public function execute() { if (Session::get_state() != Session::ST_LIFE) { self::set_client_command('refresh', array('url' => 'self')); self::set_result(FALSE); return; } if (strlen($this->message) > 65000) { throw new Command_exception('text length error', get_string('errors', 'text_length_error')); } $captcha_lib = Loader::get_library('captcha'); if (!$captcha_lib->check($this->captcha)) { throw new Command_exception('captcha error', get_string('errors', 'captcha_error')); } require_once BASEPATH . 'global/cache.php'; $query = array(); $query['%text'] = Security::sanitize_text($this->message); $query['%name'] = Security::sanitize_text($this->name); $query['%email'] = Security::sanitize_text($this->email); $query['%quote_id'] = intval($this->quote_id); $query['%page'] = Cache::generate_key(TRUE); $query['%avatar'] = abs(crc32($this->email)) % self::AVATAR_COUNT; foreach ($query as $key => $value) { if (!in_array($key, array('%quote_id', '%avatar')) and empty($value)) { throw new Command_exception('empty text error', get_string('errors', 'empty_field')); } } db::simple_query(self::Q_SET_COMMENT, $query, TRUE); Cache::reset($query['%page']); self::set_client_command('refresh', array('url' => 'self')); }
public function execute() { if (Session::get_state() != Session::ST_LIFE) { self::set_client_command('refresh', array('url' => 'self')); self::set_result(FALSE); return; } $additionally = Buffer::get(Identification_strategy::USER_TYPE) == User::T_ALL ? '' : 'AND `type` = "' . Buffer::get(Identification_strategy::USER_TYPE) . '"'; $pass_hash_lib = Loader::get_library('pass_hash'); $captcha_lib = Loader::get_library('captcha'); $login = db::escape_string($this->login); $row = db::row(self::Q_GET_USER_BY_NAME, array('%login' => $login, '%additionally' => $additionally)); $this->remember = (bool) $this->remember; if (empty($row)) { Security::set_ip_violation(); throw new Command_exception(NULL, 'Введённый логин - не существует!'); } if (!$captcha_lib->check($this->captcha)) { Security::set_ip_violation(); throw new Command_exception(NULL, 'Введён неправильный проверочный код!'); } if (!$pass_hash_lib->check_password($row['password'], $this->password)) { Security::set_ip_violation(); throw new Command_exception(NULL, 'Введён неправильный пароль!'); } //SELECT DATA_FREE FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_SCHEMA='db_test' AND TABLE_NAME = 'log_error' Session::set_user($row['id'], $this->remember); $user = Loader::get_user(); $secret_key = $user->get_module('secret_key')->regenerate_secret_key(); self::set_client_command('set_secret_key', array('secretKey' => $secret_key)); self::set_client_command('refresh', array('url' => 'self')); }