2011-03-22 22:26:53 +13:00
< ? php
/**
* The most common kind of controller ; effectively a controller linked to a { @ link DataObject } .
*
* ContentControllers are most useful in the content - focused areas of a site . This is generally
* the bulk of a site ; however , they may be less appropriate in , for example , the user management
* section of an application .
*
* On its own , content controller does very little . Its constructor is passed a { @ link DataObject }
* which is stored in $this -> dataRecord . Any unrecognised method calls , for example , Title ()
* and Content (), will be passed along to the data record ,
*
* Subclasses of ContentController are generally instantiated by ModelAsController ; this will create
* a controller based on the URLSegment action variable , by looking in the SiteTree table .
*
* @ todo Can this be used for anything other than SiteTree controllers ?
*
* @ package cms
* @ subpackage control
*/
class ContentController extends Controller {
protected $dataRecord ;
2013-03-18 11:47:15 +01:00
private static $allowed_actions = array (
2011-03-22 22:26:53 +13:00
'successfullyinstalled' ,
'deleteinstallfiles' // secured through custom code
);
/**
* The ContentController will take the URLSegment parameter from the URL and use that to look
* up a SiteTree record .
*/
public function __construct ( $dataRecord = null ) {
if ( ! $dataRecord ) {
$dataRecord = new Page ();
if ( $this -> hasMethod ( " Title " )) $dataRecord -> Title = $this -> Title ();
$dataRecord -> URLSegment = get_class ( $this );
$dataRecord -> ID = - 1 ;
}
$this -> dataRecord = $dataRecord ;
$this -> failover = $this -> dataRecord ;
parent :: __construct ();
}
/**
* Return the link to this controller , but force the expanded link to be returned so that form methods and
* similar will function properly .
*
* @ return string
*/
public function Link ( $action = null ) {
return $this -> data () -> Link (( $action ? $action : true ));
}
//----------------------------------------------------------------------------------//
// These flexible data methods remove the need for custom code to do simple stuff
/**
* Return the children of a given page . The parent reference can either be a page link or an ID .
*
* @ param string | int $parentRef
2011-10-26 18:39:21 +13:00
* @ return SS_List
2011-03-22 22:26:53 +13:00
*/
public function ChildrenOf ( $parentRef ) {
$parent = SiteTree :: get_by_link ( $parentRef );
if ( ! $parent && is_numeric ( $parentRef )) {
$parent = DataObject :: get_by_id ( 'SiteTree' , Convert :: raw2sql ( $parentRef ));
}
if ( $parent ) return $parent -> Children ();
}
/**
2011-10-26 18:39:21 +13:00
* @ return SS_List
2011-03-22 22:26:53 +13:00
*/
public function Page ( $link ) {
return SiteTree :: get_by_link ( $link );
}
public function init () {
parent :: init ();
// If we've accessed the homepage as /home/, then we should redirect to /.
if ( $this -> dataRecord && $this -> dataRecord instanceof SiteTree
&& RootURLController :: should_be_on_root ( $this -> dataRecord ) && ( ! isset ( $this -> urlParams [ 'Action' ]) || ! $this -> urlParams [ 'Action' ] )
2012-05-23 21:45:16 +12:00
&& ! $_POST && ! $_FILES && ! $this -> redirectedTo () ) {
2011-03-22 22:26:53 +13:00
$getVars = $_GET ;
unset ( $getVars [ 'url' ]);
if ( $getVars ) $url = " ? " . http_build_query ( $getVars );
else $url = " " ;
2012-05-23 21:45:16 +12:00
$this -> redirect ( $url , 301 );
2011-03-22 22:26:53 +13:00
return ;
}
if ( $this -> dataRecord ) $this -> dataRecord -> extend ( 'contentcontrollerInit' , $this );
else singleton ( 'SiteTree' ) -> extend ( 'contentcontrollerInit' , $this );
2012-05-23 21:45:16 +12:00
if ( $this -> redirectedTo ()) return ;
2011-03-22 22:26:53 +13:00
// Check page permissions
if ( $this -> dataRecord && $this -> URLSegment != 'Security' && ! $this -> dataRecord -> canView ()) {
return Security :: permissionFailure ( $this );
}
// Draft/Archive security check - only CMS users should be able to look at stage/archived content
if ( $this -> URLSegment != 'Security' && ! Session :: get ( 'unsecuredDraftSite' ) && ( Versioned :: current_archived_date () || ( Versioned :: current_stage () && Versioned :: current_stage () != 'Live' ))) {
if ( ! $this -> dataRecord -> canViewStage ( Versioned :: current_stage ())) {
$link = $this -> Link ();
$message = _t ( " ContentController.DRAFT_SITE_ACCESS_RESTRICTION " , 'You must log in with your CMS password in order to view the draft or archived content. <a href="%s">Click here to go back to the published site.</a>' );
Session :: clear ( 'currentStage' );
Session :: clear ( 'archiveDate' );
return Security :: permissionFailure ( $this , sprintf ( $message , Controller :: join_links ( $link , " ?stage=Live " )));
}
}
2011-05-19 21:26:09 +12:00
2011-03-22 22:26:53 +13:00
// Use theme from the site config
if (( $config = SiteConfig :: current_site_config ()) && $config -> Theme ) {
2013-03-18 11:47:15 +01:00
Config :: inst () -> update ( 'SSViewer' , 'theme' , $config -> Theme );
2011-03-22 22:26:53 +13:00
}
}
/**
* This acts the same as { @ link Controller :: handleRequest ()}, but if an action cannot be found this will attempt to
* fall over to a child controller in order to provide functionality for nested URLs .
*
* @ return SS_HTTPResponse
*/
2012-03-27 17:05:11 +13:00
public function handleRequest ( SS_HTTPRequest $request , DataModel $model = null ) {
2011-03-22 22:26:53 +13:00
$child = null ;
$action = $request -> param ( 'Action' );
2012-05-01 14:46:16 +12:00
$this -> setDataModel ( $model );
2011-03-22 22:26:53 +13:00
// If nested URLs are enabled, and there is no action handler for the current request then attempt to pass
// control to a child controller. This allows for the creation of chains of controllers which correspond to a
// nested URL.
2013-03-18 11:47:15 +01:00
if ( $action && SiteTree :: config () -> nested_urls && ! $this -> hasAction ( $action )) {
2011-03-22 22:26:53 +13:00
// See ModelAdController->getNestedController() for similar logic
2011-03-22 21:30:10 +13:00
if ( class_exists ( 'Translatable' )) Translatable :: disable_locale_filter ();
2011-03-22 22:26:53 +13:00
// look for a page with this URLSegment
2011-05-01 17:42:27 +12:00
$child = $this -> model -> SiteTree -> where ( sprintf (
2012-05-08 22:10:44 +02:00
" \" ParentID \" = %s AND \" URLSegment \" = '%s' " , $this -> ID , Convert :: raw2sql ( rawurlencode ( $action ))
2011-05-01 17:42:27 +12:00
)) -> First ();
2011-03-22 21:30:10 +13:00
if ( class_exists ( 'Translatable' )) Translatable :: enable_locale_filter ();
2011-03-22 22:26:53 +13:00
// if we can't find a page with this URLSegment try to find one that used to have
// that URLSegment but changed. See ModelAsController->getNestedController() for similiar logic.
if ( ! $child ){
$child = ModelAsController :: find_old_page ( $action , $this -> ID );
if ( $child ){
$response = new SS_HTTPResponse ();
$params = $request -> getVars ();
if ( isset ( $params [ 'url' ])) unset ( $params [ 'url' ]);
$response -> redirect (
Controller :: join_links (
$child -> Link (
Controller :: join_links (
$request -> param ( 'ID' ), // 'ID' is the new 'URLSegment', everything shifts up one position
$request -> param ( 'OtherID' )
)
),
// Needs to be in separate join links to avoid urlencoding
( $params ) ? '?' . http_build_query ( $params ) : null
),
301
);
return $response ;
}
}
}
// we found a page with this URLSegment.
if ( $child ) {
$request -> shiftAllParams ();
$request -> shift ();
2011-05-01 17:42:27 +12:00
$response = ModelAsController :: controller_for ( $child ) -> handleRequest ( $request , $model );
2011-03-22 22:26:53 +13:00
} else {
// If a specific locale is requested, and it doesn't match the page found by URLSegment,
// look for a translation and redirect (see #5001). Only happens on the last child in
// a potentially nested URL chain.
2011-03-22 21:30:10 +13:00
if ( class_exists ( 'Translatable' )) {
if ( $request -> getVar ( 'locale' ) && $this -> dataRecord && $this -> dataRecord -> Locale != $request -> getVar ( 'locale' )) {
$translation = $this -> dataRecord -> getTranslation ( $request -> getVar ( 'locale' ));
if ( $translation ) {
$response = new SS_HTTPResponse ();
$response -> redirect ( $translation -> Link (), 301 );
throw new SS_HTTPResponse_Exception ( $response );
}
2011-03-22 22:26:53 +13:00
}
}
Director :: set_current_page ( $this -> data ());
2011-05-01 17:42:27 +12:00
$response = parent :: handleRequest ( $request , $model );
2011-03-22 22:26:53 +13:00
Director :: set_current_page ( null );
}
return $response ;
}
/**
* @ uses ErrorPage :: response_for ()
*/
public function httpError ( $code , $message = null ) {
2012-09-27 12:30:44 +12:00
// Don't use the HTML response for media requests
$response = $this -> request -> isMedia () ? null : ErrorPage :: response_for ( $code );
// Failover to $message if the HTML response is unavailable / inappropriate
parent :: httpError ( $code , $response ? $response : $message );
2011-03-22 22:26:53 +13:00
}
/**
* Get the project name
*
* @ return string
*/
2012-09-19 12:07:46 +02:00
public function project () {
2011-03-22 22:26:53 +13:00
global $project ;
return $project ;
}
/**
* Returns the associated database record
*/
public function data () {
return $this -> dataRecord ;
}
/*--------------------------------------------------------------------------------*/
/**
* Returns a fixed navigation menu of the given level .
2011-10-26 18:39:21 +13:00
* @ return SS_List
2011-03-22 22:26:53 +13:00
*/
public function getMenu ( $level = 1 ) {
if ( $level == 1 ) {
$result = DataObject :: get ( " SiteTree " , " \" ShowInMenus \" = 1 AND \" ParentID \" = 0 " );
} else {
$parent = $this -> data ();
$stack = array ( $parent );
if ( $parent ) {
while ( $parent = $parent -> Parent ) {
array_unshift ( $stack , $parent );
}
}
if ( isset ( $stack [ $level - 2 ])) $result = $stack [ $level - 2 ] -> Children ();
}
$visible = array ();
// Remove all entries the can not be viewed by the current user
// We might need to create a show in menu permission
if ( isset ( $result )) {
foreach ( $result as $page ) {
if ( $page -> canView ()) {
$visible [] = $page ;
}
}
}
2011-05-05 20:40:26 +10:00
return new ArrayList ( $visible );
2011-03-22 22:26:53 +13:00
}
public function Menu ( $level ) {
return $this -> getMenu ( $level );
}
/**
* Returns the default log - in form .
*
* @ todo Check if here should be returned just the default log - in form or
* all available log - in forms ( also OpenID ... )
*/
public function LoginForm () {
return MemberAuthenticator :: get_login_form ( $this );
}
public function SilverStripeNavigator () {
$member = Member :: currentUser ();
$items = '' ;
$message = '' ;
if ( Director :: isDev () || Permission :: check ( 'CMS_ACCESS_CMSMain' ) || Permission :: check ( 'VIEW_DRAFT_CONTENT' )) {
if ( $this -> dataRecord ) {
2011-03-23 10:22:37 +13:00
Requirements :: css ( CMS_DIR . '/css/SilverStripeNavigator.css' );
2012-04-12 20:36:25 +12:00
Requirements :: javascript ( FRAMEWORK_DIR . '/thirdparty/jquery/jquery.js' );
2011-03-23 10:22:37 +13:00
Requirements :: javascript ( CMS_DIR . '/javascript/SilverStripeNavigator.js' );
2011-03-22 22:26:53 +13:00
$return = $nav = SilverStripeNavigator :: get_for_record ( $this -> dataRecord );
$items = $return [ 'items' ];
$message = $return [ 'message' ];
}
if ( $member ) {
$firstname = Convert :: raw2xml ( $member -> FirstName );
$surname = Convert :: raw2xml ( $member -> Surname );
$logInMessage = _t ( 'ContentController.LOGGEDINAS' , 'Logged in as' ) . " { $firstname } { $surname } - <a href= \" Security/logout \" > " . _t ( 'ContentController.LOGOUT' , 'Log out' ) . " </a> " ;
} else {
2013-01-29 17:31:25 +01:00
$logInMessage = sprintf (
'%s - <a href="%s">%s</a>' ,
_t ( 'ContentController.NOTLOGGEDIN' , 'Not logged in' ) ,
Config :: inst () -> get ( 'Security' , 'login_url' ),
_t ( 'ContentController.LOGIN' , 'Login' ) . " </a> "
);
2011-03-22 22:26:53 +13:00
}
$viewPageIn = _t ( 'ContentController.VIEWPAGEIN' , 'View Page in:' );
return <<< HTML
< div id = " SilverStripeNavigator " >
< div class = " holder " >
< div id = " logInStatus " >
$logInMessage
</ div >
< div id = " switchView " class = " bottomTabs " >
2012-08-27 11:47:12 +02:00
$viewPageIn
2011-03-22 22:26:53 +13:00
$items
</ div >
</ div >
</ div >
$message
HTML ;
// On live sites we should still see the archived message
} else {
if ( $date = Versioned :: current_archived_date ()) {
2011-03-23 10:22:37 +13:00
Requirements :: css ( CMS_DIR . '/css/SilverStripeNavigator.css' );
2012-04-04 16:59:22 +02:00
$dateObj = Datetime :: create ( $date , null );
2011-03-22 22:26:53 +13:00
// $dateObj->setVal($date);
return " <div id= \" SilverStripeNavigatorMessage \" > " . _t ( 'ContentController.ARCHIVEDSITEFROM' ) . " <br> " . $dateObj -> Nice () . " </div> " ;
}
}
}
2012-09-19 12:07:46 +02:00
public function SiteConfig () {
2011-03-22 22:26:53 +13:00
if ( method_exists ( $this -> dataRecord , 'getSiteConfig' )) {
return $this -> dataRecord -> getSiteConfig ();
} else {
return SiteConfig :: current_site_config ();
}
}
/**
* Returns an RFC1766 compliant locale string , e . g . 'fr-CA' .
* Inspects the associated { @ link dataRecord } for a { @ link SiteTree -> Locale } value if present ,
* and falls back to { @ link Translatable :: get_current_locale ()} or { @ link i18n :: default_locale ()},
* depending if Translatable is enabled .
*
* Suitable for insertion into lang = and xml : lang =
* attributes in HTML or XHTML output .
*
* @ return string
*/
2012-09-19 12:07:46 +02:00
public function ContentLocale () {
2011-03-22 22:26:53 +13:00
if ( $this -> dataRecord && $this -> dataRecord -> hasExtension ( 'Translatable' )) {
$locale = $this -> dataRecord -> Locale ;
2012-10-10 10:59:52 +13:00
} elseif ( class_exists ( 'Translatable' ) && SiteTree :: has_extension ( 'Translatable' )) {
2011-03-22 22:26:53 +13:00
$locale = Translatable :: get_current_locale ();
} else {
$locale = i18n :: get_locale ();
}
return i18n :: convert_rfc1766 ( $locale );
}
/**
* This action is called by the installation system
*/
2012-09-19 12:07:46 +02:00
public function successfullyinstalled () {
2011-03-22 22:26:53 +13:00
// The manifest should be built by now, so it's safe to publish the 404 page
$fourohfour = Versioned :: get_one_by_stage ( 'ErrorPage' , 'Stage' , '"ErrorCode" = 404' );
if ( $fourohfour ) {
$fourohfour -> write ();
$fourohfour -> publish ( " Stage " , " Live " );
}
// TODO Allow this to work when allow_url_fopen=0
if ( isset ( $_SESSION [ 'StatsID' ]) && $_SESSION [ 'StatsID' ]) {
$url = 'http://ss2stat.silverstripe.com/Installation/installed?ID=' . $_SESSION [ 'StatsID' ];
@ file_get_contents ( $url );
}
global $project ;
2012-05-03 17:52:33 +02:00
$data = new ArrayData ( array (
'Project' => Convert :: raw2xml ( $project ),
'Username' => Convert :: raw2xml ( Session :: get ( 'username' )),
'Password' => Convert :: raw2xml ( Session :: get ( 'password' )),
));
2011-03-22 22:26:53 +13:00
return array (
2012-08-22 13:52:33 +12:00
" Title " => _t ( " ContentController.INSTALL_SUCCESS " , " Installation Successful! " ),
2012-05-03 17:52:33 +02:00
" Content " => $data -> renderWith ( 'Install_successfullyinstalled' ),
2011-03-22 22:26:53 +13:00
);
}
2012-09-19 12:07:46 +02:00
public function deleteinstallfiles () {
2011-03-22 22:26:53 +13:00
if ( ! Permission :: check ( " ADMIN " )) return Security :: permissionFailure ( $this );
$title = new Varchar ( " Title " );
2012-05-03 17:52:33 +02:00
$content = new HTMLText ( 'Content' );
2011-03-22 22:26:53 +13:00
// We can't delete index.php as it might be necessary for URL routing without mod_rewrite.
// There's no safe way to detect usage of mod_rewrite across webservers,
// so we have to assume the file is required.
$installfiles = array (
'install.php' ,
'config-form.css' ,
'config-form.html' ,
'index.html'
);
2012-05-03 17:52:33 +02:00
$unsuccessful = new ArrayList ();
2011-03-22 22:26:53 +13:00
foreach ( $installfiles as $installfile ) {
if ( file_exists ( BASE_PATH . '/' . $installfile )) {
@ unlink ( BASE_PATH . '/' . $installfile );
}
if ( file_exists ( BASE_PATH . '/' . $installfile )) {
2012-05-03 17:52:33 +02:00
$unsuccessful -> push ( new ArrayData ( array ( 'File' => $installfile )));
2011-03-22 22:26:53 +13:00
}
}
2012-05-03 17:52:33 +02:00
$data = new ArrayData ( array (
'Username' => Convert :: raw2xml ( Session :: get ( 'username' )),
'Password' => Convert :: raw2xml ( Session :: get ( 'password' )),
'UnsuccessfulFiles' => $unsuccessful
));
$content -> setValue ( $data -> renderWith ( 'Install_deleteinstallfiles' ));
2011-03-22 22:26:53 +13:00
return array (
" Title " => $title ,
" Content " => $content ,
);
}
2012-03-27 17:05:11 +13:00
}