function plugin_aaspam_validate($bool, $arr)
{
    // if boolean $bool==false
    // the test is forced to fail
    if (!$bool) {
        return false;
    }
    // if user is loggedin we ignore the plugin
    if (user_loggedin()) {
        return true;
    }
    // get the value and reset last saved, so that
    // an attacker can't use the old one for multiple posting
    $v = sess_remove('aaspam');
    // we get the array stored in session:
    // if it evaluated to false value (e.g. is null) test fails
    if (!$v) {
        return false;
    }
    // we test the result wether match user input
    if (!($ret = $_POST['aaspam'] == $v)) {
        global $smarty;
        $lang = lang_load('plugin:accessibleantispam');
        $smarty->append('error', $lang['plugin']['accessibleantispam']['error']);
    }
    if (AASPAM_DEBUG && ($f = @fopen(AASPAM_LOG, 'a'))) {
        $arr['aaspam-q'] = $_POST['aaspam'];
        $arr['aaspam-a'] = $v;
        $arr['SUCCESS'] = $ret;
        $s = date('r') . "|" . session_id() . '|' . utils_kimplode($arr) . "\r\n";
        @fwrite($f, $s);
        @fclose($f);
    }
    return $ret;
}
Beispiel #2
0
function main()
{
    global $lang, $smarty;
    if (user_loggedin()) {
        if (isset($_GET['do']) && $_GET['do'] == 'logout') {
            user_logout();
            function myredirect()
            {
                login_redirect('index.php');
            }
            add_filter('wp_head', 'myredirect');
            $content = SHARED_TPLS . 'login_success.tpl';
        } elseif (user_loggedin()) {
            function myredirect()
            {
                login_redirect('index.php');
            }
            add_filter('wp_head', 'myredirect');
            $content = SHARED_TPLS . 'login_success.tpl';
        } else {
            utils_redirect();
        }
    } elseif (sess_remove('logout_done')) {
        function myredirect()
        {
            login_redirect('index.php');
        }
        add_filter('wp_head', 'myredirect');
        $content = SHARED_TPLS . 'login_success.tpl';
    } elseif (empty($_POST)) {
        $content = SHARED_TPLS . 'login.tpl';
    } else {
        // validate after a POST
        if (login_validate()) {
            utils_redirect('login.php');
        } else {
            $smarty->assign($_POST);
            $content = SHARED_TPLS . 'login.tpl';
        }
    }
    // Set page title and content
    // first parameter is Title, second is content.
    // Content can be both a shared tpl or raw html content; in this last case
    // you have to set the third optional parameter to true
    $smarty->assign('subject', $lang['login']['head']);
    $smarty->assign('content', $content);
}
Beispiel #3
0
function main()
{
    // general setup
    global $panel, $action, $lang, $smarty, $fp_admin, $fp_admin_action;
    $panels = admin_getpanels();
    $panel = isset($_GET['p']) ? $_GET['p'] : $panels[0];
    define('ADMIN_PANEL', $panel);
    $smarty->assign('panel', $panel);
    if (!admin_panelexists($panel)) {
        trigger_error('Requested panel does not exists!', E_USER_ERROR);
    }
    $panelprefix = "admin.{$panel}";
    $panelpath = ADMIN_DIR . "panels/{$panel}/{$panelprefix}.php";
    $fp_admin = null;
    if (file_exists($panelpath)) {
        include $panelpath;
        $panelclass = "admin_{$panel}";
        if (!class_exists($panelclass)) {
            trigger_error("No class defined for requested panel", E_USER_ERROR);
        }
        $fp_admin = new $panelclass($smarty);
    }
    /* check if user is loggedin */
    if (!user_loggedin()) {
        utils_redirect("login.php");
        die;
    }
    $action = isset($_GET['action']) ? $_GET['action'] : 'default';
    if (!$fp_admin) {
        return;
    }
    $fp_admin_action = $fp_admin->get_action($action);
    define('ADMIN_PANEL_ACTION', $action);
    $smarty->assign('action', $action);
    $panel_url = BLOG_BASEURL . "admin.php?p={$panel}";
    $action_url = $panel_url . "&action={$action}";
    $smarty->assign('panel_url', $panel_url);
    $smarty->assign('action_url', $action_url);
    if (!empty($_POST)) {
        check_admin_referer("admin_{$panel}_{$action}");
    }
    $smarty->assign('success', sess_remove("success_{$panel}"));
    $retval = $fp_admin_action->exec();
    if ($retval > 0) {
        // if has REDIRECT option
        // clear postdata by a redirect
        sess_add("success_{$panel}", $smarty->get_template_vars('success'));
        $smarty->get_template_vars('success');
        $to_action = $retval > 1 ? '&action=' . $action : '';
        $with_mod = isset($_GET['mod']) ? '&mod=' . $_GET['mod'] : '';
        $with_arguments = '';
        if ($retval == PANEL_REDIRECT_CURRENT) {
            foreach ($fp_admin_action->args as $mandatory_argument) {
                $with_arguments .= '&' . $mandatory_argument . '=' . $_REQUEST[$mandatory_argument];
            }
        }
        $url = "admin.php?p={$panel}{$to_action}{$with_mod}{$with_arguments}";
        utils_redirect($url);
    }
    $smarty->register_modifier('action_link', 'admin_filter_action');
    $smarty->register_modifier('cmd_link', 'admin_filter_command');
}
Beispiel #4
0
function system_geterr($module = '')
{
    if ($module) {
        $elem = 'success_' . $module;
    } else {
        $elem = 'success';
    }
    return sess_remove($elem);
}
Beispiel #5
0
 function main()
 {
     if ($f = sess_remove('admin_uploader_files')) {
         $this->smarty->assign('uploaded_files', $f);
     }
 }