Action.class.php 3.8 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091
  1. <?php
  2. /**
  3. * Execute an action (request which no need html view response: ajax,json etc...) and manage automatically
  4. * access rights, exceptions and json response.
  5. *
  6. * @author Valentin CARRUESCO
  7. *
  8. * @category Core
  9. *
  10. * @license cc by nc sa
  11. */
  12. class Action {
  13. /**
  14. * Execute an action
  15. * #### Example
  16. * ```php
  17. * Action::write(function(&$response){
  18. * $response['custom'] = 'hello world!';
  19. * },array('user'=>'u','plugin'=>'d')); //User must have user update right and delete plugin right to perform this action
  20. * ```.
  21. *
  22. * @param function action/code to execute
  23. * @param array Array wich contain right to execute action
  24. *
  25. * @return print json response
  26. */
  27. public static function write($f, $p=array()) {
  28. global $myUser;
  29. header('content-type:application/json');
  30. $response = array();
  31. set_error_handler(function ($level, $error, $file, $line) { throw new Exception($error." \r\n\r\n ".$file.' - L '.$line.'');});
  32. try {
  33. foreach ($p as $scope => $right) {
  34. if (!$myUser->can($scope, $right))
  35. throw new Exception('Vous ne disposez pas des droits suffisants pour effectuer cette action');
  36. }
  37. $f($response);
  38. } catch (Exception $e) {
  39. $response['error'] = $e->getMessage();
  40. $response['errorCode'] = $e->getCode();
  41. $response['trace'] = exception_trace($e);
  42. if($myUser->superadmin || $_SERVER['HTTP_HOST'] == '127.0.0.1'){
  43. $traces = $e->getTrace();
  44. $traceIndex = 0;
  45. //Si c'est une erreur de bound sql / data ou une erreur de syntaxe sql
  46. if($e->getCode() == 'HY093' || $e->getCode() == '42000'){
  47. //On recupere la premiere trace qui n'est pas Entity ou Action (trace significative)
  48. foreach($traces as $i => $currentTrace){
  49. if(isset($currentTrace['file']) && in_array(basename($currentTrace['file']), array('Entity.class.php','Action.class.php'))) continue;
  50. $traceIndex = $i;
  51. break;
  52. }
  53. //On affiche la requete et les datas
  54. if(isset($traces[1]) && $traces[1]['function']=='customQuery'){
  55. if(isset($traces[1]['args'])) $response['error'] .= '<code class="d-block">'.(is_string($traces[1]['args'][0]) ? $traces[1]['args'][0]:json_encode($traces[1]['args'][0])).'</code>';
  56. if(isset($traces[1]['args']) && isset($traces[1]['args'][1])){
  57. $plainTrace = $traces[1]['args'][1];
  58. if(is_array($plainTrace)) $plainTrace = implode(',',$plainTrace);
  59. if(is_object($plainTrace)) $plainTrace = implode(',',(array)$plainTrace);
  60. $response['error'] .= '<hr><code>['.$plainTrace.']</code>';
  61. }
  62. }
  63. }
  64. $response['line'] = isset($traces[$traceIndex]['line']) ? $traces[$traceIndex]['line'] : 0;
  65. $response['file'] = isset( $traces[$traceIndex]['file'])? $traces[$traceIndex]['file'] : '';
  66. $response['trace'] = '<pre class="text-light" style="overflow:initial;">'.exception_trace($e).'</pre>';
  67. }
  68. }
  69. echo json_encode($response);
  70. restore_error_handler();
  71. }
  72. public static function register($name,$f) {
  73. $GLOBALS['actions'][$name] = $f;
  74. }
  75. public static function run($name, &$response) {
  76. if(!isset($GLOBALS['actions'][$name])) return;
  77. $functionName = $GLOBALS['actions'][$name];
  78. call_user_func_array($functionName, array(&$response));
  79. }
  80. }