I am using external providers to login to my web app. (for example Google). In my custom userservice I get to AuthenticateExternalAsync and from there I want (if need to) redirect to Angular page.
public override Task AuthenticateExternalAsync(ExternalAuthenticationContext context)
{
...
...
context.AuthenticateResult = new AuthenticateResult("~/externalregistration", user.Subject, name, identityProvider: user.Provider);
return Task.FromResult(0);
}
i have html page
at https://localhost:44300/Content/app/externalregistration.html
How do I map externalregistration to this page?
At the moment I get an error
https://localhost:44300/identity/externalregistration#
HTTP Error 404.0 - Not Found
thank you
Mark
The page for the partial login has to be with IdentityServer - see that it's looking for it at /identity/ and not /Content/app/.
If from your user service you issue a partial login, then that web page is entirely up to you to serve up from the server. If that partial login page needs to know the identity of the user, then it needs to be hosted in the same path as IdentityServer so the partial login cookie can be read on the server. If you then want that page to be a SPA, then you'd have to have some server side code issue something into the browser for your SPA to know the identity of the user. If you want that page to be a SPA and make Ajax calls back to the server, you need to include some XSRF protection.
All in all, custom partial pages are easiest implemented as standard server-rendered MVC pages.
I'd like to know how I can implement CSRF protection on a custom Magento front-end form (in the mage system and located under app/design/.../templates/page/' folder as a .phtml file) that POST's to another custom PHP page (not in the mage system and located at the root of the Magento folder) to handle the form post, send email, etc.
I already have the custom forms and handlers working fine. I just need to add CSRF protection to these forms and need some advice on how I can do this using Magento's built in CSRF keys. I fully understand how to add the keys to the forms .phtml pages, but I am not sure how to use the _validateFormKey() function in the form handler's php page (since it is not in the mage system).
I am asking if this is possible as I do not want to have to create a custom module with front-end page to handle the task since the forms .phtml and handler pages are already setup and working (without CSRF). And yes, I have already looked at this post: Magento CSRF protection.
Once Magento application has been initialized you should be able to access Magento request and session objects and validate the form key in your PHP script:
$requestFormKey = Mage::app()->getRequest()->getParam('form_key');
$sessionFormKey = Mage::getSingleton('core/session')->getFormKey();
if ($requestFormKey == $sessionFormKey) {
//go
}
I woundering it is possible to take content from other sites using play framework.
For example in php it is possible by using curl .
Example I have rute :
GET /test controller.Aplicatin.getContent
and when I put in browser localhost:9000/test then it show content from example http://google.pl
And it is possible to send post data to other sites nad get content ?
For example by typing localhost:9000/test I wana send post username, password to gmail and return content from login page.
You can do whatever you want in your controller Actions. Use the WS lib to make whatever type of request you want and then return that in html or whatever.
Example:
def getContent = Action.async { implicit req =>
WS.url("someurl.com").post("some body here").map(response => Ok(response.body))
}
I would like to have an editAction return to the page that called it after the form has been posted. I know that I can configure the router to pass the url of the calling page to the controller so that the controller can return to that page after the form has been submitted. However, I am interested in whether zf2 has a simpler method.
If I understood correctly then you can add this after the form has validated:
return $this->redirect()->toRoute(null, array(), array(), true));
this will redirect the request to the same page, reusing all the route params (that's what that true param value is for). So will end up on the same page, but with clean $_POST superarray. You can also look into using the flashmessenger controller plugin to pass messages between requests, to inform user whether the form passed validation etc.
I have a project in which I want to be able to call wp_list_pages() on a page that also uses the Zend Framework to power some complex interfaces manages custom data outside of wordpress.
This page should also redirect the user to the wordpress login screen if they're not already logged in with the appropriate level of authorization.
How would this work at a high level, i.e. do I need to edit the wordpress bootstrap file to conditionally implement the custom interface based on a specific URL or something, but still include certain files to be able to call wp_list_pages() on that custom interface?
I've developed a couple of WordPress plugins, and I've found it's really easy to extend. Haven't worked with Zend though.
You should check the WordPress plugin api. Mostly the part about actions, filters and hooks: http://codex.wordpress.org/Plugin_API
You can even override some functions (not sure if wp_list_pages() is overridable).
It's pretty well documented, and there's a large developer community behind it on IRC, forums, etc.
Thanks Fernando.
I just read this thread which suggests that you can use Zend in any script by just including:
require_once('Zend/Loader.php');
Zend_Loader::registerAutoload();
So given that all I need to use Zend for is on one page, can I just include that code in a custom template file that I assign to the appropriate page in the navigation? If I used javascript to submit the form via XHR, the requested URL would take the form '/controller/action' - but Zend wouldn't know the controller directory.
Could I put Zend code into the wordpress bootstrap, i.e. the above code plus the frontController configuration, and then use Zend wherever however?
So I've created a page in Wordpress and a custom template for that page, in which I've placed the following Zend Framework code:
require_once('Zend/Loader.php');
Zend_Loader::registerAutoload();
$db = Zend_Db::factory('Pdo_Mysql', array(
'host' => 'localhost',
'username' => 'username',
'password' => 'password',
'dbname' => 'dbname'
));
Zend_Db_Table::setDefaultAdapter($db);
class Users extends Zend_Db_Table_Abstract {
protected $_name = 'wp_users';
}
$users = new Users();
$users = $users->fetchAll()->toArray();
print_r($users[0]['user_login']);
This all works fine, so it's clearly possible to use Zend in conjuction with Wordpress at least to some extent.
It's becoming apparant that the problem is about who controls the URL rewriting, or the routing, or the bootstrapping (not sure of the correct terminology). If I were to put the end of the above code, starting $users = new Users();, into a controller as follows:
class UsersController extends Zend_Controller_Action {
function getUserAction() {
$this->_helper->viewRenderer->setNoRender();
$users = new Users();
$users = $users->fetchAll()->toArray();
echo $users[0]['user_login'];
}
}
How would I then call that function? My intention would be to call it from javascript via an XHR request in response to an event on the page, but requesting the URL 'index.php/Users/getUser/' returns 'No input file selected'. Trying to access the URL http://www.domain.com/Users/getUser/ produces a Wordpress 404 page.
Is there a way around this? It doesn't just apply to wordpress, of course - I expect it applies to any existing application that rewrites/routes requests via a bootstrap.
I guess you could do that, just import the framework into the one page you need it for. I don't know how Zend works, but check the paths as to where to put your directories so that Zend finds them.As I said I guess you could do that, just experiment and tell us how it went!
Beware of name conflicts for functions and/or variables, this shouldn't be much of a problem coming from such popular products as WordPress and Zend though... (which should be theoretically well coded)
I guess you could do that, just import the framework into the one page you need it for. I don't know how Zend works, but check the paths as to where to put your directories so that Zend finds them.As I said I guess you could do that, just experiment and tell us how it went!
Beware of name conflicts for functions and/or variables, this shouldn't be much of a problem coming from such popular products as WordPress and Zend though... (which should be theoretically well coded)
I've built a plugin for wordpress that has a similar goal to yours, more modeled on CodeIgniter though. Not knowing Zend terribly well, I think this should help:
Make a file named routes.php in your plugins directory with the following code:
add_action( 'init', 'add_custom_urls' );
function add_custom_urls(){
global $wp, $wp_rewrite;
$wp_rewrite->add_rule( '(.*)$', 'index.php?&cPath=$matches[1]', 'top' );
$wp->add_query_var( 'cPath' );
}
Be sure to activate both plugins in your admin. These two files will allow you to catch the url before Wordpress tries to figure out what to do with it. You can use regular expressions to have finer control over which pages to catch. You may have to delete the record in your _options db table where option_name = 'rewrite_rules' before this works.
Next, make another plugin with the following code:
add_action( 'template_redirect', 'bootstrap' );
function bootstrap(){
global $cPath;
echo( "cPath : $cPath" );
if( $cPath ){
dosomethingwith( $cPath );
}
}
Put all your code in the dosomethingwith() function. You'll need to figure out if the url requested can me mapped to a zend controller, etc. http://www.domain.com/Users/getUser/ would give you $cPath = Users/getUser/ If successful, you'll also probably want to die(), so once it is completed Wordpress won't try and take over again.