1.12/actions_8php_source.html

 <?php

 function _elgg_action_handler(array $segments) {

     _elgg_services()->actions->execute(implode('/', $segments));

 }


 function action($action, $forwarder = "") {

     _elgg_services()->actions->execute($action, $forwarder);

 }


 function elgg_register_action($action, $filename = "", $access = 'logged_in') {

     return _elgg_services()->actions->register($action, $filename, $access);

 }


 function elgg_unregister_action($action) {

     return _elgg_services()->actions->unregister($action);

 }


 function elgg_build_hmac($data) {

     return _elgg_services()->crypto->getHmac($data);

 }


 function validate_action_token($visible_errors = true, $token = null, $ts = null) {

     return _elgg_services()->actions->validateActionToken($visible_errors, $token, $ts);

 }


 function action_gatekeeper($action) {

     return _elgg_services()->actions->gatekeeper($action);

 }


 function generate_action_token($timestamp) {

     return _elgg_services()->actions->generateActionToken($timestamp);

 }


 function init_site_secret() {

     return _elgg_services()->siteSecret->init();

 }


 function get_site_secret() {

     return _elgg_services()->siteSecret->get();

 }


 function _elgg_get_site_secret_strength() {

     return _elgg_services()->siteSecret->getStrength();

 }


 function elgg_action_exists($action) {

     return _elgg_services()->actions->exists($action);

 }


 function elgg_is_xhr() {

     return _elgg_services()->request->isXmlHttpRequest();

 }


 function ajax_forward_hook($hook, $type, $reason, $params) {

     _elgg_services()->actions->ajaxForwardHook($hook, $type, $reason, $params);

 }


 function ajax_action_hook() {

     _elgg_services()->actions->ajaxActionHook();

 }


 function _elgg_csrf_token_refresh() {

     if (!elgg_is_xhr()) {

         return false;

     }


     $actions = _elgg_services()->actions;


     // the page's session_token might have expired (not matching __elgg_session in the session), but

     // we still allow it to be given to validate the tokens in the page.

     $session_token = get_input('session_token', null, false);

     $pairs = (array)get_input('pairs', array(), false);

     $valid_tokens = (object)array();

     foreach ($pairs as $pair) {

         list($ts, $token) = explode(',', $pair, 2);

         if ($actions->validateTokenOwnership($token, $ts, $session_token)) {

             $valid_tokens->{$token} = true;

         }

     }


     $ts = time();

     $token = generate_action_token($ts);

     $data = array(

         'token' => array(

             '__elgg_ts' => $ts,

             '__elgg_token' => $token,

             'logged_in' => elgg_is_logged_in(),

         ),

         'valid_tokens' => $valid_tokens,

         'session_token' => elgg_get_session()->get('__elgg_session'),

         'user_guid' => elgg_get_logged_in_user_guid(),

     );


     header("Content-Type: application/json;charset=utf-8");

     echo json_encode($data);


     return true;

 }


 function actions_init() {

     elgg_register_page_handler('action', '_elgg_action_handler');

     elgg_register_page_handler('refresh_token', '_elgg_csrf_token_refresh');


     elgg_register_simplecache_view('js/languages/en');


     elgg_register_plugin_hook_handler('action', 'all', 'ajax_action_hook');

     elgg_register_plugin_hook_handler('forward', 'all', 'ajax_forward_hook');

 }


 return function(\Elgg\EventsService $events, \Elgg\HooksRegistrationService $hooks) {

     $events->registerHandler('init', 'system', 'actions_init');

 };

$action
$action
Definition: action_handler.php:20

$filename
$filename
Definition: crop.php:23

$params
$params
Definition: login.php:72

$type
$type
Definition: add.php:8

_elgg_action_handler
_elgg_action_handler(array $segments)
Handle a request for an action.
Definition: actions.php:19

ajax_forward_hook
ajax_forward_hook($hook, $type, $reason, $params)
Catch calls to forward() in ajax request and force an exit.
Definition: actions.php:257

generate_action_token
generate_action_token($timestamp)
Generate an action token.
Definition: actions.php:167

init_site_secret
init_site_secret()
Initialise the site secret (32 bytes: "z" to indicate format + 186-bit key in Base64 URL).
Definition: actions.php:182

action
action($action, $forwarder="")
Perform an action.
Definition: actions.php:47

elgg_is_xhr
elgg_is_xhr()
Checks whether the request was requested via ajax.
Definition: actions.php:227

action_gatekeeper
action_gatekeeper($action)
Validates the presence of action tokens.
Definition: actions.php:145

actions_init
actions_init()
Initialize some ajaxy actions features @access private.
Definition: actions.php:317

elgg_action_exists
elgg_action_exists($action)
Check if an action is registered and its script exists.
Definition: actions.php:217

elgg_register_action
elgg_register_action($action, $filename="", $access='logged_in')
Registers an action.
Definition: actions.php:85

ajax_action_hook
ajax_action_hook()
Buffer all output echo'd directly in the action for inclusion in the returned JSON.
Definition: actions.php:266

get_site_secret
get_site_secret()
Returns the site secret.
Definition: actions.php:195

elgg_build_hmac
elgg_build_hmac($data)
Get an HMAC token builder/validator object.
Definition: actions.php:107

_elgg_csrf_token_refresh
_elgg_csrf_token_refresh()
Send an updated CSRF token, provided the page's current tokens were not fake.
Definition: actions.php:275

elgg_unregister_action
elgg_unregister_action($action)
Unregisters an action.
Definition: actions.php:96

_elgg_get_site_secret_strength
_elgg_get_site_secret_strength()
Get the strength of the site secret.
Definition: actions.php:205

validate_action_token
validate_action_token($visible_errors=true, $token=null, $ts=null)
Validate an action token.
Definition: actions.php:127

_elgg_services
_elgg_services()
Definition: autoloader.php:14

elgg_register_simplecache_view
elgg_register_simplecache_view($view_name)
Registers a view to simple cache.
Definition: cache.php:98

Elgg\EventsService
Definition: EventsService.php:14

Elgg\HooksRegistrationService
Definition: HooksRegistrationService.php:15

elgg_register_plugin_hook_handler
elgg_register_plugin_hook_handler($hook, $type, $callback, $priority=500)
Definition: elgglib.php:717

$timestamp
$timestamp
Definition: date.php:35

get_input
get_input($variable, $default=null, $filter_result=true)
Get some input from variables passed submitted through GET or POST.
Definition: input.php:27

$data
$data
Definition: opendd.php:13

elgg_register_page_handler
elgg_register_page_handler($identifier, $function)
Registers a page handler for a particular identifier.
Definition: pagehandler.php:34

$token
$token
Definition: securitytoken.php:12

$ts
$ts
Definition: securitytoken.php:11

elgg_get_session
elgg_get_session()
Gets Elgg's session object.
Definition: sessions.php:23

elgg_get_logged_in_user_guid
elgg_get_logged_in_user_guid()
Return the current logged in user by guid.
Definition: sessions.php:42

elgg_is_logged_in
elgg_is_logged_in()
Returns whether or not the user is currently logged in.
Definition: sessions.php:51

$actions
$actions
Definition: user_hover.php:12

header
clearfix elgg elgg elgg elgg page header
Definition: admin.php:131

$access
$access
Definition: save.php:15