8 use Elgg\Traits\Loggable;
9 use Symfony\Component\HttpFoundation\Cookie;
10 use Symfony\Component\HttpFoundation\RedirectResponse as SymfonyRedirectResponse;
11 use Symfony\Component\HttpFoundation\Response as SymfonyResponse;
12 use Symfony\Component\HttpFoundation\ResponseHeaderBag;
13 use Symfony\Component\HttpFoundation\JsonResponse;
40 protected AjaxService $ajax,
44 $this->headers =
new ResponseHeaderBag();
70 if (!$this->events->trigger(
'init:cookie', $cookie->
name, $cookie)) {
74 $symfony_cookie =
new Cookie(
84 $this->headers->setCookie($symfony_cookie);
95 public function getHeaders(
bool $remove_existing =
true): ResponseHeaderBag {
98 $headers_list = headers_list();
99 foreach ($headers_list as
$header) {
100 if (stripos(
$header,
'HTTP/1.1') !==
false) {
106 if ($remove_existing) {
107 header_remove(
$name);
124 $header_bag = $this->getHeaders();
129 return $response->prepare($this->request);
142 $header_bag = $this->getHeaders();
145 $response =
new SymfonyRedirectResponse(
$url, $status, $header_bag->all());
147 return $response->prepare($this->request);
160 $header_bag = $this->getHeaders();
169 $header_bag->remove(
'Content-Type');
173 return $response->prepare($this->request);
184 if (isset($this->response_sent)) {
185 if ($this->response_sent !==
$response) {
186 $this->getLogger()->error(
'Unable to send the following response: ' . PHP_EOL
188 .
'because another response has already been sent: ' . PHP_EOL
189 . (
string) $this->response_sent);
192 if (!$this->events->triggerBefore(
'send',
'http_response',
$response)) {
197 $method =
$request->getRealMethod() ?:
'GET';
200 $this->getLogger()->notice(
"Responding to {$method} {$path}");
201 if (!$this->transport->send(
$response)) {
205 $this->events->triggerAfter(
'send',
'http_response',
$response);
208 $this->closeSession();
211 return $this->response_sent;
220 return $this->response_sent;
234 $response_type = $this->parseContext();
237 throw new UnexpectedValueException(
"Handlers for 'response', '{$response_type}' event must return an instanceof " . ResponseBuilder::class);
246 $headers[
'X-Content-Type-Options'] =
'nosniff';
249 $is_xhr = $this->request->isXmlHttpRequest();
251 $is_action = $this->isAction();
253 if ($is_action &&
$response->getForwardURL() ===
null) {
259 $response->setForwardURL((
string) $this->request->headers->get(
'Referer'));
270 if ($is_xhr && ($is_action || $this->ajax->isAjax2Request())) {
273 $headers[
'Content-Type'] =
'application/json; charset=UTF-8';
282 $redirect_url =
$response->getForwardURL();
283 return $this->redirect($redirect_url,
$response->getStatusCode());
286 if ($this->ajax->isReady() &&
$response->isSuccessful()) {
287 return $this->respondFromContent(
$response);
291 return $this->respondWithError(
$response);
294 return $this->respondFromContent(
$response);
307 $status_code =
$response->getStatusCode();
309 if ($this->ajax->isReady()) {
310 return $this->send($this->ajax->respondWithError(
$error, $status_code));
313 if ($this->isXhr()) {
315 return $this->send($this->prepareResponse(
$error, $status_code,
$response->getHeaders()));
320 if ($this->isAction()) {
322 return $this->send($this->prepareRedirectResponse(
$forward_url));
326 'current_url' => $this->request->getCurrentURL(),
332 $forward_reason = (string) $status_code;
336 if (isset($this->response_sent)) {
338 return $this->response_sent;
342 $params[
'type'] = $forward_reason;
353 return $this->send($this->prepareResponse($error_page, $status_code));
367 if ($this->ajax->isReady()) {
368 return $this->send($this->ajax->respondFromOutput(
$content, $this->parseContext()));
389 return $this->stringify([
390 'value' => $this->ajax->decodeJson(
$content),
391 'current_url' => $this->request->getCurrentURL(),
416 'current_url' => $this->request->getCurrentURL(),
421 $forward_reason = (string) $status_code;
425 if (isset($this->response_sent)) {
428 return $this->response_sent;
437 switch ($status_code) {
445 case 'walled_garden':
447 $status_code = (int) $status_code;
448 if (!$status_code || $status_code < 100 || $status_code > 599) {
454 if ($this->isXhr()) {
455 if ($status_code < 100 || ($status_code >= 300 && $status_code <= 399) || $status_code > 599) {
466 $headers[
'Content-Type'] =
'application/json; charset=UTF-8';
471 if ($this->isAction()) {
473 if (!is_int($status_code) || $status_code < 300 || $status_code > 399) {
480 return $this->send($this->prepareRedirectResponse(
$forward_url, $status_code));
492 $segments = $this->request->getUrlSegments();
495 switch ($identifier) {
498 if (
$page ===
'view') {
500 return "view:{$view}";
503 return "form:{$form}";
511 return "action:{$action}";
516 return "path:{$path}";
525 return $this->request->isXmlHttpRequest();
534 return str_starts_with($this->parseContext(),
'action:');
595 $this->transport = $transport;
616 if (!preg_match(
'/^(http|https|ftp|sftp|ftps):\/\//',
$url)) {
$content
Set robots.txt action.
if(! $user||! $user->canDelete()) $name
if(!empty($avatar) &&! $avatar->isValid()) elseif(empty($avatar)) if(! $owner->saveIconFromUploadedFile('avatar')) if(!elgg_trigger_event('profileiconupdate', $owner->type, $owner)) $view
if(! $entity->delete(true, true)) $forward_url
$params
Saves global plugin settings.
return[ 'admin/delete_admin_notices'=>['access'=> 'admin'], 'admin/menu/save'=>['access'=> 'admin'], 'admin/plugins/activate'=>['access'=> 'admin'], 'admin/plugins/activate_all'=>['access'=> 'admin'], 'admin/plugins/deactivate'=>['access'=> 'admin'], 'admin/plugins/deactivate_all'=>['access'=> 'admin'], 'admin/plugins/set_priority'=>['access'=> 'admin'], 'admin/security/security_txt'=>['access'=> 'admin'], 'admin/security/settings'=>['access'=> 'admin'], 'admin/security/regenerate_site_secret'=>['access'=> 'admin'], 'admin/site/cache/invalidate'=>['access'=> 'admin'], 'admin/site/flush_cache'=>['access'=> 'admin'], 'admin/site/icons'=>['access'=> 'admin'], 'admin/site/set_maintenance_mode'=>['access'=> 'admin'], 'admin/site/set_robots'=>['access'=> 'admin'], 'admin/site/theme'=>['access'=> 'admin'], 'admin/site/unlock_upgrade'=>['access'=> 'admin'], 'admin/site/settings'=>['access'=> 'admin'], 'admin/upgrade'=>['access'=> 'admin'], 'admin/upgrade/reset'=>['access'=> 'admin'], 'admin/user/ban'=>['access'=> 'admin'], 'admin/user/bulk/ban'=>['access'=> 'admin'], 'admin/user/bulk/delete'=>['access'=> 'admin'], 'admin/user/bulk/unban'=>['access'=> 'admin'], 'admin/user/bulk/validate'=>['access'=> 'admin'], 'admin/user/change_email'=>['access'=> 'admin'], 'admin/user/delete'=>['access'=> 'admin'], 'admin/user/login_as'=>['access'=> 'admin'], 'admin/user/logout_as'=>[], 'admin/user/makeadmin'=>['access'=> 'admin'], 'admin/user/resetpassword'=>['access'=> 'admin'], 'admin/user/removeadmin'=>['access'=> 'admin'], 'admin/user/unban'=>['access'=> 'admin'], 'admin/user/validate'=>['access'=> 'admin'], 'annotation/delete'=>[], 'avatar/upload'=>[], 'comment/save'=>[], 'diagnostics/download'=>['access'=> 'admin'], 'entity/chooserestoredestination'=>[], 'entity/delete'=>[], 'entity/mute'=>[], 'entity/restore'=>[], 'entity/subscribe'=>[], 'entity/trash'=>[], 'entity/unmute'=>[], 'entity/unsubscribe'=>[], 'login'=>['access'=> 'logged_out'], 'logout'=>[], 'notifications/mute'=>['access'=> 'public'], 'plugins/settings/remove'=>['access'=> 'admin'], 'plugins/settings/save'=>['access'=> 'admin'], 'plugins/usersettings/save'=>[], 'register'=>['access'=> 'logged_out', 'middleware'=>[\Elgg\Router\Middleware\RegistrationAllowedGatekeeper::class,],], 'river/delete'=>[], 'settings/notifications'=>[], 'settings/notifications/subscriptions'=>[], 'user/changepassword'=>['access'=> 'public'], 'user/requestnewpassword'=>['access'=> 'public'], 'useradd'=>['access'=> 'admin'], 'usersettings/save'=>[], 'widgets/add'=>[], 'widgets/delete'=>[], 'widgets/move'=>[], 'widgets/save'=>[],]
Models the Ajax API service.
static getResponseTransport()
Build a transport for sending responses.
Exception thrown if a value does not match with a set of values.
Redirect response builder.
ResponseHeaderBag $headers
redirect(string $forward_url=REFERRER, $status_code=ELGG_HTTP_FOUND)
Prepares a redirect response.
SymfonyResponse $response_sent
setTransport(ResponseTransport $transport)
Replaces response transport.
stringify($content='')
Stringify/serialize response data.
__construct(protected Request $request, protected AjaxService $ajax, protected EventsService $events)
Constructor.
makeSecureForwardUrl(string $url)
Ensure the url has a valid protocol for browser use.
respondWithError(ResponseBuilder $response)
Send error HTTP response.
prepareRedirectResponse(string $url, int $status=302, array $headers=[])
Creates a redirect response.
closeSession()
Closes the session.
setCookie(\ElggCookie $cookie)
Set a cookie, but allow plugins to customize it first.
getHeaders(bool $remove_existing=true)
Get headers set to apply to all responses.
send(SymfonyResponse $response)
Send a response.
parseContext()
Parses response type to be used as event type.
getSentResponse()
Returns a response that was sent to the client.
normalize($content='')
Normalizes content into serializable data by walking through arrays and objectifying Elgg entities.
wrapAjaxResponse($content='', ?string $forward_url=null)
Wraps response content in an Ajax2 compatible format.
setHeader(string $name, string $value, bool $replace=true)
Sets headers to apply to all responses being sent.
ResponseTransport $transport
respondFromContent(ResponseBuilder $response)
Send OK response.
prepareJsonResponse($content='', int $status=200, array $headers=[])
Creates an JSON response.
isXhr()
Check if the request is an XmlHttpRequest.
getSiteRefererUrl()
Ensures the referer header is a site url.
isAction()
Check if the requested path is an action.
prepareResponse(?string $content='', int $status=200, array $headers=[])
Creates an HTTP response.
respond(ResponseBuilder $response)
Send HTTP response.
elgg_get_site_url()
Get the URL for the current (or specified) site, ending with "/".
const ELGG_JSON_ENCODING
Default JSON encoding.
const ELGG_HTTP_NOT_MODIFIED
const ELGG_HTTP_SEE_OTHER
const REFERRER
Used in calls to forward() to specify the browser should be redirected to the referring page.
foreach($periods as $period) $header
foreach($plugin_guids as $guid) if(empty($deactivated_plugins)) $url
if($item instanceof \ElggEntity) elseif($item instanceof \ElggRiverItem) elseif($item instanceof \ElggRelationship) elseif(is_callable([ $item, 'getType']))
HTTP response builder interface.
HTTP response transport interface.
elgg_view_exists(string $view, string $viewtype='', bool $recurse=true)
Returns whether the specified view exists.
elgg_view_resource(string $name, array $vars=[])
Render a resource view.
if(isset($_COOKIE['elggperm'])) $session
elgg_normalize_site_url(string $unsafe_url)
From untrusted input, get a site URL safe for forwarding.
elgg_normalize_url(string $url)
if($container instanceof ElggGroup && $container->guid !=elgg_get_page_owner_guid()) $key
if(parse_url(elgg_get_site_url(), PHP_URL_PATH) !=='/') if(file_exists(elgg_get_root_path() . 'robots.txt'))
Set robots.txt.
elgg_get_session()
Gets Elgg's session object.