[GitHub/WoltLab/WCF.git] / wcfsetup / install / files / lib / system / WCFACP.class.php

<?php
namespace wcf\system;
use wcf\acp\form\MasterPasswordForm;
use wcf\acp\form\MasterPasswordInitForm;
use wcf\data\menu\Menu;
use wcf\data\menu\MenuCache;
use wcf\system\application\ApplicationHandler;
use wcf\system\cache\builder\ACPSearchProviderCacheBuilder;
use wcf\system\event\EventHandler;
use wcf\system\exception\AJAXException;
use wcf\system\exception\PermissionDeniedException;
use wcf\system\exception\SystemException;
use wcf\system\request\LinkHandler;
use wcf\system\request\RouteHandler;
use wcf\system\session\ACPSessionFactory;
use wcf\system\session\SessionHandler;
use wcf\system\template\ACPTemplateEngine;
use wcf\util\FileUtil;
use wcf\util\HeaderUtil;

/**
 * Extends WCF class with functions for the ACP.
 * 
 * @author	Marcel Werk
 * @copyright	2001-2018 WoltLab GmbH
 * @license	GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
 * @package	WoltLabSuite\Core\System
 */
class WCFACP extends WCF {
	/**
	 * rescue mode
	 * @var	boolean
	 */
	protected static $inRescueMode;
	
	/**
	 * URL to WCF within rescue mode
	 * @var	string
	 */
	protected static $rescueModePageURL;
	
	/** @noinspection PhpMissingParentConstructorInspection */
	/**
	 * Calls all init functions of the WCF and the WCFACP class. 
	 */
	public function __construct() {
		// add autoload directory
		self::$autoloadDirectories['wcf'] = WCF_DIR . 'lib/';
		
		// define tmp directory
		if (!defined('TMP_DIR')) define('TMP_DIR', FileUtil::getTempFolder());
		
		// start initialization
		$this->initDB();
		$this->loadOptions();
		$this->initPackage();
		$this->initSession();
		$this->initLanguage();
		$this->initTPL();
		$this->initCronjobs();
		$this->initCoreObjects();
		
		// prevent application loading during setup
		if (PACKAGE_ID) {
			$this->initApplications();
		}
		
		$this->initBlacklist();
		$this->initAuth();
		
		EventHandler::getInstance()->fireAction($this, 'initialized');
	}
	
	/**
	 * Returns the main menu object.
	 * 
	 * @return	Menu|null	menu object
	 * @since	3.0
	 */
	public function getFrontendMenu() {
		return MenuCache::getInstance()->getMainMenu();
	}
	
	/**
	 * Returns true if ACP is currently in rescue mode.
	 * 
	 * @return	boolean
	 */
	public static function inRescueMode() {
		if (self::$inRescueMode === null) {
			self::$inRescueMode = false;
			
			if (PACKAGE_ID && isset($_SERVER['HTTP_HOST'])) {
				self::$inRescueMode = true;
				
				foreach (ApplicationHandler::getInstance()->getApplications() as $application) {
					if ($application->domainName === $_SERVER['HTTP_HOST']) {
						self::$inRescueMode = false;
						break;
					}
				}
				
				if (self::$inRescueMode) {
					self::$rescueModePageURL = RouteHandler::getProtocol() . $_SERVER['HTTP_HOST'] . RouteHandler::getPath(['acp']);
				}
			}
		}
		
		return self::$inRescueMode;
	}
	
	/**
	 * Returns URL for rescue mode page.
	 * 
	 * @return	string
	 */
	public static function getRescueModePageURL() {
		if (self::inRescueMode()) {
			return self::$rescueModePageURL;
		}
		
		return '';
	}
	
	/**
	 * Does the user authentication.
	 */
	protected function initAuth() {
		// this is a work-around since neither RequestHandler
		// nor RouteHandler are populated right now
		$pathInfo = RouteHandler::getPathInfo();
		
		if (self::inRescueMode()) {
			if (!preg_match('~^/?rescue-mode/~', $pathInfo)) {
				$redirectURI =  self::$rescueModePageURL . 'acp/index.php?rescue-mode/';
				
				HeaderUtil::redirect($redirectURI);
				exit;
			}
		}
		else if (empty($pathInfo) || !preg_match('~^/?(acp-?captcha|login|logout)/~i', $pathInfo)) {
			if (WCF::getUser()->userID == 0) {
				// work-around for AJAX-requests within ACP
				if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
					throw new AJAXException(WCF::getLanguage()->getDynamicVariable('wcf.ajax.error.sessionExpired'), AJAXException::SESSION_EXPIRED, '');
				}
				
				// build redirect path
				$application = ApplicationHandler::getInstance()->getActiveApplication();
				if ($application === null) {
					throw new SystemException("You have aborted the installation, therefore this installation is unusable. You are required to reinstall the software.");
				}
				
				HeaderUtil::redirect(
					LinkHandler::getInstance()->getLink('Login', [
						'url' => RouteHandler::getProtocol() . $_SERVER['HTTP_HOST'] . WCF::getSession()->requestURI
					])
				);
				exit;
			}
			else {
				// work-around for AJAX-requests within ACP
				if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
					try {
						WCF::getSession()->checkPermissions(['admin.general.canUseAcp']);
					}
					catch (PermissionDeniedException $e) {
						throw new AJAXException(self::getLanguage()->getDynamicVariable('wcf.ajax.error.permissionDenied'), AJAXException::INSUFFICIENT_PERMISSIONS, $e->getTraceAsString());
					}
				}
				else {
					WCF::getSession()->checkPermissions(['admin.general.canUseAcp']);
				}
				
				// force debug mode if in ACP and authenticated
				self::$overrideDebugMode = true;
			}
		}
	}
	
	/**
	 * @inheritDoc
	 */
	protected function initSession() {
		self::$sessionObj = SessionHandler::getInstance();
		self::$sessionObj->setCookieSuffix('_acp');
		
		$factory = new ACPSessionFactory();
		$factory->load();
		
		self::$sessionObj->setHasValidCookie($factory->hasValidCookie());
	}
	
	/**
	 * @inheritDoc
	 */
	protected function initTPL() {
		self::$tplObj = ACPTemplateEngine::getInstance();
		self::getTPL()->setLanguageID(self::getLanguage()->languageID);
		$this->assignDefaultTemplateVariables();
	}
	
	/**
	 * @inheritDoc
	 */
	protected function assignDefaultTemplateVariables() {
		parent::assignDefaultTemplateVariables();
		
		// base tag is determined on runtime
		$host = RouteHandler::getHost();
		$path = RouteHandler::getPath();
		
		// available acp search providers
		$availableAcpSearchProviders = [];
		foreach (ACPSearchProviderCacheBuilder::getInstance()->getData() as $searchProvider) {
			$availableAcpSearchProviders[$searchProvider->providerName] = self::getLanguage()->get('wcf.acp.search.provider.'.$searchProvider->providerName);
		}
		asort($availableAcpSearchProviders);
		
		self::getTPL()->assign([
			'baseHref' => $host . $path,
			'availableAcpSearchProviders' => $availableAcpSearchProviders
		]);
	}
	
	/**
	 * Initializes the active package.
	 */
	protected function initPackage() {
		// define active package id
		if (!defined('PACKAGE_ID')) {
			define('PACKAGE_ID', 1);
		}
	}
	
	/**
	 * Checks whether the active user has entered the valid master password.
	 */
	public static function checkMasterPassword() {
		if (defined('MODULE_MASTER_PASSWORD') && MODULE_MASTER_PASSWORD == 1 && !WCF::getSession()->getVar('masterPassword')) {
			if (file_exists(WCF_DIR.'acp/masterPassword.inc.php')) {
				require_once(WCF_DIR.'acp/masterPassword.inc.php');
			}
			if (defined('MASTER_PASSWORD')) {
				$form = new MasterPasswordForm();
				$form->__run();
				exit;
			}
			else {
				$form = new MasterPasswordInitForm();
				$form->__run();
				exit;
			}
		}
	}
}
Commit	Line	Data
158bd3ca TD	1	<?php
158bd3ca TD	2	namespace wcf\system;
a17de04e MS	3	use wcf\acp\form\MasterPasswordForm;
a17de04e MS	4	use wcf\acp\form\MasterPasswordInitForm;
9d5c75df AE	5	use wcf\data\menu\Menu;
9d5c75df AE	6	use wcf\data\menu\MenuCache;
eacc0f34	7	use wcf\system\application\ApplicationHandler;
c8f7b2a1	8	use wcf\system\cache\builder\ACPSearchProviderCacheBuilder;
f0d32df8	9	use wcf\system\event\EventHandler;
8efdfb59 AE	10	use wcf\system\exception\AJAXException;
8efdfb59 AE	11	use wcf\system\exception\PermissionDeniedException;
ae14caab	12	use wcf\system\exception\SystemException;
772773aa	13	use wcf\system\request\LinkHandler;
3dcfb497	14	use wcf\system\request\RouteHandler;
158bd3ca TD	15	use wcf\system\session\ACPSessionFactory;
	16	use wcf\system\session\SessionHandler;
	17	use wcf\system\template\ACPTemplateEngine;
a17de04e MS	18	use wcf\util\FileUtil;
a17de04e MS	19	use wcf\util\HeaderUtil;
158bd3ca TD	20
158bd3ca TD	21	/**
a17de04e	22	* Extends WCF class with functions for the ACP.
158bd3ca	23	*
9f959ced	24	* @author Marcel Werk
c839bd49	25	* @copyright 2001-2018 WoltLab GmbH
158bd3ca	26	* @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
e71525e4	27	* @package WoltLabSuite\Core\System
158bd3ca TD	28	*/
158bd3ca TD	29	class WCFACP extends WCF {
dfef03a8 AE	30	/**
dfef03a8 AE	31	* rescue mode
893aace3	32	* @var boolean
dfef03a8 AE	33	*/
	34	protected static $inRescueMode;
	35
	36	/**
	37	* URL to WCF within rescue mode
893aace3	38	* @var string
dfef03a8 AE	39	*/
	40	protected static $rescueModePageURL;
	41
e4bda351	42	/** @noinspection PhpMissingParentConstructorInspection */
158bd3ca TD	43	/**
	44	* Calls all init functions of the WCF and the WCFACP class.
	45	*/
	46	public function __construct() {
	47	// add autoload directory
	48	self::$autoloadDirectories['wcf'] = WCF_DIR . 'lib/';
	49
	50	// define tmp directory
a17de04e	51	if (!defined('TMP_DIR')) define('TMP_DIR', FileUtil::getTempFolder());
158bd3ca TD	52
158bd3ca TD	53	// start initialization
158bd3ca	54	$this->initDB();
b52a018b	55	$this->loadOptions();
ea820340	56	$this->initPackage();
158bd3ca TD	57	$this->initSession();
	58	$this->initLanguage();
	59	$this->initTPL();
b8050a71	60	$this->initCronjobs();
158bd3ca	61	$this->initCoreObjects();
1c5676c5 AE	62
	63	// prevent application loading during setup
	64	if (PACKAGE_ID) {
	65	$this->initApplications();
	66	}
b4bb712c	67
bf63d51d	68	$this->initBlacklist();
b4bb712c	69	$this->initAuth();
f0d32df8 MW	70
f0d32df8 MW	71	EventHandler::getInstance()->fireAction($this, 'initialized');
158bd3ca TD	72	}
158bd3ca TD	73
9d5c75df AE	74	/**
	75	* Returns the main menu object.
	76	*
8ff2cd79	77	* @return Menu\|null menu object
e71525e4	78	* @since 3.0
9d5c75df AE	79	*/
	80	public function getFrontendMenu() {
	81	return MenuCache::getInstance()->getMainMenu();
	82	}
	83
dfef03a8 AE	84	/**
	85	* Returns true if ACP is currently in rescue mode.
	86	*
893aace3	87	* @return boolean
dfef03a8 AE	88	*/
	89	public static function inRescueMode() {
	90	if (self::$inRescueMode === null) {
	91	self::$inRescueMode = false;
	92
ecfa34cc	93	if (PACKAGE_ID && isset($_SERVER['HTTP_HOST'])) {
dfef03a8 AE	94	self::$inRescueMode = true;
	95
	96	foreach (ApplicationHandler::getInstance()->getApplications() as $application) {
	97	if ($application->domainName === $_SERVER['HTTP_HOST']) {
	98	self::$inRescueMode = false;
	99	break;
	100	}
	101	}
	102
	103	if (self::$inRescueMode) {
	104	self::$rescueModePageURL = RouteHandler::getProtocol() . $_SERVER['HTTP_HOST'] . RouteHandler::getPath(['acp']);
	105	}
	106	}
	107	}
	108
	109	return self::$inRescueMode;
	110	}
	111
	112	/**
	113	* Returns URL for rescue mode page.
	114	*
893aace3	115	* @return string
dfef03a8 AE	116	*/
	117	public static function getRescueModePageURL() {
	118	if (self::inRescueMode()) {
	119	return self::$rescueModePageURL;
	120	}
	121
	122	return '';
	123	}
	124
158bd3ca TD	125	/**
	126	* Does the user authentication.
	127	*/
	128	protected function initAuth() {
938c4df9 AE	129	// this is a work-around since neither RequestHandler
938c4df9 AE	130	// nor RouteHandler are populated right now
b42a1cd9	131	$pathInfo = RouteHandler::getPathInfo();
dfef03a8 AE	132
	133	if (self::inRescueMode()) {
	134	if (!preg_match('~^/?rescue-mode/~', $pathInfo)) {
	135	$redirectURI = self::$rescueModePageURL . 'acp/index.php?rescue-mode/';
	136
	137	HeaderUtil::redirect($redirectURI);
	138	exit;
	139	}
	140	}
	141	else if (empty($pathInfo) \|\| !preg_match('~^/?(acp-?captcha\|login\|logout)/~i', $pathInfo)) {
158bd3ca	142	if (WCF::getUser()->userID == 0) {
57f13867 AE	143	// work-around for AJAX-requests within ACP
57f13867 AE	144	if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
a1721f86	145	throw new AJAXException(WCF::getLanguage()->getDynamicVariable('wcf.ajax.error.sessionExpired'), AJAXException::SESSION_EXPIRED, '');
57f13867 AE	146	}
57f13867 AE	147
eacc0f34 AE	148	// build redirect path
eacc0f34 AE	149	$application = ApplicationHandler::getInstance()->getActiveApplication();
ae14caab AE	150	if ($application === null) {
	151	throw new SystemException("You have aborted the installation, therefore this installation is unusable. You are required to reinstall the software.");
	152	}
	153
772773aa AE	154	HeaderUtil::redirect(
772773aa AE	155	LinkHandler::getInstance()->getLink('Login', [
b01dd6cb	156	'url' => RouteHandler::getProtocol() . $_SERVER['HTTP_HOST'] . WCF::getSession()->requestURI
772773aa AE	157	])
772773aa AE	158	);
158bd3ca TD	159	exit;
	160	}
	161	else {
8efdfb59 AE	162	// work-around for AJAX-requests within ACP
	163	if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
	164	try {
058cbd6a	165	WCF::getSession()->checkPermissions(['admin.general.canUseAcp']);
8efdfb59 AE	166	}
8efdfb59 AE	167	catch (PermissionDeniedException $e) {
a1721f86	168	throw new AJAXException(self::getLanguage()->getDynamicVariable('wcf.ajax.error.permissionDenied'), AJAXException::INSUFFICIENT_PERMISSIONS, $e->getTraceAsString());
8efdfb59 AE	169	}
	170	}
	171	else {
058cbd6a	172	WCF::getSession()->checkPermissions(['admin.general.canUseAcp']);
8efdfb59	173	}
b98e7f33 AE	174
	175	// force debug mode if in ACP and authenticated
	176	self::$overrideDebugMode = true;
158bd3ca TD	177	}
	178	}
	179	}
	180
	181	/**
0fcfe5f6	182	* @inheritDoc
158bd3ca TD	183	*/
158bd3ca TD	184	protected function initSession() {
b1a3cc1e AE	185	self::$sessionObj = SessionHandler::getInstance();
	186	self::$sessionObj->setCookieSuffix('_acp');
	187
ea8398f2	188	$factory = new ACPSessionFactory();
158bd3ca TD	189	$factory->load();
158bd3ca TD	190
b1a3cc1e	191	self::$sessionObj->setHasValidCookie($factory->hasValidCookie());
158bd3ca TD	192	}
	193
	194	/**
0fcfe5f6	195	* @inheritDoc
158bd3ca TD	196	*/
	197	protected function initTPL() {
	198	self::$tplObj = ACPTemplateEngine::getInstance();
	199	self::getTPL()->setLanguageID(self::getLanguage()->languageID);
	200	$this->assignDefaultTemplateVariables();
	201	}
	202
	203	/**
0fcfe5f6	204	* @inheritDoc
158bd3ca TD	205	*/
	206	protected function assignDefaultTemplateVariables() {
	207	parent::assignDefaultTemplateVariables();
	208
782f3fea	209	// base tag is determined on runtime
3dcfb497 AE	210	$host = RouteHandler::getHost();
3dcfb497 AE	211	$path = RouteHandler::getPath();
f9211a56	212
840872d2 MW	213	// available acp search providers
	214	$availableAcpSearchProviders = [];
	215	foreach (ACPSearchProviderCacheBuilder::getInstance()->getData() as $searchProvider) {
	216	$availableAcpSearchProviders[$searchProvider->providerName] = self::getLanguage()->get('wcf.acp.search.provider.'.$searchProvider->providerName);
	217	}
	218	asort($availableAcpSearchProviders);
	219
058cbd6a	220	self::getTPL()->assign([
c8f7b2a1	221	'baseHref' => $host . $path,
840872d2	222	'availableAcpSearchProviders' => $availableAcpSearchProviders
058cbd6a	223	]);
158bd3ca TD	224	}
158bd3ca TD	225
158bd3ca	226	/**
a17de04e	227	* Initializes the active package.
158bd3ca TD	228	*/
	229	protected function initPackage() {
	230	// define active package id
	231	if (!defined('PACKAGE_ID')) {
060f7a11	232	define('PACKAGE_ID', 1);
158bd3ca	233	}
158bd3ca TD	234	}
158bd3ca TD	235
158bd3ca TD	236	/**
	237	* Checks whether the active user has entered the valid master password.
	238	*/
	239	public static function checkMasterPassword() {
	240	if (defined('MODULE_MASTER_PASSWORD') && MODULE_MASTER_PASSWORD == 1 && !WCF::getSession()->getVar('masterPassword')) {
	241	if (file_exists(WCF_DIR.'acp/masterPassword.inc.php')) {
	242	require_once(WCF_DIR.'acp/masterPassword.inc.php');
	243	}
191b8391	244	if (defined('MASTER_PASSWORD')) {
a17de04e	245	$form = new MasterPasswordForm();
cc246fa2	246	$form->__run();
158bd3ca TD	247	exit;
	248	}
	249	else {
a17de04e	250	$form = new MasterPasswordInitForm();
cc246fa2	251	$form->__run();
158bd3ca TD	252	exit;
	253	}
	254	}
	255	}
	256	}