API Documentation
Back to top  

FileManagerController

Extends \AdminHttpViewController

Class FileManagerController

This class contains some helper methods for handling view requests. Be careful always when outputting raw user data to HTML or when handling POST requests because insufficient protection will lead to XSS and CSRF vulnerabilities.

category

System
package

AdminHttpViewControllers

Methods

__construct

__construct(\HttpContextReaderInterface $httpContextReader, \HttpResponseProcessorInterface $httpResponseProcessor, \ContentViewInterface $defaultContentView)
inherited

Arguments

$httpContextReader

\HttpContextReaderInterface

$httpResponseProcessor

\HttpResponseProcessorInterface

$defaultContentView

\ContentViewInterface

_asBytes

_asBytes( $ini_v)

Arguments

$ini_v

Invokes an action method by the given action name.

_callActionMethod(string $actionName) : \HttpControllerResponseInterface
inherited
Throws
\LogicException

If no action method of the given name exists.

Arguments

$actionName

string

Name of action method to call, without 'action'-Suffix.

Response

\HttpControllerResponseInterface

Response message.

_fileIsBlacklisted

_fileIsBlacklisted( $filename)

Arguments

$filename

Generates thumbnails for images

_generateThumbnail( $img,  $width,  $height) : \Imagick

Arguments

$img

$width

$height

Response

\Imagick

_getInfoMessage

_getInfoMessage( $file)

Arguments

$file

Returns the expected $_POST value by the given key name.

_getPostData(string $keyName) : string|null
inherited

This method is the object oriented layer for $_POST[$keyName].

Arguments

$keyName

string

Expected key of post parameter.

Response

string|null

Either the expected value or null, of not found.

Creates and returns a key value collection which represent the global $_POST array.

_getPostDataCollection() : \KeyValueCollection
inherited

Response

\KeyValueCollection

Returns the expected $_GET value by the given key name.

_getQueryParameter(string $keyName) : mixed|null
inherited

This method is the object oriented layer for $_GET[$keyName].

Arguments

$keyName

string

Expected key of query parameter.

Response

mixed|null

Either the expected value or null, of not found.

Creates and returns a key value collection which represent the global $_GET array.

_getQueryParametersCollection() : \KeyValueCollection
inherited

Response

\KeyValueCollection

Returns the expected $_SERVER value by the given key name.

_getServerData(string $keyName) : string|null
inherited

This method is the object oriented layer for $_SERVER[$keyName].

Arguments

$keyName

string

Expected key of server parameter.

Response

string|null

Either the expected value or null, of not found.

_init

_init()

_initDeleteBlackList

_initDeleteBlackList()

_initDisallowedExtensions

_initDisallowedExtensions()

_initInfoMessages

_initInfoMessages()

_initListingFilePrefixBlacklist

_initListingFilePrefixBlacklist()

_initListingFileSuffixBlacklist

_initListingFileSuffixBlacklist()

_isOnDeleteBlacklist

_isOnDeleteBlacklist( $file)

Arguments

$file

_isRecursivelyDeletable

_isRecursivelyDeletable( $topDir)

Arguments

$topDir

_removeRecursively

_removeRecursively( $dir)

Arguments

$dir

Renders and returns a template file.

_render(string $templateFile, array $contentArray) : string
inherited

Arguments

$templateFile

string

Template file to render.

$contentArray

array

Content array which represent the variables of the template.

Response

string

Rendered template.

Check if the $_POST['pageToken'] or $_GET['pageToken'] variable is provided and if it's valid.

_validatePageToken(string $customExceptionMessage = null)
inherited

Example: public function proceed(HttpContextInterface $httpContext) { parent::proceed($httpContext); // proceed http context from parent class if($_SERVER['REQUEST_METHOD'] === 'POST') { $this->_validatePageToken(); // CSRF Protection } }

Throws
\Exception

If the validation fails.

Arguments

$customExceptionMessage

string

(optional) You can specify a custom exception message.

Default action method.

actionDefault() : \HttpControllerResponseInterface
inherited

Every controller child class requires at least the default action method, which is invoked when the ::_getQueryParameterData('do') value is not separated by a trailing slash.

Every action method have to return an instance which implements the http controller response interface.

Response

\HttpControllerResponseInterface

actionDelete

actionDelete()

actionDownload

actionDownload()

actionList

actionList()

actionMkdir

actionMkdir()

actionThumb

actionThumb()

actionUpload

actionUpload()

Searches the GXModules directory and admin/html directory for a template file, wich can be useed inside the AdminLayoutHttpControllerResponse object for the template parameter.

getTemplateFile(string $templateFile) : \ExistingFile
inherited
Throws
\Exception

if the path or file is not found

Arguments

$templateFile

string

The relative path and filename to search for

Response

\ExistingFile

containing absolute file path to the given template file

Processes a http response object which is get by invoking an action method.

proceed(\HttpContextInterface $httpContext)
inherited

The action method is determined by the http context reader instance and the current request context. Re-implement this method in child classes to enable XSS and CSRF protection on demand.

see \HttpContextReaderInterface::getActionName \HttpResponseProcessorInterface::proceed
Throws
\LogicException

When no action method is found by the http context reader.

Arguments

$httpContext

\HttpContextInterface

Http context object which hold the request variables.

Makes sure that the admin status is currently given in session

validateCurrentAdminStatus()
inherited
Throws
\LogicException

Properties

defaultContent

defaultContent : string
var

Type(s)

string

subDirectory

subDirectory : string
var

Type(s)

string

baseDirectory

baseDirectory : string
var

Type(s)

string

content

content : string
var

Type(s)

string

file

file : string
var

Type(s)

string

allowDelete

allowDelete : boolean
var

Type(s)

boolean

allowCreateFolder

allowCreateFolder : boolean
var

Type(s)

boolean

allowUpload

allowUpload : boolean
var

Type(s)

boolean

allowDirectLink

allowDirectLink : boolean
var

Type(s)

boolean

disallowedExtensions

disallowedExtensions : array
var

Type(s)

array

listingFileSuffixBlacklist

listingFileSuffixBlacklist : array
var

Type(s)

array

listingFilePrefixBlacklist

listingFilePrefixBlacklist : array
var

Type(s)

array

deleteBlackList

deleteBlackList : array
var

Type(s)

array

maxUploadSize

maxUploadSize : integer
var

Type(s)

integer

infoMessages

infoMessages : array
var

Type(s)

array

httpContextReader

httpContextReader : \HttpContextReaderInterface
inherited
var

Type(s)

\HttpContextReaderInterface

httpResponseProcessor

httpResponseProcessor : \HttpResponseProcessorInterface
inherited
var

Type(s)

\HttpResponseProcessorInterface

contentView

contentView : \ContentViewInterface
inherited
var

Type(s)

\ContentViewInterface

queryParametersArray

queryParametersArray : array
inherited
var

Type(s)

array

postDataArray

postDataArray : array
inherited
var

Type(s)

array

Contain the assets needed to be included in the view HTML.

assets : \AssetCollectionInterface
inherited
var

Contain the assets needed to be included in the view HTML.

Type(s)

\AssetCollectionInterface

Server data.

serverDataArray : array
inherited
var

Server data.

Type(s)

array