Example #1
0
    /**
     * @param string $param
     * @return bool
     */
    public static function testForSQLi($param)
    {
        static $instance;
        static $tests;
        if (!$instance) {
            $instance = new self(new wfWAFSQLiLexer());
        }
        if (!$tests) {
            // SQL statement and token count for lexer
            $tests = array(array('%s', 1), array('SELECT * FROM t WHERE i = %s ', 8), array("SELECT * FROM t WHERE i = '%s' ", 8), array('SELECT * FROM t WHERE i = "%s" ', 8), array('SELECT * FROM t WHERE i = (%s) ', 10), array("SELECT * FROM t WHERE i = ('%s') ", 10), array('SELECT * FROM t WHERE i = ("%s") ', 10), array('SELECT * FROM t WHERE i = ((%s)) ', 12), array("SELECT * FROM t WHERE i = (('%s')) ", 12), array('SELECT * FROM t WHERE i = (("%s")) ', 12), array('SELECT * FROM t WHERE i = (((%s))) ', 14), array("SELECT * FROM t WHERE i = ((('%s'))) ", 14), array('SELECT * FROM t WHERE i = ((("%s"))) ', 14), array('SELECT * FROM t WHERE i = %s and j = (1
) ', 14), array("SELECT * FROM t WHERE i = '%s' and j = (1\n) ", 14), array('SELECT * FROM t WHERE i = "%s" and j = (1
) ', 14), array('SELECT MATCH(t) AGAINST (%s) from t ', 11), array("SELECT MATCH(t) AGAINST ('%s') from t ", 11), array('SELECT MATCH(t) AGAINST ("%s") from t ', 11), array('SELECT * FROM (select %s) ', 7), array("SELECT * FROM (select '%s') ", 7), array('SELECT * FROM (select "%s") ', 7), array('SELECT * FROM (select (%s)) ', 9), array("SELECT * FROM (select ('%s')) ", 9), array('SELECT * FROM (select ("%s")) ', 9), array('SELECT * FROM (select ((%s))) ', 11), array("SELECT * FROM (select (('%s'))) ", 11), array('SELECT * FROM (select (("%s"))) ', 11), array('SELECT * FROM %s ', 4), array('INSERT INTO t (col) VALUES (%s) ', 10), array("INSERT INTO t (col) VALUES ('%s') ", 10), array('INSERT INTO t (col) VALUES ("%s") ', 10), array('UPDATE t1 SET col1 = %s ', 6), array('UPDATE t1 SET col1 = \'%s\' ', 6));
        }
        $lexerFlags = array(0, wfWAFSQLiLexer::FLAG_TOKENIZE_MYSQL_PORTABLE_COMMENTS);
        foreach ($lexerFlags as $flags) {
            foreach ($tests as $test) {
                //				$startTime = microtime(true);
                list($sql, $expectedTokenCount) = $test;
                try {
                    $instance->setFlags($flags);
                    $instance->setSubject(sprintf($sql, $param));
                    if ($instance->hasMoreThanNumTokens($expectedTokenCount) && $instance->evaluate() || $instance->hasMultiplePortableCommentVersions()) {
                        //						printf("%s took %f seconds\n", $sql, microtime(true) - $startTime);
                        return true;
                    }
                    //					printf("%s took %f seconds\n", $sql, microtime(true) - $startTime);
                } catch (wfWAFParserSyntaxError $e) {
                }
            }
        }
        return false;
    }
Example #2
0
 /**
  * @param  array $data
  * @return Group
  */
 public static function factory(array $data)
 {
     $group = new self();
     $group->setId($data['id']);
     $group->setOwner(Identity::parseJID($data['owner']));
     $creation = new DateTime();
     $creation->setTimestamp((int) $data['creation']);
     $group->setCreation($creation);
     $group->setSubject($data['subject']);
     return $group;
 }
Example #3
0
 /**
  * Creates an email instance from a registration object.
  *
  * @param  EventRegistration $registration
  * @return EventRegistrationDetailsEmail
  */
 public static function factory(EventRegistration $registration)
 {
     $email = new self();
     $siteconfig = SiteConfig::current_site_config();
     $email->setTo($registration->Email);
     $email->setSubject(sprintf('Registration Details For %s (%s)', $registration->Time()->EventTitle(), $siteconfig->Title));
     $email->populateTemplate(array('Registration' => $registration, 'SiteConfig' => $siteconfig));
     if ($generator = $registration->Time()->Event()->TicketGenerator) {
         $generator = new $generator();
         $path = $generator->generateTicketFileFor($registration);
         $name = $generator->getTicketFilenameFor($registration);
         $mime = $generator->getTicketMimeTypeFor($registration);
         if ($path) {
             $email->attachFile($path, $name, $mime);
         }
     }
     singleton(get_class())->extend('updateEmail', $email, $registration);
     return $email;
 }
Example #4
0
 /**
  * @param array $recipient Recipient e-mail address
  * @param string $subject E-mail subject
  * @param string $body Message body
  * @param bool $html - HTML mail or plain text
  * @param array $replyto Reply to email address
  * @param array $cc CC e-mail address
  * @param array $bcc BCC e-mail address
  * @param string $attachment Attachment file name
  * @param array $cert - pem certificate
  * @param array $from - array( from, fromname )
  * @internal param array $replytoname Reply to name
  * @return boolean True on success
  */
 public static function SpSendMail($recipient, $subject, $body, $html = false, $replyto = null, $cc = null, $bcc = null, $attachment = null, $cert = null, $from = null)
 {
     $from = is_array($from) ? $from : array(Sobi::Cfg('mail.from'), Sobi::Cfg('mail.fromname'));
     $mail = new self();
     $mail->setSender($from);
     $mail->setSubject($subject);
     $mail->setBody($body);
     if ($html) {
         $mail->IsHTML(true);
     }
     if ($cert) {
         $mail->Sign($cert['certificate'], $cert['key'], $cert['password']);
     }
     $mail->addRecipient($recipient);
     $mail->addCC($cc);
     $mail->addBCC($bcc);
     $mail->addAttachment($attachment);
     $mail->addReplyTo($replyto);
     return $mail->Send();
 }
Example #5
0
 /**
  * Sets the Mail Headers
  * @param Object $result
  * @return self
  */
 static function parseOverview($result)
 {
     $instance = new self();
     $instance->setSubject($result->subject);
     $instance->setFrom($result->from);
     $instance->setDate($result->date);
     $instance->setRead($result->seen);
     $instance->setMsgNo($result->msgno);
     return $instance;
 }
Example #6
0
 static function send($to, $subject, $msg, $attach = '', $attachFilename = '')
 {
     $e = new self();
     $e->setFrom(ini::get('email-address'), ini::get('email-name'));
     $e->setTo($to);
     $e->setSubject($subject);
     $e->setBody($msg);
     if (strlen($attach)) {
         $e->attach($attach, strlen($attachFilename) ? $attachFilename : 'attachment-1');
     }
     return $e->mail();
 }
Example #7
0
 public static function sendMailS($sender, $receiver, $subject, $body, $html = false, $resendCheck = false)
 {
     $mail = new self();
     $mail->setSender($sender);
     $mail->setReceiver($receiver);
     $mail->setSubject($subject);
     $mail->setBody($body);
     $mail->setResendCheck($resendCheck);
     return false === $html ? $mail->sendAsText() : $mail->sendAsHTML();
 }
Example #8
0
File: Mail.php Project: vakata/mail 
 /**
  * Create an instance from a stringified mail.
  * @param  string     $str the mail string
  * @return \vakata\mail\Mail          the mail instance
  */
 public static function fromString($mail)
 {
     $rtrn = new self();
     $mail = $rtrn->parseParts($mail);
     foreach ($mail['head'] as $k => $v) {
         switch (strtolower($k)) {
             case 'to':
                 $rtrn->setTo($v);
                 break;
             case 'cc':
                 $rtrn->setCc($v);
                 break;
             case 'bcc':
                 $rtrn->setBcc($v);
                 break;
             case 'from':
                 $rtrn->setFrom($v);
                 break;
             case 'subject':
                 $rtrn->setSubject($v);
                 break;
             default:
                 $rtrn->setHeader($k, $v);
                 break;
         }
     }
     $rtrn->processPart($mail);
     return $rtrn;
 }