Elgg  Version master
Controller.php
Go to the documentation of this file.
1 <?php
2 
3 namespace Elgg\Ajax;
4 
7 use Elgg\Request;
8 
15 class Controller {
16 
24  public function __invoke(Request $request) {
25 
26  $segments = explode('/', (string) $request->getParam('segments'));
27  if (count($segments) < 2) {
28  return elgg_error_response('Ajax pagehandler called with invalid segments', REFERRER, ELGG_HTTP_BAD_REQUEST);
29  }
30 
31  $view = '';
32  switch ($segments[0]) {
33  case 'view':
34  if (elgg_extract(1, $segments) === 'admin') {
35  // protect admin views similar to all admin pages that are protected automatically in the admin_page_handler
37  }
38 
39  // ignore 'view/'
40  $view = implode('/', array_slice($segments, 1));
41  break;
42  case 'form':
43  if (elgg_extract(1, $segments) === 'admin') {
44  // protect admin views similar to all admin pages that are protected automatically in the admin_page_handler
46  }
47 
48  // form views start with "forms", not "form"
49  $view = 'forms/' . implode('/', array_slice($segments, 1));
50  break;
51  default:
52  return elgg_error_response('Ajax pagehandler called with invalid segments', REFERRER, ELGG_HTTP_BAD_REQUEST);
53  }
54 
55  $ajax_api = _elgg_services()->ajax;
56  $allowed_views = $ajax_api->getViews();
57 
58  // cacheable views are always allowed
59  if (!in_array($view, $allowed_views) && !_elgg_services()->simpleCache->isCacheableView($view)) {
60  return elgg_error_response("Ajax view '{$view}' was not registered", REFERRER, ELGG_HTTP_FORBIDDEN);
61  }
62 
63  if (!elgg_view_exists($view)) {
64  return elgg_error_response("Ajax view '{$view}' was not found", REFERRER, ELGG_HTTP_NOT_FOUND);
65  }
66 
67  // pull out GET parameters through filter
68  $vars = [];
69  foreach ($request->getHttpRequest()->query->keys() as $name) {
71  }
72 
73  if (isset($vars['guid'])) {
74  $vars['entity'] = get_entity($vars['guid']);
75  }
76 
77  if (isset($vars['river_id'])) {
78  $vars['item'] = elgg_get_river_item_from_id($vars['river_id']);
79  }
80 
81  $content_type = '';
82  if ($segments[0] === 'view') {
84 
85  // Try to guess the mime-type
86  if (_elgg_services()->simpleCache->isCacheableView($view)) {
87  $file = _elgg_services()->views->findViewFile($view, elgg_get_viewtype());
88  $content_type = 'text/html';
89 
90  try {
91  $content_type = _elgg_services()->mimetype->getMimeType($file, $content_type);
92  } catch (InvalidArgumentException $e) {
93  // nothing for now
94  }
95  }
96  } else {
97  $action = implode('/', array_slice($segments, 1));
99  }
100 
101  if ($content_type) {
102  elgg_set_http_header("Content-Type: {$content_type}");
103  }
104 
105  return elgg_ok_response($output);
106  }
107 }
Controller to handle /ajax requests.
Definition: Controller.php:15
const ELGG_HTTP_FORBIDDEN
Definition: constants.php:67
Elgg HTTP request.
Definition: Request.php:17
elgg_view_form(string $action, array $form_vars=[], array $body_vars=[])
Definition: views.php:1033
Exception thrown if an argument is not of the expected type.
getParam(string $key, $default=null, bool $filter_result=true)
Get some input from variables passed submitted through GET or POST.
Definition: Request.php:177
if(!$user||!$user->canDelete()) $name
Definition: delete.php:22
elgg_ok_response($content= '', string|array $message= '', string $forward_url=null, int $status_code=ELGG_HTTP_OK)
Prepares a successful response to be returned by a page or an action handler.
$request
Definition: livesearch.php:12
get_input(string $variable, $default=null, bool $filter_result=true)
Parameter input functions.
Definition: input.php:20
elgg_get_viewtype()
Return the current view type.
Definition: views.php:73
elgg_extract($key, $array, $default=null, bool $strict=true)
Checks for $array[$key] and returns its value if it exists, else returns $default.
Definition: elgglib.php:254
elgg_set_http_header(string $header, bool $replace=true)
Set a response HTTP header.
Definition: elgglib.php:26
elgg_view(string $view, array $vars=[], string $viewtype= '')
Return a parsed view.
Definition: views.php:156
elgg_error_response(string|array $message= '', string $forward_url=REFERRER, int $status_code=ELGG_HTTP_BAD_REQUEST)
Prepare an error response to be returned by a page or an action handler.
__invoke(Request $request)
Respond to a request.
Definition: Controller.php:24
const REFERRER
Used in calls to forward() to specify the browser should be redirected to the referring page...
Definition: constants.php:37
get_entity(int $guid)
Loads and returns an entity object from a guid.
Definition: entities.php:70
if(!empty($avatar)&&!$avatar->isValid()) elseif(empty($avatar)) if(!$owner->saveIconFromUploadedFile('avatar')) if(!elgg_trigger_event('profileiconupdate', $owner->type, $owner)) $view
Definition: upload.php:39
$action
Definition: subscribe.php:11
const ELGG_HTTP_BAD_REQUEST
Definition: constants.php:64
const ELGG_HTTP_NOT_FOUND
Definition: constants.php:68
$vars
Definition: theme.php:5
elgg_get_river_item_from_id(int $id)
Get river item from its ID.
Definition: river.php:112
_elgg_services()
Get the global service provider.
Definition: elgglib.php:351
$segments
Definition: admin.php:13
$output
Definition: download.php:9
elgg_view_exists(string $view, string $viewtype= '', bool $recurse=true)
Returns whether the specified view exists.
Definition: views.php:131
elgg_admin_gatekeeper()
Used at the top of a page to mark it as admin only.
Definition: gatekeepers.php:75