Samuel Georges
parent
680887f452
commit
f1aa720086
|
|
@ -251,6 +251,19 @@ return [
|
|||
|
||||
'defaultMask' => ['file' => null, 'folder' => null],
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Safe Mode
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| If safe mode is enabled, the PHP code section is disabled in the CMS
|
||||
| for security reasons. If set to null, safe mode is on when debug mode
|
||||
| (app.debug) is disabled.
|
||||
|
|
||||
*/
|
||||
|
||||
'enableSafeMode' => null,
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Cross Site Request Forgery (CSRF) Protection
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
<?php namespace Cms\Classes;
|
||||
|
||||
use Ini;
|
||||
use Lang;
|
||||
use Cache;
|
||||
use Config;
|
||||
use Cms\Twig\Loader as TwigLoader;
|
||||
|
|
@ -8,6 +9,7 @@ use Cms\Twig\Extension as CmsTwigExtension;
|
|||
use System\Twig\Extension as SystemTwigExtension;
|
||||
use October\Rain\Halcyon\Processors\SectionParser;
|
||||
use Twig_Environment;
|
||||
use ApplicationException;
|
||||
|
||||
/**
|
||||
* This is a base class for CMS objects that have multiple sections - pages, partials and layouts.
|
||||
|
|
@ -87,6 +89,15 @@ class CmsCompoundObject extends CmsObject
|
|||
$this->parseSettings();
|
||||
}
|
||||
|
||||
/**
|
||||
* Triggered when the model is saved.
|
||||
* @return void
|
||||
*/
|
||||
public function beforeSave()
|
||||
{
|
||||
$this->checkSafeMode();
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new Collection instance.
|
||||
*
|
||||
|
|
@ -123,6 +134,23 @@ class CmsCompoundObject extends CmsObject
|
|||
$this->fillViewBagArray();
|
||||
}
|
||||
|
||||
/**
|
||||
* This method checks if safe mode is enabled by config, and the code
|
||||
* attribute is modified and populated. If so an exception is thrown.
|
||||
* @return void
|
||||
*/
|
||||
protected function checkSafeMode()
|
||||
{
|
||||
$safeMode = Config::get('cms.enableSafeMode', false);
|
||||
if ($safeMode === null) {
|
||||
$safeMode = !Config::get('app.debug', false);
|
||||
}
|
||||
|
||||
if ($safeMode && $this->isDirty('code') && strlen(trim($this->code))) {
|
||||
throw new ApplicationException(Lang::get('cms::lang.cms_object.safe_mode_enabled'));
|
||||
}
|
||||
}
|
||||
|
||||
//
|
||||
// Components
|
||||
//
|
||||
|
|
|
|||
|
|
@ -10,7 +10,8 @@ return [
|
|||
'invalid_file_extension'=>'Invalid file extension: :invalid. Allowed extensions are: :allowed.',
|
||||
'error_deleting' => "Error deleting the template file ':name'. Please check write permissions.",
|
||||
'delete_success' => 'Templates were successfully deleted: :count.',
|
||||
'file_name_required' => 'The File Name field is required.'
|
||||
'file_name_required' => 'The File Name field is required.',
|
||||
'safe_mode_enabled' => 'Safe mode is currently enabled.',
|
||||
],
|
||||
'theme' => [
|
||||
'not_found_name' => "The theme ':name' is not found.",
|
||||
|
|
|
|||
Loading…
Reference in New Issue