Overview

Namespaces

  • Alpha
    • Controller
      • Front
    • Exception
    • Model
      • Type
    • Task
    • Util
      • Backup
      • Cache
      • Code
        • Highlight
        • Metric
      • Config
      • Convertor
      • Email
      • Extension
      • Feed
      • File
      • Graph
      • Helper
      • Http
        • Filter
        • Session
      • Image
      • Logging
      • Search
      • Security
    • View
      • Renderer
        • Html
        • Json
      • Widget

Classes

  • ActiveRecordController
  • ArticleController
  • AttachmentController
  • CacheController
  • Controller
  • DEnumController
  • ExcelController
  • FeedController
  • GenSecureQueryStringController
  • ImageController
  • IndexController
  • InstallController
  • ListActiveRecordsController
  • LogController
  • LoginController
  • LogoutController
  • MetricController
  • PhpinfoController
  • RecordSelectorController
  • SearchController
  • SequenceController
  • TagController

Interfaces

  • ControllerInterface
  • Overview
  • Namespace
  • Class
  • Tree 
  1: <?php
  2: 
  3: namespace Alpha\Controller;
  4: 
  5: use Alpha\Util\Logging\Logger;
  6: use Alpha\Util\Config\ConfigProvider;
  7: use Alpha\Util\Security\SecurityUtils;
  8: use Alpha\Util\Http\Request;
  9: use Alpha\Util\Http\Response;
 10: use Alpha\View\View;
 11: use Alpha\View\Widget\StringBox;
 12: use Alpha\View\Widget\Button;
 13: use Alpha\Controller\Front\FrontController;
 14: use Alpha\Model\Type\String;
 15: 
 16: /**
 17:  * Controller used to generate secure URLs from the query strings provided.
 18:  *
 19:  * @since 1.0
 20:  *
 21:  * @author John Collins <dev@alphaframework.org>
 22:  * @license http://www.opensource.org/licenses/bsd-license.php The BSD License
 23:  * @copyright Copyright (c) 2015, John Collins (founder of Alpha Framework).
 24:  * All rights reserved.
 25:  *
 26:  * <pre>
 27:  * Redistribution and use in source and binary forms, with or
 28:  * without modification, are permitted provided that the
 29:  * following conditions are met:
 30:  *
 31:  * * Redistributions of source code must retain the above
 32:  *   copyright notice, this list of conditions and the
 33:  *   following disclaimer.
 34:  * * Redistributions in binary form must reproduce the above
 35:  *   copyright notice, this list of conditions and the
 36:  *   following disclaimer in the documentation and/or other
 37:  *   materials provided with the distribution.
 38:  * * Neither the name of the Alpha Framework nor the names
 39:  *   of its contributors may be used to endorse or promote
 40:  *   products derived from this software without specific
 41:  *   prior written permission.
 42:  *
 43:  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
 44:  * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
 45:  * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
 46:  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 47:  * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
 48:  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 49:  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 50:  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 51:  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 52:  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 53:  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
 54:  * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 55:  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 56:  * </pre>
 57:  */
 58: class GenSecureQueryStringController extends Controller implements ControllerInterface
 59: {
 60:     /**
 61:      * Trace logger.
 62:      *
 63:      * @var Alpha\Util\Logging\Logger
 64:      *
 65:      * @since 1.0
 66:      */
 67:     private static $logger = null;
 68: 
 69:     /**
 70:      * Constructor.
 71:      *
 72:      * @since 1.0
 73:      */
 74:     public function __construct()
 75:     {
 76:         self::$logger = new Logger('GenSecureQueryStringController');
 77:         self::$logger->debug('>>__construct()');
 78: 
 79:         $config = ConfigProvider::getInstance();
 80: 
 81:         // ensure that the super class constructor is called, indicating the rights group
 82:         parent::__construct('Admin');
 83: 
 84:         $this->setTitle('Generate Secure Query Strings');
 85: 
 86:         self::$logger->debug('<<__construct');
 87:     }
 88: 
 89:     /**
 90:      * Handle GET requests.
 91:      *
 92:      * @param Alpha\Util\Http\Request $request
 93:      *
 94:      * @return Alpha\Util\Http\Response
 95:      *
 96:      * @since 1.0
 97:      */
 98:     public function doGET($request)
 99:     {
100:         self::$logger->debug('>>doGET($request=['.var_export($request, true).'])');
101: 
102:         $body = View::displayPageHead($this);
103: 
104:         $body .= $this->renderForm();
105: 
106:         $body .= View::displayPageFoot($this);
107: 
108:         self::$logger->debug('<<doGET');
109: 
110:         return new Response(200, $body, array('Content-Type' => 'text/html'));
111:     }
112: 
113:     /**
114:      * Handle POST requests.
115:      *
116:      * @param Alpha\Util\Http\Request $request
117:      *
118:      * @return Alpha\Util\Http\Response
119:      *
120:      * @since 1.0
121:      */
122:     public function doPOST($request)
123:     {
124:         self::$logger->debug('>>doPOST($request=['.var_export($request, true).'])');
125: 
126:         $config = ConfigProvider::getInstance();
127: 
128:         $params = $request->getParams();
129: 
130:         $body = View::displayPageHead($this);
131: 
132:         $body .= '<p class="alert alert-success">';
133:         if (isset($params['QS'])) {
134:             $body .= FrontController::generateSecureURL($params['QS']);
135:             self::$logger->action('Generated the secure URL in admin: '.FrontController::generateSecureURL($params['QS']));
136:         }
137:         $body .= '</p>';
138: 
139:         $body .= $this->renderForm();
140: 
141:         $body .= View::displayPageFoot($this);
142: 
143:         self::$logger->debug('<<doPOST');
144: 
145:         return new Response(200, $body, array('Content-Type' => 'text/html'));
146:     }
147: 
148:     /**
149:      * Renders the HTML form for generating secure URLs.
150:      *
151:      * @return string
152:      *
153:      * @since 1.0
154:      */
155:     private function renderForm()
156:     {
157:         $config = ConfigProvider::getInstance();
158: 
159:         $html = '<p>Use this form to generate secure (encrypted) URLs which make use of the Front Controller.  Always be sure to specify an action controller'.
160:             ' (act) at a minimum.</p>';
161:         $html .= '<p>Example 1: to generate a secure URL for viewing article object 00000000001, enter <em>act=Alpha\Controller\ArticleController&amp;ActiveRecordOID=00000000001</em></p>';
162:         $html .= '<p>Example 2: to generate a secure URL for viewing an Atom news feed of the articles, enter'.
163:             ' <em>act=Alpha\Controller\FeedController&amp;ActiveRecordType=Alpha\Model\Article&amp;type=Atom</em></p>';
164: 
165:         $html .= '<form action="'.$this->request->getURI().'" method="post" accept-charset="UTF-8"><div class="form-group">';
166:         $string = new StringBox(new String(''), 'Parameters', 'QS');
167:         $html .= $string->render();
168:         $fieldname = ($config->get('security.encrypt.http.fieldnames') ? base64_encode(SecurityUtils::encrypt('saveBut')) : 'saveBut');
169:         $temp = new Button('submit', 'Generate', $fieldname);
170:         $html .= $temp->render();
171:         $html .= '</div></form>';
172: 
173:         return $html;
174:     }
175: }
176:
Alpha Framework 2.0.4 API Documentation API documentation generated by ApiGen 2.8.0