| [ Index ] |
|
Code source de LifeType 1.2.4 |
1 <?php 2 3 lt_include( PLOG_CLASS_PATH."class/action/blogaction.class.php" ); 4 lt_include( PLOG_CLASS_PATH."class/view/templateview.class.php" ); 5 lt_include( PLOG_CLASS_PATH."class/data/validator/templatenamevalidator.class.php" ); 6 lt_include( PLOG_CLASS_PATH."class/view/errorview.class.php" ); 7 8 /** 9 * \ingroup Action 10 * @private 11 * 12 * This action shows additional templates that can be created by the user. 13 * This templates are not related to any pre-defined action but can defined according 14 * to the user's taste, and no additional PHP code is required in order to develop new 15 * templates. The templates will receive a pre-defined set of objects like any other 16 * template (the calendar, 17 * the recent posts, all the categories, etc) and will also receive the parameters from the 18 * request in case they're necessary (they can be ignored otherwise) 19 * <br> 20 * This class behaves like any other Action and is handled by the controller.<br> 21 * <br> 22 * The advantage of using this approach is that we do not need to define an additional 23 * custom class to implement an Action when what we want to do is very simple, such as showing 24 * some more content or extra pages. From within the templates we can also change the content 25 * type HTTP header so that we can send for instance xml content. That could be useful in case we 26 * want to add things like FOAF (Friend-Of-A-Friend) which are XML-based and which have not yet 27 * been included in the main distribution. The TemplateUtils class, referred as "utils" in the 28 * template context, is the one which provides such features. 29 */ 30 class TemplateAction extends BlogAction 31 { 32 33 /** 34 * Constructor. 35 * 36 * @param actionInfo The same ActionInfo parameter taken by the BlogAction class constructor. 37 * @param request The same as in the BlogAction class constructor. 38 */ 39 function TemplateAction( $actionInfo, $request ) 40 { 41 $this->BlogAction( $actionInfo, $request ); 42 43 $this->registerFieldValidator( "show", new TemplateNameValidator()); 44 45 $view = new ErrorView( $this->_blogInfo ); 46 $view->setErrorMessage( "Bad characters in the template name." ); 47 $this->setValidationErrorView( $view ); 48 } 49 50 /** 51 * Performs the operation. 52 * 53 * It needs an additional parameter named "show" which gives the relative 54 * path, starting from the folder where the templates are to be found, where 55 * the template file is. <b>Security checks are done to ensure that no things like 56 * '../../../some/other/file'</b> are accepted. 57 */ 58 function perform() 59 { 60 // get the value of the template we're trying to render 61 $templateFile = $this->_request->getValue( "show" ); 62 // then, check if it has any extraneous character 63 if( !$templateFile || strstr( $templateFile, ".." )) { 64 lt_include( PLOG_CLASS_PATH."class/view/errorview.class.php" ); 65 66 $view = new ErrorView( $this->_blogInfo, "error_parameter_missing" ); 67 $this->setValidationErrorView( $view ); 68 69 $this->_view = new ErrorView( $this->_blogInfo ); 70 $this->_view->setValue( "message", "error_incorrect_parameter" ); 71 $this->setCommonData(); 72 73 return false; 74 } 75 // get the name of the template file and create the view 76 $this->_view = new TemplateView( $this->_blogInfo, 77 $this->_request->getValue( "show" )); 78 $this->_view->setValue( "request", $this->_request ); 79 // add all the common information to the view 80 $this->setCommonData(); 81 82 return true; 83 } 84 } 85 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Mon Nov 26 21:04:15 2007 | par Balluche grâce à PHPXref 0.7 |
|
|