1: <?php
2:
3:
4: if(!isset($config)) {
5: require_once '../util/AlphaConfig.inc';
6: $config = AlphaConfig::getInstance();
7:
8: require_once $config->get('app.root').'alpha/util/AlphaAutoLoader.inc';
9: }
10:
11: 12: 13: 14: 15: 16: 17: 18: 19: 20: 21: 22: 23: 24: 25: 26: 27: 28: 29: 30: 31: 32: 33: 34: 35: 36: 37: 38: 39: 40: 41: 42: 43: 44: 45: 46: 47: 48: 49: 50: 51: 52: 53: 54: 55:
56: class GenSecureQueryStrings extends AlphaController implements AlphaControllerInterface {
57: 58: 59: 60: 61: 62:
63: private static $logger = null;
64:
65: 66: 67: 68: 69:
70: public function __construct() {
71: self::$logger = new Logger('CacheManager');
72: self::$logger->debug('>>__construct()');
73:
74: global $config;
75:
76:
77: parent::__construct('Admin');
78:
79: $this->setTitle('Generate Secure Query Strings');
80:
81: self::$logger->debug('<<__construct');
82: }
83:
84: 85: 86: 87: 88: 89:
90: public function doGET($params) {
91: self::$logger->debug('>>doGET($params=['.var_export($params, true).'])');
92:
93: echo AlphaView::displayPageHead($this);
94:
95: echo $this->renderForm();
96:
97: echo AlphaView::displayPageFoot($this);
98:
99: self::$logger->debug('<<doGET');
100: }
101:
102: 103: 104: 105: 106: 107:
108: public function doPOST($params) {
109: self::$logger->debug('>>doPOST($params=['.var_export($params, true).'])');
110:
111: global $config;
112:
113: echo AlphaView::displayPageHead($this);
114:
115: echo '<p class="alert alert-success">';
116: if(isset($params['QS'])) {
117: echo FrontController::generateSecureURL($params['QS']);
118: self::$logger->action('Generated the secure URL in admin: '.FrontController::generateSecureURL($params['QS']));
119: }
120: echo '</p>';
121:
122: echo $this->renderForm();
123:
124: echo AlphaView::displayPageFoot($this);
125:
126: self::$logger->debug('<<doPOST');
127: }
128:
129: 130: 131: 132: 133: 134:
135: private function renderForm() {
136: global $config;
137:
138: $html = '<p>Use this form to generate secure (encrypted) URLs which make use of the Front Controller. Always be sure to specify an action controller'.
139: ' (act) at a minimum.</p>';
140: $html .= '<p>Example 1: to generate a secure URL for viewing article object 00000000001, enter <em>act=ViewArticle&oid=00000000001</em></p>';
141: $html .= '<p>Example 2: to generate a secure URL for viewing an Atom news feed of the articles, enter'.
142: ' <em>act=ViewFeed&bo=ArticleObject&type=Atom</em></p>';
143:
144: $html .= '<form action="'.$_SERVER['REQUEST_URI'].'" method="post" accept-charset="UTF-8"><div class="form-group">';
145: $string = new StringBox(new String(''), 'Parameters', 'QS');
146: $html .= $string->render();
147: $fieldname = ($config->get('security.encrypt.http.fieldnames') ? base64_encode(AlphaSecurityUtils::encrypt('saveBut')) : 'saveBut');
148: $temp = new Button('submit', 'Generate', $fieldname);
149: $html .= $temp->render();
150: $html .= '</div></form>';
151:
152: return $html;
153: }
154:
155: 156: 157: 158: 159:
160: public function after_displayPageHead_callback() {
161: $menu = AlphaView::loadTemplateFragment('html', 'adminmenu.phtml', array());
162:
163: return $menu;
164: }
165: }
166:
167:
168: if ('GenSecureQueryStrings.php' == basename($_SERVER['PHP_SELF'])) {
169: $controller = new GenSecureQueryStrings();
170:
171: if(!empty($_POST)) {
172: $controller->doPOST($_QUERY);
173: }else{
174: $controller->doGET($_GET);
175: }
176: }
177:
178: ?>