1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
|
<?php
/**
* Elgg Actions
*
* Actions are the primary controllers (The C in MVC) in Elgg. The are
* registered by {@link register_elgg_action()} and are called either by URL
* http://elggsite.org/action/action_name or {@link action($action_name}. For
* URLs, rewrite a rule in .htaccess passes the action name to
* engine/handlers/action_handler.php, which dispatches the action.
*
* An action name should be registered to exactly one file in the system, usually under
* the actions/ directory.
*
* All actions require security tokens. Using the {@elgg_view input/form} view
* will automatically add tokens as hidden inputs. To manually add hidden inputs,
* use the {@elgg_view input/securitytoken} view.
*
* To include security tokens for actions called via GET, use
* {@link elgg_add_security_tokens_to_url()}.
*
* Action tokens can be manually generated by using {@link generate_action_token()}.
*
* @tip When registered, actions can be restricted to logged in or admin users.
*
* @tip Action URLs should be called with a trailing / to prevent 301 redirects.
*
* @package Elgg.Core
* @subpackage Actions
* @link http://docs.elgg.org/Actions
* @link http://docs.elgg.org/Actions/Tokens
*/
/**
* Perform an action.
*
* This function executes the action with name $action as
* registered by {@link register_action()}.
*
* The plugin hook action, $action_name will be emitted before
* the action is executed. If a handler returns false, it will
* prevent the action from being called.
*
* @note If an action isn't registered in the system or is registered
* to an unavailable file the user will be forwarded to the site front
* page and an error will be emitted via {@link regiser_error()}.
*
* @warning All actions require {@link http://docs.elgg.org/Actions/Tokens Action Tokens}.
* @warning Most plugin shouldn't call this manually.
*
* @param string $action The requested action
* @param string $forwarder Optionally, the location to forward to
* @link http://docs.elgg.org/Actions
* @see register_action()
*/
function action($action, $forwarder = "") {
global $CONFIG;
$action = rtrim($action, '/');
// @todo REMOVE THESE ONCE #1509 IS IN PLACE.
// Allow users to disable plugins without a token in order to
// remove plugins that are incompatible.
// Login and logout are for convenience.
// file/download (see #2010)
$exceptions = array(
'admin/plugins/disable',
'logout',
'login',
'file/download',
);
if (!in_array($action, $exceptions)) {
// All actions require a token.
action_gatekeeper();
}
$forwarder = str_replace($CONFIG->url, "", $forwarder);
$forwarder = str_replace("http://", "", $forwarder);
$forwarder = str_replace("@", "", $forwarder);
if (substr($forwarder, 0, 1) == "/") {
$forwarder = substr($forwarder, 1);
}
if (isset($CONFIG->actions[$action])) {
if ((isadminloggedin()) || (!$CONFIG->actions[$action]['admin'])) {
if ($CONFIG->actions[$action]['public'] || get_loggedin_userid()) {
// Trigger action event
// @todo This is only called before the primary action is called.
$event_result = true;
$event_result = trigger_plugin_hook('action', $action, null, $event_result);
// Include action
// Event_result being false doesn't produce an error
// since i assume this will be handled in the hook itself.
// @todo make this better!
if ($event_result) {
if (!include($CONFIG->actions[$action]['file'])) {
register_error(sprintf(elgg_echo('actionnotfound'), $action));
}
}
} else {
register_error(elgg_echo('actionloggedout'));
}
} else {
register_error(elgg_echo('actionunauthorized'));
}
} else {
register_error(sprintf(elgg_echo('actionundefined'), $action));
}
forward($CONFIG->url . $forwarder);
}
/**
* Registers an action.
*
* Actions are registered to a single file in the system and are executed
* either by the URL http://elggsite.org/action/action_name or by calling
* {@link action()}.
*
* $file must be the full path of the file to register, or a path relative
* to the core actions/ dir.
*
* Actions should be namedspaced for your plugin. Example:
* <code>
* register_action('myplugin/save_settings', ...);
* </code>
*
* @tip Put action files under the actions/ directory of your plugin.
*
* @tip You don't need to include engine/start.php, call {@link gatekeeper()},
* or call {@link admin_gatekeeper()}.
*
* @internal Actions are saved in $CONFIG->actions as an array in the form:
* <code>
* array(
* 'file' => '/location/to/file.php',
* 'public' => BOOL If false, user must be logged in.
* 'admin' => BOOL If true, user must be admin (implies plugin = false)
* )
* </code>
*
* @param string $action The name of the action (eg "register", "account/settings/save")
* @param boolean $public Can this action be accessed by people not logged into the system?
* @param string $filename Optionally, the filename where this action is located
* @param boolean $admin_only Whether this action is only available to admin users.
* @see action()
* @see http://docs.elgg.org/Actions
*/
function register_action($action, $public = false, $filename = "", $admin_only = false) {
global $CONFIG;
// plugins are encouraged to call actions with a trailing / to prevent 301
// redirects but we store the actions without it
$action = rtrim($action, '/');
if (!isset($CONFIG->actions)) {
$CONFIG->actions = array();
}
if (empty($filename)) {
$path = "";
if (isset($CONFIG->path)) {
$path = $CONFIG->path;
}
$filename = $path . "actions/" . $action . ".php";
}
$CONFIG->actions[$action] = array('file' => $filename, 'public' => $public, 'admin' => $admin_only);
return true;
}
/**
* Validate an action token.
*
* Calls to actions will automatically validate tokens.
* If tokens are not present or invalid, the action will be
* denied and the user will be redirected to the front page.
*
* Plugin authors should never have to manually validate action tokens.
*
* @access private
* @param bool $visibleerrors Emit {@link register_error()} errors on failure?
* @param mixed $token The token to test against. Pulls from $_REQUEST['__elgg_token'] if NULL.
* @param mixed $ts The time stamp to test against. Pulls from $_REQUEST['__elgg_ts'] if NULL.
* @return bool
* @see generate_action_token()
* @link http://docs.elgg.org/Actions/Tokens
*/
function validate_action_token($visibleerrors = TRUE, $token = NULL, $ts = NULL) {
if (!$token) {
$token = get_input('__elgg_token');
}
if (!$ts) {
$ts = get_input('__elgg_ts');
}
$session_id = session_id();
if (($token) && ($ts) && ($session_id)) {
// generate token, check with input and forward if invalid
$generated_token = generate_action_token($ts);
// Validate token
if ($token == $generated_token) {
$hour = 60*60;
$now = time();
// Validate time to ensure its not crazy
if (($ts>$now-$hour) && ($ts<$now+$hour)) {
// We have already got this far, so unless anything
// else says something to the contry we assume we're ok
$returnval = true;
$returnval = trigger_plugin_hook('action_gatekeeper:permissions:check', 'all', array(
'token' => $token,
'time' => $ts
), $returnval);
if ($returnval) {
return true;
} else if ($visibleerrors) {
register_error(elgg_echo('actiongatekeeper:pluginprevents'));
}
} else if ($visibleerrors) {
register_error(elgg_echo('actiongatekeeper:timeerror'));
}
} else if ($visibleerrors) {
register_error(elgg_echo('actiongatekeeper:tokeninvalid'));
}
}
else if ($visibleerrors) {
register_error(elgg_echo('actiongatekeeper:missingfields'));
}
return FALSE;
}
/**
* Validates the presence of action tokens.
*
* This function is called for all actions. If action tokens are missing,
* the user will be forwarded to the site front page and an error emitted.
*
* This function verifies form input for security features (like a generated token), and forwards
* the page if they are invalid.
*
* @access private
* @return mixed True if valid, or redirects to front page and exists.
*/
function action_gatekeeper() {
if (validate_action_token()) {
return TRUE;
}
forward();
exit;
}
/**
* Generate an action token.
*
* Action tokens are based on timestamps as returned by {@link time()}.
* They are valid for one hour.
*
* Action tokens should be passed to all actions name __elgg_ts and __elgg_token.
*
* @warning Action tokens are required for all actions.
*
* @param int $timestamp Unix timestamp
* @see @elgg_view input/securitytoken
* @see @elgg_view input/form
* @example actions/manual_tokens.php
*/
function generate_action_token($timestamp) {
$site_secret = get_site_secret();
$session_id = session_id();
// Session token
$st = $_SESSION['__elgg_session'];
if (($site_secret) && ($session_id)) {
return md5($site_secret . $timestamp . $session_id . $st);
}
return FALSE;
}
/**
* Initialise the site secret hash.
*
* Used during installation and saves as a datalist.
*
* @return mixed The site secret hash or false
* @access private
* @todo Move to better file.
*/
function init_site_secret() {
$secret = md5(rand().microtime());
if (datalist_set('__site_secret__', $secret)) {
return $secret;
}
return FALSE;
}
/**
* Returns the site secret.
*
* Used to generate difficult to guess hashes for sessions and action tokens.
*
* @return string Site secret.
* @access private
* @todo Move to better file.
*/
function get_site_secret() {
$secret = datalist_get('__site_secret__');
if (!$secret) {
$secret = init_site_secret();
}
return $secret;
}
/**
* Check if an action is registered and its file exists.
*
* @param string $action
* @return BOOL
* @since 1.8
*/
function elgg_action_exist($action) {
global $CONFIG;
return (isset($CONFIG->actions[$action]) && file_exists($CONFIG->actions[$action]['file']));
}
|