X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=lib%2Faction.php;h=80f398fbd77e25b8736af0a5c7cb33cae06cb5fd;hb=91332cdadc20e721c22fcf22ca1773cedbde95c5;hp=06cdbdfe0f70685b212df21b40cba962dd5bb8a4;hpb=b9e4b6dd49e8f2c56025df8424137144723d2021;p=quix0rs-gnu-social.git
diff --git a/lib/action.php b/lib/action.php
index 06cdbdfe0f..80f398fbd7 100644
--- a/lib/action.php
+++ b/lib/action.php
@@ -120,14 +120,16 @@ class Action extends HTMLOutputter // lawsuit
{
// XXX: attributes (profile?)
$this->elementStart('head');
- $this->showTitle();
- $this->showShortcutIcon();
- $this->showStylesheets();
- $this->showScripts();
- $this->showOpenSearch();
- $this->showFeeds();
- $this->showDescription();
- $this->extraHead();
+ if (Event::handle('StartShowHeadElements', array($this))) {
+ $this->showTitle();
+ $this->showShortcutIcon();
+ $this->showStylesheets();
+ $this->showOpenSearch();
+ $this->showFeeds();
+ $this->showDescription();
+ $this->extraHead();
+ Event::handle('EndShowHeadElements', array($this));
+ }
$this->elementEnd('head');
}
@@ -166,7 +168,7 @@ class Action extends HTMLOutputter // lawsuit
{
if (is_readable(INSTALLDIR . '/theme/' . common_config('site', 'theme') . '/favicon.ico')) {
$this->element('link', array('rel' => 'shortcut icon',
- 'href' => theme_path('favicon.ico')));
+ 'href' => Theme::path('favicon.ico')));
} else {
$this->element('link', array('rel' => 'shortcut icon',
'href' => common_path('favicon.ico')));
@@ -175,7 +177,7 @@ class Action extends HTMLOutputter // lawsuit
if (common_config('site', 'mobile')) {
if (is_readable(INSTALLDIR . '/theme/' . common_config('site', 'theme') . '/apple-touch-icon.png')) {
$this->element('link', array('rel' => 'apple-touch-icon',
- 'href' => theme_path('apple-touch-icon.png')));
+ 'href' => Theme::path('apple-touch-icon.png')));
} else {
$this->element('link', array('rel' => 'apple-touch-icon',
'href' => common_path('apple-touch-icon.png')));
@@ -208,16 +210,16 @@ class Action extends HTMLOutputter // lawsuit
if (Event::handle('StartShowUAStyles', array($this))) {
$this->comment('[if IE]>comment('[if lte IE '.$ver.']>comment('[if IE]>elementEnd('div');
+ $this->showScripts();
$this->elementEnd('body');
}
@@ -388,9 +391,9 @@ class Action extends HTMLOutputter // lawsuit
if (Event::handle('StartAddressData', array($this))) {
$this->elementStart('a', array('class' => 'url home bookmark',
'href' => common_local_url('public')));
- if (common_config('site', 'logo') || file_exists(theme_file('logo.png'))) {
+ if (common_config('site', 'logo') || file_exists(Theme::file('logo.png'))) {
$this->element('img', array('class' => 'logo photo',
- 'src' => (common_config('site', 'logo')) ? common_config('site', 'logo') : theme_path('logo.png'),
+ 'src' => (common_config('site', 'logo')) ? common_config('site', 'logo') : Theme::path('logo.png'),
'alt' => common_config('site', 'name')));
}
$this->element('span', array('class' => 'fn org'), common_config('site', 'name'));
@@ -442,17 +445,12 @@ class Action extends HTMLOutputter // lawsuit
_('Logout'), _('Logout from the site'), false, 'nav_logout');
}
else {
- if (!common_config('site', 'openidonly')) {
- if (!common_config('site', 'closed')) {
- $this->menuItem(common_local_url('register'),
- _('Register'), _('Create an account'), false, 'nav_register');
- }
- $this->menuItem(common_local_url('login'),
- _('Login'), _('Login to the site'), false, 'nav_login');
- } else {
- $this->menuItem(common_local_url('openidlogin'),
- _('OpenID'), _('Login with OpenID'), false, 'nav_openid');
+ if (!common_config('site', 'closed')) {
+ $this->menuItem(common_local_url('register'),
+ _('Register'), _('Create an account'), false, 'nav_register');
}
+ $this->menuItem(common_local_url('login'),
+ _('Login'), _('Login to the site'), false, 'nav_login');
}
$this->menuItem(common_local_url('doc', array('title' => 'help')),
_('Help'), _('Help me!'), false, 'nav_help');
@@ -530,7 +528,10 @@ class Action extends HTMLOutputter // lawsuit
$this->showContentBlock();
Event::handle('EndShowContentBlock', array($this));
}
- $this->showAside();
+ if (Event::handle('StartShowAside', array($this))) {
+ $this->showAside();
+ Event::handle('EndShowAside', array($this));
+ }
$this->elementEnd('div');
}
@@ -873,71 +874,38 @@ class Action extends HTMLOutputter // lawsuit
}
/**
- * Wrapper for the handle method that handles etags, last-modified, and other conditional headers
+ * Handler method
*
* @param array $argarray is ignored since it's now passed in in prepare()
*
* @return boolean is read only action?
*/
- function handleWrapper($argarray=null)
+ function handle($argarray=null)
{
- header('Vary: Accept-Encoding,Cookie,Accept-Language,Authorization');
- header("Cache-Control: must-revalidate");
+ header('Vary: Accept-Encoding,Cookie');
$lm = $this->lastModified();
$etag = $this->etag();
if ($etag) {
header('ETag: ' . $etag);
}
- $if_none_match = (array_key_exists('HTTP_IF_NONE_MATCH', $_SERVER)) ?
- $_SERVER['HTTP_IF_NONE_MATCH'] : null;
if ($lm) {
header('Last-Modified: ' . date(DATE_RFC1123, $lm));
if (array_key_exists('HTTP_IF_MODIFIED_SINCE', $_SERVER)) {
$if_modified_since = $_SERVER['HTTP_IF_MODIFIED_SINCE'];
$ims = strtotime($if_modified_since);
if ($lm <= $ims) {
+ $if_none_match = (array_key_exists('HTTP_IF_NONE_MATCH', $_SERVER)) ?
+ $_SERVER['HTTP_IF_NONE_MATCH'] : null;
if (!$if_none_match ||
!$etag ||
$this->_hasEtag($etag, $if_none_match)) {
header('HTTP/1.1 304 Not Modified');
- header('Content-Length: 0');
// Better way to do this?
exit(0);
}
}
}
}
- if($etag) {
- $ret = $this->handle($argarray);
- }else{
- ob_start();
- $ret = $this->handle($argarray);
- $output = ob_get_contents();
- ob_end_clean();
- //deep etag
- $etag = md5($output);
- header('ETag: ' . $etag);
- if($if_none_match && $this->_hasEtag($etag, $if_none_match)) {
- header('HTTP/1.1 304 Not Modified');
- header('Content-Length: 0');
- // Better way to do this?
- exit(0);
- }
- header('Content-Length: '.strlen($output));
- print $output;
- }
- return $ret;
- }
-
- /**
- * Handler method
- *
- * @param array $argarray is ignored since it's now passed in in prepare()
- *
- * @return boolean is read only action?
- */
- function handle($argarray=null)
- {
}
/**
@@ -1133,4 +1101,22 @@ class Action extends HTMLOutputter // lawsuit
{
return Design::siteDesign();
}
+
+ /**
+ * Check the session token.
+ *
+ * Checks that the current form has the correct session token,
+ * and throw an exception if it does not.
+ *
+ * @return void
+ */
+
+ function checkSessionToken()
+ {
+ // CSRF protection
+ $token = $this->trimmed('token');
+ if (empty($token) || $token != common_session_token()) {
+ $this->clientError(_('There was a problem with your session token.'));
+ }
+ }
}