WYSIJA_control

The MailPoet Newsletters WYSIJA control class.

Defined (1)

The class is defined in the following location(s).

/core/controller.php  
  1. class WYSIJA_control extends WYSIJA_object{ 
  2. var $model=""; 
  3. var $view=""; 
  4. var $action=""; 
  5. var $list_columns=array(); 
  6. var $form_columns=array(); 
  7. var $filters=array(); 
  8. var $js=array(); 
  9. var $jsLoc=array(); 
  10. var $extension="wysija-newsletters"; 
  11. var $joins=array(); 
  12. var $title=""; 
  13.  
  14. function __construct() { 
  15. //setup some required objects for the request 
  16. if(!defined('DOING_AJAX')) { 
  17. if($this->view) $this->viewObj = WYSIJA::get($this->view, "view", false, $this->extension); 
  18. if(empty($this->viewObj)) $this->viewObj = new stdClass (); // In some cases, viewObj can not be created 
  19. if($this->model) { 
  20. $this->modelObj=WYSIJA::get($this->model, "model", false, $this->extension); 
  21. $this->viewObj->model=WYSIJA::get($this->model, "model", false, $this->extension); 
  22.  
  23. private function _rebuild_ajax_nonce_action() { 
  24. $actionnonce = 'wysija_ajax'; 
  25. if( !empty( $_REQUEST['controller']) && !empty( $_REQUEST['task']) ) { 
  26. $actionnonce = 'wysija_'.$_REQUEST['controller'] . '-action_'.$_REQUEST['task']; 
  27. return $actionnonce; 
  28.  
  29. private function _rebuild_nonce_action() { 
  30. $actionnonce = ''; 
  31. //backend case 
  32. if(is_admin() && !empty($_REQUEST['page'])) { 
  33. $actionnonce=$_REQUEST['page'].'-action_'.$_REQUEST['action']; 
  34. if(!empty($_REQUEST['id'])) $actionnonce.='-id_'.$_REQUEST['id']; 
  35. //frontend case 
  36. } elseif (!empty($_REQUEST['controller'])) { 
  37. $actionnonce=$_REQUEST['controller'].'-action_'.$_REQUEST['action']; 
  38. if(!empty($_REQUEST['id'])) $actionnonce.='-id_'.$_REQUEST['id']; 
  39. return $actionnonce; 
  40.  
  41. private function _nonce_verification() { 
  42. if(!empty($_REQUEST['_wpnonce'])) { 
  43. if($_REQUEST['action']=='wysija_ajax') { 
  44. $actionnonce = $this->_rebuild_ajax_nonce_action(); 
  45. }else{ 
  46. $actionnonce = $this->_rebuild_nonce_action(); 
  47.  
  48. //if the wp_nonce has been set up then we test it against the one here if it fails we just die 
  49. $nonce=$_REQUEST['_wpnonce']; 
  50.  
  51. if(!wp_verify_nonce($nonce, $actionnonce) ) { 
  52. wp_die("<h2>" . __('Security failure during request') . "</h2>", __("Security Problem"), array( 
  53. 'response' => 403,  
  54. 'back_link' => false 
  55. )); 
  56.  
  57.  
  58. }else{ 
  59. if(!wp_verify_nonce($nonce, $actionnonce) ) { 
  60. wp_die("<h2>" . __('Security failure during request') . "</h2>", __("Security Problem"), array( 
  61. 'response' => 403,  
  62. 'back_link' => false 
  63. )); 
  64.  
  65.  
  66.  
  67. /** 
  68. * if a controller calls that page then it needs those global parameters to be set 
  69. * @return boolean 
  70. */ 
  71. function requireSecurity() { 
  72.  
  73. if( !isset($_REQUEST['_wpnonce']) ) { 
  74. die('Your request is not safe.'); 
  75. }else{ 
  76. $this->_nonce_verification(); 
  77. return true; 
  78.  
  79.  
  80. /** 
  81. * prepare an array of condition for a where statement with the pk and its value. 
  82. * note: not sure this function should be here though. 
  83. * @return array 
  84. */ 
  85. function getPKVal() { 
  86.  
  87. if(isset($_POST['wysija'][$this->modelObj->table_name][$this->modelObj->pk]) && $_POST['wysija'][$this->modelObj->table_name][$this->modelObj->pk]) { 
  88. //this is an update 
  89. $conditions=array($this->modelObj->pk =>$_POST['wysija'][$this->modelObj->table_name][$this->modelObj->pk]); 
  90. unset($_POST['wysija'][$this->modelObj->table_name][$this->modelObj->pk]); 
  91. }elseif(isset($_GET['id'])) { 
  92. $conditions=array($this->modelObj->pk =>$_GET['id']); 
  93. }else{ 
  94. $conditions=array(); 
  95.  
  96. return $conditions;