I am facing a strange problem with zend_acl, I have successfully added role and resources , but the isAllowed() function is always redirecting to the error controller.
$usersNs->role = 'admin';
$acl->addRole(new Zend_Acl_Role($usersNs->role));
$acl->add(new Zend_Acl_Resource("dashboard::stats"));
$privilageName = $request->getControllerName()."::".$request->getActionName();
if($acl->has($privilageName)){
echo "has privelage"; //echo every time whenever i go to dashboard,stats
}
if(!$acl->isAllowed($usersNs->role,$privilageName )) {
$request->setControllerName('error');
$request->setActionName('error');
}
Related
I have a cakephp2.3 based project with table name "user_master".
I am using ejabberd chat application and ejabberd user table name is "user".
I am using convers.js client.
Now i am facing problem to use my existing project user with XMPP ejabberd to authenticate , send friend request , chat with friends.
I tried using external auth but it allowed me to login even if I add wrong credentials on ejabberd server using http://localhost:5280/admin link.
I am using Ubuntu and i have add all types of setting.It is working fine if i use it as stand alone application but when i want use it for my existing user it stopped working.
Ejabberd Server : http://localhost:5280/admin
External authentication configuration in "ejabberd.cfg" file.
{auth_method, external}.
{extauth_program, "/etc/ejabberd/auth.php"}.
External authentication file "auth.php".
<?php
require 'ejabberd_external_auth.php';
class Auth extends EjabberdExternalAuth {
protected function authenticate($user, $server, $password) {
$stmt = $this->db()->prepare("SELECT username FROM users WHERE username = ? AND password = ? ");
$stmt->execute(array($user, $password));
if($stmt->rowCount() >= 0 )
{
return true;
}
else
{
return false;
}
}
protected function exists($user, $server) {
$stmt = $this->db()->prepare("SELECT username FROM users WHERE username = ? ");
$stmt->execute(array($user));
if($stmt->rowCount() >= 0 )
{
return true;
}
else
{
return false;
}
}
}
$pdo = new PDO('mysql:dbname=ejabberd;host=localhost', 'root', 'root');
new Auth($pdo, 'auth.log');
Thanks in advance
I have downloaded the IPP PHP SDK and am wondering how to make the REST calls for reporting. I am trying to make any REST call and it doesn't seem to work..
I have used the AccountFindAll.php as an example for calling the REST API. I either get nothing back, which makes me think if I am even calling it right, or there is no data returned. I have received an error though for the AgedPayables report saying permission denied. The AccountsFindAll.php example does work and brings me back what I want but it is using some kind of query format.
I would like to use the REST API but I can't get it to work. If anyone can point me in the right direction it would be so appreciated.
Here is my code:
<?php
require_once('config.php');
require_once(PATH_SDK_ROOT . 'Core/ServiceContext.php');
require_once(PATH_SDK_ROOT . 'DataService/DataService.php');
require_once(PATH_SDK_ROOT . 'PlatformService/PlatformService.php');
require_once(PATH_SDK_ROOT . 'Utility/Configuration/ConfigurationManager.php');
//Specify QBO or QBD
$serviceType = IntuitServicesType::QBO;
// Get App Config
$realmId = ConfigurationManager::AppSettings('RealmID');
if (!$realmId)
exit("Please add realm to App.Config before running this sample.\n");
/*
$accessToken = $_REQUEST['accessToken'];
$tokenSecret = $_REQUEST['tokenSecret'];
$realmId = $_REQUEST['realmId'];
*/
$realmId = ConfigurationManager::AppSettings('RealmID');
// Prep Service Context
$requestValidator = new OAuthRequestValidator(ConfigurationManager::AppSettings('AccessToken'),
ConfigurationManager::AppSettings('AccessTokenSecret'),
ConfigurationManager::AppSettings('ConsumerKey'),
ConfigurationManager::AppSettings('ConsumerSecret'));
$serviceContext = new ServiceContext($realmId, $serviceType, $requestValidator);
if (!$serviceContext)
exit("Problem while initializing ServiceContext.\n");
//$httpsUri = "company/".$realmId."/reports/AgedPayables"; //?date_macro=Today
$httpsUri = 'company/'.$realmId.'/companyinfo/'.$realmId;
//$httpsUri = 'company/'.$realmId.'/query';
//$httpsPostBody = 'select * from CompanyInfo startPosition 0 maxResults 500';
$httpsPostBody = NULL;
$httpsContentType = CoreConstants::CONTENTTYPE_APPLICATIONTEXT;
$requestParameters = new RequestParameters($httpsUri, 'GET', $httpsContentType, NULL);
$restRequestHandler = new SyncRestHandler($serviceContext);
list($responseCode, $responseBody) = $restRequestHandler->GetResponse($requestParameters, $httpsPostBody, NULL);
$parsedResponseBody = NULL;
try {
$responseXmlObj = simplexml_load_string($responseBody);
if ($responseXmlObj && $responseXmlObj->QueryResponse)
{
$responseSerializer = CoreHelper::GetSerializer($serviceContext, false);
$parsedResponseBody = $responseSerializer->Deserialize($responseXmlObj->QueryResponse->asXML(), FALSE);
}
}
catch (Exception $e) {
echo $e->getMessage();
IdsExceptionManager::HandleException($e);
}
print_r($parsedResponseBody);
?>
I get an XML response to report queries.
Please refer:
https://developer.intuit.com/blog/2014/03/25/the-quickbooks-online-reports-api-has-arrived
PHP SDK does not support Reports at this time.
I'm using Yii to build an application that requires payments through PayPal. After a lot of digging, I found that ExpressCheckout is the method to use. The code below worked fine some time ago (some (?) weeks ago, I suppose before PayPal rolling out their new developer platform), using version 1.2.95 of the PHP SDK. Now, using the latest version v.2.2.98, the code fails.
require_once(Yii::getPathOfAlias('application.libraries.paypal') . '/PPBootStrap.php');
$logger = new PPLoggingManager('SetExpressCheckout');
$PaymentDetails = new PaymentDetailsType();
$PaymentDetails->OrderTotal = $PaymentDetails->ItemTotal =
new BasicAmountType('USD', $subscription->price);
$PaymentDetails->PaymentAction = "Sale";
$PaymentDetails->OrderDescription = $subscription->description;
$setECReqDetails = new SetExpressCheckoutRequestDetailsType();
$setECReqDetails->PaymentDetails[0] = $PaymentDetails;
$setECReqDetails->CancelURL = 'someCancelUrl';
$setECReqDetails->ReturnURL = 'someReturnUrl';
$setECReqType = new SetExpressCheckoutRequestType();
$setECReqType->SetExpressCheckoutRequestDetails = $setECReqDetails;
$setECReq = new SetExpressCheckoutReq();
$setECReq->SetExpressCheckoutRequest = $setECReqType;
$paypalService = new PayPalAPIInterfaceServiceService();
$ok = TRUE;
try {
$setECResponse = $paypalService->SetExpressCheckout($setECReq);
if($setECResponse && strtoupper($setECResponse->Ack) =='SUCCESS') {
$token = $setECResponse->Token;
// Redirect to paypal.com here
$this->redirect(
'https://www.sandbox.paypal.com/webscr?cmd=_express-checkout&token=' . $token);
}
}
catch (Exception $ex) {
Yii::trace(__METHOD__ . ': Exception while interacting with PayPal API, error: '
. $ex->getMessage());
$ok = FALSE;
}
The offending line is:
$setECResponse = $paypalService->SetExpressCheckout($setECReq);
In PayPalAPIInterfaceServiceService::SetExpressCheckout(), these two lines:
$resp = $this->call('PayPalAPIAA', 'SetExpressCheckout', $setExpressCheckoutReq, $apiCredential);
$ret->init(PPUtils::xmlToArray($resp));
are the issue. $resp is null, so the next line fails at the PPUtils::xmlToArray($resp) method call.
Obviously, either I'm missing something here, or PayPal does something wrong.
Any help?
After a lot of debugging, the cause of the issue was that the service.EndPoint.PayPalAPI parameter was not defined in sdk_config.ini. For some reason that I don't recall, this parameter was deleted from the working config file from the previous version.
Now, the express checkout method works fine, even with the latest 2.3.100 version of the API.
hello all its my first application using Zend Framework i have followed tutorial it was very nice and simple after finishing i got the following error .anyone please tell me why i am getting this ??
Fatal error: Uncaught exception 'Zend_Controller_Dispatcher_Exception' with message 'Invalid controller specified (error)' in C:\xampp\htdocs\zend_login\library\Zend\Controller\Dispatcher\Standard.php:248
Stack trace:
#0 C:\xampp\htdocs\zend_login\library\Zend\Controller\Front.php(954): Zend_Controller_Dispatcher_Standard->dispatch(Object(Zend_Controller_Request_Http), Object(Zend_Controller_Response_Http))
#1 C:\xampp\htdocs\zend_login\library\Zend\Controller\Front.php(212): Zend_Controller_Front->dispatch()
#2 C:\xampp\htdocs\zend_login\web_root\index.php(9): Zend_Controller_Front::run('/application/co...')
#3 {main}
Next exception 'Zend_Controller_Exception' with message 'Invalid controller specified (error)
#0 C:\xampp\htdocs\zend_login\library\Zend\Controller\Front.php(954): Zend_Controller_Dispatcher_Standard->dispatch(Object(Zend_Controller_Request_Http), Object(Zend_Controller_Response_Http))
#1 C:\xampp\htdocs\zend_login\library\Zend\Controller\Front.php(212): Zend_Controller_Front->dispatch()
#2 C:\xampp\htdocs\ in C:\xampp\htdocs\zend_login\library\Zend\Controller\Plugin\Broker.php on line 336
this is my index.php in web_root folder
<?php
error_reporting(E_ALL|E_STRICT);
ini_set('display_errors', true);
date_default_timezone_set('Europe/London');
$rootDir = dirname(dirname(__FILE__));
set_include_path($rootDir . '/library' . PATH_SEPARATOR . get_include_path());
$rootDir . '/library' . PATH_SEPARATOR . get_include_path();
require_once 'Zend/Controller/Front.php';
Zend_Controller_Front::run('/application/controllers');
?>
You have configured the error handler of Zend but there is no error handler controller. Your real problem should lie behind this.
Create a file ErrorController.php inside of your controllers directory with the following contents:
class ErrorController extends Zend_Controller_Action
{
/**
* Handles system errors and 404s
*/
public function errorAction()
{
$errors = $this->_getParam('error_handler');
switch ($errors->type) {
case Zend_Controller_Plugin_ErrorHandler::EXCEPTION_NO_ROUTE:
case Zend_Controller_Plugin_ErrorHandler::EXCEPTION_NO_CONTROLLER:
case Zend_Controller_Plugin_ErrorHandler::EXCEPTION_NO_ACTION:
// 404 error -- controller or action not found
$this->getResponse()->setHttpResponseCode(404);
$priority = Zend_Log::NOTICE;
$this->view->message = 'Page not found';
break;
default:
// application error
$this->getResponse()->setHttpResponseCode(500);
$priority = Zend_Log::CRIT;
$this->view->message = 'Application error';
break;
}
// Log exception, if logger available
if ($log = $this->getLog()) {
$log->log($this->view->message, $priority, $errors->exception);
$log->log('Request Parameters', $priority, $errors->request->getParams());
}
// conditionally display exceptions
if ($this->getInvokeArg('displayExceptions') == true) {
$this->view->exception = $errors->exception;
}
$this->view->request = $errors->request;
}
/**
* Get the log
*
* #return Zend_Log|false
*/
public function getLog()
{
$bootstrap = $this->getInvokeArg('bootstrap');
if (!$bootstrap->hasResource('Log')) {
return false;
}
$log = $bootstrap->getResource('Log');
return $log;
}
}
And the corresponding view views/error/error.phtml:
<h2><?php echo $this->message ?></h2>
<?php if (isset($this->exception)): ?>
<h3>Exception information:</h3>
<p>
<b>Message:</b> <?php echo $this->exception->getMessage() ?>
</p>
<h3>Stack trace:</h3>
<pre><?php echo $this->exception->getTraceAsString() ?></pre>
<h3>Request Parameters:</h3>
<pre><?php echo $this->escape(var_export($this->request->getParams(), true)) ?></pre>
This are more or less the defaults the Zend Framework scripts create on creation of a new project (They are modified a little since I do not have a clean version at the moment and no time to create a new project - But it should work.)
You may read more on the error handler here: http://framework.zend.com/manual/en/zend.controller.plugins.html#zend.controller.plugins.standard.errorhandler
In my admin module I have a controller called email and I want most actions to be accessible only by logged in admin user. However I want to one action to be accessible to anyone. (It's an email function that will be fired remotely via the URL.). At the moment I'm using Zend_Auth with Zend_Acl like this:
if ($request->getModuleName() == 'admin') {
// access resources (controllers)
$acl->addResource('index');
$acl->addResource('reports');
$acl->addResource('email');
$acl->addResource('error');
// access roles
$acl->addRole(new Zend_Acl_Role('visitor'));
$acl->addRole(new Zend_Acl_Role('user'));
$acl->addRole(new Zend_Acl_Role('admin'));
// access rules
$acl->deny('visitor');
$acl->deny('user');
$acl->allow('admin');
$resouce = $request->getControllerName();
$action = $request->getActionName();
$identity = $auth->getStorage()->read();
if (is_object($identity)) {
$role = $identity->role;
} else {
$role = 'visitor';
}
if (!$acl->isAllowed($role, $resouce, $action)) {
$request->setModuleName('default')
->setControllerName('auth')
->setActionName('login');
}
}
How do I alter the code above to allow 'visitor' to /admin/email/process action?
You can create a role hierarchy with Zend_Acl that will allow you to set a minimum role to acces a page, which can be accessed by anyone with role x or higher.
$acl->addRole(new Zend_Acl_Role('visitor'));
$acl->addRole(new Zend_Acl_Role('user'), 'visitor');
$acl->addRole(new Zend_Acl_Role('admin'), 'user');
This way, anyone with an admin role can have access to anything a visitor and a user has access.
You can also pass an arrayas parameter instead of a string.
For more info you can consult Zend framework official doc on ACL
This should do the trick:
$oAcl->allow('visitor','email','functionname');
//or if you want to do both visitor and user
$oAcl->allow(array('visitor','user'),'email','functionname');
Put this code after the access rules you've already written.