Elgg  Version 4.3
Controller.php
Go to the documentation of this file.
1 <?php
2 
3 namespace Elgg\Ajax;
4 
7 use Elgg\Request;
8 
15 class Controller {
16 
24  public function __invoke(Request $request) {
25 
26  $segments = explode('/', $request->getParam('segments'));
27  if (count($segments) < 2) {
28  return elgg_error_response("Ajax pagehandler called with invalid segments", REFERRER, ELGG_HTTP_BAD_REQUEST);
29  }
30 
31  $view = '';
32  switch ($segments[0]) {
33  case 'view':
34  if (elgg_extract(1, $segments) === 'admin') {
35  // protect admin views similar to all admin pages that are protected automatically in the admin_page_handler
37  }
38  // ignore 'view/'
39  $view = implode('/', array_slice($segments, 1));
40  break;
41  case 'form':
42  if (elgg_extract(1, $segments) === 'admin') {
43  // protect admin views similar to all admin pages that are protected automatically in the admin_page_handler
45  }
46  // form views start with "forms", not "form"
47  $view = 'forms/' . implode('/', array_slice($segments, 1));
48  break;
49  default:
50  return elgg_error_response("Ajax pagehandler called with invalid segments", REFERRER, ELGG_HTTP_BAD_REQUEST);
51  }
52 
53  $ajax_api = _elgg_services()->ajax;
54  $allowed_views = $ajax_api->getViews();
55 
56  // cacheable views are always allowed
57  if (!in_array($view, $allowed_views) && !_elgg_services()->views->isCacheableView($view)) {
58  return elgg_error_response("Ajax view '$view' was not registered", REFERRER, ELGG_HTTP_FORBIDDEN);
59  }
60 
61  if (!elgg_view_exists($view)) {
62  return elgg_error_response("Ajax view '$view' was not found", REFERRER, ELGG_HTTP_NOT_FOUND);
63  }
64 
65  // pull out GET parameters through filter
66  $vars = [];
67  foreach ($request->getHttpRequest()->query->keys() as $name) {
69  }
70 
71  if (isset($vars['guid'])) {
72  $vars['entity'] = get_entity($vars['guid']);
73  }
74 
75  if (isset($vars['river_id'])) {
76  $vars['item'] = elgg_get_river_item_from_id($vars['river_id']);
77  }
78 
79  $content_type = '';
80  if ($segments[0] === 'view') {
82 
83  // Try to guess the mime-type
84  switch ($segments[1]) {
85  case "js":
86  $content_type = 'text/javascript;charset=utf-8';
87  break;
88  case "css":
89  $content_type = 'text/css;charset=utf-8';
90  break;
91  default :
92  if (_elgg_services()->views->isCacheableView($view)) {
93  $file = _elgg_services()->views->findViewFile($view, elgg_get_viewtype());
94  $content_type = 'text/html';
95  try {
96  $content_type = _elgg_services()->mimetype->getMimeType($file, $content_type);
97  } catch (InvalidArgumentException $e) {
98  // nothing for now
99  }
100  }
101  break;
102  }
103  } else {
104  $action = implode('/', array_slice($segments, 1));
106  }
107 
108  if ($content_type) {
109  elgg_set_http_header("Content-Type: $content_type");
110  }
111 
112  return elgg_ok_response($output);
113  }
114 }
elgg_view_exists($view, $viewtype= '', $recurse=true)
Returns whether the specified view exists.
Definition: views.php:152
Controller to handle /ajax requests.
Definition: Controller.php:15
const ELGG_HTTP_FORBIDDEN
Definition: constants.php:82
Elgg HTTP request.
Definition: Request.php:17
Exception thrown if an argument is not of the expected type.
getParam(string $key, $default=null, bool $filter_result=true)
Get some input from variables passed submitted through GET or POST.
Definition: Request.php:169
elgg_set_http_header($header, $replace=true)
Set a response HTTP header.
Definition: elgglib.php:26
if(!$user||!$user->canDelete()) $name
Definition: delete.php:22
$request
Definition: livesearch.php:11
elgg_get_viewtype()
Return the current view type.
Definition: views.php:76
if(elgg_view_exists('elgg/admin.js')) $segments
Definition: admin.php:19
__invoke(Request $request)
Respond to a request.
Definition: Controller.php:24
const REFERRER
Definition: constants.php:42
if(!empty($avatar)&&!$avatar->isValid()) elseif(empty($avatar)) if(!$owner->saveIconFromUploadedFile('avatar')) if(!elgg_trigger_event('profileiconupdate', $owner->type, $owner)) $view
Definition: upload.php:39
elgg_view_form($action, $form_vars=[], $body_vars=[])
Definition: views.php:1064
get_input($variable, $default=null, $filter_result=true)
Parameter input functions.
Definition: input.php:20
elgg_extract($key, $array, $default=null, $strict=true)
Checks for $array[$key] and returns its value if it exists, else returns $default.
Definition: elgglib.php:547
$action
Definition: subscribe.php:11
const ELGG_HTTP_BAD_REQUEST
Definition: constants.php:79
const ELGG_HTTP_NOT_FOUND
Definition: constants.php:83
elgg_error_response($message= '', $forward_url=REFERRER, int $status_code=ELGG_HTTP_BAD_REQUEST)
Prepare an error response to be returned by a page or an action handler.
elgg_get_river_item_from_id(int $id)
Get river item from its ID.
Definition: river.php:111
elgg_ok_response($content= '', $message= '', $forward_url=null, int $status_code=ELGG_HTTP_OK)
Prepares a successful response to be returned by a page or an action handler.
_elgg_services()
Get the global service provider.
Definition: elgglib.php:638
$vars['head']
Definition: html.php:24
$output
Definition: download.php:9
elgg_view($view, $vars=[], $viewtype= '')
Return a parsed view.
Definition: views.php:179
elgg_admin_gatekeeper()
Used at the top of a page to mark it as admin only.
Definition: gatekeepers.php:75
get_entity($guid)
Loads and returns an entity object from a guid.
Definition: entities.php:69