diff --git a/app/modules/web/Controllers/AccessManagerController.php b/app/modules/web/Controllers/AccessManagerController.php index 2ee0bfc9..e6f17e6f 100644 --- a/app/modules/web/Controllers/AccessManagerController.php +++ b/app/modules/web/Controllers/AccessManagerController.php @@ -27,7 +27,6 @@ namespace SP\Modules\Web\Controllers; use SP\Core\Acl\Acl; use SP\Core\Events\Event; use SP\DataModel\ItemSearchData; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\ItemsGridHelper; use SP\Modules\Web\Controllers\Helpers\TabsGridHelper; use SP\Services\AuthToken\AuthTokenService; @@ -103,7 +102,7 @@ class AccessManagerController extends ControllerBase $this->eventDispatcher->notifyEvent('show.itemlist.accesses', new Event($this)); - $this->tabsGridHelper->renderTabs(Acl::getActionRoute(Acl::ACCESS_MANAGE), Request::analyzeInt('tabIndex', 0)); + $this->tabsGridHelper->renderTabs(Acl::getActionRoute(Acl::ACCESS_MANAGE), $this->request->analyzeInt('tabIndex', 0)); $this->view(); } diff --git a/app/modules/web/Controllers/AccountController.php b/app/modules/web/Controllers/AccountController.php index 7104dd14..f3b81b0c 100644 --- a/app/modules/web/Controllers/AccountController.php +++ b/app/modules/web/Controllers/AccountController.php @@ -36,7 +36,6 @@ use SP\Core\Exceptions\ValidationException; use SP\Core\UI\ThemeIcons; use SP\DataModel\AccountExtData; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\Account\AccountHelper; use SP\Modules\Web\Controllers\Helpers\Account\AccountHistoryHelper; use SP\Modules\Web\Controllers\Helpers\Account\AccountPasswordHelper; @@ -680,7 +679,7 @@ class AccountController extends ControllerBase implements CrudControllerInterfac $accountId = $this->accountService->create($itemData); - $this->addCustomFieldsForItem(Acl::ACCOUNT, $accountId); + $this->addCustomFieldsForItem(Acl::ACCOUNT, $accountId, $this->request); $accountDetails = $this->accountService->getById($accountId)->getAccountVData(); @@ -726,7 +725,7 @@ class AccountController extends ControllerBase implements CrudControllerInterfac $this->accountService->update($itemData); - $this->updateCustomFieldsForItem(Acl::ACCOUNT, $id); + $this->updateCustomFieldsForItem(Acl::ACCOUNT, $id, $this->request); $accountDetails = $this->accountService->getById($id)->getAccountVData(); @@ -846,7 +845,7 @@ class AccountController extends ControllerBase implements CrudControllerInterfac { try { if ($id === null) { - $this->accountService->deleteByIdBatch($this->getItemsIdFromRequest()); + $this->accountService->deleteByIdBatch($this->getItemsIdFromRequest($this->request)); $this->deleteCustomFieldsForItem(Acl::ACCOUNT, $id); @@ -889,7 +888,7 @@ class AccountController extends ControllerBase implements CrudControllerInterfac public function saveRequestAction($id) { try { - $description = Request::analyzeString('description'); + $description = $this->request->analyzeString('description'); if (empty($description)) { throw new ValidationException(__u('Es necesaria una descripción')); diff --git a/app/modules/web/Controllers/AccountFileController.php b/app/modules/web/Controllers/AccountFileController.php index ecec49c6..3d7770db 100644 --- a/app/modules/web/Controllers/AccountFileController.php +++ b/app/modules/web/Controllers/AccountFileController.php @@ -31,7 +31,6 @@ use SP\Core\Exceptions\SPException; use SP\DataModel\FileData; use SP\Html\Html; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\ItemsGridHelper; use SP\Modules\Web\Controllers\Traits\ItemTrait; use SP\Modules\Web\Controllers\Traits\JsonTrait; @@ -253,7 +252,7 @@ class AccountFileController extends ControllerBase implements CrudControllerInte } $this->view->addTemplate('datagrid-table', 'grid'); - $this->view->assign('index', Request::analyzeInt('activetab', 0)); + $this->view->assign('index', $this->request->analyzeInt('activetab', 0)); $this->view->assign('data', $this->getSearchGrid()); $this->returnJsonResponseData(['html' => $this->render()]); @@ -269,7 +268,7 @@ class AccountFileController extends ControllerBase implements CrudControllerInte protected function getSearchGrid() { $itemsGridHelper = $this->dic->get(ItemsGridHelper::class); - $itemSearchData = $this->getSearchData($this->configData->getAccountCount()); + $itemSearchData = $this->getSearchData($this->configData->getAccountCount(), $this->request); return $itemsGridHelper->updatePager($itemsGridHelper->getFilesGrid($this->accountFileService->search($itemSearchData)), $itemSearchData); } @@ -301,7 +300,7 @@ class AccountFileController extends ControllerBase implements CrudControllerInte { try { if ($id === null) { - $this->accountFileService->deleteByIdBatch($this->getItemsIdFromRequest()); + $this->accountFileService->deleteByIdBatch($this->getItemsIdFromRequest($this->request)); $this->eventDispatcher->notifyEvent('delete.accountFile.selection', new Event($this, EventMessage::factory() @@ -361,7 +360,7 @@ class AccountFileController extends ControllerBase implements CrudControllerInte try { $this->view->addTemplate('files-list', 'account'); - $this->view->assign('deleteEnabled', Request::analyzeInt('del', false)); + $this->view->assign('deleteEnabled', $this->request->analyzeInt('del', false)); $this->view->assign('files', $this->dic->get(AccountFileService::class)->getByAccountId($accountId)); $this->view->assign('sk', $this->session->getSecurityKey()); $this->view->assign('fileViewRoute', Acl::getActionRoute(Acl::ACCOUNT_FILE_VIEW)); diff --git a/app/modules/web/Controllers/AccountHistoryManagerController.php b/app/modules/web/Controllers/AccountHistoryManagerController.php index d63e2dc6..3cced99d 100644 --- a/app/modules/web/Controllers/AccountHistoryManagerController.php +++ b/app/modules/web/Controllers/AccountHistoryManagerController.php @@ -28,7 +28,6 @@ use SP\Core\Acl\Acl; use SP\Core\Events\Event; use SP\Core\Events\EventMessage; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\ItemsGridHelper; use SP\Modules\Web\Controllers\Traits\ItemTrait; use SP\Modules\Web\Controllers\Traits\JsonTrait; @@ -58,7 +57,7 @@ class AccountHistoryManagerController extends ControllerBase } $this->view->addTemplate('datagrid-table', 'grid'); - $this->view->assign('index', Request::analyzeInt('activetab', 0)); + $this->view->assign('index', $this->request->analyzeInt('activetab', 0)); $this->view->assign('data', $this->getSearchGrid()); $this->returnJsonResponseData(['html' => $this->render()]); @@ -74,7 +73,7 @@ class AccountHistoryManagerController extends ControllerBase protected function getSearchGrid() { $itemsGridHelper = $this->dic->get(ItemsGridHelper::class); - $itemSearchData = $this->getSearchData($this->configData->getAccountCount()); + $itemSearchData = $this->getSearchData($this->configData->getAccountCount(), $this->request); return $itemsGridHelper->updatePager($itemsGridHelper->getAccountsHistoryGrid($this->accountHistoryService->search($itemSearchData)), $itemSearchData); } @@ -88,7 +87,7 @@ class AccountHistoryManagerController extends ControllerBase { try { if ($id === null) { - $this->accountHistoryService->deleteByIdBatch($this->getItemsIdFromRequest()); + $this->accountHistoryService->deleteByIdBatch($this->getItemsIdFromRequest($this->request)); $this->eventDispatcher->notifyEvent('delete.accountHistory.selection', new Event($this, EventMessage::factory()->addDescription(__u('Cuentas eliminadas'))) diff --git a/app/modules/web/Controllers/AccountManagerController.php b/app/modules/web/Controllers/AccountManagerController.php index e283d92f..5e445c5e 100644 --- a/app/modules/web/Controllers/AccountManagerController.php +++ b/app/modules/web/Controllers/AccountManagerController.php @@ -28,7 +28,6 @@ use SP\Core\Acl\Acl; use SP\Core\Events\Event; use SP\Core\Events\EventMessage; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\ItemsGridHelper; use SP\Modules\Web\Controllers\Traits\ItemTrait; use SP\Modules\Web\Controllers\Traits\JsonTrait; @@ -59,7 +58,7 @@ class AccountManagerController extends ControllerBase } $this->view->addTemplate('datagrid-table', 'grid'); - $this->view->assign('index', Request::analyzeInt('activetab', 0)); + $this->view->assign('index', $this->request->analyzeInt('activetab', 0)); $this->view->assign('data', $this->getSearchGrid()); $this->returnJsonResponseData(['html' => $this->render()]); @@ -75,7 +74,7 @@ class AccountManagerController extends ControllerBase protected function getSearchGrid() { $itemsGridHelper = $this->dic->get(ItemsGridHelper::class); - $itemSearchData = $this->getSearchData($this->configData->getAccountCount()); + $itemSearchData = $this->getSearchData($this->configData->getAccountCount(), $this->request); return $itemsGridHelper->updatePager($itemsGridHelper->getAccountsGrid($this->accountService->search($itemSearchData)), $itemSearchData); } @@ -89,7 +88,7 @@ class AccountManagerController extends ControllerBase { try { if ($id === null) { - $this->accountService->deleteByIdBatch($this->getItemsIdFromRequest()); + $this->accountService->deleteByIdBatch($this->getItemsIdFromRequest($this->request)); $this->deleteCustomFieldsForItem(Acl::ACCOUNT, $id); diff --git a/app/modules/web/Controllers/AuthTokenController.php b/app/modules/web/Controllers/AuthTokenController.php index 8321c924..22b5037b 100644 --- a/app/modules/web/Controllers/AuthTokenController.php +++ b/app/modules/web/Controllers/AuthTokenController.php @@ -30,7 +30,6 @@ use SP\Core\Events\EventMessage; use SP\Core\Exceptions\ValidationException; use SP\DataModel\AuthTokenData; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\ItemsGridHelper; use SP\Modules\Web\Controllers\Traits\ItemTrait; use SP\Modules\Web\Controllers\Traits\JsonTrait; @@ -67,7 +66,7 @@ class AuthTokenController extends ControllerBase implements CrudControllerInterf } $this->view->addTemplate('datagrid-table', 'grid'); - $this->view->assign('index', Request::analyzeInt('activetab', 0)); + $this->view->assign('index', $this->request->analyzeInt('activetab', 0)); $this->view->assign('data', $this->getSearchGrid()); $this->returnJsonResponseData(['html' => $this->render()]); @@ -83,7 +82,7 @@ class AuthTokenController extends ControllerBase implements CrudControllerInterf protected function getSearchGrid() { $itemsGridHelper = $this->dic->get(ItemsGridHelper::class); - $itemSearchData = $this->getSearchData($this->configData->getAccountCount()); + $itemSearchData = $this->getSearchData($this->configData->getAccountCount(), $this->request); return $itemsGridHelper->updatePager($itemsGridHelper->getAuthTokensGrid($this->authTokenService->search($itemSearchData)), $itemSearchData); } @@ -196,7 +195,7 @@ class AuthTokenController extends ControllerBase implements CrudControllerInterf try { if ($id === null) { - $this->authTokenService->deleteByIdBatch($this->getItemsIdFromRequest()); + $this->authTokenService->deleteByIdBatch($this->getItemsIdFromRequest($this->request)); $this->deleteCustomFieldsForItem(Acl::AUTHTOKEN, $id); @@ -245,7 +244,7 @@ class AuthTokenController extends ControllerBase implements CrudControllerInterf $id = $this->authTokenService->create($apiTokenData); - $this->addCustomFieldsForItem(Acl::AUTHTOKEN, $id); + $this->addCustomFieldsForItem(Acl::AUTHTOKEN, $id, $this->request); $this->eventDispatcher->notifyEvent('create.authToken', new Event($this)); @@ -297,7 +296,7 @@ class AuthTokenController extends ControllerBase implements CrudControllerInterf ); } - $this->updateCustomFieldsForItem(Acl::AUTHTOKEN, $id); + $this->updateCustomFieldsForItem(Acl::AUTHTOKEN, $id, $this->request); $this->returnJsonResponse(JsonResponse::JSON_SUCCESS, __u('Autorización actualizada')); } catch (ValidationException $e) { diff --git a/app/modules/web/Controllers/CategoryController.php b/app/modules/web/Controllers/CategoryController.php index e962b9b8..5bf59918 100644 --- a/app/modules/web/Controllers/CategoryController.php +++ b/app/modules/web/Controllers/CategoryController.php @@ -30,7 +30,6 @@ use SP\Core\Events\EventMessage; use SP\Core\Exceptions\ValidationException; use SP\DataModel\CategoryData; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\ItemsGridHelper; use SP\Modules\Web\Controllers\Traits\ItemTrait; use SP\Modules\Web\Controllers\Traits\JsonTrait; @@ -65,7 +64,7 @@ class CategoryController extends ControllerBase implements CrudControllerInterfa } $this->view->addTemplate('datagrid-table', 'grid'); - $this->view->assign('index', Request::analyzeInt('activetab', 0)); + $this->view->assign('index', $this->request->analyzeInt('activetab', 0)); $this->view->assign('data', $this->getSearchGrid()); $this->returnJsonResponseData(['html' => $this->render()]); @@ -81,7 +80,7 @@ class CategoryController extends ControllerBase implements CrudControllerInterfa protected function getSearchGrid() { $itemsGridHelper = $this->dic->get(ItemsGridHelper::class); - $itemSearchData = $this->getSearchData($this->configData->getAccountCount()); + $itemSearchData = $this->getSearchData($this->configData->getAccountCount(), $this->request); return $itemsGridHelper->updatePager($itemsGridHelper->getCategoriesGrid($this->categoryService->search($itemSearchData)), $itemSearchData); } @@ -192,7 +191,7 @@ class CategoryController extends ControllerBase implements CrudControllerInterfa try { if ($id === null) { - $this->categoryService->deleteByIdBatch($this->getItemsIdFromRequest()); + $this->categoryService->deleteByIdBatch($this->getItemsIdFromRequest($this->request)); $this->deleteCustomFieldsForItem(Acl::CATEGORY, $id); @@ -244,7 +243,7 @@ class CategoryController extends ControllerBase implements CrudControllerInterfa $id = $this->categoryService->create($itemData); - $this->addCustomFieldsForItem(Acl::CATEGORY, $id); + $this->addCustomFieldsForItem(Acl::CATEGORY, $id, $this->request); $this->eventDispatcher->notifyEvent('create.category', new Event($this, @@ -286,7 +285,7 @@ class CategoryController extends ControllerBase implements CrudControllerInterfa $this->categoryService->update($itemData); - $this->updateCustomFieldsForItem(Acl::CATEGORY, $id); + $this->updateCustomFieldsForItem(Acl::CATEGORY, $id, $this->request); $this->eventDispatcher->notifyEvent('edit.category', new Event($this, diff --git a/app/modules/web/Controllers/ClientController.php b/app/modules/web/Controllers/ClientController.php index e353f47e..dd35d5e7 100644 --- a/app/modules/web/Controllers/ClientController.php +++ b/app/modules/web/Controllers/ClientController.php @@ -31,7 +31,6 @@ use SP\Core\Events\EventMessage; use SP\Core\Exceptions\ValidationException; use SP\DataModel\ClientData; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\ItemsGridHelper; use SP\Modules\Web\Controllers\Traits\ItemTrait; use SP\Modules\Web\Controllers\Traits\JsonTrait; @@ -66,7 +65,7 @@ class ClientController extends ControllerBase implements CrudControllerInterface } $this->view->addTemplate('datagrid-table', 'grid'); - $this->view->assign('index', Request::analyzeInt('activetab', 0)); + $this->view->assign('index', $this->request->analyzeInt('activetab', 0)); $this->view->assign('data', $this->getSearchGrid()); $this->returnJsonResponseData(['html' => $this->render()]); @@ -82,7 +81,7 @@ class ClientController extends ControllerBase implements CrudControllerInterface protected function getSearchGrid() { $itemsGridHelper = $this->dic->get(ItemsGridHelper::class); - $itemSearchData = $this->getSearchData($this->configData->getAccountCount()); + $itemSearchData = $this->getSearchData($this->configData->getAccountCount(), $this->request); return $itemsGridHelper->updatePager($itemsGridHelper->getClientsGrid($this->clientService->search($itemSearchData)), $itemSearchData); } @@ -193,7 +192,7 @@ class ClientController extends ControllerBase implements CrudControllerInterface try { if ($id === null) { - $this->clientService->deleteByIdBatch($this->getItemsIdFromRequest()); + $this->clientService->deleteByIdBatch($this->getItemsIdFromRequest($this->request)); $this->deleteCustomFieldsForItem(Acl::CLIENT, $id); diff --git a/app/modules/web/Controllers/ConfigAccountController.php b/app/modules/web/Controllers/ConfigAccountController.php index 5c25efe2..1ea91480 100644 --- a/app/modules/web/Controllers/ConfigAccountController.php +++ b/app/modules/web/Controllers/ConfigAccountController.php @@ -30,7 +30,6 @@ use SP\Core\Acl\UnauthorizedPageException; use SP\Core\Events\Event; use SP\Core\Events\EventMessage; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Traits\ConfigTrait; /** @@ -52,27 +51,27 @@ class ConfigAccountController extends SimpleControllerBase $eventMessage = EventMessage::factory(); // Accounts - $configData->setGlobalSearch(Request::analyzeBool('account_globalsearch_enabled', false)); - $configData->setAccountPassToImage(Request::analyzeBool('account_passtoimage_enabled', false)); - $configData->setAccountLink(Request::analyzeBool('account_link_enabled', false)); - $configData->setAccountFullGroupAccess(Request::analyzeBool('account_fullgroup_access_enabled', false)); - $configData->setAccountCount(Request::analyzeInt('account_count', 10)); - $configData->setResultsAsCards(Request::analyzeBool('account_resultsascards_enabled', false)); - $configData->setAccountExpireEnabled(Request::analyzeBool('account_expire_enabled', false)); - $configData->setAccountExpireTime(Request::analyzeInt('account_expire_time', 10368000) * 24 * 3600); + $configData->setGlobalSearch($this->request->analyzeBool('account_globalsearch_enabled', false)); + $configData->setAccountPassToImage($this->request->analyzeBool('account_passtoimage_enabled', false)); + $configData->setAccountLink($this->request->analyzeBool('account_link_enabled', false)); + $configData->setAccountFullGroupAccess($this->request->analyzeBool('account_fullgroup_access_enabled', false)); + $configData->setAccountCount($this->request->analyzeInt('account_count', 10)); + $configData->setResultsAsCards($this->request->analyzeBool('account_resultsascards_enabled', false)); + $configData->setAccountExpireEnabled($this->request->analyzeBool('account_expire_enabled', false)); + $configData->setAccountExpireTime($this->request->analyzeInt('account_expire_time', 10368000) * 24 * 3600); // Files - $filesEnabled = Request::analyzeBool('files_enabled', false); + $filesEnabled = $this->request->analyzeBool('files_enabled', false); if ($filesEnabled) { - $filesAllowedSize = Request::analyzeInt('files_allowed_size', 1024); + $filesAllowedSize = $this->request->analyzeInt('files_allowed_size', 1024); if ($filesAllowedSize >= 16384) { $this->returnJsonResponse(JsonResponse::JSON_ERROR, __u('El tamaño máximo por archivo es de 16MB')); } $configData->setFilesEnabled(true); - $configData->setFilesAllowedExts(ConfigUtil::filesExtsAdapter(Request::analyzeString('files_allowed_exts'))); + $configData->setFilesAllowedExts(ConfigUtil::filesExtsAdapter($this->request->analyzeString('files_allowed_exts'))); $configData->setFilesAllowedSize($filesAllowedSize); if ($configData->isFilesEnabled() === false) { @@ -85,13 +84,13 @@ class ConfigAccountController extends SimpleControllerBase } // Public Links - $pubLinksEnabled = Request::analyzeBool('publiclinks_enabled', false); + $pubLinksEnabled = $this->request->analyzeBool('publiclinks_enabled', false); if ($pubLinksEnabled === true) { $configData->setPublinksEnabled(true); - $configData->setPublinksImageEnabled(Request::analyzeBool('publiclinks_image_enabled', false)); - $configData->setPublinksMaxTime(Request::analyzeInt('publiclinks_maxtime', 10) * 60); - $configData->setPublinksMaxViews(Request::analyzeInt('publiclinks_maxviews', 3)); + $configData->setPublinksImageEnabled($this->request->analyzeBool('publiclinks_image_enabled', false)); + $configData->setPublinksMaxTime($this->request->analyzeInt('publiclinks_maxtime', 10) * 60); + $configData->setPublinksMaxViews($this->request->analyzeInt('publiclinks_maxviews', 3)); if ($configData->isPublinksEnabled() === false) { $eventMessage->addDescription(__u('Enlaces públicos habilitados')); diff --git a/app/modules/web/Controllers/ConfigBackupController.php b/app/modules/web/Controllers/ConfigBackupController.php index f64f97d5..7417e31e 100644 --- a/app/modules/web/Controllers/ConfigBackupController.php +++ b/app/modules/web/Controllers/ConfigBackupController.php @@ -2,8 +2,8 @@ /** * sysPass * - * @author nuxsmin - * @link https://syspass.org + * @author nuxsmin + * @link https://syspass.org * @copyright 2012-2018, Rubén Domínguez nuxsmin@$syspass.org * * This file is part of sysPass. @@ -30,7 +30,6 @@ use SP\Core\Context\SessionContext; use SP\Core\Events\Event; use SP\Core\Events\EventMessage; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Traits\ConfigTrait; use SP\Services\Backup\FileBackupService; use SP\Services\Export\XmlExportService; @@ -81,8 +80,8 @@ class ConfigBackupController extends SimpleControllerBase */ public function xmlExportAction() { - $exportPassword = Request::analyzeEncrypted('exportPwd'); - $exportPasswordR = Request::analyzeEncrypted('exportPwdR'); + $exportPassword = $this->request->analyzeEncrypted('exportPwd'); + $exportPasswordR = $this->request->analyzeEncrypted('exportPwdR'); if (!empty($exportPassword) && $exportPassword !== $exportPasswordR) { $this->returnJsonResponse(JsonResponse::JSON_ERROR, __u('Las claves no coinciden')); diff --git a/app/modules/web/Controllers/ConfigEncryptionController.php b/app/modules/web/Controllers/ConfigEncryptionController.php index 9accbdc6..098d8317 100644 --- a/app/modules/web/Controllers/ConfigEncryptionController.php +++ b/app/modules/web/Controllers/ConfigEncryptionController.php @@ -34,7 +34,6 @@ use SP\Core\Events\Event; use SP\Core\Events\EventMessage; use SP\Core\Messages\MailMessage; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Traits\JsonTrait; use SP\Services\Config\ConfigService; use SP\Services\Crypt\MasterPassService; @@ -63,12 +62,12 @@ class ConfigEncryptionController extends SimpleControllerBase { $mastePassService = $this->dic->get(MasterPassService::class); - $currentMasterPass = Request::analyzeEncrypted('current_masterpass'); - $newMasterPass = Request::analyzeEncrypted('new_masterpass'); - $newMasterPassR = Request::analyzeEncrypted('new_masterpass_repeat'); - $confirmPassChange = Request::analyzeBool('confirm_masterpass_change', false); - $noAccountPassChange = Request::analyzeBool('no_account_change', false); - $taskId = Request::analyzeString('taskId'); + $currentMasterPass = $this->request->analyzeEncrypted('current_masterpass'); + $newMasterPass = $this->request->analyzeEncrypted('new_masterpass'); + $newMasterPassR = $this->request->analyzeEncrypted('new_masterpass_repeat'); + $confirmPassChange = $this->request->analyzeBool('confirm_masterpass_change', false); + $noAccountPassChange = $this->request->analyzeBool('no_account_change', false); + $taskId = $this->request->analyzeString('taskId'); if (!$mastePassService->checkUserUpdateMPass($this->session->getUserData()->getLastUpdateMPass())) { $this->returnJsonResponse(JsonResponse::JSON_SUCCESS_STICKY, __u('Clave maestra actualizada'), [__u('Reinicie la sesión para cambiarla')]); @@ -185,10 +184,10 @@ class ConfigEncryptionController extends SimpleControllerBase { try { $temporaryMasterPassService = $this->dic->get(TemporaryMasterPassService::class); - $key = $temporaryMasterPassService->create(Request::analyzeInt('temporary_masterpass_maxtime', 3600)); + $key = $temporaryMasterPassService->create($this->request->analyzeInt('temporary_masterpass_maxtime', 3600)); - $groupId = Request::analyzeInt('temporary_masterpass_group'); - $sendEmail = Request::analyzeBool('temporary_masterpass_email'); + $groupId = $this->request->analyzeInt('temporary_masterpass_group'); + $sendEmail = $this->request->analyzeBool('temporary_masterpass_email'); if ($this->configData->isMailEnabled() && $sendEmail && $groupId) { $mailMessage = new MailMessage(); diff --git a/app/modules/web/Controllers/ConfigGeneralController.php b/app/modules/web/Controllers/ConfigGeneralController.php index abbf1ee7..4c3ce412 100644 --- a/app/modules/web/Controllers/ConfigGeneralController.php +++ b/app/modules/web/Controllers/ConfigGeneralController.php @@ -30,7 +30,6 @@ use SP\Core\Acl\UnauthorizedPageException; use SP\Core\Events\Event; use SP\Core\Events\EventMessage; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Traits\ConfigTrait; /** @@ -51,15 +50,15 @@ class ConfigGeneralController extends SimpleControllerBase $eventMessage = EventMessage::factory(); // General - $siteLang = Request::analyzeString('sitelang'); - $siteTheme = Request::analyzeString('sitetheme', 'material-blue'); - $sessionTimeout = Request::analyzeInt('session_timeout', 300); - $httpsEnabled = Request::analyzeBool('https_enabled', false); - $debugEnabled = Request::analyzeBool('debug_enabled', false); - $maintenanceEnabled = Request::analyzeBool('maintenance_enabled', false); - $checkUpdatesEnabled = Request::analyzeBool('check_updates_enabled', false); - $checkNoticesEnabled = Request::analyzeBool('check_notices_enabled', false); - $encryptSessionEnabled = Request::analyzeBool('encrypt_session_enabled', false); + $siteLang = $this->request->analyzeString('sitelang'); + $siteTheme = $this->request->analyzeString('sitetheme', 'material-blue'); + $sessionTimeout = $this->request->analyzeInt('session_timeout', 300); + $httpsEnabled = $this->request->analyzeBool('https_enabled', false); + $debugEnabled = $this->request->analyzeBool('debug_enabled', false); + $maintenanceEnabled = $this->request->analyzeBool('maintenance_enabled', false); + $checkUpdatesEnabled = $this->request->analyzeBool('check_updates_enabled', false); + $checkNoticesEnabled = $this->request->analyzeBool('check_notices_enabled', false); + $encryptSessionEnabled = $this->request->analyzeBool('encrypt_session_enabled', false); $configData->setSiteLang($siteLang); $configData->setSiteTheme($siteTheme); @@ -72,14 +71,14 @@ class ConfigGeneralController extends SimpleControllerBase $configData->setEncryptSession($encryptSessionEnabled); // Events - $logEnabled = Request::analyzeBool('log_enabled', false); - $syslogEnabled = Request::analyzeBool('syslog_enabled', false); - $remoteSyslogEnabled = Request::analyzeBool('remotesyslog_enabled', false); - $syslogServer = Request::analyzeString('remotesyslog_server'); - $syslogPort = Request::analyzeInt('remotesyslog_port', 0); + $logEnabled = $this->request->analyzeBool('log_enabled', false); + $syslogEnabled = $this->request->analyzeBool('syslog_enabled', false); + $remoteSyslogEnabled = $this->request->analyzeBool('remotesyslog_enabled', false); + $syslogServer = $this->request->analyzeString('remotesyslog_server'); + $syslogPort = $this->request->analyzeInt('remotesyslog_port', 0); $configData->setLogEnabled($logEnabled); - $configData->setLogEvents(Request::analyzeArray('log_events', function ($items) { + $configData->setLogEvents($this->request->analyzeArray('log_events', function ($items) { return ConfigUtil::eventsAdapter($items); }, [])); @@ -104,11 +103,11 @@ class ConfigGeneralController extends SimpleControllerBase } // Proxy - $proxyEnabled = Request::analyzeBool('proxy_enabled', false); - $proxyServer = Request::analyzeString('proxy_server'); - $proxyPort = Request::analyzeInt('proxy_port', 8080); - $proxyUser = Request::analyzeString('proxy_user'); - $proxyPass = Request::analyzeEncrypted('proxy_pass'); + $proxyEnabled = $this->request->analyzeBool('proxy_enabled', false); + $proxyServer = $this->request->analyzeString('proxy_server'); + $proxyPort = $this->request->analyzeInt('proxy_port', 8080); + $proxyUser = $this->request->analyzeString('proxy_user'); + $proxyPass = $this->request->analyzeEncrypted('proxy_pass'); // Valores para Proxy @@ -136,11 +135,11 @@ class ConfigGeneralController extends SimpleControllerBase } // Autentificación - $authBasicEnabled = Request::analyzeBool('authbasic_enabled', false); - $authBasicAutologinEnabled = Request::analyzeBool('authbasicautologin_enabled', false); - $authBasicDomain = Request::analyzeString('authbasic_domain'); - $authSsoDefaultGroup = Request::analyzeInt('sso_defaultgroup'); - $authSsoDefaultProfile = Request::analyzeInt('sso_defaultprofile'); + $authBasicEnabled = $this->request->analyzeBool('authbasic_enabled', false); + $authBasicAutologinEnabled = $this->request->analyzeBool('authbasicautologin_enabled', false); + $authBasicDomain = $this->request->analyzeString('authbasic_domain'); + $authSsoDefaultGroup = $this->request->analyzeInt('sso_defaultgroup'); + $authSsoDefaultProfile = $this->request->analyzeInt('sso_defaultprofile'); // Valores para Autentificación if ($authBasicEnabled) { diff --git a/app/modules/web/Controllers/ConfigImportController.php b/app/modules/web/Controllers/ConfigImportController.php index 24da4a19..999dcbba 100644 --- a/app/modules/web/Controllers/ConfigImportController.php +++ b/app/modules/web/Controllers/ConfigImportController.php @@ -32,7 +32,6 @@ use SP\Core\Context\SessionContext; use SP\Core\Events\Event; use SP\Core\Events\EventMessage; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Traits\JsonTrait; use SP\Services\Import\FileImport; use SP\Services\Import\ImportParams; @@ -58,11 +57,11 @@ class ConfigImportController extends SimpleControllerBase } $importParams = new ImportParams(); - $importParams->setDefaultUser(Request::analyzeInt('import_defaultuser', $this->session->getUserData()->getId())); - $importParams->setDefaultGroup(Request::analyzeInt('import_defaultgroup', $this->session->getUserData()->getUserGroupId())); - $importParams->setImportPwd(Request::analyzeEncrypted('importPwd')); - $importParams->setImportMasterPwd(Request::analyzeEncrypted('importMasterPwd')); - $importParams->setCsvDelimiter(Request::analyzeString('csvDelimiter')); + $importParams->setDefaultUser($this->request->analyzeInt('import_defaultuser', $this->session->getUserData()->getId())); + $importParams->setDefaultGroup($this->request->analyzeInt('import_defaultgroup', $this->session->getUserData()->getUserGroupId())); + $importParams->setImportPwd($this->request->analyzeEncrypted('importPwd')); + $importParams->setImportMasterPwd($this->request->analyzeEncrypted('importMasterPwd')); + $importParams->setCsvDelimiter($this->request->analyzeString('csvDelimiter')); try { @@ -71,7 +70,7 @@ class ConfigImportController extends SimpleControllerBase SessionContext::close(); $counter = $this->dic->get(ImportService::class) - ->doImport($importParams, new FileImport($this->router->request()->files()->get('inFile'))); + ->doImport($importParams, new FileImport($this->request->getFile('inFile'))); $this->eventDispatcher->notifyEvent('run.import.end', new Event($this, EventMessage::factory()->addDetail(__u('Cuentas importadas'), $counter)) diff --git a/app/modules/web/Controllers/ConfigLdapController.php b/app/modules/web/Controllers/ConfigLdapController.php index e48cc085..2ad92415 100644 --- a/app/modules/web/Controllers/ConfigLdapController.php +++ b/app/modules/web/Controllers/ConfigLdapController.php @@ -31,7 +31,6 @@ use SP\Core\Events\EventMessage; use SP\Core\Exceptions\SPException; use SP\Core\Exceptions\ValidationException; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Traits\ConfigTrait; use SP\Mvc\View\Template; use SP\Providers\Auth\Ldap\LdapParams; @@ -58,9 +57,9 @@ class ConfigLdapController extends SimpleControllerBase $configData = $this->config->getConfigData(); // LDAP - $ldapEnabled = Request::analyzeBool('ldap_enabled', false); - $ldapDefaultGroup = Request::analyzeInt('ldap_defaultgroup'); - $ldapDefaultProfile = Request::analyzeInt('ldap_defaultprofile'); + $ldapEnabled = $this->request->analyzeBool('ldap_enabled', false); + $ldapDefaultGroup = $this->request->analyzeInt('ldap_defaultgroup'); + $ldapDefaultProfile = $this->request->analyzeInt('ldap_defaultprofile'); $ldapParams = $this->getLdapParamsFromRequest(); @@ -108,7 +107,7 @@ class ConfigLdapController extends SimpleControllerBase */ protected function getLdapParamsFromRequest() { - $data = LdapParams::getServerAndPort(Request::analyzeString('ldap_server')); + $data = LdapParams::getServerAndPort($this->request->analyzeString('ldap_server')); if ($data === false) { throw new ValidationException(__u('Parámetros de LDAP incorrectos')); @@ -117,11 +116,11 @@ class ConfigLdapController extends SimpleControllerBase return (new LdapParams()) ->setServer($data['server']) ->setPort(isset($data['port']) ? $data['port'] : 389) - ->setSearchBase(Request::analyzeString('ldap_base')) - ->setGroup(Request::analyzeString('ldap_group')) - ->setBindDn(Request::analyzeString('ldap_binduser')) - ->setBindPass(Request::analyzeEncrypted('ldap_bindpass')) - ->setAds(Request::analyzeBool('ldap_ads_enabled', false)); + ->setSearchBase($this->request->analyzeString('ldap_base')) + ->setGroup($this->request->analyzeString('ldap_group')) + ->setBindDn($this->request->analyzeString('ldap_binduser')) + ->setBindPass($this->request->analyzeEncrypted('ldap_bindpass')) + ->setAds($this->request->analyzeBool('ldap_ads_enabled', false)); } /** @@ -176,10 +175,10 @@ class ConfigLdapController extends SimpleControllerBase $ldapCheckService = $this->dic->get(LdapCheckService::class); $ldapCheckService->checkConnection($ldapParams); - $filter = Request::analyzeString('ldap_import_filter'); + $filter = $this->request->analyzeString('ldap_import_filter'); if (empty($filter)) { - $data = $ldapCheckService->getObjects(Request::analyzeBool('ldap_import_groups', false)); + $data = $ldapCheckService->getObjects($this->request->analyzeBool('ldap_import_groups', false)); } else { $data = $ldapCheckService->getObjectsByFilter($filter); } @@ -218,14 +217,14 @@ class ConfigLdapController extends SimpleControllerBase $ldapImportParams = new LdapImportParams(); - $ldapImportParams->filter = Request::analyzeString('ldap_import_filter'); - $ldapImportParams->loginAttribute = Request::analyzeString('ldap_login_attribute'); - $ldapImportParams->userNameAttribute = Request::analyzeString('ldap_username_attribute'); - $ldapImportParams->userGroupNameAttribute = Request::analyzeString('ldap_groupname_attribute'); - $ldapImportParams->defaultUserGroup = Request::analyzeInt('ldap_defaultgroup'); - $ldapImportParams->defaultUserProfile = Request::analyzeInt('ldap_defaultprofile'); + $ldapImportParams->filter = $this->request->analyzeString('ldap_import_filter'); + $ldapImportParams->loginAttribute = $this->request->analyzeString('ldap_login_attribute'); + $ldapImportParams->userNameAttribute = $this->request->analyzeString('ldap_username_attribute'); + $ldapImportParams->userGroupNameAttribute = $this->request->analyzeString('ldap_groupname_attribute'); + $ldapImportParams->defaultUserGroup = $this->request->analyzeInt('ldap_defaultgroup'); + $ldapImportParams->defaultUserProfile = $this->request->analyzeInt('ldap_defaultprofile'); - $checkImportGroups = Request::analyzeBool('ldap_import_groups', false); + $checkImportGroups = $this->request->analyzeBool('ldap_import_groups', false); if ((empty($ldapImportParams->loginAttribute) || empty($ldapImportParams->userNameAttribute) @@ -245,7 +244,7 @@ class ConfigLdapController extends SimpleControllerBase $userLdapService = $this->dic->get(LdapImportService::class); $userLdapService->importUsers($ldapParams, $ldapImportParams); - $filter = Request::analyzeString('ldap_import_filter'); + $filter = $this->request->analyzeString('ldap_import_filter'); // Groups won't be imported if filter is set if ($checkImportGroups === true && empty($filter)) { diff --git a/app/modules/web/Controllers/ConfigMailController.php b/app/modules/web/Controllers/ConfigMailController.php index 6e51e74f..c45f5bfe 100644 --- a/app/modules/web/Controllers/ConfigMailController.php +++ b/app/modules/web/Controllers/ConfigMailController.php @@ -30,7 +30,6 @@ use SP\Core\Acl\UnauthorizedPageException; use SP\Core\Events\Event; use SP\Core\Events\EventMessage; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Traits\ConfigTrait; use SP\Providers\Mail\MailParams; use SP\Services\MailService; @@ -53,16 +52,16 @@ class ConfigMailController extends SimpleControllerBase $configData = $this->config->getConfigData(); // Mail - $mailEnabled = Request::analyzeBool('mail_enabled', false); - $mailServer = Request::analyzeString('mail_server'); - $mailPort = Request::analyzeInt('mail_port', 25); - $mailUser = Request::analyzeString('mail_user'); - $mailPass = Request::analyzeEncrypted('mail_pass'); - $mailSecurity = Request::analyzeString('mail_security'); - $mailFrom = Request::analyzeEmail('mail_from'); - $mailRequests = Request::analyzeBool('mail_requests_enabled', false); - $mailAuth = Request::analyzeBool('mail_auth_enabled', false); - $mailRecipients = ConfigUtil::mailAddressesAdapter(Request::analyzeString('mail_recipients')); + $mailEnabled = $this->request->analyzeBool('mail_enabled', false); + $mailServer = $this->request->analyzeString('mail_server'); + $mailPort = $this->request->analyzeInt('mail_port', 25); + $mailUser = $this->request->analyzeString('mail_user'); + $mailPass = $this->request->analyzeEncrypted('mail_pass'); + $mailSecurity = $this->request->analyzeString('mail_security'); + $mailFrom = $this->request->analyzeEmail('mail_from'); + $mailRequests = $this->request->analyzeBool('mail_requests_enabled', false); + $mailAuth = $this->request->analyzeBool('mail_auth_enabled', false); + $mailRecipients = ConfigUtil::mailAddressesAdapter($this->request->analyzeString('mail_recipients')); // Valores para la configuración del Correo if ($mailEnabled && (!$mailServer || !$mailFrom || count($mailRecipients) === 0)) { @@ -77,7 +76,7 @@ class ConfigMailController extends SimpleControllerBase $configData->setMailSecurity($mailSecurity); $configData->setMailFrom($mailFrom); $configData->setMailRecipients($mailRecipients); - $configData->setMailEvents(Request::analyzeArray('mail_events', function ($items) { + $configData->setMailEvents($this->request->analyzeArray('mail_events', function ($items) { return ConfigUtil::eventsAdapter($items); })); @@ -114,12 +113,12 @@ class ConfigMailController extends SimpleControllerBase public function checkAction() { $mailParams = new MailParams(); - $mailParams->server = Request::analyzeString('mail_server'); - $mailParams->port = Request::analyzeInt('mail_port', 25); - $mailParams->security = Request::analyzeString('mail_security'); - $mailParams->from = Request::analyzeEmail('mail_from'); - $mailParams->mailAuthenabled = Request::analyzeBool('mail_authenabled', false); - $mailRecipients = ConfigUtil::mailAddressesAdapter(Request::analyzeString('mail_recipients')); + $mailParams->server = $this->request->analyzeString('mail_server'); + $mailParams->port = $this->request->analyzeInt('mail_port', 25); + $mailParams->security = $this->request->analyzeString('mail_security'); + $mailParams->from = $this->request->analyzeEmail('mail_from'); + $mailParams->mailAuthenabled = $this->request->analyzeBool('mail_authenabled', false); + $mailRecipients = ConfigUtil::mailAddressesAdapter($this->request->analyzeString('mail_recipients')); // Valores para la configuración del Correo if (!$mailParams->server || empty($mailParams->from) || empty($mailRecipients)) { @@ -127,8 +126,8 @@ class ConfigMailController extends SimpleControllerBase } if ($mailParams->mailAuthenabled) { - $mailParams->user = Request::analyzeString('mail_user'); - $mailParams->pass = Request::analyzeEncrypted('mail_pass'); + $mailParams->user = $this->request->analyzeString('mail_user'); + $mailParams->pass = $this->request->analyzeEncrypted('mail_pass'); } try { diff --git a/app/modules/web/Controllers/ConfigManagerController.php b/app/modules/web/Controllers/ConfigManagerController.php index 3fb21454..1f2d7aec 100644 --- a/app/modules/web/Controllers/ConfigManagerController.php +++ b/app/modules/web/Controllers/ConfigManagerController.php @@ -30,7 +30,6 @@ use SP\Core\Crypt\CryptSessionHandler; use SP\Core\Events\Event; use SP\Core\Language; use SP\Core\Plugin\PluginUtil; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\TabsHelper; use SP\Mvc\View\Components\DataTab; use SP\Mvc\View\Components\SelectItemAdapter; @@ -122,7 +121,7 @@ class ConfigManagerController extends ControllerBase $this->eventDispatcher->notifyEvent('show.config', new Event($this)); - $this->tabsHelper->renderTabs(Acl::getActionRoute(Acl::CONFIG), Request::analyzeInt('tabIndex', 0)); + $this->tabsHelper->renderTabs(Acl::getActionRoute(Acl::CONFIG), $this->request->analyzeInt('tabIndex', 0)); $this->view(); } diff --git a/app/modules/web/Controllers/ConfigWikiController.php b/app/modules/web/Controllers/ConfigWikiController.php index 408b80b6..1c030679 100644 --- a/app/modules/web/Controllers/ConfigWikiController.php +++ b/app/modules/web/Controllers/ConfigWikiController.php @@ -29,7 +29,6 @@ use SP\Core\Acl\UnauthorizedPageException; use SP\Core\Events\Event; use SP\Core\Events\EventMessage; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Traits\ConfigTrait; /** @@ -50,10 +49,10 @@ class ConfigWikiController extends SimpleControllerBase $configData = $this->config->getConfigData(); // Wiki - $wikiEnabled = Request::analyzeBool('wiki_enabled', false); - $wikiSearchUrl = Request::analyzeString('wiki_searchurl'); - $wikiPageUrl = Request::analyzeString('wiki_pageurl'); - $wikiFilter = Request::analyzeString('wiki_filter'); + $wikiEnabled = $this->request->analyzeBool('wiki_enabled', false); + $wikiSearchUrl = $this->request->analyzeString('wiki_searchurl'); + $wikiPageUrl = $this->request->analyzeString('wiki_pageurl'); + $wikiFilter = $this->request->analyzeString('wiki_filter'); // Valores para la conexión a la Wiki if ($wikiEnabled && (!$wikiSearchUrl || !$wikiPageUrl || !$wikiFilter)) { @@ -76,12 +75,12 @@ class ConfigWikiController extends SimpleControllerBase } // DokuWiki - $dokuWikiEnabled = Request::analyzeBool('dokuwiki_enabled', false); - $dokuWikiUrl = Request::analyzeString('dokuwiki_url'); - $dokuWikiUrlBase = Request::analyzeString('dokuwiki_urlbase'); - $dokuWikiUser = Request::analyzeString('dokuwiki_user'); - $dokuWikiPass = Request::analyzeEncrypted('dokuwiki_pass'); - $dokuWikiNamespace = Request::analyzeString('dokuwiki_namespace'); + $dokuWikiEnabled = $this->request->analyzeBool('dokuwiki_enabled', false); + $dokuWikiUrl = $this->request->analyzeString('dokuwiki_url'); + $dokuWikiUrlBase = $this->request->analyzeString('dokuwiki_urlbase'); + $dokuWikiUser = $this->request->analyzeString('dokuwiki_user'); + $dokuWikiPass = $this->request->analyzeEncrypted('dokuwiki_pass'); + $dokuWikiNamespace = $this->request->analyzeString('dokuwiki_namespace'); // Valores para la conexión a la API de DokuWiki if ($dokuWikiEnabled && (!$dokuWikiUrl || !$dokuWikiUrlBase)) { diff --git a/app/modules/web/Controllers/ControllerBase.php b/app/modules/web/Controllers/ControllerBase.php index 51780c1f..f3155c7c 100644 --- a/app/modules/web/Controllers/ControllerBase.php +++ b/app/modules/web/Controllers/ControllerBase.php @@ -38,6 +38,7 @@ use SP\Core\Events\EventDispatcher; use SP\Core\Exceptions\FileNotFoundException; use SP\Core\UI\Theme; use SP\DataModel\ProfileData; +use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\LayoutHelper; use SP\Mvc\Controller\ControllerTrait; use SP\Mvc\View\Template; @@ -123,12 +124,17 @@ abstract class ControllerBase * @var */ protected $isAjax = false; + /** + * @var Request + */ + protected $request; /** * Constructor * * @param Container $container * @param $actionName + * * @throws \Psr\Container\ContainerExceptionInterface * @throws \Psr\Container\NotFoundExceptionInterface */ @@ -147,6 +153,7 @@ abstract class ControllerBase $this->acl = $this->dic->get(Acl::class); $this->router = $this->dic->get(Klein::class); $this->view = $this->dic->get(Template::class); + $this->request = $this->dic->get(Request::class); $this->view->setBase(strtolower($this->controllerName)); @@ -272,13 +279,18 @@ abstract class ControllerBase } } - $this->checkLoggedInSession($this->session, $this->router); + $this->checkLoggedInSession($this->session, $this->request, function ($redirect) { + $this->router->response() + ->redirect($redirect) + ->send(true); + }); } /** * Comprobar si está permitido el acceso al módulo/página. * * @param null $action La acción a comprobar + * * @return bool */ protected function checkAccess($action) diff --git a/app/modules/web/Controllers/CustomFieldController.php b/app/modules/web/Controllers/CustomFieldController.php index a2b23ccd..021566e7 100644 --- a/app/modules/web/Controllers/CustomFieldController.php +++ b/app/modules/web/Controllers/CustomFieldController.php @@ -30,7 +30,6 @@ use SP\Core\Events\EventMessage; use SP\Core\Exceptions\ValidationException; use SP\DataModel\CustomFieldDefinitionData; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\ItemsGridHelper; use SP\Modules\Web\Controllers\Traits\ItemTrait; use SP\Modules\Web\Controllers\Traits\JsonTrait; @@ -67,7 +66,7 @@ class CustomFieldController extends ControllerBase implements CrudControllerInte } $this->view->addTemplate('datagrid-table', 'grid'); - $this->view->assign('index', Request::analyzeInt('activetab', 0)); + $this->view->assign('index', $this->request->analyzeInt('activetab', 0)); $this->view->assign('data', $this->getSearchGrid()); $this->returnJsonResponseData(['html' => $this->render()]); @@ -83,7 +82,7 @@ class CustomFieldController extends ControllerBase implements CrudControllerInte protected function getSearchGrid() { $itemsGridHelper = $this->dic->get(ItemsGridHelper::class); - $itemSearchData = $this->getSearchData($this->configData->getAccountCount()); + $itemSearchData = $this->getSearchData($this->configData->getAccountCount(), $this->request); return $itemsGridHelper->updatePager($itemsGridHelper->getCustomFieldsGrid($this->customFieldService->search($itemSearchData)), $itemSearchData); } @@ -193,7 +192,7 @@ class CustomFieldController extends ControllerBase implements CrudControllerInte try { if ($id === null) { - $this->customFieldService->deleteByIdBatch($this->getItemsIdFromRequest()); + $this->customFieldService->deleteByIdBatch($this->getItemsIdFromRequest($this->request)); $this->eventDispatcher->notifyEvent('delete.customField.selection', new Event($this, EventMessage::factory()->addDescription(__u('Campos eliminados'))) diff --git a/app/modules/web/Controllers/EventlogController.php b/app/modules/web/Controllers/EventlogController.php index e59dbd5f..cda64f98 100644 --- a/app/modules/web/Controllers/EventlogController.php +++ b/app/modules/web/Controllers/EventlogController.php @@ -78,7 +78,7 @@ class EventlogController extends ControllerBase $itemsGridHelper = $this->dic->get(ItemsGridHelper::class); $itemsGridHelper->setQueryTimeStart(microtime(true)); - $itemSearchData = $this->getSearchData($this->configData->getAccountCount()); + $itemSearchData = $this->getSearchData($this->configData->getAccountCount(), $this->request); return $itemsGridHelper->updatePager($itemsGridHelper->getEventLogGrid($this->eventLogService->search($itemSearchData)), $itemSearchData); } diff --git a/app/modules/web/Controllers/Helpers/Account/AccountHelper.php b/app/modules/web/Controllers/Helpers/Account/AccountHelper.php index 05a481e7..608336e5 100644 --- a/app/modules/web/Controllers/Helpers/Account/AccountHelper.php +++ b/app/modules/web/Controllers/Helpers/Account/AccountHelper.php @@ -32,6 +32,7 @@ use SP\Core\Acl\UnauthorizedPageException; use SP\Core\Exceptions\SPException; use SP\DataModel\Dto\AccountAclDto; use SP\DataModel\Dto\AccountDetailsResponse; +use SP\Http\Uri; use SP\Modules\Web\Controllers\Helpers\HelperBase; use SP\Modules\Web\Controllers\Traits\ItemTrait; use SP\Mvc\View\Components\SelectItemAdapter; @@ -47,7 +48,6 @@ use SP\Services\Tag\TagService; use SP\Services\User\UpdatedMasterPassException; use SP\Services\User\UserService; use SP\Services\UserGroup\UserGroupService; -use SP\Util\Util; /** * Class AccountHelper @@ -272,7 +272,12 @@ class AccountHelper extends HelperBase */ private function getDeepLink() { - return Util::getSecureLink(Acl::getActionRoute($this->actionId) . ($this->accountId ? '/' . $this->accountId : ''), $this->configData); + $route = Acl::getActionRoute($this->actionId) . ($this->accountId ? '/' . $this->accountId : ''); + + $uri = new Uri('index.php'); + $uri->addParam('r', $route); + + return $uri->getUriSigned($this->configData->getPasswordSalt()); } /** diff --git a/app/modules/web/Controllers/Helpers/Account/AccountSearchHelper.php b/app/modules/web/Controllers/Helpers/Account/AccountSearchHelper.php index 72c5d592..04bb620e 100644 --- a/app/modules/web/Controllers/Helpers/Account/AccountSearchHelper.php +++ b/app/modules/web/Controllers/Helpers/Account/AccountSearchHelper.php @@ -35,7 +35,6 @@ use SP\Html\DataGrid\DataGridData; use SP\Html\DataGrid\DataGridHeaderSort; use SP\Html\DataGrid\DataGridPager; use SP\Html\DataGrid\DataGridSort; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\HelperBase; use SP\Mvc\View\Components\SelectItemAdapter; use SP\Services\Account\AccountSearchService; @@ -82,8 +81,7 @@ class AccountSearchHelper extends HelperBase /** * Obtener los datos para la caja de búsqueda * - * @throws \Psr\Container\ContainerExceptionInterface - * @throws \Psr\Container\NotFoundExceptionInterface + * @throws \SP\Core\Exceptions\ConstraintException * @throws \SP\Core\Exceptions\QueryException */ public function getSearchBox() @@ -98,7 +96,9 @@ class AccountSearchHelper extends HelperBase /** * Obtener los resultados de una búsqueda * - * @throws \Psr\Container\ContainerExceptionInterface + * @throws \SP\Core\Exceptions\ConstraintException + * @throws \SP\Core\Exceptions\QueryException + * @throws \SP\Core\Exceptions\SPException */ public function getAccountSearch() { @@ -303,7 +303,7 @@ class AccountSearchHelper extends HelperBase { $accountSearchFilter = $this->context->getSearchFilters(); - if ($accountSearchFilter !== null && empty(Request::analyzeString('sk'))) { + if ($accountSearchFilter !== null && empty($this->request->analyzeString('sk'))) { // Obtener el filtro de búsqueda desde la sesión return $accountSearchFilter; } @@ -312,16 +312,16 @@ class AccountSearchHelper extends HelperBase $limitCount = ($userPreferences->getResultsPerPage() > 0) ? $userPreferences->getResultsPerPage() : $this->configData->getAccountCount(); $accountSearchFilter = new AccountSearchFilter(); - $accountSearchFilter->setSortKey(Request::analyzeInt('skey', 0)); - $accountSearchFilter->setSortOrder(Request::analyzeInt('sorder', 0)); - $accountSearchFilter->setLimitStart(Request::analyzeInt('start', 0)); - $accountSearchFilter->setLimitCount(Request::analyzeInt('rpp', $limitCount)); - $accountSearchFilter->setGlobalSearch(Request::analyzeBool('gsearch', false)); - $accountSearchFilter->setClientId(Request::analyzeInt('client')); - $accountSearchFilter->setCategoryId(Request::analyzeInt('category')); - $accountSearchFilter->setTagsId(Request::analyzeArray('tags')); - $accountSearchFilter->setSearchFavorites(Request::analyzeBool('searchfav', false)); - $accountSearchFilter->setTxtSearch(Request::analyzeString('search')); + $accountSearchFilter->setSortKey($this->request->analyzeInt('skey', 0)); + $accountSearchFilter->setSortOrder($this->request->analyzeInt('sorder', 0)); + $accountSearchFilter->setLimitStart($this->request->analyzeInt('start', 0)); + $accountSearchFilter->setLimitCount($this->request->analyzeInt('rpp', $limitCount)); + $accountSearchFilter->setGlobalSearch($this->request->analyzeBool('gsearch', false)); + $accountSearchFilter->setClientId($this->request->analyzeInt('client')); + $accountSearchFilter->setCategoryId($this->request->analyzeInt('category')); + $accountSearchFilter->setTagsId($this->request->analyzeArray('tags')); + $accountSearchFilter->setSearchFavorites($this->request->analyzeBool('searchfav', false)); + $accountSearchFilter->setTxtSearch($this->request->analyzeString('search')); $accountSearchFilter->setSortViews($userPreferences->isSortViews()); return $accountSearchFilter; diff --git a/app/modules/web/Controllers/Helpers/HelperBase.php b/app/modules/web/Controllers/Helpers/HelperBase.php index a717f181..c3ef4a78 100644 --- a/app/modules/web/Controllers/Helpers/HelperBase.php +++ b/app/modules/web/Controllers/Helpers/HelperBase.php @@ -2,8 +2,8 @@ /** * sysPass * - * @author nuxsmin - * @link https://syspass.org + * @author nuxsmin + * @link https://syspass.org * @copyright 2012-2018, Rubén Domínguez nuxsmin@$syspass.org * * This file is part of sysPass. @@ -31,6 +31,7 @@ use SP\Config\ConfigData; use SP\Core\Context\ContextInterface; use SP\Core\Context\SessionContext; use SP\Core\Events\EventDispatcher; +use SP\Http\Request; use SP\Mvc\View\Template; /** @@ -64,6 +65,10 @@ abstract class HelperBase * @var ContainerInterface */ protected $dic; + /** + * @var Request + */ + protected $request; /** * Constructor @@ -77,6 +82,7 @@ abstract class HelperBase final public function __construct(Template $template, Config $config, ContextInterface $context, EventDispatcher $eventDispatcher, Container $container) { $this->dic = $container; + $this->request = $this->dic->get(Request::class); $this->view = $template; $this->config = $config; $this->configData = $config->getConfigData(); diff --git a/app/modules/web/Controllers/Helpers/LayoutHelper.php b/app/modules/web/Controllers/Helpers/LayoutHelper.php index 692cde41..1c7319d6 100644 --- a/app/modules/web/Controllers/Helpers/LayoutHelper.php +++ b/app/modules/web/Controllers/Helpers/LayoutHelper.php @@ -34,6 +34,7 @@ use SP\Core\Plugin\PluginUtil; use SP\Core\UI\Theme; use SP\Core\UI\ThemeInterface; use SP\Html\DataGrid\DataGridAction; +use SP\Http\Uri; use SP\Services\Install\Installer; use SP\Util\Checks; use SP\Util\Util; @@ -59,6 +60,7 @@ class LayoutHelper extends HelperBase * * @param string $page Page/view name * @param Acl $acl + * * @return LayoutHelper */ public function getFullLayout($page, Acl $acl = null) @@ -135,18 +137,25 @@ class LayoutHelper extends HelperBase { $version = Util::getVersionStringNormalized(); - $jsUri = Bootstrap::$WEBURI . '/index.php?r=resource/js'; - $jsVersionHash = md5($version); - $this->view->append('jsLinks', $jsUri . '&v=' . $jsVersionHash); - $this->view->append('jsLinks', $jsUri . '&g=1&v=' . $jsVersionHash); + $jsUri = new Uri(Bootstrap::$WEBURI . '/index.php'); + $jsUri->addParam('_r', 'resource/js'); + $jsUri->addParam('_v', md5($version)); + + $this->view->append('jsLinks', $jsUri->getUriSigned($this->configData->getPasswordSalt())); + + $jsUri->resetParams() + ->addParam('g', 1); + + $this->view->append('jsLinks', $jsUri->getUriSigned($this->configData->getPasswordSalt())); $themeInfo = $this->theme->getThemeInfo(); if (isset($themeInfo['js'])) { - $themeJsBase = urlencode($this->theme->getThemePath() . DIRECTORY_SEPARATOR . 'js'); - $themeJsFiles = urlencode(implode(',', $themeInfo['js'])); + $jsUri->resetParams() + ->addParam('b', $this->theme->getThemePath() . DIRECTORY_SEPARATOR . 'js') + ->addParam('f', implode(',', $themeInfo['js'])); - $this->view->append('jsLinks', $jsUri . '&f=' . $themeJsFiles . '&b=' . $themeJsBase . '&v=' . $jsVersionHash); + $this->view->append('jsLinks', $jsUri->getUriSigned($this->configData->getPasswordSalt())); } $userPreferences = $this->context->getUserData()->getPreferences(); @@ -157,9 +166,11 @@ class LayoutHelper extends HelperBase $resultsAsCards = $this->configData->isResultsAsCards(); } - $cssUri = Bootstrap::$WEBURI . '/index.php?r=resource/css'; - $cssVersionHash = md5($version . $resultsAsCards); - $this->view->append('cssLinks', $cssUri . '&v=' . $cssVersionHash); + $cssUri = new Uri(Bootstrap::$WEBURI . '/index.php'); + $cssUri->addParam('_r', 'resource/css'); + $cssUri->addParam('_v', md5($version . $resultsAsCards)); + + $this->view->append('cssLinks', $cssUri->getUriSigned($this->configData->getPasswordSalt())); if (isset($themeInfo['css'])) { $themeInfo['css'][] = $resultsAsCards ? 'search-card.min.css' : 'search-grid.min.css'; @@ -168,24 +179,33 @@ class LayoutHelper extends HelperBase $themeInfo['css'][] = 'styles-wiki.min.css'; } - $themeCssBase = urlencode($this->theme->getThemePath() . DIRECTORY_SEPARATOR . 'css'); - $themeCssFiles = urlencode(implode(',', $themeInfo['css'])); + $cssUri->resetParams() + ->addParam('b', $this->theme->getThemePath() . DIRECTORY_SEPARATOR . 'css') + ->addParam('f', implode(',', $themeInfo['css'])); - $this->view->append('cssLinks', $cssUri . '&f=' . $themeCssFiles . '&b=' . $themeCssBase . '&v=' . $jsVersionHash); + $this->view->append('cssLinks', $cssUri->getUriSigned($this->configData->getPasswordSalt())); } // Cargar los recursos de los plugins - foreach (PluginUtil::getLoadedPlugins() as $Plugin) { - $base = str_replace(BASE_PATH, '', $Plugin->getBase()); - $jsResources = $Plugin->getJsResources(); - $cssResources = $Plugin->getCssResources(); + foreach (PluginUtil::getLoadedPlugins() as $plugin) { + $base = str_replace(BASE_PATH, '', $plugin->getBase()); + $jsResources = $plugin->getJsResources(); + $cssResources = $plugin->getCssResources(); if (count($jsResources) > 0) { - $this->view->append('jsLinks', $jsUri . '&f=' . urlencode(implode(',', $jsResources)) . '&b=' . urlencode($base . DIRECTORY_SEPARATOR . 'js') . '&v=' . $jsVersionHash); + $jsUri->resetParams() + ->addParam('b', $base . DIRECTORY_SEPARATOR . 'js') + ->addParam('f', implode(',', $jsResources)); + + $this->view->append('jsLinks', $jsUri->getUriSigned($this->configData->getPasswordSalt())); } if (count($cssResources) > 0) { - $this->view->append('cssLinks', $cssUri . '&f=' . urlencode(implode(',', $cssResources)) . '&b=' . urlencode($base . DIRECTORY_SEPARATOR . 'css') . '&v=' . $jsVersionHash); + $cssUri->resetParams() + ->addParam('b', $base . DIRECTORY_SEPARATOR . 'css') + ->addParam('f', implode(',', $cssResources)); + + $this->view->append('cssLinks', $cssUri->getUriSigned($this->configData->getPasswordSalt())); } } } @@ -327,6 +347,7 @@ class LayoutHelper extends HelperBase * * @param string $template * @param string $page Page/view name + * * @return LayoutHelper */ public function getPublicLayout($template, $page = '') @@ -346,6 +367,7 @@ class LayoutHelper extends HelperBase * * @param string $template * @param string $page Page/view name + * * @return LayoutHelper */ public function getCustomLayout($template, $page = '') diff --git a/app/modules/web/Controllers/InstallController.php b/app/modules/web/Controllers/InstallController.php index 865d796d..94576e6c 100644 --- a/app/modules/web/Controllers/InstallController.php +++ b/app/modules/web/Controllers/InstallController.php @@ -29,7 +29,6 @@ use Psr\Container\NotFoundExceptionInterface; use SP\Core\Exceptions\SPException; use SP\Core\Language; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\LayoutHelper; use SP\Modules\Web\Controllers\Traits\JsonTrait; use SP\Mvc\View\Components\SelectItemAdapter; @@ -106,15 +105,15 @@ class InstallController extends ControllerBase public function installAction() { $installData = new InstallData(); - $installData->setSiteLang(Request::analyzeString('sitelang', 'en_US')); - $installData->setAdminLogin(Request::analyzeString('adminlogin', 'admin')); - $installData->setAdminPass(Request::analyzeEncrypted('adminpass')); - $installData->setMasterPassword(Request::analyzeEncrypted('masterpassword')); - $installData->setDbAdminUser(Request::analyzeString('dbuser', 'root')); - $installData->setDbAdminPass(Request::analyzeEncrypted('dbpass')); - $installData->setDbName(Request::analyzeString('dbname', 'syspass')); - $installData->setDbHost(Request::analyzeString('dbhost', 'localhost')); - $installData->setHostingMode(Request::analyzeBool('hostingmode', false)); + $installData->setSiteLang($this->request->analyzeString('sitelang', 'en_US')); + $installData->setAdminLogin($this->request->analyzeString('adminlogin', 'admin')); + $installData->setAdminPass($this->request->analyzeEncrypted('adminpass')); + $installData->setMasterPassword($this->request->analyzeEncrypted('masterpassword')); + $installData->setDbAdminUser($this->request->analyzeString('dbuser', 'root')); + $installData->setDbAdminPass($this->request->analyzeEncrypted('dbpass')); + $installData->setDbName($this->request->analyzeString('dbname', 'syspass')); + $installData->setDbHost($this->request->analyzeString('dbhost', 'localhost')); + $installData->setHostingMode($this->request->analyzeBool('hostingmode', false)); try { $this->dic->get(Installer::class)->run($installData); diff --git a/app/modules/web/Controllers/ItemManagerController.php b/app/modules/web/Controllers/ItemManagerController.php index cb870929..79d134a8 100644 --- a/app/modules/web/Controllers/ItemManagerController.php +++ b/app/modules/web/Controllers/ItemManagerController.php @@ -27,7 +27,6 @@ namespace SP\Modules\Web\Controllers; use SP\Core\Acl\Acl; use SP\Core\Events\Event; use SP\DataModel\ItemSearchData; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\ItemsGridHelper; use SP\Modules\Web\Controllers\Helpers\TabsGridHelper; use SP\Services\Account\AccountFileService; @@ -118,7 +117,7 @@ class ItemManagerController extends ControllerBase $this->eventDispatcher->notifyEvent('show.itemlist.items', new Event($this)); - $this->tabsGridHelper->renderTabs(Acl::getActionRoute(Acl::ITEMS_MANAGE), Request::analyzeInt('tabIndex', 0)); + $this->tabsGridHelper->renderTabs(Acl::getActionRoute(Acl::ITEMS_MANAGE), $this->request->analyzeInt('tabIndex', 0)); $this->view(); } diff --git a/app/modules/web/Controllers/LoginController.php b/app/modules/web/Controllers/LoginController.php index f9f0c1d4..71a5edd7 100644 --- a/app/modules/web/Controllers/LoginController.php +++ b/app/modules/web/Controllers/LoginController.php @@ -28,6 +28,7 @@ use SP\Core\Context\SessionContext; use SP\Core\Crypt\Hash; use SP\Core\Events\Event; use SP\Core\Events\EventMessage; +use SP\Core\Exceptions\SPException; use SP\Core\SessionUtil; use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\LayoutHelper; @@ -52,12 +53,18 @@ class LoginController extends ControllerBase public function loginAction() { try { - $from = Request::analyzeString('from'); - $loginService = $this->dic->get(LoginService::class); - if ($from && Hash::checkMessage($from, $this->configData->getPasswordSalt(), Request::analyzeString('h'))) { - $loginService->setFrom($from); + $from = $this->request->analyzeString('from'); + + if ($from) { + try { + $this->request->verifySignature($this->configData->getPasswordSalt(), 'from'); + + $loginService->setFrom($from); + } catch (SPException $e) { + processException($e); + } } $loginResponmse = $loginService->doLogin(); @@ -134,12 +141,17 @@ class LoginController extends ControllerBase $this->view->assign('mailEnabled', $this->configData->isMailEnabled()); // $this->view->assign('updated', SessionFactory::getAppUpdated()); - $from = Request::analyzeString('from'); - $hash = Request::analyzeString('h'); + $from = $this->request->analyzeString('from'); - if ($from && Hash::checkMessage($from, $this->configData->getPasswordSalt(), $hash)) { - $this->view->assign('from', $from); - $this->view->assign('from_hash', $hash); + if ($from) { + try { + $this->request->verifySignature($this->configData->getPasswordSalt()); + + $this->view->assign('from', $from); + $this->view->assign('from_hash', Hash::signMessage($from, $this->configData->getPasswordSalt())); + } catch (SPException $e) { + processException($e); + } } $this->view(); diff --git a/app/modules/web/Controllers/NotificationController.php b/app/modules/web/Controllers/NotificationController.php index 0924e837..c635954a 100644 --- a/app/modules/web/Controllers/NotificationController.php +++ b/app/modules/web/Controllers/NotificationController.php @@ -83,7 +83,7 @@ class NotificationController extends ControllerBase implements CrudControllerInt protected function getSearchGrid() { $itemsGridHelper = $this->dic->get(ItemsGridHelper::class); - $itemSearchData = $this->getSearchData($this->configData->getAccountCount()); + $itemSearchData = $this->getSearchData($this->configData->getAccountCount(), $this->request); return $itemsGridHelper->updatePager($itemsGridHelper->getNotificationsGrid($this->notificationService->search($itemSearchData)), $itemSearchData); } @@ -241,9 +241,9 @@ class NotificationController extends ControllerBase implements CrudControllerInt try { if ($id === null) { if ($this->userData->getIsAdminApp()) { - $this->notificationService->deleteAdminBatch($this->getItemsIdFromRequest()); + $this->notificationService->deleteAdminBatch($this->getItemsIdFromRequest($this->request)); } else { - $this->notificationService->deleteByIdBatch($this->getItemsIdFromRequest()); + $this->notificationService->deleteByIdBatch($this->getItemsIdFromRequest($this->request)); } $this->eventDispatcher->notifyEvent('delete.notification.selection', diff --git a/app/modules/web/Controllers/PluginController.php b/app/modules/web/Controllers/PluginController.php index 7df5e548..61297f59 100644 --- a/app/modules/web/Controllers/PluginController.php +++ b/app/modules/web/Controllers/PluginController.php @@ -31,7 +31,6 @@ use SP\Core\Events\Event; use SP\Core\Events\EventMessage; use SP\DataModel\PluginData; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\ItemsGridHelper; use SP\Modules\Web\Controllers\Traits\ItemTrait; use SP\Modules\Web\Controllers\Traits\JsonTrait; @@ -80,7 +79,7 @@ class PluginController extends ControllerBase protected function getSearchGrid() { $itemsGridHelper = $this->dic->get(ItemsGridHelper::class); - $itemSearchData = $this->getSearchData($this->configData->getAccountCount()); + $itemSearchData = $this->getSearchData($this->configData->getAccountCount(), $this->request); return $itemsGridHelper->updatePager($itemsGridHelper->getPluginsGrid($this->pluginService->search($itemSearchData)), $itemSearchData); } @@ -98,7 +97,7 @@ class PluginController extends ControllerBase } $this->view->addTemplate('datagrid-table', 'grid'); - $this->view->assign('index', Request::analyzeInt('activetab', 0)); + $this->view->assign('index', $this->request->analyzeInt('activetab', 0)); $this->view->assign('data', $this->getSearchGrid()); $this->returnJsonResponseData(['html' => $this->render()]); diff --git a/app/modules/web/Controllers/PublicLinkController.php b/app/modules/web/Controllers/PublicLinkController.php index c7905d95..12cd442e 100644 --- a/app/modules/web/Controllers/PublicLinkController.php +++ b/app/modules/web/Controllers/PublicLinkController.php @@ -32,7 +32,6 @@ use SP\Core\Exceptions\ValidationException; use SP\DataModel\PublicLinkData; use SP\DataModel\PublicLinkListData; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\ItemsGridHelper; use SP\Modules\Web\Controllers\Traits\ItemTrait; use SP\Modules\Web\Controllers\Traits\JsonTrait; @@ -70,7 +69,7 @@ class PublicLinkController extends ControllerBase implements CrudControllerInter } $this->view->addTemplate('datagrid-table', 'grid'); - $this->view->assign('index', Request::analyzeInt('activetab', 0)); + $this->view->assign('index', $this->request->analyzeInt('activetab', 0)); $this->view->assign('data', $this->getSearchGrid()); $this->returnJsonResponseData(['html' => $this->render()]); @@ -86,7 +85,7 @@ class PublicLinkController extends ControllerBase implements CrudControllerInter protected function getSearchGrid() { $itemsGridHelper = $this->dic->get(ItemsGridHelper::class); - $itemSearchData = $this->getSearchData($this->configData->getAccountCount()); + $itemSearchData = $this->getSearchData($this->configData->getAccountCount(), $this->request); return $itemsGridHelper->updatePager($itemsGridHelper->getPublicLinksGrid($this->publicLinkService->search($itemSearchData)), $itemSearchData); } @@ -224,7 +223,7 @@ class PublicLinkController extends ControllerBase implements CrudControllerInter try { if ($id === null) { - $this->publicLinkService->deleteByIdBatch($this->getItemsIdFromRequest()); + $this->publicLinkService->deleteByIdBatch($this->getItemsIdFromRequest($this->request)); $this->deleteCustomFieldsForItem(Acl::PUBLICLINK, $id); diff --git a/app/modules/web/Controllers/ResourceController.php b/app/modules/web/Controllers/ResourceController.php index 430a1c96..627d4352 100644 --- a/app/modules/web/Controllers/ResourceController.php +++ b/app/modules/web/Controllers/ResourceController.php @@ -24,8 +24,8 @@ namespace SP\Modules\Web\Controllers; +use SP\Core\Exceptions\SPException; use SP\Html\Minify; -use SP\Http\Request; /** * Class ResourceController @@ -42,11 +42,14 @@ class ResourceController extends SimpleControllerBase /** * @throws \Psr\Container\ContainerExceptionInterface * @throws \Psr\Container\NotFoundExceptionInterface + * @throws SPException */ public function cssAction() { - $file = Request::analyzeString('f'); - $base = Request::analyzeString('b'); + $this->request->verifySignature($this->configData->getPasswordSalt()); + + $file = $this->request->analyzeString('f'); + $base = $this->request->analyzeString('b'); $minify = $this->dic->get(Minify::class); @@ -73,11 +76,14 @@ class ResourceController extends SimpleControllerBase /** * @throws \Psr\Container\ContainerExceptionInterface * @throws \Psr\Container\NotFoundExceptionInterface + * @throws SPException */ public function jsAction() { - $file = Request::analyzeString('f'); - $base = Request::analyzeString('b'); + $this->request->verifySignature($this->configData->getPasswordSalt()); + + $file = $this->request->analyzeString('f'); + $base = $this->request->analyzeString('b'); $minify = $this->dic->get(Minify::class); @@ -90,7 +96,7 @@ class ResourceController extends SimpleControllerBase $minify->setType(Minify::FILETYPE_JS) ->setBase(PUBLIC_PATH . DIRECTORY_SEPARATOR . 'js'); - $group = Request::analyzeInt('g', 0); + $group = $this->request->analyzeInt('g', 0); if ($group === 0) { $minify->addFiles([ diff --git a/app/modules/web/Controllers/SimpleControllerBase.php b/app/modules/web/Controllers/SimpleControllerBase.php index abe8c1f0..cbf14708 100644 --- a/app/modules/web/Controllers/SimpleControllerBase.php +++ b/app/modules/web/Controllers/SimpleControllerBase.php @@ -35,6 +35,7 @@ use SP\Core\Context\ContextInterface; use SP\Core\Context\SessionContext; use SP\Core\Events\EventDispatcher; use SP\Core\UI\Theme; +use SP\Http\Request; use SP\Mvc\Controller\ControllerTrait; /** @@ -86,6 +87,10 @@ abstract class SimpleControllerBase * @var ConfigData */ protected $configData; + /** + * @var Request + */ + protected $request; /** * SimpleControllerBase constructor. @@ -109,6 +114,7 @@ abstract class SimpleControllerBase $this->theme = $this->dic->get(Theme::class); $this->eventDispatcher = $this->dic->get(EventDispatcher::class); $this->router = $this->dic->get(Klein::class); + $this->request = $this->dic->get(Request::class); $this->acl = $this->dic->get(Acl::class); if (method_exists($this, 'initialize')) { @@ -121,8 +127,12 @@ abstract class SimpleControllerBase */ protected function checks() { - $this->checkLoggedInSession($this->session, $this->router); - $this->checkSecurityToken($this->session); + $this->checkLoggedInSession($this->session, $this->request, function ($redirect) { + $this->router->response() + ->redirect($redirect) + ->send(true); + }); + $this->checkSecurityToken($this->session, $this->request); } /** diff --git a/app/modules/web/Controllers/TagController.php b/app/modules/web/Controllers/TagController.php index ed7a47cd..1b065353 100644 --- a/app/modules/web/Controllers/TagController.php +++ b/app/modules/web/Controllers/TagController.php @@ -29,7 +29,6 @@ use SP\Core\Events\Event; use SP\Core\Exceptions\ValidationException; use SP\DataModel\TagData; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\ItemsGridHelper; use SP\Modules\Web\Controllers\Traits\ItemTrait; use SP\Modules\Web\Controllers\Traits\JsonTrait; @@ -64,7 +63,7 @@ class TagController extends ControllerBase implements CrudControllerInterface } $this->view->addTemplate('datagrid-table', 'grid'); - $this->view->assign('index', Request::analyzeInt('activetab', 0)); + $this->view->assign('index', $this->request->analyzeInt('activetab', 0)); $this->view->assign('data', $this->getSearchGrid()); $this->returnJsonResponseData(['html' => $this->render()]); @@ -80,7 +79,7 @@ class TagController extends ControllerBase implements CrudControllerInterface protected function getSearchGrid() { $itemsGridHelper = $this->dic->get(ItemsGridHelper::class); - $itemSearchData = $this->getSearchData($this->configData->getAccountCount()); + $itemSearchData = $this->getSearchData($this->configData->getAccountCount(), $this->request); return $itemsGridHelper->updatePager($itemsGridHelper->getTagsGrid($this->tagService->search($itemSearchData)), $itemSearchData); } @@ -186,7 +185,7 @@ class TagController extends ControllerBase implements CrudControllerInterface try { if ($id === null) { - $this->tagService->deleteByIdBatch($this->getItemsIdFromRequest()); + $this->tagService->deleteByIdBatch($this->getItemsIdFromRequest($this->request)); $this->deleteCustomFieldsForItem(Acl::TAG, $id); diff --git a/app/modules/web/Controllers/Traits/ItemTrait.php b/app/modules/web/Controllers/Traits/ItemTrait.php index 1ba9121e..acdfd115 100644 --- a/app/modules/web/Controllers/Traits/ItemTrait.php +++ b/app/modules/web/Controllers/Traits/ItemTrait.php @@ -95,15 +95,17 @@ trait ItemTrait * * @param int $moduleId * @param int|int[] $itemId + * @param Request $request + * * @throws SPException - * @throws \Psr\Container\ContainerExceptionInterface - * @throws \Psr\Container\NotFoundExceptionInterface * @throws \SP\Core\Exceptions\ConstraintException * @throws \SP\Core\Exceptions\QueryException + * @throws \SP\Repositories\NoSuchItemException + * @throws \SP\Services\ServiceException */ - protected function addCustomFieldsForItem($moduleId, $itemId) + protected function addCustomFieldsForItem($moduleId, $itemId, Request $request) { - if ($customFields = Request::analyzeArray('customfield')) { + if ($customFields = $request->analyzeArray('customfield')) { $customFieldService = Bootstrap::getContainer()->get(CustomFieldService::class); try { @@ -147,15 +149,15 @@ trait ItemTrait * * @param int $moduleId * @param int|int[] $itemId + * @param Request $request + * * @throws SPException - * @throws \Psr\Container\ContainerExceptionInterface - * @throws \Psr\Container\NotFoundExceptionInterface * @throws \SP\Core\Exceptions\ConstraintException * @throws \SP\Core\Exceptions\QueryException */ - protected function updateCustomFieldsForItem($moduleId, $itemId) + protected function updateCustomFieldsForItem($moduleId, $itemId, Request $request) { - if ($customFields = Request::analyzeArray('customfield')) { + if ($customFields = $request->analyzeArray('customfield')) { $customFieldService = Bootstrap::getContainer()->get(CustomFieldService::class); try { @@ -177,24 +179,28 @@ trait ItemTrait /** * Returns search data object for the current request * - * @param int $limitCount + * @param int $limitCount + * @param Request $request + * * @return ItemSearchData */ - protected function getSearchData($limitCount) + protected function getSearchData($limitCount, Request $request) { $itemSearchData = new ItemSearchData(); - $itemSearchData->setSeachString(Request::analyzeString('search')); - $itemSearchData->setLimitStart(Request::analyzeInt('start')); - $itemSearchData->setLimitCount(Request::analyzeInt('count', $limitCount)); + $itemSearchData->setSeachString($request->analyzeString('search')); + $itemSearchData->setLimitStart($request->analyzeInt('start', 0)); + $itemSearchData->setLimitCount($request->analyzeInt('count', $limitCount)); return $itemSearchData; } /** + * @param Request $request + * * @return mixed */ - protected function getItemsIdFromRequest() + protected function getItemsIdFromRequest(Request $request) { - return Request::analyzeArray('items'); + return $request->analyzeArray('items'); } } \ No newline at end of file diff --git a/app/modules/web/Controllers/UpgradeController.php b/app/modules/web/Controllers/UpgradeController.php index 727b206b..d90c14a5 100644 --- a/app/modules/web/Controllers/UpgradeController.php +++ b/app/modules/web/Controllers/UpgradeController.php @@ -25,7 +25,6 @@ namespace SP\Modules\Web\Controllers; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\LayoutHelper; use SP\Modules\Web\Controllers\Traits\JsonTrait; use SP\Services\Upgrade\UpgradeAppService; @@ -58,11 +57,11 @@ class UpgradeController extends ControllerBase */ public function upgradeAction() { - if (Request::analyzeBool('chkConfirm', false) === false) { + if ($this->request->analyzeBool('chkConfirm', false) === false) { $this->returnJsonResponse(JsonResponse::JSON_ERROR, __u('Es necesario confirmar la actualización')); } - if (Request::analyzeString('key') !== $this->configData->getUpgradeKey()) { + if ($this->request->analyzeString('key') !== $this->configData->getUpgradeKey()) { $this->returnJsonResponse(JsonResponse::JSON_ERROR, __u('Código de seguridad incorrecto')); } diff --git a/app/modules/web/Controllers/UserController.php b/app/modules/web/Controllers/UserController.php index 559e98a7..56c46fa4 100644 --- a/app/modules/web/Controllers/UserController.php +++ b/app/modules/web/Controllers/UserController.php @@ -30,7 +30,6 @@ use SP\Core\Events\EventMessage; use SP\Core\Exceptions\ValidationException; use SP\DataModel\UserData; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\ItemsGridHelper; use SP\Modules\Web\Controllers\Traits\ItemTrait; use SP\Modules\Web\Controllers\Traits\JsonTrait; @@ -71,7 +70,7 @@ class UserController extends ControllerBase implements CrudControllerInterface } $this->view->addTemplate('datagrid-table', 'grid'); - $this->view->assign('index', Request::analyzeInt('activetab', 0)); + $this->view->assign('index', $this->request->analyzeInt('activetab', 0)); $this->view->assign('data', $this->getSearchGrid()); $this->returnJsonResponseData(['html' => $this->render()]); @@ -87,7 +86,7 @@ class UserController extends ControllerBase implements CrudControllerInterface protected function getSearchGrid() { $itemsGridHelper = $this->dic->get(ItemsGridHelper::class); - $itemSearchData = $this->getSearchData($this->configData->getAccountCount()); + $itemSearchData = $this->getSearchData($this->configData->getAccountCount(), $this->request); return $itemsGridHelper->updatePager($itemsGridHelper->getUsersGrid($this->userService->search($itemSearchData)), $itemSearchData); } @@ -261,7 +260,7 @@ class UserController extends ControllerBase implements CrudControllerInterface try { if ($id === null) { - $this->userService->deleteByIdBatch($this->getItemsIdFromRequest()); + $this->userService->deleteByIdBatch($this->getItemsIdFromRequest($this->request)); $this->deleteCustomFieldsForItem(Acl::USER, $id); @@ -307,7 +306,7 @@ class UserController extends ControllerBase implements CrudControllerInterface $id = $this->userService->create($itemData); - $this->addCustomFieldsForItem(Acl::USER, $id); + $this->addCustomFieldsForItem(Acl::USER, $id, $this->request); $this->eventDispatcher->notifyEvent('create.user', new Event($this, EventMessage::factory() @@ -368,7 +367,7 @@ class UserController extends ControllerBase implements CrudControllerInterface $this->userService->update($itemData); - $this->updateCustomFieldsForItem(Acl::USER, $id); + $this->updateCustomFieldsForItem(Acl::USER, $id, $this->request); $this->eventDispatcher->notifyEvent('edit.user', new Event($this, EventMessage::factory() diff --git a/app/modules/web/Controllers/UserGroupController.php b/app/modules/web/Controllers/UserGroupController.php index fea0b0f9..afb68c5f 100644 --- a/app/modules/web/Controllers/UserGroupController.php +++ b/app/modules/web/Controllers/UserGroupController.php @@ -30,7 +30,6 @@ use SP\Core\Events\EventMessage; use SP\Core\Exceptions\ValidationException; use SP\DataModel\UserGroupData; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\ItemsGridHelper; use SP\Modules\Web\Controllers\Traits\ItemTrait; use SP\Modules\Web\Controllers\Traits\JsonTrait; @@ -72,7 +71,7 @@ class UserGroupController extends ControllerBase implements CrudControllerInterf } $this->view->addTemplate('datagrid-table', 'grid'); - $this->view->assign('index', Request::analyzeInt('activetab', 0)); + $this->view->assign('index', $this->request->analyzeInt('activetab', 0)); $this->view->assign('data', $this->getSearchGrid()); $this->returnJsonResponseData(['html' => $this->render()]); @@ -88,7 +87,7 @@ class UserGroupController extends ControllerBase implements CrudControllerInterf protected function getSearchGrid() { $itemsGridHelper = $this->dic->get(ItemsGridHelper::class); - $itemSearchData = $this->getSearchData($this->configData->getAccountCount()); + $itemSearchData = $this->getSearchData($this->configData->getAccountCount(), $this->request); return $itemsGridHelper->updatePager($itemsGridHelper->getUserGroupsGrid($this->userGroupService->search($itemSearchData)), $itemSearchData); } @@ -201,7 +200,7 @@ class UserGroupController extends ControllerBase implements CrudControllerInterf try { if ($id === null) { - $this->userGroupService->deleteByIdBatch($this->getItemsIdFromRequest()); + $this->userGroupService->deleteByIdBatch($this->getItemsIdFromRequest($this->request)); $this->deleteCustomFieldsForItem(Acl::GROUP, $id); @@ -247,7 +246,7 @@ class UserGroupController extends ControllerBase implements CrudControllerInterf $id = $this->userGroupService->create($groupData, $groupData->getUsers()); - $this->addCustomFieldsForItem(Acl::GROUP, $id); + $this->addCustomFieldsForItem(Acl::GROUP, $id, $this->request); $this->eventDispatcher->notifyEvent('create.userGroup', new Event($this, EventMessage::factory() @@ -287,7 +286,7 @@ class UserGroupController extends ControllerBase implements CrudControllerInterf $this->userGroupService->update($groupData); - $this->updateCustomFieldsForItem(Acl::GROUP, $id); + $this->updateCustomFieldsForItem(Acl::GROUP, $id, $this->request); $this->eventDispatcher->notifyEvent('edit.userGroup', new Event($this, EventMessage::factory() diff --git a/app/modules/web/Controllers/UserPassResetController.php b/app/modules/web/Controllers/UserPassResetController.php index a5ab12f1..02445332 100644 --- a/app/modules/web/Controllers/UserPassResetController.php +++ b/app/modules/web/Controllers/UserPassResetController.php @@ -29,7 +29,6 @@ use SP\Core\Events\EventMessage; use SP\Core\Exceptions\SPException; use SP\Core\Exceptions\ValidationException; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\LayoutHelper; use SP\Modules\Web\Controllers\Traits\JsonTrait; use SP\Repositories\Track\TrackRequest; @@ -82,8 +81,8 @@ class UserPassResetController extends ControllerBase try { $this->checkTracking(); - $login = Request::analyzeString('login'); - $email = Request::analyzeEmail('email'); + $login = $this->request->analyzeString('login'); + $email = $this->request->analyzeEmail('email'); $userData = $this->dic->get(UserService::class)->getByLogin($login); @@ -163,8 +162,8 @@ class UserPassResetController extends ControllerBase try { $this->checkTracking(); - $pass = Request::analyzeEncrypted('password'); - $passR = Request::analyzeEncrypted('password_repeat'); + $pass = $this->request->analyzeEncrypted('password'); + $passR = $this->request->analyzeEncrypted('password_repeat'); if (!$pass || !$passR) { throw new ValidationException(__u('La clave no puede estar en blanco')); @@ -174,7 +173,7 @@ class UserPassResetController extends ControllerBase throw new ValidationException(__u('Las claves no coinciden')); } - $hash = Request::analyzeString('hash'); + $hash = $this->request->analyzeString('hash'); $userPassRecoverService = $this->dic->get(UserPassRecoverService::class); $userId = $userPassRecoverService->getUserIdForHash($hash); diff --git a/app/modules/web/Controllers/UserProfileController.php b/app/modules/web/Controllers/UserProfileController.php index d4e72b14..53dcd89c 100644 --- a/app/modules/web/Controllers/UserProfileController.php +++ b/app/modules/web/Controllers/UserProfileController.php @@ -31,7 +31,6 @@ use SP\Core\Exceptions\ValidationException; use SP\DataModel\ProfileData; use SP\DataModel\UserProfileData; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\ItemsGridHelper; use SP\Modules\Web\Controllers\Traits\ItemTrait; use SP\Modules\Web\Controllers\Traits\JsonTrait; @@ -66,7 +65,7 @@ class UserProfileController extends ControllerBase implements CrudControllerInte } $this->view->addTemplate('datagrid-table', 'grid'); - $this->view->assign('index', Request::analyzeInt('activetab', 0)); + $this->view->assign('index', $this->request->analyzeInt('activetab', 0)); $this->view->assign('data', $this->getSearchGrid()); $this->returnJsonResponseData(['html' => $this->render()]); @@ -82,7 +81,7 @@ class UserProfileController extends ControllerBase implements CrudControllerInte protected function getSearchGrid() { $itemsGridHelper = $this->dic->get(ItemsGridHelper::class); - $itemSearchData = $this->getSearchData($this->configData->getAccountCount()); + $itemSearchData = $this->getSearchData($this->configData->getAccountCount(), $this->request); return $itemsGridHelper->updatePager($itemsGridHelper->getUserProfilesGrid($this->userProfileService->search($itemSearchData)), $itemSearchData); } @@ -196,7 +195,7 @@ class UserProfileController extends ControllerBase implements CrudControllerInte try { if ($id === null) { - $this->userProfileService->deleteByIdBatch($this->getItemsIdFromRequest()); + $this->userProfileService->deleteByIdBatch($this->getItemsIdFromRequest($this->request)); $this->deleteCustomFieldsForItem(Acl::PROFILE, $id); @@ -242,7 +241,7 @@ class UserProfileController extends ControllerBase implements CrudControllerInte $id = $this->userProfileService->create($profileData); - $this->addCustomFieldsForItem(Acl::PROFILE, $id); + $this->addCustomFieldsForItem(Acl::PROFILE, $id, $this->request); $this->eventDispatcher->notifyEvent('create.userProfile', new Event($this)); @@ -279,7 +278,7 @@ class UserProfileController extends ControllerBase implements CrudControllerInte $this->userProfileService->update($profileData); // $this->userProfileService->logAction($id, Acl::PROFILE_EDIT); - $this->updateCustomFieldsForItem(Acl::PROFILE, $id); + $this->updateCustomFieldsForItem(Acl::PROFILE, $id, $this->request); $this->eventDispatcher->notifyEvent('edit.userProfile', new Event($this)); diff --git a/app/modules/web/Controllers/UserSettingsGeneralController.php b/app/modules/web/Controllers/UserSettingsGeneralController.php index 639750bb..4079e5ed 100644 --- a/app/modules/web/Controllers/UserSettingsGeneralController.php +++ b/app/modules/web/Controllers/UserSettingsGeneralController.php @@ -25,7 +25,6 @@ namespace SP\Modules\Web\Controllers; use SP\Http\JsonResponse; -use SP\Http\Request; use SP\Modules\Web\Controllers\Traits\JsonTrait; use SP\Services\User\UserService; @@ -52,14 +51,14 @@ class UserSettingsGeneralController extends SimpleControllerBase $userPreferencesData = clone $userData->getPreferences(); $userPreferencesData->setUserId($userData->getId()); - $userPreferencesData->setLang(Request::analyzeString('userlang')); - $userPreferencesData->setTheme(Request::analyzeString('usertheme', 'material-blue')); - $userPreferencesData->setResultsPerPage(Request::analyzeInt('resultsperpage', 12)); - $userPreferencesData->setAccountLink(Request::analyzeBool('account_link', false)); - $userPreferencesData->setSortViews(Request::analyzeBool('sort_views', false)); - $userPreferencesData->setTopNavbar(Request::analyzeBool('top_navbar', false)); - $userPreferencesData->setOptionalActions(Request::analyzeBool('optional_actions', false)); - $userPreferencesData->setResultsAsCards(Request::analyzeBool('resultsascards', false)); + $userPreferencesData->setLang($this->request->analyzeString('userlang')); + $userPreferencesData->setTheme($this->request->analyzeString('usertheme', 'material-blue')); + $userPreferencesData->setResultsPerPage($this->request->analyzeInt('resultsperpage', 12)); + $userPreferencesData->setAccountLink($this->request->analyzeBool('account_link', false)); + $userPreferencesData->setSortViews($this->request->analyzeBool('sort_views', false)); + $userPreferencesData->setTopNavbar($this->request->analyzeBool('top_navbar', false)); + $userPreferencesData->setOptionalActions($this->request->analyzeBool('optional_actions', false)); + $userPreferencesData->setResultsAsCards($this->request->analyzeBool('resultsascards', false)); try { $this->userService->updatePreferencesById($userData->getId(), $userPreferencesData); diff --git a/app/modules/web/Controllers/UserSettingsManagerController.php b/app/modules/web/Controllers/UserSettingsManagerController.php index e8be566f..21f11d07 100644 --- a/app/modules/web/Controllers/UserSettingsManagerController.php +++ b/app/modules/web/Controllers/UserSettingsManagerController.php @@ -27,7 +27,6 @@ namespace SP\Modules\Web\Controllers; use SP\Core\Acl\Acl; use SP\Core\Events\Event; use SP\Core\Language; -use SP\Http\Request; use SP\Modules\Web\Controllers\Helpers\TabsHelper; use SP\Mvc\View\Components\DataTab; use SP\Mvc\View\Components\SelectItemAdapter; @@ -60,7 +59,7 @@ class UserSettingsManagerController extends ControllerBase $this->eventDispatcher->notifyEvent('show.userSettings', new Event($this)); - $this->tabsHelper->renderTabs(Acl::getActionRoute(Acl::USERSETTINGS), Request::analyzeInt('tabIndex', 0)); + $this->tabsHelper->renderTabs(Acl::getActionRoute(Acl::USERSETTINGS), $this->request->analyzeInt('tabIndex', 0)); $this->view(); } diff --git a/app/modules/web/Forms/AccountForm.php b/app/modules/web/Forms/AccountForm.php index e775645c..ecf2e4bb 100644 --- a/app/modules/web/Forms/AccountForm.php +++ b/app/modules/web/Forms/AccountForm.php @@ -27,8 +27,6 @@ namespace SP\Modules\Web\Forms; use SP\Account\AccountRequest; use SP\Core\Acl\ActionsInterface; use SP\Core\Exceptions\ValidationException; -use SP\DataModel\AccountPermissionData; -use SP\Http\Request; /** * Class AccountForm @@ -80,32 +78,32 @@ class AccountForm extends FormBase implements FormInterface { $this->accountRequest = new AccountRequest(); $this->accountRequest->id = $this->itemId; - $this->accountRequest->name = Request::analyzeString('name'); - $this->accountRequest->clientId = Request::analyzeInt('client_id', 0); - $this->accountRequest->categoryId = Request::analyzeInt('category_id', 0); - $this->accountRequest->login = Request::analyzeString('login'); - $this->accountRequest->url = Request::analyzeString('url'); - $this->accountRequest->notes = Request::analyzeString('notes'); + $this->accountRequest->name = $this->request->analyzeString('name'); + $this->accountRequest->clientId = $this->request->analyzeInt('client_id', 0); + $this->accountRequest->categoryId = $this->request->analyzeInt('category_id', 0); + $this->accountRequest->login = $this->request->analyzeString('login'); + $this->accountRequest->url = $this->request->analyzeString('url'); + $this->accountRequest->notes = $this->request->analyzeString('notes'); $this->accountRequest->userEditId = $this->context->getUserData()->getId(); - $this->accountRequest->otherUserEdit = (int)Request::analyzeBool('other_user_edit_enabled', false); - $this->accountRequest->otherUserGroupEdit = (int)Request::analyzeBool('other_usergroup_edit_enabled', false); - $this->accountRequest->pass = Request::analyzeEncrypted('password'); - $this->accountRequest->isPrivate = (int)Request::analyzeBool('private_enabled', false); - $this->accountRequest->isPrivateGroup = (int)Request::analyzeBool('private_group_enabled', false); - $this->accountRequest->passDateChange = Request::analyzeInt('password_date_expire_unix'); - $this->accountRequest->parentId = Request::analyzeInt('parent_account_id'); - $this->accountRequest->userGroupId = Request::analyzeInt('main_usergroup_id'); + $this->accountRequest->otherUserEdit = (int)$this->request->analyzeBool('other_user_edit_enabled', false); + $this->accountRequest->otherUserGroupEdit = (int)$this->request->analyzeBool('other_usergroup_edit_enabled', false); + $this->accountRequest->pass = $this->request->analyzeEncrypted('password'); + $this->accountRequest->isPrivate = (int)$this->request->analyzeBool('private_enabled', false); + $this->accountRequest->isPrivateGroup = (int)$this->request->analyzeBool('private_group_enabled', false); + $this->accountRequest->passDateChange = $this->request->analyzeInt('password_date_expire_unix'); + $this->accountRequest->parentId = $this->request->analyzeInt('parent_account_id'); + $this->accountRequest->userGroupId = $this->request->analyzeInt('main_usergroup_id'); // Arrays - $accountOtherGroupsView = Request::analyzeArray('other_usergroups_view'); - $accountOtherGroupsEdit = Request::analyzeArray('other_usergroups_edit'); - $accountOtherUsersView = Request::analyzeArray('other_users_view'); - $accountOtherUsersEdit = Request::analyzeArray('other_users_edit'); - $accountTags = Request::analyzeArray('tags'); + $accountOtherGroupsView = $this->request->analyzeArray('other_usergroups_view'); + $accountOtherGroupsEdit = $this->request->analyzeArray('other_usergroups_edit'); + $accountOtherUsersView = $this->request->analyzeArray('other_users_view'); + $accountOtherUsersEdit = $this->request->analyzeArray('other_users_edit'); + $accountTags = $this->request->analyzeArray('tags'); - $this->accountRequest->updateUserGroupPermissions = Request::analyzeInt('other_usergroups_view_update') === 1 || Request::analyzeInt('other_usergroups_edit_update') === 1; - $this->accountRequest->updateUserPermissions = Request::analyzeInt('other_users_view_update') === 1 || Request::analyzeInt('other_users_edit_update') === 1; - $this->accountRequest->updateTags = Request::analyzeInt('tags_update') === 1; + $this->accountRequest->updateUserGroupPermissions = $this->request->analyzeInt('other_usergroups_view_update') === 1 || $this->request->analyzeInt('other_usergroups_edit_update') === 1; + $this->accountRequest->updateUserPermissions = $this->request->analyzeInt('other_users_view_update') === 1 || $this->request->analyzeInt('other_users_edit_update') === 1; + $this->accountRequest->updateTags = $this->request->analyzeInt('tags_update') === 1; if ($accountOtherUsersView) { $this->accountRequest->usersView = $accountOtherUsersView; @@ -140,7 +138,7 @@ class AccountForm extends FormBase implements FormInterface throw new ValidationException(__u('Es necesaria una clave')); } - if (Request::analyzeEncrypted('password_repeat') !== $this->accountRequest->pass) { + if ($this->request->analyzeEncrypted('password_repeat') !== $this->accountRequest->pass) { throw new ValidationException(__u('Las claves no coinciden')); } } diff --git a/app/modules/web/Forms/AuthTokenForm.php b/app/modules/web/Forms/AuthTokenForm.php index e6679e6c..6ee799b0 100644 --- a/app/modules/web/Forms/AuthTokenForm.php +++ b/app/modules/web/Forms/AuthTokenForm.php @@ -27,7 +27,6 @@ namespace SP\Modules\Web\Forms; use SP\Core\Acl\ActionsInterface; use SP\Core\Exceptions\ValidationException; use SP\DataModel\AuthTokenData; -use SP\Http\Request; /** * Class ApiTokenForm @@ -72,13 +71,13 @@ class AuthTokenForm extends FormBase implements FormInterface */ protected function analyzeRequestData() { - $this->refresh = Request::analyzeBool('refreshtoken', false); + $this->refresh = $this->request->analyzeBool('refreshtoken', false); $this->authTokenData = new AuthTokenData(); $this->authTokenData->setId($this->itemId); - $this->authTokenData->setUserId(Request::analyzeInt('users')); - $this->authTokenData->setActionId(Request::analyzeInt('actions')); - $this->authTokenData->setHash(Request::analyzeEncrypted('pass')); + $this->authTokenData->setUserId($this->request->analyzeInt('users')); + $this->authTokenData->setActionId($this->request->analyzeInt('actions')); + $this->authTokenData->setHash($this->request->analyzeEncrypted('pass')); } /** diff --git a/app/modules/web/Forms/CategoryForm.php b/app/modules/web/Forms/CategoryForm.php index 48d0312a..753457d8 100644 --- a/app/modules/web/Forms/CategoryForm.php +++ b/app/modules/web/Forms/CategoryForm.php @@ -27,7 +27,6 @@ namespace SP\Modules\Web\Forms; use SP\Core\Acl\ActionsInterface; use SP\Core\Exceptions\ValidationException; use SP\DataModel\CategoryData; -use SP\Http\Request; /** * Class CategoryForm @@ -70,8 +69,8 @@ class CategoryForm extends FormBase implements FormInterface { $this->categoryData = new CategoryData(); $this->categoryData->setId($this->itemId); - $this->categoryData->setName(Request::analyzeString('name')); - $this->categoryData->setDescription(Request::analyzeString('description')); + $this->categoryData->setName($this->request->analyzeString('name')); + $this->categoryData->setDescription($this->request->analyzeString('description')); } /** diff --git a/app/modules/web/Forms/ClientForm.php b/app/modules/web/Forms/ClientForm.php index 452cd7b9..aaecf13b 100644 --- a/app/modules/web/Forms/ClientForm.php +++ b/app/modules/web/Forms/ClientForm.php @@ -27,7 +27,6 @@ namespace SP\Modules\Web\Forms; use SP\Core\Acl\ActionsInterface; use SP\Core\Exceptions\ValidationException; use SP\DataModel\ClientData; -use SP\Http\Request; /** * Class ClientForm @@ -70,9 +69,9 @@ class ClientForm extends FormBase implements FormInterface { $this->clientData = new ClientData(); $this->clientData->setId($this->itemId); - $this->clientData->setName(Request::analyzeString('name')); - $this->clientData->setDescription(Request::analyzeString('description')); - $this->clientData->setIsGlobal(Request::analyzeBool('isglobal', false)); + $this->clientData->setName($this->request->analyzeString('name')); + $this->clientData->setDescription($this->request->analyzeString('description')); + $this->clientData->setIsGlobal($this->request->analyzeBool('isglobal', false)); } /** diff --git a/app/modules/web/Forms/CustomFieldDefForm.php b/app/modules/web/Forms/CustomFieldDefForm.php index 6d245498..c2640583 100644 --- a/app/modules/web/Forms/CustomFieldDefForm.php +++ b/app/modules/web/Forms/CustomFieldDefForm.php @@ -27,7 +27,6 @@ namespace SP\Modules\Web\Forms; use SP\Core\Acl\ActionsInterface; use SP\Core\Exceptions\ValidationException; use SP\DataModel\CustomFieldDefinitionData; -use SP\Http\Request; /** * Class CustomFieldDefForm @@ -70,12 +69,12 @@ class CustomFieldDefForm extends FormBase implements FormInterface { $this->customFieldDefData = new CustomFieldDefinitionData(); $this->customFieldDefData->setId($this->itemId); - $this->customFieldDefData->setName(Request::analyzeString('name')); - $this->customFieldDefData->setTypeId(Request::analyzeInt('type')); - $this->customFieldDefData->setModuleId(Request::analyzeInt('module')); - $this->customFieldDefData->setHelp(Request::analyzeString('help')); - $this->customFieldDefData->setRequired(Request::analyzeBool('required', false)); - $this->customFieldDefData->setIsEncrypted(Request::analyzeBool('encrypted', false)); + $this->customFieldDefData->setName($this->request->analyzeString('name')); + $this->customFieldDefData->setTypeId($this->request->analyzeInt('type')); + $this->customFieldDefData->setModuleId($this->request->analyzeInt('module')); + $this->customFieldDefData->setHelp($this->request->analyzeString('help')); + $this->customFieldDefData->setRequired($this->request->analyzeBool('required', false)); + $this->customFieldDefData->setIsEncrypted($this->request->analyzeBool('encrypted', false)); } /** diff --git a/app/modules/web/Forms/FormBase.php b/app/modules/web/Forms/FormBase.php index b11e9af3..1b98bc5c 100644 --- a/app/modules/web/Forms/FormBase.php +++ b/app/modules/web/Forms/FormBase.php @@ -2,8 +2,8 @@ /** * sysPass * - * @author nuxsmin - * @link https://syspass.org + * @author nuxsmin + * @link https://syspass.org * @copyright 2012-2018, Rubén Domínguez nuxsmin@$syspass.org * * This file is part of sysPass. @@ -29,6 +29,7 @@ use SP\Config\ConfigData; use SP\Core\Context\ContextInterface; use SP\Core\Context\SessionContext; use SP\Core\Dic\InjectableTrait; +use SP\Http\Request; /** * Class FormBase @@ -55,11 +56,16 @@ abstract class FormBase * @var SessionContext */ protected $context; + /** + * @var Request + */ + protected $request; /** * FormBase constructor. * * @param $itemId + * * @throws \SP\Core\Dic\ContainerException */ public function __construct($itemId = null) @@ -73,12 +79,14 @@ abstract class FormBase /** * @param Config $config * @param ContextInterface $session + * @param Request $request */ - public function inject(Config $config, ContextInterface $session) + public function inject(Config $config, ContextInterface $session, Request $request) { $this->config = $config; $this->configData = $config->getConfigData(); $this->context = $session; + $this->request = $request; } /** diff --git a/app/modules/web/Forms/NotificationForm.php b/app/modules/web/Forms/NotificationForm.php index 08ed71f0..6f18b3eb 100644 --- a/app/modules/web/Forms/NotificationForm.php +++ b/app/modules/web/Forms/NotificationForm.php @@ -28,7 +28,6 @@ use SP\Core\Acl\ActionsInterface; use SP\Core\Exceptions\ValidationException; use SP\Core\Messages\NotificationMessage; use SP\DataModel\NotificationData; -use SP\Http\Request; /** * Class NotificationForm @@ -71,15 +70,15 @@ class NotificationForm extends FormBase implements FormInterface { $this->notificationData = new NotificationData(); $this->notificationData->setId($this->itemId); - $this->notificationData->setType(Request::analyzeString('notification_type')); - $this->notificationData->setComponent(Request::analyzeString('notification_component')); - $this->notificationData->setDescription(NotificationMessage::factory()->addDescription(Request::analyzeString('notification_description'))); - $this->notificationData->setUserId(Request::analyzeInt('notification_user')); - $this->notificationData->setChecked(Request::analyzeBool('notification_checkout', false)); + $this->notificationData->setType($this->request->analyzeString('notification_type')); + $this->notificationData->setComponent($this->request->analyzeString('notification_component')); + $this->notificationData->setDescription(NotificationMessage::factory()->addDescription($this->request->analyzeString('notification_description'))); + $this->notificationData->setUserId($this->request->analyzeInt('notification_user')); + $this->notificationData->setChecked($this->request->analyzeBool('notification_checkout', false)); if ($this->context->getUserData()->getIsAdminApp() && $this->notificationData->getUserId() === 0) { - $this->notificationData->setOnlyAdmin(Request::analyzeBool('notification_onlyadmin', false)); - $this->notificationData->setSticky(Request::analyzeBool('notification_sticky', false)); + $this->notificationData->setOnlyAdmin($this->request->analyzeBool('notification_onlyadmin', false)); + $this->notificationData->setSticky($this->request->analyzeBool('notification_sticky', false)); } } diff --git a/app/modules/web/Forms/PublicLinkForm.php b/app/modules/web/Forms/PublicLinkForm.php index 238e05ae..01644ec9 100644 --- a/app/modules/web/Forms/PublicLinkForm.php +++ b/app/modules/web/Forms/PublicLinkForm.php @@ -27,7 +27,6 @@ namespace SP\Modules\Web\Forms; use SP\Core\Acl\ActionsInterface; use SP\Core\Exceptions\ValidationException; use SP\DataModel\PublicLinkData; -use SP\Http\Request; use SP\Mgmt\PublicLinks\PublicLink; use SP\Services\PublicLink\PublicLinkService; use SP\Util\Util; @@ -76,8 +75,8 @@ class PublicLinkForm extends FormBase implements FormInterface $this->publicLinkData = new PublicLinkData(); $this->publicLinkData->setId($this->itemId); $this->publicLinkData->setTypeId(PublicLinkService::TYPE_ACCOUNT); - $this->publicLinkData->setItemId(Request::analyzeInt('accountId')); - $this->publicLinkData->setNotify(Request::analyzeBool('notify', false)); + $this->publicLinkData->setItemId($this->request->analyzeInt('accountId')); + $this->publicLinkData->setNotify($this->request->analyzeBool('notify', false)); $this->publicLinkData->setHash(Util::generateRandomBytes()); } diff --git a/app/modules/web/Forms/TagForm.php b/app/modules/web/Forms/TagForm.php index 811a72bb..7065d8a9 100644 --- a/app/modules/web/Forms/TagForm.php +++ b/app/modules/web/Forms/TagForm.php @@ -27,7 +27,6 @@ namespace SP\Modules\Web\Forms; use SP\Core\Acl\ActionsInterface; use SP\Core\Exceptions\ValidationException; use SP\DataModel\TagData; -use SP\Http\Request; /** * Class TagForm @@ -70,7 +69,7 @@ class TagForm extends FormBase implements FormInterface { $this->tagData = new TagData(); $this->tagData->setId($this->itemId); - $this->tagData->setName(Request::analyzeString('name')); + $this->tagData->setName($this->request->analyzeString('name')); } /** diff --git a/app/modules/web/Forms/UserForm.php b/app/modules/web/Forms/UserForm.php index 63f66da8..2b5e9784 100644 --- a/app/modules/web/Forms/UserForm.php +++ b/app/modules/web/Forms/UserForm.php @@ -27,7 +27,6 @@ namespace SP\Modules\Web\Forms; use SP\Core\Acl\ActionsInterface; use SP\Core\Exceptions\ValidationException; use SP\DataModel\UserData; -use SP\Http\Request; /** * Class UserForm @@ -84,22 +83,22 @@ class UserForm extends FormBase implements FormInterface */ protected function analyzeRequestData() { - $this->isLdap = Request::analyzeInt('isLdap', 0); + $this->isLdap = $this->request->analyzeInt('isLdap', 0); $this->userData = new UserData(); $this->userData->setId($this->itemId); - $this->userData->setName(Request::analyzeString('name')); - $this->userData->setLogin(Request::analyzeString('login')); - $this->userData->setSsoLogin(Request::analyzeString('login_sso')); - $this->userData->setEmail(Request::analyzeEmail('email')); - $this->userData->setNotes(Request::analyzeString('notes')); - $this->userData->setUserGroupId(Request::analyzeInt('usergroup_id')); - $this->userData->setUserProfileId(Request::analyzeInt('userprofile_id')); - $this->userData->setIsAdminApp(Request::analyzeBool('adminapp_enabled', false)); - $this->userData->setIsAdminAcc(Request::analyzeBool('adminacc_enabled', false)); - $this->userData->setIsDisabled(Request::analyzeBool('disabled', false)); - $this->userData->setIsChangePass(Request::analyzeBool('changepass_enabled', false)); - $this->userData->setPass(Request::analyzeEncrypted('password')); + $this->userData->setName($this->request->analyzeString('name')); + $this->userData->setLogin($this->request->analyzeString('login')); + $this->userData->setSsoLogin($this->request->analyzeString('login_sso')); + $this->userData->setEmail($this->request->analyzeEmail('email')); + $this->userData->setNotes($this->request->analyzeString('notes')); + $this->userData->setUserGroupId($this->request->analyzeInt('usergroup_id')); + $this->userData->setUserProfileId($this->request->analyzeInt('userprofile_id')); + $this->userData->setIsAdminApp($this->request->analyzeBool('adminapp_enabled', false)); + $this->userData->setIsAdminAcc($this->request->analyzeBool('adminacc_enabled', false)); + $this->userData->setIsDisabled($this->request->analyzeBool('disabled', false)); + $this->userData->setIsChangePass($this->request->analyzeBool('changepass_enabled', false)); + $this->userData->setPass($this->request->analyzeEncrypted('password')); $this->userData->setIsLdap($this->isLdap); } @@ -148,7 +147,7 @@ class UserForm extends FormBase implements FormInterface */ protected function checkPass() { - $userPassR = Request::analyzeEncrypted('password_repeat'); + $userPassR = $this->request->analyzeEncrypted('password_repeat'); if ($this->isDemo()) { throw new ValidationException(__u('Ey, esto es una DEMO!!')); diff --git a/app/modules/web/Forms/UserGroupForm.php b/app/modules/web/Forms/UserGroupForm.php index 7afc055c..fcdc0eb9 100644 --- a/app/modules/web/Forms/UserGroupForm.php +++ b/app/modules/web/Forms/UserGroupForm.php @@ -27,7 +27,6 @@ namespace SP\Modules\Web\Forms; use SP\Core\Acl\ActionsInterface; use SP\Core\Exceptions\ValidationException; use SP\DataModel\UserGroupData; -use SP\Http\Request; /** * Class UserGroupForm @@ -70,9 +69,9 @@ class UserGroupForm extends FormBase implements FormInterface { $this->groupData = new UserGroupData(); $this->groupData->setId($this->itemId); - $this->groupData->setName(Request::analyzeString('name')); - $this->groupData->setDescription(Request::analyzeString('description')); - $this->groupData->setUsers(Request::analyzeArray('users')); + $this->groupData->setName($this->request->analyzeString('name')); + $this->groupData->setDescription($this->request->analyzeString('description')); + $this->groupData->setUsers($this->request->analyzeArray('users')); } /** diff --git a/app/modules/web/Forms/UserProfileForm.php b/app/modules/web/Forms/UserProfileForm.php index 76283550..07fc7c4f 100644 --- a/app/modules/web/Forms/UserProfileForm.php +++ b/app/modules/web/Forms/UserProfileForm.php @@ -28,7 +28,6 @@ use SP\Core\Acl\ActionsInterface; use SP\Core\Exceptions\ValidationException; use SP\DataModel\ProfileData; use SP\DataModel\UserProfileData; -use SP\Http\Request; /** * Class UserProfileForm @@ -70,38 +69,38 @@ class UserProfileForm extends FormBase implements FormInterface protected function analyzeRequestData() { $profileData = new ProfileData(); - $profileData->setAccAdd(Request::analyzeBool('profile_accadd', false)); - $profileData->setAccView(Request::analyzeBool('profile_accview', false)); - $profileData->setAccViewPass(Request::analyzeBool('profile_accviewpass', false)); - $profileData->setAccViewHistory(Request::analyzeBool('profile_accviewhistory', false)); - $profileData->setAccEdit(Request::analyzeBool('profile_accedit', false)); - $profileData->setAccEditPass(Request::analyzeBool('profile_acceditpass', false)); - $profileData->setAccDelete(Request::analyzeBool('profile_accdel', false)); - $profileData->setAccFiles(Request::analyzeBool('profile_accfiles', false)); - $profileData->setAccPublicLinks(Request::analyzeBool('profile_accpublinks', false)); - $profileData->setAccPrivate(Request::analyzeBool('profile_accprivate', false)); - $profileData->setAccPrivateGroup(Request::analyzeBool('profile_accprivategroup', false)); - $profileData->setAccPermission(Request::analyzeBool('profile_accpermissions', false)); - $profileData->setAccGlobalSearch(Request::analyzeBool('profile_accglobalsearch', false)); - $profileData->setConfigGeneral(Request::analyzeBool('profile_config', false)); - $profileData->setConfigEncryption(Request::analyzeBool('profile_configmpw', false)); - $profileData->setConfigBackup(Request::analyzeBool('profile_configback', false)); - $profileData->setConfigImport(Request::analyzeBool('profile_configimport', false)); - $profileData->setMgmCategories(Request::analyzeBool('profile_categories', false)); - $profileData->setMgmCustomers(Request::analyzeBool('profile_customers', false)); - $profileData->setMgmCustomFields(Request::analyzeBool('profile_customfields', false)); - $profileData->setMgmUsers(Request::analyzeBool('profile_users', false)); - $profileData->setMgmGroups(Request::analyzeBool('profile_groups', false)); - $profileData->setMgmProfiles(Request::analyzeBool('profile_profiles', false)); - $profileData->setMgmApiTokens(Request::analyzeBool('profile_apitokens', false)); - $profileData->setMgmPublicLinks(Request::analyzeBool('profile_publinks', false)); - $profileData->setMgmAccounts(Request::analyzeBool('profile_accounts', false)); - $profileData->setMgmFiles(Request::analyzeBool('profile_files', false)); - $profileData->setMgmTags(Request::analyzeBool('profile_tags', false)); - $profileData->setEvl(Request::analyzeBool('profile_eventlog', false)); + $profileData->setAccAdd($this->request->analyzeBool('profile_accadd', false)); + $profileData->setAccView($this->request->analyzeBool('profile_accview', false)); + $profileData->setAccViewPass($this->request->analyzeBool('profile_accviewpass', false)); + $profileData->setAccViewHistory($this->request->analyzeBool('profile_accviewhistory', false)); + $profileData->setAccEdit($this->request->analyzeBool('profile_accedit', false)); + $profileData->setAccEditPass($this->request->analyzeBool('profile_acceditpass', false)); + $profileData->setAccDelete($this->request->analyzeBool('profile_accdel', false)); + $profileData->setAccFiles($this->request->analyzeBool('profile_accfiles', false)); + $profileData->setAccPublicLinks($this->request->analyzeBool('profile_accpublinks', false)); + $profileData->setAccPrivate($this->request->analyzeBool('profile_accprivate', false)); + $profileData->setAccPrivateGroup($this->request->analyzeBool('profile_accprivategroup', false)); + $profileData->setAccPermission($this->request->analyzeBool('profile_accpermissions', false)); + $profileData->setAccGlobalSearch($this->request->analyzeBool('profile_accglobalsearch', false)); + $profileData->setConfigGeneral($this->request->analyzeBool('profile_config', false)); + $profileData->setConfigEncryption($this->request->analyzeBool('profile_configmpw', false)); + $profileData->setConfigBackup($this->request->analyzeBool('profile_configback', false)); + $profileData->setConfigImport($this->request->analyzeBool('profile_configimport', false)); + $profileData->setMgmCategories($this->request->analyzeBool('profile_categories', false)); + $profileData->setMgmCustomers($this->request->analyzeBool('profile_customers', false)); + $profileData->setMgmCustomFields($this->request->analyzeBool('profile_customfields', false)); + $profileData->setMgmUsers($this->request->analyzeBool('profile_users', false)); + $profileData->setMgmGroups($this->request->analyzeBool('profile_groups', false)); + $profileData->setMgmProfiles($this->request->analyzeBool('profile_profiles', false)); + $profileData->setMgmApiTokens($this->request->analyzeBool('profile_apitokens', false)); + $profileData->setMgmPublicLinks($this->request->analyzeBool('profile_publinks', false)); + $profileData->setMgmAccounts($this->request->analyzeBool('profile_accounts', false)); + $profileData->setMgmFiles($this->request->analyzeBool('profile_files', false)); + $profileData->setMgmTags($this->request->analyzeBool('profile_tags', false)); + $profileData->setEvl($this->request->analyzeBool('profile_eventlog', false)); $this->userProfileData = new UserProfileData(); - $this->userProfileData->setName(Request::analyzeString('profile_name')); + $this->userProfileData->setName($this->request->analyzeString('profile_name')); $this->userProfileData->setId($this->itemId); $this->userProfileData->setProfile($profileData); } diff --git a/app/modules/web/Init.php b/app/modules/web/Init.php index cf0164d2..b7a17ffc 100644 --- a/app/modules/web/Init.php +++ b/app/modules/web/Init.php @@ -35,7 +35,6 @@ use SP\Core\Crypt\Session as CryptSession; use SP\Core\Language; use SP\Core\ModuleBase; use SP\Core\UI\Theme; -use SP\Http\Request; use SP\Services\Crypt\SecureSessionService; use SP\Services\Upgrade\UpgradeAppService; use SP\Services\Upgrade\UpgradeDatabaseService; @@ -109,7 +108,7 @@ class Init extends ModuleBase $this->initSession($this->configData->isEncryptSession()); // Volver a cargar la configuración si se recarga la página - if (Request::checkReload($this->router) === false) { + if ($this->request->checkReload() === false) { // Cargar la configuración $this->config->loadConfig($this->context); diff --git a/lib/SP/Controller/ChecksController.php b/lib/SP/Controller/ChecksController.php index 624538cf..427cfd23 100644 --- a/lib/SP/Controller/ChecksController.php +++ b/lib/SP/Controller/ChecksController.php @@ -86,7 +86,7 @@ class ChecksController implements ItemControllerInterface $ldapBase = Request::analyze('ldap_base'); $ldapGroup = Request::analyze('ldap_group'); $ldapBindUser = Request::analyze('ldap_binduser'); - $ldapBindPass = Request::analyzeEncrypted('ldap_bindpass'); + $ldapBindPass = Request::_analyzeEncrypted('ldap_bindpass'); if (!$ldapServer || !$ldapBase || !$ldapBindUser || !$ldapBindPass) { $this->JsonResponse->setDescription(__('Los parámetros de LDAP no están configurados', false)); @@ -121,7 +121,7 @@ class ChecksController implements ItemControllerInterface { $dokuWikiUrl = Request::analyze('dokuwiki_url'); $dokuWikiUser = Request::analyze('dokuwiki_user'); - $dokuWikiPass = Request::analyzeEncrypted('dokuwiki_pass'); + $dokuWikiPass = Request::_analyzeEncrypted('dokuwiki_pass'); if (!$dokuWikiUrl) { $this->JsonResponse->setDescription(__('Los parámetros de DokuWiki no están configurados', false)); diff --git a/lib/SP/Core/ModuleBase.php b/lib/SP/Core/ModuleBase.php index 04524ceb..eda55de7 100644 --- a/lib/SP/Core/ModuleBase.php +++ b/lib/SP/Core/ModuleBase.php @@ -30,6 +30,7 @@ use SP\Bootstrap; use SP\Config\Config; use SP\Core\Context\ContextInterface; use SP\Core\Events\EventDispatcher; +use SP\Http\Request; use SP\Providers\Log\DatabaseLogHandler; use SP\Providers\Log\RemoteSyslogHandler; use SP\Providers\Log\SyslogHandler; @@ -61,11 +62,16 @@ abstract class ModuleBase * @var Container */ protected $container; + /** + * @var Request + */ + protected $request; /** * Module constructor. * * @param Container $container + * * @throws \DI\DependencyException * @throws \DI\NotFoundException */ @@ -75,10 +81,12 @@ abstract class ModuleBase $this->config = $container->get(Config::class); $this->configData = $this->config->getConfigData(); $this->router = $container->get(Klein::class); + $this->request = $container->get(Request::class); } /** * @param string $controller + * * @return mixed */ abstract public function initialize($controller); @@ -89,6 +97,7 @@ abstract class ModuleBase * Devuelve un error 503 y un reintento de 120s al cliente. * * @param ContextInterface $context + * * @return bool */ public function checkMaintenanceMode(ContextInterface $context) diff --git a/lib/SP/Http/Request.php b/lib/SP/Http/Request.php index 62d85aea..48f7e5b0 100644 --- a/lib/SP/Http/Request.php +++ b/lib/SP/Http/Request.php @@ -24,10 +24,14 @@ namespace SP\Http; +use Klein\DataCollection\DataCollection; use Klein\Klein; use SP\Bootstrap; use SP\Core\Crypt\CryptPKI; +use SP\Core\Crypt\Hash; +use SP\Core\Exceptions\SPException; use SP\Html\Html; +use SP\Util\Filter; use SP\Util\Util; /** @@ -41,6 +45,37 @@ class Request * @var array Directorios seguros para include */ const SECURE_DIRS = ['css', 'js']; + /** + * @var \Klein\Request + */ + private $request; + /** + * @var DataCollection + */ + private $params; + + /** + * Request constructor. + * + * @param Klein $klein + */ + public function __construct(Klein $klein) + { + $this->request = $klein->request(); + $this->params = $this->getParamsByMethod(); + } + + /** + * @return DataCollection + */ + private function getParamsByMethod() + { + if ($this->request->method('GET')) { + return $this->request->paramsGet(); + } else { + return $this->request->paramsPost(); + } + } /** * Devolver las cabeceras enviadas desde el cliente. @@ -85,71 +120,6 @@ class Request return $headers; } - /** - * Analizar un valor encriptado y devolverlo desencriptado - * - * @param $param - * - * @return string - */ - public static function analyzeEncrypted($param) - { - $encryptedData = self::analyzeString($param); - - if ($encryptedData === null) { - return ''; - } - - try { - // Desencriptar con la clave RSA - $clearData = Bootstrap::getContainer()->get(CryptPKI::class) - ->decryptRSA(base64_decode($encryptedData)); - - // Desencriptar con la clave RSA - if ($clearData === false) { - debugLog('No RSA encrypted data from request'); - - return $encryptedData; - } - - return $clearData; - } catch (\Exception $e) { - processException($e); - - return $encryptedData; - } - } - - /** - * @param $param - * @param $default - * - * @return string - */ - public static function analyzeString($param, $default = null) - { - if (!isset($_REQUEST[$param])) { - return $default; - } - - return filter_var(trim($_REQUEST[$param]), FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES); - } - - /** - * @param $param - * @param $default - * - * @return string - */ - public static function analyzeEmail($param, $default = null) - { - if (!isset($_REQUEST[$param])) { - return $default; - } - - return filter_var(trim($_REQUEST[$param]), FILTER_SANITIZE_EMAIL); - } - /** * Obtener los valores de variables $_GET y $_POST * y devolverlos limpios con el tipo correcto o esperado. @@ -214,89 +184,6 @@ class Request return $value; } - /** - * @param string $param - * @param callable|null $mapper - * @param mixed $default - * - * @return mixed - */ - public static function analyzeArray($param, callable $mapper = null, $default = null) - { - if (isset($_REQUEST[$param]) && is_array($_REQUEST[$param])) { - if (is_callable($mapper)) { - return $mapper($_REQUEST[$param]); - } - - return array_map(function ($value) { - if (is_numeric($value)) { - return (int)filter_var($value, FILTER_SANITIZE_NUMBER_INT); - } else { - return (string)filter_var(trim($value), FILTER_SANITIZE_STRING); - } - }, $_REQUEST[$param]); - } - - return $default; - } - - /** - * @param $param - * @param $default - * - * @return int - */ - public static function analyzeInt($param, $default = null) - { - if (!isset($_REQUEST[$param])) { - return (int)$default; - } - - return (int)filter_var($_REQUEST[$param], FILTER_SANITIZE_NUMBER_INT); - } - - /** - * @param $param - * @param $default - * - * @return bool - */ - public static function analyzeBool($param, $default = null) - { - if (!isset($_REQUEST[$param])) { - return (bool)$default; - } - - return Util::boolval($_REQUEST[$param]); - } - - /** - * @param $param - * @param $default - * - * @return string - */ - public static function analyzePassword($param, $default = '') - { - if (!isset($_REQUEST[$param])) { - return (string)$default; - } - - return filter_var($_REQUEST[$param], FILTER_SANITIZE_STRING); - } - - /** - * Comprobar si se realiza una recarga de la página - * - * @param Klein $router - * - * @return bool - */ - public static function checkReload(Klein $router) - { - return $router->request()->headers()->get('Cache-Control') === 'max-age=0'; - } - /** * Comprobar si existen parámetros pasados por POST para enviarlos por GET */ @@ -355,4 +242,191 @@ class Request return $realPath; } + + /** + * Comprobar si se realiza una recarga de la página + * + * @return bool + */ + public function checkReload() + { + return $this->request->headers()->get('Cache-Control') === 'max-age=0'; + } + + /** + * @param $param + * @param $default + * + * @return string + * @deprecated + */ + public function analyzeEmail($param, $default = null) + { + if (!$this->params->exists($param)) { + return $default; + } + + return Filter::getEmail($this->params->get($param)); + } + + /** + * Analizar un valor encriptado y devolverlo desencriptado + * + * @param $param + * + * @return string + */ + public function analyzeEncrypted($param) + { + $encryptedData = $this->analyzeString($param); + + if ($encryptedData === null) { + return ''; + } + + try { + // Desencriptar con la clave RSA + $clearData = Bootstrap::getContainer()->get(CryptPKI::class) + ->decryptRSA(base64_decode($encryptedData)); + + // Desencriptar con la clave RSA + if ($clearData === false) { + debugLog('No RSA encrypted data from request'); + + return $encryptedData; + } + + return $clearData; + } catch (\Exception $e) { + processException($e); + + return $encryptedData; + } + } + + /** + * @param $param + * @param $default + * + * @return string + */ + public function analyzeString($param, $default = null) + { + if (!$this->params->exists($param)) { + return $default; + } + + return Filter::getString($this->params->get($param)); + } + + /** + * @param string $param + * @param callable|null $mapper + * @param mixed $default + * + * @return mixed + */ + public function analyzeArray($param, callable $mapper = null, $default = null) + { + if ($this->params->exists($param) + && is_array($this->params->get($param)) + ) { + if (is_callable($mapper)) { + return $mapper($this->params->get($param)); + } + + return array_map(function ($value) { + return is_numeric($value) ? $this->analyzeInt($value) : $this->analyzeString($value); + }, $this->params->get($param)); + } + + return $default; + } + + /** + * @param $param + * @param $default + * + * @return int + */ + public function analyzeInt($param, $default = null): int + { + if (!$this->params->exists($param)) { + return (int)$default; + } + + return Filter::getInt($this->params->get($param)); + } + + /** + * Comprobar si la petición es en formato JSON + * + * @return bool + */ + public function isJson() + { + return strpos($this->request->headers()->get('Accept'), 'application/json') !== false; + } + + /** + * Comprobar si la petición es Ajax + * + * @return bool + */ + public function isAjax() + { + return $this->request->headers()->get('X-Requested-With') === 'XMLHttpRequest' + || $this->analyzeInt('isAjax', 0) === 1; + } + + /** + * @param string $file + * + * @return array|null + */ + public function getFile(string $file) + { + return $this->request->files()->get($file); + } + + /** + * @param $param + * @param $default + * + * @return bool + */ + public function analyzeBool($param, $default = null) + { + if (!$this->params->exists($param)) { + return (bool)$default; + } + + return Util::boolval($this->params->get($param)); + } + + /** + * @param string $key + * @param string $param Checks the signature only for the given param + * + * @throws SPException + */ + public function verifySignature($key, $param = null) + { + $result = false; + + if (($hash = $this->params->get('h')) !== null) { + if ($param === null) { + $uri = str_replace('&h=' . $hash, '', $this->request->uri()); + $uri = substr($uri, strpos($uri, '?') + 1); + } else { + $uri = $this->params->get($param, ''); + } + + $result = Hash::checkMessage($uri, $key, $hash); + } + + if ($result === false) { + throw new SPException('URI string altered'); + } + } } \ No newline at end of file diff --git a/lib/SP/Http/Uri.php b/lib/SP/Http/Uri.php new file mode 100644 index 00000000..9a55c86b --- /dev/null +++ b/lib/SP/Http/Uri.php @@ -0,0 +1,116 @@ +. + */ + +namespace SP\Http; + +use SP\Core\Crypt\Hash; + +/** + * Class Uri + * + * @package SP\Http + */ +class Uri +{ + /** + * @var string + */ + private $base; + /** + * @var array + */ + private $params = []; + + /** + * Uri constructor. + * + * @param string $base + */ + public function __construct(string $base) + { + $this->base = $base; + } + + /** + * @param $key + * @param $value + * + * @return string + */ + private static function mapParts($key, $value) + { + if (strpos($key, '_') === 0) { + $key = substr($key, 1); + } + + return $key . '=' . urlencode($value); + } + + /** + * @param string $param Param's name. If an '_' is set at the beginning, it will be a protected param + * @param string $value + * + * @return Uri + */ + public function addParam(string $param, $value) + { + $this->params[$param] = (string)$value; + + return $this; + } + + /** + * @return string + */ + public function getUri(): string + { + return $this->base . '?' . implode('&', array_map([Uri::class, 'mapParts'], array_keys($this->params), $this->params)); + } + + /** + * @param string $key + * + * @return string + */ + public function getUriSigned(string $key): string + { + $uri = implode('&', array_map([Uri::class, 'mapParts'], array_keys($this->params), $this->params)); + + return $this->base . '?' . $uri . '&h=' . Hash::signMessage($uri, $key); + } + + /** + * Clear params array + * + * Only clears unprotected params (without '_' at the beginning of the param's name) + */ + public function resetParams() + { + $this->params = array_filter($this->params, function ($key) { + return strpos($key, '_') === 0; + }, ARRAY_FILTER_USE_KEY); + + return $this; + } +} \ No newline at end of file diff --git a/lib/SP/Mvc/Controller/ControllerTrait.php b/lib/SP/Mvc/Controller/ControllerTrait.php index 64fe5bd6..8b044dac 100644 --- a/lib/SP/Mvc/Controller/ControllerTrait.php +++ b/lib/SP/Mvc/Controller/ControllerTrait.php @@ -24,11 +24,11 @@ namespace SP\Mvc\Controller; -use Klein\Klein; use SP\Core\Context\ContextInterface; +use SP\Core\Exceptions\SPException; use SP\Http\JsonResponse; use SP\Http\Request; -use SP\Util\Checks; +use SP\Http\Uri; use SP\Util\Json; use SP\Util\Util; @@ -54,41 +54,52 @@ trait ControllerTrait * Comprobar si la sesión está activa * * @param ContextInterface $context - * @param Klein $router + * @param Request $request + * @param \Closure $onRedirect */ - protected function checkLoggedInSession(ContextInterface $context, Klein $router) + protected function checkLoggedInSession(ContextInterface $context, Request $request, \Closure $onRedirect) { if (!$context->isLoggedIn()) { - if (Checks::isJson($router)) { + if ($request->isJson()) { $JsonResponse = new JsonResponse(); $JsonResponse->setDescription(__u('La sesión no se ha iniciado o ha caducado')); $JsonResponse->setStatus(10); + Json::returnJson($JsonResponse); - } elseif (Checks::isAjax($router)) { + } elseif ($request->isAjax()) { Util::logout(); } else { - $route = Request::analyzeString('r'); - $hash = Request::analyzeString('h'); + try { + $route = $request->analyzeString('r'); + $hash = $request->analyzeString('h'); - if ($route && $hash) { - $redirect = 'index.php?r=login&from=' . urlencode($route) . '&h=' . $hash; - } else { - $redirect = 'index.php?r=login'; + $uri = new Uri('index.php'); + $uri->addParam('_r', 'login'); + + if ($route && $hash) { + $key = $context->getConfig()->getPasswordSalt(); + $request->verifySignature($key); + + $uri->addParam('from', $route); + + $onRedirect->call($this, $uri->getUriSigned($key)); + } else { + $onRedirect->call($this, $uri->getUri()); + } + } catch (SPException $e) { + processException($e); } - - $router->response() - ->redirect($redirect) - ->send(true); } } } /** * @param ContextInterface $context + * @param Request $request */ - protected function checkSecurityToken(ContextInterface $context) + protected function checkSecurityToken(ContextInterface $context, Request $request) { - $sk = Request::analyzeString('sk'); + $sk = $request->analyzeString('sk'); $sessionKey = $context->getSecurityKey(); if (!$sk || (null !== $sessionKey && $sessionKey !== $sk)) { diff --git a/lib/SP/Providers/Auth/AuthProvider.php b/lib/SP/Providers/Auth/AuthProvider.php index 36bab6c3..9cf7b4b8 100644 --- a/lib/SP/Providers/Auth/AuthProvider.php +++ b/lib/SP/Providers/Auth/AuthProvider.php @@ -65,7 +65,8 @@ class AuthProvider extends Provider * Probar los métodos de autentificación * * @param UserLoginData $userLoginData - * @return bool|array + * + * @return false|AuthResult[] */ public function doAuth(UserLoginData $userLoginData) { @@ -73,16 +74,16 @@ class AuthProvider extends Provider $auths = []; - /** @var AuthDataBase $pAuth */ - foreach ($this->auths as $pAuth) { - $pResult = $this->$pAuth(); + foreach ($this->auths as $authType) { + /** @var AuthDataBase $authDataBase */ + $authDataBase = $this->$authType(); - if ($pResult !== false) { - $auths[] = new AuthResult($pAuth, $pResult); + if ($authDataBase !== false) { + $auths[] = new AuthResult($authType, $authDataBase); } } - return (count($auths) > 0) ? $auths : false; + return count($auths) > 0 ? $auths : false; } /** @@ -172,18 +173,19 @@ class AuthProvider extends Provider * Registrar un método de autentificación primarios * * @param string $auth Función de autentificación + * * @throws AuthException */ protected function registerAuth($auth) { - if (array_key_exists($auth, $this->auths)) { - throw new AuthException(__u('Método ya inicializado'), AuthException::ERROR, __FUNCTION__); - } - if (!method_exists($this, $auth)) { throw new AuthException(__u('Método no disponible'), AuthException::ERROR, __FUNCTION__); } + if (array_key_exists($auth, $this->auths)) { + throw new AuthException(__u('Método ya inicializado'), AuthException::ERROR, __FUNCTION__); + } + $this->auths[$auth] = $auth; } } diff --git a/lib/SP/Services/Auth/LoginService.php b/lib/SP/Services/Auth/LoginService.php index 86ade2b5..c20d1914 100644 --- a/lib/SP/Services/Auth/LoginService.php +++ b/lib/SP/Services/Auth/LoginService.php @@ -37,7 +37,6 @@ use SP\DataModel\UserLoginData; use SP\DataModel\UserPreferencesData; use SP\Http\Request; use SP\Providers\Auth\AuthProvider; -use SP\Providers\Auth\AuthResult; use SP\Providers\Auth\AuthUtil; use SP\Providers\Auth\Browser\BrowserAuthData; use SP\Providers\Auth\Database\DatabaseAuthData; @@ -104,23 +103,10 @@ class LoginService extends Service * @var string */ protected $from; - /** - * @throws \Psr\Container\ContainerExceptionInterface - * @throws \Psr\Container\NotFoundExceptionInterface - * @throws \SP\Core\Exceptions\InvalidArgumentException + * @var Request */ - public function initialize() - { - $this->configData = $this->config->getConfigData(); - $this->theme = $this->dic->get(Theme::class); - $this->userService = $this->dic->get(UserService::class); - $this->language = $this->dic->get(Language::class); - $this->trackService = $this->dic->get(TrackService::class); - - $this->userLoginData = new UserLoginData(); - $this->trackRequest = TrackService::getTrackRequest('login'); - } + protected $request; /** * Ejecutar las acciones de login @@ -137,8 +123,8 @@ class LoginService extends Service */ public function doLogin() { - $this->userLoginData->setLoginUser(Request::analyzeString('user')); - $this->userLoginData->setLoginPass(Request::analyzeEncrypted('pass')); + $this->userLoginData->setLoginUser($this->request->analyzeString('user')); + $this->userLoginData->setLoginPass($this->request->analyzeEncrypted('pass')); if ($this->trackService->checkTracking($this->trackRequest)) { $this->addTracking(); @@ -154,9 +140,9 @@ class LoginService extends Service if (($result = $this->dic->get(AuthProvider::class)->doAuth($this->userLoginData)) !== false) { // Ejecutar la acción asociada al tipo de autentificación foreach ($result as $authResult) { - /** @var AuthResult $authResult */ if ($authResult->isAuthGranted() === true - && $this->{$authResult->getAuth()}($authResult->getData()) === true) { + && $this->{$authResult->getAuth()}($authResult->getData()) === true + ) { break; } } @@ -267,8 +253,8 @@ class LoginService extends Service $temporaryMasterPass = $this->dic->get(TemporaryMasterPassService::class); $userPassService = $this->dic->get(UserPassService::class); - $masterPass = Request::analyzeEncrypted('mpass'); - $oldPass = Request::analyzeEncrypted('oldpass'); + $masterPass = $this->request->analyzeString('mpass'); + $oldPass = $this->request->analyzeString('oldpass'); try { if ($masterPass) { @@ -412,10 +398,29 @@ class LoginService extends Service $this->from = $from; } + /** + * @throws \Psr\Container\ContainerExceptionInterface + * @throws \Psr\Container\NotFoundExceptionInterface + * @throws \SP\Core\Exceptions\InvalidArgumentException + */ + protected function initialize() + { + $this->configData = $this->config->getConfigData(); + $this->theme = $this->dic->get(Theme::class); + $this->userService = $this->dic->get(UserService::class); + $this->language = $this->dic->get(Language::class); + $this->trackService = $this->dic->get(TrackService::class); + $this->request = $this->dic->get(Request::class); + + $this->userLoginData = new UserLoginData(); + $this->trackRequest = TrackService::getTrackRequest('login'); + } + /** * Autentificación LDAP * * @param LdapAuthData $authData + * * @return bool * @throws \SP\Core\Exceptions\SPException * @throws AuthException @@ -525,6 +530,7 @@ class LoginService extends Service * Autentificación en BD * * @param DatabaseAuthData $authData + * * @return bool * @throws \SP\Core\Exceptions\SPException * @throws AuthException @@ -566,6 +572,7 @@ class LoginService extends Service * Comprobar si el cliente ha enviado las variables de autentificación * * @param BrowserAuthData $authData + * * @return mixed * @throws AuthException */ diff --git a/lib/SP/Util/Filter.php b/lib/SP/Util/Filter.php index 7f7383a0..bb3dc8a4 100644 --- a/lib/SP/Util/Filter.php +++ b/lib/SP/Util/Filter.php @@ -26,7 +26,6 @@ namespace SP\Util; defined('APP_ROOT') || die(); - /** * Class Filter para el filtrado de datos * @@ -38,10 +37,41 @@ class Filter * Limpiar una cadena de búsqueda de carácteres utilizados en expresiones regulares * * @param $string + * * @return mixed */ public static function safeSearchString($string) { return str_replace(['/', '[', '\\', ']', '%', '{', '}', '*', '$'], '', (string)$string); } + + /** + * @param $value + * + * @return string + */ + public static function getString($value): string + { + return filter_var(trim($value), FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES); + } + + /** + * @param $value + * + * @return int + */ + public static function getInt($value): int + { + return (int)filter_var($value, FILTER_SANITIZE_NUMBER_INT); + } + + /** + * @param $value + * + * @return string + */ + public static function getEmail($value): string + { + return filter_var(trim($value), FILTER_SANITIZE_EMAIL); + } } \ No newline at end of file diff --git a/lib/SP/Util/Util.php b/lib/SP/Util/Util.php index d28084fa..7dd33a57 100644 --- a/lib/SP/Util/Util.php +++ b/lib/SP/Util/Util.php @@ -28,7 +28,6 @@ use Defuse\Crypto\Core; use Defuse\Crypto\Encoding; use SP\Bootstrap; use SP\Config\ConfigData; -use SP\Core\Crypt\Hash; use SP\Core\Exceptions\SPException; use SP\Html\Html; use SP\Log\Log; @@ -49,6 +48,7 @@ class Util * @param bool $useNumbers Usar números * @param bool $useSpecial Usar carácteres especiales * @param bool $checKStrength + * * @return string */ public static function randomPassword($length = 16, $useNumbers = true, $useSpecial = true, $checKStrength = true) @@ -119,6 +119,7 @@ class Util * Generar una cadena aleatoria usuando criptografía. * * @param int $length opcional, con la longitud de la cadena + * * @return string * @throws \Defuse\Crypto\Exception\EnvironmentIsBrokenException */ @@ -133,6 +134,7 @@ class Util * * @param string $s con el nombre de la variable * @param string $d con el valor por defecto + * * @return string con el valor de la variable */ public static function init_var($s, $d = '') @@ -163,6 +165,7 @@ class Util * @param array $data * @param bool|null $useCookie * @param bool $weak + * * @return bool|string * @throws \Psr\Container\NotFoundExceptionInterface * @throws \Psr\Container\ContainerExceptionInterface @@ -295,6 +298,7 @@ class Util * Devuelve información sobre la aplicación. * * @param string $index con la key a devolver + * * @return array|string con las propiedades de la aplicación */ public static function getAppInfo($index = null) @@ -334,6 +338,7 @@ class Util * * @param string $currentVersion * @param array|string $upgradeableVersion + * * @return bool True si la versión es menor. */ public static function checkVersion($currentVersion, $upgradeableVersion) @@ -366,6 +371,7 @@ class Util * Devuelve una versión normalizada para poder ser comparada * * @param string $versionIn + * * @return string */ private static function normalizeVersionForCompare($versionIn) @@ -441,9 +447,11 @@ class Util * such as 'false','N','yes','on','off', etc. * * @author Samuel Levy + * * @param mixed $in The variable to check * @param bool $strict If set to false, consider everything that is not false to * be true. + * * @return bool The boolean equivalent or null (if strict, and no exact equivalent) */ public static function boolval($in, $strict = false) @@ -468,6 +476,7 @@ class Util * Recorrer un array y escapar los carácteres no válidos en Javascript. * * @param $array + * * @return array */ public static function arrayJSEscape(&$array) @@ -497,6 +506,7 @@ class Util * @param string $dstClass Class name * @param string|object $serialized * @param string $srcClass Nombre de la clase serializada + * * @return mixed * @link http://blog.jasny.net/articles/a-dark-corner-of-php-class-casting/ */ @@ -537,6 +547,7 @@ class Util * * @param $object * @param $class + * * @return mixed */ public static function castToClass($object, $class) @@ -554,6 +565,7 @@ class Util * Devuelve la última función llamada tras un error * * @param string $function La función utilizada como base + * * @return string */ public static function traceLastCall($function = null) @@ -578,6 +590,7 @@ class Util * * @param int $userId * @param string $subject + * * @return bool */ public static function lockApp($userId, $subject) @@ -633,14 +646,4 @@ class Util return [0, 0]; } - - /** - * @param string $route - * @param ConfigData $configData - * @return string - */ - public static function getSecureLink($route, ConfigData $configData) - { - return 'index.php?r=' . urlencode($route) . '&h=' . Hash::signMessage($route, $configData->getPasswordSalt()); - } }