9 use Symfony\Component\HttpFoundation\File\UploadedFile;
10 use Symfony\Component\HttpFoundation\Request as SymfonyRequest;
69 $this->request_overrides = [];
80 $trusted_proxies =
$config->http_request_trusted_proxy_ips;
81 if (empty($trusted_proxies)) {
85 $allowed_headers =
$config->http_request_trusted_proxy_headers;
86 if (empty($allowed_headers)) {
87 $allowed_headers = self::HEADER_X_FORWARDED_FOR | self::HEADER_X_FORWARDED_HOST | self::HEADER_X_FORWARDED_PORT | self::HEADER_X_FORWARDED_PROTO;
90 $this->setTrustedProxies($trusted_proxies, $allowed_headers);
122 $this->route = $route;
151 if ($override_request) {
158 unset($this->filtered_params);
159 unset($this->unfiltered_params);
178 $values = $this->getParams($filter_result);
190 public function getParams(
bool $filter_result =
true): array {
191 if (isset($this->filtered_params) && isset($this->unfiltered_params)) {
192 return $filter_result ? $this->filtered_params : $this->unfiltered_params;
195 $request_overrides = $this->request_overrides;
196 $query = $this->query->all();
198 $post = $this->request->all();
200 $this->unfiltered_params = array_merge($post,
$attributes,
$query, $request_overrides);
203 $this->getContextStack()->push(
'input');
205 $this->getContextStack()->pop();
207 return $filter_result ? $this->filtered_params : $this->unfiltered_params;
223 if (isset(
$url[
'port']) &&
$url[
'port']) {
229 $page .= $this->getRequestUri();
242 $path = trim($this->getElggPath(),
'/');
244 $path = htmlspecialchars(
$path, ENT_QUOTES,
'UTF-8');
251 return explode(
'/',
$path);
262 $base_path = trim($this->getBasePath(),
'/');
263 $server = $this->server->all();
264 $server[
'REQUEST_URI'] =
"$base_path/" . implode(
'/',
$segments);
266 return $this->duplicate(
null,
null,
null,
null,
null, $server);
291 if (PHP_SAPI ===
'cli-server') {
292 $path = $this->getRequestUri();
294 $path = $this->getPathInfo();
297 return preg_replace(
'~(\?.*)$~',
'',
$path);
304 $ip = parent::getClientIp();
306 if ($ip == $this->server->get(
'REMOTE_ADDR')) {
308 $ip_addresses = $this->server->get(
'HTTP_X_REAL_IP');
310 $ip_addresses = explode(
',', $ip_addresses);
312 return array_pop($ip_addresses);
323 return (strtolower($this->headers->get(
'X-Requested-With') ?:
'') ===
'xmlhttprequest'
324 || $this->query->get(
'X-Requested-With') ===
'XMLHttpRequest'
325 || $this->request->get(
'X-Requested-With') ===
'XMLHttpRequest');
343 return rtrim($this->getSchemeAndHttpHost() .
$base_url,
'/') .
'/';
352 if ($this->getPathInfo() !== (
'/' . self::REWRITE_TEST_TOKEN)) {
356 if (!$this->
get(self::REWRITE_TEST_TOKEN)) {
370 return $this->getFirstUrlSegment() ===
'action';
379 return PHP_SAPI ===
'cli-server';
390 $file = rtrim($root,
'\\/') . $this->getElggPath();
391 if (!is_file($file)) {
396 $extensions =
'.3gp, .apk, .avi, .bmp, .css, .csv, .doc, .docx, .flac, .gif, .gz, .gzip, .htm, .html, .ics,';
397 $extensions .=
' .jpe, .jpeg, .jpg, .js, .kml, .kmz, .m4a, .mjs, .mov, .mp3, .mp4, .mpeg, .mpg, .odp, .ods, .odt,';
398 $extensions .=
' .oga, .ogg, .ogv, .pdf, .pdf, .png, .pps, .pptx, .qt, .svg, .swf, .tar, .text, .tif, .txt,';
399 $extensions .=
' .wav, .webm, .wmv, .xls, .xlsx, .xml, .xsl, .xsd, and .zip';
402 $ext = pathinfo($file, PATHINFO_EXTENSION);
407 $ext = preg_quote($ext,
'~');
409 return (
bool) preg_match(
"~\\.{$ext}[,$]~",
$extensions);
425 if (!is_array($files)) {
451 if ($check_for_validity && !$file->isValid()) {
465 $this->validateRequestHostHeader();
466 $this->validateRequestBodyTruncated();
484 $config_host = parse_url(
$config->wwwroot, PHP_URL_HOST);
485 if ($config_host === $this->getHost()) {
500 $reported_bytes = $this->server->get(
'CONTENT_LENGTH');
503 $post_data_count = count($this->request->all());
509 $file_count = count($this->files->all());
511 $is_valid =
function() use ($reported_bytes, $post_data_count, $post_body_length, $file_count) {
512 if (empty($reported_bytes)) {
517 if (empty($post_data_count) && empty($post_body_length) && empty($file_count)) {
531 throw new BadRequestException(
elgg_echo(
'actiongatekeeper:uploadexceeded'));
550 $this->baseUrl = rtrim(
$path,
'/');
$content
Set robots.txt action.
return[ 'admin/delete_admin_notices'=>['access'=> 'admin'], 'admin/menu/save'=>['access'=> 'admin'], 'admin/plugins/activate'=>['access'=> 'admin'], 'admin/plugins/activate_all'=>['access'=> 'admin'], 'admin/plugins/deactivate'=>['access'=> 'admin'], 'admin/plugins/deactivate_all'=>['access'=> 'admin'], 'admin/plugins/set_priority'=>['access'=> 'admin'], 'admin/security/security_txt'=>['access'=> 'admin'], 'admin/security/settings'=>['access'=> 'admin'], 'admin/security/regenerate_site_secret'=>['access'=> 'admin'], 'admin/site/cache/invalidate'=>['access'=> 'admin'], 'admin/site/flush_cache'=>['access'=> 'admin'], 'admin/site/icons'=>['access'=> 'admin'], 'admin/site/set_maintenance_mode'=>['access'=> 'admin'], 'admin/site/set_robots'=>['access'=> 'admin'], 'admin/site/theme'=>['access'=> 'admin'], 'admin/site/unlock_upgrade'=>['access'=> 'admin'], 'admin/site/settings'=>['access'=> 'admin'], 'admin/upgrade'=>['access'=> 'admin'], 'admin/upgrade/reset'=>['access'=> 'admin'], 'admin/user/ban'=>['access'=> 'admin'], 'admin/user/bulk/ban'=>['access'=> 'admin'], 'admin/user/bulk/delete'=>['access'=> 'admin'], 'admin/user/bulk/unban'=>['access'=> 'admin'], 'admin/user/bulk/validate'=>['access'=> 'admin'], 'admin/user/change_email'=>['access'=> 'admin'], 'admin/user/delete'=>['access'=> 'admin'], 'admin/user/login_as'=>['access'=> 'admin'], 'admin/user/logout_as'=>[], 'admin/user/makeadmin'=>['access'=> 'admin'], 'admin/user/resetpassword'=>['access'=> 'admin'], 'admin/user/removeadmin'=>['access'=> 'admin'], 'admin/user/unban'=>['access'=> 'admin'], 'admin/user/validate'=>['access'=> 'admin'], 'annotation/delete'=>[], 'avatar/upload'=>[], 'comment/save'=>[], 'diagnostics/download'=>['access'=> 'admin'], 'entity/chooserestoredestination'=>[], 'entity/delete'=>[], 'entity/mute'=>[], 'entity/restore'=>[], 'entity/subscribe'=>[], 'entity/trash'=>[], 'entity/unmute'=>[], 'entity/unsubscribe'=>[], 'login'=>['access'=> 'logged_out'], 'logout'=>[], 'notifications/mute'=>['access'=> 'public'], 'plugins/settings/remove'=>['access'=> 'admin'], 'plugins/settings/save'=>['access'=> 'admin'], 'plugins/usersettings/save'=>[], 'register'=>['access'=> 'logged_out', 'middleware'=>[\Elgg\Router\Middleware\RegistrationAllowedGatekeeper::class,],], 'river/delete'=>[], 'settings/notifications'=>[], 'settings/notifications/subscriptions'=>[], 'user/changepassword'=>['access'=> 'public'], 'user/requestnewpassword'=>['access'=> 'public'], 'useradd'=>['access'=> 'admin'], 'usersettings/save'=>[], 'widgets/add'=>[], 'widgets/delete'=>[], 'widgets/move'=>[], 'widgets/save'=>[],]
$attributes
Elgg AJAX loader.
Load, boot, and implement a front controller for an Elgg application.
Manages a global stack of strings for sharing information about the current execution context.
Thrown when request is malformatted.
sniffElggUrl()
Sniff the Elgg site URL with trailing slash.
getFile(string $input_name, bool $check_for_validity=true)
Returns the first file found based on the input name.
__construct(array $query=[], array $request=[], array $attributes=[], array $cookies=[], array $files=[], array $server=[], $content=null)
{}
isCliServer()
Is PHP running the CLI server front controller.
validate()
Validate the request.
isCliServable(string $root)
Is the request pointing to a file that the CLI server can handle?
getUrlSegments(bool $raw=false)
Get the Elgg URL segments.
const REWRITE_TEST_OUTPUT
validateRequestHostHeader()
Validate that the request was made on the correct host.
setParam(string $key, $value, bool $override_request=false)
Sets an input value that may later be retrieved by get_input.
initializeTrustedProxyConfiguration(Config $config)
Configure trusted proxy servers to allow access to more client information.
validateRequestBodyTruncated()
Validate that the request body hasn't been truncated (eg.
bool $_integration_testing
getElggPath()
Get the Request URI minus querystring.
correctBaseURL(\Elgg\Config $config)
Correct the base URL of the request.
isAction()
Is the request an action.
setUrlSegments(array $segments)
Get a cloned request with new Elgg URL segments.
getFirstUrlSegment()
Get first Elgg URL segment.
isRewriteCheck()
Is the request for checking URL rewriting?
getParam(string $key, $default=null, bool $filter_result=true)
Get some input from variables passed submitted through GET or POST.
getContextStack()
Returns context stack.
initializeContext()
Initialize context stack.
getCurrentURL()
Returns current page URL.
getFiles(string $input_name)
Returns an array of uploaded file objects regardless of upload status/errors.
getRoute()
Returns the route matched for this request by the router.
setRoute(Route $route)
Sets the route matched for this request by the router.
getParams(bool $filter_result=true)
Returns all values parsed from the request.
getMatchedParameters()
Get matched parameters.
elgg_get_site_url()
Get the URL for the current (or specified) site, ending with "/".
foreach($plugin_guids as $guid) if(empty($deactivated_plugins)) $url
$config
Advanced site settings, debugging section.
if(! $pagination && $limit !==false &&!empty($items) &&count($items) >=$limit) $base_url
_elgg_services()
Get the global service provider.
elgg_extract($key, $array, $default=null, bool $strict=true)
Checks for $array[$key] and returns its value if it exists, else returns $default.
elgg_echo(string $message_key, array $args=[], string $language='')
Elgg language module Functions to manage language and translations.
elgg_strlen()
Wrapper function for mb_strlen().
if($container instanceof ElggGroup && $container->guid !=elgg_get_page_owner_guid()) $key
if(parse_url(elgg_get_site_url(), PHP_URL_PATH) !=='/') if(file_exists(elgg_get_root_path() . 'robots.txt'))
Set robots.txt.