get_site_secret PHP Code-Beispiele

Beispiel #1

0

Datei anzeigen

Datei: start.php Projekt: summer11123/GDocs-File-Previewer

function gdocs_file_previewer_get_token($file, $timestamp)
{
    if (!elgg_instanceof($file) || !is_numeric($timestamp)) {
        return false;
    }
    $secret = get_site_secret();
    return sha1($file->guid . $secret . $timestamp);
}

Beispiel #2

0

Datei anzeigen

Datei: start.php Projekt: ewinslow/image_proxy

function get_token($url)
{
    if (elgg_get_config('image_proxy_secret')) {
        $site_secret = elgg_get_config('image_proxy_secret');
    } else {
        $site_secret = get_site_secret();
    }
    return md5($site_secret . $url);
}

Beispiel #3

0

Datei anzeigen

Datei: functions.php Projekt: lorea/Hydra-dev

/**
 * Generate a validation token
 *
 * @param string $type      what kind of token
 * @param int    $user_guid the user_guid to generate for
 *
 * @return bool|string
 */
function acount_removal_generate_confirm_token($type, $user_guid)
{
    $result = false;
    if (!empty($user_guid) && ($user = get_user($user_guid)) && in_array($type, array("remove", "disable"))) {
        $site_secret = get_site_secret();
        $user_salt = $user->salt;
        $result = md5($site_secret . $user_guid . $type . $user_salt);
    }
    return $result;
}

Beispiel #4

0

Datei anzeigen

Datei: functions.php Projekt: coldtrick/admin_tools

/**
 * Create a secret code to toggle admin/normal user
 *
 * @param ElggUser $user the user to create the secret for (default: current user)
 *
 * @return false|string
 */
function admin_tools_make_switch_admin_secret(ElggUser $user = null)
{
    // no param, check current logged in user
    if (empty($user)) {
        $user = elgg_get_logged_in_user_entity();
    }
    // no user to check
    if (!$user instanceof ElggUser) {
        return false;
    }
    return hash_hmac('sha256', $user->time_created, get_site_secret());
}

Beispiel #5

0

Datei anzeigen

Datei: SiteSecret.php Projekt: gzachos/elgg_ellak

 /**
  * Get the strength of the site secret
  *
  * @return string "strong", "moderate", or "weak"
  * @access private
  */
 function getStrength()
 {
     $secret = get_site_secret();
     if ($secret[0] !== 'z') {
         $rand_max = getrandmax();
         if ($rand_max < pow(2, 16)) {
             return 'weak';
         }
         if ($rand_max < pow(2, 32)) {
             return 'moderate';
         }
     }
     return 'strong';
 }

Beispiel #6

0

Datei anzeigen

Datei: Resources.php Projekt: justangel/hypeScraper

 public function getThumbUrl($url = '', $handle = null)
 {
     $data = $this->resourceCache->get($url, $handle);
     if (!empty($data['thumb_cache'])) {
         $uid = md5($url);
         $path = "scraper_cache/thumbs/{$uid}.{$handle}.jpg";
         $dir = elgg_get_site_entity()->guid;
         $dir_tc = elgg_get_site_entity()->time_created;
         $query = serialize(array('uid' => $uid, 'path' => $path, 'd' => $dir, 'dts' => $dir_tc, 'ts' => $data['thumb_cache'], 'mac' => hash_hmac('sha256', $uid . $path, get_site_secret())));
         $icon_url = elgg_http_add_url_query_elements('/mod/hypeApps/servers/icon.php', array('q' => base64_encode($query)));
     } else {
         if (!empty($data['thumbnail_url'])) {
             $icon_url = $data['thumbnail_url'];
         } else {
             $icon_url = '/mod/hypeScraper/graphics/placeholder.png';
         }
     }
     return elgg_normalize_url($icon_url);
 }

Beispiel #7

0

Datei anzeigen

Datei: functions.php Projekt: remy40/gvrs

function group_tools_invite_email(ElggGroup $group, $email, $text = "", $resend = false)
{
    $result = false;
    if (!empty($group) && $group instanceof ElggGroup && !empty($email) && is_email_address($email) && ($loggedin_user = elgg_get_logged_in_user_entity())) {
        // get site secret
        $site_secret = get_site_secret();
        // generate invite code
        $invite_code = md5($site_secret . $email . $group->getGUID());
        if (!group_tools_check_group_email_invitation($invite_code, $group->getGUID()) || $resend) {
            // make site email
            $site = elgg_get_site_entity();
            if (!empty($site->email)) {
                if (!empty($site->name)) {
                    $site_from = $site->name . " <" . $site->email . ">";
                } else {
                    $site_from = $site->email;
                }
            } else {
                // no site email, so make one up
                if (!empty($site->name)) {
                    $site_from = $site->name . " <noreply@" . get_site_domain($site->getGUID()) . ">";
                } else {
                    $site_from = "noreply@" . get_site_domain($site->getGUID());
                }
            }
            if (!$resend) {
                // register invite with group
                $group->annotate("email_invitation", $invite_code, ACCESS_LOGGED_IN, $group->getGUID());
            }
            // make subject
            $subject = elgg_echo("group_tools:groups:invite:email:subject", array($group->name));
            // make body
            $body = elgg_echo("group_tools:groups:invite:email:body", array($loggedin_user->name, $group->name, $site->name, $text, $site->name, elgg_get_site_url() . "register", elgg_get_site_url() . "groups/invitations/?invitecode=" . $invite_code, $invite_code));
            $result = elgg_send_email($site_from, $email, $subject, $body);
        } else {
            $result = null;
        }
    }
    return $result;
}

Beispiel #8

0

Datei anzeigen

Datei: start.php Projekt: brettp/elgg-registration-randomizer

/**
 * Hashes the site secret, UA, and a ts.
 *
 * @return mixed A token if time or req is passed, and array of info if not
 */
function registration_randomizer_generate_token($passed_time = null, $passed_req = null)
{
    if ($passed_time === null) {
        $ts = time();
    } else {
        $ts = $passed_time;
    }
    if ($passed_req === null) {
        $req = $_SERVER;
    } else {
        $req = $passed_req;
    }
    $str = get_site_secret();
    $str .= filter_input(INPUT_SERVER, 'HTTP_USER_AGENT');
    $str .= filter_input(INPUT_SERVER, 'REMOTE_ADDR', FILTER_VALIDATE_IP);
    $str .= $ts;
    $token = md5($str);
    if ($passed_time === null && $passed_req === null) {
        return array('ts' => $ts, 'token' => $token, 'req' => $req);
    } else {
        return $token;
    }
}

Beispiel #9

0

Datei anzeigen

Datei: start.php Projekt: sh3llc0de/elgg-siteaccess

function siteaccess_generate_captcha($num)
{
    global $CONFIG;
    $date = date("F j");
    $tmp = hexdec(md5($num . $date . $CONFIG->site->url . get_site_secret()));
    $code = substr($tmp, 4, 6);
    return $code;
}

Beispiel #10

0

Datei anzeigen

Datei: actions.php Projekt: nachopavon/Elgg

/**
 * Generate an action token.
 *
 * Action tokens are based on timestamps as returned by {@link time()}.
 * They are valid for one hour.
 *
 * Action tokens should be passed to all actions name __elgg_ts and __elgg_token.
 *
 * @warning Action tokens are required for all actions.
 *
 * @param int $timestamp Unix timestamp
 *
 * @see @elgg_view input/securitytoken
 * @see @elgg_view input/form
 * @example actions/manual_tokens.php
 *
 * @return string|false
 * @access private
 */
function generate_action_token($timestamp)
{
    $site_secret = get_site_secret();
    $session_id = session_id();
    // Session token
    $st = $_SESSION['__elgg_session'];
    if ($site_secret && $session_id) {
        return md5($site_secret . $timestamp . $session_id . $st);
    }
    return FALSE;
}

Beispiel #11

0

Datei anzeigen

Datei: start.php Projekt: pleio/tidypics

/**
 * Work around for Flash/session issues
 *
 * Catches Elgg attempting to forward the Flash uploader because it doesn't
 * have a session cookie. Instead manually runs the action.
 *
 * @param string $hook   The name of the hook
 * @param string $type   The type of the hook
 * @param string $value  Location being forwarded to
 * @param array  $params Parameters related to the forward() call
 * @return void
 */
function tidypics_ajax_session_handler($hook, $type, $value, $params)
{
    $www_root = elgg_get_config('wwwroot');
    $url = $params['current_url'];
    if ($url !== "{$www_root}action/photos/image/ajax_upload") {
        return;
    }
    if (elgg_get_logged_in_user_guid() != 0) {
        return;
    }
    // action_gatekeeper rejected ajax call from Flash due to session issue
    // Validate token
    $token = get_input('__elgg_token');
    $ts = get_input('__elgg_ts');
    $session_id = get_input('Elgg');
    $session_token = get_input('session_token');
    $tidypics_token = get_input('tidypics_token');
    $user_guid = get_input('user_guid');
    $user = get_user($user_guid);
    $timeout = elgg_get_config('action_token_timeout');
    if (!$timeout) {
        $timeout = 2;
    }
    if (!$user) {
        trigger_error('Tidypics warning: failed to get user in flash uploader', E_USER_WARNING);
        return;
    }
    if (!$token || !$ts || !$session_id || !$tidypics_token) {
        trigger_error('Tidypics warning: token information missing in flash uploader', E_USER_WARNING);
        return;
    }
    $hour = 60 * 60;
    $now = time();
    if ($ts < $now - $hour || $ts > $now + $hour) {
        trigger_error('Tidypics warning: failed time check in flash uploader', E_USER_WARNING);
        return;
    }
    $generated_token = md5($session_id . get_site_secret() . $ts . $user->salt);
    if ($tidypics_token !== $generated_token) {
        trigger_error('Tidypics warning: token check failed in flash uploader', E_USER_WARNING);
        return;
    }
    // passed token test, so login and process action
    login($user);
    $actions = elgg_get_config('actions');
    include $actions['photos/image/ajax_upload']['file'];
    exit;
}

Beispiel #12

0

Datei anzeigen

Datei: UserManagement.php Projekt: amcfarlane1251/ongarde

 private function generateCode($userGuid, $email, $date)
 {
     return md5($userGuid . $email . $date . elgg_get_site_url() . get_site_secret());
 }

Beispiel #13

0

Datei anzeigen

Datei: start.php Projekt: adamboardman/Elgg

/**
 * Generate an email activation code.
 *
 * @param int $user_guid The guid of the user
 * @param string $email_address Email address
 * @return string
 */
function uservalidationbyemail_generate_code($user_guid, $email_address)
{
    global $CONFIG;
    // Note I bind to site URL, this is important on multisite!
    return md5($user_guid . $email_address . $CONFIG->site->url . get_site_secret());
}

Beispiel #14

0

Datei anzeigen

Datei: functions.php Projekt: pleio/group_tools

/**
 * Generate a unique code to be used in email invitations
 *
 * @param int    $group_guid the group GUID
 * @param string $email      the email address
 *
 * @return boolean|string the invite code, or false on failure
 */
function group_tools_generate_email_invite_code($group_guid, $email)
{
    $result = false;
    if (!empty($group_guid) && !empty($email)) {
        // get site secret
        $site_secret = get_site_secret();
        // generate code
        $result = md5($site_secret . strtolower($email) . $group_guid);
    }
    return $result;
}

Beispiel #15

0

Datei anzeigen

Datei: Event.php Projekt: pleio/event_manager

 /**
  * Notifies an user of the RSVP
  *
  * @param string $type type of the RSVP
  * @param string $to   guid of the user
  *
  * @return void
  */
 public function notifyOnRsvp($type, $to = null)
 {
     $ia = elgg_set_ignore_access(true);
     if ($to === null) {
         $to = elgg_get_logged_in_user_guid();
     }
     $to_entity = get_entity($to);
     if (empty($to_entity)) {
         elgg_set_ignore_access($ia);
         return;
     }
     // can we make nice links in the emails
     $html_email_handler_enabled = elgg_is_active_plugin("html_email_handler");
     // do we have a registration link
     $registrationLink = "";
     $unsubscribeLink = "";
     if ($type == EVENT_MANAGER_RELATION_ATTENDING) {
         if ($this->registration_needed) {
             $link = elgg_get_site_url() . 'events/registration/view/?guid=' . $this->getGUID() . '&u_g=' . $to . '&k=' . md5($this->time_created . get_site_secret() . $to);
             $registrationLink = PHP_EOL . PHP_EOL;
             $registrationLink .= elgg_echo('event_manager:event:registration:notification:program:linktext');
             $registrationLink .= PHP_EOL . PHP_EOL;
             if ($html_email_handler_enabled) {
                 $registrationLink .= elgg_view("output/url", array("text" => $link, "href" => $link));
             } else {
                 $registrationLink .= $link;
             }
         }
         if ($this->register_nologin) {
             $link = elgg_get_site_url() . "events/unsubscribe/" . $this->getGUID() . "/" . elgg_get_friendly_title($this->title) . "?e=" . $to_entity->email;
             $unsubscribeLink = PHP_EOL . PHP_EOL;
             $unsubscribeLink .= elgg_echo('event_manager:event:registration:notification:unsubscribe:linktext');
             $unsubscribeLink .= PHP_EOL . PHP_EOL;
             if ($html_email_handler_enabled) {
                 $unsubscribeLink .= elgg_view("output/url", array("text" => $link, "href" => $link));
             } else {
                 $unsubscribeLink .= $link;
             }
         }
     }
     // make the event title for in the e-mail
     if ($html_email_handler_enabled) {
         $event_title_link = elgg_view("output/url", array("text" => $this->title, "href" => $this->getURL()));
     } else {
         $event_title_link = $this->title;
     }
     // notify the owner of the event
     $this->notifyOwnerOnRSVP($type, $to_entity, $event_title_link, $registrationLink);
     // notify the attending user
     $user_subject = elgg_echo('event_manager:event:registration:notification:user:subject');
     $user_message = elgg_echo('event_manager:event:registration:notification:user:text:' . $type, array($to_entity->name, $event_title_link));
     $user_message .= $registrationLink;
     $user_message .= $unsubscribeLink;
     if ($to_entity instanceof ElggUser) {
         // use notification system for real users
         notify_user($to, $this->getOwnerGUID(), $user_subject, $user_message);
     } else {
         // send e-mail for non users
         $to_email = $to_entity->name . "<" . $to_entity->email . ">";
         $site = elgg_get_site_entity($this->site_guid);
         if ($site->email) {
             if ($site->name) {
                 $site_from = $site->name . " <" . $site->email . ">";
             } else {
                 $site_from = $site->email;
             }
         } else {
             // no site email, so make one up
             if ($site->name) {
                 $site_from = $site->name . " <noreply@" . $site->getDomain() . ">";
             } else {
                 $site_from = "noreply@" . $site->getDomain();
             }
         }
         elgg_send_email($site_from, $to_email, $user_subject, $user_message);
     }
     elgg_set_ignore_access($ia);
 }

Beispiel #16

0

Datei anzeigen

Datei: ajax_upload.php Projekt: rijojoy/MyIceBerg

<?php

/**
 * Tidypics ajax upload form body
 *
 * @uses $vars['entity']
 */
$album = $vars['entity'];
$ts = time();
$batch = time();
$tidypics_token = md5(session_id() . get_site_secret() . $ts . elgg_get_logged_in_user_entity()->salt);
$basic_uploader_url = current_page_url() . '/basic';
$maxfilesize = (double) elgg_get_plugin_setting('maxfilesize', 'tidypics');
if (!$maxfilesize) {
    $maxfilesize = 5;
}
$quota = elgg_get_plugin_setting('quota', 'tidypics');
if ($quota) {
    $image_repo_size_md = get_metadata_byname($album->container_guid, "image_repo_size");
    $image_repo_size = (int) $image_repo_size_md->value;
    $image_repo_size = $image_repo_size / 1024 / 1024;
    $quote_percentage = round(100 * ($image_repo_size / $quota));
    // for small quotas, so one decimal place
    if ($quota < 10) {
        $image_repo_size = sprintf('%.1f', $image_repo_size);
    } else {
        $image_repo_size = round($image_repo_size);
    }
    if ($image_repo_size > $quota) {
        $image_repo_size = $quota;
    }

Beispiel #17

0

Datei anzeigen

Datei: functions.php Projekt: lorea/Hydra-dev

/**
 * Generates a Single Sign On secret for a give user
 *  
 * @param ElggUser $user      user to generate the secret for
 * @param int      $timestamp timestamp to limit the durability of the secret
 * 
 * @return boolean|string
 */
function ws_pack_generate_sso_secret(ElggUser $user, $timestamp)
{
    static $running_cache;
    $result = false;
    if (!empty($user) && elgg_instanceof($user, "user", null, "ElggUser")) {
        if (!isset($running_cache)) {
            $running_cache = array();
        }
        if (!isset($running_cache[$user->getGUID()])) {
            $running_cache[$user->getGUID()] = md5($user->getGUID() . get_site_secret() . $user->salt . $timestamp);
        }
        $result = $running_cache[$user->getGUID()];
    }
    return $result;
}

Beispiel #18

0

Datei anzeigen

Datei: notify.php Projekt: pingwangcs/51zhaohu

function zhaohuEmailUnsubEnd($group, $user_guid, $is_notificiation, $from_group)
{
    $end = '<div style="clear:both;background:#ececec;text-align:center;margin-top:20px;border-top:solid 10px #ececec;border-bottom:solid 10px #ececec">' . '<div style="width:94%;margin:0 auto;border-left:solid 10px #ececec;border-right:solid 10px #ececec;min-width:220px;max-width:600px;text-align:left;font-family:arial;color:#333;font-size:12px;line-height:14px">';
    if ($is_notificiation) {
        if ($from_group) {
            $unsub = elgg_get_site_url() . "zhgroups/emUnsub?guid=" . $group->guid . "&user="******"&k=" . md5($group->time_created . get_site_secret() . $user_guid);
            $end .= '<p style="margin:0 0 .25em;color:#333"><a href="' . $unsub . '" style="color:#ccc;text-decoration:underline" target="_blank">' . elgg_echo('zhgroups:mail:unsub1') . '</a> ' . elgg_echo('zhgroups:mail:unsub2') . '</p>';
        }
        $end .= '<p style="margin:0 0 .25em;color:#333">' . elgg_echo('zhgroups:unsub:site') . '</p>';
    }
    $end .= '<p style="margin:0 0 .25em;color:#333">' . elgg_echo('51zhaohu') . ': http://51zhaohu.com</p></div></div>';
    return zhaohuEmailSupport() . zhaohuEmailSocialButtons() . $end;
}

Beispiel #19

0

Datei anzeigen

Datei: functions.php Projekt: pleio/newsletter

/**
 * Generate a unsubscribe code to be used in validation
 *
 * @param ElggEntity $container Which newsletter container (ElggSite or ElggGroup)
 * @param string|int $recipient The user_guid or email address of the recipient
 *
 * @return bool|string The unsubscribe code or false on failure
 */
function newsletter_generate_unsubscribe_code(ElggEntity $container, $recipient)
{
    $result = false;
    if (!empty($container) && (elgg_instanceof($container, "site") || elgg_instanceof($container, "group")) && !empty($recipient)) {
        // make sure we have a user_guid or email address
        if (is_numeric($recipient) || newsletter_is_email_address($recipient)) {
            $plugin = elgg_get_plugin_from_id("newsletter");
            $result = hash_hmac("sha256", $container->getGUID() . "|" . $recipient . "|" . $plugin->time_created, get_site_secret());
        }
    }
    return $result;
}

Beispiel #20

0

Datei anzeigen

Datei: start.php Projekt: beck24/elgg_copy

function generate_key()
{
    $secret = get_site_secret();
    return sha1(microtime(true) . $secret);
}

Beispiel #21

0

Datei anzeigen

Datei: Hasher.php Projekt: n8b/VMN

 /**
  * Create unqiue hash and store it in the database
  * @return string Hash
  */
 public function save()
 {
     $url = sanitize_string($this->url);
     $hash = sanitize_string($this->hash);
     $time_created = sanitize_int($this->time_created);
     $meta = !is_string($this->meta) ? json_encode($this->meta) : $this->meta;
     $meta = sanitize_string($meta);
     if (!$this->id) {
         $query = "INSERT INTO {$this->dbprefix}url_meta_cache (long_url, hash, meta, time_created)\n\t\t\t\t\tVALUES ('{$url}','{$hash}','{$meta}',{$time_created})\n\t\t\t\t\t\tON DUPLICATE KEY UPDATE long_url='{$url}',meta='{$meta}'";
         $id = insert_data($query);
         $this->id = $id;
         $hashids = new Hashids(get_site_secret());
         $hash = $hashids->encode($id, $this->time_created);
         $query = "UPDATE LOW_PRIORITY {$this->dbprefix}url_meta_cache\n\t\t\t\t\tSET hash = '{$hash}' WHERE id = {$id}";
         update_data($query);
     } else {
         $query = "UPDATE {$this->dbprefix}url_meta_cache SET meta='{$meta}'\n\t\t\t\t\t\tWHERE id='{$this->id}'";
     }
     self::$cache[$this->url] = array('id' => $this->id, 'hash' => $this->hash, 'meta' => $this->meta, 'time_created' > $this->time_created);
     return $hash;
 }

Beispiel #22

0

Datei anzeigen

Datei: functions.php Projekt: pleio/event_manager

/**
 * Creates an unsubscribe code
 * 
 * @param EventRegistration $registration registration object
 * @param Event             $event        event
 * 
 * @return false|string
 */
function event_manager_create_unsubscribe_code(EventRegistration $registration, Event $event = null)
{
    $result = false;
    if (!empty($registration) && elgg_instanceof($registration, "object", EventRegistration::SUBTYPE)) {
        if (empty($event) || !elgg_instanceof($event, "object", Event::SUBTYPE)) {
            $event = $registration->getOwnerEntity();
        }
        $site_secret = get_site_secret();
        $result = md5($registration->getGUID() . $site_secret . $event->time_created);
    }
    return $result;
}

Beispiel #23

0

Datei anzeigen

Datei: view.php Projekt: pleio/event_manager

$guid = get_input("guid");
$user_guid = get_input('u_g', elgg_get_logged_in_user_guid());
$event = null;
if ($guid && ($entity = get_entity($guid))) {
    if ($entity instanceof Event) {
        $event = $entity;
    }
}
$output = "";
if ($event) {
    // @todo move to menu hook
    $save_to_pdf_options = array("name" => "save_to_pdf", "text" => elgg_echo('event_manager:registration:view:savetopdf'), "link_class" => "elgg-button elgg-button-action", "href" => "action/event_manager/registration/pdf?k=" . md5($event->time_created . get_site_secret() . $user_guid) . "&guid=" . $guid . "&u_g=" . $user_guid, "is_action" => true);
    elgg_register_menu_item("title", ElggMenuItem::factory($save_to_pdf_options));
}
if ($event && !empty($key)) {
    $tempKey = md5($event->time_created . get_site_secret() . $user_guid);
    if ($tempKey == $key && get_entity($user_guid)) {
        $title_text = elgg_echo('event_manager:registration:registrationto') . " '" . $event->title . "'";
        $old_ia = elgg_set_ignore_access(true);
        $output .= elgg_view('event_manager/event/pdf', array('entity' => $event));
        $output .= $event->getRegistrationData($user_guid);
        if ($event->with_program) {
            $output .= $event->getProgramData($user_guid);
        }
        elgg_set_ignore_access($old_ia);
        elgg_push_breadcrumb($event->title, $event->getURL());
        elgg_push_breadcrumb($title_text);
        $body = elgg_view_layout('content', array('filter' => '', 'content' => $output, 'title' => $title_text));
        echo elgg_view_page($title_text, $body);
    } else {
        forward("events");

Beispiel #24

0

Datei anzeigen

Datei: ActionsService.php Projekt: tjcaverly/Elgg

 /**
  * @see generate_action_token
  * @access private
  */
 public function generateActionToken($timestamp)
 {
     $site_secret = get_site_secret();
     $session_id = _elgg_services()->session->getId();
     // Session token
     $st = _elgg_services()->session->get('__elgg_session');
     if ($site_secret && $session_id) {
         return md5($site_secret . $timestamp . $session_id . $st);
     }
     return false;
 }

Beispiel #25

0

Datei anzeigen

Datei: actions.php Projekt: portokallidis/Metamorphosis-Meducator

/**
 * Generate a token for the current user suitable for being placed in a hidden field in action forms.
 * 
 * @param int $timestamp Unix timestamp
 */
function generate_action_token($timestamp)
{
    // Get input values
    $site_secret = get_site_secret();
    // Current session id
    $session_id = session_id();
    // Get user agent
    $ua = $_SERVER['HTTP_USER_AGENT'];
    // Session token
    $st = $_SESSION['__elgg_session'];
    if ($site_secret && $session_id) {
        return md5($site_secret . $timestamp . $session_id . $ua . $st);
    }
    return false;
}

Beispiel #26

0

Datei anzeigen

Datei: IconFactory.php Projekt: n8b/VMN

 /**
  * Prepares a URL that can be used to display an icon bypassing the engine boot
  *
  * @param \ElggEntity $entity Entity
  * @param string      $size   Size
  * @return \ElggFile
  */
 public function getURL(\ElggEntity $entity, $size = '')
 {
     $icon = $this->getIconFile($entity, $size);
     $key = get_site_secret();
     $guid = $entity->guid;
     $path = $icon->getFilename();
     $hmac = hash_hmac('sha256', $guid . $path, $key);
     $query = serialize(array('uid' => $guid, 'd' => $entity instanceof \ElggUser ? $entity->guid : $entity->owner_guid, 'dts' => $entity instanceof \ElggUser ? $entity->time_created : $entity->getOwnerEntity()->time_created, 'path' => $path, 'ts' => $entity->icontime, 'mac' => $hmac));
     $url = elgg_http_add_url_query_elements('mod/hypeApps/servers/icon.php', array('q' => base64_encode($query)));
     return elgg_normalize_url($url);
 }

Beispiel #27

0

Datei anzeigen

Datei: login.php Projekt: pleio/subsite_manager

                } elseif (subsite_manager_simplesaml_check_auto_create_account($source, $saml_attributes)) {
                    // we have enough information to create the account so let's do that
                    $forward_url = "action/simplesaml/register?saml_source=" . $source;
                    $forward_url = elgg_add_action_tokens_to_url($forward_url);
                } else {
                    // no user found, so forward to a different page
                    $forward_url = "saml/no_linked_account/" . $source;
                    system_message(elgg_echo("simplesaml:login:no_linked_account", array($label)));
                }
            }
            // restore hidden settings
            access_show_hidden_entities($hidden);
        }
        // 			} else {
        // 				register_error(elgg_echo("simplesaml:error:source_not_enabled", array($label)));
        // 			}
    } else {
        register_error(elgg_echo("simplesaml:error:no_source"));
    }
} elseif ($returnTo = get_input("from")) {
    $url_parts = parse_url($returnTo);
    $site_secret = get_site_secret();
    $host = $url_parts["host"];
    $session_id = session_id();
    $ts = time();
    $validate = md5($session_id . $site_secret . $ts . $host);
    $forward_url = $returnTo . "?sid=" . base64_encode($session_id) . "&ts=" . $ts . "&validate=" . $validate;
} else {
    register_error(elgg_echo("simplesaml:error:loggedin"));
}
forward($forward_url);

Beispiel #28

0

Datei anzeigen

Datei: functions.php Projekt: tjcaverly/Elgg

/**
 * Generate an email activation code.
 *
 * @param int    $user_guid     The guid of the user
 * @param string $email_address Email address
 * @return string
 */
function uservalidationbyemail_generate_code($user_guid, $email_address)
{
    $site_url = elgg_get_site_url();
    // Note I bind to site URL, this is important on multisite!
    return md5($user_guid . $email_address . $site_url . get_site_secret());
}

Beispiel #29

0

Datei anzeigen

Datei: sessions.php Projekt: jricher/Elgg

function get_session_fingerprint()
{
    global $CONFIG;
    return md5($_SERVER['HTTP_USER_AGENT'] . get_site_secret());
}

Beispiel #30

0

Datei anzeigen

Datei: functions.php Projekt: amcfarlane1251/portal

function digest_generate_commandline_secret()
{
    static $result;
    if (!isset($result)) {
        $site_secret = get_site_secret();
        $digest_plugin = elgg_get_plugin_from_id("digest");
        $result = md5($digest_plugin->getGUID() . $site_secret . $digest_plugin->time_created);
    }
    return $result;
}

PHP get_site_secret Beispiele