Beispiel #1
0
 public function remove()
 {
     $product = Helper::load('data/products/' . $_GET['id'] . '.inc');
     $this->warenkorb->remove($product);
     $_SESSION['warenkorb'] = serialize($this->warenkorb);
     $this->get();
 }
Beispiel #2
0
 /**
  * Constructor
  */
 public function __construct()
 {
     parent::__construct();
     Helper::load('table', 'date', 'eav', 'form');
     // Load EAV model
     $this->db_page = $this->model('Model_Eav', 'page');
 }
Beispiel #3
0
 /**
  * Constructor
  */
 public function __construct()
 {
     parent::__construct();
     Helper::load('form', 'date', 'guid');
     // Load model
     $this->db_user = $this->model('Model_User');
 }
Beispiel #4
0
 /**
  * Handles the DB fields and their values.
  * @param string $method
  * @param array $args
  * @return bool|mixed
  * @throws Exception_Exido
  */
 public function __call($method, array $args)
 {
     if (preg_match('/^set(.*)/', $method, $m) and isset($m[1]) and $field = strtolower($m[1])) {
         // Set a new property to the $_aData array
         Helper::load('string');
         $this->_aData->{$field} = stringNull(reset($args));
         return true;
     }
     if (preg_match('/^get(.*)/', $method, $m) and isset($m[1]) and $field = strtolower($m[1])) {
         // Get a property from the $_aData array
         if (!isset($this->_aData->{$field})) {
             throw new Exception_Exido('You suppose to use an undefined method or property %s::%s', array(get_called_class(), $method));
         }
         return $this->_aData->{$field};
     }
     if (preg_match('/^remove(.*)/', $method, $m) and isset($m[1]) and $field = strtolower($m[1])) {
         // Remove a property from the $_aData array
         if (!isset($this->_aData->{$field})) {
             throw new Exception_Exido('You suppose to remove an undefined property %s::%s', array(get_called_class(), $method));
         }
         unset($this->_aData->{$field});
         return true;
     }
     throw new Exception_Exido('You suppose to use an undefined method %s::%s(%s)', array(get_called_class(), $method, implode(', ', $args)));
 }
Beispiel #5
0
 /**
  * Loads a class and instantiate an object.
  * @param string $class class name
  * @param null $params
  * @param bool $instantiate
  * @param bool $force_new_object
  * @return object|bool
  */
 public static function &factory($class, $params = null, $instantiate = true, $force_new_object = false)
 {
     $class = strtolower($class);
     $path = str_replace('_', '/', $class);
     // If we would like to instantiate a new object,
     // we do not need to check the class existance.
     if ($force_new_object) {
         // Does the class exist? If so, we're done...
         if (isset(self::$_objects[$class])) {
             return self::$_objects[$class];
         }
     }
     $p = explode('/', $path);
     $filename = end($p);
     $path = implode('/', array_slice($p, 0, -1)) . '/';
     // Try to find a file
     $file = Exido::findFile($path, $filename, true);
     if (is_file($file)) {
         include_once $file;
         $name = $class;
         if ($force_new_object) {
             Helper::load('guid');
             $name = $name . '_' . guidGet();
         }
         if ($instantiate == false) {
             self::$_objects[$name] = true;
             return self::$_objects[$name];
         }
         self::$_objects[$name] = new $class($params);
         return self::$_objects[$name];
     }
     return false;
 }
Beispiel #6
0
 /**
  * Gets the singleton instance
  * @return Input
  */
 public static function &instance()
 {
     if (self::$_instance === null) {
         self::$_instance = new self();
     }
     // Load a required helper
     Helper::load('array');
     if (get_magic_quotes_gpc()) {
         $_GET = arrayStripSlashes($_GET);
         $_POST = arrayStripSlashes($_POST);
         $_COOKIE = arrayStripSlashes($_COOKIE);
         $_FILES = arrayStripSlashes($_FILES);
     }
     return self::$_instance;
 }
Beispiel #7
0
 /**
  * Constructor
  */
 public function __construct()
 {
     parent::__construct();
     Helper::load('table', 'date');
     // UI error notifications
     if ($text = $this->session->get('action_success')) {
         $this->view->notify_text = $text;
         $this->view->notify_style = 'ui-popup-success';
         $this->session->set('action_success', false);
     }
     if ($text = $this->session->get('action_error')) {
         $this->view->notify_text = $text;
         $this->view->notify_style = 'ui-popup-error';
         $this->session->set('action_error', false);
     }
 }
Beispiel #8
0
 /**
  * 保存获取到的微信数据
  *
  * @param type $openID
  * @param type $token
  * @param type $wxName
  */
 public function _wxSaveData($openID, $token, $wxName, $sex, $avatar = '')
 {
     $wxName = trim($wxName);
     if (empty($wxName)) {
         $wxName = 'TA';
     }
     $wxUser['openID'] = $openID;
     $wxUser['token'] = $token;
     $wxUser['wxName'] = $wxName;
     $wxUser['sex'] = $sex;
     $wxUser['avatar'] = $avatar;
     $m_wxUser = Helper::load('Wx_user');
     $where = array('openID' => $openID);
     $total = $m_wxUser->Where($where)->Total();
     if (!$total) {
         $m_wxUser->Insert($wxUser);
     }
     return $wxUser;
 }
Beispiel #9
0
 public function load($model)
 {
     return Helper::load($model);
 }
Beispiel #10
0
$registry->set('cart', new Cart($registry));
// ocStore features
$registry->set('ocstore', new ocStore($registry));
//  Encryption
$registry->set('encryption', new Encryption($config->get('config_encryption')));
// Front Controller
$controller = new Front($registry);
// SEO URL's
if (!($seo_type = $config->get('config_seo_url_type'))) {
    $seo_type = 'seo_url';
}
$controller->addPreAction(new Action('common/' . $seo_type));
// Maintenance Mode
$controller->addPreAction(new Action('common/maintenance'));
//helper
$helper = new Helper($registry);
if (isset($_helpers) && count($_helpers)) {
    foreach ($_helpers as $_helper) {
        $helper->load($_helper);
    }
}
// Router
if (isset($request->get['route'])) {
    $action = new Action($request->get['route']);
} else {
    $action = new Action('common/home');
}
// Dispatch
$controller->dispatch($action, new Action('error/not_found'));
// Output
$response->output();
Beispiel #11
0
 protected function load($file)
 {
     return Helper::load($file);
 }
Beispiel #12
0
 /**
  * Generate a random entity key. Using when creating an entity.
  * @param int $chars
  * @param int $groups
  * @param string $delimiter
  * @param bool $lowcase
  * @return string
  */
 private function _genEntityKey($chars = 8, $groups = 1, $delimiter = '', $lowcase = true)
 {
     Helper::load('guid');
     return guidGet($chars, $groups, $delimiter, $lowcase);
 }
Beispiel #13
0
 function __construct()
 {
     // 验证签名
     $this->verifySign();
     $this->m_article = Helper::load('Article');
 }
Beispiel #14
0
 static function create_new_user_token()
 {
     # run only in CLI mode
     if (php_sapi_name() !== 'cli') {
         throw new HelperException('allowed in CLI mode only.');
     }
     # check if client is loaded
     $helper = new Helper();
     if ($helper->load(true)) {
         # configure client to get refresh token
         $helper->client->setAccessType('offline');
         # create auth url
         $auth_url = $helper->client->createAuthUrl();
         # request authorization
         print "\nplease visit:\n{$auth_url}\n\n";
         print "copy and paste the auth code here:\n";
         $auth_code = trim(fgets(STDIN));
         # exchange auth code for access token
         $access_token = $helper->client->authenticate($auth_code);
         # write access token to file
         if (file_exists($helper->_path_keys . $helper->_file_user_token)) {
             rename($helper->_path_keys . $helper->_file_user_token, $helper->_path_keys . time() . '_' . $helper->_file_user_token);
         }
         file_put_contents($helper->_path_keys . $helper->_file_user_token, $access_token);
         print "\nuser token saved\n\n";
     } else {
         throw new HelperException('error loading helper.');
     }
 }
Beispiel #15
0
 /**
  * Constructor.
  */
 public final function __construct()
 {
     Helper::load('html');
 }
Beispiel #16
0
function eavCreateForm($form_id, array $attributes, $action = '')
{
    // Print form javascript to View object
    print eavCreateFormValidationJS($form_id, $attributes);
    if (empty($action)) {
        $action = uriFull();
    }
    // Print open tag
    print formOpen($action, array('id' => $form_id, 'class' => '-i-form', 'method' => 'POST'));
    // Print form fields
    foreach ($attributes as $field) {
        // Create form field
        if ($field->backend_object != null) {
            // Parse helper name and function name
            $field_helper = explode('/', $field->backend_object, 2);
            if (isset($field_helper[0]) and isset($field_helper[1])) {
                // Load required helper
                Helper::load($field_helper[0]);
                if (function_exists($field_helper[1])) {
                    // And execute the function
                    print call_user_func($field_helper[1], $field);
                }
            }
        }
    }
    // Print submit
    print formSubmit(array('class' => '-b-button', 'name' => 'submit', 'value' => __('Save')));
    // Close form
    print formClose();
}
Beispiel #17
0
/**
 * Returns an A tag.
 * @param string $url
 * @param string $title
 * @param string $class
 * @return string
 */
function htmlA($url, $title, $class = '')
{
    Helper::load('uri');
    return '<a' . (empty($class) ? '' : ' class="' . $class . '"') . ' href="' . uriSite($url) . '">' . $title . "</a>" . EXIDO_EOL;
}
Beispiel #18
0
 public function testLoadAcceptance()
 {
     $this->assertEquals('<link rel="stylesheet" media="all" type="text/css" href="/css/test/file.css" />', (string) Helper::load('/css/test/file.css'));
 }
Beispiel #19
0
 /**
  * Constructor. Load helpers
  */
 public function __construct()
 {
     // Load helpers
     Helper::load('file', 'date');
 }
Beispiel #20
0
 /**
  * XSS Cleaner
  *
  * Sanitizes data so that Cross Site Scripting Hacks can be
  * prevented.  This function does a fair amount of work but
  * it is extremely thorough, designed to prevent even the
  * most obscure XSS attempts.  Nothing is ever 100% foolproof,
  * of course, but I haven't been able to get anything passed
  * the filter.
  *
  * Note: This function should only be used to deal with data
  * upon submission.  It's not something that should
  * be used for general runtime processing.
  *
  * This function was based in part on some code and ideas I
  * got from Bitflux: http://channel.bitflux.ch/wiki/XSS_Prevention
  *
  * To help develop this script I used this great list of
  * vulnerabilities along with a few other hacks I've
  * harvested from examining vulnerabilities in other programs:
  * http://ha.ckers.org/xss.html
  *
  * @param mixed $str
  * @return string
  */
 public function cleanXSS($str)
 {
     // Recursive cleaning
     if (is_array($str)) {
         while (list($key) = each($str)) {
             $str[$key] = $this->cleanXSS($str[$key]);
         }
         return $str;
     }
     Helper::load('string');
     // Remove invisible characters
     $str = stringRemoveInvisibleChars($str);
     // Validate Entities in URLs
     $str = $this->_validateEntities($str);
     // URL Decode
     // Just in case stuff like this is submitted:
     // <a href="http://%77%77%77%2E%67%6F%6F%67%6C%65%2E%63%6F%6D">Google</a>
     // Note: Use rawurldecode() so it does not remove plus signs
     $str = rawurldecode($str);
     // Convert character entities to ASCII
     // This permits our tests below to work reliably.
     // We only convert entities that are within tags since
     // these are the ones that will pose security problems.
     $str = preg_replace_callback("/[a-z]+=([\\'\"]).*?\\1/si", array($this, '_convertAttribute'), $str);
     $str = preg_replace_callback("/<\\w+.*?(?=>|<|\$)/si", array($this, '_decodeEntity'), $str);
     // Remove Invisible Characters Again!
     $str = stringRemoveInvisibleChars($str);
     // Convert all tabs to spaces
     // This prevents strings like this: ja vascript
     // NOTE: we deal with spaces between characters later.
     // NOTE: preg_replace was found to be amazingly slow here on
     // large blocks of data, so we use str_replace.
     if (strpos($str, "\t") !== false) {
         $str = str_replace("\t", ' ', $str);
     }
     // Remove Strings that are never allowed
     $str = $this->_doNeverAllowed($str);
     // Makes PHP/XML tags safe
     $str = str_replace(array('<?', '?' . '>'), array('&lt;?', '?&gt;'), $str);
     // Compact any exploded words
     // This corrects words like:  j a v a s c r i p t
     // These words are compacted back to their correct state.
     $words = array('javascript', 'expression', 'vbscript', 'script', 'base64', 'applet', 'alert', 'document', 'write', 'cookie', 'window');
     foreach ($words as $word) {
         $temp = '';
         for ($i = 0, $wordlen = strlen($word); $i < $wordlen; $i++) {
             $temp .= substr($word, $i, 1) . "\\s*";
         }
         // We only want to do this when it is followed by a non-word character
         // That way valid stuff like "dealer to" does not become "dealerto"
         $str = preg_replace_callback('#(' . substr($temp, 0, -3) . ')(\\W)#is', array($this, '_compactExplodedWords'), $str);
     }
     // Remove disallowed Javascript in links or img tags
     // We used to do some version comparisons and use of stripos for PHP5,
     // but it is dog slow compared to these simplified non-capturing
     // preg_match(), especially if the pattern exists in the string
     do {
         $original = $str;
         if (preg_match("/<a/i", $str)) {
             $str = preg_replace_callback("#<a\\s+([^>]*?)(>|\$)#si", array($this, '_jsLinkRemoval'), $str);
         } elseif (preg_match("/<img/i", $str)) {
             $str = preg_replace_callback("#<img\\s+([^>]*?)(\\s?/?>|\$)#si", array($this, '_jsImgRemoval'), $str);
         } elseif (preg_match("/script/i", $str) or preg_match("/xss/i", $str)) {
             $str = preg_replace("#<(/*)(script|xss)(.*?)\\>#si", '[removed]', $str);
         } else {
         }
     } while ($original != $str);
     unset($original);
     // Remove evil attributes such as style, onclick and xmlns
     $str = $this->_removeEvilAttributes($str);
     /*
      * Sanitize naughty HTML elements
      *
      * If a tag containing any of the words in the list
      * below is found, the tag gets converted to entities.
      *
      * So this: <blink>
      * Becomes: &lt;blink&gt;
      */
     $naughty = 'alert|applet|audio|basefont|base|behavior|bgsound|blink|body|embed|expression|form|frameset|frame|head|html|ilayer|iframe|input|isindex|layer|link|meta|object|plaintext|style|script|textarea|title|video|xml|xss';
     $str = preg_replace_callback('#<(/*\\s*)(' . $naughty . ')([^><]*)([><]*)#is', array($this, '_sanitizeNaughtyHtml'), $str);
     /*
      * Sanitize naughty scripting elements
      *
      * Similar to above, only instead of looking for
      * tags it looks for PHP and JavaScript commands
      * that are disallowed.  Rather than removing the
      * code, it simply converts the parenthesis to entities
      * rendering the code un-executable.
      *
      * For example:  eval('some code')
      * Becomes:    eval&#40;'some code'&#41;
      */
     $str = preg_replace('#(alert|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\\s*)\\((.*?)\\)#si', "\\1\\2&#40;\\3&#41;", $str);
     // Final clean up
     // This adds a bit of extra precaution in case
     // something got through the above filters
     return $this->_doNeverAllowed($str);
 }
Beispiel #21
0
 public function loadHelper($helper)
 {
     $helper_class = Inflector::camelize($helper) . 'Helper';
     Helper::load($helper_class);
     return $this->loadedHelpers[$helper] = new $helper_class($this);
 }
Beispiel #22
0
 /**
  * Execute cron tasks
  * @return bool
  */
 public final function index()
 {
     Helper::load('date');
     // Get config
     $cron = Exido::config('cron');
     if (!$cron->cron_enabled) {
         print __('System cron disabled.');
         return false;
     }
     if (!is_array($cron->cron_allowed_ip)) {
         $cron->cron_allowed_ip = array($cron->cron_allowed_ip);
     }
     // Get the client IP
     $ip_block = $this->input->ip(true);
     Helper::load('ip');
     foreach ($cron->cron_allowed_ip as $ip) {
         if ($range = ipRangeParser($ip)) {
             if (!ipCheckRange($ip_block, $range[0], $range[1])) {
                 if ($range[0] == $range[1]) {
                     print sprintf(__("Your IP %s doesn't match in allowed IP %s"), $this->input->ip(), $ip);
                 } else {
                     print sprintf(__("Your IP %s doesn't match in allowed range %s"), $this->input->ip(), $ip);
                 }
                 return false;
             }
         } else {
             print sprintf(__("Incorrect IP range %s"), $ip);
             return false;
         }
     }
     $local = dateGetLocal('%M %H %e %m %u');
     $srv_time = explode(' ', $local);
     array_unshift($srv_time, $local);
     if (is_array($cron->cron_job_list)) {
         foreach ($cron->cron_job_list as $job_name => $job_data) {
             if (isset(self::$_has_run[$job_name])) {
                 continue;
             }
             $this->_log[$job_name] = '';
             // Check job time
             if (!preg_match('/^([0-9\\*]{1,2})\\s([0-9\\*]{1,2})\\s([0-9\\*]{1,2})\\s([0-9\\*]{1})\\s([0-9\\*]{1})$/', $job_data['starting_at'], $job_time)) {
                 $this->_log[$job_name]['status'] = false;
                 $this->_log[$job_name]['result'] = sprintf(__('Incorrect starting time for job %s'), $job_name);
                 continue;
             }
             // Check day of week
             if (is_numeric($job_time[5]) and $srv_time[5] != $job_time[5]) {
                 $this->_log[$job_name]['status'] = false;
                 $this->_log[$job_name]['result'] = __("Is omitted due the week day doesn't match the scheduled day");
                 continue;
             }
             // Check month
             if (is_numeric($job_time[4]) and $srv_time[4] != $job_time[4]) {
                 $this->_log[$job_name]['status'] = false;
                 $this->_log[$job_name]['result'] = __("Is omitted due the month doesn't match the scheduled month");
                 continue;
             }
             // Check day of month
             if (is_numeric($job_time[3]) and $srv_time[3] != $job_time[3]) {
                 $this->_log[$job_name]['status'] = false;
                 $this->_log[$job_name]['result'] = __("Is omitted due the day of month doesn't match the scheduled day");
                 continue;
             }
             // Check hour
             if (is_numeric($job_time[2]) and $srv_time[2] != $job_time[2]) {
                 $this->_log[$job_name]['status'] = false;
                 $this->_log[$job_name]['result'] = __("Is omitted due the hour doesn't match the scheduled hour");
                 continue;
             }
             // Check minute
             if (is_numeric($job_time[1]) and $srv_time[1] != $job_time[1]) {
                 $this->_log[$job_name]['status'] = false;
                 $this->_log[$job_name]['result'] = __("Is omitted due the minute doesn't match the scheduled minute");
                 continue;
             }
             // Here we go
             // Mark job as running
             self::$_has_run[$job_name] = $job_name;
             // Check the callback functions
             if (isset($job_data['callback']) and is_array($job_data['callback']) and !empty($job_data['callback'])) {
                 foreach ($job_data['callback'] as $callback) {
                     // Try to explode by ":"
                     // If it is, so we're using a method from an object
                     if ($func = explode(':', $callback) and count($func) > 1) {
                         // Call method
                         $this->_log[$job_name][$callback]['status'] = true;
                         $this->_log[$job_name][$callback]['result'] = $this->model($func[0])->{$func}[1]();
                     } else {
                         // Instead we're using a function
                         // Call function
                         if (function_exists($callback)) {
                             $this->_log[$job_name][$callback]['status'] = true;
                             $this->_log[$job_name][$callback]['result'] = $callback();
                         } else {
                             $this->_log[$job_name][$callback]['status'] = true;
                             $this->_log[$job_name][$callback]['result'] = sprintf(__('Call to undefined cron function %s()'), $callback);
                         }
                     }
                 }
             } else {
                 $this->_log[$job_name]['status'] = false;
                 $this->_log[$job_name]['result'] = __('Nothing to do');
             }
             unset(self::$_has_run[$job_name]);
         }
     }
     // TODO: Make the log showing
     pre($this->_log);
 }
Beispiel #23
0
 function __construct()
 {
     $this->m_city = Helper::load('City');
     $this->m_region = Helper::load('Region');
     $this->m_province = Helper::load('Province');
 }
Beispiel #24
0
 function __construct()
 {
     $this->verifySign();
     $this->m_user = Helper::load('User');
 }
Beispiel #25
0
 /**
  * Initializes the core.
  * @return bool
  */
 public static function initialize()
 {
     if (self::$_init) {
         // Do not allow to execution twice
         return false;
     }
     self::$_init = true;
     // Determine if we are running in a Windows environment
     self::$is_win = DIRECTORY_SEPARATOR === '\\';
     // Load the logger
     self::$log = Log::instance();
     // Load the default configuration files
     self::$config = Config::instance()->attach(new Config_File());
     // Load the i18n class
     self::$i18n = I18n::instance();
     // Enable debug log
     if (self::$log_debug) {
         self::$log->attach(new Log_File(APPPATH . 'data/log/debug'), array('EXIDO_DEBUG_LOG'));
         self::$log->add('EXIDO_DEBUG_LOG', 'Initialize framework');
     }
     // Enable error log
     if (self::$log_error) {
         self::$log->attach(new Log_File(APPPATH . 'data/log/error'), array('EXIDO_ERROR_LOG'));
     }
     // Determine if we are running in a command line environment
     self::$is_cli = PHP_SAPI === 'cli';
     // Check if we have an Ajax request
     self::$is_xml = Input::instance()->isXmlRequest();
     // Load helpers
     Helper::load('lang', 'uri');
     // Check if we can use gZIP compression
     self::$use_gzip = strstr(Input::instance()->server('HTTP_ACCEPT_ENCODING'), "gzip") !== false and extension_loaded("zlib");
     // Start output buffering
     ob_start(array(__CLASS__, 'outputBuffer'));
     // Save buffering level
     self::$_buffer_level = ob_get_level();
     Event::add('system.routing', array('Router', 'getUri'));
     Event::add('system.routing', array('Router', 'initialize'));
     Event::add('system.execute', array(__CLASS__, 'instance'));
     Event::add('system.shutdown', array(__CLASS__, 'shutdown'));
     return true;
 }
Beispiel #26
0
 /**
  * Attempts to determine the current URI using CLI, GET, PATH_INFO, ORIG_PATH_INFO, or PHP_SELF.
  * @return bool
  * @throws Exception_Exido
  */
 public static function getUri()
 {
     // Debug log
     if (Exido::$log_debug) {
         Exido::$log->add('EXIDO_DEBUG_LOG', 'Determine current URI');
     }
     Helper::load('input');
     // Trying to detect the URI
     if (inputServer('PATH_INFO')) {
         self::$current_uri = inputServer('PATH_INFO');
     } elseif (inputServer('ORIG_PATH_INFO')) {
         self::$current_uri = inputServer('ORIG_PATH_INFO');
     } elseif (inputServer('REQUEST_URI')) {
         self::$current_uri = inputServer('REQUEST_URI');
     } else {
         throw new Exception_Exido(__("Can't detect URI"));
     }
     // Remove slashes from the start and end of the URI
     self::$current_uri = trim(self::$current_uri, '/');
     if (self::$current_uri !== '') {
         if ($suffix = Exido::config('global.core.url_suffix') and strpos(self::$current_uri, $suffix) !== false) {
             // Remove the URL suffix
             self::$current_uri = preg_replace('#' . preg_quote($suffix) . '$#u', '', self::$current_uri);
             // Set the URL suffix
             self::$url_suffix = $suffix;
         }
         // Find index file name
         if ($indexfile = Exido::config('global.core.index_file') and $indexpos = strpos(self::$current_uri, $indexfile) and $indexpos !== false) {
             // Remove the index file name
             self::$current_uri = substr(self::$current_uri, 0, $indexpos);
         }
         // Reduce multiple slashes into single slashes
         self::$current_uri = preg_replace('#//+#', '/', self::$current_uri);
     }
     return true;
 }