actions_8php_source.html

 <?php

 function _elgg_action_handler(array $segments) {

     _elgg_services()->actions->execute(implode('/', $segments));

 }


 function action($action, $forwarder = "") {

     _elgg_services()->actions->execute($action, $forwarder);

 }


 function elgg_register_action($action, $filename = "", $access = 'logged_in') {

     return _elgg_services()->actions->register($action, $filename, $access);

 }


 function elgg_unregister_action($action) {

     return _elgg_services()->actions->unregister($action);

 }


 function elgg_build_hmac($data) {

     return _elgg_services()->crypto->getHmac($data);

 }


 function validate_action_token($visible_errors = true, $token = null, $ts = null) {

     return _elgg_services()->actions->validateActionToken($visible_errors, $token, $ts);

 }


 function action_gatekeeper($action) {

     return _elgg_services()->actions->gatekeeper($action);

 }


 function generate_action_token($timestamp) {

     return _elgg_services()->actions->generateActionToken($timestamp);

 }


 function init_site_secret() {

     return _elgg_services()->siteSecret->init();

 }


 function get_site_secret() {

     return _elgg_services()->siteSecret->get();

 }


 function _elgg_get_site_secret_strength() {

     return _elgg_services()->siteSecret->getStrength();

 }


 function elgg_action_exists($action) {

     return _elgg_services()->actions->exists($action);

 }


 function elgg_is_xhr() {

     return _elgg_services()->request->isXmlHttpRequest();

 }


 function ajax_forward_hook($hook, $type, $reason, $params) {

     _elgg_services()->actions->ajaxForwardHook($hook, $type, $reason, $params);

 }


 function ajax_action_hook() {

     _elgg_services()->actions->ajaxActionHook();

 }


 function _elgg_csrf_token_refresh() {

     if (!elgg_is_xhr()) {

         return false;

     }


     $actions = _elgg_services()->actions;


     // the page's session_token might have expired (not matching __elgg_session in the session), but

     // we still allow it to be given to validate the tokens in the page.

     $session_token = get_input('session_token', null, false);

     $pairs = (array)get_input('pairs', array(), false);

     $valid_tokens = (object)array();

     foreach ($pairs as $pair) {

         list($ts, $token) = explode(',', $pair, 2);

         if ($actions->validateTokenOwnership($token, $ts, $session_token)) {

             $valid_tokens->{$token} = true;

         }

     }


     $ts = time();

     $token = generate_action_token($ts);

     $data = array(

         'token' => array(

             '__elgg_ts' => $ts,

             '__elgg_token' => $token,

             'logged_in' => elgg_is_logged_in(),

         ),

         'valid_tokens' => $valid_tokens,

         'session_token' => elgg_get_session()->get('__elgg_session'),

         'user_guid' => elgg_get_logged_in_user_guid(),

     );


     header("Content-Type: application/json;charset=utf-8");

     echo json_encode($data);


     return true;

 }


 function actions_init() {

     elgg_register_page_handler('action', '_elgg_action_handler');

     elgg_register_page_handler('refresh_token', '_elgg_csrf_token_refresh');


     elgg_register_simplecache_view('languages/en.js');


     elgg_register_plugin_hook_handler('action', 'all', 'ajax_action_hook', 600);

     elgg_register_plugin_hook_handler('forward', 'all', 'ajax_forward_hook', 600);

 }


 return function(\Elgg\EventsService $events, \Elgg\HooksRegistrationService $hooks) {

     $events->registerHandler('init', 'system', 'actions_init');

 };

elgg_is_logged_in
elgg_is_logged_in()
Returns whether or not the user is currently logged in.
Definition: sessions.php:51

$action
$action
Definition: full.php:125

elgg_is_xhr
elgg_is_xhr()
Checks whether the request was requested via ajax.
Definition: actions.php:226

action
action($action, $forwarder="")
Perform an action.
Definition: actions.php:47

action_gatekeeper
action_gatekeeper($action)
Validates the presence of action tokens.
Definition: actions.php:145

elgg_action_exists
elgg_action_exists($action)
Check if an action is registered and its script exists.
Definition: actions.php:216

elgg_register_simplecache_view
elgg_register_simplecache_view($view_name)
Registers a view to simple cache.
Definition: cache.php:108

elgg_get_session
elgg_get_session()
Gets Elgg's session object.
Definition: sessions.php:23

$data
$data
Definition: opendd.php:13

Elgg\EventsService
Definition: EventsService.php:14

init_site_secret
init_site_secret()
Initialise the site secret (32 bytes: "z" to indicate format + 186-bit key in Base64 URL)...
Definition: actions.php:181

elgg_register_plugin_hook_handler
elgg_register_plugin_hook_handler($hook, $type, $callback, $priority=500)
Definition: elgglib.php:715

$timestamp
$timestamp
Definition: date.php:34

$actions
$actions
Definition: user_hover.php:12

$params
$params
Definition: login.php:72

generate_action_token
generate_action_token($timestamp)
Generate an action token.
Definition: actions.php:166

Elgg\HooksRegistrationService
Definition: HooksRegistrationService.php:15

actions_init
actions_init()
Initialize some ajaxy actions features  private.
Definition: actions.php:316

get_input
get_input($variable, $default=null, $filter_result=true)
Get some input from variables passed submitted through GET or POST.
Definition: input.php:27

elgg_build_hmac
elgg_build_hmac($data)
Get an HMAC token builder/validator object.
Definition: actions.php:107

ajax_forward_hook
ajax_forward_hook($hook, $type, $reason, $params)
Catch calls to forward() in ajax request and force an exit.
Definition: actions.php:256

get_site_secret
get_site_secret()
Returns the site secret.
Definition: actions.php:194

_elgg_services
_elgg_services(\Elgg\Di\ServiceProvider $services=null)
Get the global service provider.
Definition: autoloader.php:17

$token
$token
Definition: securitytoken.php:12

_elgg_action_handler
_elgg_action_handler(array $segments)
Handle a request for an action.
Definition: actions.php:19

$ts
$ts
Definition: securitytoken.php:11

validate_action_token
validate_action_token($visible_errors=true, $token=null, $ts=null)
Validate an action token.
Definition: actions.php:127

_elgg_get_site_secret_strength
_elgg_get_site_secret_strength()
Get the strength of the site secret.
Definition: actions.php:204

$filename
$filename
Definition: plugin_text_file.php:6

_elgg_csrf_token_refresh
_elgg_csrf_token_refresh()
Send an updated CSRF token, provided the page's current tokens were not fake.
Definition: actions.php:274

elgg_register_action
elgg_register_action($action, $filename="", $access= 'logged_in')
Registers an action.
Definition: actions.php:85

elgg_get_logged_in_user_guid
elgg_get_logged_in_user_guid()
Return the current logged in user by guid.
Definition: sessions.php:42

$access
$access
Definition: save.php:15

ajax_action_hook
ajax_action_hook()
Buffer all output echo'd directly in the action for inclusion in the returned JSON.
Definition: actions.php:265

$type
if(!$display_name) $type
Definition: delete.php:27

elgg_unregister_action
elgg_unregister_action($action)
Unregisters an action.
Definition: actions.php:96