - - $this->metaValues(); + + + $this->metaValues(); $this->setTemplateVar('applications',$list); } - - - - /** - * Ermittelt Meta-Angaben f�r den HTML-Kopf.<br> + + + + /** + * Ermittelt Meta-Angaben f�r den HTML-Kopf.<br> * Falls der Browser die Meta-Angaben entsprechend auswertet, k�nnen �ber feste Browser-Men�s die Projekt direkt ausgew�hlt werden. - * @Unused - */ - private function metaValues() - { - global $conf; - $metaList = array(); - - $user = Session::getUser(); - if ( is_object($user) ) - { - // Projekte ermitteln - $projects = $user->projects; - foreach( $projects as $id=>$name ) - { - $metaList[] = array('name' => 'chapter', - 'url' => Html::url('index','project',$id), - 'title'=> $name ); - } - - if ( $this->userIsAdmin() ) - { - $metaList[] = array('name' => 'appendix', - 'url' => Html::url('index','projectmenu',0 ), - 'title'=> lang('MENU_TREETITLE_ADMINISTRATION' ) ); - - $metaList[] = array('name' => 'chapter', - 'url' => Html::url('index','administration',0), - 'title'=> lang('administration') ); - } - - // Applikationen ermitteln - foreach( $conf['applications'] as $id=>$app ) - { - if ( !is_array($app) ) - continue; - $appUrl = $app['url']; - if ( isset($app['param']) ) - { - $appUrl .= strpos($appUrl,'?')!==false?'&':'?'; - $appUrl .= $app['param'].'='.session_id(); - } - - $metaList[] = array('name' => 'bookmark', - 'url' => $appUrl , - 'title'=> $app['name'] ); - } - } - - $project = Session::getProject(); - if ( is_object($project) && $project->projectid > 0 ) - { - $languages =$project->getLanguages(); - - foreach( $project->getModels() as $modelid=>$modelname ) - { - foreach( $languages as $languageid=>$languagename ) - { - - $metaList[] = array('name' => 'subsection', - 'url' => Html::url('index', - 'project', - $project->projectid, - array('languageid'=>$languageid, - 'modelid' =>$modelid) ), - 'title'=> $modelname.' - '.$languagename - ); - } - } - } - - $metaList[] = array('name' => 'author', - 'url' => $conf['login']['logo']['url'], - 'title'=> $conf['login']['logo']['url'] ); - - $metaList[] = array('name' => 'top', - 'url' => Html::url('index','logout',0 ), - 'title'=> 'Start' ); - - $metaList[] = array('name' => 'contents', - 'url' => Html::url('index','projectmenu',0 ), - 'title'=> lang('MENU_TREETITLE_PROJECTMENU' ) ); - - - $this->setTemplateVar('metaList',$metaList); + * @Unused + */ + private function metaValues() + { + global $conf; + $metaList = array(); + + $user = Session::getUser(); + if ( is_object($user) ) + { + // Projekte ermitteln + $projects = $user->projects; + foreach( $projects as $id=>$name ) + { + $metaList[] = array('name' => 'chapter', + 'url' => Html::url('index','project',$id), + 'title'=> $name ); + } + + if ( $this->userIsAdmin() ) + { + $metaList[] = array('name' => 'appendix', + 'url' => Html::url('index','projectmenu',0 ), + 'title'=> lang('MENU_TREETITLE_ADMINISTRATION' ) ); + + $metaList[] = array('name' => 'chapter', + 'url' => Html::url('index','administration',0), + 'title'=> lang('administration') ); + } + + // Applikationen ermitteln + foreach( $conf['applications'] as $id=>$app ) + { + if ( !is_array($app) ) + continue; + $appUrl = $app['url']; + if ( isset($app['param']) ) + { + $appUrl .= strpos($appUrl,'?')!==false?'&':'?'; + $appUrl .= $app['param'].'='.session_id(); + } + + $metaList[] = array('name' => 'bookmark', + 'url' => $appUrl , + 'title'=> $app['name'] ); + } + } + + $project = Session::getProject(); + if ( is_object($project) && $project->projectid > 0 ) + { + $languages =$project->getLanguages(); + + foreach( $project->getModels() as $modelid=>$modelname ) + { + foreach( $languages as $languageid=>$languagename ) + { + + $metaList[] = array('name' => 'subsection', + 'url' => Html::url('index', + 'project', + $project->projectid, + array('languageid'=>$languageid, + 'modelid' =>$modelid) ), + 'title'=> $modelname.' - '.$languagename + ); + } + } + } + + $metaList[] = array('name' => 'author', + 'url' => $conf['login']['logo']['url'], + 'title'=> $conf['login']['logo']['url'] ); + + $metaList[] = array('name' => 'top', + 'url' => Html::url('index','logout',0 ), + 'title'=> 'Start' ); + + $metaList[] = array('name' => 'contents', + 'url' => Html::url('index','projectmenu',0 ), + 'title'=> lang('MENU_TREETITLE_PROJECTMENU' ) ); + + + $this->setTemplateVar('metaList',$metaList); } - - - - /** - * Open-Id Login, �berpr�fen der Anmeldung.<br> - * Spezifikation: http://openid.net/specs/openid-authentication-1_1.html<br> - * Kapitel "4.4. check_authentication"<br> - * <br> - * Im 2. Schritt (Mode "id_res") erfolgte ein Redirect vom Open-Id Provider an OpenRat zur�ck.<br> - * Wir befinden uns nun im darauf folgenden Request des Browsers.<br> - * <br> - * Es muss noch beim OpenId-Provider die Best�tigung eingeholt werden, danach ist der - * Benutzer angemeldet.<br> + + + + /** + * Open-Id Login, �berpr�fen der Anmeldung.<br> + * Spezifikation: http://openid.net/specs/openid-authentication-1_1.html<br> + * Kapitel "4.4. check_authentication"<br> + * <br> + * Im 2. Schritt (Mode "id_res") erfolgte ein Redirect vom Open-Id Provider an OpenRat zur�ck.<br> + * Wir befinden uns nun im darauf folgenden Request des Browsers.<br> + * <br> + * Es muss noch beim OpenId-Provider die Best�tigung eingeholt werden, danach ist der + * Benutzer angemeldet.<br> */ function openid() - { - global $conf; - $openId = Session::get('openid'); - - if ( !$openId->checkAuthentication() ) - { + { + global $conf; + $openId = Session::get('openid'); + + if ( !$openId->checkAuthentication() ) + { $this->addNotice('user',$openId->user,'LOGIN_OPENID_FAILED',OR_NOTICE_ERROR,array('name'=>$openId->user),array($openId->error) ); $this->addValidationError('openid_url',''); - $this->callSubAction('showlogin'); - return; - } + $this->callSubAction('showlogin'); + return; + } //Html::debug($openId); - - // Anmeldung wurde mit "is_valid:true" best�tigt. - // Der Benutzer ist jetzt eingeloggt. + + // Anmeldung wurde mit "is_valid:true" best�tigt. + // Der Benutzer ist jetzt eingeloggt. $username = $openId->getUserFromIdentiy(); - + if ( empty($username) ) { // Es konnte kein Benutzername ermittelt werden. @@ -594,48 +604,48 @@ class StartAction extends Action $this->addValidationError('openid_url',''); $this->callSubAction('showlogin'); return; - } + } $user = User::loadWithName( $username ); - - if ( $user->userid <=0) - { - // Benutzer ist (noch) nicht vorhanden. - if ( $conf['security']['openid']['add']) // Anlegen? - { - $user->name = $username; - $user->add(); - - $user->mail = $openId->info['email']; - $user->fullname = $openId->info['fullname']; - $user->save(); // Um E-Mail zu speichern (wird bei add() nicht gemacht) - } - else - { - // Benutzer ist nicht in Benutzertabelle vorhanden (und angelegt werden soll er auch nicht). - $this->addNotice('user',$username,'LOGIN_OPENID_FAILED','error',array('name'=>$username) ); - $this->addValidationError('openid_url',''); - $this->callSubAction('showlogin'); - return; - } - } - else - { - // Benutzer ist bereits vorhanden. - if ( @$conf['security']['openid']['update_user']) - { - $user->fullname = $openId->info['fullname']; - $user->mail = $openId->info['email']; - $user->save(); - } - } - - $user->setCurrent(); // Benutzer ist jetzt in der Sitzung. - } - - - /** - * Login. + + if ( $user->userid <=0) + { + // Benutzer ist (noch) nicht vorhanden. + if ( $conf['security']['openid']['add']) // Anlegen? + { + $user->name = $username; + $user->add(); + + $user->mail = $openId->info['email']; + $user->fullname = $openId->info['fullname']; + $user->save(); // Um E-Mail zu speichern (wird bei add() nicht gemacht) + } + else + { + // Benutzer ist nicht in Benutzertabelle vorhanden (und angelegt werden soll er auch nicht). + $this->addNotice('user',$username,'LOGIN_OPENID_FAILED','error',array('name'=>$username) ); + $this->addValidationError('openid_url',''); + $this->callSubAction('showlogin'); + return; + } + } + else + { + // Benutzer ist bereits vorhanden. + if ( @$conf['security']['openid']['update_user']) + { + $user->fullname = $openId->info['fullname']; + $user->mail = $openId->info['email']; + $user->save(); + } + } + + $user->setCurrent(); // Benutzer ist jetzt in der Sitzung. + } + + + /** + * Login. */ function loginPost() { @@ -651,29 +661,29 @@ class StartAction extends Action $loginName = $this->getRequestVar('login_name' ,OR_FILTER_ALPHANUM); $loginPassword = $this->getRequestVar('login_password',OR_FILTER_ALPHANUM); $newPassword1 = $this->getRequestVar('password1' ,OR_FILTER_ALPHANUM); - $newPassword2 = $this->getRequestVar('password2' ,OR_FILTER_ALPHANUM); + $newPassword2 = $this->getRequestVar('password2' ,OR_FILTER_ALPHANUM); // Cookie setzen setcookie('or_username',$loginName,time()+(60*60*24*30*12*2) ); - - // Login mit Open-Id. - if ( $this->hasRequestVar('openid_provider') && ($this->getRequestVar('openid_provider') != 'identity' || !empty($openid_user)) ) - { - $openId = new OpenId($this->getRequestVar('openid_provider'),$openid_user); - - if ( ! $openId->login() ) - { - $this->addNotice('user',$openid_user,'LOGIN_OPENID_FAILED','error',array('name'=>$openid_user),array($openId->error) ); - $this->addValidationError('openid_url',''); - $this->callSubAction('showlogin'); - return; + + // Login mit Open-Id. + if ( $this->hasRequestVar('openid_provider') && ($this->getRequestVar('openid_provider') != 'identity' || !empty($openid_user)) ) + { + $openId = new OpenId($this->getRequestVar('openid_provider'),$openid_user); + + if ( ! $openId->login() ) + { + $this->addNotice('user',$openid_user,'LOGIN_OPENID_FAILED','error',array('name'=>$openid_user),array($openId->error) ); + $this->addValidationError('openid_url',''); + $this->callSubAction('showlogin'); + return; } - Session::set('openid',$openId); - $openId->redirect(); - die('Unreachable Code'); - } - + Session::set('openid',$openId); + $openId->redirect(); + die('Unreachable Code'); + } + // Ermitteln, ob der Baum angezeigt werden soll // Ist die Breite zu klein, dann wird der Baum nicht angezeigt @@ -689,66 +699,66 @@ class StartAction extends Action if ( !$loginOk ) { - if ( $this->mustChangePassword ) + if ( $this->mustChangePassword ) { - // Anmeldung gescheitert, Benutzer muss Kennwort �ndern. + // Anmeldung gescheitert, Benutzer muss Kennwort �ndern. $this->addNotice('user',$loginName,'LOGIN_FAILED_MUSTCHANGEPASSWORD','error' ); - $this->addValidationError('password1',''); - $this->addValidationError('password2',''); - } - else + $this->addValidationError('password1',''); + $this->addValidationError('password2',''); + } + else { // Anmeldung gescheitert. - $this->addNotice('user',$loginName,'LOGIN_FAILED','error',array('name'=>$loginName) ); - $this->addValidationError('login_name' ,''); - $this->addValidationError('login_password',''); + $this->addNotice('user',$loginName,'LOGIN_FAILED','error',array('name'=>$loginName) ); + $this->addValidationError('login_name' ,''); + $this->addValidationError('login_password',''); } Logger::debug("Login failed for user '$loginName'"); - $this->callSubAction('login'); + $this->callSubAction('login'); return; - } - else + } + else { Logger::debug("Login successful for user '$loginName'"); // Anmeldung erfolgreich. if ( config('security','renew_session_login') ) $this->recreateSession(); - - $user = Session::getUser(); - $this->addNotice('user',$user->name,'LOGIN_OK',OR_NOTICE_OK,array('name'=>$user->fullname)); - - $this->evaluateRequestVars(); - - $object = Session::getObject(); - // Falls noch kein Objekt ausgew�hlt, dann das zuletzt ge�nderte benutzen. + + $user = Session::getUser(); + $this->addNotice('user',$user->name,'LOGIN_OK',OR_NOTICE_OK,array('name'=>$user->fullname)); + + $this->evaluateRequestVars(); + + $object = Session::getObject(); + // Falls noch kein Objekt ausgew�hlt, dann das zuletzt ge�nderte benutzen. if ( !is_object($object) && @$conf['login']['start']['start_lastchanged_object'] ) - { - $objectid = Value::getLastChangedObjectByUserId($user->userid); - if ( Object::available($objectid)) - { - $object = new Object($objectid); - $object->load(); - Session::setObject($object); - } - - $project = new Project( $object->projectid ); - $project->load(); - Session::setProject( $project ); - - $language = new Language( isset($vars[REQ_PARAM_LANGUAGE_ID])&&Language::available($vars[REQ_PARAM_LANGUAGE_ID])?$vars[REQ_PARAM_LANGUAGE_ID]:$project->getDefaultLanguageId() ); - $language->load(); - Session::setProjectLanguage( $language ); - - $model = new Model( isset($vars[REQ_PARAM_MODEL_ID])&&Model::available($vars[REQ_PARAM_MODEL_ID])?$vars[REQ_PARAM_MODEL_ID]:$project->getDefaultModelId() ); - $model->load(); - Session::setProjectModel( $model ); + { + $objectid = Value::getLastChangedObjectByUserId($user->userid); + if ( Object::available($objectid)) + { + $object = new Object($objectid); + $object->load(); + Session::setObject($object); + } + + $project = new Project( $object->projectid ); + $project->load(); + Session::setProject( $project ); + + $language = new Language( isset($vars[REQ_PARAM_LANGUAGE_ID])&&Language::available($vars[REQ_PARAM_LANGUAGE_ID])?$vars[REQ_PARAM_LANGUAGE_ID]:$project->getDefaultLanguageId() ); + $language->load(); + Session::setProjectLanguage( $language ); + + $model = new Model( isset($vars[REQ_PARAM_MODEL_ID])&&Model::available($vars[REQ_PARAM_MODEL_ID])?$vars[REQ_PARAM_MODEL_ID]:$project->getDefaultModelId() ); + $model->load(); + Session::setProjectModel( $model ); } } - $this->refresh(); // Benutzer ist angemeldet: Andere Views könnte das interessieren. + $this->refresh(); // Benutzer ist angemeldet: Andere Views könnte das interessieren. } @@ -756,32 +766,32 @@ class StartAction extends Action * Benutzer meldet sich ab. */ function logoutPost() - { + { global $conf; $user = Session::getUser(); if ( is_object($user) ) - $this->setTemplateVar('login_username',$user->name); - - // Ausgew�hlte Objekte merken, um nach dem n�. Login wieder sofort auszuw�hlen. - $o = Session::getObject(); + $this->setTemplateVar('login_username',$user->name); + + // Ausgew�hlte Objekte merken, um nach dem n�. Login wieder sofort auszuw�hlen. + $o = Session::getObject(); if ( is_object($o) ) $this->setTemplateVar('objectid',$o->objectid); - $p = Session::getProject(); + $p = Session::getProject(); if ( is_object($p) ) - $this->setTemplateVar('projectid',$p->projectid); - $l = Session::getProjectLanguage(); + $this->setTemplateVar('projectid',$p->projectid); + $l = Session::getProjectLanguage(); if ( is_object($l) ) $this->setTemplateVar('languageid',$l->languageid); - $m = Session::getProjectModel(); + $m = Session::getProjectModel(); if ( is_object($m) ) - $this->setTemplateVar('modelid',$m->modelid); + $this->setTemplateVar('modelid',$m->modelid); $db = db_connection(); if ( is_object($db) ) $this->setTemplateVar('dbid',$db->id); /* - // Alle Variablen aus der Sitzung entfernen. + // Alle Variablen aus der Sitzung entfernen. session_unset(); // Damit wird die Session gelöscht, nicht nur die Session-Daten! @@ -793,40 +803,40 @@ class StartAction extends Action } // Loeschen der Session. - session_destroy(); + session_destroy(); */ if ( config('security','renew_session_logout') ) $this->recreateSession(); session_unset(); - - if ( @$conf['theme']['compiler']['compile_at_logout'] ) - { - foreach( $conf['action'] as $actionName => $actionConfig ) - { - foreach( $actionConfig as $subActionName=>$subaction ) - { + + if ( @$conf['theme']['compiler']['compile_at_logout'] ) + { + foreach( $conf['action'] as $actionName => $actionConfig ) + { + foreach( $actionConfig as $subActionName=>$subaction ) + { if ( is_array($subaction) && - !isset($subaction['goto' ]) && - !isset($subaction['direct']) && - !isset($subaction['action']) && + !isset($subaction['goto' ]) && + !isset($subaction['direct']) && + !isset($subaction['action']) && !isset($subaction['alias' ]) && - $subActionName != 'menu' ) - { - $engine = new template_engine\TemplateEngine(); - $engine->compile( strtolower(str_replace('Action','',$actionName)).'/'.$subActionName); - } - } - } - } - - // Umleiten auf eine definierte URL.s - $redirect_url = @$conf['security']['logout']['redirect_url']; - - if ( !empty($redirect_url) ) - { - header('Location: '.$redirect_url); - exit; + $subActionName != 'menu' ) + { + $engine = new template_engine\TemplateEngine(); + $engine->compile( strtolower(str_replace('Action','',$actionName)).'/'.$subActionName); + } + } + } + } + + // Umleiten auf eine definierte URL.s + $redirect_url = @$conf['security']['logout']['redirect_url']; + + if ( !empty($redirect_url) ) + { + header('Location: '.$redirect_url); + exit; } } @@ -944,13 +954,13 @@ class StartAction extends Action } $this->evaluateRequestVars( array('objectid'=>$this->getRequestId()) ); - + Session::setUser( $user ); } function languagePost() - { + { $user = Session::getUser(); if ( ! is_object($user) ) { @@ -962,7 +972,7 @@ class StartAction extends Action } - function modelPost() + function modelPost() { $user = Session::getUser(); if ( ! is_object($user) ) @@ -971,27 +981,27 @@ class StartAction extends Action return; } - $this->evaluateRequestVars( array(REQ_PARAM_MODEL_ID=>$this->getRequestId()) ); - } - - - /** - * Auswerten der Request-Variablen. - * - * @param Array $add - */ - private function evaluateRequestVars( $add = array() ) + $this->evaluateRequestVars( array(REQ_PARAM_MODEL_ID=>$this->getRequestId()) ); + } + + + /** + * Auswerten der Request-Variablen. + * + * @param Array $add + */ + private function evaluateRequestVars( $add = array() ) { - global $REQ; - $vars = $REQ + $add; - - $db = db_connection(); - if ( !is_object($db) ) - { - if ( isset($vars[REQ_PARAM_DATABASE_ID]) ) - $this->setDb($vars[REQ_PARAM_DATABASE_ID]); - else - Http::serverError('no database available.'); + global $REQ; + $vars = $REQ + $add; + + $db = db_connection(); + if ( !is_object($db) ) + { + if ( isset($vars[REQ_PARAM_DATABASE_ID]) ) + $this->setDb($vars[REQ_PARAM_DATABASE_ID]); + else + Http::serverError('no database available.'); } else { @@ -1004,79 +1014,79 @@ class StartAction extends Action $this->callSubAction('show'); return; } - } - - - if ( isset($vars[REQ_PARAM_OBJECT_ID]) && Object::available($vars[REQ_PARAM_OBJECT_ID]) ) - { - $object = new Object( $vars[REQ_PARAM_OBJECT_ID] ); - $object->objectLoadRaw(); - // Session::setObject( $object ); // Unnötig - - $project = new Project( $object->projectid ); + } + + + if ( isset($vars[REQ_PARAM_OBJECT_ID]) && Object::available($vars[REQ_PARAM_OBJECT_ID]) ) + { + $object = new Object( $vars[REQ_PARAM_OBJECT_ID] ); + $object->objectLoadRaw(); + // Session::setObject( $object ); // Unnötig + + $project = new Project( $object->projectid ); $project->load(); - Session::setProject( $project ); - - $language = new Language( isset($vars[REQ_PARAM_LANGUAGE_ID])&&Language::available($vars[REQ_PARAM_LANGUAGE_ID])?$vars[REQ_PARAM_LANGUAGE_ID]:$project->getDefaultLanguageId() ); - $language->load(); - Session::setProjectLanguage( $language ); - - $model = new Model( isset($vars[REQ_PARAM_MODEL_ID])&&Model::available($vars[REQ_PARAM_MODEL_ID])?$vars[REQ_PARAM_MODEL_ID]:$project->getDefaultModelId() ); - $model->load(); - Session::setProjectModel( $model ); - } - elseif ( isset($vars[REQ_PARAM_LANGUAGE_ID]) && Language::available($vars[REQ_PARAM_LANGUAGE_ID]) ) - { - $language = new Language( $vars[REQ_PARAM_LANGUAGE_ID] ); - $language->load(); - Session::setProjectLanguage( $language ); - - $project = new Project( $language->projectid ); - $project->load(); - Session::setProject( $project ); - - $model = Session::getProjectModel(); - if ( !is_object($model) ) - { - $model = new Model( $project->getDefaultModelId() ); - $model->load(); - Session::setProjectModel( $model ); - } - - } - elseif ( isset($vars[REQ_PARAM_MODEL_ID]) && Model::available($vars[REQ_PARAM_MODEL_ID]) ) - { - $model = new Model( $vars[REQ_PARAM_MODEL_ID] ); - $model->load(); - Session::setProjectModel( $model ); - - $project = new Project( $model->projectid ); - $project->load(); - Session::setProject( $project ); - - $language = Session::getProjectLanguage(); - if ( !is_object($language) || $language->projectid != $project->projectid ) - { - $language = new Language( $project->getDefaultLanguageId() ); - $language->load(); - Session::setProjectLanguage( $language ); - } - } - elseif ( isset($vars[REQ_PARAM_PROJECT_ID])&&Project::available($vars[REQ_PARAM_PROJECT_ID]) ) - { - $project = new Project( $vars[REQ_PARAM_PROJECT_ID] ); - $project->load(); - - Session::setProject( $project ); - - $language = new Language( isset($vars[REQ_PARAM_LANGUAGE_ID])&& Language::available($vars[REQ_PARAM_LANGUAGE_ID])?$vars[REQ_PARAM_LANGUAGE_ID]:$project->getDefaultLanguageId() ); - $language->load(); - Session::setProjectLanguage( $language ); - - $model = new Model( isset($vars[REQ_PARAM_MODEL_ID])&& Model::available($vars[REQ_PARAM_MODEL_ID])?$vars[REQ_PARAM_MODEL_ID]:$project->getDefaultModelId() ); - $model->load(); - Session::setProjectModel( $model ); - } + Session::setProject( $project ); + + $language = new Language( isset($vars[REQ_PARAM_LANGUAGE_ID])&&Language::available($vars[REQ_PARAM_LANGUAGE_ID])?$vars[REQ_PARAM_LANGUAGE_ID]:$project->getDefaultLanguageId() ); + $language->load(); + Session::setProjectLanguage( $language ); + + $model = new Model( isset($vars[REQ_PARAM_MODEL_ID])&&Model::available($vars[REQ_PARAM_MODEL_ID])?$vars[REQ_PARAM_MODEL_ID]:$project->getDefaultModelId() ); + $model->load(); + Session::setProjectModel( $model ); + } + elseif ( isset($vars[REQ_PARAM_LANGUAGE_ID]) && Language::available($vars[REQ_PARAM_LANGUAGE_ID]) ) + { + $language = new Language( $vars[REQ_PARAM_LANGUAGE_ID] ); + $language->load(); + Session::setProjectLanguage( $language ); + + $project = new Project( $language->projectid ); + $project->load(); + Session::setProject( $project ); + + $model = Session::getProjectModel(); + if ( !is_object($model) ) + { + $model = new Model( $project->getDefaultModelId() ); + $model->load(); + Session::setProjectModel( $model ); + } + + } + elseif ( isset($vars[REQ_PARAM_MODEL_ID]) && Model::available($vars[REQ_PARAM_MODEL_ID]) ) + { + $model = new Model( $vars[REQ_PARAM_MODEL_ID] ); + $model->load(); + Session::setProjectModel( $model ); + + $project = new Project( $model->projectid ); + $project->load(); + Session::setProject( $project ); + + $language = Session::getProjectLanguage(); + if ( !is_object($language) || $language->projectid != $project->projectid ) + { + $language = new Language( $project->getDefaultLanguageId() ); + $language->load(); + Session::setProjectLanguage( $language ); + } + } + elseif ( isset($vars[REQ_PARAM_PROJECT_ID])&&Project::available($vars[REQ_PARAM_PROJECT_ID]) ) + { + $project = new Project( $vars[REQ_PARAM_PROJECT_ID] ); + $project->load(); + + Session::setProject( $project ); + + $language = new Language( isset($vars[REQ_PARAM_LANGUAGE_ID])&& Language::available($vars[REQ_PARAM_LANGUAGE_ID])?$vars[REQ_PARAM_LANGUAGE_ID]:$project->getDefaultLanguageId() ); + $language->load(); + Session::setProjectLanguage( $language ); + + $model = new Model( isset($vars[REQ_PARAM_MODEL_ID])&& Model::available($vars[REQ_PARAM_MODEL_ID])?$vars[REQ_PARAM_MODEL_ID]:$project->getDefaultModelId() ); + $model->load(); + Session::setProjectModel( $model ); + } } @@ -1114,27 +1124,27 @@ class StartAction extends Action global $PHP_AUTH_USER; global $PHP_AUTH_PW; - $user = Session::getUser(); - // Gast-Login + $user = Session::getUser(); + // Gast-Login + if ( ! is_object($user) ) + { + if ( $conf['security']['guest']['enable'] ) + { + $this->setDefaultDb(); + $username = $conf['security']['guest']['user']; + $user = User::loadWithName($username); + if ( $user->userid > 0 ) + $user->setCurrent(); + else + { + Logger::warn('Guest login failed, user not found: '.$username); + $this->addNotice('user',$username,'LOGIN_FAILED',OR_NOTICE_WARN,array('name'=>$username) ); + $user = null; + } + } + } + if ( ! is_object($user) ) - { - if ( $conf['security']['guest']['enable'] ) - { - $this->setDefaultDb(); - $username = $conf['security']['guest']['user']; - $user = User::loadWithName($username); - if ( $user->userid > 0 ) - $user->setCurrent(); - else - { - Logger::warn('Guest login failed, user not found: '.$username); - $this->addNotice('user',$username,'LOGIN_FAILED',OR_NOTICE_WARN,array('name'=>$username) ); - $user = null; - } - } - } - - if ( ! is_object($user) ) { switch( $conf['security']['login']['type'] ) { @@ -1161,7 +1171,7 @@ class StartAction extends Action case 'form': // Benutzer ist nicht angemeldet - $this->callSubAction( 'showlogin' ); // Anzeigen der Login-Maske + $this->callSubAction( 'showlogin' ); // Anzeigen der Login-Maske return; break; @@ -1184,43 +1194,43 @@ class StartAction extends Action $modelid = intval( $this->getRequestVar('modelid' ) ); $objectid = intval( $this->getRequestVar('objectid' ) ); $elementid = intval( $this->getRequestVar('elementid' ) ); - - if ( $projectid != 0 ) - { + + if ( $projectid != 0 ) + { $project = new Project( $projectid ); - $project->load(); - Session::setProject($project); - } - elseif ( $languageid != 0 ) - { + $project->load(); + Session::setProject($project); + } + elseif ( $languageid != 0 ) + { $language = new Language( $languageid ); - $language->load(); - Session::setProjectLanguage($language); - } - elseif ( $modelid != 0 ) - { + $language->load(); + Session::setProjectLanguage($language); + } + elseif ( $modelid != 0 ) + { $model = new Model( $modelid ); - $model->load(); - Session::setProjectModel($model); - } - elseif ( $objectid != 0 ) - { + $model->load(); + Session::setProjectModel($model); + } + elseif ( $objectid != 0 ) + { $object = new Object( $objectid ); $object->objectLoad(); - Session::setObject($object); - } - if ( $elementid != 0 ) - { - $element = new Element( $elementid ); - Session::setElement($element); - } + Session::setObject($object); + } + if ( $elementid != 0 ) + { + $element = new Element( $elementid ); + Session::setElement($element); + } $project = Session::getProject(); $object = Session::getObject(); - $elementid = 0; - - if ( is_object($project) ) - { + $elementid = 0; + + if ( is_object($project) ) + { if ( $project->projectid == PROJECTID_ADMIN ) { $project->name = lang('ADMINISTRATION'); @@ -1235,28 +1245,28 @@ class StartAction extends Action if ( is_object($object) ) { - $type = $object->getType(); + $type = $object->getType(); - if ( $type == 'page' ) - { - $page = new Page($object->objectid); - $page->load(); - $elementList = $page->getWritableElements(); - if ( count($elementList) == 1 ) - $elementid = current(array_keys($elementList)); - } - - if ( $elementid > 0 ) - $this->setTemplateVar( 'frame_src_main',Html::url('main','pageelement',$object->objectid,array('elementid'=>$elementid,'targetSubAction'=>'edit')) ); - else - $this->setTemplateVar( 'frame_src_main',Html::url('main',$type,$object->objectid) ); - } - else - { - $this->setTemplateVar( 'frame_src_main',Html::url('main','empty',0,array(REQ_PARAM_TARGETSUBACTION=>'blank')) ); + if ( $type == 'page' ) + { + $page = new Page($object->objectid); + $page->load(); + $elementList = $page->getWritableElements(); + if ( count($elementList) == 1 ) + $elementid = current(array_keys($elementList)); + } + + if ( $elementid > 0 ) + $this->setTemplateVar( 'frame_src_main',Html::url('main','pageelement',$object->objectid,array('elementid'=>$elementid,'targetSubAction'=>'edit')) ); + else + $this->setTemplateVar( 'frame_src_main',Html::url('main',$type,$object->objectid) ); + } + else + { + $this->setTemplateVar( 'frame_src_main',Html::url('main','empty',0,array(REQ_PARAM_TARGETSUBACTION=>'blank')) ); } } - elseif ( is_object($project) && $project->projectid == PROJECTID_ADMIN ) + elseif ( is_object($project) && $project->projectid == PROJECTID_ADMIN ) { if ( $this->hasRequestVar('projectid') ) $this->setTemplateVar( 'frame_src_main',Html::url('main','project',$this->getRequestVar('projectid')) ); @@ -1264,7 +1274,7 @@ class StartAction extends Action $this->setTemplateVar( 'frame_src_main',Html::url('main','group' ,$this->getRequestVar('groupid' )) ); elseif ( $this->hasRequestVar('userid') ) $this->setTemplateVar( 'frame_src_main',Html::url('main','user' ,$this->getRequestVar('userid' )) ); - else + else $this->setTemplateVar( 'frame_src_main',Html::url('main','empty',0,array(REQ_PARAM_TARGETSUBACTION=>'blank')) ); } else @@ -1282,8 +1292,8 @@ class StartAction extends Action $this->setTemplateVar( 'frame_src_clipboard' ,Html::url( 'clipboard' ) ); $this->setTemplateVar( 'frame_src_status' ,Html::url( 'status' ) ); - $this->setTemplateVar( 'tree_width',$conf['interface']['tree_width'] ); - + $this->setTemplateVar( 'tree_width',$conf['interface']['tree_width'] ); + $this->metaValues(); } @@ -1302,25 +1312,25 @@ class StartAction extends Action case 'register': // Registrierung // Nur, wenn aktiviert und gegen eigene Datenbank authentisiert wird. - return @$conf['login']['register'] && @$conf['security']['auth']['type'] == 'database'; - + return @$conf['login']['register'] && @$conf['security']['auth']['type'] == 'database'; + case 'password': // Kennwort vergessen - // Nur, wenn aktiviert und gegen eigene Datenbank authentisiert wird. - // Deaktiviert, falls LDAP-Lookup aktiviert ist. - return @$conf['login']['send_password'] && @$conf['security']['auth']['type'] == 'database' + // Nur, wenn aktiviert und gegen eigene Datenbank authentisiert wird. + // Deaktiviert, falls LDAP-Lookup aktiviert ist. + return @$conf['login']['send_password'] && @$conf['security']['auth']['type'] == 'database' && !@$conf['security']['auth']['userdn']; - - case 'administration': + + case 'administration': // "Administration" nat�rlich nur f�r Administratoren. return $this->userIsAdmin(); - - case 'login': + + case 'login': return !@$conf['login']['nologin']; - case 'logout': + case 'logout': return true; - case 'projectmenu': + case 'projectmenu': return true; default: @@ -1353,7 +1363,7 @@ class StartAction extends Action $this->callSubAction('register'); return; } - + srand ((double)microtime()*1000003); $registerCode = rand(); @@ -1364,26 +1374,26 @@ class StartAction extends Action $mail = new Mail($email_address, 'register_commit_code','register_commit_code'); $mail->setVar('code',$registerCode); // Registrierungscode als Text-Variable - - if ( $mail->send() ) - { - $this->addNotice('','','mail_sent',OR_NOTICE_OK); - } - else - { - $this->addNotice('','','mail_not_sent',OR_NOTICE_ERROR,array(),$mail->error); - $this->callSubAction('register'); - return; - } - } - - - - public function registeruserdata() - { + + if ( $mail->send() ) + { + $this->addNotice('','','mail_sent',OR_NOTICE_OK); + } + else + { + $this->addNotice('','','mail_not_sent',OR_NOTICE_ERROR,array(),$mail->error); + $this->callSubAction('register'); + return; + } + } + + + + public function registeruserdata() + { global $conf; - - Session::set('registerMail',$this->getRequestVar('mail') ); + + Session::set('registerMail',$this->getRequestVar('mail') ); // TODO: Attribut "Password" abfragen foreach( $conf['database'] as $dbname=>$dbconf ) { @@ -1406,7 +1416,7 @@ class StartAction extends Action * Benutzer hat Best�tigungscode erhalten und eingegeben. */ public function registercommit() - { + { global $conf; $this->checkForDb(); @@ -1414,37 +1424,37 @@ class StartAction extends Action $inputRegisterCode = $this->getRequestVar('code'); if ( $origRegisterCode != $inputRegisterCode ) - { + { // Best�tigungscode stimmt nicht. - $this->addValidationError('code','code_not_match'); - $this->callSubAction('registeruserdata'); - return; - } + $this->addValidationError('code','code_not_match'); + $this->callSubAction('registeruserdata'); + return; + } - // Best�tigungscode stimmt �berein. + // Best�tigungscode stimmt �berein. // Neuen Benutzer anlegen. - - if ( !$this->hasRequestVar('username') ) - { - $this->addValidationError('username'); - $this->callSubAction('registeruserdata'); - return; - } - - $user = User::loadWithName( $this->getRequestVar('username') ); - if ( $user->isValid() ) - { - $this->addValidationError('username','USER_ALREADY_IN_DATABASE'); - $this->callSubAction('registeruserdata'); - return; - } - - if ( strlen($this->getRequestVar('password')) < $conf['security']['password']['min_length'] ) - { - $this->addValidationError('password','password_minlength',array('minlength'=>$conf['security']['password']['min_length'])); - $this->callSubAction('registeruserdata'); - return; - } + + if ( !$this->hasRequestVar('username') ) + { + $this->addValidationError('username'); + $this->callSubAction('registeruserdata'); + return; + } + + $user = User::loadWithName( $this->getRequestVar('username') ); + if ( $user->isValid() ) + { + $this->addValidationError('username','USER_ALREADY_IN_DATABASE'); + $this->callSubAction('registeruserdata'); + return; + } + + if ( strlen($this->getRequestVar('password')) < $conf['security']['password']['min_length'] ) + { + $this->addValidationError('password','password_minlength',array('minlength'=>$conf['security']['password']['min_length'])); + $this->callSubAction('registeruserdata'); + return; + } $newUser = new User(); $newUser->name = $this->getRequestVar('username'); @@ -1535,13 +1545,13 @@ class StartAction extends Action * Einen Kennwort-Anforderungscode an den Benutzer senden. */ public function passwordcode() - { - if ( !$this->hasRequestVar('username') ) - { - $this->addValidationError('username'); - $this->callSubAction('password'); - return; - } + { + if ( !$this->hasRequestVar('username') ) + { + $this->addValidationError('username'); + $this->callSubAction('password'); + return; + } $this->checkForDb(); @@ -1560,8 +1570,8 @@ class StartAction extends Action $eMail->setVar('name',$user->getName()); $eMail->setVar('code',$code); if ( $eMail->send() ) - $this->addNotice('user',$user->getName(),'mail_sent',OR_NOTICE_OK); - else + $this->addNotice('user',$user->getName(),'mail_sent',OR_NOTICE_OK); + else $this->addNotice('user',$user->getName(),'mail_not_sent',OR_NOTICE_ERROR,array(),$eMail->error); } @@ -1576,16 +1586,16 @@ class StartAction extends Action $this->setSessionVar("password_commit_name",$user->name); } - - - - /** - * Anzeige Formular zum Eingeben des Kennwort-Codes. - * - */ - public function passwordinputcode() - { - + + + + /** + * Anzeige Formular zum Eingeben des Kennwort-Codes. + * + */ + public function passwordinputcode() + { + } @@ -1593,49 +1603,49 @@ class StartAction extends Action * Neues Kennwort erzeugen und dem Benutzer zusenden. */ public function passwordcommit() - { - $username = $this->getSessionVar("password_commit_name"); - - if ( $this->getRequestVar("code")=='' || - $this->getSessionVar("password_commit_code") != $this->getRequestVar("code") ) - { - $this->addValidationError('code','PASSWORDCODE_NOT_MATCH'); + { + $username = $this->getSessionVar("password_commit_name"); + + if ( $this->getRequestVar("code")=='' || + $this->getSessionVar("password_commit_code") != $this->getRequestVar("code") ) + { + $this->addValidationError('code','PASSWORDCODE_NOT_MATCH'); $this->callSubAction('passwordinputcode'); return; - } + } $user = User::loadWithName( $username ); if ( !$user->isValid() ) - { + { // Benutzer konnte nicht geladen werden. $this->addNotice('user',$username,'error',OR_NOTICE_ERROR); - return; - } - - $newPw = User::createPassword(); // Neues Kennwort erzeugen. - + return; + } + + $newPw = User::createPassword(); // Neues Kennwort erzeugen. + $eMail = new Mail( $user->mail,'password_new' ); $eMail->setVar('name' ,$user->getName()); $eMail->setVar('password',$newPw ); - + if ( $eMail->send() ) - { + { $user->setPassword( $newPw, false ); // Kennwort muss beim n�. Login ge�ndert werden. $this->addNotice('user',$username,'mail_sent',OR_NOTICE_OK); - } - else - { - // Sollte eigentlich nicht vorkommen, da der Benutzer ja auch schon den - // Code per E-Mail erhalten hat. - $this->addNotice('user',$username,'error',OR_NOTICE_ERROR,array(),$eMail->error); } - } - + else + { + // Sollte eigentlich nicht vorkommen, da der Benutzer ja auch schon den + // Code per E-Mail erhalten hat. + $this->addNotice('user',$username,'error',OR_NOTICE_ERROR,array(),$eMail->error); + } + } + /** * Erzeugt eine neue Sitzung. - */ + */ private function recreateSession() { diff --git a/action/TemplateAction.class.php b/action/TemplateAction.class.php @@ -1,8 +1,17 @@ <?php + +namespace cms\action; + +namespace cms\action; use cms\model\Element; use cms\model\Template; use cms\model\Page; + + +use Session; +use \Html; + // OpenRat Content Management System // Copyright (C) 2002-2009 Jan Dankert // @@ -36,7 +45,7 @@ class TemplateAction extends Action var $element; - function TemplateAction() + function __construct() { $this->template = new Template( $this->getRequestId() ); $this->template->load(); diff --git a/action/TemplatelistAction.class.php b/action/TemplatelistAction.class.php @@ -1,4 +1,7 @@ <?php + +namespace cms\action; + use cms\model\Element; use cms\model\Template; @@ -30,7 +33,7 @@ class TemplatelistAction extends Action { public $security = SECURITY_USER; - function TemplatelistAction() + function __construct() { } diff --git a/action/TitleAction.class.php b/action/TitleAction.class.php @@ -1,9 +1,14 @@ <?php + +namespace cms\action; + use cms\model\Project; use cms\model\Object; use cms\model\Language; use cms\model\Model; +use Session; +use \Html; // OpenRat Content Management System // Copyright (C) 2002-2009 Jan Dankert, jandankert@jandankert.de // diff --git a/action/TreeAction.class.php b/action/TreeAction.class.php @@ -1,7 +1,19 @@ <?php + +namespace cms\action; + +use AdministrationTree; use cms\model\Language; use cms\model\Model; +use Exception; +use JSqueeze; +use Less_Parser; +use Logger; +use ObjectNotFoundException; +use ProjectTree; +use Session; +use \Html; // OpenRat Content Management System // Copyright (C) 2002 Jan Dankert, jandankert@jandankert.de // diff --git a/action/UserAction.class.php b/action/UserAction.class.php @@ -1,4 +1,7 @@ <?php + +namespace cms\action; + use cms\model\Acl; use cms\model\User; use cms\model\Project; @@ -6,6 +9,20 @@ use cms\model\Group; use cms\model\Object; use cms\model\Language; + + + +use Base2n; +use Exception; +use JSqueeze; +use Less_Parser; +use Logger; +use ObjectNotFoundException; +use Password; +use Session; +use \Html; +use \Mail; + // OpenRat Content Management System // Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de // @@ -38,7 +55,7 @@ class UserAction extends Action var $defaultSubAction = 'edit'; - function UserAction() + function __construct() { $this->user = new User( $this->getRequestId() ); $this->user->load(); diff --git a/action/UserlistAction.class.php b/action/UserlistAction.class.php @@ -1,4 +1,7 @@ <?php + +namespace cms\action; + use cms\model\User; // OpenRat Content Management System @@ -29,7 +32,7 @@ class UserlistAction extends Action { public $security = SECURITY_ADMIN; - function UserlistAction() + function __construct() { } diff --git a/action/WebdavAction.class.php b/action/WebdavAction.class.php @@ -1,4 +1,7 @@ <?php + +namespace cms\action; + use cms\model\User; use cms\model\Project; use cms\model\Page; @@ -63,7 +66,7 @@ class WebdavAction extends Action * Im Kontruktor wird der Request analysiert und ggf. eine Authentifzierung * durchgefuehrt. */ - function WebdavAction() + function __construct() { if (!defined('E_STRICT')) define('E_STRICT', 2048); diff --git a/action/WorkbenchAction.class.php b/action/WorkbenchAction.class.php @@ -1,8 +1,14 @@ <?php + +namespace cms\action; + use cms\model\Value; use cms\model\Folder; use cms\model\Object; +use Logger; +use Session; + /** * Action-Klasse zum Anzeigen der Workbench * @author Jan Dankert @@ -10,20 +16,20 @@ use cms\model\Object; */ class WorkbenchAction extends Action { - public $security = SECURITY_GUEST; + public $security = SECURITY_GUEST; private $perspective; /** * Konstruktor */ - function WorkbenchAction() + function __construct() { global $conf; $this->perspective = Session::get('perspective'); - + } @@ -47,18 +53,18 @@ class WorkbenchAction extends Action if ( $conf['login']['start']['start_lastchanged_object'] ) { - $user = Session::getUser(); - - $objectid = Value::getLastChangedObjectInProjectByUserId($project->projectid, $user->userid); - if ( Object::available($objectid)) + $user = Session::getUser(); + + $objectid = Value::getLastChangedObjectInProjectByUserId($project->projectid, $user->userid); + if ( Object::available($objectid)) { $object = new Object($objectid); $object->load(); - Logger::debug('preselecting object '.$objectid); + Logger::debug('preselecting object '.$objectid); $preselectedobjects[] = $object; } - } + } } global $viewconfig; diff --git a/dispatcher.php b/dispatcher.php @@ -26,7 +26,7 @@ try { require_once( 'init.php' ); - + // Werkzeugklassen einbinden. require_once( OR_OBJECTCLASSES_DIR ."include.inc.".PHP_EXT ); @@ -69,38 +69,38 @@ try // Default-Sprache hinzufuegen. // Wird dann verwendet, wenn die vom Browser angeforderten Sprachen - // nicht vorhanden sind + // nicht vorhanden sind $languages[] = $conf['i18n']['default']; - $available = explode(',',$conf['i18n']['available']); + $available = explode(',',$conf['i18n']['available']); foreach( $languages as $l ) - { + { if ( !in_array($l,$available) ) - continue; + continue; // Pruefen, ob Sprache vorhanden ist. $langFile = OR_LANGUAGE_DIR.'lang-'.$l.'.'.PHP_EXT; if ( !file_exists( $langFile ) ) - throw new LogicException("File does not exist: ".$langFile); + throw new LogicException("File does not exist: ".$langFile); require( $langFile ); $conf['language'] = $lang; $conf['language']['language_code'] = $l; break; } - - + + if ( !isset($conf['language']) ) - Http::serverError('no language found! (languages='.implode(',',$languages).')' ); - + Http::serverError('no language found! (languages='.implode(',',$languages).')' ); + // Schreibt die Konfiguration in die Sitzung. Diese wird anschliessend nicht // mehr veraendert. Session::setConfig( $conf ); } // Nachdem die Konfiguration gelesen wurde, kann nun der Logger benutzt werden. - require_once( OR_SERVICECLASSES_DIR."Logger.class.".PHP_EXT ); + require_once( OR_SERVICECLASSES_DIR."Logger.class.".PHP_EXT ); if ( !empty($conf['security']['umask']) ) umask( octdec($conf['security']['umask']) ); @@ -133,10 +133,10 @@ try $db = Session::getDatabase(); if ( is_object( $db ) ) { - $ok = $db->connect(); - if ( !$ok ) + $ok = $db->connect(); + if ( !$ok ) Http::sendStatus('503','Service Unavailable','Database is not available: '.$db->error); - + Session::setDatabase( $db ); $db->start(); } @@ -151,20 +151,21 @@ try else { Http::serverError("no method (subaction) supplied"); - } - - require( OR_ACTIONCLASSES_DIR.'/Action.class.php' ); - require( OR_ACTIONCLASSES_DIR.'/ObjectAction.class.php' ); + } + + require( OR_ACTIONCLASSES_DIR.'Action.class.php' ); + require( OR_ACTIONCLASSES_DIR.'ObjectAction.class.php' ); $actionClassName = ucfirst($action).'Action'; - + $actionClassNameWithNamespace = 'cms\\action\\'.$actionClassName; + require_once( OR_ACTIONCLASSES_DIR.'/'.$actionClassName.'.class.php' ); // Erzeugen der Action-Klasse try { - $do = new $actionClassName; + $do = new $actionClassNameWithNamespace; } catch( ObjectNotFoundException $e ) { @@ -235,19 +236,19 @@ catch( ObjectNotFoundException $e ) { Logger::warn( "Object not found: ".$e->__toString() ); // Nur Debug, da dies bei gelöschten Objekten vorkommen kann. Http::noContent(); -} -catch( OpenRatException $e ) -{ - Http::serverError( lang($e->key),$e->__toString()); +} +catch( OpenRatException $e ) +{ + Http::serverError( lang($e->key),$e->__toString()); } catch( SecurityException $e ) { Logger::info($e->getMessage()); Http::notAuthorized("You are not allowed to execute this action."); -} -catch( Exception $e ) -{ - Http::serverError( "Internal CMS error",$e->__toString() ); +} +catch( Exception $e ) +{ + Http::serverError( "Internal CMS error",$e->__toString() ); } // fertig :)